Generic Document Management APIs Lifecycle Guide

Document Management Generic Integration enables the integration of Temenos User Agent platforms (for example, UXPB and Fabric) with the document solutions provided by external document management providers who are not part of Temenos Exchange.

This generic integration solution simplifies the process of working with various non-Exchange document management providers. With this integration, developers can focus on building applications without worrying about the specific details of each provider's implementation. An integrated Temenos solution with a Document Management system offers a document generation or archiving facility.

Resource: Generic Document Management APIs

Document Management Generic Integration with External System

Tip: Click diagram to expand.

Features

Feature	Description
Search Document	This feature allows you to search for documents within the External Document Management System's document list.
Download Document	Use this functionality to retrieve a document from the list within the External Document Management System.
Upload Document	Use this feature to add a document to the document list within the External Document Management System.
Generate Document	This function enables the addition of documents to the document list in the External Document Management System.

Components

Generic Adapter

The generic adapter is generically designed to invoke APIs over https. The adapter supports the search, download, upload and generation of documents.

User Agent Service

The User Agent Service runs in the API Framework layer, handling requests from user agents, such as UXP Browser for Transact, through APIs. These services handle data and, depending on their configuration, invoke generic adapter APIs to process data points for document management.

Architecture

Document Management Architecture

Tip: Click diagram to expand.

Security

Authentication

The webhook service - which includes both cross-currency fulfilment hosted by external systems and the transfer status update fulfilment hosted by Temenos Exchange - is secured with the Mutual TLS authentication method using certificates.

Message Integrity

Secret key-based HMAC, using SHA1-based hashing, is used to ensure the integrity of the messages - the fulfilment requests and responses - that are sent and received. The team deploying the service is responsible for generating the secret key.

Note: The generated key needs to be shared with the consumer of the APIs. In other words, the client can use the KEY for the message integrity.

Sample code for generating a signature using SHA1

//sample code snippet to generation of the signature using SHA1
                                                         
        String algorithm = "HmacSHA1";
        String secretKey = "SECRET_KEY";
                                                         
        Mac mac = Mac.getInstance(algorithm);
        byte[] secretKeyBytes = secretKey.getBytes(StandardCharsets.UTF_8);
        SecretKeySpec macKey = new SecretKeySpec(secretKeyBytes, algorithm);
        mac.init(macKey);
                                                         
        String requestBody= request.getBody();
        byte[] requestBodyBytes = requestBody.getBytes(StandardCharsets.UTF_8);
        byte[] computedSignatureBytes = mac.doFinal(requestBodyBytes);
        String computedSignature = toHexString(computedSignatureBytes);

Failure Handling

Invalid Message Payload

Any invalid data point in message payloads results in the entire request being rejected before any fulfilment is attempted. If this happens, the respective webhook services respond with the HTTP status code 400 - Bad Request with an error message payload.

Failed Fulfilment

Not all fulfilment requests are successfully fulfilled. Fulfilment failures occur due to business conditions that did not support the request. If this happens, the respective webhook services respond with HTTP status code 422 - Unprocessable Entity with a fulfilment failure message payload.

Retriable Failures

When a fulfilment request fails due to issues with the request payload, the client is requested to change the request payload - the request will only be sent again once changes are made. However, there are failures where no action on the part of the client is required before the request is retried. The following failures are retried until they succeed, with a configurable retry frequency and retry interval.

Network or infrastructure failures resulting in HTTP status code 5xx (for example, 502 - Bad Gateway).
Configuration failures resulting in HTTP status code 401, 403, 404 (for example, 401 - Unauthorized).

Requests that are valid and complete from the client's point of view should succeed after retrying, taking into account the various failure possibilities that exist beyond the request payload.

View and Download the Generic Document Management APIs

Resource: Generic Document Management APIs