API Auth


#1

Hi there

I have signed up to the ozone sandbox, and using postman, I am trying to get authorised for “openid accounts”

When I send this:

https://developer.sandbox.tide.co:4101/auth?client_id=6f2d3731-3b0b-4832-a8a4-38c8529e6901&response_type=code&scope=openid%20accounts&request=eyJhbGciOiJub25lIn0.eyJhdWQiOiJodHRwczovL2RldmVsb3Blci5zYW5kYm94LnRpZGUuY286NDEwMSIsImlzcyI6IjZmMmQzNzMxLTNiMGItNDgzMi1hOGE0LTM4Yzg1MjllNjkwMSIsInNjb3BlIjoib3BlbmlkIGFjY291bnRzIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly93d3cuZ2V0cG9zdG1hbi5jb20vb2F1dGgyL2NhbGxiYWNrIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7Im9wZW5iYW5raW5nX2ludGVudF9pZCI6eyJ2YWx1ZSI6ImFhYy1mNGYyOTcxMy1iYjZlLTQ1YzUtYTgyZS1iNjQxZDNkY2RkNmYiLCJlc3NlbnRpYWwiOnRydWV9fX19.

I get back a login page and this information:

<html lang="en">
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link href="/css/bootstrap.min.css" rel="stylesheet">
        <link href="/css/login.css" rel="stylesheet">
        <link href="/css/dashboard.css" rel="stylesheet">
        <link href="css/prism.css" rel="stylesheet">
    </head>
</html> etc etc ```

with this data within the webpage ->

“interactionId”: “2a7d666b-a516-4136-bd03-c3dd7309967f”,
“params”: {
“client_id”: “6f2d3731-3b0b-4832-a8a4-38c8529e6901”,
“response_type”: “code”,
“scope”: “openid accounts”,
“request”: “eyJhbGciOiJub25lIn0.eyJhdWQiOiJodHRwczovL2RldmVsb3Blci5zYW5kYm94LnRpZGUuY286NDEwMSIsImlzcyI6IjZmMmQzNzMxLTNiMGItNDgzMi1hOGE0LTM4Yzg1MjllNjkwMSIsInNjb3BlIjoib3BlbmlkIGFjY291bnRzIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly93d3cuZ2V0cG9zdG1hbi5jb20vb2F1dGgyL2NhbGxiYWNrIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7Im9wZW5iYW5raW5nX2ludGVudF9pZCI6eyJ2YWx1ZSI6ImFhYy1mNGYyOTcxMy1iYjZlLTQ1YzUtYTgyZS1iNjQxZDNkY2RkNmYiLCJlc3NlbnRpYWwiOnRydWV9fX19.”,
“scopes”: [
“openid”,
“accounts”
],
“aud”: “https://developer.sandbox.tide.co:4101”,
“iss”: “6f2d3731-3b0b-4832-a8a4-38c8529e6901”,
“redirect_uri”: “https://www.getpostman.com/oauth2/callback”,
“claims”: {
“id_token”: {
“openbanking_intent_id”: {
“value”: “aac-f4f29713-bb6e-45c5-a82e-b641d3dcdd6f”,
“essential”: true
}
}
}
},
“status”: “started”,
“redirectBack”: null,
“_id”: “5d7a3446671ec764ccca1577”,
“claims”: {}


I am expecting just a json response? What could be wrong?

#2

Anyone here to help?


#3

Hi @johnnyzen,

Sam here, I’m a web developer at Tide. We don’t officially provide support on APIs and Open Banking as these are well documented and in the case of Open Banking is a standard. Having said that I saw your post and thought I might be able to give you a hand. I’ve chatted to one of architecture team members to clarify.

There’s two things you need to be aware of:

  1. Since your original post, we’ve updated the sandbox. As a result you might need to re-register and if so, will get a new postman collection with updated credentials. Have a look at the documentation at https://bitbucket.org/tideaccount/developer-portal/src/master/README.md
  2. The issue you’re experiencing here is because you’re trying to get the contents of the URL returned by the AuthCodeURL endpoint. The URL returned by the AuthCodeURL endpoint is actually the address of a website. It’s the site to send the user to so that they can log in to their tide account and confirm which data they want to share with your application. You can use dummy credentials to do this login as a test user in the sandbox (e.g. username: mits, password: mits). Once the user completes this approval process the site will redirect back to your redirect url with a code in the query string which you can then exchange for the access tokens you need to call the Open Banking API.

Hope that is a steer in the right direction!

PS: We also have some more info at these FAQs: