Getting Started

What is it?

The Admin API is how you can manage the back office using the same API that powers Banno’s own Banno People , Banno Marketing, and other back office experiences.

The Admin API is how you can automate the administrative side of Banno.

What is its purpose?

The Admin API is intended to be used when an External Application wants to call API endpoints without direct user interaction. This means that authentication is for the application itself.

Checkpoint

Have you completed the Authentication Quickstart?

How do I use it?

These are some of the things you should know about the Admin API.

Client Credentials Flow

The Admin API uses the OAuth Client Credentials flow to obtain an Access Token. An External Application can use its credentials to directly obtain an Access Token. Once the Access Token expires, the External Application requests a new one when necessary.

The Client Credentials flow requires authenticating with a signed JSON Web Token (JWT) that uses a public key + private key pair.

Checkpoint

Have you read the Client Credentials Flow topic?

Public Key + Private Key

The authentication process for the Admin API requires managing a Public Key + Private Key pair to sign a JSON Web Token (JWT).

The Private Key remains solely in your possession and must be kept secret. This is what you will use to create the signed JWT when authenticating with the API.

The Public Key is configured as part of an External Application in the Users & Groups app within Banno. The back office administrator at your financial institution can do this for you in the Users & Groups section of Banno.

Checkpoint

Have you read the Public Key + Private Key topic?

Associated User

When an External Application authenticates itself with the Admin API, all actions are performed and logged as a single Associated User in Banno.

The Associated User acts as a back office administrator at the financial institution. As such, it is best to have the Associated User be created with only the privileges/permissions that are specifically necessary for the External Application to function.

Checkpoint

Have you read the Associated User topic?

Configuration

Authenticating to the Admin API requires an External Application configuration to be created within Banno.

The back office administrator at your financial institution can do this for you in the Users & Groups section of Banno.

Checkpoint

Have you read the Configuration topic?

API Reference

The Admin API is based on REST and has predictable resource-oriented URLs. The Admin API uses standard HTTP verbs and status codes and returns JSON-encoded responses.

The Admin API protects access to user data using OAuth 2.0. Login credentials are never shared with third party apps. Authorization is provided to third party applications via an Access Token.

The Access Token is encoded in JSON Web Token format.

Checkpoint

Have you reviewed the API Reference?

How have others used it?

These are some of the ways that 3rd party developers have used the Admin API:

  • Enable call center agents to use existing CRM (customer relationship management) tool with new functionality:
    • look up user status
    • unlock a user account
    • send an email or SMS to reset a user’s password

Additional details

These are some additional details that you may find useful as you build your apps.

Guides

Guides are designed to provide you with bite-sized introductions to our API. Each guide showcases a part of our API and how to use it in the simplest way.

We recommend reading the Guide to Reset a User Password.

Other “Getting Started” pages

These pages will help you get started with other parts of the Banno Digital Toolkit: