Authentication
All activities from the moment the end-user begins the authentication flow to the point when Akoya returns an ID token for your app to use with Akoya APIs for data calls.
βHappy pathβ tests
| Test case | Task(s) | Expected result(s) |
|---|---|---|
| Successful creation of OAuth link | Direct end-user to the Mikomo login. | End-user goes from your app to the provider login screen. |
| Valid login | Go throughΒ Mikomoβs authentication flow and reach the account selection screen. | Successfully arrive at the account selection screen displaying all the userβs accounts. |
| Successful account selection | Select the desired financial accounts. | End-userβs accounts are selected without error. |
Successful redirect to expected redirect_uri | The app/browser takes user to the success page. | Successfully arrive at your appβs redirect URI. |
| Successful retrieval of authentication code | Store the authentication code. | Authentication code is used for next step, retrieving tokens. |
| Successful token validation | Use the Token endpoint to request refresh and ID tokens. | Valid refresh_token and id_token tokens are returned. These tokens are associated with the Mikomo end-user who logged-in and the specified sandbox app, provider (Mikomo), and selected accounts. |
βSad pathβ tests
| Test case | Task(s) | Expected result(s) |
|---|---|---|
Login failure (invalid connector) | Provide an invalid providerId in the auth URL for connector (e.g. Mikomoo vs Mikomo). | HTTP 400: Bad Request |
Login failure (no connector) | Provide connector without a value. | HTTP 403: ForbiddenPossible: HTTP 200: OK. When this occurs, an Akoya login screen may appear and will not be usable for your end-user. |
Login failure (invalid redirect_uri) | 1. Provide an empty redirect_uri.2. Provide an incorrect redirect_uri. | (Both tasks): HTTP 400: Bad Request |
Login failure (invalid client_id) | 1. Provide an empty client_id.2. Provide an incorrect client_id. | (Both tasks): HTTP 400: Bad Request |
Login failure (invalid response_type) | Provide an empty response_type. | HTTP 403: Forbidden or HTTP 200: OK with error parameter in URL:<your redirect_uri>callback?error=invalid_requests |
Login failure (invalid scope) | 1. Provide an empty scope.2. scope missing openid. | HTTP 403: Forbidden or HTTP 200: OK with error parameter in URL:<your redirect_uri>callback?error=invalid_scope |
Login failure (invalid scope) | scope missing offline_access. | End-user login will be successful. Initial token endpoint response will be missing refresh_token |
| Login failure (incorrect username/password) | Enter incorrect user credentials. | HTTP 401: UnauthorizedReceive an error message in the UI that the end-userβs username and/or password is incorrect. |
Updated over 1 year ago