On This Page
Transient Token Response Format
The transient token is issued as a JSON Web Token (RFC
7519). A JWT is a string consisting of three parts that are separated by
dots:
- Header
- Payload
- Signature
JWT example:
xxxxx.yyyyy.zzzzz
The payload portion of the token is an encoded Base64url JSON string and contains various
claims.
IMPORTANT
When you integrate with
National Australia Bank
APIs, National Australia Bank
recommends that you dynamically parse the response for the fields that
you are looking for. Additional fields may be added in the future.You must ensure that your
integration can handle new fields that are returned in the response. While the underlying
data structures will not change, you must also ensure that your integration can handle
changes to the order in which the data is returned.
The internal data structure of the
JWT can expand to contain additional data elements. Ensure that your integration and
validation rules do not limit the data elements contained in responses.
Example: Token Payload for Accepting Card Information
{ "iss": "Flex/00", "exp": 1728911080, "type": "mf-2.0.0", "iat": 1728910180, "jti": "1D1S6JK9RL6EK667H1I370689A63I2I8YLFJSPJ1EUSKIPMJJWEL670D16E89AF8", "content": { "paymentInformation": { "card": { "expirationYear": { "value": "2025" }, "number": { "detectedCardTypes": [ "001" ], "maskedValue": "XXXXXXXXXXXX1111", "bin": "411111" }, "securityCode": {}, "expirationMonth": { "value": "01" } } } } }