Enterprise Solutions

API Reference

Enterprise REST API > Enterprise Data Privacy and Protection > API Reference

Introduction to

The Jack Henry Enterprise Data Privacy and Protection API is based on REST and has predictable resource-oriented URLs. The Jack Henry Enterprise Data Privacy and Protection API uses standard HTTP verbs and status codes and returns JSON-encoded responses.

The Jack Henry Enterprise Data Privacy and Protection API protects access to user data using OAuth 2.0. The user’s login credentials are never shared with third party apps. Authorization is provided to third party applications via an access_token.

The Jack Henry Enterprise Data Privacy and Protection API provides authenticated user identity information using OpenID Connect (OIDC). With OpenID Connect, third party apps are provided authenticated information about the user in the form of an identity_token.

Both the access_token and identity_token are encrypted in JSON Web Token format.

Base URL

See the Base URL topic.

Versioning

See the Versioning topic.

API credentials

Obtaining

Testing/development credentials are only available to JH partner banks and VIP participating vendors.

  • If you are a partner bank, please submit For Clients Case and ask it to be routed to EIS Adoption.
  • For VIP participants, submit a Vendor/Partner Portal case.

Usage

Client Authentication:

  • client_id
  • client_secret
Keep it secret
It is important to keep the client_id and client_secret values secret and not leak it through some kind of frontend, client-accessible JavaScript call.
Don't share or commit it

Do not share credentials via unsecured channels (e.g. email or instant messaging)

Similarly, do not commit credentials to your source code repository.


Have a Question?
Have a how-to question? Seeing a weird error? Get help on StackOverflow.
Register for the Digital Toolkit Meetup where we answer technical Q&A from the audience.
Last updated Fri Jul 29 2022