Single Sign-On Handover & Integration
The platform enables seamless and secure single sign-on and data exchange with the Contributor’s Backend System. A user can only access a page containing a Contributor’s Plugin after the user has authenticated onto the Forge 2.0 online banking platform.
Step 1 – User Login
The user logs on to the online banking platform.
Step 2 – Page Load
The user navigates to the page containing the Plugin, and the page is loaded. During this process, the Plugin Adapter is invoked.
Step 3 – Issue Auth Code
The Plugin Adapter issues an Auth Code to the Plugin. The Auth Code is tied to the user’s online banking session. The Plugin Adapter also provides configuration parameters to the Plugin during this stage.
Step 4 – Transmit Auth Code
The Contributor’s Plugin transmits the Auth Code to the Contributor’s Backend System.
Step 5 – Exchange Auth Code
The Contributor’s Backend System calls the Open Innovation API to exchange the Auth Code for an Access Token. The Auth Code is valid for 30 seconds and can only be used once. The Access Token is valid for 30 minutes and can be used multiple times.
Step 6 – Data Requests
The Contributor’s Backend System uses the Access Token to request user session and banking data from the Open Innovation API.
Step 7 – Instantiate Session
The Contributor’s Backend System instantiates a session for the user. Thereafter, a session identifier would typically be returned to the user agent in the form of a cookie.
Step 8 – User Interaction
The user interacts with the Contributor’s Plugin. The Contributor’s Backend System can continue to make data requests against the Open Innovation API.
Step 9 – Logout
The user logs out of the online banking platform. The Open Innovation platform makes a webhook request to the Contributor’s Backend System to notify it of the logout event.