Guided start
This guide introduces Tuum's fundamental concepts to prepare you for your initial API call. Following the same four steps as the Quick start, each section highlights essential principles and directs you to in-depth documentation. By the end, you will understand how Tuum works and be able to confidently choose the right APIs for your integration.
Get your credentials
Contact the Tuum team or your organisation's designated representative to receive your username and password.
Within Tuum, your credentials serve as your digital identity, linking you to an employee entity—the system’s notion of any principal that performs actions. Emloyees can be persons, applications, or maintainers, each with different permission levels. Access is managed through Role-Based Access Control (RBAC), where roles assigned to your employee determine which operations you can perform.
Identify the base URL
Select the base URL for your target environment. Tuum uses different subdomains for different APIs, following the format:
https://[api-name].[environment].[domain]Each API in Tuum's microservices architecture has its own unique subdomain, enabling independent scaling. The environment segment of the URL—identifying sandbox, development, or production—ensures environments are separate and do not affect each other.
For the sandbox environment, use:
https://auth-api.sandbox.tuumplatform.comhttps://person-api.sandbox.tuumplatform.comFor organisation-specific environments, contact your Tuum representative for base URLs.
Authenticate
To verify your identity, use the base URL and your credentials to call the authentication API endpoint. For a detailed example, see the Authenticate employee sample call in the API cookbook.
Upon a successful authentication, you will receive a JWT.
Save the token value – you will need it in Step 4.
The received JWT is only valid for a limited period, after which it expires. To refresh your expired JWT and get a new one without re-entering your username and password, use the authentication refresh API endpoint.
The Employee API offers deeper insights into how roles and privileges function in practice, making it a valuable resource for understanding Tuum's access control model.
Start making API calls
To access Tuum API endpoints, ensure your JWT is included in the x-auth-token header with every API request.
Because persons represent customers in the Tuum system, the Person API is the logical starting point. Before opening accounts, issuing cards, or processing loans, you need to create person records, since all these operations require an associated person. Understanding the Person API is crucial for managing customer data and handling the relationships between persons and other banking entities.
To create your first person record, call the create person API endpoint. For a detailed example, see the Create person sample call in the API cookbook.
Next steps
Decide how you would like to proceed:
If you are interested in how RBAC and digital identity principals function in Tuum, take a closer look at the Employee API.
To learn more about customer record management, explore the Person API.
Alternatively, you can start exploring a domain API, such as the Account API, Card API, or Loan API, to discover their specific features and capabilities.
Last updated
Was this helpful?