Authentication

Getting authentication state

For the account linking which you might use later for AIS or PIS services, you will need to get a state. Asking a user to authenticate within his account will allow you to skip authentication steps when initiating a payment and even skip low value payment SCA steps on some certain banks.

API method structure can be found here.

Example using our PHP library:

$client = new Client($id, $secret, ['version' => '0.3', 'error' => 'array']);
$attrs = [
    'redirectPreferred' => 'false',
    'scopes' => 'payments',    // multiple scopes can be added separated with comma
    'email' => 'your@email.com',
    'Request-Id' => uniqid(),
    'Redirect-URL' => 'https://your.callback.url' // must match SDK callback url
];
$response = json_encode($client->auth()->authenticate($attrs));

Received state value should be passed to the SDK when attempting to link the account.

Getting authentication tokens

After the user has successfully linked the account, the kevin. mobile SDK will return a callback with authorizationCode, which can be used to fetch the tokens required for further work with AIS and PIS services.

API method structure can be found here.

Example using our PHP library:

$client = new Client($id, $secret, ['version' => '0.3', 'error' => 'array']);
$attrs = [
    'grantType' => 'authorizationCode',
    'code' => 'received-authorization-code-from-Mobile-SDK'
];
$response = json_encode($client->auth()->receiveToken($attrs));

Make sure to save received refresh and access tokens for the further use.

Refreshing authentication tokens

Account access tokens have only a limited duration, so we recommend implementing a token refresh mechanism.

API method structure can be found here.

Example using our PHP library:

$client = new Client($id, $secret, ['version' => '0.3', 'error' => 'array']);
$attrs = [
    'grantType' => 'refreshToken',
    'refreshToken' => 'your-refresh-token'
];
$response = json_encode($client->auth()->refreshToken($attrs));