User Management

Techniques and recommendations for Akahu user management

ℹ️

This reference is intended for developers using Akahu's enduring account connectivity. Information provided may not be relevant for those using one-off account connectivity.

Streamlining Onboarding

The Akahu OAuth2 flow offers an additional email query parameter for the user's email address. This allows apps to streamline the OAuth flow by pre-filling the email address.

Below is an example OAuth2 URL with an email address specified (newlines inserted for readability):

https://oauth.akahu.io?
  client_id=app_token_1111111111111111111111111&
  response_type=code&
  redirect_uri=https://example.com&
  scope=ENDURING_CONSENT&
  [email protected]

Preventing Multiple Akahu Accounts

Akahu only allows a set of credentials to be connected to one user. If, on a subsequent OAuth flow from your app, the user accidentally enters a different email address, they will create a new Akahu account and be unable to see or connect the accounts they have shared with you.

This situation can be quite confusing for the user, who will receive the error "Someone else is using these credentials". To avoid this, your app can fetch the user's current email address from the GET /me endpoint, and supply it to the Oauth flow to be pre-filled.

What Happens When Credentials Change?

Akahu logs into providers in order to retrieve information or take actions. If the user changes their username, password, or other authentication information, Akahu may no longer be able to log in.
In this case Akahu switches the status attribute of affected accounts to INACTIVE. When an account is INACTIVE it will no longer receive periodic data refreshes, and can no longer be used to make payments or transfers.

If you see user accounts that are in an INACTIVE state there are two possible remedies:

  1. Prompt the user to complete the OAuth flow again. At the point where they select which accounts to share, they will be able to reconnect any INACTIVE accounts.
  2. Direct the user to my.akahu.io. Here they can sign in and reconnect those accounts that have become INACTIVE.

Once the accounts have been reconnected their status will switch back to ACTIVE. At this point they will receive updates and can once again be used to make payments or transfers.

Deleting Users and Revoking Access

When Your App Deletes A User

When you delete a user in your app, be sure to revoke the user token using the DELETE /token endpoint. This ensures that the token can no longer be used to access user data.

This is a requirement of our App Accreditation Process, and therefore MUST be implemented before your app will be allowed to use Akahu outside of the sandbox.

If your app is billed per-active-user then this will also prevent you from being charged for users who no longer use your app.

Allowing Users to Revoke Access

Akahu’s purpose is to give people control of their data. To ensure this, we require that apps allow their users to revoke account access from within the app itself. This can be done using the DELETE /token endpoint.

This is a requirement of our App Accreditation Process, and therefore MUST be implemented before your app will be allowed to use Akahu outside of the sandbox.

A user may also choose to revoke access via my.akahu.io.

When a User Revokes Your App

If a user revokes access to your app, two things will happen:

  1. If your app is subscribed to webhooks for this user, you will receive a TOKEN DELETE webhook.
  2. Any requests for user data will return a response with the HTTP status code 403 Forbidden.

In either of these situations you can safely discard the Akahu user token corresponding with this user (you don't need to call the DELETE /token endpoint, since the token has already been revoked).
In accordance with New Zealand’s Privacy Act 2020, you must also delete any user data that has been exchanged via Akahu and is no longer reasonably required.

This is a requirement of our App Accreditation Process, and therefore MUST be implemented before your app will be allowed to use Akahu outside of the sandbox.

You may also wish to update the state in your app, explaining to the users that their accounts are no longer connected and inviting them to reconnect accounts if they wish to do so.