Skip to main content

Standard Postback

Lennart Becker
  • Updated

 

Overview

AEX provides a couple of ways to send data after a scorecard is completed. The data can be sent via postback by:

  • HTTPS POST

  • SFTP

If HTTPS is chosen we support sending attachment in two different ways:

  • MULTIPART

    • MediaType: multipart/form-data

    • Payload:

      • Agreement data: Part with name="agreementData"

      • Files: Each file is a separate part with name and filename equal to the filename.

  • BASE_64

    • MediaType: application/json

    • Payload:

      • Agreement data: List of objects within the agreementData property of request entity JSON

      • Files: Base64 Strings within the files property of request entity JSON

The recommended method to send the data is to use an HTTPS REST endpoint that supports POST requests and the data send as a Multipart (MediaType: application/json).

To support the recommended method of an HTTPS REST endpoint, you will need to create an endpoint which can accept the data sent to you in the selected format. The available formats are:

  • JSON
  • XML

The endpoint is the URL where your service can be accessed by the AEX application. The endpoint must support the HTTPS protocol for security purposes and end-to-end encryption. It is recommended that you secure the endpoint against unauthenticated users. AEX supports this through sending requests with a Basic authentication header.

 

Attachments

If attachments are to be included with the postback, we support sending them via multipart (see example below). We also recommend that the endpoint can accept at least 100mb of data due to the size of some attachments, like the KYC SiteScan report.

Payload

The request payload can include the following:

  1. Agreement Data

  2. Field Data

    1. Name-Value pairs

    2. caseID

    3. compoundId

    4. Transaction shortId (ie. id)

    5. Transaction transactionId

    6. documentId

  3. Agreement PDFs (ie. base PDF of the document)

  4. Attachments

Sample Requests

HTTPS

Multipart

Recommended - Content-Type: multipart/form-data

--KcFJZusdlTaaGsNtCyBv15yE7jfJ21ZXE2S
Content-Disposition: form-data; name="agreementData"

[{"caseId":"C666","compoundId":"C666","shortId":666,"transactionId":"T666","documentId":"D666","fields":{"Field1":"Value1","Field2":"Value2","Field3":"Value3"}}]
--KcFJZusdlTaaGsNtCyBv15yE7jfJ21ZXE2S
Content-Disposition: form-data; name="example.pdf"; filename="example.pdf"
Content-Type: multipart/form-data; charset=ISO-8859-1

[fileContents]

 

BASE64 JSON

Content-Type: application/json

{
	"agreementData": "[
		{
			"caseId": "C666",
			"compoundId": "C666",
			"shortId": 666,
			"transactionId": "T666",
			"documentId": "D666",
			"fields": {
				"Field1": "Value1",
				"Field2": "Value2",
				"Field3": "Value3"
			}
		}
	]",
	"files": [
		{
			"filename": "example.pdf",
			"contents": "BASE64-STRING"
		}
	]
}

Client Endpoint

Authentication

To secure the client endpoint against unauthenticated users, the following authentication methods are supported:

HTTPS

Basic

For Basic authentication the credentials are constructed by first combining the username and the password with a colon (username:password), and then by encoding the resulting string in BASE64.

ex.

Basic dXNlcjpwYXNzd29yZA

 

Response

HTTPS

The following HTTP response status codes are accepted:

  • OK: 200

  • Created: 201

  • Accepted: 202

  • No Content: 204

  • Unauthorized: 401

  • Forbidden: 403

  • Not found: 404

Sample Payload

Please contact your PM or your CSM to receive a sample Payload.

Related articles