Before we get started, you should familiarize yourself with the following icons. They represent important information that you will want to take into account throughout the integration process. 



warning Important information that you should take into account during the integration.


insert_drive_file You need some information from Unnax, such as keys or passwords. If you haven’t received it let us know.


code You can find more information on this subject in our API documents.


computer Go to your Unnax Portal, log in with your credentials and perform the necessary configurations.


insert_drive_file You need to configure a webhook in order to be able to receive information. 


 

A little about this guide


In the following articles, we'll give you a detailed walk through on how to configure your system to begin working with our APIs. This resource includes all the information you need to cover most use cases and scenarios so please take the time to read it. If after reading it you find yourself in doubt you can reach out to us and we'll be happy to help. 


Most of the interactions that you will be performing with our API will need to be authenticated and authorized. To that end, we will send you a set of credentials that will let you create the authentication tokens needed to perform the API calls.



warning Store these credentials very carefully. If they are stolen your system can be compromised.


insert_drive_file If you haven’t received your credentials yet please notify the integration team and we'll send them to you right away.


This is what we are talking about:


API_CODE
API_ID

For integration processes, you will need to connect to our Integration URL


https://integration.unnax.com


Authentication and authorization


At UNNAX, we use several methods for authenticating and authorizing transactions. Most of them work around Sha1 hashing and Base64 encoding. 


warning We advise that throughout the integration process you keep tools for Sha1 hashing and base64 DeCoding on hand.


For the authentication, you must send the Authorization header values in the Bearer format:


Unnax Base64(api_id:api_code)

Whenever there is a functionality that requires the use of recurrent API calls that belongs to the same session, we return a SID (Session ID) from the Session Init request. That SID will be passed to further API calls during the whole process as a query string in the URL.


When a transaction involves money movements we use Sha1 signatures based on the API_CODE and API_ID parameters, along with other fields that would guarantee the integrity of the request and the data passed from end to end. 


As you will see throughout the guide, we use webhooks to communicate the result of most of our functions. This is in order to offer you an asynchronous process that translates into a better user experience.


code For more information about webhooks please refer to our documentation


Tests with Copito Bnk!



At UNNAX we want to make the test and integration processes as smooth as possible, but we also want to make sure that you can test your systems with a production-level banking environment. With that in mind, we've created our own bank, Copito, which is continuously evolving and improving.

We developed Copito as a means to offer our clients the closest experience to what operating with a real bank environment would be like, making the "go to LIVE" process as smooth as possible. Copito is ready and fully loaded with information about bank accounts and products that will let you test our many functionalities. 


For more information on how to work with Copito, please refer to our documentation


Certification and Going LIVE!


In order to go live, we need to verify you fulfill certain conditions related to the configuration of your system as well as the correct usage of our APIs. You can find more information on the certification process here.


With these steps taken care of, we are ready to get started. 


Please, tell us where you'd like to begin and we'll walk you through the process: