Developer Programs
Vendor Integration Program (VIP)
Direct access to Jack Henry's technical integration resources.
Technical Account Manager (TAM)
Get technical integration help from a single point of contact.
Learn
Shared Responsibility
Learn about shared roles and responsibilities of customers and Jack Henry in open banking.
Developer Use Cases
Find a use case that fits your development needs.
Developer Video Gallery
Watch the latest demos, webinars, and more.
Developer Conference
Connect with industry leaders, gain insights from expert speakers, and explore our latest innovations.
Docs
Admin API
Create solutions for an institution's back office support tools.
Authentication Framework
Map customer identities to your existing system IDs.
Consumer API
Access financial data for user accounts, transactions, and more.
Data Broker
Get deeper access to financial institution data.
Enterprise Event System
Respond to events in real-time using this powerful pub/sub-based solution.
jXchange - REST API
Translate business information between Jack Henry and third-party applications using a REST-based API.
jXchange - SOAP API
Translate business information between Jack Henry and third-party applications using a SOAP-based API.
Operational Data Integration (ODI)
Get customized queries for bulk data needs.
Payments
Embed check deposits, ACH, bill pay, cards, and real-time payments.
Plugin Framework
Embed the best of the fintech world directly into your user's dashboard.
SymXchange
Query Symitar core member accounts, post transactions, run PowerOn scripts, and more.
Xperience
Modern UI that provides consistent visual integration across Jack Henry products.
Important notification about upcoming changes to the DMZ environment. Please read.
More info

Authorization

Enterprise REST API > Authentication Framework > Overview > Authorization

The standard OAuth 2.0 authorization framework is not directly considered in this implementation.

The identity of the caller is paramount to the authorization of the caller to the service in question.

The Enterprise REST API services will maintain the authorization status of the caller (or type of caller) as appropriate for their system based on the validated JWT sent with the API call.

In certain instances, the tokens for a caller (a service) and the PAK (someone at a user interface) may both be inspected to determine the appropriate actions to be taken.

Unlike OAuth 2.0 access tokens, the OpenID Connect JWT supplied as identity will contain specific information that can be used by a service for authorization even in the case where the service is remote from the initial API endpoint.

Authentication example

jhaOIDCScheme

Token must be an OIDC jwt, e.g. jwt< GeneratedOidcJwt >

Security scheme type:Open ID Connect
Connect URL:/api.jhacorp.com/oidc/auth

bearerAuth

Security scheme type:HTTP
HTTP authorization scheme:bearer
Bearer format:“JWT”
Have a Question?
Have a how-to question? Seeing a weird error? Get help on StackOverflow.
Register for the Digital Toolkit Meetup where we answer technical Q&A from the audience.
Last updated Thu Jul 14 2022