Please visit the Postman Akoya workspace for our collections and environment (default values for use in Sandbox). Parameters are defined below.
Registering with Akoya
In order to use Akoya Postman collections, you must first receive a client id and client secret from Akoya.
The Postman app is available for the Mac, Windows, and Linux operating systems. For more information, please see Installing and updating Postman.
You may need to change some app defaults depending on your personal preferences or company network environment. Please refer to Setting up Postman for a detailed explanation of Postman settings.
Edit access to the collection is restricted. You may:
- Export the collection to JSON
- Create a fork in your own personal workspace
Using your local copy of the collection, click “Environments” to modify variable values per your needs:
|The id of the consumer’s permissioned account|
|Your application’s client id from Akoya. Client id/secret combinations are issued for each app in each environment. More details on the client credentials specification: <<https://tools.ietf.org/html/rfc6749#section-3.2.1>> |
sandbox: your sandbox app id
prod: a production client id/secret combo will be provided for each recipient app
|Your app’s client secret|
|The Akoya identifier for the data provider your user will be logging in to. Usually the same as |
prod: provider ids are available after onboarding
|The id token is used as a bearer token with all data requests. It is a short-lived token which must be refreshed on a periodic basis.|
|The URL for the identity provider service used in the authentication and authorization flow. |
sandbox: (Mikomo) sandbox-idp.ddp.akoya.com
|Stored value for paging transactions to previous page.|
|Stored value for paging transactions to next page.|
|URL for the “Revoke token” endpoint |
|The URL for Akoya products. |
|The id of the data provider of the account permissioned by the consumer |
|The redirect URI must be registered with Akoya for the appropriate client id. Akoya will validate that the redirect URI exactly matches the one registered to prevent malicious redirects. The redirect URI specifies where the end-user is sent after authentication. More details on redirection: <<https://tools.ietf.org/html/rfc6749#section-3.1.2>>|
|A refresh token is used to obtain a new ID token without requiring the end-user to provide credentials or reauthenticate every time the ID token expires. The refresh token is longer-lived and is only used for maintaining the ID token, not as a token for requesting data.|
|The version of the Akoya product APIs|
More information on other parameters used in the collection
|token||GET||Authorization code received in the redirect after authorization. More details on specification: <<https://tools.ietf.org/html/rfc6749#section-1.3.1>>|
|token, refresh_token||POST||Depends on the request (i.e. access token request, refresh token request, client credentials request)|
An authorization grant is a credential representing the resource owner's authorization used by the client to obtain an access token. More details on authorization: <<https://tools.ietf.org/html/rfc6749#section-1.3>>
- You may also test against Postman mock servers by following the instructions provided here.
- To view the documentation of the endpoint, click on the documentation icon on the right.
To see all documentation in a new tab, select “View complete collection documentation” at the bottom of the documentation tab.
- By default, the Postman app uses your operating system's configured proxy to send API requests or access the internet. If needed, you can enter authentication details for the default proxy in the Postman app. You can also configure Postman to use the system proxy or a custom proxy when sending requests. See Postman's "Getting Started" guide for more info.
These instructions are compatible with Postman v8.2.1+
After installing the Akoya collection, please ensure the parameters in your environment file are correct.
Akoya provides secure (TLS v1.2) access to RESTful APIs that are based on the API/Data Structures as defined by the Financial Data Exchange. All data requests use standard GET and POST methods and must include a bearer token in the authorization header. All responses are returned in JSON format.
End-users must authenticate with their data providers before you can get their data.
Your application sends users to their provider’s login page via the Akoya platform.
After successful authentication, the provider presents users with an authorization page requesting permission to share their data with your app.
If permission is granted, your application is issued two tokens (id and refresh) from Akoya which give you permissioned access to end-user data.
If end users do not grant permission to share data, Akoya will send them back to your application (to the page of your choosing).
For your convenience, Akoya has made available Mikomo Bank, a mock financial institution, with test users and data. To see the collection of users, visit Mikomo users.
See the “Getting Started” page in the API docs for instructions on setting up a Hub account and getting ready to test our APIs.
See the Mikomo test users document for information on available test accounts. In our sandbox environment, the
providerId will always be
Below is a brief overview of our endpoints. More thorough documentation is available in our API docs.
The output below is sample output for instructional purposes, and is not specific to any of the data providers on our network.
Akoya product endpoints return JSON objects with a set of account details for one or more accounts at a provider. The path parameter
providerId is required. The results will vary by product.
The Transactions endpoint returns a JSON object containing transaction histories of consumer-permissioned accounts. When testing this endpoint, you must ensure the Mikomo test account you choose has permissioned transactions associated with it.
This endpoint requires
providerId. You can specify start and end times and a max number of transactions to return.
The Payment networks endpoint returns JSON data necessary for facilitating use cases such as payment enablement or account opening.
providerId are required for the payments endpoint.
The Customers endpoint returns a JSON response with customer data, supporting use cases such as payment enablement, account opening, or lending/credit enhancements.
providerId is required for the Customers endpoint.
If you're having trouble using the Postman app, it may be due to network firewalls, proxy server settings, or other issues you may be able to debug through the Postman Console. Use the Postman Troubleshooting page for tips on debugging and troubleshooting.
|2022-Oct-04||Added two new sections: "Installing and configuring the Postman app" and "Troubleshooting Postman."|
|2022-Aug-18||Updated collections and examples for Akoya API v2 release|
|2022‑Mar‑16||Merged "Getting Started" page into this document; Updated to reflect Akoya API v1; added clarifications|
Updated about 2 months ago