With this service, the calling apps can take customer ref and return a masked list of accounts linked to it. Apps will collect the customer ref they will like to obtain information on and forward to OnePipe. If authorisation details are required by a provider, apps will have to provide this. OnePipe will in turn forward to the provider’s dedicated implementation.
Before you proceed: Please read this.
Commercial model
At agreed settlement cycles, the host will debit the configured beneficiary account of the app for the use of this API and share that fee with all participants. Fees will be determined by the provider.
Settlement & fees model
Model | How it works |
---|---|
Invoice | The host client will invoice the calling app periodically for all calls to the endpoint, debit the beneficiary account of the app for service used and share with OnePipe, host, provider and ISO |
Special configuration notes
OTP override: All providers of this service should implement OTP, but support the configuration of
otp_override
such that based on this configuration, they could be instructed to bypass the OTP requirement for an app.SMS handler: All providers that need to do OTP validation can use the Send SMS and Send Email services on OnePipe to send their OTP.
Process flows
Sequence of calls
App calls
/transact
with the right auth detailsProvider responds with
WaitingForOTP
orPendingValidation
as may be requiredApp calls
/transact/validate
to supply OTP if neededProvider responds with any of the completion codes
Successful
orFailed
.To query the status of a transaction, the app can call
/transact/query
Where the provider supports it, the app can call
/transact/reverse
to request a reversal
INTERFACE SPECIFICATION (APP → ONEPIPE)
Request (Transact)
{ "request_ref":"{{request_ref}}", "request_type":"get_accounts_min", "auth": { "type": "card | wallet | bank.account", //This only applies if the source is sensitive. Can be null "secure": "{{encrypted_secure}}", //This only applies if the source is sensitive. Can be null. "auth_provider": "Beeceptor", "route_mode": null }, "transaction": { "mock_mode": "live", "transaction_ref": "{{transaction_ref}}", "transaction_desc": "A random transaction", "transaction_ref_parent": null, "amount": 0, "customer":{ "customer_ref": "{{customer_id}}", //This is the main source (customer ref) "firstname": "Uju", "surname": "Usmanu", "email": "ujuusmanu@gmail.com", "mobile_no": "234802343132" }, "meta":{ "a_key":"a_meta_value_1", "another_key":"a_meta_value_2" }, "details": null } }
Response (when otp_override = false)
{ "status": "WaitingForOTP", "message": "Please enter the OTP sent to 2348022****08", "data": { "provider_response_code": "900T0", "provider": "Beeceptor", "errors": null, "error": null, "provider_response": null } }
Response (when otp_override = true)
{ "status": "Successful", "message": "Transaction processed successfully", "data": { "provider_response_code": "00", "provider": "Beeceptor", "errors": null, "error": null, "provider_response": { "accounts": [ { "account_number": "009****000", "account_name": "Ola Waheed", "bank_name": "FBN", "bank_code": "011" }, { "account_number": "009****000", "account_name": "Ola Waheed", "bank_name": "FBN", "bank_code": "011" } ], "reference": "000022200225154318222333334432", "meta":{ "field_key":"field_value", "field_key":"field_value" } } } }
Request (validate with otp)
{ "request_ref":"{{request_ref}}", "request_type":"get_accounts", "auth": { "secure": "{{encrypted_otp}}", "auth_provider": "Beeceptor" }, "transaction": { "transaction_ref": "70713093460718" } }
Breakdown of the details object
The details object is expected to be null for this service. Provider specific nuances (if needed) can still be in the meta
object though.
Possible status response codes
For this service, these are the possible responses a client can receive
Status | Meaning |
---|---|
Successful | Standard success code |
Failed | Standard failure code |
WaitingForOTP | To signify that this provider has requested an OTP from the customer and it should be supplied. |
PendingValidation | To signify that this provider needs some extra information to be provided. The |
Acceptable values for auth.type
card
bank.account
wallet
null
INTERFACE SPECIFICATION (ONEPIPE → PROVIDER MICRO SERVICE)
Request payload from OnePipe to the provider microservice comes encrypted, using the Triple DES Algorithm. See details.
Read this closely.
Special notes for OTP override
Whenever a request is to be validated by OTP, the provider microservice should first call the provider, store response info in the database, send an OTP to the corresponding phone number, then respond with WaitingForOTP.
On the OTP validation phase, if user OTP is valid, provider should retrieve info from the database, then respond with a Successful response.
NB: Data should be erased from the DB.
0 Comments