Integration Overview
Purpose
This guide explains the process Marketplace Partners follow to complete an OIDC integration project with Candescent Digital Banking, from kickoff to certification. It is tailored for fintechs integrating their solutions with multiple financial institutions (FIs) via Candescent's platform.
Project Kickoff
-
Marketplace Partners are assigned a Candescent Integration Project Manager (PM) via Marketplace.
-
Initial QA validation testing is required before any FI environment installation.
-
Your PM will provide all necessary materials, including JWKS files and endpoint details.
Step-by-Step Integration Process
0. Local Development (Optional but Recommended)
Before connecting to Candescent environments, you can build and test your OIDC integration locally using the OIDC Toolkit:
- Simulate the complete authorization code flow on your machine
- Generate test credentials and validate token handling
- Debug your implementation without external dependencies
- Run automated E2E tests to verify your integration
See the Local Development Guide for setup instructions.
Local development is optional but highly recommended. It allows you to iterate quickly and arrive at QA validation with a working implementation.
1. Initial QA Validation
-
All integrations begin with QA testing using Candescent's standard test API application in the QA environment.
-
Partners do not need to onboard their own API application until after QA validation is complete.
-
Your PM will guide you through the QA process and provide access to the test environment.
2. Register Application (Post-QA)
-
After successful QA validation, partners provide:
-
Application name and description
-
Purpose and use case
-
Primary business and technical contacts
-
Expected launch timeline
-
List of authorized callback URLs (redirect URIs) for each environment (Stage, Production)
-
3. Configure Trust & Exchange
-
Register exact redirect URIs (HTTPS only, no wildcards).
-
Configure authentication using
client_secret_basicorclient_secret_post. -
Set up state and nonce parameters for security.
-
Store credentials in a secure secrets management system.
4. Integration Testing in FI Environments
-
After registration, your PM will provide:
-
FI-specific authorization endpoint URLs
-
Centralized token endpoint URLs
-
JWKS files for each environment
-
Client credentials (
client_idandclient_secret)
-
-
Complete integration testing in each FI environment as directed by your PM.
-
Validate token exchanges, session management, and claim extraction per specification.
5. Certification & Go-Live
-
Upon successful testing, your integration will be certified for production use.
-
Your PM will coordinate go-live activities and provide ongoing support.
Checklist for Marketplace Partners
-
Technical knowledge of OIDC/OAuth 2.0 and Authorization Code Flow
-
Secure infrastructure and secrets management
-
Ability to perform server-side HTTP requests and JWT validation
-
Developer Console access (as provided by PM)
-
Prepared to securely store credentials and JWKS files
-
(Recommended) Completed local development testing with the OIDC Toolkit
Contacts & Support
For questions or support, reach out to your assigned Candescent Integration PM via Marketplace. Your PM is your primary point of contact for all integration-related matters.