What is it?
The Admin API is how you can manage the back office using the same API that powers Banno’s own Banno People, Banno Marketing, and other back office experiences.
The Admin API is how you can automate the administrative side of Banno.
What is its purpose?
The Admin API is intended to be used when an External Application wants to call API endpoints without direct user interaction. This means that authentication is for the application itself.
How do I get help?
If you are having issues with the Admin API, try stepping through the Troubleshooting page.
How do I use it?
These are some of the things you should know about the Admin API.
Client credentials flow
The Admin API uses the OAuth Client Credentials flow to obtain an Access Token. An External Application can use its credentials to directly obtain an Access Token.
Once the Access Token expires, the External Application requests a new one when necessary.
Public key + private key
The authentication process for the Admin API requires managing a Public Key + Private Key pair to sign a JSON Web Token (JWT).
The Private Key remains solely in your possession and must be kept secret. This is what you will use to create the signed JWT when authenticating with the API.
The Public Key is configured as part of an External Application in the Users & Groups app within Banno. The back office administrator at your financial institution can do this for you in the Users & Groups section of Banno.
When an External Application authenticates itself with the Admin API, all actions are performed and logged as a single Associated User in Banno.
The Associated User acts as a back office administrator at the financial institution. As such, it is best to have the Associated User be created with only the privileges/permissions that are specifically necessary for the External Application to function.
Authenticating to the Admin API requires an External Application configuration to be created within Banno.
The back office administrator at your financial institution can do this for you in the Users & Groups section of Banno.
The Admin API protects access to user data using OAuth 2.0. Login credentials are never shared with third party apps. Authorization is provided to third party applications via an Access Token.
The Access Token is encoded in JSON Web Token format.
How have others used it?
These are some of the ways that 3rd party developers have used the Admin API:
- Enable call center agents to use new functionality within an existing CRM (customer relationship management) tool:
- Look up user status
- Unlock a user account
- Send an email or SMS to reset a user’s password
These are some additional details that you may find useful as you build your apps.
Guides are designed to provide you with bite-sized introductions to our API. Each guide showcases a part of our API and how to use it in the simplest way.
Other “Getting Started” pages
These pages will help you get started with other parts of the Digital Toolkit: