Introduction
What is BOG-ID
BOG-ID service allows to identify/verify the customers of the Bank of Georgia and get their registration data via standard API.
What is needed for the integration
In order to establish the integration, the Company should be a customer of the Bank of Georgia. After becoming the customer, in order to pass through the Authentication via HTTP Basic Auth, you need to know the company’s unique credentials for accessing the system. The credentials consist of two parameters:
client idclient secret
which will be passed to you by the Bank of Georgia.
Protocol and Technical Specifications
In order to establish the integration via the Single Sign-on system of the Bank, you have to use the OpenID Connect specifications. For more information, please visit:
API architecture: Restful
BOG-ID Service Protocol: HTTP/1.1. To enhance security it is mandatory to call all API methods using HTTPS, which is an extension of the HTTP protocol.
Service call type - Synchronous
Security protocol - Open ID Connect
Information exchange security standard - JSON Web Tokens (JWT).
Short Description of the Process
In order to use the Single Sign-On system of the Bank of Georgia in the authorization process, an external system should ensure the redirection of the customer to the Bank’s interface where a customer will be able to complete the authorization process.
Customer can use the following methods for the authorization:
- Name and password of the Digital Customer
- Private Number of the Digital Customer
- QA-authorization by using the mBank application
After completing the authorization process, a customer should agree to share their registration data stored in the Bank. The volume of registration information varies from the request of the external system. Upon the customer’s agreement, the external system can get the customer’s registration data via API.
The external system doesn't need to get customer’s registration data in case the company needs to use only the authorization feature.