Embedded flow
Introduction
In an embedded authorisation flow a user's credentials are captured before the bank sends a Strong Customer Authentication (SCA) code to the user which is also captured in your frontend application and sent back to the institution via Yapily. There is no redirect to the bank itself.
Features
An institution using the embedded flow will support the following features:
Payments
-
INITIATE_EMBEDDED_DOMESTIC_SINGLE_PAYMENT -
INITIATE_EMBEDDED_BULK_PAYMENT
Data
-
INITIATE_EMBEDDED_ACCOUNT_REQUEST
Example flow
Embedded flow with multiple SCA methods:
-
Initiate the authorisation process
Make a request to
POST /embedded-account-auth-requestsorPOST /embedded-payment-auth-requests.If multiple SCA methods are available, you will receive a list of the SCA methods sent by the bank and the status is
AWAITING_SCA_METHOD.
note
If only 1 SCA_METHOD is available, the status will transition directly to AWAITING_SCA_CODE. In this case, you don't need to complete step 2 or 3 as the SCA_CODE will be sent immediately by the bank to the end user once the embedded account authorisation is initiated.
-
Present the list of SCA methods to the end user
You must display the list of available SCA methods to the end user in your frontend application so they can select the method they would like the bank to use to contact them.
-
Update the authorisation with the selected SCA method
Make a request to
PUT /embedded-account-auth-requests/{consentId}orPUT /embedded-payment-auth-requests/{consentId}including the selected SCA method, to update the bank via Yapily. The status isAWAITING_SCA_CODE.The bank will send the SCA code directly to the end user via the preferred method. You need to provide an input field to capture the code in your application.
-
Update the authorisation with the SCA code
Make a request to
PUT /embedded-account-auth-requests/{consentId}orPUT /embedded-payment-auth-requests/{consentId}including the SCA code, to update the authorisation via Yapily.Yapily returns the
consentTokenand the status isAUTHORIZED.