Jack Henry Digital Toolkit
JackHenry.dev
Learn how to develop with Jack Henry's digital banking platform to innovate faster and deliver top-notch experiences.
Digital Toolkit
Integrate with Jack Henry's plugin framework, authentication framework, admin API, and consumer API.
Enterprise Solutions
Integrate with Jack Henry's SilverLake, CIF 20/20, and Core Director banking cores.
SymXchange
Integrate with Jack Henry's Symitar credit union core.
Payments
Embed check deposits, ACH transactions, bill payments, card issuing and processing, and real-time payments.
Design Guidelines
Create stunning products with this set of visual guidelines
Light Mode
Always display this site using light mode.
Dark Mode
Always display this site using dark mode.
Device Setting
Display this site using this device's light / dark mode setting.

Getting Started

Consumer API > Getting Started

What is it?

The Consumer API is how you can access user data using the same API that powers Banno’s own Banno Online and Banno Mobile experiences.

The Consumer API is how you can embed financial capabilities into app experiences outside of Banno (or use when building custom Banno dashboard cards with the Plugin Framework).

Checkpoint
Have you signed up for a developer account?

What is its purpose?

The Consumer API is intended to be used when an External Application wants to call API endpoints with direct user interaction. This means that authentication is on the user’s behalf.

Quickstarts

Checkpoint
Have you completed the Authentication (Node.js Example) Quickstart?
Checkpoint
Have you completed the Authentication (Command Line) Quickstart?

How do I get help?

If you are having issues with the Consumer API, try stepping through the Troubleshooting page.

Checkpoint

How do I use it?

These are some of the things you should know about the Consumer API.

OAuth 2.0 and OpenID Connect

The Consumer API uses the OAuth 2.0 Authorization Code Grant flow to obtain an Access Token. An External Application can use its credentials to obtain an Access Token after the user has logged in and consented to link their data with the 3rd party app. Once the Access Token expires, the External Application can exchange a Refresh Token for a new Access Token when necessary.

The Consumer API uses the OpenID Connect identity layer on top of OAuth to provide authenticated information about the user via an Identity Token. The Identity Token is encoded as a JSON Web Token (JWT).

Checkpoint
Have you read the OpenID Connect and OAuth 2.0 topic?

Permissions and Scope Enforcement

The Consumer API protects access to user data via OAuth / OpenID Connect scopes.

The OAuth / OpenID Connect scope required for a specific Consumer API endpoint can be found in the endpoint’s definition in the API Reference.

Checkpoint
Have you read the Authentication topic?

Permissions Flow

The Consumer API data permissions are granted based on granular request scopes and claims, which provide limited access to specific data on a per user basis.

Checkpoint
Have you read the Permissions Flow topic?

Restrictions

The Consumer API is specifically designed to protect the security of the user and protect the user experience.

As such, these are some restrictions to keep in mind as you build your app.

Checkpoint
Have you read the Restrictions topic?

Configuration

Authenticating to the Consumer API requires an External Application configuration to be created within Banno.

The back office administrator at your financial institution can do this for you in Banno People.

If the back office administrator does not know where to do this, they can review the External application configuration article on the Banno Knowledge site.

If you are developing using a Jack Henry test environment, you will not have access to Banno People. In this case, Jack Henry is the acting administrator of the financial institution and you will have to contact us for any Banno People operations.
Checkpoint
Have you read the Configuration topic?

API Reference

The Consumer API is based on REST and has predictable resource-oriented URLs. The Consumer API uses standard HTTP verbs and status codes and returns JSON-encoded responses.

The Consumer API protects access to user data using OAuth 2.0. The user’s login credentials are never shared with third party apps. Authorization is provided to third party applications via an Access Token.

The Consumer API provides authenticated user identity information using OpenID Connect (OIDC). With OpenID Connect, third party apps are provided authenticated information about the user in the form of an Identity Token.

Checkpoint
Have you reviewed the API Reference?

How have others used it?

These are some of the ways that 3rd party developers have used the Consumer API:

  • Build a personal financial management (PFM) dashboard that pulls account information from different financial institutions into a unified view of a user’s complete financial life
  • Simplify and prefill a loan application form
  • Enable developers to securely access and share financial data via a secure data access network

Additional details

These are some additional details that you may find useful as you build your apps.

Guides

Guides are designed to provide you with bite-sized introductions to our API. Each guide showcases a part of our API and how to use it in the simplest way.

We recommend reading these guides:

Checkpoint

Do you have code that uses our deprecated and unversioned authentication endpoints?

If so, you’ll want to upgrade to use the v0 authentication endpoints.

We recommend reading the Guide on Migrating to the V0 OpenID Connect Endpoints.

Other “Getting Started” pages

These pages will help you get started with other parts of the Digital Toolkit:

Have a Question?
Have a how-to question? Seeing a weird error? Get help on StackOverflow.
Register for the Digital Toolkit Meetup where we answer technical Q&A from the audience.
Last updated Wed Dec 28 2022