Jack Henry Digital Toolkit
JackHenry.dev
Learn how to develop with Jack Henry's digital banking platform to innovate faster and deliver top-notch experiences.
Digital Toolkit
Integrate with Jack Henry's plugin framework, authentication framework, admin API, and consumer API.
Enterprise Solutions
Integrate with Jack Henry's SilverLake, CIF 20/20, and Core Director banking cores.
SymXchange
Integrate with Jack Henry's Symitar credit union core.
Payments
Embed check deposits, ACH transactions, bill payments, card issuing and processing, and real-time payments.
Design Guidelines
Create stunning products with this set of visual guidelines
Light Mode
Always display this site using light mode.
Dark Mode
Always display this site using dark mode.
Device Setting
Display this site using this device's light / dark mode setting.

Authentication

Consumer API > Overview > Authentication

Authentication for the Consumer API is based on the concept of OAuth Access Tokens and OpenID Connect Identity Tokens.

See the Authentication Framework docs for details that apply to all authentication schemes.

Permissions and Scope Enforcement

  • API endpoints are protected by an OAuth / OpenID Connect scope as part of the Permissions Flow.

  • The OAuth / OpenID Connect scope required for a specific API endpoint can be found in the endpoint’s definition in the API Reference.

Example

The GET ​/users​/{userId} endpoint requires the https://api.banno.com/consumer/auth/user.profile.readonly scope to be requested, as defined in the API Reference.

Permission must be granted as defined in the Permissions Flow to access the endpoint and successfully receive data.

Scope Example in API Reference
Have a Question?
Have a how-to question? Seeing a weird error? Get help on StackOverflow.
Register for the Digital Toolkit Meetup where we answer technical Q&A from the audience.
Last updated Tue Dec 13 2022