The authentication with the Delbank APIs in Production must occur with the use of mutual authentication (mTLS).
The mTLS communication ensures the authenticity of parties on both ends of a network connection by making sure they both have the appropriate private key.
Ilustration by Lambda3
Stage Environment:
During the use of the stage environment, you can perform your actions without the need to configure mTLS, but it is highly recommended that you start your development with this in mind and prepare your application accordingly.
Certificates and Private keys
For the mTLS context, you will generate and send us the Certificate Signing Request (CSR).
Testing mTLS usage
Considering that the Stage Endpoints do not expect the use of mTLS, it is still necessary to test before going to the Production Environment, for this purpose, we provide an approval certificate and private key, available here, for you to use to perform the tests in the following endpoint:
curl --request GET \
--url https://mtls-test.delbank.dev.br/
If you are successful in configuring mTLS, you should receive the following response:
Delbank mTLS Tester - If you're reading this, it's working.
Otherwise, you will receive an HTTP 403 - Forbidden error.