Developer project checklist

This is an overview of technical implementation steps to integrate with the Akoya Data Access Network. The intended audience are technical staff members who will be involved in supervising, planning, and carrying out the implementation. The following checklist outlines the tasks you’ll need to run through to complete your integration. These tasks will vary and may not be in order for your specific project.


Implement a means to store tokensUse your current secure token storage or implement a way to store each individual end-user’s tokens (ID and refresh tokens) which are unique per app and per provider.
Store x-akoya-interaction-idAkoya returns an interaction ID in every response header. Retain the id with logs for support and error tracking.



Use our sandbox environment to help with implementation

The Akoya sandbox includes a mock data provider (Mikomo Financial) with several test users that may be used for end-to-end implementation and testing. Use these test accounts for the remaining implementation steps. See: Introduction to sandbox.

Account selection

Build a redirect flow into your app to support permissioned access to end-user data.Build a redirect flow into your app that will allow end-users to grant access to data providers.

The flow should support consent and authentication via Akoya to the provider. See: OAuth implementation styles
Obtain authorization grantAfter authentication and authorization, Akoya will return the end-user to your redirect URI with an authorization grant code in the URL with the parameter code=. Use this authorization code to request a set of tokens for this end-user. See: Authorization code.
Validate UXValidate UX for account selection, consent, and ID/refresh token issuance for new and existing users.


Implement a means to revoke token accessImplement a way for the end-user to remove access to their data provider account(s). See Revoke token.
Generate ID and refresh tokensExchange authorization code (retrieved in “obtain authorization grant” above) for ID and refresh tokens. See: Token API reference and the token explainer.

Making calls

Accounts endpointUsing the id_token retrieved in the ID and refresh token step above for a test user, make a call for data. See: Accounts.
Transactions endpointUsing the id_token and the account_id parameters, make a call for transaction data. See: Transactions.
Payment networks endpointUsing the account_id and provider_id parameters, make a call for payment transaction data. See: Payment Networks.
Customer info endpointUsing the provider_id parameter, make a call for customer data. See: Customer Info.
Validate dataValidate use and display of data in your own systems and UI.

Error handling

Error handling (authorization & token errors)Code for authorization or token errors. Incorporate error handling, timeouts, and reauthentication into your UX. See Authentication errors and Token API errors.
Error handling (data access API errors)Same as previous. See Data Access API errors.