Purpose
Back To HomeThis Client Integration Guide provides the information required for a successful implementation of receiving and returning stacked/indexed/audited Loan Packages and order status using the CLIENT API integration.
This document is created, maintained, and distributed by Avanze Tech Labs Inc. to communicate the implementation requirements to their vendors/MAXs. Avanze supports the contents included in the Provider Implementation Guide when the document originates from Avanze.
Client ID
Client will be sending the order request and other respective events with the following ClientID’s. Client should confirm that all CLIENT ClientID’s are configured in their appropriate environment.
Environment | Client ID | Client Name |
---|---|---|
UAT | XYZTEST123 | XYZ |
PROD | XYZPROD123 | XYZ |
Products
Client will be ordering the following products through CLIENT. This product listing contains all possible products that Avanze will deliver through the CLIENT platform. Customers should refer to their specific subscription agreement with Avanze and configure the products that are subscribed for this implementation
Product Code | Product Name |
---|---|
1 | Lien Release |
2 | Assignment |
Connectivity Detail
HTTP Post
The HTTP Post Method may be implemented for the purpose of inbound event transmission. Client can send files via HTTP and will receive an XML Response informing them of the status of their submission. This is most frequently used in integrations for the posting. HTTP Posting can also be used as a delivery method for integration MAXs who choose to receive files via HTTP. HTTPS or SSL (Secure Sockets Layer) is the most common implementation of this method, due to SSL’s security benefits.
Integration Clients may also choose to develop an HTTP Receiver of their own, in which they would receive via HTTP Post. Following URL will be used by integration to post inbound events to CLIENT API application which will route the events to CLIENT application.
Environment | URL |
---|---|
UAT | https://avanzeapi.com/mortgagesats/organization/integration |
PROD | https://avanzeapi.com/module/organization/integration |
Authorization through POST Parameters
Password = [PASSWORD]
Username and password value used to authenticate incoming request. These values are defined in CLIENT API application for each integrator.
Authorization through Header
Instead of sending credentials in plain text through post parameters, an authenticated request includes the Authorization Header Variable. If this header is not included, the request is anonymous and may not succeed against API services.
To authenticate a request, you must encode the combined username and password in the request.
The format for the Authorization header is as follows:
Authorization: Basic [Encoded-Base64-String]
Constructing the Basic Authentication
Username and password are combined into a string “username:password”
The result string is then encoded using Base64.
In Header authorization, add “Basic” before the encoded string. There should be space in between “Basic” and encoded string
Authorization through POST Parameters
Token-based authentication is a protocol which allows users to verify their identity, and in return receive a unique access token. During the life of the token, users then access the website or app that the token has been issued for, rather than having to re-enter credentials each time they go back to the same webpage, app, or any resource protected with that same token.
Auth tokens work like a stamped ticket. The user retains access as long as the token remains valid. Once the user logs out or quits an app, the token is invalidated.
Token-based authentication is different from traditional password-based or server-based authentication techniques. Tokens offer a second layer of security, and administrators have detailed control over each action and transaction.
Token Authentication in 4 Easy Steps:
Use a token-based authentication system, and visitors will verify credentials just once. In return, they'll get a token that allows access for a time period you define.
The process works like this:
Request: The person asks for access to a server or protected resource. That could involve a login with a password, or it could involve some other process you specify. Verification: The server determines that the person should have access. That could involve checking the password against the username, or it could involve another process you specify. Tokens: The server communicates with the authentication device, like a ring, key, phone, or similar device. After verification, the server issues a token and passes it to the user. Storage: The token sits within the user's browser while work continues.
If the user attempts to visit a different part of the server, the token communicates with the server again. Access is granted or denied based on the token.
Administrators set limits on tokens. You could allow a one-use token that is immediately destroyed when the person logs out. Or you could set the token to self-destruct at the end of a specified time period.
A JSON Web Token consists of three parts: Header, Payload and Signature. The header and payload are Base64 encoded, then concatenated by a period, finally the result is algorithmically signed producing a token in the form of header.claims.signature. The header consists of metadata including the type of token and the hashing algorithm used to sign the token. The payload contains the claims data that the token is encoding. The final result looks like:
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXNzYWdlIjoiSldUIFJ1bGVzISIsImlhdCI6MTQ1OTQ0ODExOSwiZXhwIjoxNDU5NDU0NTE5fQ.-yIVBD5b73C75osbmwwshQNRC7frWUYrqaTjTpza2y4
Authorization through POST Parameters
client_id | [USER] |
client_secret | [PASSWORD] |
scope | Integrations |
The Integration sends a POST request with following body parameters to the authorization server:
The authorization server will respond with a JSON object containing the following properties:
The access token is active for 15 minutes, up to a maximum of 120 minutes (2 hours). To avoid expiration, the access token must be used (by calling an API) at least once every 15 minutes. Active minutes and expiration duration are configurable based on the Integration requirements.
Event Code | Event Name | Type | Event Definition |
---|---|---|---|
No records |
*Mandatory
Inbound - Events receiving from client.
Outbound - Events sending from MAX.
Workflow Diagram:


Order Placement 1. CLIENT will create the Order Requests (CLIENT API Event AT11). 2. CLIENTAPI will route the orders to MSATS.
Confirmation of the orders 3. MSATS will confirm the request (CLIENTAPI Event AT12) for the order. 4. If MSATS does not accept the order, MSATS will decline the order by sending Order Not Accepted by MSATS (CLIENTAPI Event AT13) on the order.
Order Process 5. When the order is complete, MSATS will upload the documents using Document Delivered by MSATS with product data(CLIENTAPI Event AT14).
Completion of Order 6. Upon completion of the order, MSATS will send Order Completed (CLIENTAPI Event AT50) to the order to indicate the order is complete.
General Use Events 7. MSATS should post any notes or events to CLIENT by sending Notes (CLIENTAPI Event AT15) on the applicable order. Notes (CLIENTAPI Event AT15) will also be utilized by the CLIENT on the applicable order to relay information to CLIENT 8. The MSATS and/or CLIENT may communicate that the order is on hold by sending Order On-Hold (CLIENTAPI Event AT21) event. The Order Resume (CLIENTAPI Event AT23) is sent to resume an order that has been put on hold (CLIENTAPI Event AT21). 9. The Client sends this event to the MSATS to get the current status of the order (CLIENTAPI Event AT30) event. 10. The MSATS sends this event to the CLIENT to notify the current status of the order (CLIENTAPI Event AT31) event 11. If either the CLIENT or MSATS needs to cancel the order at any time, Order Cancelled(CLIENTAPI Event AT22) should be sent on the order to be cancelled.
AT11 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT11 |
EventName | O | Name of the event. Eg: PlaceOrder |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
Comments | O | Comments |
LoanNumber | R | Loan Number |
ProductCode | R | ProductCode is mentioned in Product Section |
ProductName | O | ProductName is mentioned in Product Section |
PaidInFullDate | R | Date of loan amount paid (yyyy-mm-dd) |
OriginalLoanDate | R | Actual loan date (yyyy-mm-dd) |
OriginalLoanBalance | R | Actual loan amount pending |
BorrowerPaidFee | R | Borrower paid amount |
CustodianOfRecord | O | Custodian Of Record |
AssignmentDateTime | R | Assignment Date Time (yyyy-mm-dd) |
BorrowerName | R | Borrower name |
BorrowerEmail | R | Borrower email id |
CoBorrowerName | O | Co-Borrower name |
CoBorrowerEmail | O | Co-Borrower email id |
Transaction > Property | ||
Address1 | R | Property address |
Address2 | R | Property address |
State | R | Property state code |
County | R | Property county |
City | R | Property city |
Zipcode | R | Property zipcode |
Transaction > DocumentList | ||
Count | R | No of documents count |
Transaction > DocumentList > Document | ||
FileName | R | File Name |
FileType | R | Document type. Eg: PDF |
If FileSource is Base 64 | ||
EncodingType | R | Encoded format. Eg: Base64 |
Content | R | Encoded content of the file |
If FileSource is S3/SFTP/LINK | ||
File Path | R | File path of the attachment |
AT12 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT12 |
EventName | O | Name of the event. Eg: AcceptOrder |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
OrderNumber | R | Order number of the MSATS application |
Comments | O | Comments |
AT13 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT13 |
EventName | O | Name of the event. Eg: RejectOrder |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
Comments | O | Comments |
AT14 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT14 |
EventName | O | Name of the event. Eg: ProductDelivery |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
OrderNumber | R | Order number of the provider |
Comments | O | Comments |
Transaction > ProductData | ||
PropertyAddress1 | R | Property address |
PropertyAddress2 | R | Property address |
PropertyCityName | R | Property located city |
PropertyStateName | R | State code |
PropertyCountyName | R | County |
PropertyZipCode | R | Zipcode |
BorrowerNameFirst | R | Borrower first name |
BorrowerNameMiddle | R | Borrower middle name |
BorrowerNameLast | R | Borrower last name |
NoteDate | R | Date (yyyy-mm-dd) |
LoanAmount | R | Loan amount |
MaturityDate | R | Date (yyyy-mm-dd) |
MERSDescription | R | MERS Description |
ReturnToOrg | R | Return Organization |
ReturnAddress1 | R | Address line 1 |
ReturnAddress2 | R | Address line 2 |
ReturnCityName | R | City |
ReturnStateCode | R | State code |
ReturnZipCode | R | Zip code |
TaxID | R | Tax ID |
MERSPhoneNo | R | Phone |
AssignorName | R | Assignor name |
MortgageDated | R | Mortgage Date |
DocumentNumber | R | Document Number |
Trustee | R | Trustee |
MIN | R | MIN number |
Lender | R | Lender |
LenderName | R | Lender Name |
LenderAddress | R | Lender Address |
RecordedDate | R | Recorded Date |
LegalDescription | R | Legal description |
NotaryDateOfExpiration | R | Date |
Notary | R | Notary Name |
NotaryAck | R | Notary ACK Description |
NotaryCountyName | R | County |
SignorTitle | R | Signor Title Information |
Signor | R | Signor Name |
EndorserName | R | Endorser Name |
AssignorAddress1 | R | Assignor Address1 |
AssignorAddress2 | R | Assignor Address2 |
AssignorCityName | R | Assignor city |
AssignorStateName | R | Assignor state |
AssignorZipCode | R | Assignor Zipcode |
AssigneeName | R | Assignee Name |
AssigneeAddress1 | R | Assignee Address1 |
AssigneeAddress2 | R | Assignee Address2 |
AssigneeCityName | R | Assignee city |
AssigneeStateName | R | Assignee state |
AssigneeZipCode | R | Assignee Zipcode |
BorrowerName | R | Borrower Name |
Book | R | Book |
Page | R | Page |
NotaryStateName | R | State |
Witness1 | R | Witness Name1 |
PrintDate | R | Print Date (yyyy-mm-dd) |
DeedOfTrustDated | R | Deed of Trust Dated (yyyy-mm-dd) |
Witness2 | R | Witness Name2 |
SecurityDeedDate | R | Security Deed Date (yyyy-mm-dd) |
LoanNumber | R | Loan number |
SIS | R | SIS |
Mortgagor | R | Mortgagor Name |
Mortgagee | R | Mortgagee Name |
Instrument | R | Instrument |
DatedDate | R | Dated Date (yyyy-mm-dd) |
ExecutedDate | R | Executed Date (yyyy-mm-dd) |
OwnerName | R | Owner name |
Designation | R | Designation |
ReturnPhoneNo | R | Phone number |
MERSMailingAddress | R | MERS Mailing Address |
PreparedBy | R | The person who prepared the document |
PreparedByOrg | R | The organization who prepared the document |
PreparedByAddress1 | R | Address line1 |
PreparedByAddress2 | R | Address line2 |
PreparedByCityName | R | City name |
PreparedByStateCode | R | State |
PreparedZipCode | R | Zipcode |
PreparedByPhoneNo | R | Phone number |
Transaction > DocumentList | ||
Count | R | No. of documents attached |
Transaction > DocumentList > Document | ||
FileName | R | File name |
FileType | R | Document type. Eg: PDF |
If FileSource is Base 64 | ||
EncodingType | R | Encoded format. Eg: Base64 |
Content | R | Encoded content of the file |
If FileSource is S3/SFTP/LINK | ||
File Path | R | File path of the attachment |
AT15 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT15 |
EventName | O | Name of the event. Eg: AddNotes |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
OrderNumber | R | Order number of the MSATS application |
Comments | O | Comments |
AT21 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT21 |
EventName | O | Name of the event. Eg: HoldOrder |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
OrderNumber | R | Order number of the MSATS application |
Comments | O | Comments |
AT22 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT22 |
EventName | O | Name of the event. Eg: CancelOrder |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
OrderNumber | R | Order number of the MSATS application |
Comments | O | Comments |
AT23 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT23 |
EventName | O | Name of the event. Eg: ResumeOrder |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
OrderNumber | R | Order number of the MSATS application |
Comments | O | Comments |
AT30 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT30 |
EventName | O | Name of the event. Eg: GetStatus |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
OrderNumber | R | Order number of the MSATS application |
Comments | O | Comments |
AT31 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT31 |
EventName | O | Name of the event. Eg: OrderStatus |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
OrderNumber | R | Order number of the MSATS application |
OrderStatus | O | Current status of the order |
Comments | O | Comments |
AT45 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT11 |
EventName | O | Name of the event. Eg: PlaceOrder |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
OrderNumber | O | OrderNumber of MAX Application |
Comments | O | Comments |
LoanNumber | R | Loan Number |
ProductCode | R | ProductCode is mentioned in Product Section |
ProductName | O | ProductName is mentioned in Product Section |
PaidInFullDate | R | Date of loan amount paid (yyyy-mm-dd) |
OriginalLoanDate | R | Actual loan date (yyyy-mm-dd) |
OriginalLoanBalance | R | Actual loan amount pending |
BorrowerPaidFee | R | Borrower paid amount |
CustodianOfRecord | O | Custodian Of Record |
AssignmentDateTime | R | Assignment Date Time (yyyy-mm-dd) |
BorrowerName | R | Borrower name |
BorrowerEmail | R | Borrower email id |
CoBorrowerName | O | Co-Borrower name |
CoBorrowerEmail | O | Co-Borrower email id |
Transaction > Property | ||
Address1 | R | Property address |
Address2 | R | Property address |
State | R | Property state code |
County | R | Property county |
City | R | Property city |
Zipcode | R | Property zipcode |
Transaction > DocumentList | ||
Count | R | No of documents count |
Transaction > DocumentList > Document | ||
FileName | R | File Name |
FileType | R | Document type. Eg: PDF |
If FileSource is Base 64 | ||
EncodingType | R | Encoded format. Eg: Base64 |
Content | R | Encoded content of the file |
If FileSource is S3/SFTP/LINK | ||
File Path | R | File path of the attachment |
AT50 Sample:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: AT50 |
EventName | O | Name of the event. Eg: OrderComplete |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
OrderNumber | R | Order number of the MAX application |
Comments | O | Comments |
Acknowledgement:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: ACK |
EventName | O | Name of the event. Eg: Acknowledgement |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
Negative Acknowledgement:
Field Name | R/O | Description |
---|---|---|
Header | ||
Created | R | Request created date time (2021-06-10T14:18:42+00:00 (W3C)) |
SourceApp | R | Name of Source application |
SourceVer | R | Application version |
SourceEnv | R | Source application environment. Eg: UAT/DEV/PROD |
EventCode | R | Requested Event Code. Eg: NACK |
EventName | O | Name of the event. Eg: NegativeAcknowledgement |
ClientID | R | ClientID (mentioned under purpose section) |
CorrelationIdentifier | R | Unique number/Hash for the event |
Transaction | ||
TransactionID | R | Order number of the client application |
Transaction > Errors | ||
ErrorCode | R | Error code |
ErrorType | R | Type of error received |
Description | R | Describes about the error |