-
API
-
The terms `API` (Application Programming Interface) and `Endpoint` are used somewhat interchangeablyMore...
- Create Bank Level Endpoint Tag
- Create System Level Endpoint Tag
- Delete Bank Level Endpoint Tag
- Delete System Level Endpoint Tag
- Get API Configuration
- Get API Info (root)
- Get Adapter Info
- Get Adapter Info for a bank
- Get Bank Level Endpoint Tags
- Get Connector Status (Loopback)
- Get JSON Web Key (JWK)
- Get JSON Web Key (JWK) URIs
- Get Mapper Database Info
- Get Rate Limiting Info
- Get Suggested Session Timeout
- Get System Level Endpoint Tags
- Get the Call Context of a current call
- Update Bank Level Endpoint Tag
- Update System Level Endpoint Tag
- Verify Request and Sign Response of a current call
- Waiting For Godot
-
-
ATM
- Create ATM
- Create ATM Attribute
- Delete ATM
- Delete ATM Attribute
- Get ATM Attribute By ATM_ATTRIBUTE_ID
- Get ATM Attributes
- Get Bank ATM
- Get Bank ATMS
- Head Bank ATMS
- UPDATE ATM
- Update ATM Accessibility Features
- Update ATM Attribute
- Update ATM Location Categories
- Update ATM Notes
- Update ATM Services
- Update ATM Supported Currencies
- Update ATM Supported Languages
-
Account
-
The thing that tokens of value (money) come in and out of. An account has one or more `owners` whichMore...
- Check Available Funds
- Create Account (POST)
- Create Account (PUT)
- Create Account Attribute
- Create or Update Account Attribute Definition
- Delete Account Attribute Definition
- Delete Account Cascade
- Get Account Access by USER_ID
- Get Account Attribute Definition
- Get Account Balances
- Get Account Balances by BANK_ID
- Get Account Balances by BANK_ID
- Get Account Balances by BANK_ID and ACCOUNT_ID through the VIEW_ID
- Get Account by Account Routing
- Get Account by Id (Core)
- Get Account by Id (Core) through the VIEW_ID
- Get Account by Id (Full)
- Get Accounts Held
- Get Accounts Minimal for a Customer
- Get Accounts at Bank
- Get Accounts at Bank (IDs only)
- Get Accounts at Bank (Minimal)
- Get Accounts at all Banks (private)
- Get Accounts by Account Routing Regex
- Get Checkbook orders
- Get Fast Firehose Accounts at Bank
- Get Firehose Accounts at Bank
- Update Account
- Update Account Attribute
- Update Account Label
- Validate and check IBAN
-
-
Account Access
-
Account Access governs access to Bank Accounts by end Users. It is an intersecting entity between tMore...
- Create (DAuth) User with Account Access
- Grant User access to View
- Revoke User access to View
-
-
Api Collection
- Create My Api Collection
- Create My Api Collection Endpoint
- Create My Api Collection Endpoint By Id
- Delete My Api Collection
- Delete My Api Collection Endpoint
- Delete My Api Collection Endpoint By Id
- Delete My Api Collection Endpoint By Id
- Get All API Collections
- Get Api Collection Endpoints
- Get Api Collections for User
- Get Featured Api Collections
- Get My Api Collection By Id
- Get My Api Collection By Name
- Get My Api Collection Endpoint
- Get My Api Collection Endpoints
- Get My Api Collection Endpoints By Id
- Get My Api Collections
- Get Sharable Api Collection By Id
- Update My Api Collection By API_COLLECTION_ID
-
Bank
-
A Bank (aka Space) represents a financial institution, brand or organizational unit under which resMore...
- Create Bank
- Create Bank Attribute
- Create Settlement Account
- Create Transaction Type at bank
- Create or Update Bank Attribute Definition
- Delete Bank Attribute
- Delete Bank Cascade
- Get Bank
- Get Bank Attribute By BANK_ATTRIBUTE_ID
- Get Bank Attributes
- Get Settlement accounts at Bank
- Get Transaction Types at Bank
- Update Bank
- Update Bank Attribute
-
-
Connector Method
-
Developers can override all the existing Connector methods. This function needs to be used togethMore...
- Create Connector Method
- Get Connector Method by Id
- Get all Connector Methods
- Update Connector Method
-
-
Consent
-
Consents provide a mechanism by which a third party App or User can access resources on behalf of aMore...
- Add User to a Consent
- Answer Consent Challenge
- Create Consent (EMAIL)
- Create Consent (IMPLICIT)
- Create Consent (SMS)
- Create Consent By CONSENT_REQUEST_ID (EMAIL)
- Create Consent By CONSENT_REQUEST_ID (IMPLICIT)
- Create Consent By CONSENT_REQUEST_ID (SMS)
- Create Consent Request
- Create Consent Request VRP
- Get Consent By Consent Id
- Get Consent By Consent Id
- Get Consent By Consent Request Id
- Get Consent Request
- Get Consents
- Get Consents Info
- Provide client's certificate info of a current call
- Revoke Consent
- Revoke Consent at Bank
- Revoke Consent used in the Current Call
- Update Consent Status
-
-
Consumer
-
The "consumer" of the API, i.e. the web, mobile or serverside "App" that calls on the OBP API on beMore...
- Enable or Disable Consumers
- Get Call Limits for a Consumer
- Get Consumer
- Get Consumers
- Get Consumers (logged in User)
- Post a Consumer
- Set Rate Limits / Call Limits per Consumer
- Update Consumer RedirectUrl
-
-
Counterparty
- Create Counterparty (Explicit)
- Create Counterparty for any account (Explicit)
- Delete Counterparty (Explicit)
- Delete Counterparty for any account (Explicit)
- Get Counterparties (Explicit)
- Get Counterparties for any account (Explicit)
- Get Counterparty by Id (Explicit)
- Get Counterparty by Id for any account (Explicit)
- Get Counterparty by name for any account (Explicit)
- Get Other Account by Id
- Get Other Accounts of one Account
-
Counterparty Metadata
- Add Corporate Location to Counterparty
- Add Counterparty More Info
- Add Open Corporates URL to Counterparty
- Add image url to other bank account
- Add physical location to other bank account
- Add public alias to other bank account
- Add url to other bank account
- Create Other Account Private Alias
- Delete Counterparty Corporate Location
- Delete Counterparty Image URL
- Delete Counterparty Open Corporates URL
- Delete Counterparty Physical Location
- Delete Counterparty Private Alias
- Delete Counterparty Public Alias
- Delete more info of other bank account
- Delete url of other bank account
- Get Other Account Metadata
- Get Other Account Private Alias
- Get public alias of other bank account
- Update Counterparty Corporate Location
- Update Counterparty Image Url
- Update Counterparty More Info
- Update Counterparty Physical Location
- Update Counterparty Private Alias
- Update Open Corporates Url of Counterparty
- Update public alias of other bank account
- Update url of other bank account
-
Customer
-
The legal entity that has the relationship to the bank. Customers are linked to Users via `User CusMore...
- Create Address
- Create Customer
- Create Customer Account Link
- Create Customer Attribute
- Create Customer Social Media Handle
- Create Tax Residence
- Create User Customer Link
- Create or Update Customer Attribute Definition
- Delete Customer Account Link
- Delete Customer Address
- Delete Customer Attribute
- Delete Customer Attribute Definition
- Delete Customer Cascade
- Delete Tax Residence
- Delete User Customer Link
- Get CRM Events
- Get Correlated Entities for the current User
- Get Correlated User Info by Customer
- Get Customer Account Link by Id
- Get Customer Account Links by ACCOUNT_ID
- Get Customer Account Links by CUSTOMER_ID
- Get Customer Addresses
- Get Customer Attribute By Id
- Get Customer Attribute Definition
- Get Customer Attributes
- Get Customer Overview
- Get Customer Overview Flat
- Get Customer Social Media Handles
- Get Customer by CUSTOMER_ID
- Get Customer by CUSTOMER_NUMBER
- Get Customers Minimal at Any Bank
- Get Customers Minimal at Bank
- Get Customers at Any Bank
- Get Customers at Bank
- Get Customers by MOBILE_PHONE_NUMBER
- Get Customers for Current User
- Get Customers for Current User (IDs only)
- Get Firehose Customers
- Get My Customers
- Get My Customers at Bank
- Get Tax Residences of Customer
- Get User Customer Links by Customer
- Get User Customer Links by User
- Update Customer Account Link by Id
- Update Customer Attribute
- Update the Address of a Customer
- Update the Branch of a Customer
- Update the credit limit of a Customer
- Update the credit rating and source of a Customer
- Update the email of a Customer
- Update the identity data of a Customer
- Update the mobile number of a Customer
- Update the number of a Customer
- Update the other data of a Customer
-
-
Dynamic Endpoint Manage
-
If you want to create endpoints from Swagger / Open API specification files, use Dynamic EndpointsMore...
- Delete Bank Level Dynamic Endpoint
- Delete Dynamic Endpoint
- Get Bank Level Dynamic Endpoint
- Get Dynamic Endpoints
- Update Bank Level Dynamic Endpoint Host
- Update Dynamic Endpoint Host
- Create Bank Level Dynamic Endpoint
- Create Dynamic Endpoint
- Delete My Dynamic Endpoint
- Get Bank Level Dynamic Endpoints
- Get Dynamic Endpoint
- Get My Dynamic Endpoints
-
-
Dynamic Entity Manage
-
Dynamic Entities can be used to store and retrieve custom data objects (think your own tables andMore...
- Create Bank Level Dynamic Entity
- Create System Level Dynamic Entity
- Delete Bank Level Dynamic Entity
- Delete My Dynamic Entity
- Delete System Level Dynamic Entity
- Get Bank Level Dynamic Entities
- Get My Dynamic Entities
- Get System Dynamic Entities
- Update Bank Level Dynamic Entity
- Update My Dynamic Entity
- Update System Level Dynamic Entity
-
-
Dynamic Message Doc
-
In OBP we represent messages sent by a Connector method / function as MessageDocs. A MessageDoc dMore...
- Create Bank Level Dynamic Message Doc
- Create Dynamic Message Doc
- Delete Bank Level Dynamic Message Doc
- Delete Dynamic Message Doc
- Get Bank Level Dynamic Message Doc
- Get Dynamic Message Doc
- Get all Bank Level Dynamic Message Docs
- Get all Dynamic Message Docs
- Update Bank Level Dynamic Message Doc
- Update Dynamic Message Doc
-
-
Dynamic Resource Doc
- A test endpoint
- Create Bank Level Dynamic Resource Doc
- Create Dynamic Resource Doc
- Create Dynamic Resource Doc endpoint code
- Delete Bank Level Dynamic Resource Doc
- Delete Dynamic Resource Doc
- Get Bank Level Dynamic Resource Doc by Id
- Get Dynamic Resource Doc by Id
- Get all Bank Level Dynamic Resource Docs
- Get all Dynamic Resource Docs
- Update Bank Level Dynamic Resource Doc
- Update Dynamic Resource Doc
-
Endpoint Mapping
-
Endpoint Mapping can be used to map each JSON field in a Dynamic Endpoint to different Dynamic EntiMore...
- Create Bank Level Endpoint Mapping
- Create Endpoint Mapping
- Delete Bank Level Endpoint Mapping
- Delete Endpoint Mapping
- Get Bank Level Endpoint Mapping
- Get Endpoint Mapping by Id
- Get all Bank Level Endpoint Mappings
- Get all Endpoint Mappings
- Update Bank Level Endpoint Mapping
- Update Endpoint Mapping
-
-
JSON Schema Validation
-
JSON Schema is "a vocabulary that allows you to annotate and validate JSON documents". By applyinMore...
- Create a JSON Schema Validation
- Delete a JSON Schema Validation
- Get a JSON Schema Validation
- Get all JSON Schema Validations
- Get all JSON Schema Validations - public
- Update a JSON Schema Validation
-
-
Method Routing
-
Open Bank Project can have different connectors, to connect difference data sources. We supportMore...
- Create MethodRouting
- Delete MethodRouting
- Get MethodRoutings
- Update MethodRouting
-
-
Product
- Create Product
- Create Product Attribute
- Create Product Fee
- Create or Update Product Attribute Definition
- Delete Product Attribute
- Delete Product Attribute Definition
- Delete Product Cascade
- Delete Product Fee
- Get Bank Product
- Get Product Attribute
- Get Product Attribute Definition
- Get Product Fee
- Get Product Fees
- Get Product Tree
- Get Products
- Update Product Attribute
- Update Product Fee
-
Role
- Add Entitlement for a User
- Create (DAuth) User with Roles
- Create Entitlement Request for current User
- Delete Entitlement
- Delete Entitlement Request
- Get Entitlement Requests for a User
- Get Entitlement Requests for the current User
- Get Entitlements and Permissions for a User
- Get Entitlements for One Bank
- Get Entitlements for User
- Get Entitlements for User at Bank
- Get Entitlements for the current User
- Get Roles
- Get all Entitlement Requests
- Get all Entitlements
-
Transaction
-
Transactions are records of successful movements of value into or out of an `Account`. OBP TransacMore...
- Create Transaction Attribute
- Create or Update Transaction Attribute Definition
- Delete Transaction Attribute Definition
- Delete Transaction Cascade
- Get Balancing Transaction
- Get Double Entry Transaction
- Get Firehose Transactions for Account
- Get Other Account of Transaction
- Get Transaction Attribute By Id
- Get Transaction Attribute Definition
- Get Transaction Attributes
- Get Transaction by Id
- Get Transactions for Account (Core)
- Get Transactions for Account (Full)
- Update Transaction Attribute
-
-
Transaction Metadata
- Add a Transaction Comment
- Add a Transaction Image
- Add a Transaction Narrative
- Add a Transaction Tag
- Add a Transaction where Tag
- Delete a Transaction Comment
- Delete a Transaction Image
- Delete a Transaction Narrative
- Delete a Transaction Tag
- Delete a Transaction Tag
- Get Transaction Comments
- Get Transaction Images
- Get Transaction Tags
- Get a Transaction Narrative
- Get a Transaction where Tag
- Update a Transaction Narrative
- Update a Transaction where Tag
-
Transaction Request
- Answer Transaction Request Challenge
- Create Historical Transactions
- Create Transaction Request (ACCOUNT)
- Create Transaction Request (ACCOUNT_OTP)
- Create Transaction Request (CARD)
- Create Transaction Request (COUNTERPARTY)
- Create Transaction Request (FREE_FORM)
- Create Transaction Request (REFUND)
- Create Transaction Request (SANDBOX_TAN)
- Create Transaction Request (SEPA)
- Create Transaction Request (SIMPLE)
- Create Transaction Request Attribute
- Create or Update Transaction Request Attribute Definition
- Delete Transaction Request Attribute Definition
- Get Transaction Request
- Get Transaction Request Attribute By Id
- Get Transaction Request Attribute Definition
- Get Transaction Request Attributes
- Get Transaction Request Types at Bank
- Get Transaction Request Types for Account
- Get Transaction Requests
- Save Historical Transactions
- Update Transaction Request Attribute
-
User
-
The entity that accesses the API with a login / authorisation token and has access to zero or moreMore...
- Answer User Auth Context Update Challenge
- Create My Personal User Attribute
- Create Non Personal User Attribute
- Create User
- Create User Auth Context
- Create User Auth Context Update Request
- Create password reset url
- Delete Non Personal User Attribute
- Delete User Auth Context
- Delete User's Auth Contexts
- Delete a User
- Get Logout Link
- Get My Personal User Attributes
- Get My Spaces
- Get Non Personal User Attributes
- Get User (Current)
- Get User Auth Contexts
- Get User Id (Current)
- Get User Lock Status
- Get User by USERNAME
- Get User by USER_ID
- Get User with Attributes by USER_ID
- Get Users by Email Address
- Get all Users
- Lock the user
- Refresh User
- Unlock the user
- Update My Personal User Attribute
-
-
API
- Create Bank Level Endpoint Tag
- Create System Level Endpoint Tag
- Delete Bank Level Endpoint Tag
- Delete System Level Endpoint Tag
- Get API Configuration
- Get API Info (root)
- Get Adapter Info
- Get Adapter Info for a bank
- Get Bank Level Endpoint Tags
- Get Connector Status (Loopback)
- Get JSON Web Key (JWK)
- Get JSON Web Key (JWK) URIs
- Get Mapper Database Info
- Get Rate Limiting Info
- Get Suggested Session Timeout
- Get System Level Endpoint Tags
- Get the Call Context of a current call
- Update Bank Level Endpoint Tag
- Update System Level Endpoint Tag
- Verify Request and Sign Response of a current call
- Waiting For Godot
-
ATM
- Create ATM
- Create ATM Attribute
- Delete ATM
- Delete ATM Attribute
- Get ATM Attribute By ATM_ATTRIBUTE_ID
- Get ATM Attributes
- Get Bank ATM
- Get Bank ATMS
- Head Bank ATMS
- UPDATE ATM
- Update ATM Accessibility Features
- Update ATM Attribute
- Update ATM Location Categories
- Update ATM Notes
- Update ATM Services
- Update ATM Supported Currencies
- Update ATM Supported Languages
-
Account
- Check Available Funds
- Create Account (POST)
- Create Account (PUT)
- Create Account Attribute
- Create or Update Account Attribute Definition
- Delete Account Attribute Definition
- Delete Account Cascade
- Get Account Access by USER_ID
- Get Account Attribute Definition
- Get Account Balances
- Get Account Balances by BANK_ID
- Get Account Balances by BANK_ID
- Get Account Balances by BANK_ID and ACCOUNT_ID through the VIEW_ID
- Get Account by Account Routing
- Get Account by Id (Core)
- Get Account by Id (Core) through the VIEW_ID
- Get Account by Id (Full)
- Get Accounts Held
- Get Accounts Minimal for a Customer
- Get Accounts at Bank
- Get Accounts at Bank (IDs only)
- Get Accounts at Bank (Minimal)
- Get Accounts at all Banks (private)
- Get Accounts by Account Routing Regex
- Get Checkbook orders
- Get Fast Firehose Accounts at Bank
- Get Firehose Accounts at Bank
- Update Account
- Update Account Attribute
- Update Account Label
- Validate and check IBAN
-
Account Access
-
Account Application
- Create Account Application
- Get Account Application by Id
- Get Account Applications
- Update Account Application Status
-
Account Metadata
-
Account Public
-
Api Collection
- Create My Api Collection
- Create My Api Collection Endpoint
- Create My Api Collection Endpoint By Id
- Delete My Api Collection
- Delete My Api Collection Endpoint
- Delete My Api Collection Endpoint By Id
- Delete My Api Collection Endpoint By Id
- Get All API Collections
- Get Api Collection Endpoints
- Get Api Collections for User
- Get Featured Api Collections
- Get My Api Collection By Id
- Get My Api Collection By Name
- Get My Api Collection Endpoint
- Get My Api Collection Endpoints
- Get My Api Collection Endpoints By Id
- Get My Api Collections
- Get Sharable Api Collection By Id
- Update My Api Collection By API_COLLECTION_ID
-
Authentication Type Validation
- Create an Authentication Type Validation
- Delete an Authentication Type Validation
- Get all Authentication Type Validations
- Get all Authentication Type Validations - public
- Get an Authentication Type Validation
- Update an Authentication Type Validation
-
Bank
- Create Bank
- Create Bank Attribute
- Create Settlement Account
- Create Transaction Type at bank
- Create or Update Bank Attribute Definition
- Delete Bank Attribute
- Delete Bank Cascade
- Get Bank
- Get Bank Attribute By BANK_ATTRIBUTE_ID
- Get Bank Attributes
- Get Settlement accounts at Bank
- Get Transaction Types at Bank
- Update Bank
- Update Bank Attribute
-
Bank Accounts (Dynamic Endpoint)
-
BankAccountTag1
-
Branch
-
Card
- Create Card
- Create Card Attribute
- Create or Update Card Attribute Definition
- Delete Card
- Delete Card Attribute Definition
- Get Card Attribute Definition
- Get Card By Id
- Get Cards for the specified bank
- Get cards for the current user
- Get status of Credit Card order
- Update Card
- Update Card Attribute
-
Connector Method
- Create Connector Method
- Get Connector Method by Id
- Get all Connector Methods
- Update Connector Method
-
Consent
- Add User to a Consent
- Answer Consent Challenge
- Create Consent (EMAIL)
- Create Consent (IMPLICIT)
- Create Consent (SMS)
- Create Consent By CONSENT_REQUEST_ID (EMAIL)
- Create Consent By CONSENT_REQUEST_ID (IMPLICIT)
- Create Consent By CONSENT_REQUEST_ID (SMS)
- Create Consent Request
- Create Consent Request VRP
- Get Consent By Consent Id
- Get Consent By Consent Id
- Get Consent By Consent Request Id
- Get Consent Request
- Get Consents
- Get Consents Info
- Provide client's certificate info of a current call
- Revoke Consent
- Revoke Consent at Bank
- Revoke Consent used in the Current Call
- Update Consent Status
-
Consumer
- Enable or Disable Consumers
- Get Call Limits for a Consumer
- Get Consumer
- Get Consumers
- Get Consumers (logged in User)
- Post a Consumer
- Set Rate Limits / Call Limits per Consumer
- Update Consumer RedirectUrl
-
Counterparty
- Create Counterparty (Explicit)
- Create Counterparty for any account (Explicit)
- Delete Counterparty (Explicit)
- Delete Counterparty for any account (Explicit)
- Get Counterparties (Explicit)
- Get Counterparties for any account (Explicit)
- Get Counterparty by Id (Explicit)
- Get Counterparty by Id for any account (Explicit)
- Get Counterparty by name for any account (Explicit)
- Get Other Account by Id
- Get Other Accounts of one Account
-
Counterparty Limits
- Create Counterparty Limit
- Delete Counterparty Limit
- Get Counterparty Limit
- Update Counterparty Limit
-
Counterparty Metadata
- Add Corporate Location to Counterparty
- Add Counterparty More Info
- Add Open Corporates URL to Counterparty
- Add image url to other bank account
- Add physical location to other bank account
- Add public alias to other bank account
- Add url to other bank account
- Create Other Account Private Alias
- Delete Counterparty Corporate Location
- Delete Counterparty Image URL
- Delete Counterparty Open Corporates URL
- Delete Counterparty Physical Location
- Delete Counterparty Private Alias
- Delete Counterparty Public Alias
- Delete more info of other bank account
- Delete url of other bank account
- Get Other Account Metadata
- Get Other Account Private Alias
- Get public alias of other bank account
- Update Counterparty Corporate Location
- Update Counterparty Image Url
- Update Counterparty More Info
- Update Counterparty Physical Location
- Update Counterparty Private Alias
- Update Open Corporates Url of Counterparty
- Update public alias of other bank account
- Update url of other bank account
-
Customer
- Create Address
- Create Customer
- Create Customer Account Link
- Create Customer Attribute
- Create Customer Social Media Handle
- Create Tax Residence
- Create User Customer Link
- Create or Update Customer Attribute Definition
- Delete Customer Account Link
- Delete Customer Address
- Delete Customer Attribute
- Delete Customer Attribute Definition
- Delete Customer Cascade
- Delete Tax Residence
- Delete User Customer Link
- Get CRM Events
- Get Correlated Entities for the current User
- Get Correlated User Info by Customer
- Get Customer Account Link by Id
- Get Customer Account Links by ACCOUNT_ID
- Get Customer Account Links by CUSTOMER_ID
- Get Customer Addresses
- Get Customer Attribute By Id
- Get Customer Attribute Definition
- Get Customer Attributes
- Get Customer Overview
- Get Customer Overview Flat
- Get Customer Social Media Handles
- Get Customer by CUSTOMER_ID
- Get Customer by CUSTOMER_NUMBER
- Get Customers Minimal at Any Bank
- Get Customers Minimal at Bank
- Get Customers at Any Bank
- Get Customers at Bank
- Get Customers by MOBILE_PHONE_NUMBER
- Get Customers for Current User
- Get Customers for Current User (IDs only)
- Get Firehose Customers
- Get My Customers
- Get My Customers at Bank
- Get Tax Residences of Customer
- Get User Customer Links by Customer
- Get User Customer Links by User
- Update Customer Account Link by Id
- Update Customer Attribute
- Update the Address of a Customer
- Update the Branch of a Customer
- Update the credit limit of a Customer
- Update the credit rating and source of a Customer
- Update the email of a Customer
- Update the identity data of a Customer
- Update the mobile number of a Customer
- Update the number of a Customer
- Update the other data of a Customer
-
Customer Meeting
-
Customer Message
- Create Customer Message
- Create Customer Message
- Get Customer Messages for a Customer
- Get Customer Messages for all Customers
-
Data Warehouse
-
Direct Debit
-
Directory
- Create Regulated Entity
- Create a Consumer
- Delete Regulated Entity
- Get Regulated Entities
- Get Regulated Entity
-
Documentation
- Get Bank Level Dynamic Resource Docs
- Get Glossary of the API
- Get Message Docs
- Get Message Docs Swagger
- Get Resource Docs
- Get Resource Docs
- Get Swagger documentation
- Get scanned API Versions
-
Dynamic Endpoint Manage
- Delete Bank Level Dynamic Endpoint
- Delete Dynamic Endpoint
- Get Bank Level Dynamic Endpoint
- Get Dynamic Endpoints
- Update Bank Level Dynamic Endpoint Host
- Update Dynamic Endpoint Host
- Create Bank Level Dynamic Endpoint
- Create Dynamic Endpoint
- Delete My Dynamic Endpoint
- Get Bank Level Dynamic Endpoints
- Get Dynamic Endpoint
- Get My Dynamic Endpoints
-
Dynamic Entity Manage
- Create Bank Level Dynamic Entity
- Create System Level Dynamic Entity
- Delete Bank Level Dynamic Entity
- Delete My Dynamic Entity
- Delete System Level Dynamic Entity
- Get Bank Level Dynamic Entities
- Get My Dynamic Entities
- Get System Dynamic Entities
- Update Bank Level Dynamic Entity
- Update My Dynamic Entity
- Update System Level Dynamic Entity
-
Dynamic Message Doc
- Create Bank Level Dynamic Message Doc
- Create Dynamic Message Doc
- Delete Bank Level Dynamic Message Doc
- Delete Dynamic Message Doc
- Get Bank Level Dynamic Message Doc
- Get Dynamic Message Doc
- Get all Bank Level Dynamic Message Docs
- Get all Dynamic Message Docs
- Update Bank Level Dynamic Message Doc
- Update Dynamic Message Doc
-
Dynamic Resource Doc
- A test endpoint
- Create Bank Level Dynamic Resource Doc
- Create Dynamic Resource Doc
- Create Dynamic Resource Doc endpoint code
- Delete Bank Level Dynamic Resource Doc
- Delete Dynamic Resource Doc
- Get Bank Level Dynamic Resource Doc by Id
- Get Dynamic Resource Doc by Id
- Get all Bank Level Dynamic Resource Docs
- Get all Dynamic Resource Docs
- Update Bank Level Dynamic Resource Doc
- Update Dynamic Resource Doc
-
Endpoint Mapping
- Create Bank Level Endpoint Mapping
- Create Endpoint Mapping
- Delete Bank Level Endpoint Mapping
- Delete Endpoint Mapping
- Get Bank Level Endpoint Mapping
- Get Endpoint Mapping by Id
- Get all Bank Level Endpoint Mappings
- Get all Endpoint Mappings
- Update Bank Level Endpoint Mapping
- Update Endpoint Mapping
-
FX
-
JSON Schema Validation
- Create a JSON Schema Validation
- Delete a JSON Schema Validation
- Get a JSON Schema Validation
- Get all JSON Schema Validations
- Get all JSON Schema Validations - public
- Update a JSON Schema Validation
-
KYC
- Add KYC Check
- Add KYC Document
- Add KYC Media
- Add KYC Status
- Get Customer KYC Checks
- Get Customer KYC Documents
- Get Customer KYC statuses
- Get KYC Media for a customer
-
Method Routing
-
Metric
- Get Aggregate Metrics
- Get Connector Metrics
- Get Metrics
- Get Metrics at Bank
- Get Top APIs
- Get Top Consumers
- Search API Metrics via Elasticsearch
-
Product
- Create Product
- Create Product Attribute
- Create Product Fee
- Create or Update Product Attribute Definition
- Delete Product Attribute
- Delete Product Attribute Definition
- Delete Product Cascade
- Delete Product Fee
- Get Bank Product
- Get Product Attribute
- Get Product Attribute Definition
- Get Product Fee
- Get Product Fees
- Get Product Tree
- Get Products
- Update Product Attribute
- Update Product Fee
-
Product Collection
-
Role
- Add Entitlement for a User
- Create (DAuth) User with Roles
- Create Entitlement Request for current User
- Delete Entitlement
- Delete Entitlement Request
- Get Entitlement Requests for a User
- Get Entitlement Requests for the current User
- Get Entitlements and Permissions for a User
- Get Entitlements for One Bank
- Get Entitlements for User
- Get Entitlements for User at Bank
- Get Entitlements for the current User
- Get Roles
- Get all Entitlement Requests
- Get all Entitlements
-
Sandbox
-
Scope
-
Standing Order
-
System Integrity
- Check Custom View Names
- Check System View Names
- Check Unique Index at Account Access
- Check for Orphaned Accounts
- Check for Sensible Currencies
-
Transaction
- Create Transaction Attribute
- Create or Update Transaction Attribute Definition
- Delete Transaction Attribute Definition
- Delete Transaction Cascade
- Get Balancing Transaction
- Get Double Entry Transaction
- Get Firehose Transactions for Account
- Get Other Account of Transaction
- Get Transaction Attribute By Id
- Get Transaction Attribute Definition
- Get Transaction Attributes
- Get Transaction by Id
- Get Transactions for Account (Core)
- Get Transactions for Account (Full)
- Update Transaction Attribute
-
Transaction Metadata
- Add a Transaction Comment
- Add a Transaction Image
- Add a Transaction Narrative
- Add a Transaction Tag
- Add a Transaction where Tag
- Delete a Transaction Comment
- Delete a Transaction Image
- Delete a Transaction Narrative
- Delete a Transaction Tag
- Delete a Transaction Tag
- Get Transaction Comments
- Get Transaction Images
- Get Transaction Tags
- Get a Transaction Narrative
- Get a Transaction where Tag
- Update a Transaction Narrative
- Update a Transaction where Tag
-
Transaction Request
- Answer Transaction Request Challenge
- Create Historical Transactions
- Create Transaction Request (ACCOUNT)
- Create Transaction Request (ACCOUNT_OTP)
- Create Transaction Request (CARD)
- Create Transaction Request (COUNTERPARTY)
- Create Transaction Request (FREE_FORM)
- Create Transaction Request (REFUND)
- Create Transaction Request (SANDBOX_TAN)
- Create Transaction Request (SEPA)
- Create Transaction Request (SIMPLE)
- Create Transaction Request Attribute
- Create or Update Transaction Request Attribute Definition
- Delete Transaction Request Attribute Definition
- Get Transaction Request
- Get Transaction Request Attribute By Id
- Get Transaction Request Attribute Definition
- Get Transaction Request Attributes
- Get Transaction Request Types at Bank
- Get Transaction Request Types for Account
- Get Transaction Requests
- Save Historical Transactions
- Update Transaction Request Attribute
-
User
- Answer User Auth Context Update Challenge
- Create My Personal User Attribute
- Create Non Personal User Attribute
- Create User
- Create User Auth Context
- Create User Auth Context Update Request
- Create password reset url
- Delete Non Personal User Attribute
- Delete User Auth Context
- Delete User's Auth Contexts
- Delete a User
- Get Logout Link
- Get My Personal User Attributes
- Get My Spaces
- Get Non Personal User Attributes
- Get User (Current)
- Get User Auth Contexts
- Get User Id (Current)
- Get User Lock Status
- Get User by USERNAME
- Get User by USER_ID
- Get User with Attributes by USER_ID
- Get Users by Email Address
- Get all Users
- Lock the user
- Refresh User
- Unlock the user
- Update My Personal User Attribute
-
User Invitation
-
View Custom
- Create Custom View
- Create Custom View
- Delete Custom View
- Delete Custom View
- Get Account access for User
- Get Custom View
- Get Views for Account
- Get access
- Update Custom View
- Update Custom View
-
View System
-
WebUi Props
-
Webhook
- Create an Account Webhook
- Create bank level Account Notification Webhook
- Create system level Account Notification Webhook
- Enable/Disable an Account Webhook
- Get Account Webhooks
-
_Covid APIDays
- Create new Covid APIDays
- Delete Covid APIDays by id
- Get Covid APIDays List
- Get Covid APIDays by id
- Update Covid APIDays
-
_Customer Cars
- Create new Customer Cars
- Delete Customer Cars by id
- Get Customer Cars List
- Get Customer Cars by id
- Update Customer Cars
-
_D Entity1(gh.29.uk)
-
_Fish Port
-
_Foo Bar
-
_Insurance Policy(gh.29.uk)
- Create new Insurance Policy
- Delete Insurance Policy by id
- Get Insurance Policy List
- Get Insurance Policy by id
- Update Insurance Policy
-
_Insurance Premium(gh.29.uk)
- Create new Insurance Premium
- Delete Insurance Premium by id
- Get Insurance Premium List
- Get Insurance Premium by id
- Update Insurance Premium
-
_March Hare(gh.29.uk)
- Create new March Hare
- Delete March Hare by id
- Get March Hare List
- Get March Hare by id
- Update March Hare
-
_Obp Activity(obp.testing.01)
- Create new Obp Activity
- Delete Obp Activity by id
- Get Obp Activity List
- Get Obp Activity by id
- Update Obp Activity
-
_Odometer(gh.29.uk)
-
_Simon Covid
- Create new Simon Covid
- Delete Simon Covid by id
- Get Simon Covid List
- Get Simon Covid by id
- Update Simon Covid
-
_Sustrans
-
_Test Daniel707
- Create new My Test Daniel707
- Create new Test Daniel707
- Delete My Test Daniel707 by id
- Delete Test Daniel707 by id
- Get My Test Daniel707 List
- Get My Test Daniel707 by id
- Get Test Daniel707 List
- Get Test Daniel707 by id
- Update My Test Daniel707
- Update Test Daniel707
-
_Test1
v1 (606 APIs)
Answer Transaction Request Challenge
In Sandbox mode, any string that can be converted to a positive integer will be accepted as an answer.
This endpoint totally depends on createTransactionRequest, it need get the following data from createTransactionRequest response body.
1)TRANSACTION_REQUEST_TYPE
: is the same as createTransactionRequest request URL .
2)TRANSACTION_REQUEST_ID
: is the id
field in createTransactionRequest response body.
3) id
: is challenge.id
field in createTransactionRequest response body.
4) answer
: must be 123
in case that Strong Customer Authentication method for OTP challenge is dummy.
For instance: SANDBOX_TAN_OTP_INSTRUCTION_TRANSPORT=dummy
Possible values are dummy,email and sms
In kafka mode, the answer can be got by phone message or other SCA methods.
Note that each Transaction Request Type can have its own OTP_INSTRUCTION_TRANSPORT method.
OTP_INSTRUCTION_TRANSPORT methods are set in Props. See sample.props.template for instructions.
Single or Multiple authorisations
OBP allows single or multi party authorisations.
Single party authorisation:
In the case that only one person needs to authorise i.e. answer a security challenge we have the following change of state of a transaction request
:
INITIATED => COMPLETED
Multiparty authorisation:
In the case that multiple parties (n persons) need to authorise a transaction request i.e. answer security challenges, we have the followings state flow for a transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in the case of a correct answer but the user is different than expected the challenge will fail.
Rule for calculating number of security challenges:
If Product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In the case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute, the default number of security challenges created is one.
Authentication is Mandatory
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
TRANSACTION_REQUEST_ID: 8138a7e4-6d02-40e3-a129-0b2bf89de9f1
TRANSACTION_REQUEST_TYPE: SEPA
VIEW_ID: owner
JSON request body fields:
id: d8839721-ad8f-45dd-9f78-2080414b93f9
additional_information: additional_information
reason_code: reason_code
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: This an optional field. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
value: 5987953
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"This an optional field. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenge":{
"id":"be1a183d-b301-4b83-b855-5eeffdd3526f",
"allowed_attempts":3,
"challenge_type":"SANDBOX_TAN"
},
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40011: Transaction Request Status is not INITIATED.
- OBP-40009: The TRANSACTION_REQUEST_TYPE has changed.
- OBP-40014: Sorry, you've used up your allowed attempts.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Create Historical Transactions
Create historical transactions at one Bank
Use this endpoint to create transactions between any two accounts at the same bank.
From account and to account must be at the same bank.
Example:
{
"from_account_id": "1ca8a7e4-6d02-48e3-a029-0b2bf89de9f0",
"to_account_id": "2ca8a7e4-6d02-48e3-a029-0b2bf89de9f0",
"value": {
"currency": "GBP",
"amount": "10"
},
"description": "this is for work",
"posted": "2017-09-19T02:31:05Z",
"completed": "2017-09-19T02:31:05Z",
"type": "SANDBOX_TAN",
"charge_policy": "SHARED"
}
This call is experimental.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
amount: 10.12
charge_policy: SHARED
completed: 2020-01-27
currency: EUR
description: This an optional field. Maximum length is 2000. It can be any characters here.
from_account_id: from_account_id
posted: 2020-01-27
to_account_id: to_account_id
type:
value: 5987953
JSON response body fields:
amount: 10.12
charge_policy: SHARED
completed: 2020-01-27
currency: EUR
description: This an optional field. Maximum length is 2000. It can be any characters here.
from:
posted: 2020-01-27
to:
transaction_id: 2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub
transaction_request_type: SEPA
value: 5987953
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
{
"transaction_id":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"this is for work",
"posted":"1100-01-01T01:01:01Z",
"completed":"1100-01-01T01:01:01Z",
"transaction_request_type":"SANDBOX_TAN",
"charge_policy":"SHARED"
}
-
CanCreateHistoricalTransactionAtBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30017: Counterparty not found. Please specify a valid value for COUNTERPARTY_ID.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-50000: Unknown Error.
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
Create Transaction Request (ACCOUNT)
When using ACCOUNT, the payee is set in the request body.
Money goes into the BANK_ID and ACCOUNT_ID specified in the request body.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON request body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_id: gh.29.uk
currency: EUR
description: This an optional field. Maximum length is 2000. It can be any characters here.
to:
value: 5987953
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
challenges: challenges
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: This an optional field. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
link:
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"This an optional field. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenges":[{
"id":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"allowed_attempts":3,
"challenge_type":"OBP_TRANSACTION_REQUEST_CHALLENGE",
"link":"/obp/v4.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-request-types/TRANSACTION_REQUEST_TYPE/transaction-requests/TRANSACTION_REQUEST_ID/challenge"
}],
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because the login user doesn't have access to the view of the from account or the consumer doesn't have the access to the view of the from account or the login user does not have the `CanCreateAnyTransactionRequest` role or the view does not have the permission can_add_transaction_request_to_any_account or the view does not have the permission can_add_transaction_request_to_beneficiary.
- OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
- OBP-10001: Incorrect json format.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Create Transaction Request (ACCOUNT_OTP)
When using ACCOUNT, the payee is set in the request body.
Money goes into the BANK_ID and ACCOUNT_ID specified in the request body.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON request body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_id: gh.29.uk
currency: EUR
description: This an optional field. Maximum length is 2000. It can be any characters here.
to:
value: 5987953
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
challenges: challenges
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: This an optional field. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
link:
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"This an optional field. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenges":[{
"id":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"allowed_attempts":3,
"challenge_type":"OBP_TRANSACTION_REQUEST_CHALLENGE",
"link":"/obp/v4.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-request-types/TRANSACTION_REQUEST_TYPE/transaction-requests/TRANSACTION_REQUEST_ID/challenge"
}],
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because the login user doesn't have access to the view of the from account or the consumer doesn't have the access to the view of the from account or the login user does not have the `CanCreateAnyTransactionRequest` role or the view does not have the permission can_add_transaction_request_to_any_account or the view does not have the permission can_add_transaction_request_to_beneficiary.
- OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
- OBP-10001: Incorrect json format.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Create Transaction Request (CARD)
When using CARD, the payee is set in the request body .
Money goes into the Counterparty in the request body.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
URL Parameters:
CARD: CARD
JSON request body fields:
amount: 10.12
brand: Visa
card: card
card_number: 364435172576215
card_type: Credit
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
cvv: 123
description: This an optional field. Maximum length is 2000. It can be any characters here.
expiry_month: 01
expiry_year: 2023
name_on_card: SusanSmith
to:
value: 5987953
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
challenges: challenges
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: This an optional field. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
link:
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"This an optional field. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenges":[{
"id":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"allowed_attempts":3,
"challenge_type":"OBP_TRANSACTION_REQUEST_CHALLENGE",
"link":"/obp/v4.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-request-types/TRANSACTION_REQUEST_TYPE/transaction-requests/TRANSACTION_REQUEST_ID/challenge"
}],
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because the login user doesn't have access to the view of the from account or the consumer doesn't have the access to the view of the from account or the login user does not have the `CanCreateAnyTransactionRequest` role or the view does not have the permission can_add_transaction_request_to_any_account or the view does not have the permission can_add_transaction_request_to_beneficiary.
- OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
- OBP-10001: Incorrect json format.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Create Transaction Request (COUNTERPARTY)
Special instructions for COUNTERPARTY:
When using a COUNTERPARTY to create a Transaction Request, specificy the counterparty_id in the body of the request.
The routing details of the counterparty will be forwarded for the transfer.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON request body fields:
amount: 10.12
charge_policy: SHARED
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
description: This an optional field. Maximum length is 2000. It can be any characters here.
to:
value: 5987953
future_date: 20200127
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
challenges: challenges
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: This an optional field. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
link:
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"This an optional field. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenges":[{
"id":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"allowed_attempts":3,
"challenge_type":"OBP_TRANSACTION_REQUEST_CHALLENGE",
"link":"/obp/v4.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-request-types/TRANSACTION_REQUEST_TYPE/transaction-requests/TRANSACTION_REQUEST_ID/challenge"
}],
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because the login user doesn't have access to the view of the from account or the consumer doesn't have the access to the view of the from account or the login user does not have the `CanCreateAnyTransactionRequest` role or the view does not have the permission can_add_transaction_request_to_any_account or the view does not have the permission can_add_transaction_request_to_beneficiary.
- OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
- OBP-10001: Incorrect json format.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Create Transaction Request (FREE_FORM)
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON request body fields:
amount: 10.12
currency: EUR
description: This an optional field. Maximum length is 2000. It can be any characters here.
value: 5987953
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
challenges: challenges
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: This an optional field. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
link:
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"This an optional field. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenges":[{
"id":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"allowed_attempts":3,
"challenge_type":"OBP_TRANSACTION_REQUEST_CHALLENGE",
"link":"/obp/v4.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-request-types/TRANSACTION_REQUEST_TYPE/transaction-requests/TRANSACTION_REQUEST_ID/challenge"
}],
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}
-
CanCreateAnyTransactionRequest
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because the login user doesn't have access to the view of the from account or the consumer doesn't have the access to the view of the from account or the login user does not have the `CanCreateAnyTransactionRequest` role or the view does not have the permission can_add_transaction_request_to_any_account or the view does not have the permission can_add_transaction_request_to_beneficiary.
- OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
- OBP-10001: Incorrect json format.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Create Transaction Request (REFUND)
Either the from
or the to
field must be filled. Those fields refers to the information about the party that will be refunded.
In case the from
object is used, it means that the refund comes from the part that sent you a transaction.
In the from
object, you have two choices :
- Use bank_id
and account_id
fields if the other account is registered on the OBP-API
- Use the counterparty_id
field in case the counterparty account is out of the OBP-API
In case the to
object is used, it means you send a request to a counterparty to ask for a refund on a previous transaction you sent.
(This case is not managed by the OBP-API and require an external adapter)
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
REFUND: REFUND
VIEW_ID: owner
JSON request body fields:
amount: 10.12
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
description: This an optional field. Maximum length is 2000. It can be any characters here.
reason_code: reason_code
refund: refund
transaction_id: 2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub
value: 5987953
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
from:
to:
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
challenges: challenges
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: This an optional field. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
link:
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"This an optional field. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenges":[{
"id":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"allowed_attempts":3,
"challenge_type":"OBP_TRANSACTION_REQUEST_CHALLENGE",
"link":"/obp/v4.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-request-types/TRANSACTION_REQUEST_TYPE/transaction-requests/TRANSACTION_REQUEST_ID/challenge"
}],
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because the login user doesn't have access to the view of the from account or the consumer doesn't have the access to the view of the from account or the login user does not have the `CanCreateAnyTransactionRequest` role or the view does not have the permission can_add_transaction_request_to_any_account or the view does not have the permission can_add_transaction_request_to_beneficiary.
- OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
- OBP-10001: Incorrect json format.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Create Transaction Request (SANDBOX_TAN)
When using SANDBOX_TAN, the payee is set in the request body.
Money goes into the BANK_ID and ACCOUNT_ID specified in the request body.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to SANDBOX_TAN. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
{
"XAF":{
"XAF":1.0,
"HKD":0.0135503,
"AUD":0.00228226,
"KRW":1.87975,
"JOD":0.00127784,
"GBP":0.00131092,
"MXN":0.0396,
"AED":0.00601555,
"INR":0.110241,
"XBT":2.9074795E-8,
"JPY":0.185328,
"USD":0.00163773,
"ILS":0.00641333,
"EUR":0.00152449
},
"HKD":{
"XAF":73.8049,
"HKD":1.0,
"AUD":0.178137,
"KRW":143.424,
"JOD":0.0903452,
"GBP":0.0985443,
"MXN":2.8067,
"AED":0.467977,
"INR":9.09325,
"XBT":2.164242461E-6,
"JPY":14.0867,
"USD":0.127427,
"ILS":0.460862,
"EUR":0.112495
},
"AUD":{
"XAF":438.162,
"HKD":5.61346,
"AUD":1.0,
"KRW":895.304,
"JOD":0.556152,
"GBP":0.609788,
"MXN":16.0826,
"AED":2.88368,
"INR":50.4238,
"XBT":1.2284055924E-5,
"JPY":87.0936,
"USD":0.785256,
"ILS":2.83558,
"EUR":0.667969
},
"KRW":{
"XAF":0.531986,
"HKD":0.00697233,
"AUD":0.00111694,
"KRW":1.0,
"JOD":6.30634E-4,
"GBP":6.97389E-4,
"MXN":0.0183,
"AED":0.00320019,
"INR":0.0586469,
"XBT":1.4234725E-8,
"JPY":0.0985917,
"USD":8.7125E-4,
"ILS":0.00316552,
"EUR":8.11008E-4
},
"JOD":{
"XAF":782.572,
"HKD":11.0687,
"AUD":1.63992,
"KRW":1585.68,
"JOD":1.0,
"GBP":1.06757,
"MXN":30.8336,
"AED":5.18231,
"INR":90.1236,
"XBT":2.3803244006E-5,
"JPY":156.304,
"USD":1.41112,
"ILS":5.02018,
"EUR":0.237707
},
"GBP":{
"XAF":762.826,
"HKD":10.1468,
"AUD":1.63992,
"KRW":1433.92,
"JOD":0.936707,
"GBP":1.0,
"MXN":29.242,
"AED":4.58882,
"INR":84.095,
"XBT":2.2756409956E-5,
"JPY":141.373,
"USD":1.2493,
"ILS":4.7002,
"EUR":1.16278
},
"MXN":{
"XAF":25.189,
"HKD":0.3562,
"AUD":0.0621,
"KRW":54.4512,
"JOD":0.0324,
"GBP":0.0341,
"MXN":1.0,
"AED":0.1688,
"INR":3.3513,
"XBT":8.1112586E-7,
"JPY":4.8687,
"USD":0.0459,
"ILS":0.1541,
"EUR":0.0384
},
"AED":{
"XAF":166.236,
"HKD":2.13685,
"AUD":0.346779,
"KRW":312.482,
"JOD":0.1930565,
"GBP":0.217921,
"MXN":5.9217,
"AED":1.0,
"INR":18.3255,
"XBT":4.603349217E-6,
"JPY":30.8081,
"USD":0.27225,
"ILS":0.968033,
"EUR":0.253425
},
"INR":{
"XAF":9.07101,
"HKD":0.109972,
"AUD":0.0198319,
"KRW":17.0512,
"JOD":0.0110959,
"GBP":0.0118913,
"MXN":0.2983,
"AED":0.0545671,
"INR":1.0,
"XBT":2.2689396E-7,
"JPY":1.68111,
"USD":0.0148559,
"ILS":0.0556764,
"EUR":0.0138287
},
"XBT":{
"XAF":3.4353824E7,
"HKD":460448.9,
"AUD":81168.603,
"KRW":7.0131575E7,
"JOD":41960.111,
"GBP":44188.118,
"MXN":1230503.3,
"AED":217414.47,
"INR":4407607.74,
"XBT":1.0,
"JPY":6805170.8,
"USD":59245.918,
"ILS":182981.21,
"EUR":52436.431
},
"JPY":{
"XAF":5.39585,
"HKD":0.0709891,
"AUD":0.0114819,
"KRW":10.1428,
"JOD":0.00639777,
"GBP":0.0070735,
"MXN":0.2053,
"AED":0.032459,
"INR":0.594846,
"XBT":1.47171931E-7,
"JPY":1.0,
"USD":0.00883695,
"ILS":0.0320926,
"EUR":0.00822592
},
"USD":{
"XAF":610.601,
"HKD":7.84766,
"AUD":1.27347,
"KRW":1147.78,
"JOD":0.708659,
"GBP":0.800446,
"MXN":21.748,
"AED":3.6731,
"INR":67.3135,
"XBT":1.69154E-5,
"JPY":113.161,
"USD":1.0,
"ILS":3.55495,
"EUR":0.930886
},
"ILS":{
"XAF":155.925,
"HKD":2.16985,
"AUD":0.352661,
"KRW":315.903,
"JOD":0.199196,
"GBP":0.212763,
"MXN":6.4871,
"AED":1.03302,
"INR":17.9609,
"XBT":5.452272147E-6,
"JPY":31.1599,
"USD":0.281298,
"ILS":1.0,
"EUR":1.19318
},
"EUR":{
"XAF":655.957,
"HKD":8.88926,
"AUD":1.49707,
"KRW":1233.03,
"JOD":0.838098,
"GBP":0.860011,
"MXN":26.0359,
"AED":3.94594,
"INR":72.3136,
"XBT":1.9087905636E-5,
"JPY":121.567,
"USD":1.07428,
"ILS":4.20494,
"EUR":1.0
}
}
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON request body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_id: gh.29.uk
currency: EUR
description: This an optional field. Maximum length is 2000. It can be any characters here.
to:
value: 5987953
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: This an optional field. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
value: 5987953
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"This an optional field. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenge":{
"id":"be1a183d-b301-4b83-b855-5eeffdd3526f",
"allowed_attempts":3,
"challenge_type":"SANDBOX_TAN"
},
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because the login user doesn't have access to the view of the from account or the consumer doesn't have the access to the view of the from account or the login user does not have the `CanCreateAnyTransactionRequest` role or the view does not have the permission can_add_transaction_request_to_any_account or the view does not have the permission can_add_transaction_request_to_beneficiary.
- OBP-20017: Current user does not have access to the view. Please specify a valid value for VIEW_ID.
- OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
- OBP-10001: Incorrect json format.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Create Transaction Request (SEPA)
Special instructions for SEPA:
When using a SEPA Transaction Request, you specify the IBAN of a Counterparty in the body of the request.
The routing details (IBAN) of the counterparty will be forwarded to the core banking system for the transfer.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
SEPA:
VIEW_ID: owner
JSON request body fields:
amount: 10.12
charge_policy: SHARED
code: 125
currency: EUR
description: This an optional field. Maximum length is 2000. It can be any characters here.
iban: DE91 1000 0000 0123 4567 89
to:
value: 5987953
amount: 10.12
currency: EUR
description: This an optional field. Maximum length is 2000. It can be any characters here.
future_date: 20200127
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
challenges: challenges
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: This an optional field. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
link:
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"This an optional field. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenges":[{
"id":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"allowed_attempts":3,
"challenge_type":"OBP_TRANSACTION_REQUEST_CHALLENGE",
"link":"/obp/v4.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-request-types/TRANSACTION_REQUEST_TYPE/transaction-requests/TRANSACTION_REQUEST_ID/challenge"
}],
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because the login user doesn't have access to the view of the from account or the consumer doesn't have the access to the view of the from account or the login user does not have the `CanCreateAnyTransactionRequest` role or the view does not have the permission can_add_transaction_request_to_any_account or the view does not have the permission can_add_transaction_request_to_beneficiary.
- OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
- OBP-10001: Incorrect json format.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Create Transaction Request (SIMPLE)
Special instructions for SIMPLE:
You can transfer money to the Bank Account Number or IBAN directly.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID sp