Direct Provider flow
The Direct Provider Flow lets you skip all the EnableNow AppScreens. It directly sends users from your app or website to the provider (bank) of choice. This integration facilitates a more streamlined user experience.
Below are the flow diagrams illustrating the differences between the regular EnableNow flow and the Direct Provider Flow.
Regular EnableNow flow:
Direct Provider flow:
The Direct Provider Flow is an opt-in feature that is disabled by default due to additional legal and compliance requirements. This feature can be enabled upon request.
Contact us for more information on how to implement this feature in your workflow.
Requirements
Under PSD2 you are required to make it absolutely clear who the user is sharing their data with. This is usually covered in the EnableNow AppScreens. Skipping the EnableNow AppScreens, transfers this responsibility to our customer. To do this correctly, the following requirements need to be met:
- Incorporate provider selection within your user flow.
- Clearly inform users that EnableNow is the party collecting the open banking data.
- Ensure users approve the privacy policy and general terms of EnableNow.
- Display the EnableNow logo prominently to ensure transparency.
- Depending on the regulatory body, additional conditions may apply to the information displayed prior to redirecting users to the bank.
- Additional customer information may be required to meet compliance, legal, and privacy requirements.
Please note that the provider will always show the EnableNow company name as the party requesting the user's data. Aside from the legal obligation, this is also a valid reason as to why it is wise to clearly state to your users that you are working with EnableNow as your open banking partner.
Usage
To utilize the Direct Provider Flow, you need to create a consent record using our Consents API. Please note that when using a UserId in your integration, the UserId has to be generated before creating a ConsentId.
The API requires the following parameters:
| Property | Availability | Description |
|---|---|---|
| providerKey | Required | The key representing the provider associated with the consent (e.g., "ABNANL2A"). |
| redirectUrl | Required | The URL to redirect the user after consent is granted. |
| syncMode | Optional | The requested Sync Mode for this consent |
| UserId | Optional | The EnableNow generated UserId (More info: User based access) |
| ExternalUserId | Optional | The External UserId (More info: User based access) |
Example request:
{
"providerKey": "RABONL2U",
"redirectUrl": "https://www.customer.com/redirect/"
}
The API response includes:
| Property | Availability | Description |
|---|---|---|
| consentId | Required | The generated Consent ID. |
| consentUrl | Required | The provider's URL to which the user can be redirected. |
Example response:
{
"consentId": "7463558c-3ae0-44b8-9971-6994a2b8f47f",
"consentUrl": "https://oauth.rabobank.nl/openapi/oauth2/authorize?client_id=12345"
}
An invalid request returns a 400 Bad Request error with detailed information about the error.
Redirecting
After the user gives consent, they are redirected back to EnableNow for processing. The preferred method of processing is determined by the Sync Mode specified. With Sync Mode set to 'none', the user will not see any EnableNow screens. For more information on Sync Mode, see Sync Mode Documentation.
Provider selection
Utilizing the Direct Provider Flow means that the selection of banks (providers) is handled within your application. Refer to Providers Section for a list of available providers.
Benefits
The benefits of the Direct Provider Flow are:
- Extended user retention within your native application flow.
- Full control over the user experience and customer communication, maximizing conversion rates.
- Enhanced user satisfaction by minimizing external navigation.