Overview

The Consumer API uses modern technologies to provide a rich, consistent developer experience. Likewise, it adopts modern standards to secure access to user's financial data.

REST and JSON

The Consumer API is based on REST and has predictable resource-oriented URLs.

The Consumer API uses standard HTTP verbs and status codes and returns JSON-encoded responses.

OAuth and OpenID Connect

The Consumer API protects user data using the OAuth 2.0 industry standard. With OAuth, users can delegate scoped access to third parties who wish to act on the user's behalf. The user's login credentials are never shared with the third party. Instead, authorization is provided to third party apps via an access token.

The Consumer API provides user identity information using the OpenID Connect (OIDC) industry standard. OpenID Connect is an identity layer built on top of the OAuth 2.0 protocol. With OpenID Connect, third party apps are provided authenticated information about the user in the form of an identity token.