Deprecated
The information on this page has been deprecated, but is still available for developer convenience in upgrading. The current information can be found at https://developer.yodlee.com/docs/fastlink/3.0/getting-started, and https://developer.yodlee.com/docs/fastlink/3.0/product-guide.
Introduction
Yodlee FastLink is an application that lets consumers link accounts to financial management solutions offered online at the websites of financial institutions. To link accounts they search for the websites of financial institutions and enter their login credentials. Consumers can link savings, checking, investment, credit card, and insurance accounts among others.
Yodlee FastLink provides a flow that allows consumers to edit the login credentials for their online accounts. Yodlee FastLink also includes Yodlee AccountVerification, a process that prompts consumers to verify ownership of accounts at held away sites.
Prerequisites
Supported Version
To use Yodlee FastLink 3.0 customers must be using Yodlee Platform 1.1 or higher.
Enabling Yodlee FastLink on a Web Page
The Yodlee FastLink FinApp can be displayed on Web pages with the help of iframes. Yodlee FastLink can appear as a floater within an iframe on a page.
The iframe specifications include the height and width of the frame. The floater iframes should be hidden by default with a transparent background and no border. These iframes are shown when a floater action is triggered by the consumer.
The connection establishes a session between the consumer’s browser and the Yodlee FastLink server and loads the floaters onto the page. For information about accessing Yodlee FastLink through RSession, see Accessing Yodlee FastLink Through User Session.
NOTE : To enable the link accounts and edit accounts floaters on the same page, separate iframes are needed.
Resizing the Iframe
The height of an iframe can be resized to accommodate the height of the Yodlee FastLink content inside the iframe.
During integration, the height of the iframe is sent from the Yodlee FastLink server to the customer server using postMessage technology.
NOTE: Information about postMessage technology can be found at sites like https:// developer.mozilla.org/en-US/docs/Web/API/Window/postMessage .
The following are the parameters included to resize the iframe:
Parameter to resize an iframe
|
Parameter Name |
Description |
Mandatory |
Value |
|---|---|---|---|
| iframeResize | Required if the customer wants the iframe that hosts Yodlee FastLink to automatically adjust to the size of the content. If the parameter is not defined, a scroll bar will appear on the page/view. | No | The value is true. |
| locationurl | This parameter is used along with the iframeResize parameter. The locationurl parameter specifies the customer domain name of the URL where the iframe is hosted. The parameter is required if iframeResize=true | No | Customer domain url (Example:https://iqbank.com/) |
Sample Code Resize Logic in the Customer Application
var onMessage = function( cb ) {
if (window.addEventListener) {
window.addEventListener( 'message'
, function(e) {
cb(e);
}, false
);
} else {
window.attachEvent( 'onmessage'
,function(e) {
cb(e);
}
);
}
}
var callbackFun = function( e ) {
if( e && e.data ) {
if( e.data.fnToCall && typeof window[e.data.fnToCall] ==
'function' ) {
window[e.data.fnToCall](e.data);
}
}
}
var resizeFloater = function( data ) {
$(iframeId).attr('height', data.height);
}
onMessage( callbackFun );
Dynamic Iframe Resizing
To resize an application, Yodlee FastLink will send the height of the floater – depending on the content it loads – as an event. The customer's event listener will then listen to the event generated and resize the iframe.
For different browser versions, the format of the data will be as follows:
- IE9 – Events will be sent to the passed parent application's URL in the following format:
fnToCall=resizeFloater&height=<
The parent application's EventListeners will listen to the event and read the values.> - For all other browsers – Events will be sent to the passed application URL with data in the following JSON format:
{fnToCall: resizeFloater , height : <The values of fnToCall – resizeFloater and height – will be used to resize the iframe.>}
For a static iframe size, the customer will have to pass the height in the customer’s code. To dynamically resize the iframe size, the following extra param has to be passed: locationurl=https://timelymc1.corp.yodlee.com:1443/FISimulator/ settings?settingsMenu=active&iframeResize=true
Sample Code in the Parent Application
Accessing Yodlee FastLink Through User Session
To log in to Yodlee FastLink, the customer application performs customer and user logins through Yodlee's core API. For details, refer to Yodlee API v1.1 - API Reference.
The customer application calls the interfaces described in the following sections of this document to get the authentication token and to launch Yodlee FastLink.
The diagram explains the flow to access Yodlee FastLink based on RSession.
NOTE: The calls from the customer server to the Yodlee core API server will be through whitelisted IPs because the Yodlee core API server is not accessible through public IPs.
Cobrand (Customer) Login
The cobrand login service authenticates a cobrand (a cobrand is a Yodlee customer). A cobrand session in the response includes the cobrand session token (cobSession) that is used in API calls like registering or logging in a user. The cobrand session token expires every 120 minutes. This service can be invoked to create a new cobrand session token. Details
User Login
The user login service allows the registered user to log in to the application. The user session token expires every 30 minutes and can be regenerated using this service. Details
Getting Access Tokens
The get access tokens service is used to retrieve the access tokens for the application id(s) provided. Details
Example of POST Request Using HTML Form
Extra Launch Parameters
The extraParams assigned to each flow or page in the Yodlee FinApp should be added to the entry point URL – prefixed by '&' – to invoke the flow. The mandatory column specifies if the field is mandatory to be passed when attempting to deep-link to a particular flow or page.
Aggregate Account
The aggregate account flow consists of hosted pages in the Yodlee system that allow consumers to add a provider and all the accounts belonging to the provider.
The following parameters are used to deep-link to the landing page with search results based on the search string passed.
Parameters to deep-link to the landing page
| Parameter Name | Description | Mandatory | Value |
|---|---|---|---|
| keyword | The parameter that returns the provider search results in the landing page. | Yes | The value is |
| dataset | Specifies the attributes that have to be aggregated from the provider. | No | The value is |
Example:
keyword=hdfc
The following parameters are used to deep-link to the login page of the passed providerId.
Parameters to deep-link to the login page
| Parameter Name | Description | Mandatory | Value |
|---|---|---|---|
| flow | Specifies that the aggregate account flow has to be invoked. | Yes | add |
| providerId | The unique identifier for a particular provider. | No | The value is |
| dataset | Specifies the attributes that have to be aggregated from the provider. | No | The value is |
Example 1:
providerId=16441&flow=add
Example 2:
providerId=16441&flow=add&dataset=%5B%7B%22name%22%3A%22ACCT_PROFILE%22%2C%22attribute%22%3A%5B%7B%22name%22%3A%22FULL_ACCT_NUMBER%22%2C%22container%22%3A%5B%22bank%22%5D%7D%2C%7B%22name%22%3A%22HOLDER_NAME%22%2C%22container%22%3A%5B%22bank%22%5D%7D%5D%7D%5D
Edit Account
The edit account flow is a multistep flow of hosted pages in the Yodlee system that allows consumers to edit their credentials. The deep-link to the edit account flow based on the providerAccountId passed is as follows:
Parameters to deep-link to the edit account credentials flow
| Parameter Name | Description | Mandatory | Value |
|---|---|---|---|
| flow | Specifies that the aggregate account flow has to be invoked. | Yes | edit |
| providerAccountId | Specifies the identifier for which the edit account credentials will be invoked. | Yes | The value is |
| dataset | Specifies the attributes that have to be aggregated from the provider. | No | The value is |
Example 1:
providerAccountId=1234567&flow=edit&dataset=%5B%7B%22name%22%3A%22ACCT_PROFILE%22%2C%22attribute%22%3A%5B%7B%22name%22%3A%22FULL_ACCT_NUMBER%22%2C%22container%22%3A%5B%22bank%22%5D%7D%2C%7B%22name%22%3A%22HOLDER_NAME%22%2C%22container%22%3A%5B%22bank%22%5D%7D%5D%7D%5D
Example 2:
providerAccountId=16441&flow=edit
NOTE: The above example is in an encoded format. For more information, refer to Retrieving and Sending Datasets.
Refresh Account
The deep-link to the refresh account flow based on the providerAccountId passed is as follows:
Parameters to deep-link to the refresh account flow
| Parameter Name | Description | Mandatory | Value |
|---|---|---|---|
| flow | Specifies that the refresh account flow is to be invoked. | Yes | refresh |
| providerAccountId | Specifies the identifier for which the edit account credentials will be invoked. | Yes | The value is |
| dataset | Specifies the attributes that have to be aggregated from the provider. | No | The value is |
Example 1:
providerAccountId=11799016&flow=refresh
Example 2:
providerAccountId=11799016&flow=refresh&dataset=%5B%7B%22name%22%3A%22ACCT_PROFILE%22%2C%22attribute%22%3A%5B%7B%22name%22%3A%22FULL_ACCT_NUMBER%22%2C%22container%22%3A%5B%22bank%22%5D%7D%2C%7B%22name%22%3A%22HOLDER_NAME%22%2C%22container%22%3A%5B%22bank% 22%5D%7D%5D%7D%5D
Generic
Parameters to call the generic URL
| Parameter Name | Description | Mandatory | Value |
|---|---|---|---|
| callback | Specifies the URL of the customer's online application. Required if the customer is integrating specific flows and wants to exit. | No | The value is |
Callback Parameters
Yodlee passes the callback parameter in the following format to track the status of operations performed by the consumer in the session:
URL format –
?JSONcallBackStatus=[ { "providerAccountId":10181400, "bankName":"Dag Site Multilevel", "status":"SUCCESS", "providerId":16442, "isMFAError":false, "requestId":"eV++iLeo3+v2S5djgkYoPmUo894=" }, { "providerAccount Id":10182208, "bankName":"DagSite", "status":"SUCCESS", "providerId":16441, "requestId":"g2yE1F0L sdCg0P" } ]
NOTE: Yodlee FastLink sends a message in encoded format to the provider. The message has to be decoded before the data is accessed.
The parameters that are used for formatting the callback parameters follows:
Parameters used for formatting the callback parameters
|
Parameter |
Description |
|---|---|
| providerAccountId | The providerAccountId created through the add, edit, or refresh flow. |
| bankName | The name of the provider. |
| status | The status of the added provider sent by the application. Following are the statuses:
|
| providerId | The unique identifier of the provider. |
| accountId | The unique identifier of the account. |
| isMFAError | If the provider uses multifactor authentication (MFA), the MFA status is also sent. |
| reason | The reason for the provider addition failure. |
| requestId | The unique identifier for every request that returns contextual data. |
Post Message
Yodlee FastLink shares the account addition status with the customer using post message (i.e., cross-document communication). fnToCall (i.e., accountStatus) is a method name that the customer has to implement on the customer-side to receive events from Yodlee FastLink.
Events that trigger Yodlee FastLink to send status
|
Event |
Post Message Sample Format |
|---|---|
| Login failure (non-MFA provider) |
{
"fnToCall":"accountStatus",
"bankName":"Dag site",
"providerId":16441,
"providerAccountId":12345667,
"status":"failed",
"reason":"Reason",
"requestId":"g2yE1F0LsdCg0P"
}
|
| Login failure (MFA provider) |
{
"fnToCall":"accountStatus",
"bankName":"Dag site",
"providerId":16441,
"providerAccountId":15583048,
"status":"FAILED",
"isMFAError":true,
"reason":"Reason",
"requestId":"g2yE1F0LsdCg0P"
}
|
| When login success (non-MFA provider) |
{
"fnToCall":"accountStatus",
"bankName":"Dag site",
"providerId":16441,
"providerAccountId":12345667,
"status":"SUCCESS",
"requestId":"g2yE1F0LsdCg0P"
}
|
| When login success (MFA provider) |
{
"fnToCall":"accountStatus",
"bankName":"Dag site",
"providerId":16441,
"providerAccountId":12345667,
"isMFAError":true,
"status":"SUCCESS",
"requestId":"g2yE1F0LsdCg0P"
}
|
| When a consumer terminates the account addition flow abruptly |
{
"sites":[
{
"bankName":"Dag Site2",
"providerAccountId":1234567,
"status":"ACTION_ABANDONED ",
"providerId":16441,
"requestId":"g2yE1F0LsdCg0P"
}
],
"action":"exit",
"fnToCall":"accountStatus"
}
|
| When the consumer closes the Yodlee FastLink floater after successfully adding an account |
{
"sites":[
{
"bankName":"Dag Site",
"providerAccountId":1234567,
"status":"ACTION_ABANDONED ",
"providerId":16441,
"requestId":"eV++iLeo3+v2S5dj"
},
{
"bankName":"Dag Site Multilevel",
"providerAccountId":1234567,
"status":" SUCCESS ",
"providerId":16441,
"isMFAError":false,
"requestId":"g2yE1F0LsdCg0P"
},
{
"bankName":"Dag site",
"providerId":16441,
"providerAccountId":12345667,
"status":"SUCCESS",
"requestId":"Ueo7+Evsv2S5dj"
}
],
"action":"exit",
"fnToCall":"accountStatus"
}
|
| When the consumer selects and verifies the accounts (Account profile flow) |
[
{
"bankName":"Dag Site",
"providerAccountId":1234556,
"accountId":1234566,
"status":"SELECTION_COMPLETE",
"requestId":"g2yE1F0LsdCg0P"
},
{
"bankName":"Dag Site",
"providerAccountId":1234556,
"accountId":1234567,
"status":"SELECTION_COMPLETE",
"requestId":"Ueo7+Evsv2S5dj"
}
]
|
Post message attributes
|
Parameter |
Description |
|---|---|
| providerAccountId | The providerAccountId created through the add, edit, or refresh flow. |
| bankName | The name of the provider. |
| status | The status of the added provider sent by the application. Following are the statuses:
|
| providerId | The unique identifier of the provider. |
| isMFAError | If the provider uses multifactor authentication (MFA), the MFA status is also sent. |
| reason | The reason for the provider addition failure. |
| requestId | The unique identifier for every request that returns contextual data. |
| action | Specifies that the consumer has clicked/taped one of the exit points of Yodlee FastLink and the customer has to handle closing the floater implementation. |
| fnToCall | Based on the value of fnToCall parameter, the customer has to execute code to close the Yodlee FastLink floater and consume the data. For more information, refer to the sample code. |
Sample Code
The following sample code has to be part of the accountStatus function.
if (window.addEventListener) {
window.addEventListener("message", handlePostMessage, false);
} else {
window.attachEvent("onmessage", handlePostMessage);
}
function handlePostMessage(obj) {
if (obj.data) {
if (obj.data.fnToCall === "accountStatus") {
closeAndPraseSiteStatus(obj);
}
}
}
function closeAndPraseSiteStatus(obj) {
// Write a logic to close and parse data.
}
Retrieving and Sending Datasets
Yodlee FastLink allows the customer to define the list of attributes (i.e., datasets) that can be aggregated from a provider (financial institution). A dataset is a logical set of data attributes that can be retrieved in combination with other datasets for a customer’s product flow. The three datasets (i.e., BASIC_AGG_DATA, ACCT_PROFILE, and DOCUMENTS) have multiple data attributes associated with them.
Datasets can be passed along with the URL while invoking Yodlee FastLink. For more information about the requests, refer to Yodlee API v1.1.
Sample URLs for dataset retrieval use cases follow:
- Aggregation:
[ { "name":"BASIC_AGG_DATA", "attribute":[ { "name":"ACCOUNT_DETAILS", "container":[ "investment", "bank", "bill", "creditCard", "insurance", "loan", "reward" ] }, { "name":"HOLDINGS", "container":[ "investment", "insurance" ] }, { "name":"STATEMENTS", "container":[ "bill", "creditCard", "insurance", "loan" ] }, { "name":"TRANSACTIONS", "container":[ "investment", "bank", "bill", "creditCard", "insurance", "loan", "reward" ] } ] } ] - Account profile: For verification use cases pass the dataset as Account Profile.
[ { "name":"ACCT_PROFILE", "attribute":[ { "name":"FULL_ACCT_NUMBER", "container":[ "bank" ] }, { "name":"BANK_TRANSFER_CODE", "container":[ "bank" ] }, { "name":"HOLDER_NAME", "container":[ "bank" ] } ] } ] - Aggregation with account profile:
[ { "name":"ACCT_PROFILE", "attribute":[ { "name":"FULL_ACCT_NUMBER", "container":[ "bank" ] }, { "name":"HOLDER_NAME", "container":[ "bank" ] } ] }, { "name":"BASIC_AGG_DATA", "attribute":[ { "name":"ACCOUNT_DETAILS", "container":[ "investment", "bank", "bill", "creditCard", "insurance", "loan", "reward" ] }, { "name":"HOLDINGS", "container":[ "investment", "insurance" ] }, { "name":"STATEMENTS", "container":[ "bill", "creditCard", "insurance", "loan" ] }, { "name":"TRANSACTIONS", "container":[ "investment", "bank", "bill", "creditCard", "insurance", "loan", "reward" ] } ] } ] - Account profile with document download:
[ { "name":"ACCT_PROFILE", "attribute":[ { "name":"FULL_ACCT_NUMBER", "container":[ "bank" ] }, { "name":"HOLDER_NAME", "container":[ "bank" ] } ] }, { "name":"DOCUMENT", "attribute":[ { "name":"STATEMENTS", "container":[ "bank" ] } ] } ] - Account profile, aggregation, and document download:
[ { "name":"ACCT_PROFILE", "attribute":[ { "name":"FULL_ACCT_NUMBER", "container":[ "bank" ] }, { "name":"HOLDER_NAME", "container":[ "bank" ] } ] }, { "name":"DOCUMENT", "attribute":[ { "name":"STATEMENTS", "container":[ "bank", "investment" ] }, { "name":"EBILLS", "container":[ "loan", "insurance" ] }, { "name":"TAX", "container":[ "bank" ] } ] }, { "name":"BASIC_AGG_DATA", "attribute":[ { "name":"ACCOUNT_DETAILS", "container":[ "investment", "bank", "bill", "creditCard", "insurance", "loan", "reward" ] }, { "name":"HOLDINGS", "container":[ "investment", "insurance" ] }, { "name":"STATEMENTS", "container":[ "bill", "creditCard", "insurance", "loan" ] }, { "name":"TRANSACTIONS", "container":[ "investment", "bank", "bill", "creditCard", "insurance", "loan", "reward" ] } ] } ] - Aggregation with document download:
[ { "name":"DOCUMENT", "attribute":[ { "name":"STATEMENTS" }, { "name":"EBILLS" }, { "name":"TAX" } ] }, { "name":"BASIC_AGG_DATA", "attribute":[ { "name":"ACCOUNT_DETAILS", "container":[ "investment", "bank", "bill", "creditCard", "insurance", "loan", "reward" ] }, { "name":"HOLDINGS", "container":[ "investment", "insurance" ] }, { "name":"STATEMENTS", "container":[ "bill", "creditCard", "insurance", "loan" ] }, { "name":"TRANSACTIONS", "container":[ "investment", "bank", "bill", "creditCard", "insurance", "loan", "reward" ] } ] } ] - Aggregation with document download:
[ { "name":"BASIC_AGG_DATA", "attribute":[ { "name":"ACCOUNT_DETAILS", "container":[ "bank", "creditCard" ] }, { "name":"TRANSACTIONS", "container":[ "bank", "creditCard" ] } ] } ]
NOTE: The dataset has to be converted into an encoded format while invoking Yodlee FastLink.
Sending Datasets to Yodlee FastLink
While invoking Yodlee FastLink, the param (i.e., extraParam) can accommodate dataset details. The datasets should be passed in an encoded format. For example,
dataset=%5B%7B%22name%22%3A%22ACCT_PROFILE%22%2C%22attribute%22%3A%5B%7B%22name%22%3A%22FULL_ACCT_NUMBER%22%2C%22container%22%3A%5B%22bank%22%5D%7D%2C%7B%22name%22%3A%22HOLDER_NAME%22%2C%22container%22%3A%5B%22bank%22%5D%7D%5D%7D%5D
Exiting Yodlee FastLink
Consumers can exit the Yodlee FastLink flow and return to the customer site. The method available to exit the flow depends on whether the Yodlee FastLink application is integrated in a Web or mobile solution.
- Web – The consumer clicks the close icon available in the floaters. The close icon can be hosted by Yodlee or the customer.
- Mobile – The consumer clicks Close on the last page of the Yodlee FastLink flow. The Close button can be hosted only by the customer.
1.The customer should close the online banking iframe window.
2.The customer should call the following user logout URL provided by Yodlee, which clears the user session.
URL format – POST /user/logout
The user logout service allows the user to log out of the application. The service does not return a response body.