Trey Teter

Software Engineer

November 2022 Newsletter

Partner Go-Live announcements!


We are excited to announce two new Q2 Accelerator Partners: Honest Policy and Directlink!

Directlink is a leading-edge voice + digital banking platform. Powered by conversational AI technology, Directlink enables banks and credit unions to deploy and manage intelligent virtual assistants across channels - optimizing customer service via hyper-personalized interactions. Directlink offers integrations with cores and fintech solutions to orchestrate a connected ecosystem within your tech stack. Directlink makes connecting with your customers easy, seamless and affordable.

Honest Policy is a consumer advocacy insurance technology company. We work to help consumers make data-driven insurance purchases by providing a wide spectrum of reviews, public complaint data, and other in-depth research tools so our customers can feel confident they are making the smartest purchasing decisions.

Visit the digital catalog today to learn more or bring Honest Policy or Directlink to your institution!

SDK Deployment Freeze

Due to year-end activities, we are suspending deployments during the following effective freeze dates:

December 19, 2022 - January 3, 2023 – Resume on January 4th

Inherited Gitlab Pipeline

Since the beginning of the SDK, every SDK Gitlab Pipeline had a relatively standard gitlab-ci.yml file. This file would handle deployment checks, linting, and tests, later including mirroring to Q2’s internal code storage, and auto dockerizing and deployments to Staging Environments. This file contained only basic information, and over 90% of repos had some deviation of those basic steps. These were all coded directly into each individual file and because there were hundreds of files, if there was a bug there was no way for the Innovation Studio team to fix them in any easy way without painstakingly updating each file individually.

Thus, the team came up with a solution. It still involved changing all of the files, but a script was written that converted over 90% of them and the last 10% or so were done by hand. Instead of simply fixing the problems, the team found a solution to have all the pipelines inherit from a single file that all external developers can see on The team is currently working through all the problems.

Fixes that have already happened include:

  • Python versions are calculated based on the SDK version.
  • Wheel is installed before installing the dependencies for a nice speed bump.
  • If requirements_dev.txt exists it will install those before running the pipelines.

Look forward to additional improvements in the future.

Audit Action Handler Type

Q2 Digital Banking has a long list of items that are stored in the audit table. There are thousands of different events that get stored from login to funds transfer. These audits are all stored in the Q2_AuditAction table. In production, this table is designed to be written to thousands of times a minute or more. Thus, the Q2 team is very careful whenever something touches or is close to the Audit Action Table. Internal and external developers alike have had the desire to work with this table and do certain actions after an action has happened. Because the table structure was designed the way it was, there was no easy way to allow this to be developed on a per-extension basis. It was possible, just not easy, and not clean. Enter Audit Action Handlers. This new extension type allows a simple method to be written that will be called right after the audit action is written with all the information that is available in a simple object. See the documentation on this new method on

Auto certificate rotation solution for

The Q2 Developer Portal has an auto certificate rotation script that creates a new certificate periodically. This in and of itself isn’t very interesting, but there are several different projects that are dependent on this certificate. Thus, when the rotation happened, these projects would have problems because they are expecting one certificate but getting another. The solution that has both incredible speed and consistency is to enable to have multiple certificates, and when signs a token that token is signed with the newest certificate. When that token is presented to a service, it checks the cache to see if that certificate is valid. If the certificate is not valid then it dumps the cache and pulls the certificates from and double-checks. This is a cool piece because it required updates to, the authorizer for Caliper API, Caliper API, and the local dev API. All these updates happened with near zero downtime even though these services are constantly in use. This update also will contribute to much better uptime for all those services.

SDK News Corner

Local Development Improvements

Local development has been improved with the following enhancements:

  • Setting up for local development has been made easier with video set up guides. There are now video guides both for using the caliper_admin tool and setting up your VS Code development environment.
  • If the access token is missing the Email scope,which is normally given in detail, a logging message that explicitly asks you to add it.
  • Running q2 check will now check for files not checked into git.
  • There is now support for file storage in S3 using Ardent File storage. This allows testing this piece explicitly instead of mocking it.

Transactions documentation

The preferred method from the Innovation Studio team to get transaction data is to call the GetAccountHistoryByIdWindowed method. This is the safest and most speed-optimized method to get transaction details. See how to call this method with dedicated documentation on

self.online_user improvements

There are a few items that are occasionally not sent in the initial request by HQ even though the database has this information. This has caused many instances of inconsistent bugs and other issues for developers. To fix this inconsistency, if DateOfBirth, UserRole, IsCompany, IsTreasury, or IsCommercial are not passed in the initial request then the database will be called to retrieve any missing objects.

Online Integration documentation

There is now a dedicated guide for both Unauthenticated Tecton extensions and adding Dynamic content blocks to Online banking’s composable dashboard.

DBObject improvements

There are three new DBObjects:

  • AuditHTTPHeaders represents the HTTP Headers sent by the client at login. This includes items such as User-Agent, URL, HTTP_COOKIE, CONTENT_TYPE, and so on.
  • HqAuthTokenType accesses the table responsible for the Authentication Token Types available in this environment.
  • FundsTransfer gives get access to all the funds transfers that have occurred.

The Innovation Studio team also released the following additional improvements for DBObjects:

Portal News

Email Notifications for new catalog apps

You can now sign up to receive notifications at when a new app is added to the catalog. You can now sign up to receive formal notifications here. You can select whether to receive notifications for apps that are coming soon, apps that are published, or both.

Tecton News

Window.onload event

In web Javascript, there is a window.onload event that can be triggered manually by developers. Now when that event gets triggered it will call the Tecton method resizeIframe. This will allow the page to automatically show the proper content without requiring the extension developer to also call resizeIframe after causing the window.onload event to happen.

New Team Member

Anthony Post joins the Innovation Studio from the Productized Extension team to focus on improving internal tools like the CDM and subsequently, the SDK. Having just over 5 years of experience here at Q2, Anthony hopes to learn as much as possible while continuing to enrich and strengthen the experience of working in the Innovation Studio ecosystem. Anthony likes to collect vintage keyboards, plays a lot of RPGs and is a long time Star Trek nerd.

Latest Releases

Caliper SDK (Python) 2.157.0 - CHANGELOG

Tecton SDK (Javascript) 1.19.1 - CHANGELOG

Marketplace (Python) 0.8.7 - CHANGELOG

Caliper API (Python) 1.16.0 - CHANGELOG