Users can register a new NAF App if they have the "Can create a NAF application" permission.
To embed an application, start by registering a new NAF App:
From the Narmi Command sidebar, select Extensions > NAF Apps, then select Register new app.
In the form that appears, enter information to configure your NAF app. Scroll past the image below to read descriptions of each field. Select Cancel at any time to discard the form.
All of the following fields are required for creating a new NAF app:Name – The name of your app. This displays to users in the Tools menu of Narmi Banking from a web browser and on a card under Services on the bottom right side of the dashboard.
Description – The description of your app. This displays on the web app, below the app name.
Publisher – The group that owns this app; this is not displayed to your users
Redirect URL – The URL that the app will use to redirect/authenticate users; the URL must start with https://
Select app icon – Select an icon from a menu of icons
Should the app be public and visible to users? Select Yes to make this app public to your users upon saving the form. Select No to keep it hidden. Note: If you choose the Private_api or Private _api:user scopes (explained below), you cannot make your app public.
Should the app display in Mobile Banking? Select Yes to have the app displayed on a card at the bottom of the home screen feed on the mobile app. If you select No, the NAF app will still be available in mobile banking by selecting More in the bottom navigation menu.
When you select Yes, a input box appears to add a Mobile App Tagline. This is the tagline of your app that displays below the app name.
Should the user be prompted to confirm they are leaving the platform to an external application? Select Yes to prompt the user before leaving Narmi Banking or select No to go directly to the app with no prompt.
Select additional scopes for your NAF app – Decide what API access your NAF app will have (the first 4 scopes are selected by default):
Read – Read access for any resources that the user can access via the Narmi Public API. Note: This must be selected in addition to "Write" for the NAF app to work.
Write – Write access for any resources that the user can access via the Narmi Public API. Note: This must be selected in addition to "Read" for the NAF app to work.
Write:preferences – Can update user preferences, like address and estatements enrollment
Read:profile – Can read extended information about the user, including name, address, phone, and core user ID
Private_api – Can access all endpoints in the Narmi Admin API. Note: If this is selected, you cannot make your NAF app public and must select No for Should the app be public and visible to users? in order to complete registration.
Private_api:user – Can only read the
users/{userId}endpoint in the Narmi Admin API. Note: If this is selected, you cannot make your NAF app public and must select No for Should the app be public and visible to users? in order to complete registration.
Should the application open in a new tab or within an iframe in Online Banking? You can choose to have the app open in a new browser tab, or open in an iFrame, which is an inline frame used to nest another HTML page within the current one. This selection also controls whether the request submitted to the application URL will be POST or GET. Select iFrame (POST) or New tab (GET).
For iframe (POST) only – Should the iframe take up the full width of the viewport? The visual viewport is the size of the inner width and height of the iFrame, rather than the parent page. Select Yes to take up the full width or No to leave space between.
For iframe (POST) only – What domains should be allowed to send messages to the origin? Enter a list of domains you want the parent page to trust. Use the following format:
["https://www.example1.com","https://www.example2.com"]Geolocation permission for iFrame
You can use standard geolocation methods to enhance your NAF Apps with location-based services. The geolocation permission is automatically added to the iFrame for web and mobile NAF Apps. This allows the embedded content to request the user’s location via the browser's geolocation API, prompting users for permission just like a regular web page.Should the application open in the device browser or within the mobile app in Mobile Banking? Since some behaviors are not possible within the mobile app, complex apps may perform better in the device browser. Select Mobile app or Device browser.
Owners of this application – Add or remove owners of the application. Go to Add an Owner to a NAF App for more information.
For Business Banking only (not Consumer Banking) – Restrict business banking sub-users from accessing this app? For business banking, you can prevent users with Collaborator and Viewer permissions from accessing the NAF App. Select Yes to allow only Admins and Account Holders access to the NAF app. Select No to allow users with Collaborator and Viewer permissions to access the NAF app. Reach out to your Narmi Relationship Manager if you need additional information regarding this configuration.
Is this a money movement app that users should access from the Transfers page in Online and Mobile Banking? – Select Yes to make this app accessible from the Transfers page in web and mobile banking. For more information on this feature, go to Third-Party Transfer App.
After completing all fields, select Register app to save the form.
A dialog appears with your client secret, which is used for secure server-to-server communication. Copy and save this secret, as it will only be shown once. Sending secrets across the internet more than once, or to different users, is a security risk. Select Okay to finish registering the NAF app.
If you made your app public, users can view your embedded app by logging in to Narmi Banking from a web browser and selecting Tools, or selecting your app under Services on the bottom of the web dashboard.