Getting Started with Okay

Before we jump into the code, we need to set up your tenant so it’s ready. If you don’t have your tenant yet you can sign up for one here. Once you’re in the admin panel navigate to the tenant overview. Here there is a couple of steps you need to take before we start.

The first number on each row in the list is the tenant ID, we will need this to know which tenant we are trying to request. On the same line; click on the edit button to configure your tenant:

Name
Give it a proper name so you can easily identify which environment this tenant is representing in the admin. This is only used for display purposes in the admin.

Callback url
The “callback url” refers to a url on your domain where Okay can communicate with your environment, i.e whenever a user link your application with their Okay app, this URL is where the okay api will provide the status from this interaction.

Token
A secret token of your choosing, this is what we’ll use to authenticate your requests from your environment with the Okay api.

Submit your form and open your soda cause now everything should be ready for some development.


Signing requests

In order to successfully call the API, every request needs to be signed. To sign a request the request body needs to include a signature field. The shared way to create a signature can be described like so:

function encryptAndHash (string) { return base64(sha256(str)); }

Linking a users with your tenant

Now that we encrypt our signature we are ready to make our first request to the api.For a user to be able to authenticate with your tenant they need to link to your tenant, by using the Okay app or and built in SDK on your app the user need to scan the QR code or input the 6 digit number you present them.

To start with the linking, do a singed link request like this:

Singed link request (/link)

{
 tenantId: 123456,
 userExternalId: 1,
 signature: encryptAndHash(
   tenantId + userExternalId + tenantToken
 )
}

The response you get will look something like this:

{
 "status": {
   "code": "SUCCESS",
   "message": "42"
  },
 "linkingCode": "123456",
 "linkingQrImg": "base64-encoded image of QR code"
}

Present the QR code and 6 digit code provided in the response to your user so they can link their user up with your tenant. The status of the linking will be sent to the callback url that you have specified in your tenant settings.

Authenticating your first PSD2 compliant transaction

Presuming your client has linked up to your tenant he should now be able to authenticate using the Okay API.Remember to use the signing function to send your signature. To read more about the different types of security measures by checking out the api documentation

Signing auth request (/auth)

{
 tenantId: 123456,
 userExternalId: 42,
 type: AUTH_OK,
 authParams: {
   guiHeader: ‘Hello there’,
   guiText: ‘Could you Okay this?’
 },
 signature: encryptAndHash(
   tenantId +
   userExternalId +
   authParams.guiHeader +
   authParams.guiText +
   type +
   tenantToken
  )
}

Checking the status of a transaction

Check up on the status of a transaction by calling /check and specifying the sessionExternalId of the transaction in question.

Signing auth status request (/check)

{
 tenantId: 123456,
 sessionExternalId: 1,
 signature: encryptAndHash(
   tenantId +
   sessionExternalId +
   tenantToken
 )
}

Want to know more?

Send us a mail or give us a call so we can help you with secure transactions and verifications.

Okay Logo
+47 2142 0101
Okay Logo
hello@okaythis.com
Okay Logo

About

Klingenberggt 7b,

0161 Oslo,

Norway

+47 2142 0101