Access
Authentication and Authorisation
Clients need to authenticate themselves using their credentials (client ID and secret) to access the API. Once authenticated, the API verifies the client's permissions to determine the scope of access they have.
Capabilities
Each connection has a different scope and may have multiple entities and currency accounts associated with it. Currency accounts will be added to your account by your connection manager.
Each currency account will have permissions associated with it; these define the services that can be accessed and can be identified when you call the accounts API.
There are currently three permissions that can be associated with a currency account.
{"Permissions": [
"Reporting",
"Fx",
"Payments"
]}
IP Whitelisting
Alpha Connect offers a whitelisting capability that only allows a certain IP address to access your API connection. This restricts the users that are allowed to authenticate a connection to Alpha Connect.
By default connections are set to work with a dynamic IP address. Please inform your connection manager if you wish to make this static.
Security
By implementing a robust access control system, the API service ensures that users have appropriate permissions to view transactions on accounts while maintaining security and privacy.
If you need to update your access or feel something is missing, let us know.
Updated 9 months ago