Akoya Product APIs
Enable financial planning and budgeting tools, investment management, payment enablement, account opening, lending, credit enhancement, and more with end-user permissioned data obtained with Akoya products (Akoya API v2.2)
- Account information
- Balances
- Transactions
- Investments
- Customers
- Payments
- Statements
API v2 updates
- v2.2.1
- Fixed typo in
accountIds
query parameter for /accounts-info, /balances, /accounts - Added security method for Account holder information to bear token. Missing method defaulted to basic auth.
- Added examples and descriptions to some schemas
- Added HTTP status
429
FDX error1207
.
- Fixed typo in
- v2.2 Additions
- Added optional
x-akoya-interaction-type
header to all endpoints to specify if a request is part of a batch process - OpenAPI spec update of tags to organize endpoints by Akoya product
206
response added to /accounts-info, /balances, /accounts
- Added optional
- v2.1 New Statements product and Customers product updated with additional endpoint, Account holder information.
- v2.0 Launch of Akoya products: Account Info, Balances, Investments, Transactions, Payments, Customers
Tokens
Akoya has two types of tokens you may need to interact on the network.
Tokens for retrieving permissioned data for the end-user
To use Akoya product APIs, youβll need to obtain end-user authorization and manage tokens for each data call on behalf of the end-user. See:
Tokens for managing your organization or apps on the network
To use the Management API, each call requires a service token. See:
Authorization Flow
In order to integrate an end-userβs data into your app, the user must first authenticate with their financial institution and authorize their data to be shared.
At a high level, the authentication flow follows these steps:
- Your app sends the end-user to their providerβs login page via Akoya using a specific URL with required parameters for authentication. Required parameters are
connector
,client_id
,redirect_uri
,response_type
, andscope
. - The end-user completes account selection, agrees to terms with their provider, and then Akoya redirects the end-user to your appβs
redirect_uri
with an authorization code in the URL. - The authorization code is then used to retrieve a set of tokens from the Token endpoint that allow you permissioned access to the end-userβs data.
Token API
After your app receives an authorization code, there are three API endpoints available via the Akoya Token API for token management:
- Token - this endpoint allows you to obtain id and refresh tokens. It will return a JWT token.
- Refresh token - after your token expires, call this endpoint to refresh a token.
- Revoke ID Token - nullifies a previously granted token.
Service tokens
To leverage service tokens for the Management API, contact Akoya to obtain credentials.
The Management API requires a service (access) token for your organization to use when managing your apps. To create a service token, you'll need a client id and secret. Once you have them, use the service token endpoint to generate an access token which will last for 24-hours. After it expires, you will need to use your client id and secret to generate a new service token.
Management API (BETA)
The Akoya Management API helps you:
- Create, list, update, and remove your applications on the Akoya network
- Request subscriptions for the data you need, including subscribed Akoya products and providers, which account category the provider supports for the subscription, a list of list your application's subscription status for each provider, and more.
To get started, join the Akoya network through the Data Recipient Hub to create an app in sandbox and test our product endpoints.