Direct Provider flow
The Direct Provider flow lets you skip all the EnableNow AppScreens. It directly sends users from your app or website to the provider (bank) of choice. This integration facilitates a more streamlined user experience.
Below are the flow diagrams illustrating the differences between the regular EnableNow flow and the Direct Provider flow.
Regular EnableNow flow:
Direct Provider flow:
The Direct Provider flow is an opt-in feature that is disabled by default due to additional legal and compliance requirements. This feature can be enabled upon request.
Contact us for more information on how to implement this feature in your workflow.
Requirements
Under PSD2 you are required to make it absolutely clear who the user is sharing their data with. This is usually covered in the EnableNow AppScreens. Skipping the EnableNow AppScreens transfers this responsibility to our customer. To do this correctly, the following requirements need to be met:
- Incorporate provider selection within your user flow.
- Clearly inform users that EnableNow is the party collecting the open banking data.
- Ensure users approve the privacy policy and general terms of EnableNow.
- Display the EnableNow logo prominently to ensure transparency.
- Depending on the regulatory body, additional conditions may apply to the information displayed prior to redirecting users to the bank.
- Additional customer information may be required to meet compliance, legal, and privacy requirements.
Please note that the provider will always show the EnableNow company name as the party requesting the user's data. Aside from the legal obligation, this is also a valid reason as to why it is wise to clearly state to your users that you are working with EnableNow as your open banking partner.
Usage
To utilize the Direct Provider flow, you need to create a consent
record using our Consents API.
Please note that when using a UserId
in your integration, the UserId
has to be generated before creating a ConsentId
.
The API requires the following parameters:
ABNANL2A
).nl
will be used.Example request:
{
"providerKey": "RABONL2U",
"redirectUrl": "https://www.customer.com/redirect/"
}
The API response includes:
Example response:
{
"consentId": "7463558c-3ae0-44b8-9971-6994a2b8f47f",
"consentUrl": "https://oauth.rabobank.nl/openapi/oauth2/authorize?client_id=12345"
}
An invalid request returns a 400 Bad Request
error with detailed information about the error.
Redirecting
After the user gives consent, they are redirected back to EnableNow for processing. The preferred method of processing is determined by the Consent Sync Mode specified. With that option set to none
, the user will not see any EnableNow screens. For more information on Consent Sync Mode, see Consent Sync Mode Documentation.
Provider selection
Utilizing the Direct Provider flow means that the selection of banks (providers) is handled within your application. Refer to Providers Section for a list of available providers.
Alternatively, you can use the Providers API GET endpoint to fetch all available and activated providers for your app. This can be useful if you want to dynamically display the list of providers to your end users, allowing them to easily choose the appropriate bank.
Benefits
The benefits of the Direct Provider flow are:
- Extended user retention within your native application flow.
- Full control over the user experience and customer communication, maximizing conversion rates.
- Enhanced user satisfaction by minimizing external navigation.