Overview
AEX provides a couple of ways to send data after a scorecard is completed. The data can be sent via postback by:
-
HTTPS POST
-
SFTP
If HTTPS is chosen we support sending attachment in two different ways:
-
MULTIPART
-
MediaType:
multipart/form-data
-
Payload:
-
Agreement data: Part with
name="agreementData"
-
Files: Each file is a separate part with
name
andfilename
equal to the filename.
-
-
-
BASE_64
-
MediaType:
application/json
-
Payload:
-
Agreement data: List of objects within the
agreementData
property of request entity JSON -
Files: Base64 Strings within the
files
property of request entity JSON
-
-
The recommended method to send the data is to use an HTTPS REST endpoint that supports POST requests and the data send as a Multipart (MediaType: application/json
).
To support the recommended method of an HTTPS REST endpoint, you will need to create an endpoint which can accept the data sent to you in the selected format. The available formats are:
-
JSON
-
XML
The endpoint is the URL where your service can be accessed by the AEX application. The endpoint must support the HTTPS protocol for security purposes and end-to-end encryption. It is recommended that you secure the endpoint against unauthenticated users. AEX supports this through sending requests with a Basic authentication header.
Attachments
If attachments are to be included with the postback, we support sending them via multipart (see example below). We also recommend that the endpoint can accept at least 100mb of data due to the size of some attachments, like the KYC SiteScan report.
Payload
The request payload can include the following:
-
Agreement Data
-
Field Data
-
Name-Value pairs
-
-
caseID
-
compoundId
-
Transaction
shortId
(ie.id
) -
Transaction
transactionId
-
documentId
-
-
Agreement PDFs (ie. base PDF of the document)
-
Attachments
Sample Requests
HTTPS
Multipart
Recommended - Content-Type: multipart/form-data
--KcFJZusdlTaaGsNtCyBv15yE7jfJ21ZXE2S Content-Disposition: form-data; name="agreementData" [{"caseId":"C666","compoundId":"C666","shortId":666,"transactionId":"T666","documentId":"D666","fields":{"Field1":"Value1","Field2":"Value2","Field3":"Value3"}}] --KcFJZusdlTaaGsNtCyBv15yE7jfJ21ZXE2S Content-Disposition: form-data; name="example.pdf"; filename="example.pdf" Content-Type: multipart/form-data; charset=ISO-8859-1 [fileContents]
BASE64 JSON
Content-Type: application/json
{ "agreementData": "[ { "caseId": "C666", "compoundId": "C666", "shortId": 666, "transactionId": "T666", "documentId": "D666", "fields": { "Field1": "Value1", "Field2": "Value2", "Field3": "Value3" } } ]", "files": [ { "filename": "example.pdf", "contents": "BASE64-STRING" } ] }
Client Endpoint
Authentication
To secure the client endpoint against unauthenticated users, the following authentication methods are supported:
HTTPS
Basic
For Basic authentication the credentials are constructed by first combining the username and the password with a colon (username:password), and then by encoding the resulting string in BASE64.
ex.
Basic dXNlcjpwYXNzd29yZA
Response
HTTPS
The following HTTP response status codes are accepted:
-
OK: 200
-
Created: 201
-
Accepted: 202
-
No Content: 204
-
Unauthorized: 401
-
Forbidden: 403
-
Not found: 404
Sample Payload
Please contact your PM or your CSM to receive a sample Payload.