¶ Ingo Mobile Check Cashing
¶ Overview
No-risk mobile check cashing service delivering money in minutes for a fee or in 10 days for free.
¶ API Access
¶ Connectivity
API requests MUST be performed using a secure transport layer over HTTPS with a minimum TLS version of 1.2.
¶ Logging
All API activity will be sanitized, recorded and retained as per Ingo's data retention strategy.
¶ Allowed IP configuration
The APIs are designed for machine to machine communication and are restricted by adding our partner's IP addresses to an "Allowed List" of IP addresses.
A single IP, multiple IPs or a range of IPs can be added to the list.
¶ Credentials Provisioning
As a pre-requisite to establishing credentials, we require your Android applicationId and iOS Bundle ID by environment. This is required to license your application with our third-party image capture vendor. Once we received your Android and iOS application identifiers, we will begin the credentialing process. You should anticipate credentialing to take approximately 2 weeks.
The Client Id and Client Secret will be provisioned by Ingo Client Services and provided via a secure file transfer.
¶ Production Certification
Before clients can go live, Ingo Money will work closely with the Client Integration and Application Engineering teams to ensure that all possible known responses are being handled appropriately.
This process will ensure our clients are well prepared for their production deployments and edge cases have been covered.
The certification process may include but is not limited to the following scenarios:
-
Success scenarios:
- Different request parameters will trigger an HTTP status code of 200
-
Error scenarios:
- Field length validation
- Business Validation Rules
- Field Format Validation
- Versioning Validation
- Unauthorized Access Validation
- Invalid URL Access Validation
- Unexpected responses from the server
- Requests that encounter an Unexpected Exception which would result in an HTTP status code of 500
¶ Fault Tolerance
As with any external network dependency, we recommend our clients use a fault-tolerant API access strategy with a retry policy. An example can be located here Resilience policies.
¶ Flow Diagram - Card Partners API Methods
