Guides
Start typing to search…

Adfin app concept

Adfin Apps enable a secure, scalable integration method for external platforms using OAuth 2.0 to manage access and facilitate interaction between billers, platforms, and Adfin services.

What is an Adfin app?

Apps are a data bucket and security concept in the Adfin platform. An app allows you, the platform, to gather multiple users and their data, and access the data with a set of keys.

The Adfin App concept involves creating a dedicated app for each platform that integrates with Adfin. These apps are managed through AWS Cognito and OAuth 2.0 flows, allowing platforms to securely access and interact with Adfin's services.

Your Adfin integration manager will provision you with two apps:


  • Staging app: Many platforms like to run tests using test credentials, with the most common scenario being developers using test bank credentials to test how a customer would experience their Adfin integration. We will give you sandbox access to our staging environment by creating a staging app for you. This allows you to separate test and production data.

  • Production app: Production apps only connect with live banks and allow you to store real customer data. This is the app you should use once you’ve tried and tested your integration and are ready to go live.

📘

Obtain your client credentials

Your Adfin Integration Manager will share encrypted app credentials containing your client_id and client_secret.


Key elements of Adfin apps


1. App client creation

  • Each platform that integrates with Adfin is assigned a unique app client.

  • The app client is configured within a dedicated AWS Cognito user pool for platforms.

  • Each app client will have a unique set of credentials: client_id and client_secret.


2. OAuth 2.0 authentication


  • Platforms use the Client Credentials Flow to authenticate and obtain an access token by using the client_id and client_secret.

  • Custom OAuth 2.0 scopes (e.g., Invoices, Customers) are assigned to control access to specific resources.

  • A custom domain is used for the OAuth 2.0 endpoints, ensuring secure communication.


3. Biller interaction via platform


  • A platform can onboard billers and allow them to interact with Adfin services through the app.

  • The Authorization code flow is used for user-based interactions, where billers authenticate themselves via Adfin and are redirected back to your platform with an access token.


4. User management & onboarding


  • Platforms can manage users who interact with Adfin. Users can register, complete onboarding, and link their accounts to billers within the Adfin ecosystem.

  • Users need to complete the onboarding process in Adfin before gaining full access to platform features.

  • Apps connected to Adfin can be viewed and managed under the platform’s settings (e.g., users can disconnect from Adfin if needed).

Updated 29 days ago

What’s Next