β Getting started
The Akoya Data Access Network (DAN) allows you to connect your app with end-user data from providers available on the network. To help you get started, Akoya provides a sandbox for integrating and testing. The following steps outline how to get started in the sandbox.
1. Review "How to work with Akoya"
The "How to work with Akoya" section outlines requirements and considerations for joining the Akoya network. Review this guide to understand requirements and best practices.
2. Join the Akoya Data Recipient Hub
Access Required
For access to the Akoya sandbox, you must have an account in the Data Recipient Hub.
Request a Hub account by filling out our request form.
The Data Recipient Hub is an Akoya application for managing your connections in the Akoya DAN. These connections are represented with apps you create in the Hub and their associated credentials (client_id and client_secret).
When this step is complete, you will have a Data Recipient Hub account. Check out our Data Recipient Hub User Manual to learn more about The Hub and what you can do in it.
3. Get your sandbox credentials
A Sandbox app in the Hub
Once you have an account in the Hub, create your Akoya sandbox app. Your redirect_uri is needed for this step.
Your redirect URI specifies where the end-user is sent after they authenticate with their financial institution. Usually, this is your app. To prevent malicious redirects, your redirect URI must be registered with Akoya. You may use your live application endpoint or a resource in your local dev environment (localhost).
Localhost redirect works in sandbox only!
You may only use a localhost redirect URI in the sandbox environment!
Redirection overview
For more details on redirection, refer to the OAuth 2.0 RFC section: Redirection Endpoint.
4. Test token flow
A detailed explanation of token flow is available in the Token flow documentation.
To test in sandbox (For more, see: Sandbox), you must emulate how an end-user consents and selects accounts to share with your app. For this emulation, you may start this consent flow as a user of the Akoya sandbox mock provider, Mikomo Bank.
To create the URL for authorization, see Get Authorization Code and Akoya scope values.
Or, use the shortcut form below (Enter your CLIENT_ID and REDIRECT_URI):
You will be prompted with a Mikomo login screen.
Sign in as a Mikomo end-user. You may use one of the accounts listed here:
| Username* | How to use | Products |
|---|---|---|
| mikomo_7 | for validation & integration testing | all account categories/data elements |
| mikomo 501-703 | test errors responses | see error table |
| Mikomo Bank mikomo_1, mikomo_2, mikomo_3, mikomo_5, mikomo_6 | sample data | Investment products |
| mikomo_9 | view payment-networks, customer payloads, transaction load testing | payment-networks, customer info |
| mikomo_10 | view payment-networks, customer payloads, transaction load testing | payment-networks, customer info |
Sign in, accept the user agreement, and select which accounts to share
Authorization
After signing in, select accounts to share and accept terms & conditions.
The end-user (you, in this emulated flow) is now redirected by Akoya to your registered redirect_uri with an authorization code parameter in the URL (highlighted in yellow in the example below):
Read the URL!
After you click "Approve" your browser may show a "site not found" error. This is normal; the URL will still contain a valid authorization code.
This is the 404 page that may display; this is normal.
Authorization code timeout
The authorization code will timeout in 5 minutes. You must use it to request a token within 5 minutes or you will need to restart the consent flow.
When this step is complete, you will have values for the following parameters: client_id, client_secret, redirect_uri, connector/providerId and code.
5. Request tokens
Use the authorization code retrieved above, your client_id, client_secret, and redirect_uri with the Token API to request the id_token and refresh_token associated with the end-user.
Refer to the Tokens API token endpoint:
When this step is complete, you will have values for the following parameters: client_id, client_secret. redirect_uri, connector/providerId, refresh_token and id_token.
6. Obtain data
With the id_token obtained in Step 4, make a request with Akoya API v2 for the end-user's account data.
Refer to the Akoya API v2 Accounts info endpoint:
When this step is complete, you will have test data for this end-user.
7. β
Success!
You now have a familiarity with the account selection process and data retrieval. Your next step is to create your integration plan. A list of considerations is included in the example "Project plan" and "Implementation steps - for developers."
Welcome to Akoya!
Change log
| Date | Update |
|---|---|
| 2022βFebβ24 | Added general clarification updates; added a form to generate authorization URLs |
Updated 7 months ago