Quick Integration Guide to OneMoney AA

Quick Integration Guide to Onemoney AA

Here’s how you can quickly integrate your Android or iOS mobile application, or your web application to Onemoney and start receiving consent-based data from your customers.

Redirect to Onemoney AA client interfaces

Showcase 1

Quick Integration with Onemoney web app

Drop in the Onemoney web URL and do a simple invocation
[Live]

Showcase 2

Redirect Integration with Onemoney web app

Pass a redirection URL to Onemoney web app and get the user back to your app after consent/registration activities
[Live]

Showcase 3

Quick Integration with Onemoney Android App on the user’s device

Use the Onemoney Android app for consent/registration activities
[Live]

Quick Integration with Onemoney web app

Here’s how you can quickly integrate with Onemoney web application.

Pre-requisites

  1. Create a Onemoney Developer Account.
  2. Get test API keys.

Steps to follow

Write Code

Write code to redirect the user to the web application.

Two Different Flows

The web application provides new user registration (sign-up) and existing user sign-in flows.

Test

Use the test VUAs provided on the developer portal to test the consent approval flow.

  • Sign to the Onemoney web application, after placing a consent request through your server-side code.
  • Navigate to the Consent Details page and approve the consent.

If you have set up your notification endpoints on our developer portal properly (Settings > Webhooks), your server will receive a notification about the consent artefact being ready. In case you haven’t set up yet please click here to set up webhooks to receive notifications.

This is the quickest way for you to test your flow.

Redirect Integration with Onemoney web app

Click here to open the integration guide

Here’s how you can quickly drop in a redirection mechanism, to guide your customer to perform consent management and registration activities using Onemoney web app and be redirected back to your mobile or web application.

Pre-requisites

  1. Create a Onemoney Developer Account.
  2. Get test API keys.

Note

In the production environment, all personally identifiable information (PII) should be encrypted to protect confidentiality. In addition, information such as transaction ID(s), IDs identifying the FIU/AA and their applications, redirect URL(s) should also be encrypted. To implement this, encryption keys have to be exchanged between the FIU and Onemoney.

In the sandbox environment, such encryption is currently not required. Hence, not separate exchange of encryption keys is required.

Consent Flow

Steps to follow:

  1. Drop in this URL of Onemoney web application into your application. https://aa-sandbox.onemoney.in/
    Note: In the production environment, the URL of Onemoney has to be obtained through a call to the Central Registry hosted by Sahamati. The Central Registry (CR) contains information about web URLs and other details of all AAs.
  1. To redirect a user to perform consent approval using Onemoney, perform the following steps:
    • Get the VUA from the user
    • Place a consent request through your backend to Onemoney and get a consent handle in return.
    • Construct a URL to redirect the user to Onemoney web app, as follows:
      https://aa-sandbox.onemoney.in?redirect=<FIU’S REDIRECT URL>&consenthandle=<CONSENT HANDLE VALUE>&txnid=<FIU TRANSACTION ID>&sessionid=<FIU SESSION ID>&srcref=<FIU SRC REF>

      Parameter NameDescription
      txnidThe Transaction ID that your application generates for that particular event during which the redirection is sought.
      sessionidThe Session ID generated by your application for that particular user session during which the redirection is sought.
      srcrefThe Source Reference ID representing your application
      consenthandleThe consent handle generated by Onemoney in acknowledgement of the consent request placed by your application
      redirectThe URL of your application that you would like Onemoney to bring the user back to, once she has approved or rejected your consent request
    •  Receive a response from Onemoney, in the following format:
      <FIU REDIRECT URL>?txnid=<FIU’S TRANSACTION_ID>&sessionid=<FIU’S SESSION_ID>&srcref=<FIU’S SRC_REF>&status=<STATUS>&errorCode=<ERROR CODE>

      ParameterDescription
      FIU REDIRECT URLThis the same URL sent in the “redirect” parameter by the FIU
      txnidThe same transaction ID as sent by you in your request above
      sessionidThe same session ID as sent by you in your request above
      srcrefThe same Source Reference ID as sent by you in your request above
      statusA field that indicates whether the user has successfully concluded her interaction with Onemoney or not. S = Success; F = Failure.
      errorcodeA field that indicates if the consent was approved (Error code = 0), or rejected (Error code = 1) or if the consent handle sent itself was invalid (Error code = 2).

The table below indicates what your application’s next action could be, based on the values of Status and Error Code:

StatusError CodeNext Action
S0The customer has approved your consent request. Show a success message.
F1The customer has rejected your consent request. Show a suitable message indicating if it was in error and if required, place a consent request again.
S2The customer could not approve the consent request because it was not a valid consent handle for Onemoney. Redirect the customer again, by checking the consent handle and correcting it if there was an error the first time. Also check from the customer if the vua used by the customer to log in into Onemoney was the same as what was provided in your app. If the consent handle and vua were valid, contact helpdesk@onemoney.in for help.

Registration Flow

If your customer does not have a Onemoney profile, the steps below help her complete her registration on Onemoney. She can then proceed to complete the Consent Flow.

Steps to follow:

  1. Drop in this URL of Onemoney web application into your application. https://aa-sandbox.onemoney.in/
    Note: In the production environment, the URL of Onemoney has to be obtained through a call to the Central Registry hosted by Sahamati. The Central Registry (CR) contains information about web URLs and other details of all AAs.
  2. To redirect a user to register using Onemoney, perform the following steps:
    • Construct a URL to redirect the user to Onemoney web app, as follows:
      https://aa-sandbox.onemoney.in?redirect=<FIU’S REDIRECT URL>&mobile=<CUSTOMER’S MOBILE NUMBER>&customername=<CUSTOMER’S NAME>&txnid=<FIU TRANSACTION ID>&sessionid=<FIU SESSION ID>&srcref=<FIU SRC REF>

      Parameter NameDescription
      txnidThe Transaction ID that your application generates for that particular event during which the redirection is sought.
      sessionidThe Session ID generated by your application for that particular user session during which the redirection is sought.
      srcrefThe Source Reference ID representing your application
      mobileThe mobile number of the customer that your application acquires.
      customernameThe name of the customer
      redirectThe URL of your application that you would like Onemoney to bring the user back to, once she has approved or rejected your consent request
    • Receive a response from Onemoney, in the following format:
      <FIU REDIRECT URL>?txnid=<FIU’S TRANSACTION_ID>&sessionid=<FIU’S SESSION_ID>&srcref=<FIU’S SRC_REF>&status=<STATUS>&errorCode=<ERROR CODE>&vua= <USER VUA>

      Parameter NameDescription
      FIU REDIRECT URLThis the same URL sent in the “redirect” parameter by the FIU
      txnidThe same transaction ID as sent by you in your request above
      sessionidThe same session ID as sent by you in your request above
      srcrefThe same Source Reference ID as sent by you in your request above
      statusA field that indicates whether the user has successfully concluded her interaction with Onemoney or not. S = Success; F = Failure.
      errorcodeA field that indicates if the consent was approved (Error code = 0), or rejected (Error code = 1) or if the consent handle sent itself was invalid (Error code = 2).
      vuaThe VUA (Virtual User Address) that the customer chose during her registration with Onemoney .

The table below indicates what your application’s next action could be, based on the values of Status and Error Code:

StatusError CodeNext Action
S0The customer has registered herself with Onemoney. She is now ready to go through the consent flow by providing your application the VUA.
F1This means that the mobile number provided is already linked with a valid Onemoney VUA. Ask your customer to either provide a different name or use the vua already issued by Onemoney for the consent flow.
S2This error occurs if either the mobile number passed to Onemoney is invalid, i.e. (does not start with a 7,8,9 or is not equal to 10 digits in length) or if the name is invalid (i.e. has less than 3 alphabets)

Quick Integration with Onemoney Android app

Click here to download the Onemoney app from playstore.

Here’s how you can quickly integrate with Onemoney Android app.

Pre-requisites

1. Create a Onemoney Developer Account.
2. Get test API keys.

Steps to follow

  1. The Onemoney Android application provides new user registration (sign-up) and existing user sign-in flows. To understand the consumer journeys click here.
  2. Use the test VUAs provided on the developer portal to test the consent approval flow.
    • Sign to the Onemoney Android application, after placing a consent request through your server-side code.
    • Navigate to the Consent Details screen and approve the consent.

If you have set up your notification endpoints on our developer portal properly (Settings > Webhooks), your server will receive a notification about the consent artefact being ready. In case you haven’t set up yet please click here to set up webhooks to receive notifications.

This is the quickest way for you to test your flow.