I tried setting up a API connection with the bondora.com API, but failed to do so using the User-Agent Flow.
The connection is working in Postman and I managed to get a connection when I send the API key in the Header.
For the User-Agent Flow I used the following setup:
I provided the correct client id and client secret and authorized the callback url on the bondora homepage.
Bondora does not provide a user endpoint so I left it blank.
When I start the login workflow in run mode (debug mode) I get redirected to the login of bondora and can succesfully log in and verify the scope. After verification I get redirected to my app’s homepage and get the following error message:
I tried to figure out what the problem is and could not get to a solution. Here are some of the thoughts I made on what might be going wrong:
There are some steps for the user-agent authorization:
- Send a GET request to the authorization endoint with the needed client id, scope and redirect url
- Enter your website specific credentials to login and authorize the GET request
- The website (Bondora) redirects you to the url entered during app registration or to the url provided in the request. The url’s must match partially. When redirected there will be a code in the url that will than have to be…
- …POSTed to the Token endppoint together with the client id and client secret to receive the access token
The Login is working well and I can see the code send by Bondora in the url so the first three steps must have been succesfull. I suspect there is an error when requesting the access token. A wild guess is that there is something wrong with the redirect url’s as they appear to be converted to asci twice (%2520 was originally a space)
I am sorry if this question is trivial, but I’m not very familiar with the processes in behind.
You can find the API documentation under https://api.bondora.com/
Kind regards