SaFi Bank Space : Exposed Endpoints & Tyk Mappings

This document keeps track of the microservice endpoints we expose and corresponding Tyk URLs for different environments(dev, staging, brave, etc.). Note that {xxxx} is a placeholder which means that this part may change with different requests. Note that endpoints not listed here will need to be accessed with customer authentication.

advanceai-gateway
customer-manager
jira-gateway
output-delivery-status-manager
output-manager
iam-manager
transaction-history-manager
backoffice-manager
app assets GCS bucket
paynamics-gateway

advanceai-gateway

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
POST /callback/vkyc-call/agent-call	https://api.smallog.tech/advanceai-gateway/callback/vkyc-call/agent-call	https://api.blueship.store/advanceai-gateway/callback/vkyc-call/agent-call	https://api.sfdvwork.xyz/advanceai-gateway/callback/vkyc-call/agent-call	unsecured
POST /callback/vkyc-call/result	https://api.smallog.tech/advanceai-gateway/callback/vkyc-call/result	https://api.blueship.store/advanceai-gateway/callback/vkyc-call/result	https://api.sfdvwork.xyz/advanceai-gateway/callback/vkyc-call/result	unsecured
POST /callback/vkyc-call/expired	https://api.smallog.tech/advanceai-gateway/callback/vkyc-call/expired	https://api.blueship.store/advanceai-gateway/callback/vkyc-call/expired	https://api.sfdvwork.xyz/advanceai-gateway/callback/vkyc-call/expired	unsecured
POST /callback/osp/deduplication	https://api.smallog.tech/advanceai-gateway/callback/osp/deduplication	https://api.blueship.store/advanceai-gateway/callback/osp/deduplication	https://api.sfdvwork.xyz/advanceai-gateway/callback/osp/deduplication	secured, non-expiring token in headers
POST /callback/osp/workflow/event	https://api.smallog.tech/advanceai-gateway/callback/osp/workflow/event	https://api.blueship.store/advanceai-gateway/callback/osp/workflow/event	https://api.sfdvwork.xyz/advanceai-gateway/callback/osp/workflow/event	secured, non-expiring token in headers

customer-manager

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
GET /v1/consents	https://api.smallog.tech/customer-manager/v1/consents	https://api.blueship.store/customer-manager/v1/consents	https://api.sfdvwork.xyz/customer-manager/v1/consents	unsecured it is okay to return all the documents for accepting the consents
POST /v1/customers/prospect	https://api.smallog.tech/customer-manager/v1/customers/prospect	https://api.blueship.store/customer-manager/v1/customers/prospect	https://api.sfdvwork.xyz/customer-manager/v1/customers/prospect	unsecured
(DEPRECATED) ~~GET /v1/customers/id/by-phone/{countryCode}/{phoneNumber}~~	https://api.smallog.tech/customer-manager/v1/customers/id/by-phone/{countryCode}/{phoneNumber}	https://api.blueship.store/customer-manager/v1/customers/id/by-phone/{countryCode}/{phoneNumber}	https://api.sfdvwork.xyz/customer-manager/v1/customers/id/by-phone/{countryCode}/{phoneNumber}	unsecured
POST /v1/customers/id/by-phone	https://api.smallog.tech/customer-manager/v1/customers/id/by-phone	https://api.blueship.store/customer-manager/v1/customers/id/by-phone	https://api.sfdvwork.xyz/customer-manager/v1/customers/id/by-phone	unsecured
GET /v1/address-catalogue/countries	https://api.smallog.tech/customer-manager/v1/address-catalogue/countries	https://api.blueship.store/customer-manager/v1/address-catalogue/countries	https://api.sfdvwork.xyz/customer-manager/v1/address-catalogues/countries	unsecured

jira-gateway

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
POST /callback/webhook/events/{token}	https://api.smallog.tech/jira-gateway/callback/webhook/events/{token}	https://api.blueship.store/jira-gateway/callback/webhook/events/{token}	https://api.sfdvwork.xyz/jira-gateway/callback/webhook/events/{token}	secured, the token (UUID) is in URL and Jira will add that token when call this API, microservice validates.

output-delivery-status-manager

Endpoint	Tyk URL - dev (Brave)	security
POST /callback/infobip/sms	https://api.smallog.tech/output-delivery-status-manager/callback/infobip/sms	unsecured currently, and will be authenticated in the micro service side
POST /callback/infobip/viber	https://api.smallog.tech/output-delivery-status-manager/callback/infobip/viber	unsecured currently, and will be authenticated in the micro service side
GET /callback/macrokiosk/sms	https://api.smallog.tech/output-delivery-status-manager/callback/macrokiosk/sms	unsecured currently, and will be authenticated in the micro service side

output-manager

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
POST /meiro/send				unsecured currently because we are not sure whether Meiro will be deployed within our VPN or not
POST /meiro/broadcast

iam-manager

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
POST /credential				unsecured by design (part of onboarding first steps)
POST /face-comparison				secured: signature (>LEVEL1) only
POST /face-comparison/check				secured: signature (>LEVEL1) ony
POST /notifications/token				secured: signature (>LEVEL1) only

transaction-history-manager

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
GET /transaction-history-manager/categorization	https://api.smallog.tech/transaction-history-manager/categorization	https://api.blueship.store/transaction-history-manager/categorization	https://api.sfdvwork.xyz/transaction-history-manager/categorization

backoffice-manager

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
GET /customers/supportInfo	https://api.smallog.tech/backoffice-manager/customers/supportInfo	https://api.blueship.store/backoffice-manager/customers/supportInfo	https://api.sfdvwork.xyz/backoffice-manager/customers/supportInfo	unsecured TBD, used by Genesys

Genesys-gateway

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
POST /webhook/conversations/outbound/messages	https://api.smallog.tech/genesys-gateway/webhook/conversations/outbound/messages		https://api.sfdvwork.xyz/genesys-gateway/webhook/conversations/outbound/messages	Secured. Genesys will put the secret token in http header when calling this webhook, in webhook will check the request’s signature using the token.

app assets GCS bucket

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
GCS bucket assets	https://assets.smallog.tech	https://assets.blueship.store	https://assets.sfdvwork.xyz

paynamics-gateway

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
POST /paynamics/dgate/callback	https://api.smallog.tech/paynamics/dgate/callback	https://api.blueship.store/paynamics/dgate/callback	https://api.sfdvwork.xyz/paynamics/dgate/callback	Secured via non-expiring token generated by tyk, and passed via query param
POST /paynamics/workflow/callback	https://api.smallog.tech/paynamics/workflow/callback	https://api.blueship.store/paynamics/workflow/callback	https://api.sfdvwork.xyz/paynamics/dgate/callback	Secured via non-expiring token generated by tyk, and passed via query param

delivery-aggregator

Endpoint	Tyk URL - dev (Brave)	Tyk URL - stage (old - EPFS)	Tyk URL - stage (new - Tangled)	security
POST /callback/ninjavan	https://api.smallog.tech/delivery-aggregator/callback/ninjavan	https://api.blueship.store/delivery-aggregator/callback/ninjavan	https://api.sfdvwork.xyz/delivery-aggregator/callback/ninjavan	HMAC verification, handled by service