To interact with ANZ Fileactive APIs, authentication is handled using OAuth 2.0 with the Client Credential Grant flow. This ensures secure access to the API resources by obtaining a bearer token, which is then used for authorizing API requests.
Key points:
- Endpoint: All authentication requests should be sent to the
/v1.0/authendpoint. - Grant Type: Use
client_credentialsas the grant type for obtaining tokens. - Token URL: The token URL is
https://api.fileactive.anzgcis.com/v1.0/auth. - Scopes: Specific scopes define the permissions, such as:
GBL.INSTO.ACCOUNTS.STATEMENT.READ- Request Account Statement.
- Headers: Include an API key in the header using
apikeyas the parameter name.
Example Request:
To request a token, send a POST request with the required parameters in application/x-www-form-urlencoded format. The request must also include your API key in the header for authentication.
POST /v1.0/auth HTTP/1.1
Host: api.fileactive.anzgcis.com
Content-Type: application/x-www-form-urlencoded
x-api-key: <your_api_key_here> # Include your API key in the header
grant_type=client_credentials&
client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&
scope=GBL.INSTO.ACCOUNTS.STATEMENT.READ&
client_assertion=<your_client_assertion_here>
Example Response:
On success, you’ll receive a bearer token in the response, which is used for authorisation in subsequent API calls.
{
"expires_in": 3600,
"token_type": "Bearer",
"access_token": "eaaa13ee-b596-a8cc-b9d4-f778f8bb9377"
}
Usage Notes:
- authorisation Header: Include the
access_tokenin theauthorisationheader asBearer <access_token>. - Token Refresh: Tokens expire according to the
expires_invalue. Ensure you handle token renewal to maintain API access.