Updated on July 14, 2022
Learn about our Authentication Framework
Authentication Framework protects access to user data via modern, battle-tested, tech industry standards such as OAuth and OpenID Connect (which we continue to update as those standards evolve). See Authentication Framework section for details.
Authentication Framework purpose
is the underlying foundation for every consuming All JH Enterprise APIs (i.e. the
Wires API, EDPP AP).
Authentication Framework does not use API keys nor does it share usernames and passwords with 3rd party developers.
Instead, it provides authorized API access via an
Access Token and provides authenticated information about the user via an
These are some of the things you should know about the
OAuth 2.0 and OpenID Connect
Authentication Framework protects user data using the OAuth 2.0
industry standard. With OAuth, users can delegate scoped access to third parties who wish to act on the user’s behalf. The user’s login credentials are never shared with the third party. Instead, authorization is provided to third party apps via an access token.
Authentication Framework provides user identity information using the OpenID Connect (OIDC)
industry standard. OpenID Connect is an identity layer built on top of the OAuth 2.0 protocol. With OpenID Connect, third party apps are provided authenticated information about the user in the form of an identity token.
OAuth 2.0 and OpenID Connect are based on the concept of tokens. There are 3 main types:
External Resources for OAuth 2.0 and OpenID Connect
If you want to learn more about OAuth 2.0 and OpenID Connect, these external resources may be useful:
- Guide: An Illustrated Guide to OAuth and OpenID Connect
- Video: OAuth 2.0 and OpenID Connect (in plain English)
- Article: OpenID Connect explained
- Spec: OpenID Connect Core 1.0 incorporating errata set 1
Contact JH to receive API Credentials
Wondering where to start? To use the Jack Henry Wires API please reach out to the following email address EISProductionAdoption@jackhenry.com