Developer Programs
Getting Started
Get started working with Jack Henry's developer programs today.
Fintech Integration Network (FIN)
Jack Henry's Integration Program for Fintechs.
Technical Account Manager (TAM)
Get technical integration help from a single point of contact.
Developer Account
Create a developer acccount to access resources that help you integrate with Jack Henry.
Learn
Shared Responsibility
Learn about shared roles and responsibilities of customers and Jack Henry in open banking.
Developer Use Cases
Find a use case that fits your development needs.
Developer Video Gallery
Watch the latest demos, webinars, and more.
Developer Conference
Connect with industry leaders, gain insights from expert speakers, and explore our latest innovations.
Docs
Admin API
Create solutions for an institution's back office support tools.
Authentication Framework
Map customer identities to your existing system IDs.
Consumer API
Access financial data for user accounts, transactions, and more.
Data Hub
Get deeper access to financial institution data.
Digital Core
Modernize with cloud-native core banking technology.
Enterprise Event System
Respond to events in real-time using this powerful pub/sub-based solution.
jXchange - REST API
Translate business information between Jack Henry and 3rd-party apps using a REST-based API.
jXchange - SOAP API
Translate business information between Jack Henry and 3rd-party apps using a SOAP-based API.
Operational Data Integration (ODI)
Get customized queries for bulk data needs.
Payments
Embed check deposits, ACH, bill pay, cards, and real-time payments.
Plugin Framework
Embed the best of the fintech world directly into your user's dashboard.
SymXchange
Query Symitar core member accounts, post transactions, run PowerOn scripts, and more.
Full List of APIs
Begin working with Jack Henry's public APIs to build financial applications today.

Scopes

Concepts > Scopes

OAuth 2.0 has a concept of scopes, where authorization is based on limited access.

Scopes define the categories of data that can be accessed and the operations that can be performed.

In other words, an app can request one or more scopes to get access to a user’s data (or to a system’s data) but access is only granted if the app is allowed to access that data.

All API endpoints that use the Authentication Framework are protected by OAuth scopes.

The OAuth scope required for a specific API endpoint can be found in the definition for that API endpoint in the API Reference.

See the RFC for more details on scopes.

Standard OAuth scopes

OAuth’s scope values are not standardized by the RFC.

The definition of an OAuth scope is determined by each API.

Standard OpenID Connect scopes

These are the standard scopes defined by OpenID Connect.

See the claims topic for more details on claims.

  • openid (required)
    • Starts an OpenID Connect flow which will return an Identity Token
  • address (optional)
    • Adds the user’s address claim to the Identity Token including street_address, locality/city, region/state, and postal_code
  • email (optional)
    • Adds the user’s email claim to the Identity Token
  • phone (optional)
    • Adds the user’s phone number claim to the Identity Token
  • profile (optional)
    • Adds the user’s basic profile claims to the Identity Token including name, family_name, given_name, middle_name, preferred_username, picture, and locale

Specific Implementations

The general concepts should apply to Jack Henry’s APIs, but specific implementations may vary.

Banno Digital Toolkit

See how the Banno Digital Toolkit handles Scopes.

Have a Question?
Did this page help you?
Last updated Fri Apr 4 2025