CM Inititated
This will typically be the case when User login to his CMs account and does the discovery of the DP with whom the linking has to be initiated.
Details of the flow
As a precursor for the flow to begin Mutual TLS connection is established between the CM and DP.
CM sends a request to the DP to initiate the linking. If the user exists then move to the next step else respond with error.
DP initiates the authentication of the user. This is outside the DEPA flow and will be done in 3 steps.
Notification to the user that a request for linking has been received. The notification can take any form like sms, ivr, app notifications etc..
Users might have to do the authentication, this can be single factor or multiple depending on the DP.
User will approve the request and select the accounts which he wishes to link with the CM. The account selection will only be required if the accounts attribute is not populated by the CM.
Once the request is approved a notification from DP to the CM is followed.
There is another API provided for checking the status of the linking request in the realtime. This is a sync call.
Endpoints
/link
Endpoint to send the linking request by the CM to the DP. This endpoint is hosted by Gateway and DP.
/notification/link
Receive linking notification to the linking request sent earlier. This endpoint is hosted by Gateway and CM.
/link/status
Endpoint is hosted by the DP, this is to check in realtime the status of the request sent earlier by the CM.
Please refer to the OpenAPI specification for details on the API and the request-response structure.