-
API
-
The terms `API` (Application Programming Interface) and `Endpoint` are used somewhat interchangeablyMore...
- Get API Info (root)
- Get Adapter Info
- Get Suggested Session Timeout
-
-
Account
-
The thing that tokens of value (money) come in and out of. An account has one or more `owners` whichMore...
- Check Available Funds
- Get Account Balances by BANK_ID
- Get Account by Id (Core)
- Get Account by Id (Full)
- Get Accounts Held
- Get Accounts at Bank (Minimal)
-
-
Connector Method
-
Developers can override all the existing Connector methods. This function needs to be used togethMore...
- Get all Connector Methods
- Update Connector Method
-
-
Consent
-
Consents provide a mechanism through which a resource owner (e.g. a customer) can grant a third partMore...
- Answer Consent Challenge
- Create Consent By CONSENT_REQUEST_ID (IMPLICIT)
- Create Consent By CONSENT_REQUEST_ID (SMS)
- Create Consent Request
- Get Consent By Consent Request Id via Consumer
- Get Consent Request
- Get Consents
- Provide client's certificate info of a current call
- Revoke Consent at Bank
- Revoke Consent used in the Current Call
-
-
Customer
-
The legal entity that has the relationship to the bank. Customers are linked to Users via `User CusMore...
- Get Customers for Current User
-
-
Transaction
-
Transactions are records of successful movements of value into or out of an `Account`. OBP TransacMore...
- Get Transaction by Id
- Get Transactions for Account (Core)
- Get Transactions for Account (Full)
-
-
User
-
The entity that accesses the API with a login / authorisation token and has access to zero or moreMore...
- Answer User Auth Context Update Challenge
- Create Non Personal User Attribute
- Create User Auth Context Update Request
- Delete Non Personal User Attribute
- Delete User Auth Context
- Get Non Personal User Attributes
- Get User (Current)
- Get User Auth Contexts
-
-
API
-
Account
-
Check Available Funds
-
Get Account Balances by BANK_ID
-
Get Account by Id (Core)
-
Get Account by Id (Full)
-
Get Accounts Held
-
Get Accounts at Bank (Minimal)
-
Check Available Funds
-
Bank
-
Card
-
Connector Method
-
Consent
-
Answer Consent Challenge
-
Create Consent By CONSENT_REQUEST_ID (IMPLICIT)
-
Create Consent By CONSENT_REQUEST_ID (SMS)
-
Create Consent Request
-
Get Consent By Consent Request Id via Consumer
-
Get Consent Request
-
Get Consents
-
Provide client's certificate info of a current call
-
Revoke Consent at Bank
-
Revoke Consent used in the Current Call
-
Answer Consent Challenge
-
Counterparty
-
Customer
-
Customer Message
-
FX
-
Role
-
Transaction
-
Transaction Request
-
Answer Transaction Request Challenge
-
Create Transaction Request (COUNTERPARTY)
-
Create Transaction Request (SIMPLE)
-
Get Transaction Requests
-
Answer Transaction Request Challenge
-
User
-
Answer User Auth Context Update Challenge
-
Create Non Personal User Attribute
-
Create User Auth Context Update Request
-
Delete Non Personal User Attribute
-
Delete User Auth Context
-
Get Non Personal User Attributes
-
Get User (Current)
-
Get User Auth Contexts
-
Answer User Auth Context Update Challenge
v5.1.0 (46 APIs)
Get API Info (root)
Returns information about:
- API version
- Hosted by information
- Hosted at information
- Energy source information
- Git Commit
User Authentication is Optional. The User need not be logged in.
JSON response body fields:
connector: connector
git_commit: 59623811dd8a41f6ffe67be46954eee11913dc28
hostname: hostname
local_identity_provider: local_identity_provider
resource_docs_requires_role: resource_docs_requires_role
{
"version":"String",
"version_status":"String",
"git_commit":"String",
"connector":"String",
"hostname":"String",
"local_identity_provider":"String",
"hosted_by":{
"organisation":"String",
"email":"String",
"phone":"String",
"organisation_website":"String"
},
"hosted_at":{
"organisation":"Amazon",
"organisation_website":"https://aws.amazon.com/"
},
"energy_source":{
"organisation":"Stromio",
"organisation_website":"https://www.stromio.de/"
},
"resource_docs_requires_role":false
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-50000: Unknown Error.
- OBP-00014: Mandatory properties must be set.
Get Adapter Info
Get basic information about the Adapter.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
JSON response body fields:
backend_messages: backend_messages
date: 2020-01-27
errorCode: errorCode
git_commit: 59623811dd8a41f6ffe67be46954eee11913dc28
name: ACCOUNT_MANAGEMENT_FEE
text:
total_duration: total_duration
duration: 5.123
{
"name":"ACCOUNT_MANAGEMENT_FEE",
"version":"",
"git_commit":"59623811dd8a41f6ffe67be46954eee11913dc28",
"date":"2020-01-27",
"total_duration":"5.123",
"backend_messages":[{
"source":"",
"status":"",
"errorCode":"",
"text":"",
"duration":"5.123"
}]
}
-
CanGetAdapterInfo
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Suggested Session Timeout
Returns information about:
- Suggested session timeout in case of a user inactivity
User Authentication is Optional. The User need not be logged in.
JSON response body fields:
timeout_in_seconds: timeout_in_seconds
{
"timeout_in_seconds":"300"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-50000: Unknown Error.
Check Available Funds
Check Available Funds
Mandatory URL parameters:
- amount=NUMBER
- currency=STRING
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON response body fields:
date: 2020-01-27
{
"answer":"yes",
"date":"2025-08-08T12:55:01Z",
"available_funds_request_id":"c4ykz59svsr9b7fmdxk8ezs7"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-20054: Invalid amount. Please specify a valid value for amount.
- OBP-10003: Invalid Currency Value. It should be three letters ISO Currency Code.
- OBP-50000: Unknown Error.
Get Account Balances by BANK_ID
Get the Balances for the Account specified by BANK_ID.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
balances: balances
bank_id: gh.29.uk
currency: EUR
label: My Account
scheme: OBP
type:
{
"accounts":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"account_routings":[{
"scheme":"accountNumber",
"address":"123456"
}],
"label":"My Account",
"balances":[{
"type":"",
"currency":"EUR",
"amount":"10"
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
Get Account by Id (Core)
Information returned about the account specified by ACCOUNT_ID:
- Number - The human readable account number given by the bank that identifies the account.
- Label - A label given by the owner of the account
- Owners - Users that own this account
- Type - The type of account
- Balance - Currency and Value
- Account Routings - A list that might include IBAN or national account identifiers
- Account Rules - A list that might include Overdraft and other bank specific rules
- Tags - A list of Tags assigned to this account
This call returns the owner view and requires access to that view.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON response body fields:
amount: 10.12
balance: 10
bank_id: gh.29.uk
currency: EUR
id: d8839721-ad8f-45dd-9f78-2080414b93f9
label: My Account
product_code: 1234BW
scheme: OBP
{
"id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"bank_id":"gh.29.uk",
"label":"My Account",
"number":"546387432",
"product_code":"AC",
"balance":{
"currency":"EUR",
"amount":"0"
},
"account_routings":[{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}],
"views_basic":["owner"]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-50000: Unknown Error.
Get Account by Id (Full)
Information returned about an account specified by ACCOUNT_ID as moderated by the view (VIEW_ID):
- Number
- Owners
- Type
- Balance
- IBAN
- Available views (sorted by short_name)
More details about the data moderation by the view here.
PSD2 Context: PSD2 requires customers to have access to their account information via third party applications.
This call provides balance and other account information via delegated authentication using OAuth.
Authentication is required if the 'is_public' field in view (VIEW_ID) is not set to true.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON response body fields:
amount: 10.12
balance: 10
bank_id: gh.29.uk
can_add_image_url: false
can_add_more_info: false
can_add_tag: false
can_delete_corporate_location: false
can_delete_image: false
can_delete_where_tag: false
can_edit_owner_comment: false
can_see_bank_account_bank_name: false
can_see_bank_account_currency:
can_see_bank_account_label: false
can_see_bank_account_national_identifier:
can_see_bank_account_number: false
can_see_bank_account_owners: false
can_see_bank_account_swift_bic:
can_see_corporate_location: false
can_see_image_url: false
can_see_images: false
can_see_other_account_bank_name:
can_see_other_account_metadata:
can_see_other_account_national_identifier: false
can_see_other_account_number: false
can_see_other_account_swift_bic: false
can_see_transaction_amount: false
can_see_transaction_description: false
can_see_transaction_finish_date:
can_see_transaction_other_bank_account:
can_see_transaction_start_date:
can_see_transaction_this_bank_account:
can_see_url: false
can_see_where_tag: false
currency: EUR
date: 2020-01-27
description: Description of the object. Maximum length is 2000. It can be any characters here.
hide_metadata_if_alias_used: false
id: d8839721-ad8f-45dd-9f78-2080414b93f9
is_public: false
label: My Account
name: ACCOUNT_MANAGEMENT_FEE
product_code: 1234BW
provider: ETHEREUM
scheme: OBP
tags: Create-My-User
type:
user:
value: 5987953
product_instance_code: product_instance_code
{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"label":"NoneLabel",
"number":"123",
"owners":[{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}],
"product_code":"1234BW",
"balance":{
"currency":"EUR",
"amount":"0"
},
"views_available":[{
"id":"123",
"short_name":"short_name",
"description":"description",
"is_public":true,
"alias":"None",
"hide_metadata_if_alias_used":true,
"can_add_comment":true,
"can_add_corporate_location":true,
"can_add_image":true,
"can_add_image_url":true,
"can_add_more_info":true,
"can_add_open_corporates_url":true,
"can_add_physical_location":true,
"can_add_private_alias":true,
"can_add_public_alias":true,
"can_add_tag":true,
"can_add_url":true,
"can_add_where_tag":true,
"can_delete_comment":true,
"can_delete_corporate_location":true,
"can_delete_image":true,
"can_delete_physical_location":true,
"can_delete_tag":true,
"can_delete_where_tag":true,
"can_edit_owner_comment":true,
"can_see_bank_account_balance":true,
"can_see_bank_account_bank_name":true,
"can_see_bank_account_currency":true,
"can_see_bank_account_iban":true,
"can_see_bank_account_label":true,
"can_see_bank_account_national_identifier":true,
"can_see_bank_account_number":true,
"can_see_bank_account_owners":true,
"can_see_bank_account_swift_bic":true,
"can_see_bank_account_type":true,
"can_see_comments":true,
"can_see_corporate_location":true,
"can_see_image_url":true,
"can_see_images":true,
"can_see_more_info":true,
"can_see_open_corporates_url":true,
"can_see_other_account_bank_name":true,
"can_see_other_account_iban":true,
"can_see_other_account_kind":true,
"can_see_other_account_metadata":true,
"can_see_other_account_national_identifier":true,
"can_see_other_account_number":true,
"can_see_other_account_swift_bic":true,
"can_see_owner_comment":true,
"can_see_physical_location":true,
"can_see_private_alias":true,
"can_see_public_alias":true,
"can_see_tags":true,
"can_see_transaction_amount":true,
"can_see_transaction_balance":true,
"can_see_transaction_currency":true,
"can_see_transaction_description":true,
"can_see_transaction_finish_date":true,
"can_see_transaction_metadata":true,
"can_see_transaction_other_bank_account":true,
"can_see_transaction_start_date":true,
"can_see_transaction_this_bank_account":true,
"can_see_transaction_type":true,
"can_see_url":true,
"can_see_where_tag":true
}],
"bank_id":"gh.29.uk",
"account_routings":[{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}],
"account_attributes":[{
"product_code":"1234BW",
"account_attribute_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"name":"OVERDRAFT_START_DATE",
"type":"DATE_WITH_DAY",
"value":"2012-04-23",
"product_instance_code":"LKJL98769F"
}],
"tags":[{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"value":"OBP",
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-20017: Current user does not have access to the view. Please specify a valid value for VIEW_ID.
- OBP-50000: Unknown Error.
Get Accounts Held
Get Accounts held by the current User if even the User has not been assigned the owner View yet.
Can be used to onboard the account to the API - since all other account and transaction endpoints require views to be assigned.
optional request parameters:
- account_type_filter: one or many accountType value, split by comma
- account_type_filter_operation: the filter type of account_type_filter, value must be INCLUDE or EXCLUDE
whole url example:
/banks/BANK_ID/accounts-held?account_type_filter=330,CURRENT+PLUS&account_type_filter_operation=INCLUDE
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
bank_id: gh.29.uk
id: d8839721-ad8f-45dd-9f78-2080414b93f9
label: My Account
scheme: OBP
{
"accounts":[{
"id":"7b97bd26-583b-4c3b-8282-55ea9d934aad",
"label":"My Account",
"bank_id":"123",
"number":"123",
"account_routings":[{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get Accounts at Bank (Minimal)
Returns the minimal list of private accounts at BANK_ID that the user has access to.
For each account, the API returns the ID, routing addresses and the views available to the current user.
If you want to see more information on the Views, use the Account Detail call.
optional request parameters:
- account_type_filter: one or many accountType value, split by comma
- account_type_filter_operation: the filter type of account_type_filter, value must be INCLUDE or EXCLUDE
whole url example:
/banks/BANK_ID/accounts/private?account_type_filter=330,CURRENT+PLUS&account_type_filter_operation=INCLUDE
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
account_type: AC
bank_id: gh.29.uk
description: Description of the object. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
is_public: false
label: My Account
scheme: OBP
{
"accounts":[{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"label":"String",
"bank_id":"gh.29.uk",
"account_type":"330",
"account_routings":[{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}],
"views":[{
"id":"owner",
"short_name":"owner",
"description":"This view is for the owner for the account.",
"is_public":false
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
Get Bank
Get the bank specified by BANK_ID
Returns information about a single bank specified by BANK_ID including:
- Bank code and full name of bank
- Logo URL
- Website
User Authentication is Optional. The User need not be logged in.
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
bank_code: CGHZ
bank_routings: bank routing in form of (scheme, address)
full_name: full name string
id: d8839721-ad8f-45dd-9f78-2080414b93f9
logo: logo url
name: ACCOUNT_MANAGEMENT_FEE
scheme: OBP
value: 5987953
website: www.openbankproject.com
attributes: attribute value in form of (name, value)
{
"id":"gh.29.uk",
"bank_code":"CGHZ",
"full_name":"bank fullName string",
"logo":"bank logoUrl string",
"website":"bank logoUrl string",
"bank_routings":[{
"scheme":"OBP",
"address":"gh.29.uk"
}],
"attributes":[{
"name":"ACCOUNT_MANAGEMENT_FEE",
"value":"5987953"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-50000: Unknown Error.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
Get Banks
Get banks on this API instance
Returns a list of banks supported on this server:
- ID used as parameter in URLs
- Short and full name of bank
- Logo URL
- Website
User Authentication is Optional. The User need not be logged in.
JSON response body fields:
bank_routings: bank routing in form of (scheme, address)
full_name: full name string
id: d8839721-ad8f-45dd-9f78-2080414b93f9
logo: logo url
name: ACCOUNT_MANAGEMENT_FEE
scheme: OBP
value: 5987953
website: www.openbankproject.com
attributes: attribute value in form of (name, value)
{
"banks":[{
"id":"gh.29.uk",
"short_name":"short_name ",
"full_name":"full_name",
"logo":"logo",
"website":"www.openbankproject.com",
"bank_routings":[{
"scheme":"OBP",
"address":"gh.29.uk"
}],
"attributes":[{
"name":"ACCOUNT_MANAGEMENT_FEE",
"value":"5987953"
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-50000: Unknown Error.
Get Cards for the specified bank
Should be able to filter on the following fields
eg:/management/banks/BANK_ID/cards?customer_id=66214b8e-259e-44ad-8868-3eb47be70646&account_id=8ca8a7e4-6d02-48e3-a029-0b2bf89de9f0
1 customer_id should be valid customer_id, otherwise, it will return an empty card list.
2 account_id should be valid account_id , otherwise, it will return an empty card list.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
allows: [credit,debit,cash_withdrawal]
bank_id: gh.29.uk
can_add_image_url: false
can_add_more_info: false
can_add_tag: false
can_delete_corporate_location: false
can_delete_image: false
can_delete_where_tag: false
can_edit_owner_comment: false
can_see_bank_account_bank_name: false
can_see_bank_account_currency:
can_see_bank_account_label: false
can_see_bank_account_national_identifier:
can_see_bank_account_number: false
can_see_bank_account_owners: false
can_see_bank_account_swift_bic:
can_see_corporate_location: false
can_see_image_url: false
can_see_images: false
can_see_other_account_bank_name:
can_see_other_account_metadata:
can_see_other_account_national_identifier: false
can_see_other_account_number: false
can_see_other_account_swift_bic: false
can_see_transaction_amount: false
can_see_transaction_description: false
can_see_transaction_finish_date:
can_see_transaction_other_bank_account:
can_see_transaction_start_date:
can_see_transaction_this_bank_account:
can_see_url: false
can_see_where_tag: false
cancelled: false
card_id: 36f8a9e6-c2b1-407a-8bd0-421b7119307e
card_number: 364435172576215
card_type: Credit
collected: 2020-01-27
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
expires_date: 2021-01-27
hide_metadata_if_alias_used: false
id: d8839721-ad8f-45dd-9f78-2080414b93f9
is_public: false
issue_number: 1
label: My Account
name_on_card: SusanSmith
on_hot_list: false
posted: 2020-01-27
requested_date: 2020-01-27
serial_number: 1324234
technology: technology1
valid_from_date: 2020-01-27
{
"cards":[{
"card_id":"36f8a9e6-c2b1-407a-8bd0-421b7119307e ",
"bank_id":"gh.29.uk",
"card_number":"364435172576215",
"card_type":"Credit",
"name_on_card":"SusanSmith",
"issue_number":"1",
"serial_number":"1324234",
"valid_from_date":"1100-01-01T00:00:00Z",
"expires_date":"1100-01-01T00:00:00Z",
"enabled":true,
"cancelled":true,
"on_hot_list":true,
"technology":"technologyString1",
"networks":["networks1"],
"allows":["credit","debit"],
"account":{
"id":"123",
"label":"OBP",
"views_available":[{
"id":"123",
"short_name":"short_name",
"description":"description",
"is_public":true,
"alias":"None",
"hide_metadata_if_alias_used":true,
"can_add_comment":true,
"can_add_corporate_location":true,
"can_add_image":true,
"can_add_image_url":true,
"can_add_more_info":true,
"can_add_open_corporates_url":true,
"can_add_physical_location":true,
"can_add_private_alias":true,
"can_add_public_alias":true,
"can_add_tag":true,
"can_add_url":true,
"can_add_where_tag":true,
"can_delete_comment":true,
"can_delete_corporate_location":true,
"can_delete_image":true,
"can_delete_physical_location":true,
"can_delete_tag":true,
"can_delete_where_tag":true,
"can_edit_owner_comment":true,
"can_see_bank_account_balance":true,
"can_see_bank_account_bank_name":true,
"can_see_bank_account_currency":true,
"can_see_bank_account_iban":true,
"can_see_bank_account_label":true,
"can_see_bank_account_national_identifier":true,
"can_see_bank_account_number":true,
"can_see_bank_account_owners":true,
"can_see_bank_account_swift_bic":true,
"can_see_bank_account_type":true,
"can_see_comments":true,
"can_see_corporate_location":true,
"can_see_image_url":true,
"can_see_images":true,
"can_see_more_info":true,
"can_see_open_corporates_url":true,
"can_see_other_account_bank_name":true,
"can_see_other_account_iban":true,
"can_see_other_account_kind":true,
"can_see_other_account_metadata":true,
"can_see_other_account_national_identifier":true,
"can_see_other_account_number":true,
"can_see_other_account_swift_bic":true,
"can_see_owner_comment":true,
"can_see_physical_location":true,
"can_see_private_alias":true,
"can_see_public_alias":true,
"can_see_tags":true,
"can_see_transaction_amount":true,
"can_see_transaction_balance":true,
"can_see_transaction_currency":true,
"can_see_transaction_description":true,
"can_see_transaction_finish_date":true,
"can_see_transaction_metadata":true,
"can_see_transaction_other_bank_account":true,
"can_see_transaction_start_date":true,
"can_see_transaction_this_bank_account":true,
"can_see_transaction_type":true,
"can_see_url":true,
"can_see_where_tag":true
}],
"bank_id":"gh.29.uk"
},
"replacement":{
"requested_date":"1100-01-01T00:00:00Z",
"reason_requested":"RENEW"
},
"pin_reset":[{
"requested_date":"1100-01-01T00:00:00Z",
"reason_requested":"FORGOT"
}],
"collected":"1100-01-01T00:00:00Z",
"posted":"1100-01-01T00:00:00Z",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
Get all Connector Methods
Get all Connector Methods.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
JSON response body fields:
{
"connectors_methods":[{
"connector_method_id":"ace0352a-9a0f-4bfa-b30b-9003aa467f51",
"method_name":"getBank",
"method_body":"%20%20%20%20%20%20Future.successful%28%0A%20%20%20%20%20%20%20%20Full%28%28BankCommons%28%0A%20%20%20%20%20%20%20%20%20%20BankId%28%22Hello%20bank%20id%22%29%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%228%22%0A%20%20%20%20%20%20%20%20%29%2C%20None%29%29%0A%20%20%20%20%20%20%29",
"programming_lang":"Scala"
}]
}
-
CanGetAllConnectorMethods
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Update Connector Method
Update an internal connector.
The method_body is URL-encoded format String
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONNECTOR_METHOD_ID: ace0352a-9a0f-4bfa-b30b-9003aa467f51
JSON response body fields:
{
"connector_method_id":"ace0352a-9a0f-4bfa-b30b-9003aa467f51",
"method_name":"getBank",
"method_body":"%20%20%20%20%20%20Future.successful%28%0A%20%20%20%20%20%20%20%20Full%28%28BankCommons%28%0A%20%20%20%20%20%20%20%20%20%20BankId%28%22Hello%20bank%20id%22%29%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%221%22%2C%0A%20%20%20%20%20%20%20%20%20%20%228%22%0A%20%20%20%20%20%20%20%20%29%2C%20None%29%29%0A%20%20%20%20%20%20%29",
"programming_lang":"Scala"
}
-
CanUpdateConnectorMethod
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Answer Consent Challenge
An OBP Consent allows the holder of the Consent to call one or more endpoints.
Consents must be created and authorisied using SCA (Strong Customer Authentication).
That is, Consents can be created by an authorised User via the OBP REST API but they must be confirmed via an out of band (OOB) mechanism such as a code sent to a mobile phone.
Each Consent has one of the following states: INITIATED, ACCEPTED, REJECTED, rejected, REVOKED, EXPIRED, received, valid, revokedByPsu, expired, terminatedByTpp, AUTHORISED, AWAITINGAUTHORISATION.
Each Consent is bound to a consumer i.e. you need to identify yourself over request header value Consumer-Key.
For example:
GET /obp/v4.0.0/users/current HTTP/1.1
Host: 127.0.0.1:8080
Consent-JWT: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOlt7InJvbGVfbmFtZSI6IkNhbkdldEFueVVzZXIiLCJiYW5rX2lkIjoiIn
1dLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIzNDc1MDEzZi03YmY5LTQyNj
EtOWUxYy0xZTdlNWZjZTJlN2UiLCJhdWQiOiI4MTVhMGVmMS00YjZhLTQyMDUtYjExMi1lNDVmZDZmNGQzYWQiLCJuYmYiOjE1ODA3NDE2NjcsIml
zcyI6Imh0dHA6XC9cLzEyNy4wLjAuMTo4MDgwIiwiZXhwIjoxNTgwNzQ1MjY3LCJpYXQiOjE1ODA3NDE2NjcsImp0aSI6ImJkYzVjZTk5LTE2ZTY
tNDM4Yi1hNjllLTU3MTAzN2RhMTg3OCIsInZpZXdzIjpbXX0.L3fEEEhdCVr3qnmyRKBBUaIQ7dk1VjiFaEBW8hUNjfg
Consumer-Key: ejznk505d132ryomnhbx1qmtohurbsbb0kijajsk
cache-control: no-cache
Maximum time to live of the token is specified over props value consents.max_time_to_live. In case isn't defined default value is 3600 seconds.
Example of POST JSON:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com",
"valid_from": "2020-02-07T08:43:34Z",
"time_to_live": 3600
}
Please note that only optional fields are: consumer_id, valid_from and time_to_live.
In case you omit they the default values are used:
consumer_id = consumer of current user
valid_from = current time
time_to_live = consents.max_time_to_live
This endpoint is used to confirm a Consent previously created.
The User must supply a code that was sent out of band (OOB) for example via an SMS.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
BANK_ID: gh.29.uk
CONSENT_ID: 9d429899-24f5-42c8-8565-943ffa6a7947
JSON request body fields:
JSON response body fields:
consent_id: 9d429899-24f5-42c8-8565-943ffa6a7947
jwt: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create Consent By CONSENT_REQUEST_ID (IMPLICIT)
This endpoint continues the process of creating a Consent. It starts the SCA flow which changes the status of the consent from INITIATED to ACCEPTED or REJECTED.
Please note that the Consent cannot elevate the privileges logged in user already have.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSENT_REQUEST_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
IMPLICIT: IMPLICIT
JSON request body fields:
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
consent_id: 9d429899-24f5-42c8-8565-943ffa6a7947
counterparty_ids: counterparty_ids
jwt: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4
view_id: owner
account_access: account_access
consent_request_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
helper_info: helper_info
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED",
"consent_request_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"account_access":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner",
"helper_info":{
"counterparty_ids":["9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"]
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-35029: The CONSENT_REQUEST_ID is invalid.
- OBP-35009: Only SMS, EMAIL and IMPLICIT are supported as SCA methods.
- OBP-35013: Consents can only contain Roles that you already have access to.
- OBP-35014: Consents can only contain Views that you already have access to.
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-20058: Consumer is disabled.
- OBP-00010: Missing props value at this API instance -
- OBP-35010: SMS server is not working or SMS server can not send the message to the phone number:
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create Consent By CONSENT_REQUEST_ID (SMS)
This endpoint continues the process of creating a Consent. It starts the SCA flow which changes the status of the consent from INITIATED to ACCEPTED or REJECTED.
Please note that the Consent you are creating cannot exceed the entitlements that the User creating this consents already has.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSENT_REQUEST_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
SMS:
JSON request body fields:
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
consent_id: 9d429899-24f5-42c8-8565-943ffa6a7947
counterparty_ids: counterparty_ids
jwt: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4
view_id: owner
account_access: account_access
consent_request_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
helper_info: helper_info
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED",
"consent_request_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"account_access":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner",
"helper_info":{
"counterparty_ids":["9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"]
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-35029: The CONSENT_REQUEST_ID is invalid.
- OBP-35009: Only SMS, EMAIL and IMPLICIT are supported as SCA methods.
- OBP-35013: Consents can only contain Roles that you already have access to.
- OBP-35014: Consents can only contain Views that you already have access to.
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-20058: Consumer is disabled.
- OBP-00010: Missing props value at this API instance -
- OBP-35010: SMS server is not working or SMS server can not send the message to the phone number:
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create Consent Request
Client Authentication (mandatory)
It is used when applications request an access token to access their own resources, not on behalf of a user.
The client needs to authenticate themselves for this request.
In case of public client we use client_id and private key to obtain access token, otherwise we use client_id and client_secret.
The obtained access token is used in the HTTP Bearer auth header of our request.
Example:
Authorization: Bearer eXtneO-THbQtn3zvK_kQtXXfvOZyZFdBCItlPDbR2Bk.dOWqtXCtFX-tqGTVR0YrIjvAolPIVg7GZ-jz83y6nA0
After successfully creating the VRP consent request, you need to call the Create Consent By CONSENT_REQUEST_ID endpoint to finalize the consent.
Application Access is Required. The Application must be authenticated.
User Authentication is Optional. The User need not be logged in.
JSON request body fields:
account_access: account_access
bank_id: gh.29.uk
scheme: OBP
view_id: owner
bank_id: gh.29.uk
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
valid_from: 2020-01-27
JSON response body fields:
consent_request_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
payload: payload
{
"consent_request_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"payload":{
"everything":false,
"account_access":[{
"account_routing":{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"view_id":"owner"
}],
"phone_number":"+44 07972 444 876",
"valid_from":"2022-06-14T12:42:00Z",
"time_to_live":3600
},
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-10001: Incorrect json format.
- OBP-35020: You exceeded max value of time to live of consents.
- OBP-20306: PEM Encoded Certificate cannot be found at request header.
- OBP-20300: PEM Encoded Certificate issue.
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Get Consent By Consent Request Id via Consumer
This endpoint gets the Consent By consent request id.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSENT_REQUEST_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
consent_id: 9d429899-24f5-42c8-8565-943ffa6a7947
counterparty_ids: counterparty_ids
jwt: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4
view_id: owner
account_access: account_access
consent_request_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
helper_info: helper_info
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED",
"consent_request_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"account_access":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner",
"helper_info":{
"counterparty_ids":["9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"]
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get Consent Request
User Authentication is Optional. The User need not be logged in.
URL Parameters:
CONSENT_REQUEST_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
JSON response body fields:
consent_request_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
payload: payload
{
"consent_request_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"payload":{
"everything":false,
"account_access":[{
"account_routing":{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"view_id":"owner"
}],
"phone_number":"+44 07972 444 876",
"valid_from":"2022-06-14T12:42:00Z",
"time_to_live":3600
},
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-10001: Incorrect json format.
- OBP-35020: You exceeded max value of time to live of consents.
- OBP-20306: PEM Encoded Certificate cannot be found at request header.
- OBP-20300: PEM Encoded Certificate issue.
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Get Consents
This endpoint gets the Consents.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
1 limit (for pagination: defaults to 50) eg:limit=200
2 offset (for pagination: zero index, defaults to 0) eg: offset=10
3 consumer_id (ignore if omitted)
4 consent_id (ignore if omitted)
5 user_id (ignore if omitted)
6 status (ignore if omitted)
7 bank_id (ignore if omitted)
eg:/management/consents?consumer_id=78&limit=10&offset=10
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
api_standard: api_standard
aud: String
bank_id: gh.29.uk
consent_reference_id: 123456
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
counterparty_ids: counterparty_ids
createdByUserId: createdByUserId
exp: 60
iat: 60
iss: String
jti: String
jwt_payload: jwt_payload
last_action_date: last_action_date
last_usage_date: last_usage_date
name: ACCOUNT_MANAGEMENT_FEE
nbf: 60
note: note
request_headers: request_headers
sub: felixsmith
values: values
view_id: owner
access: access
allPsd2: allPsd2
availableAccounts: availableAccounts
balances: balances
bban: bban
currency: EUR
frequency_per_day: frequency_per_day
helper_info: helper_info
iban: DE91 1000 0000 0123 4567 89
maskedPan: maskedPan
msisdn: msisdn
name: ACCOUNT_MANAGEMENT_FEE
pan: pan
remaining_requests: remaining_requests
{
"consents":[{
"consent_reference_id":"123456",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"created_by_user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"status":"INITIATED",
"last_action_date":"2020-01-27",
"last_usage_date":"2021-04-08T09:12:27Z",
"jwt_payload":{
"createdByUserId":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"sub":"felixsmith",
"iss":"String",
"aud":"String",
"jti":"String",
"iat":60,
"nbf":60,
"exp":60,
"request_headers":[{
"name":"tags",
"values":["static"]
}],
"name":"ACCOUNT_MANAGEMENT_FEE",
"email":"felixsmith@example.com",
"entitlements":[{
"role_name":"",
"bank_id":"gh.29.uk"
}],
"views":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner",
"helper_info":{
"counterparty_ids":["9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"]
}
}],
"access":{
"accounts":[{
"iban":"DE91 1000 0000 0123 4567 89",
"bban":"BARC12345612345678",
"pan":"5409050000000000",
"maskedPan":"123456xxxxxx1234",
"msisdn":"+49 170 1234567",
"currency":"EUR"
}],
"balances":[{
"iban":"DE91 1000 0000 0123 4567 89",
"bban":"BARC12345612345678",
"pan":"5409050000000000",
"maskedPan":"123456xxxxxx1234",
"msisdn":"+49 170 1234567",
"currency":"EUR"
}],
"transactions":[{
"iban":"DE91 1000 0000 0123 4567 89",
"bban":"BARC12345612345678",
"pan":"5409050000000000",
"maskedPan":"123456xxxxxx1234",
"msisdn":"+49 170 1234567",
"currency":"EUR"
}],
"availableAccounts":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}
},
"api_standard":"Berlin Group",
"api_version":"v1.3",
"note":"Tue, 15 Jul 2025 19:16:22\n|---> Changed status from received to rejected for consent ID: 398"
}]
}
-
CanGetConsentsAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Provide client's certificate info of a current call
Provide client's certificate info of a current call specified by PSD2-CERT value at Request Header
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
JSON response body fields:
issuer_domain_name: issuer_domain_name
not_after: not_after
not_before: not_before
subject_domain_name: subject_domain_name
roles: CanCreateMyUser
roles_info: roles_info
{
"subject_domain_name":"OID.2.5.4.41=VPN, EMAILADDRESS=admin@tesobe.com, CN=TESOBE CA, OU=TESOBE Operations, O=TESOBE, L=Berlin, ST=Berlin, C=DE",
"issuer_domain_name":"CN=localhost, O=TESOBE GmbH, ST=Berlin, C=DE",
"not_before":"2022-04-01T10:13:00.000Z",
"not_after":"2032-04-01T10:13:00.000Z",
"roles_info":"PEM Encoded Certificate does not contain PSD2 roles."
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
Revoke Consent at Bank
Revoke Consent specified by CONSENT_ID
There are a few reasons you might need to revoke an application’s access to a user’s account:
- The user explicitly wishes to revoke the application’s access
- You as the service provider have determined an application is compromised or malicious, and want to disable it
- etc.
OBP as a resource server stores access tokens in a database, then it is relatively easy to revoke some token that belongs to a particular user.
The status of the token is changed to "REVOKED" so the next time the revoked client makes a request, their token will fail to validate.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
BANK_ID: gh.29.uk
CONSENT_ID: 9d429899-24f5-42c8-8565-943ffa6a7947
JSON response body fields:
consent_id: 9d429899-24f5-42c8-8565-943ffa6a7947
jwt: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"REJECTED"
}
-
CanRevokeConsentAtBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Revoke Consent used in the Current Call
Revoke Consent specified by Consent-Id at Request Header
There are a few reasons you might need to revoke an application’s access to a user’s account:
- The user explicitly wishes to revoke the application’s access
- You as the service provider have determined an application is compromised or malicious, and want to disable it
- etc.
OBP as a resource server stores access tokens in a database, then it is relatively easy to revoke some token that belongs to a particular user.
The status of the token is changed to "REVOKED" so the next time the revoked client makes a request, their token will fail to validate.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
JSON response body fields:
consent_id: 9d429899-24f5-42c8-8565-943ffa6a7947
jwt: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"REJECTED"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
Create Counterparty (Explicit)
This endpoint creates an (Explicit) Counterparty for an Account.
For an introduction to Counterparties in OBP see here
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON request body fields:
currency: EUR
description: Description of the object. Maximum length is 2000. It can be any characters here.
is_beneficiary: false
key: CustomerNumber
name: ACCOUNT_MANAGEMENT_FEE
other_account_routing_address: DE89370400440532013000
other_account_routing_scheme: IBAN
other_account_secondary_routing_address:
other_account_secondary_routing_scheme:
value: 5987953
JSON response body fields:
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date: 2020-01-27
description: Description of the object. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
is_beneficiary: false
key: CustomerNumber
latitude: 38.8951
longitude: -77.0364
more_info: More information about this fee
name: ACCOUNT_MANAGEMENT_FEE
other_account_routing_address: DE89370400440532013000
other_account_routing_scheme: IBAN
other_account_secondary_routing_address:
other_account_secondary_routing_scheme:
provider: ETHEREUM
url: http://www.example.com/id-docs/123/image.png
user:
username: felixsmith
value: 5987953
{
"name":"CounterpartyName",
"description":"My landlord",
"currency":"EUR",
"created_by_user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"this_bank_id":"gh.29.uk",
"this_account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"this_view_id":"owner",
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"other_bank_routing_scheme":"OBP",
"other_bank_routing_address":"gh.29.uk",
"other_branch_routing_scheme":"OBP",
"other_branch_routing_address":"12f8a9e6-c2b1-407a-8bd0-421b7119307e",
"other_account_routing_scheme":"IBAN",
"other_account_routing_address":"DE89370400440532013000",
"other_account_secondary_routing_scheme":"IBAN",
"other_account_secondary_routing_address":"DE89370400440532013000",
"is_beneficiary":true,
"bespoke":[{
"key":"englishName",
"value":"english Name"
}],
"metadata":{
"public_alias":"String",
"more_info":"String",
"url":"String",
"image_url":"String",
"open_corporates_url":"String",
"corporate_location":{
"latitude":11.45,
"longitude":11.45,
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"123",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
}
},
"physical_location":{
"latitude":11.45,
"longitude":11.45,
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"123",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
}
},
"private_alias":"String"
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-20017: Current user does not have access to the view. Please specify a valid value for VIEW_ID.
- OBP-10001: Incorrect json format.
- OBP-10003: Invalid Currency Value. It should be three letters ISO Currency Code.
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-30014: Counterparty already exists. Please specify a different value for BANK_ID or ACCOUNT_ID or VIEW_ID or NAME.
- OBP-50000: Unknown Error.
Delete Counterparty (Explicit)
This endpoint deletes the Counterparty on the Account / View specified by the COUNTERPARTY_ID.
It also deletes any related Counterparty Metadata.
The User calling this endpoint must have access to the View specified in the URL and that View must have the permission can_delete_counterparty.
For a general introduction to Counterparties in OBP see here
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
COUNTERPARTY_ID: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
VIEW_ID: owner
JSON request body fields:
JSON response body fields:
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-20017: Current user does not have access to the view. Please specify a valid value for VIEW_ID.
- OBP-50000: Unknown Error.
Get Counterparties (Explicit)
Get the Counterparties that have been explicitly created on the specified Account / View.
For a general introduction to Counterparties in OBP, see here
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON response body fields:
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
description: Description of the object. Maximum length is 2000. It can be any characters here.
is_beneficiary: false
key: CustomerNumber
name: ACCOUNT_MANAGEMENT_FEE
other_account_routing_address: DE89370400440532013000
other_account_routing_scheme: IBAN
other_account_secondary_routing_address:
other_account_secondary_routing_scheme:
value: 5987953
{
"counterparties":[{
"name":"CounterpartyName",
"description":"My landlord",
"currency":"EUR",
"created_by_user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"this_bank_id":"gh.29.uk",
"this_account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"this_view_id":"owner",
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"other_bank_routing_scheme":"OBP",
"other_bank_routing_address":"gh.29.uk",
"other_branch_routing_scheme":"OBP",
"other_branch_routing_address":"12f8a9e6-c2b1-407a-8bd0-421b7119307e",
"other_account_routing_scheme":"IBAN",
"other_account_routing_address":"DE89370400440532013000",
"other_account_secondary_routing_scheme":"IBAN",
"other_account_secondary_routing_address":"DE89370400440532013000",
"is_beneficiary":true,
"bespoke":[{
"key":"englishName",
"value":"english Name"
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-20017: Current user does not have access to the view. Please specify a valid value for VIEW_ID.
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-50000: Unknown Error.
Get Customers for Current User
Gets all Customers that are linked to a User.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
JSON response body fields:
amount: 10.12
bank_id: gh.29.uk
branch_id: DERBY6
currency: EUR
customer_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_number: 5987953
date: 2020-01-27
date_of_birth: 2018-03-09
dependants: 1
dob_of_dependants: [2019-09-08, 2017-07-12]
employment_status: worker
highest_education_attained: Master
kyc_status: false
last_ok_date: 2024-08-08T12:54:59.948Z
legal_name: Eveline Tripman
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
name_suffix: Sr
relationship_status: single
title: Dr.
type:
url: http://www.example.com/id-docs/123/image.png
value: 5987953
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"customer_number":"5987953",
"legal_name":"Eveline Tripman",
"mobile_phone_number":"+44 07972 444 876",
"email":"felixsmith@example.com",
"face_image":{
"url":"www.openbankproject",
"date":"1100-01-01T00:00:00Z"
},
"date_of_birth":"19900101",
"relationship_status":"single",
"dependants":1,
"dob_of_dependants":["19900101"],
"credit_rating":{
"rating":"OBP",
"source":"OBP"
},
"credit_limit":{
"currency":"EUR",
"amount":"0"
},
"highest_education_attained":"Master",
"employment_status":"worker",
"kyc_status":false,
"last_ok_date":"2024-08-08T12:55:01Z",
"title":"Dr.",
"branch_id":"DERBY6",
"name_suffix":"Sr",
"customer_attributes":[{
"customer_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"SPECIAL_TAX_NUMBER",
"type":"STRING",
"value":"123456789"
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
Create Customer Message
Create a message for the customer specified by CUSTOMER_ID
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
BANK_ID: gh.29.uk
CUSTOMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON request body fields:
from_department: Open Bank
from_person: Tom
message: 123456
transport: SMS
JSON response body fields:
{
"success":"Success"
}
-
CanCreateCustomerMessage
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-20006: User is missing one or more roles:
Get Current FxRate
Get the latest FX rate specified by BANK_ID, FROM_CURRENCY_CODE and TO_CURRENCY_CODE
OBP may try different sources of FX rate information depending on the Connector in operation.
For example we want to convert EUR => USD:
OBP will:
1st try - Connector (database, core banking system or external FX service)
2nd try part 1 - fallbackexchangerates/eur.json
2nd try part 2 - fallbackexchangerates/usd.json (the inverse rate is used)
3rd try - Hardcoded map of FX rates.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
BANK_ID: gh.29.uk
TO_CURRENCY_CODE: EUR
JSON response body fields:
bank_id: gh.29.uk
conversion_value: 100
effective_date: 2020-01-27
to_currency_code: EUR
{
"bank_id":"gh.29.uk",
"from_currency_code":"EUR",
"to_currency_code":"GBP",
"conversion_value":1.001,
"inverse_conversion_value":0.998,
"effective_date":"1100-01-01T00:00:00Z"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-10003: Invalid Currency Value. It should be three letters ISO Currency Code.
- OBP-20001: User not logged in. Authentication is required!
- OBP-10004: ISO Currency code combination not supported for FX. Please modify the FROM_CURRENCY_CODE or TO_CURRENCY_CODE.
- OBP-50000: Unknown Error.
Add Entitlement for a User
Create Entitlement. Grant Role to User.
Entitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)
For a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
For a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
Authentication is required and the user needs to be a Super Admin. Super Admins are listed in the Props file.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON request body fields:
bank_id: gh.29.uk
JSON response body fields:
bank_id: gh.29.uk
{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}
-
CanCreateEntitlementAtOneBank
- Please login to request this Role
-
CanCreateEntitlementAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-20050: Current User is not a Super Admin!
- OBP-10001: Incorrect json format.
- OBP-10007: Incorrect Role name:
- OBP-30205: This entitlement is a Bank Role. Please set bank_id to a valid bank id.
- OBP-30206: This entitlement is a System Role. Please set bank_id to empty string.
- OBP-30216: Entitlement already exists for the user.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Transaction by Id
Returns one transaction specified by TRANSACTION_ID of the account ACCOUNT_ID and moderated by the view (VIEW_ID).
User Authentication is Optional. The User need not be logged in.
Authentication is required if the view is not public.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
TRANSACTION_ID: 2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub
VIEW_ID: owner
JSON response body fields:
URL: http://www.example.com/id-docs/123/image.png
amount: 10.12
completed: 2020-01-27
currency: EUR
date: 2020-01-27
description: Description of the object. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
label: My Account
latitude: 38.8951
longitude: -77.0364
more_info: More information about this fee
name: ACCOUNT_MANAGEMENT_FEE
new_balance: 20
posted: 2020-01-27
provider: ETHEREUM
scheme: OBP
tags: Create-My-User
transaction_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
type:
user:
value: 5987953
{
"id":"String",
"this_account":{
"id":"String",
"bank_routing":{
"scheme":"OBP",
"address":"gh.29.uk"
},
"account_routings":[{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}],
"holders":[{
"name":"OBP",
"is_alias":true
}]
},
"other_account":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"holder":{
"name":"OBP",
"is_alias":true
},
"bank_routing":{
"scheme":"OBP",
"address":"gh.29.uk"
},
"account_routings":[{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}],
"metadata":{
"public_alias":"NONE",
"private_alias":"NONE",
"more_info":"www.openbankproject.com",
"URL":"www.openbankproject.com",
"image_URL":"www.openbankproject.com",
"open_corporates_URL":"www.openbankproject.com",
"corporate_location":{
"latitude":1.231,
"longitude":1.231,
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
},
"physical_location":{
"latitude":1.231,
"longitude":1.231,
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}
}
},
"details":{
"type":"AC",
"description":"this is for family",
"posted":"1100-01-01T00:00:00Z",
"completed":"1100-01-01T00:00:00Z",
"new_balance":{
"currency":"EUR",
"amount":"0"
},
"value":{
"currency":"EUR",
"amount":"0"
}
},
"metadata":{
"narrative":"NONE",
"comments":[{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"value":"OBP",
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}],
"tags":[{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"value":"OBP",
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}],
"images":[{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"label":"NONE",
"URL":"www.openbankproject.com",
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}],
"where":{
"latitude":1.231,
"longitude":1.231,
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}
},
"transaction_attributes":[{
"transaction_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"HOUSE_RENT",
"type":"DATE_WITH_DAY",
"value":"123456789"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-20017: Current user does not have access to the view. Please specify a valid value for VIEW_ID.
- OBP-50000: Unknown Error.
Get Transactions for Account (Core)
Returns transactions list (Core info) of the account specified by ACCOUNT_ID.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
Possible custom url parameters for pagination:
- limit=NUMBER ==> default value: 50
- offset=NUMBER ==> default value: 0
eg1:?limit=100&offset=0
- sort_direction=ASC/DESC ==> default value: DESC.
eg2:?limit=100&offset=0&sort_direction=ASC
- from_date=DATE => example value: 1970-01-01T00:00:00.000Z. NOTE! The default value is one year ago (1970-01-01T00:00:00.000Z).
- to_date=DATE => example value: 2025-08-08T12:55:01.477Z. NOTE! The default value is now (2025-08-08T12:55:01.477Z).
Date format parameter: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'(1100-01-01T01:01:01.000Z) ==> time zone is UTC.
eg3:?sort_direction=ASC&limit=100&offset=0&from_date=1100-01-01T01:01:01.000Z&to_date=1100-01-01T01:01:01.000Z
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON response body fields:
amount: 10.12
completed: 2020-01-27
currency: EUR
description: Description of the object. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
name: ACCOUNT_MANAGEMENT_FEE
new_balance: 20
posted: 2020-01-27
scheme: OBP
transaction_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
type:
value: 5987953
{
"transactions":[{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"this_account":{
"id":"String",
"bank_routing":{
"scheme":"OBP",
"address":"gh.29.uk"
},
"account_routings":[{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}],
"holders":[{
"name":"OBP",
"is_alias":true
}]
},
"other_account":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"holder":{
"name":"OBP",
"is_alias":true
},
"bank_routing":{
"scheme":"OBP",
"address":"gh.29.uk"
},
"account_routings":[{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}]
},
"details":{
"type":"AC",
"description":"OBP",
"posted":"1100-01-01T00:00:00Z",
"completed":"1100-01-01T00:00:00Z",
"new_balance":{
"currency":"EUR",
"amount":"0"
},
"value":{
"currency":"EUR",
"amount":"0"
}
},
"transaction_attributes":[{
"transaction_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"HOUSE_RENT",
"type":"DATE_WITH_DAY",
"value":"123456789"
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-10023: obp_sort_direction parameter can only take two values: DESC or ASC!
- OBP-10024: wrong value for obp_offset parameter. Please send a positive integer (=>0)!
- OBP-10025: wrong value for obp_limit parameter. Please send a positive integer (=>1)!
- OBP-10026: Failed to parse date string. Please use this format yyyy-MM-dd'T'HH:mm:ss.SSS'Z'!
- OBP-20001: User not logged in. Authentication is required!
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-50000: Unknown Error.
Get Transactions for Account (Full)
Returns transactions list of the account specified by ACCOUNT_ID and moderated by the view (VIEW_ID).
User Authentication is Optional. The User need not be logged in.
Authentication is required if the view is not public.
Possible custom url parameters for pagination:
- limit=NUMBER ==> default value: 50
- offset=NUMBER ==> default value: 0
eg1:?limit=100&offset=0
- sort_direction=ASC/DESC ==> default value: DESC.
eg2:?limit=100&offset=0&sort_direction=ASC
- from_date=DATE => example value: 1970-01-01T00:00:00.000Z. NOTE! The default value is one year ago (1970-01-01T00:00:00.000Z).
- to_date=DATE => example value: 2025-08-08T12:55:01.477Z. NOTE! The default value is now (2025-08-08T12:55:01.477Z).
Date format parameter: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'(1100-01-01T01:01:01.000Z) ==> time zone is UTC.
eg3:?sort_direction=ASC&limit=100&offset=0&from_date=1100-01-01T01:01:01.000Z&to_date=1100-01-01T01:01:01.000Z
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON response body fields:
URL: http://www.example.com/id-docs/123/image.png
amount: 10.12
completed: 2020-01-27
currency: EUR
date: 2020-01-27
description: Description of the object. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
label: My Account
latitude: 38.8951
longitude: -77.0364
more_info: More information about this fee
name: ACCOUNT_MANAGEMENT_FEE
new_balance: 20
posted: 2020-01-27
provider: ETHEREUM
scheme: OBP
tags: Create-My-User
transaction_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
type:
user:
value: 5987953
{
"transactions":[{
"id":"String",
"this_account":{
"id":"String",
"bank_routing":{
"scheme":"OBP",
"address":"gh.29.uk"
},
"account_routings":[{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}],
"holders":[{
"name":"OBP",
"is_alias":true
}]
},
"other_account":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"holder":{
"name":"OBP",
"is_alias":true
},
"bank_routing":{
"scheme":"OBP",
"address":"gh.29.uk"
},
"account_routings":[{
"scheme":"OBP",
"address":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}],
"metadata":{
"public_alias":"NONE",
"private_alias":"NONE",
"more_info":"www.openbankproject.com",
"URL":"www.openbankproject.com",
"image_URL":"www.openbankproject.com",
"open_corporates_URL":"www.openbankproject.com",
"corporate_location":{
"latitude":1.231,
"longitude":1.231,
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
},
"physical_location":{
"latitude":1.231,
"longitude":1.231,
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}
}
},
"details":{
"type":"AC",
"description":"this is for family",
"posted":"1100-01-01T00:00:00Z",
"completed":"1100-01-01T00:00:00Z",
"new_balance":{
"currency":"EUR",
"amount":"0"
},
"value":{
"currency":"EUR",
"amount":"0"
}
},
"metadata":{
"narrative":"NONE",
"comments":[{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"value":"OBP",
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}],
"tags":[{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"value":"OBP",
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}],
"images":[{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"label":"NONE",
"URL":"www.openbankproject.com",
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}],
"where":{
"latitude":1.231,
"longitude":1.231,
"date":"1100-01-01T00:00:00Z",
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
}
}
},
"transaction_attributes":[{
"transaction_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"HOUSE_RENT",
"type":"DATE_WITH_DAY",
"value":"123456789"
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-10023: obp_sort_direction parameter can only take two values: DESC or ASC!
- OBP-10024: wrong value for obp_offset parameter. Please send a positive integer (=>0)!
- OBP-10025: wrong value for obp_limit parameter. Please send a positive integer (=>1)!
- OBP-10026: Failed to parse date string. Please use this format yyyy-MM-dd'T'HH:mm:ss.SSS'Z'!
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-50000: Unknown Error.
Answer Transaction Request Challenge
In Sandbox mode, any string that can be converted to a positive integer will be accepted as an answer.
This endpoint totally depends on createTransactionRequest, it need get the following data from createTransactionRequest response body.
1)TRANSACTION_REQUEST_TYPE : is the same as createTransactionRequest request URL .
2)TRANSACTION_REQUEST_ID : is the id field in createTransactionRequest response body.
3) id : is challenge.id field in createTransactionRequest response body.
4) answer : must be 123 in case that Strong Customer Authentication method for OTP challenge is dummy.
For instance: SANDBOX_TAN_OTP_INSTRUCTION_TRANSPORT=dummy
Possible values are dummy,email and sms
In CBS mode, the answer can be got by phone message or other SCA methods.
Note that each Transaction Request Type can have its own OTP_INSTRUCTION_TRANSPORT method.
OTP_INSTRUCTION_TRANSPORT methods are set in Props. See sample.props.template for instructions.
Single or Multiple authorisations
OBP allows single or multi party authorisations.
Single party authorisation:
In the case that only one person needs to authorise i.e. answer a security challenge we have the following change of state of a transaction request:
INITIATED => COMPLETED
Multiparty authorisation:
In the case that multiple parties (n persons) need to authorise a transaction request i.e. answer security challenges, we have the followings state flow for a transaction request:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in the case of a correct answer but the user is different than expected the challenge will fail.
Rule for calculating number of security challenges:
If Product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission can_add_transaction_request_to_any_account=true)
In the case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute, the default number of security challenges created is one.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
TRANSACTION_REQUEST_ID: 8138a7e4-6d02-40e3-a129-0b2bf89de9f1
TRANSACTION_REQUEST_TYPE: SEPA
VIEW_ID: owner
JSON request body fields:
id: d8839721-ad8f-45dd-9f78-2080414b93f9
additional_information: additional_information
reason_code: reason_code
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
agent_number: 5987953
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: Description of the object. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
value: 5987953
to_agent: to_agent
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"to_agent":{
"bank_id":"gh.29.uk",
"agent_number":"5987953"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"Description of the object. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenge":{
"id":"be1a183d-b301-4b83-b855-5eeffdd3526f",
"allowed_attempts":3,
"challenge_type":"SANDBOX_TAN"
},
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40011: Transaction Request Status is not INITIATED.
- OBP-40009: The TRANSACTION_REQUEST_TYPE has changed.
- OBP-40014: Sorry, you've used up your allowed attempts.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Create Transaction Request (COUNTERPARTY)
For an introduction to Transaction Requests, see: here
When using a COUNTERPARTY to create a Transaction Request, specify the counterparty_id in the body of the request.
The routing details of the counterparty will be forwarded to the Core Banking System (CBS) for the transfer.
COUNTERPARTY Transaction Requests are used for Variable Recurring Payments (VRP). Use the following endpoint to create a consent for VRPs.
For a general introduction to Counterparties in OBP, see here
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON request body fields:
amount: 10.12
attribute_type: STRING
charge_policy: SHARED
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
description: Description of the object. Maximum length is 2000. It can be any characters here.
name: ACCOUNT_MANAGEMENT_FEE
to:
value: 5987953
attributes: attribute value in form of (name, value)
future_date: 20200127
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
agent_number: 5987953
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
challenges: challenges
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: Description of the object. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
link:
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
attributes: attribute value in form of (name, value)
to_agent: to_agent
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"to_agent":{
"bank_id":"gh.29.uk",
"agent_number":"5987953"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"Description of the object. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenges":[{
"id":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"allowed_attempts":3,
"challenge_type":"OBP_TRANSACTION_REQUEST_CHALLENGE",
"link":"/obp/v4.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-request-types/TRANSACTION_REQUEST_TYPE/transaction-requests/TRANSACTION_REQUEST_ID/challenge"
}],
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
},
"attributes":[{
"name":"ACCOUNT_MANAGEMENT_FEE",
"value":"5987953"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because the login user doesn't have access to the view of the from account or the consumer doesn't have the access to the view of the from account or the login user does not have the `CanCreateAnyTransactionRequest` role or the view does not have the permission can_add_transaction_request_to_any_account or the view does not have the permission can_add_transaction_request_to_beneficiary.
- OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
- OBP-10001: Incorrect json format.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Create Transaction Request (SIMPLE)
Special instructions for SIMPLE:
You can transfer money to the Bank Account Number or IBAN directly.
For an introduction to Transaction Requests, see: here
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
SIMPLE: SIMPLE
VIEW_ID: owner
JSON request body fields:
amount: 10.12
charge_policy: SHARED
currency: EUR
description: Description of the object. Maximum length is 2000. It can be any characters here.
name: ACCOUNT_MANAGEMENT_FEE
other_account_routing_address: DE89370400440532013000
other_account_routing_scheme: IBAN
other_account_secondary_routing_address:
other_account_secondary_routing_scheme:
to:
value: 5987953
future_date: 20200127
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
agent_number: 5987953
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
challenges: challenges
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: Description of the object. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
link:
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
attributes: attribute value in form of (name, value)
to_agent: to_agent
to_simple: to_simple
{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"to_agent":{
"bank_id":"gh.29.uk",
"agent_number":"5987953"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"Description of the object. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenges":[{
"id":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"allowed_attempts":3,
"challenge_type":"OBP_TRANSACTION_REQUEST_CHALLENGE",
"link":"/obp/v4.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-request-types/TRANSACTION_REQUEST_TYPE/transaction-requests/TRANSACTION_REQUEST_ID/challenge"
}],
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
},
"attributes":[{
"name":"ACCOUNT_MANAGEMENT_FEE",
"value":"5987953"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because the login user doesn't have access to the view of the from account or the consumer doesn't have the access to the view of the from account or the login user does not have the `CanCreateAnyTransactionRequest` role or the view does not have the permission can_add_transaction_request_to_any_account or the view does not have the permission can_add_transaction_request_to_beneficiary.
- OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
- OBP-10001: Incorrect json format.
- OBP-10002: Invalid Number. Could not convert value to a number.
- OBP-40008: Can't send a payment with a value of 0 or less.
- OBP-40003: Transaction Request Currency must be the same as From Account Currency.
- OBP-00003: Transaction Requests is disabled in this API instance.
- OBP-50000: Unknown Error.
Get Transaction Requests
Returns transaction requests for account specified by ACCOUNT_ID at bank specified by BANK_ID.
The VIEW_ID specified must be 'owner' and the user must have access to this view.
Version 2.0.0 now returns charge information.
Transaction Requests serve to initiate transactions that may or may not proceed. They contain information including:
- Transaction Request Id
- Type
- Status (INITIATED, COMPLETED)
- Challenge (in order to confirm the request)
- From Bank / Account
- Details including Currency, Value, Description and other initiation information specific to each type. (Could potentialy include a list of future transactions.)
- Related Transactions
PSD2 Context: PSD2 requires transparency of charges to the customer.
This endpoint provides the charge that would be applied if the Transaction Request proceeds - and a record of that charge there after.
The customer can proceed with the Transaction by answering the security challenge.
We support query transaction request by attribute
URL params example:/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-requests?invoiceNumber=123&referenceNumber=456
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
VIEW_ID: owner
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
agent_number: 5987953
amount: 10.12
bank_code: CGHZ
bank_id: gh.29.uk
counterparty_id: 9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh
currency: EUR
date_of_birth: 2018-03-09
description: Description of the object. Maximum length is 2000. It can be any characters here.
from:
future_date: 20200127
iban: DE91 1000 0000 0123 4567 89
id: d8839721-ad8f-45dd-9f78-2080414b93f9
instructedAmount: 100
legal_name: Eveline Tripman
message: 123456
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
otherAccountRoutingAddress: otherAccountRoutingAddress
otherAccountRoutingScheme: otherAccountRoutingScheme
otherAccountSecondaryRoutingAddress: otherAccountSecondaryRoutingAddress
otherAccountSecondaryRoutingScheme: otherAccountSecondaryRoutingScheme
otherBankRoutingAddress: otherBankRoutingAddress
otherBankRoutingScheme: otherBankRoutingScheme
otherBranchRoutingAddress: otherBranchRoutingAddress
otherBranchRoutingScheme: otherBranchRoutingScheme
start_date: 2020-01-27
to:
transaction_requests_with_charges:
type:
value: 5987953
to_agent: to_agent
to_simple: to_simple
{
"transaction_requests_with_charges":[{
"id":"4050046c-63b3-4868-8a22-14b4181d33a6",
"type":"SANDBOX_TAN",
"from":{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
},
"details":{
"to_sandbox_tan":{
"bank_id":"String",
"account_id":"String"
},
"to_sepa":{
"iban":"String"
},
"to_counterparty":{
"counterparty_id":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"
},
"to_simple":{
"otherBankRoutingScheme":"BIC",
"otherBankRoutingAddress":"GENODEM1GLS",
"otherBranchRoutingScheme":"BRANCH-CODE",
"otherBranchRoutingAddress":"DERBY6",
"otherAccountRoutingScheme":"IBAN",
"otherAccountRoutingAddress":"DE91 1000 0000 0123 4567 89",
"otherAccountSecondaryRoutingScheme":"IBAN",
"otherAccountSecondaryRoutingAddress":"DE91 1000 0000 0123 4567 89"
},
"to_transfer_to_phone":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"mobile_phone_number":"+44 07972 444 876"
}
},
"to_transfer_to_atm":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"message":"String",
"from":{
"mobile_phone_number":"+44 07972 444 876",
"nickname":"String"
},
"to":{
"legal_name":"Eveline Tripman",
"date_of_birth":"20181230",
"mobile_phone_number":"+44 07972 444 876",
"kyc_document":{
"type":"String",
"number":"String"
}
}
},
"to_transfer_to_account":{
"value":{
"currency":"EUR",
"amount":"0"
},
"description":"String",
"transfer_type":"String",
"future_date":"20181230",
"to":{
"name":"String",
"bank_code":"String",
"branch_number":"String",
"account":{
"number":"String",
"iban":"String"
}
}
},
"to_sepa_credit_transfers":{
"debtorAccount":{
"iban":"12345"
},
"instructedAmount":{
"currency":"EUR",
"amount":"0"
},
"creditorAccount":{
"iban":"54321"
},
"creditorName":"John Miles"
},
"to_agent":{
"bank_id":"gh.29.uk",
"agent_number":"5987953"
},
"value":{
"currency":"EUR",
"amount":"100"
},
"description":"Description of the object. Maximum length is 2000. It can be any characters here."
},
"transaction_ids":["902ba3bb-dedd-45e7-9319-2fd3f2cd98a1"],
"status":"COMPLETED",
"start_date":"1100-01-01T00:00:00Z",
"end_date":"1100-01-01T00:00:00Z",
"challenge":{
"id":"be1a183d-b301-4b83-b855-5eeffdd3526f",
"allowed_attempts":3,
"challenge_type":"SANDBOX_TAN"
},
"charge":{
"summary":"Rent the flat",
"value":{
"currency":"EUR",
"amount":"0"
}
}
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
- OBP-20017: Current user does not have access to the view. Please specify a valid value for VIEW_ID.
- OBP-20022: View does not permit the access.
- OBP-60010: Get Transaction Requests Exception.
- OBP-50000: Unknown Error.
Answer User Auth Context Update Challenge
Answer User Auth Context Update Challenge.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_update_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"status":"INITIATED",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create Non Personal User Attribute
Create Non Personal User Attribute
The type field must be one of "STRING", "INTEGER", "DOUBLE" or DATE_WITH_DAY"
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON request body fields:
name: ACCOUNT_MANAGEMENT_FEE
type:
value: 5987953
JSON response body fields:
insert_date: 2020-01-27
is_personal: is_personal
name: ACCOUNT_MANAGEMENT_FEE
type:
user_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
value: 5987953
{
"user_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"BATTERY_LEVEL",
"type":"STRING",
"value":"90",
"is_personal":false,
"insert_date":"2025-08-08T12:55:03Z"
}
-
CanCreateNonPersonalUserAttribute
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Create User Auth Context Update Request
Create User Auth Context Update Request.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
A One Time Password (OTP) (AKA security challenge) is sent Out of Band (OOB) to the User via the transport defined in SCA_METHOD
SCA_METHOD is typically "SMS" or "EMAIL". "EMAIL" is used for testing purposes.
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
key: CustomerNumber
value: 5987953
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_update_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"status":"INITIATED",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-30053: Could not insert the UserAuthContext
- OBP-50000: Unknown Error.
Delete Non Personal User Attribute
Delete the Non Personal User Attribute specified by ENTITLEMENT_REQUEST_ID for a user specified by USER_ID
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
USER_ATTRIBUTE_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanDeleteNonPersonalUserAttribute
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Delete User Auth Context
Delete a User AuthContext of the User specified by USER_AUTH_CONTEXT_ID.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanDeleteUserAuthContext
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Non Personal User Attributes
Get Non Personal User Attribute for a user specified by USER_ID
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanGetNonPersonalUserAttributes
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Get User (Current)
Get the logged in user
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
list:
provider: ETHEREUM
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
view_id: owner
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get User Auth Contexts
Get User Auth Contexts for a User.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
time_stamp: 1100-01-01T01:01:01.000Z
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"time_stamp":"1100-01-01T00:00:00Z",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
-
CanGetUserAuthContext
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.