Akoya Product APIs

Enable financial planning and budgeting tools, investment management, payment enablement, account opening, lending, credit enhancement, and more with end-user permissioned data obtained with Akoya products (Akoya API v2.2)

  • Account information
  • Balances
  • Transactions
  • Investments
  • Customers
  • Payments
  • Statements

API v2 updates

  • v2.2.1
    • Fixed typo in accountIds query parameter for /accounts-info, /balances, /accounts
    • Added security method for Account holder information to bear token. Missing method defaulted to basic auth.
    • Added examples and descriptions to some schemas
    • Added HTTP status 429 FDX error 1207.
  • v2.2 Additions
    • Added optional x-akoya-interaction-type header to all endpoints to specify if a request is part of a batch process
    • OpenAPI spec update of tags to organize endpoints by Akoya product
    • 206 response added to /accounts-info, /balances, /accounts
  • v2.1 New Statements product and Customers product updated with additional endpoint, Account holder information.
  • v2.0 Launch of Akoya products: Account Info, Balances, Investments, Transactions, Payments, Customers

Tokens

Akoya has two types of tokens you may need to interact on the network.

1️⃣ Tokens for retrieving permissioned data for the end-user

To use Akoya product APIs, you’ll need to obtain end-user authorization and manage tokens for each data call on behalf of the end-user. See:

2️⃣ Tokens for managing your organization or apps on the network

To use the Management API, each call requires a service token. See:

Authorization Flow

In order to integrate an end-user’s data into your app, the user must first authenticate with their financial institution and authorize their data to be shared.

At a high level, the authentication flow follows these steps:

  • Your app sends the end-user to their provider’s login page via Akoya using a specific URL with required parameters for authentication. Required parameters are connector, client_id, redirect_uri, response_type, and scope.
  • The end-user completes account selection, agrees to terms with their provider, and then Akoya redirects the end-user to your app’s redirect_uri with an authorization code in the URL.
  • The authorization code is then used to retrieve a set of tokens from the Token endpoint that allow you permissioned access to the end-user’s data.

Token API

After your app receives an authorization code, there are three API endpoints available via the Akoya Token API for token management:

  • Token - this endpoint allows you to obtain id and refresh tokens. It will return a JWT token.
  • Refresh token - after your token expires, call this endpoint to refresh a token.
  • Revoke ID Token - nullifies a previously granted token.

Service tokens

👍

To leverage service tokens for the Management API, contact Akoya to obtain credentials.

The Management API requires a service (access) token for your organization to use when managing your apps. To create a service token, you'll need a client id and secret. Once you have them, use the service token endpoint to generate an access token which will last for 24-hours. After it expires, you will need to use your client id and secret to generate a new service token.

Management API (BETA)

The Akoya Management API helps you:

  • Create, list, update, and remove your applications on the Akoya network
  • Request subscriptions for the data you need, including subscribed Akoya products and providers, which account category the provider supports for the subscription, a list of list your application's subscription status for each provider, and more.

To get started, join the Akoya network through the Data Recipient Hub to create an app in sandbox and test our product endpoints.