Use CONTROL + F or CMD + F to find words faster here!
| Term | Meaning |
|---|---|
access_token |
An access_token is an encoded piece of text that contains information about the connection of a user and is used to make data requests. An access_token is short-lived and needs to be renewed with the help of a refresh_token.This is sensitive information and should never be shared. |
payments_token |
A This is sensitive information and should never be shared. |
| API | Application Programming Interface. A set of functions and procedures allowing the creation of applications that access the features or data of an operating system, application, or other services. |
| Auth Dialog | Also known as the bank selection page, this is a user-facing set of screens that allows them to select a bank and view consents that are being given. |
| Auth Link | Used by developers to customise permissions, providers displayed, redirect URLs and other parameters. Clicking on an Auth Link generates a unique session where the end-user can see consent and select the bank to connect (if not skipped). |
client_id |
A unique string identifying a Client. Example: piggybank-tr7u.This can be found on your Console and it’s generated upon creating an account. |
client_secret |
This is a secret key that is used to authenticate clients when sending requests to TrueLayer. This is sensitive information and should never be shared. |
credentials_id |
Unique identifier for a user’s bank connection to an application via TrueLayer. Example: a user connecting their Barclays account will generate a unique credentials_id; if the same user connects another bank, that will generate another credentials_id. |
| Credential Sharing | TrueLayer uses proprietary technology in order to access private bank APIs when the public API is not available. The credentials are encrypted at rest and we don’t keep the encryption keys. Even if our Credentials Store is breached, the privacy of credentials will not be compromised. You can read more here. |
| Console | This is the TrueLayer developer portal. Here, developers can set up their application, view their client_id, customise their Auth Link and Auth Dialog and find links to documentation and support. |
debug_id |
A special key that is created by a client on a demand basis whenever TrueLayer need to replicate issues for a particular user. |
| oAuth |
From TechTarget, OAuth (Open Authorization) is an open standard for token-based authentication and authorization on the Internet. OAuth, which is pronounced “oh-auth,” allows an end user’s account information to be used by third-party services, such as Facebook, without exposing the user’s password. |
| Open Banking | Open Banking provides a secure way for regulated institutions to gain access to end-users’ financial data and initiate payments, amongst other features. It gives end-users total control of what’s shared and provides sets of standards to the banks. |
| Provider | This can be a bank or a credit card institution. |
| Request | Using a set of commands and parameters, an API request allows clients to retrieve customers’ data using valid tokens. |
| Response | Responses are the results of an API request. They may contain the requested data, if successful, or an error. |
| Ticket | Tickets are conversation threads used by the Client Care team to centralise support requests in one place. |
| TPP | Third-party provider, or application where an end-user might connect their account using Open Banking to initiate payments or share data. |
| PSU | Payments Service User or end-user is the person(s) that own an account with a banking institution and gives consent to a third-party to their financial data. |
| PSP | Payment Service Provider |