🔗
Linker Studio
  • Welcome!!
  • 🚀GETTING STARTED
    • Set up your custom project from Linker Studio
    • How to run the project
    • Linker Features
      • Glossary
      • Web
      • Mobile
        • Aggregators
        • Analytics
        • Authentication
        • BaaS
        • Carousel
        • Client Support
        • Error and Crash Reporting
        • Info Onboarding
        • KYC
        • Payroll
        • Pii Onboarding
        • Push Notifications - OneSignal
        • Settings
        • Subscriptions
      • Backend
        • Authentication
        • MFA
        • BaaS
        • Aggregators
        • Notifications
        • Payments
        • Deposit Switching
        • Support
        • Vault
        • Storage
        • Monitoring
        • Analytics
  • 🖥️WEB FEATURES
    • Page 2
  • 📱Mobile App Features
    • Project File Structure
    • Figma Tokens Integration
    • Core Module
      • Core UI Components
        • Atoms
        • Molecules
        • Organisms
        • Templates
      • Core Elements
      • Hooks
        • Force update
      • Endpoints used
      • States And Selectors
        • contentsDocuments
    • Modules
      • [New Feature Template]- Feature Name
        • UI Components - Template
          • Atoms
          • Molecules
          • Organisms
          • Templates
        • Hooks - Template
        • Endpoints Used
        • States and Selectors - Template
      • 📥KYC
        • Alloy
        • Baas
          • UI Components
            • Templates
          • Hooks - Template
          • Endpoints Used
          • States and Selectors - Template
        • common
          • UI Components
            • Templates
          • Endpoints Used
      • 🤝Aggregators
        • Plaid
          • Plaid/Rize notification before disabling account
      • 🤖Analytics
        • Amplitude
      • 🔐Authentication
        • Hooks
        • Auth0
          • Hooks
            • Login
            • Forgot password
          • 📧Verify Email
            • Hooks
        • Biometrics
          • Hooks
        • Auto Logout
        • States And Selectors
          • Authentication
      • 💰BaaS
        • Common
          • BaaS Navigation
          • External Accounts
          • UI Components
            • Molecules
            • Organisms
            • Templates
          • Hooks
            • Statements
            • Recurrent Transfers
            • Cards
              • Get Full Card
              • Lock and Unlock
              • Request Physical Debit Card
              • Reissue Debit Card
              • Set / Reset Debit Card Pin
            • Transfer
          • States And Selectors
            • Customer
            • Accounts
            • Cards
            • Transactions
          • Endpoints used
          • Constants
            • ACH_SERVICES
        • treasury
          • Constants
            • CONFIG_VALUES
      • 🛂Client Support
      • 🐛Error and Crash Reporting
        • Crashlytics
      • ℹ️Info Onboarding
        • States and Selectors
        • Hooks
          • Physical Card Request
      • 🌯Linker Wrapper
        • Linker Wrapper Messages Structure
        • Linker Wrapper Features
          • Push Notifications
            • Braze
          • In-App Purchase
      • 🛗MFA Verification Code
        • UI Components
          • Molecules
          • Templates
        • Hooks
        • Endpoints used
        • Configurable Constants
      • 🗞️Payroll
        • UI Components
          • Organisms
          • Templates
        • Hooks
        • States and Selectors
      • 📋PII Onboarding
        • UI Components
          • Atoms
          • Molecules
          • Organisms
          • Templates
        • Hooks
        • States and Selectors
      • 🔔Push Notifications
        • OneSignal
      • 🔧Settings
      • 🗄️Vault
        • VGS Show
        • VGS Collect
    • Cookbook
      • 🏦Neobank
        • Linked Functionalities
          • Edit Personal Details Linking
          • Request Physical Debit Card Linking
          • Get customer Data after SignUp/Login
  • ⛓️Backend API
    • Environments
    • Migrations
      • Configuration
      • Migration Commands
      • Base Model
      • Migration Structure
    • Seeds and Factories
      • Configuration
      • Seeds And Factories
    • SoftDelete
    • DB Fields Encryption
    • DB Structure
    • DB Configuration Table
      • API Endpoints
    • Orchestrator
    • Swagger
      • Setup
      • Decorators for Requests and Responses
      • Decorators for Controllers and HTTP Responses
      • Auth Decorator
      • Multiple Decorators
  • 🪙Finance Integrations
    • Recurring Transfers
      • Architecture
      • Jobs Server
      • Functionality
      • BaaS
        • Rize API Endpoints
        • Treasury Prime API Endpoints
        • Business Treasury Prime API Endpoints
    • BaaS
      • Rize
        • Env Variables
        • Rize API authentication
        • Onboarding
          • Customer Enrollment
          • Get Compliance Workflow
          • Acknowledge Compliance Workflow
          • Customer Complete Enrollment
        • KYC - Know Your Customer
          • Get KYC Documents
          • Upload KYC Document
        • Accounts
          • Get Customer Accounts
          • Get Customer Account By ID
          • Create Customer Account
          • Archive Customer Account
          • Get ACH Customer Accounts
        • Debit Cards
          • Get Debit Cards
          • Get Debit Card Image
          • Lock Debit Card
          • Unlock Debit Card
          • Create Physical Card
          • Activate Debit Card
          • Get Debit Card Set-Pin URL
          • Reissue Debit Card
        • Transactions
          • Get Transactions
        • Transfers
          • Internal Transfers
          • ACH transfers
        • Statements
          • Get Statements
          • Get Statement Document
        • Fake Transactions
        • Message Queue
        • Web Sockets
        • API Endpoints
          • Account Enums
          • Debit Card Enums
          • Transaction Enums
          • KYC Enums
      • Galileo
        • Environment Variables
        • Onboarding
          • Get Customer
          • Customer Enrollment
          • Customer Complete Enrollment
        • Customer Management
          • Get Profile
          • Update Profile
        • Accounts
        • Add Accounts
        • Card Management
          • Get Debit Cards
          • Get Image Card
          • Card Statuses
          • Debit Card Activation
          • Request Physical Card
          • Set PIN
          • Lock/Unlock
        • Transfer
        • Transactions
          • Get Transactions
          • Filter Transactions
        • ACH
          • Add ACH Account
          • Get ACH Accounts
          • Remove ACH Account
          • ACH Transactions
        • Statements
        • Plaid Integration
      • Synapse
        • Environment Variables
        • Terminology
        • Resources
        • API Endpoints
    • Aggregators
      • Add Account Service and new DB Table
      • Plaid
        • Plaid Configuration
        • Application Creation
        • Custom Application
        • Configure Single or Multi Accounts
        • Security Settings
        • Verification of Environment Variables
        • API Endpoints
        • Resources
        • Integrations
          • Rize
      • MX
        • Env Configuration
        • API Endpoints
  • 🔐Authentication
    • Auth0
      • Configuration
      • Protecting an endpoint
      • Email verification
      • API Reference
    • Twilio
      • 2FA
        • Verify Service Configuration
        • Verification Workflow
        • API Endpoints
  • 🪪 KYC
    • Persona
      • Configuration
      • Environment Variables
      • KYC Flow
  • ✉️ Mailings
    • Sendgrid
      • Configuration
      • Environment Variables
      • Send Email with Attachments
  • 🆘Supports
    • Zendesk
      • Configuration
      • API Endpoints
  • 📳NOTIFICATIONS
    • OneSignal
      • Schema
      • Setup
      • Environment Variables
      • API Endpoints
  • 🔐Security
    • VGS
      • Configuration
      • Rize Route Configuration
      • VGS Vault Basics
      • VGS Show
  • 🖥️MONITORING
    • New Relic
      • Configuration
      • Interceptor
  • 🧑‍🔧CONTENT ADMINISTRATOR
    • Notifications
    • Onboardings
      • DB Schema
      • Admin - API Endpoints
      • Client - API Endpoints
    • Documents
      • Document Category
      • Document
      • Client - API Endpoints
      • Admin - API Endpoints
    • App Versions
      • Device App Versions
      • API - Administrator
      • API - Client
  • 💵Payments
    • Stripe
      • Configuration
      • Customers
      • Sources
      • Authorization
      • Charges
      • API Endpoints
Powered by GitBook
On this page
  • When to use the Linker Show endpoint
  • How it works
  • How to create a new VGS Rule for the Linker Show endpoint

Was this helpful?

  1. Security
  2. VGS

VGS Show

PreviousVGS Vault BasicsNextNew Relic

Last updated 2 years ago

Was this helpful?

VGS Show is a way to reveal information from VGS to the final user without revealing the information to the backend, even when the external service doesn't return the information again.

Sometimes, the external service does not return the information that the final users needs, and because of that you cannot reveal that information to the final user. In these cases, you have to use the Linker Show endpoint.

You can find the endpoint in src/vault, but before that, you will need to configure some VGS rules to make it work.

When to use the Linker Show endpoint

You will only need to use this endpoint if you meet these 3 points:

  • You send the information to the external service but the external service doesn't return this information again. (Example: You send the SSN to create a customer but the external service doesn't return the full SSN again).

  • You want to show this information in the app. (Example: There is a screen in the frontend where you want to show the full SSN).

  • You don't want to save that raw information in your database (Example: The SSN).

How it works

Frontend sends the information to the external service flow

  1. The Linker app sends the information required for the endpoint.

  2. VGS tokenizes the information specified by the rules and returns it to Linker API.

  3. Linker API saves the token into the database.

Return the information to the frontend flow

  1. The app requests which token wants to reveal by sending the "type".

  2. Linker API searches the token by the type in the database and returns it.

  3. VGS intercepts that requests and replaces the token with the real information.

How to create a new VGS Rule for the Linker Show endpoint

If you want to create a new rule that will use the Show endpoint, you will have to do the following:

  1. Create the inbound rule to tokenize the information you want in the endpoint where the app sends that information.

In this example, we are tokenizing the SSN with a BaaS service in the /baas/customer-enrollment endpoint.

This is it, because we only have the SSN the first time the user sends it, but the BaaS doesn't return the SSN back at any time.

So if we want to show the SSN to the user at any other time, without saving that raw information in our database, we have to use the Show endpoint.

And because the token will be only available to us when the frontend sends the SSN in this endpoint, we have to make the storage persistent.

  1. In the Linker API, you will have to:

  • Save the token into the database in the endpoint you have mapped in the rule. In this case, we have mapped that the token will be the ssn in the body request, so we can take the ssn from the body in our endpoint and save it in the table that makes most sense. In this example, the ssn tokenized will be save into the User table.

  • Create a type in the src/vault/enums/token-type.enum.ts file.

src/vault/enums/token-type.enum.ts
export enum TokenType {
  SSN = 'ssn',
}

This will let the Linker app send a request to the Show endpoint with this new type.

  • Create the logic to get the token in the Show endpoint in src/vault/vault.service.ts.

src/vault/vault.service.ts
switch (showDto.type) {
  case TokenType.SSN:
    token = user.ssn;
    break;
}

In this case, we are setting the token variable to the tokenized ssn we have saved previously.

  • Make sure that you have the Show rule in your inbound rules.

This rule will be given to you in the YAML file of the inbound route.

What this rule does is take the response from Linker Show endpoint and send the raw information to the linker app depending on the token we have returned.

To understand this VGS rule, you must have an understanding between vs routes, vs storages, vs phases and vs operations.

🔐
inbound
outbound
volatile
persistent
on request
on response
redact
reveal
Linker application sends the information
Linker returns the token
Inbound rule tokenizing the SSN