This represents and enables authorized access to data provided by an OAuth 2.0-based API.
Must be kept confidential.
When an Access Token becomes invalid or expires, a new Access Token can be obtained via a Refresh Token.
An account refers to one of a user’s banking accounts (including types such as Checking, Savings, and Loans).
This acronym stands for application programming interface.
Within the context of APIs: These refer to credit cards or debit cards.
Confidential clients are OAuth clients that can keep their API credentials secret (e.g. secure servers).
Banking software that provides basic functionality (including general ledger, transactions, and transfers) for financial institutions.
This is the primary UI that a user typically sees when they use Banno Online & Mobile.
A bank or credit union.
The OAuth 2.0 industry standard allows users to delegate scoped access to third parties who wish to act on the user’s behalf.
OpenID Connect (OIDC)
PKCE (Proof Key for Code Exchange)
An optional primary action button can be used to take users to a full-screen web view of your application.
Plugins are sometimes referred to informally in the developer community as “card/cards” or “tile/tiles”, but the correct terms are “plugin/plugins”.
Public clients are OAuth clients that are incapable of keeping their API credentials secret, such as mobile apps or single-page applications (SPA).