Tutorials

Owned by Technical writer
Last updated: 2023-12-06
3 min read

To use the Lequinox platform and provide its services to the users of your application, there are a handful of functions and endpoints you need to prioritise in your implementation. Some need to be applied in a specific order since, sometimes, one needs to be in place to be included in the next. For example, a role needs a user agreement before the role can be created and assigned to role accounts.

Follow the links in the instructions for more information on what is required for each request, adhering API references and schema definitions.

You need to provide your integration API key for authentication in application calls towards the platform. Note the error messages that may be related to this.

Refer to CDIServer API for the base path required in all calls to the API endpoints.

Checks on sign-in

There are a number of checks that your application should perform when users are signing in to your application or before they access a certain section of your application. If you allow them to sign in without these checks being performed, they will still not be able to utilise platform functionality, like creating transactions, once the platform performs these checks. 

Which sign-in checks you need to perform depend on the user representation types you are utilising in your application. Verify that the user accounts and accesses utilised in your application are active. Read more about user accounts in Concepts and, if available, your case-specific Lequinox compliance study.

Roles – focus on external user accounts

Always use external roles to invite users to your Lequinox enabled application. To invite users, you first need to create a role that you can assign them to.

At this point, you cannot create internal roles via the API, you can only retrieve information about them.

  1. Follow the instructions to Create an external role.

Create external role accounts – assign a created role

In the Lequinox platform, organisation/corporate users are represented by their role account. Via this role account, they are assigned to a role.

  1. Follow the instructions to create external role accounts.

On the same page, you will also find information on how to update an external role account and what happens when you update an external role account.

Create access for platform-managed external role accounts

The access represents a relation between an application and a certain user account in the form of an identity with separate keys which can sign transactions individually in order to create traceability for the application when a user acts in a role account or personal account. If your organisation wants to interact with a user in another organisation, create an external role account and an application access for them. If they want to interact with an individual outside their own organisation, that is, as a natural person, create an external personal account (in the REST API referred to as an ‘external personal identity’) for them, and then provide this with an access. With the access, the user can work with transactions within the application. There are two types of accesses – organisational (in the REST API referred to as ‘corporate’) and private. Organisational accesses are intended for business-to-business relations, whereas private accesses are intended for business-to-consumer or consumer-to-consumer relations.

  1. Follow the diagram for creating an access for a platform-managed user.

Activate a platform-managed access

After a platform-managed access has been created, it must also be activated before it can be utilised. Either the platform can activate the access when it is created, or it can be left to the user to activate it, depending on application owner preference. Although not required, you can let your application present the user with an end user agreement that they need to accept before their access is activated (step 1 below).

  1. Follow the diagram for fetching a user agreement for activation of a platform-managed access.

  2. Follow the diagram for activating a platform-managed access.

On the same page, you will find information on how to update an access, if needed.

Managing transactions via the application server account

To create transactions with the server account as the creator, the platform can create the transaction for the application

Here, the application must also have functions for opening and signing these transactions via the application server account.

Managing transactions for platform-managed accounts

Using platform-managed user accounts (internal role accounts, external role accounts and external personal identities), the platform can create transactions as platform-managed users.  

Here, the application must also have functions opening and signing these transactions as platform-managed users.

Copyright © 2021–2024 Lequa Net AB – a subsidiary of Extracticon AB (publ). All rights reserved.