Authentication
All activities from the moment the end-user begins the authentication flow to the point when Akoya returns an ID token for your app to use with Akoya APIs for data calls.
“Happy path” tests
Test case | Task(s) | Expected result(s) |
---|---|---|
Successful creation of OAuth link | Direct end-user to the Mikomo login. | End-user goes from your app to the provider login screen. |
Valid login | Go through Mikomo’s authentication flow and reach the account selection screen. | Successfully arrive at the account selection screen displaying all the user’s accounts. |
Successful account selection | Select the desired financial accounts. | End-user’s accounts are selected without error. |
Successful redirect to expected redirect_uri | The app/browser takes user to the success page. | Successfully arrive at your app’s redirect URI. |
Successful retrieval of authentication code | Store the authentication code. | Authentication code is used for next step, retrieving tokens. |
Successful token validation | Use the Token endpoint to request refresh and ID tokens. | Valid refresh_token and id_token tokens are returned. These tokens are associated with the Mikomo end-user who logged-in and the specified sandbox app, provider (Mikomo), and selected accounts. |
“Sad path” tests
Test case | Task(s) | Expected result(s) |
---|---|---|
Login failure (invalid connector ) | Provide an invalid providerId in the auth URL for connector (e.g. Mikomoo vs Mikomo). | HTTP 400: Bad Request |
Login failure (no connector ) | Provide connector without a value. | HTTP 403: Forbidden Possible: HTTP 200: OK . When this occurs, an Akoya login screen may appear and will not be usable for your end-user. |
Login failure (invalid redirect_uri ) | 1. Provide an empty redirect_uri .2. Provide an incorrect redirect_uri . | (Both tasks): HTTP 400: Bad Request |
Login failure (invalid client_id ) | 1. Provide an empty client_id .2. Provide an incorrect client_id . | (Both tasks): HTTP 400: Bad Request |
Login failure (invalid response_type ) | Provide an empty response_type . | HTTP 403: Forbidden or HTTP 200: OK with error parameter in URL:<your redirect_uri>callback?error=invalid_requests |
Login failure (invalid scope ) | 1. Provide an empty scope .2. scope missing openid . | HTTP 403: Forbidden or HTTP 200: OK with error parameter in URL:<your redirect_uri>callback?error=invalid_scope |
Login failure (invalid scope ) | scope missing offline_access . | End-user login will be successful. Initial token endpoint response will be missing refresh_token |
Login failure (incorrect username/password) | Enter incorrect user credentials. | HTTP 401: Unauthorized Receive an error message in the UI that the end-user’s username and/or password is incorrect. |
Need help?
Check out our Developer Community, or visit the Support Center in the Data Recipient Hub.
Looking for provider nuance documentation?
All provider nuance documentation is available in the Data providers section in the Data Recipient Hub.
Still stuck?
For all production issues, submit a support ticket through the Data Recipient Hub. Our support team is standing by 24/7. Questions and non-production issues will be answered during business hours.
Updated 5 months ago