⭐ Getting started

For page updates, check the change log.


πŸ“˜

Check out "How to work with Akoya First!

The "How to work with Akoya" section outlines application prerequisites and contains sample testing plans. Review these docs first to ensure your application is ready for testing and integration.

The Akoya Data Access Network (DAN) allows you to connect your app with end-user data from providers available on the network. To help you get started, Akoya provides a sandbox for integrating and testing. The following steps outline how to get started in the sandbox.


1. Join the Akoya Data Recipient Hub

🚧

️ One Data Recipient Hub account per company!

Your company should maintain one Data Recipient Hub team account. The first team member to join the Hub should send invitations to the remaining members of the team. See: Data Recipient Hub User Manual.

The Data Recipient Hub is an Akoya application for managing your connections in the Akoya DAN. These connections are represented with apps you create in the Hub and their associated credentials (client_id and client_secret).


The Akoya Data Recipient HubThe Akoya Data Recipient Hub

The Akoya Data Recipient Hub

When this step is complete, you will have a Data Recipient Hub account. Check out our Data Recipient Hub User Manual to learn more about The Hub and what you can do in it.


2. Get your sandbox credentials

A Sandbox app in the HubA Sandbox app in the Hub

A Sandbox app in the Hub


Once you have an account in the Hub, create your Akoya sandbox app. Your redirect_uri is needed for this step.

Your redirect URI specifies where the end-user is sent after they authenticate with their financial institution. Usually, this is your app. To prevent malicious redirects, your redirect URI must be registered with Akoya. You may use your live application endpoint or a resource in your local dev environment (localhost).

🚧

Localhost redirect works in sandbox only!

You may only use a localhost redirect URI in the sandbox environment!


Redirection overviewRedirection overview

Redirection overview


For more details on redirection, refer to the OAuth 2.0 RFC section: Redirection Endpoint.


3. Test token flow

A detailed explanation of token flow is available in the Token flow documentation.

To test in sandbox (For more, see: Sandbox), you must emulate how an end-user consents and selects accounts to share with your app. For this emulation, you may start this consent flow as a user of the Akoya sandbox mock provider, Mikomo Bank.

To create the URL for authorization, see Get Authorization Code and Akoya scope values.

Or, use the shortcut form below (Enter your CLIENT_ID and REDIRECT_URI):


https://sandbox-idp.ddp.akoya.com/auth?connector=mikomo&client_id= &redirect_uri= &response_type=code&scope=openid email profile offline_access



You will be prompted with a Mikomo login screen.

Sign in as a Mikomo end-user. You may use one of the accounts listed here:

UsernameHow to useProducts
mikomo_7for validation & integration testingall account categories/data elements
mikomo 501-703test errors responsessee error table
Mikomo Bank
mikomo_1, mikomo_2, mikomo_3, mikomo_5, mikomo_6
sample dataInvestment products
mikomo_9view payment-networks, customer payloads, transaction load testingpayment-networks, customer info

Sign in, accept the user agreement, and select which accounts to share.Sign in, accept the user agreement, and select which accounts to share.

Sign in, accept the user agreement, and select which accounts to share.


Authorization

After signing in, select accounts to share and accept terms & conditions.


The end-user (you, in this emulated flow) is now redirected by Akoya to your registered redirect_uri with an authorization code parameter in the URL (highlighted in yellow in the example below):

🚧

Read the URL!

After you click "Approve" your browser may show a "site not found" error. This is normal; the URL will still contain a valid authorization code.


This is the 404 page that may display; this is normal.This is the 404 page that may display; this is normal.

This is the 404 page that may display; this is normal.


🚧

Authorization code timeout

The authorization code will timeout in 5 minutes. You must use it to request a token within 5 minutes or you will need to restart the consent flow.

When this step is complete, you will have values for the following parameters: client_id, client_secret, redirect_uri, connector/providerId and code.


4. Request tokens

Use the authorization code retrieved above, your client_id, client_secret, and redirect_uri with the Token API to request the id_token and refresh_token associated with the end-user.


Refer to the Tokens API token endpoint:


When this step is complete, you will have values for the following parameters: client_id, client_secret. redirect_uri, connector/providerId, refresh_token and id_token.


5. Obtain data

With the id_token obtained in Step 4, make a request with the Data Access API for the end-user's account data.


Refer to the Akoya API v1 accounts endpoint:


When this step is complete, you will have test data for this end-user.


6. βœ… Success!

You now have a familiarity with the account selection process and data retrieval. Your next step is to create your integration plan. A list of considerations is included in the example "Project plan" and "Implementation steps - for developers."

Welcome to Akoya!


Change log

DateUpdate
2022‑Feb‑24Added general clarification updates; added a form to generate authorization URLs