Account Information Service (Single Access)
Summary
Account Information Service (AIS) allows importing data from the end-user account from any supported bank to your system. In order to do that, the user has to log in to a bank via our SignIn Flow. Upon successful login, Kontomatik will return the session information needed to start the import via our API.
Single access lets you get the data just one time, right after the user authorizes the action.
Integration
To integrate AIS in the Single access mode into your process you will need to:
- Get API access
- Get your Client ID from Insight, generate API key(s) and whitelist your server(s)
- Embed our SignIn Widget or implement the SignIn Redirection on your website
- Configure the SignIn Flow parameters and handle necessary callbacks
-
Depending on your chosen SignIn version
- Create a connection between your frontend and backend to pass session information from the SignIn Widget to your servers
- Integrate with Redirection status endpoint to get to pass session information
- In your backend, integrate with the Default Import command and Get Import Result endpoint
- (optionally) Integrate with Analytical Services endpoints
- Save the data from our API
Sample process flow
- A user visits your website, fills in a form to start your process
- You assign
ownerExternalId
, a unique identifier to the user, and show the SignIn Widget to the user - The user goes through the bank authorization
onSuccess
callback is triggered - you can pass the received session information to the backend and redirect the user to another step in your process- On the backend, you send a request to import the data with the session information to the Default Import endpoint
- You receive a command ID that you can now use to periodically (once every 2-5 seconds) ask for the import status via Get Import Result endpoint
- At this point the user’s participation has ended, and you can inform them that they will be notified later about the result of the bank verification
- Once all data is imported, you will receive it as a response of the Get Import Result import alongside a “successful” status - you should now stop calling that endpoint and save the response with the data to your server
- (optionally) Make requests to our Analytical Services endpoints to fetch extra insights into the owner’s finances
- Inform the user about the status of the verification or your decision regarding the user’s application
Testing
In order to test the service, you have two starting options:
- test using real bank accounts that you acquired, works in test and production environments, supports only manual session creation;
- test using our mock bank, KontoBank, works only in the test environment, supports manual and automatic session creation.
Create a test session manually
To create a test session you can embed the SignIn Widget on your internal website just as you would on production, but in the client parameter you will have to use your test client ID.
Then perform the login process using one of the two targets:
- KontoBank - resembles a login process based on screen-scraping;
- KontoBank (API) - a version that includes a redirection page opened in a new window, resembling a PSD2 API flow.
Both targets offer test accounts listed on this page.
Once you successfully log in, you can use the session information returned by the Widget to perform Default import (steps 5 and further in the Sample process flow).
Create a test session automatically
For automated testing, you can create a session using our dedicated endpoint that will return necessary information to continue the flow with other API endpoints. Remember to use the test API URLs, your API key and a whitelisted server from your test account.
In order to create such a session you will have to supply KontoBank mock account information (as per the list) and ownerExternalId.
As a response you will receive sessionId and sessionIdSignature that you can use to perform Default Import and other actions (steps 5 and further in the Sample process flow).
Please see the endpoint specification in our technical documentation.
Important information
Coverage and data scope
We support major banks in many countries and we’re ready to add more depending on the demand. In those banks the basic data scope includes:
- Information about account owner(s)
- List of accounts with balances
- List of transactions with details
- List of credit cards and transactions
Each bank is different and offers a different set of details. You can check our Coverage to find which banks we support and what data scope they offer.
Transaction history
In each bank we’re able to fetch a different scope of history in terms of the timespan when the transactions were made. In some banks it can be 10 years, 4 years, 1 year or just 90 days.
Typically, we recommend importing 90 days of transactional history, up to a 1 year, due to general availability and the time it takes to download the data.
However, you need to remember that fetching more than 90 days requires additional setup due to Strong Customer Authentication implemented by banks: Getting more than 90 days of data.
Auto import
It’s possible to use Single Access without integrating with our API. It requires a minimal setup from your side. Please see this article for details.
Best practices
To improve your conversion and make the process better for the users, you can implement the following: