Aggregation API
Tenancies in Financeable

Tenancy Authorization Model

In the Financeable Aggregation API, OAuth credentials can be authorized for specific aggregator tenancies. This means that a single set of credentials (Client ID and Client Secret) may have access to some tenancies but not others.

As illustrated in the diagram above:

  • Authorized tenancies (shown in blue) can be accessed using the OAuth credentials. API requests to these tenancies will succeed after authentication.
  • Unauthorized tenancies (shown in gray) cannot be accessed with these credentials. API requests will be rejected even with valid credentials.
  • Each tenancy represents a separate aggregator's environment, with its own set of brokers identified by their email addresses.
  • The subdomain in each tenancy badge indicates the specific API endpoint for that aggregator's environment.

This authorization model ensures that API consumers can only access data from aggregators who have explicitly granted permission to use their tenancy.

Environments

The staging and production environments are completely separate. OAuth credentials issued in the staging environment have no relevance in the production environment, and tenancies are entirely distinct between environments. No data is shared between staging and production - each environment maintains its own isolated set of credentials, tenancies, and data.

Authentication

OAuth 2.0 client credentials authentication for the Financeable Aggregation API

Overview

Access our TypeScript SDK and OpenAPI specification for the Financeable Aggregation API

On this page

Tenancy Authorization ModelEnvironments