v1 Changelog

QwikLive Onboarding API

The administrative API for onboarding and configuring financial institutions, users, roles, core connectivity and terminals on the QwikLive platform — one consistent, versioned REST interface.

Synthetic data only

Where the underlying source does not specify a value, type, or business rule, it is explicitly marked To be confirmed. All examples use synthetic, masked data — never paste real credentials or tokens into shared environments.

Introduction

The QwikLive Onboarding API is a versioned REST service (current version v1) that centralizes the configuration and lifecycle management of the entities a financial-services platform needs before it can process transactions. Through a single, consistent interface you can onboard a financial institution, wire it to a core banking system, define which account types and transactions it supports, register terminals, and manage the users and roles that administer it.

Requests and responses are JSON over HTTPS. Most write operations are protected by a bearer (JWT) access token, and every entity supports soft activation/deactivation rather than hard deletion.

Business Purpose

Onboarding a bank or credit union onto a transaction-processing platform involves many interdependent configuration steps. This API exists to make that process:

Key Capabilities

🔐
Authentication & MFA
Login, logout, token refresh, SSO token exchange, TOTP-based MFA and email OTP.
🏦
Financial Institutions
Onboard FIs with BIN, core name, API type and transaction configuration.
🔌
Core Connectivity
Register host, port, service paths and credentials for core banking systems.
💳
Account Types & Capabilities
Standardize account types and define allowed transaction capabilities per FI.
👥
Users, Roles & Modules
Fine-grained RBAC: assign module actions to roles and roles to users.
🖥️
Terminal Keys
Register and manage app/terminal keys per financial institution.
📊
Transactions & Dashboard
Query, export and aggregate transaction statistics for BizOps.
🏢
Sub-tenants
Onboard sub-tenants under an enterprise tenant, with branding.

High-Level Architecture

Clients call the Onboarding API through an API gateway. The service persists configuration, brokers authentication, and delegates to downstream microservices and core banking systems.

text
            ┌─────────────────────────┐
            │  Client / Admin Portal  │
            │  (UI, scripts, Postman) │
            └────────────┬────────────┘
                         │ HTTPS + Bearer JWT
                         ▼
            ┌─────────────────────────┐
            │      API Gateway        │   x-correlation-id propagated
            └────────────┬────────────┘
                         ▼
            ┌─────────────────────────┐        ┌──────────────────────┐
            │  QwikLive Onboarding    │ ─────▶ │  Auth / MFA / OTP     │
            │  Service  (/v1/...)     │        └──────────────────────┘
            │                         │        ┌──────────────────────┐
            │  • FIs, Account Types   │ ─────▶ │  Configuration store  │
            │  • Roles / Modules      │        └──────────────────────┘
            │  • Core Connectivity    │        ┌──────────────────────┐
            │  • Terminals, Tenants   │ ─────▶ │  Core banking systems │
            └────────────┬────────────┘        └──────────────────────┘
                         ▼
            ┌─────────────────────────┐
            │  Other QL microservices │  (health, dashboard, channels)
            └─────────────────────────┘
⚠️
Representative model

The internal component boundaries above are a representative model based on the observed endpoints. The precise deployment topology and canonical per-environment hostnames are To be confirmed with the platform team.

Typical Integration Flow

A first-time integration usually follows this order:

1

Authenticate

Obtain a JWT via POST /v1/onboarding/login/user (complete MFA/OTP if required).

2

Onboard the financial institution

POST /v1/onboarding/financialInstitution — register the FI with BIN, core name and API type.

3

Configure core connectivity

POST /v1/onboarding/core-connectivity/data — host, port, service paths and credentials.

4

Define account types & capabilities

POST /v1/onboarding/account-types, then POST /v1/onboarding/transaction-capabilities.

5

Register terminals

POST /v1/terminal-key — app/terminal keys per financial institution.

6

Create roles & users

POST /v1/onboarding/roles, then POST /v1/onboarding/users — assign RBAC.

7

Verify & monitor

Query transactions, dashboard statistics and service health.

💡
End-to-end walkthrough

See the complete "onboard a new bank" scenario in Recipes / Use Cases, which chains these calls into a single flow.

Explore the Documentation