My Belvo Portal (OFDA)
Introduction
The My Belvo Portal (MBP) allows users to manage the consent they have previously given to applications (using Belvo's OFDA product) to access their data in the Open Finance Network.
Consent management compliance
As of part of Brazil's Open Finance Network's regulations, all individuals and companies must be able to manage the consents they have granted to applications accessing their personal data. Consequently, your application must offer straightforward and easily accessible options for users to access the My Belvo Portal. This can be achieved by linking directly to Belvo's instance or integrating your own custom instance.
The My Belvo Portal login screens and consent list
In your application, you can direct their users to manage their consents by either:
- Using Belvo's universal MBP instance.
- Initiating an instance of the MBP that will only display the consents your users have given your application.
MBP on Belvo's Website
On Belvo's website, we host a universal instance of the MBP that any user can use to manage their consents. This instance consolidates all the consents they have granted using Belvo's OFDA product.
In your application, you can direct your users to Belvo's universal MBP instance using this URL: https://meuportal.belvo.com/?mode=landing.
If you would like your users to only see the consents they have granted your application, see MBP customized consent view.
MBP customized consent view
You can customize the MBP to display only consents that your user has granted your application, making it easier for them to manage their consents.
To create a customized MBP that only displays consents granted to your application:
- Create an
access_token(For individuals, you will need to provide their CPF details. For businesses, both the CPF and CNPJ details are required).
curl -X POST \
https://sandbox.belvo.com/api/token/ \
-H 'Content-Type: application/json' \
-H 'Host: sandbox.belvo.com' \
-d 'See payload examples below''
// Individual
{
"id": "{{secretId}}",
"password": "{{secretPassword}}",
"scopes": "read_consents,write_consents,write_consent_callback",
"widget": {
"openfinance_feature": "consent_management",
"consent": {
"terms_and_conditions_url": "url_to_your_terms_and_conditions",
"permissions": [
"REGISTER",
"ACCOUNTS",
"CREDIT_CARDS",
"CREDIT_OPERATIONS"
],
"identification_info": [
{
"type": "CPF",
"number": "individual_cpf",
"name": "individual_full_name"
}
]
}
}
}
// Business
{
"id": "{{secretId}}",
"password": "{{secretPassword}}",
"scopes": "read_consents,write_consents,write_consent_callback",
"widget": {
"openfinance_feature": "consent_management",
"consent": {
"terms_and_conditions_url": "url_to_your_terms_and_conditions",
"permissions": [
"REGISTER",
"ACCOUNTS",
"CREDIT_CARDS",
"CREDIT_OPERATIONS"
],
"identification_info": [
{
"type": "CPF",
"number": "individual_cpf",
"name": "individual_full_name"
},
{
"type": "CNPJ",
"number": "business_cnpj",
"name": "business_name"
}
]
}
}
}
- Add the
access_tokento the MBP URL:https://meuportal.belvo.com/?access_token={accessToken}. - Provide your user with the generated URL.
❇️ Done! Once your user logs in to the MBP, they will be able to manage the consents they have granted your application.
Consent renewal with the MBP
The MBP can also be used to renew an expired consent. Belvo will send you a webhook when one of your user's consent's has expired. An example webhook payload is as follows:
{
"webhook_id": "e6f08793f967445fb74ce16beae665bc",
"webhook_type": "CONSENT",
"webhook_code": "consent_expired",
"link_id": "3d3364b7-0175-483d-a58b-b471f251e533", // The link ID associated with the consent.
"external_id": null,
"data": {
"consent_id": "29a54e55-21f0-4d02-8e34-797ab7d43940", // The consent ID.
"action": "renew", // An indication of what action you need to take. For consent_expired webhooks, this is always set to renew.
"institution": "ofmockbank_br_retail", // The institution that the user provided their consent for.
"institution_display_name": "OF Mockbank", // The display name of the institution.
"institution_icon_logo": "https://logo.com" // The URL to the institution's logo.
}
}
After receiving the webhook, you can set the MBP to ‘renew consent’ mode by creating a URL with the following information:
https://meuportal.belvo.com/
?access_token={accessToken}
&link_id={webhook_link_id}
&consent_id={webhook_consent_id}
&institution={webhook_institution}
&institution_display_name={the_display_name_url_encoded}
&institution_icon_logo={url_to_icon}
&action=renew
| Query Field | Description | Example |
|---|---|---|
access_token | A newly generated access_token for the MBP. For instructions on how to create an access_token for the MBP, see the MBP customized consent view section. | N/A |
link_id | The link_id you received in the consent_expiredwebhook event. | link_id=6b94a043-9a96-4dd3-b889-30f4dcbd9608 |
consent_id | The consent_id you received in the consent_expiredwebhook event (located in the data object). | consent_id=2c63f6a0-22ea-4edf-a15c-9c1c2f92a20d |
institution | The institution you received in the consent_expiredwebhook event (located in the data object). | institution=ofc_mockbank_br |
institution_display_name | The institution_display_name (URL encoded) you received in the consent_expiredwebhook event (located in the data object). | institution_display_name=OF%20Mockbank |
institution_icon_logo | The institution_icon_logo URL you received in the consent_expiredwebhook event (located in the data object). | institution_icon_logo=https://logo.com |
action | The action in the consent_expiredwebhook event (located in the data object). For consent_expiredwebhooks, this action will always be renew. | action=renew |
Directing your users to this URL will automatically guide them through the consent renewal process.
Updated 2 months ago