Developer Programs
Fintech Integration Network (FIN)
Jack Henry's Integration Program for Fintechs.
Technical Account Manager (TAM)
Get technical integration help from a single point of contact.
Developer Account
Create a developer acccount to access resources that help you integrate with Jack Henry.
Learn
Shared Responsibility
Learn about shared roles and responsibilities of customers and Jack Henry in open banking.
Developer Use Cases
Find a use case that fits your development needs.
Developer Video Gallery
Watch the latest demos, webinars, and more.
Developer Conference
Connect with industry leaders, gain insights from expert speakers, and explore our latest innovations.
Docs
Admin API
Create solutions for an institution's back office support tools.
Authentication Framework
Map customer identities to your existing system IDs.
Consumer API
Access financial data for user accounts, transactions, and more.
Data Hub
Get deeper access to financial institution data.
Enterprise Event System
Respond to events in real-time using this powerful pub/sub-based solution.
jXchange - REST API
Translate business information between Jack Henry and 3rd-party apps using a REST-based API.
jXchange - SOAP API
Translate business information between Jack Henry and 3rd-party apps using a SOAP-based API.
Operational Data Integration (ODI)
Get customized queries for bulk data needs.
Payments
Embed check deposits, ACH, bill pay, cards, and real-time payments.
Plugin Framework
Embed the best of the fintech world directly into your user's dashboard.
SymXchange
Query Symitar core member accounts, post transactions, run PowerOn scripts, and more.
Xperience
Modern UI that provides consistent visual integration across Jack Henry products.
Full List of APIs
Begin working with Jack Henry's public APIs to build financial applications today.

External Applications

Plugin Framework > Architecture > External Applications

Plugins require a set of credentials to be configured as an external application in the Banno People app.

The back office administrator at your financial institution can do this for you in the External applications section of Banno People.

Understanding Your Development Experience
Are you a financial institution?

If you are a financial institution or working directly with a financial institution, you should work with the back office administrator at your institution to get appropriate access to Banno People.

Are you a fintech or independent developer?

If you are a fintech or other developer working without a financial institution, you are likely using the JackHenry.Dev developer portal. In this case, you will not have access to Banno People, however you will still have the ability to create and configure many aspects of your external application and plugin.

For more information on this, see our troubleshooting page.

The “External Applications” section of Banno People (click the image to view full screen)
Plugin - Setup a new external application

First, the administrator must select Custom name as the type of external application. They will need to enter a name for these credentials.

Next, the administrator must select a Link type of PluginCard. They will need to enter a name for the Link title.

Finally, the administrator must enter your Redirect URI and click the save button. The Redirect URI (and the auto-generated Client ID and Client Secret) are what you’ll use to authenticate with Banno using OAuth/OpenID Connect. See the Authentication topic for more details.

The External Application is what you’ll use when configuring your plugin.

User type filter

It’s possible to designate what types of user have access to an external application. By default, all external applications are set to All user types, however, you can also choose to configure your external application to only Retail or Cash Management.

Additionally, if you do designate a specific user type, you can still override the configuration for specific users.

Order of redirect URIs

It is possible to add more than one redirect URI. However, the order is important.

  • The redirect URI that handles the initial authentication flow for your plugin must appear first in the Redirect URI list since Banno’s Dashboard UI expects to call the first redirect URI to render the plugin’s card face.
  • The order is not important for any other redirect URIs in the list.

Exact string matching of redirect URIs

Each redirect URI is matched using exact string matching. If the redirect URI does not match, then the authorization flow will not be valid.

  • Redirect URI matching is case-sensitive and path-inclusive.
    • For example, http://localhost:8080/dynamic is NOT the same as http://localhost:8080/Dynamic since the first uses a lowercase “d” and the second uses an uppercase “D”.
    • Similarly, http://localhost:8080/dynamic is NOT the same as http://localhost:8080/dynamic/ since the second ends with a slash while the first does not.
  • ‘Wild card’ redirect URI formats are not allowed, so https://*.example.com is NOT valid.

Dynamically updating Content Security Policy (CSP) with redirect URIs

See the Restrictions page for more details.

Have a Question?
Have a how-to question? Seeing a weird error? Get help on StackOverflow.
Register for the Developer Office Hours where we answer technical Q&A from the audience.
Did this page help you?
Last updated Fri Sep 15 2023