This is where the fun begins
CMA Platform API
The CMA Platform API enables systems and third party service providers to connect and interact with their clients or users on all supported mobile apps powered by Bendigi Technologies, including the Candian Mortgage App.
The CMA Platform API is organized around REST, has predictable resource-oriented URLs, accepts form-urlencoded request bodies, returns JSON-encoded responses, uses standard HTTP response code and secured with access scopes and Bearer Token in the authorization header.
Mobile OAuth 2.0
Mobile OAuth offers our users the ability to link their CMA account with external services.
After the user links and authorizes their account with the external service, our Platform API allows service providers to securely interact with our mutual clients.
For instance, a user can link their app to a supported CRM, Lender Connectivity Platform or any other service provider that we have enabled. The service provider then in return can send push notifications to that user or enable additional functionality for the user to securely interact with their service from within their mobile app.
This call enables systems to authenticate with Bendigi’s servers.
You must know your supplied client credentials and the correct
scope that you intend to use. The response includes a Bearer token that must be added to your authorization header when accessing protected routes.
Bearer access tokens may have a short expiry, we recommend building your flow so that you can easily obtain a new token prior to every use of the API or immediately upon receiving a token expired error.
The Push API makes it easy for approved systems to send push messages to a specific user on a Bendigi supported mobile app. Push messages are delivered reliably to the user’s mobile inbox no matter which operating system they are using or as many devices they have authorized to receive push messages.
The Send API is designed to offer developers a unified interface to send a message payload without the need to handle Apple’s APN or Google FCM payload structure or their authorization keys.
You also do not need to worry about the language preferences of the user because the API will automatically deliver the message according to the language they prefer.
Push API is a protected service and requires server-side authentication (Bearer Token) and accessible only with the scope:
Status API offers developers the ability to query the results of a push campaign. This service allows the sending party to query the real-time status of a previously sent push message. You will be able to view whether the push message was sent successfully, delivered, wether it has been opened, viewed and acted on.
Push Status API is a protected resource and requires server-side authentication and accessible only with the scope: