Single Sign-On Handover & Integration

The platform enables seamless and secure single sign-on and data exchange with the Integrator’s Backend System. A user can only access a page containing an Integrator’s Plugin after the user has authenticated onto the Forge 2.0 online banking platform.



Step 1 – User Login

The user logs on to the online banking platform.

Step 2 – Page Load

The user navigates to the page containing the Plugin, and the page is loaded. During this process, the Plugin Adapter is invoked.

Step 3 – Issue Auth Code

The Plugin Adapter issues an Auth Code to the Plugin. The Auth Code is tied to the user’s online banking session. The Plugin Adapter also provides configuration parameters to the Plugin during this stage.

Step 4 – Transmit Auth Code

The Integrator’s Plugin transmits the Auth Code to the Integrator’s Backend System.

Step 5 – Exchange Auth Code

The Integrator’s Backend System calls the Open Innovation API to exchange the Auth Code for an Access Token. The Auth Code is valid for 30 seconds and can only be used once. The Access Token is valid for 30 minutes and can be used multiple times.

Step 6 – Data Requests

The Integrator’s Backend System uses the Access Token to request user session and banking data from the Open Innovation API.

Step 7 – Instantiate Session

The Integrator’s Backend System instantiates a session for the user. Thereafter, a session identifier would typically be returned to the user agent in the form of a cookie.

Step 8 – User Interaction

The user interacts with the Integrator’s Plugin. The Integrator’s Backend System can continue to make data requests against the Open Innovation API.

Step 9 – Logout

The user logs out of the online banking platform. The Open Innovation platform makes a webhook request to the Integrator’s Backend System to notify it of the logout event.

Back to Top