Skip to main content
GET
/
api
/
v1
/
authorize
Authorize With a Data Provider
curl --request GET \
  --url https://{host}/api/v1/authorize
{}
Use this endpoint to initiate the authorization process with a particular Data Provider.

Authorization Example

URL
{{host}}//api/v1/authorize?client_id={{recipient_id}}&redirect_uri={{redirect_uri}}&state=abc&response_type=code&scope={{scope}}&provider_id={}
Success Response:
URL
https://www.example.com/callback?
code=code
&state=state
Failure Response:
URL
https://www.example.com/callback?
error=access_denied
&error_description=The user denied the access
&state=state

How to handle an error response

If you receive an error response, refer to the List of Authorization Errors for more information about the error and how to resolve it.

Query Parameters

client_id
string
required

The ID of the Data Recipient that you want to initiate the authorization process with.

redirect_uri
string
required

The URI to redirect to after authorization is complete.

state
string
required

A randomly generated, unique string that's linked to this particular request. This adds an extra layer of security and is an OAuth 2.0 standard. For the request to be successful, this string must be validated to confirm it's being passed with the correct request.

response_type
string
default:code
required

Tells your server the type of response it can expect to receive from this request. For this use case, pass code as the value for this field to tell your server that you're sending an authorization code.

scope
string
required

The scope of data that the Data Recipient collects from the customer, and is populated on the consent screen. To work with this Data Recipient, the customer must provide consent to share the scope of data they require. Possible values include:

  • ACCOUNT_BASIC - Basic account information
  • ACCOUNT_DETAILED - Detailed account information
  • ACCOUNT_PAYMENTS - Payment information linked to the account
  • INVESTMENTS - Investment information linked to the account
  • STATEMENTS - PDF statements for the account
  • CUSTOMER_CONTACT - Business contact information for the account
  • CUSTOMER_PERSONAL - Information about the customer who owns the account
  • TRANSACTIONS - List of transactions for the account

This is a space separated list. The minimum scope required is ACCOUNT_BASIC.

provider_id
string
required

The ID of the Data Provider that you are authorizing.

correlation_id
string

A randomly-generated, unique identifier that correlates two or more requests.

lang
string
default:en

The language that you want to display on the consent screen:

  • en - English
  • fr - French

If this field is left empty, the default value is English.

Response

302 - application/json

Upon successful authorization, the user is redirected to the redirect_uri with a code parameter containing the authorization code and the state parameter.

If authorization fails, the user is redirected to the redirect_uri with error, error_description, and state parameters.

The response is of type object.