API Call Sequence Overview
The integration to the Interac Hub API follows the OAuth 2.0 authorization code grant flow to initiate an authorization call and token request. The subsequent retrieval of user claims follows the OpenID Connect 1.0 UserInfo Endpoint standard. At a high level, the Hub API calling sequence follows these steps:
| HTTP Method | Steps | Reference Standard |
|---|---|---|
| HTTP GET | 1. Retrieving Hub Configuration (OIDC Discovery) RP obtains Hub OpenID Configuration via .well-known/openid-configuration endpoint | OpenID 4. Obtaining OpenID Provider Configuration Information |
| HTTP GET | 2. Authorization Request RP initiates OAuth 2.0 authorization request to the Hub /auth endpoint | RFC 6749 4.1.1 Authorization Request |
| HTTP 302 Redirect | 3. User ID Verification User performs bank authentication and/or document verification on user agent (web and/or mobile app) | N/A: Bank authentication performed on the Interac Verification Service (IVS); document verification performed on the Interac Document Verification Service (IDVS) |
| HTTP 302 Redirect | 4. Authorization Response Hub sends RP authorization code via callback URL | RFC 6749 4.1.2 Authorization Response |
| HTTP POST | 5. Token Request RP exchanges auth code for access token by calling Hub /token endpoint | RFC 6749 4.1.3 Access Token Request |
| HTTP 200 OK application/json | 6. Token Response Hub sends access token to RP via HTTP response via JSON response | RFC 6749 4.1.4 Access Token Response |
| HTTP GET | 7. UserInfo Request RP exchanges access token for user claims by calling Hub /userinfo endpoint | OpenID 5.3.1 UserInfo Request |
| HTTP 200 OK application/json | 8. UserInfo Response Hub sends user claims to RP via HTTP response via JSON response | OpenID 5.3.2 Successful UserInfo Response |
Updated about 1 year ago