Versions Compared

Old Version 8

changes.mady.by.user Adi Raju

Saved on

compared with

New Version 9

changes.mady.by.user Adi Raju

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • As an Administrator I should be able to create/update/reset password/deactivate customer login user and associate it to client id so that customer can login to the system and view/transact on their own accounts

  • As an Administrator I should be able to assign access permissions to the customer login user so that I can control what actions customer login user can perform on the system

  • As a customer I should be able to validate my username/password credentials with the system so that I can continue invoking APIs to view/transact on my accounts

  • As a customer I should be able to retrieve my personal details so that I can validate my personal data with the organization

  • As a customer I should be able to change my password credential so that I can keep my login access secureAs a customer I should be able to retrieve list of my savings accounts details so that I can be aware of my holdings

  • As a customer I should be able to retrieve transactions related to one of my savings accounts so that I am aware of details of my holdings

  • As a customer I should be able to retrieve charges related to one of my savings accounts so that I am aware of charges incurred on my transactions

  • As a customer I should be able to retrieve list of my loan account details so that I can be aware of my commitments/liabilities

  • As a customer I should be able to retrieve repayment schedule of one of my loan accounts so that I am aware of my commitments/liabilities

  • As a customer I should be able to retrieve transactions related to one of my loan accounts so that I am aware of details of my holdings

  • As a customer I should be able to retrieve charges related to one of my loan accounts so that I am aware of charges incurred on my transactions

...

Keeping ease of maintenance in mind, it is decided that this feature addition should reuse the existing services as much as possible. This will also help in extending new functionalities as well. This can be done in two ways: A) use Spring's RestTemplate and act like a client, or B) inject needed resources in the code. Option B is chosen to help reuse user activity logging and tracking.

Separate endpoint APIs

As suggested by Markus, setting up a separate resource endpoints is the right thing to do for at least one reason. If a MFI wants to ever make a public available web client that allows a customer to deal with his account(s) it is insecure to expose the whole back-office API to the world. With a dedicated API only this endpoint needs to be exposed and it would not be possible to trial the whole system and hack it.

...