Overview
This document explains the process of integration of DCM and Bank
Last updated
This document explains the process of integration of DCM and Bank
Last updated
Welcome to the Transparent Network web API documentation!
The DCM processing center is a platform on which TPN (Transparent Network) works.
The platform's functionality allows the creation of accounts, set up roles, register transactions, and create digital identifiers across various currencies. As a service, the TPN provides invoice processing with integration to the public blockchain network Stellar. DCM Processing Center is a technical provider of TPN for transfers between counterparties. The Transparent Network provides an opportunity to use the public interface for viewing transactions Stellar.Expert, which can be used as an alternative source of information if control reconciliations are required.
The principle of generating and validating authorization tokens
The data exchange process uses the principles of the REST API (POST and GET requests).
Authorization is performed by using tokens generated by the bank and in requests using DCM methods. The authorization token is the subject for validation - having received a request with a token, DCM initiates a validation check of this token by a reverse request to the bank - to a previously agreed endpoint. Technical requirements for tokens are formed and agreed upon by the parties during the project implementation. The bank sets the validity period of the X-auth token. It is recommended to limit the validity of the token to 1200 seconds.
Until the token validation process is completed, the original request with a specific token is not executed but waits for the validation to be completed.
In case of unsuccessful token validation, the original request is rejected as unsuccessful.
In case of successful token validation, the original request is executed, and a synchronous response is provided about transaction registration (fact of transaction registration ≠ financial transaction status).
The information exchange between the DCM processor and the bank is based on the signature and signature validation principle. To do this, the bank generates a pair of transport keys (public and private). Using the RSA algorithm with a key of at least 2048 bits is recommended.
After the keys are generated, the public key is transferred to the DCM processing side, and the private key remains on the bank's side. The public key is transferred in compliance with the individual regulations of the bank - participant.
The bank generates a signature using the private key when initiating requests through the API to DCM processing. As a processing center, DCM uses the public key to validate the signature's authenticity.
If the signature and the authorization token are valid, the request can be processed; otherwise, the request is marked invalid.
In the Glossary you can look through the general terms used in this guide.
Please start your reading with action items for successful Integration Plan.
In order to work with DCM API you should log in the system as described in Authentification.
