API Explorer

v2.0.0 (115 APIs)

Bank
Accounts
Views
Counterparties
Transactions

Answer Transaction Request Challenge

In Sandbox mode, any string that can be converted to a positive integer will be accepted as an answer.

Authentication is Mandatory

URL Parameters:

JSON request body fields:

JSON response body fields:

Typical Successful Response:

								
									
{ "id":"82f92531-9c63-4246-abfc-96c20ec46188", "type":"SANDBOX_TAN", "from":{ "bank_id":"gh.29.uk", "account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0" }, "details":{ "to":{ "bank_id":"String", "account_id":"String" }, "value":{ "currency":"EUR", "amount":"100" }, "description":"String" }, "transaction_ids":"666666-9c63-4246-abfc-96c20ec46188", "status":"COMPLETED", "start_date":"2017-09-19T00:00:00Z", "end_date":"2017-09-19T00:00:00Z", "challenge":{ "id":"be1a183d-b301-4b83-b855-5eeffdd3526f", "allowed_attempts":3, "challenge_type":"SANDBOX_TAN" }, "charge":{ "summary":"Rent the flat", "value":{ "currency":"EUR", "amount":"0" } } }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
  • OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
  • OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
  • OBP-20017: Current user does not have access to the view. Please specify a valid value for VIEW_ID.
  • OBP-10001: Incorrect json format.
  • OBP-40004: Transaction Request Id not found.
  • OBP-40009: The TRANSACTION_REQUEST_TYPE has changed.
  • OBP-40010: Invalid Challenge Id. Please specify a valid value for CHALLENGE_ID.
  • OBP-40011: Transaction Request Status is not INITIATED.
  • OBP-00003: Transaction Requests is disabled in this API instance.
  • OBP-50000: Unknown Error.
Implemented in OBPv2.0.0 by answerTransactionRequestChallenge, operation_id: OBPv2.0.0-answerTransactionRequestChallenge

Create Transaction Request

Initiate a Payment via a Transaction Request.

This is the preferred method to create a payment and supersedes makePayment in 1.2.1.

PSD2 Context: Third party access access to payments is a core tenent of PSD2.

This call satisfies that requirement from several perspectives:

1) A transaction can be initiated by a third party application.

2) The customer is informed of the charge that will incurred.

3) The call uses delegated authentication (OAuth)

See this python code for a complete example of this flow.

In sandbox mode, if the amount is less than 100 (any currency), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.|
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.

You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.

Currently TRANSACTION_REQUEST_TYPE must be set to SANDBOX_TAN

The following static FX rates are available in sandbox mode:

{
"XAF":{
"HKD":0.0135503,
"AUD":0.00228226,
"KRW":1.87975,
"JOD":0.00127784,
"GBP":0.00131092,
"MXN":0.0396,
"AED":0.00601555,
"INR":0.110241,
"JPY":0.185328,
"USD":0.00163773,
"ILS":0.00641333,
"EUR":0.00152449
},
"HKD":{
"XAF":73.8049,
"AUD":0.178137,
"KRW":143.424,
"JOD":0.0903452,
"GBP":0.0985443,
"MXN":2.8067,
"AED":0.467977,
"INR":9.09325,
"JPY":14.0867,
"USD":0.127427,
"ILS":0.460862,
"EUR":0.112495
},
"AUD":{
"XAF":438.162,
"HKD":5.61346,
"KRW":895.304,
"JOD":0.556152,
"GBP":0.609788,
"MXN":16.0826,
"AED":2.88368,
"INR":50.4238,
"JPY":87.0936,
"USD":0.785256,
"ILS":2.83558,
"EUR":0.667969
},
"KRW":{
"XAF":0.531986,
"HKD":0.00697233,
"AUD":0.00111694,
"JOD":6.30634E-4,
"GBP":6.97389E-4,
"MXN":0.0183,
"AED":0.00320019,
"INR":0.0586469,
"JPY":0.0985917,
"USD":8.7125E-4,
"ILS":0.00316552,
"EUR":8.11008E-4
},
"JOD":{
"XAF":782.572,
"HKD":11.0687,
"AUD":1.63992,
"KRW":1585.68,
"GBP":1.06757,
"MXN":30.8336,
"AED":5.18231,
"INR":90.1236,
"JPY":156.304,
"USD":1.41112,
"ILS":5.02018,
"EUR":0.237707
},
"GBP":{
"XAF":762.826,
"HKD":10.1468,
"AUD":1.63992,
"KRW":1433.92,
"JOD":0.936707,
"MXN":29.242,
"AED":4.58882,
"INR":84.095,
"JPY":141.373,
"USD":1.2493,
"ILS":4.7002,
"EUR":1.16278
},
"MXN":{
"XAF":25.189,
"HKD":0.3562,
"AUD":0.0621,
"KRW":54.4512,
"JOD":0.0324,
"GBP":0.0341,
"AED":0.1688,
"INR":3.3513,
"JPY":4.8687,
"USD":0.0459,
"ILS":0.1541,
"EUR":0.0384
},
"AED":{
"XAF":166.236,
"HKD":2.13685,
"AUD":0.346779,
"KRW":312.482,
"GBP":0.217921,
"MXN":5.9217,
"AED":0.192964,
"INR":18.3255,
"JPY":30.8081,
"USD":0.27225,
"ILS":0.968033,
"EUR":0.253425
},
"INR":{
"XAF":9.07101,
"HKD":0.109972,
"AUD":0.0198319,
"KRW":17.0512,
"JOD":0.0110959,
"GBP":0.0118913,
"MXN":0.2983,
"AED":0.0545671,
"JPY":1.68111,
"USD":0.0148559,
"ILS":0.0556764,
"EUR":0.0138287
},
"JPY":{
"XAF":5.39585,
"HKD":0.0709891,
"AUD":0.0114819,
"KRW":10.1428,
"JOD":0.00639777,
"GBP":0.0070735,
"MXN":0.2053,
"AED":0.032459,
"INR":0.594846,
"USD":0.00883695,
"ILS":0.0320926,
"EUR":0.00822592
},
"USD":{
"XAF":610.601,
"HKD":7.84766,
"AUD":1.27347,
"KRW":1147.78,
"JOD":0.708659,
"GBP":0.800446,
"MXN":21.748,
"AED":3.6731,
"INR":67.3135,
"JPY":113.161,
"ILS":3.55495,
"EUR":0.930886
},
"ILS":{
"XAF":155.925,
"HKD":2.16985,
"AUD":0.352661,
"KRW":315.903,
"JOD":0.199196,
"GBP":0.212763,
"MXN":6.4871,
"AED":1.03302,
"INR":17.9609,
"JPY":31.1599,
"USD":0.281298,
"EUR":1.19318
},
"EUR":{
"XAF":655.957,
"HKD":8.88926,
"AUD":1.49707,
"KRW":1233.03,
"JOD":0.838098,
"GBP":0.860011,
"MXN":26.0359,
"AED":3.94594,
"INR":72.3136,
"JPY":121.567,
"USD":1.07428,
"ILS":4.20494
}
}

The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL

The payee is set in the request body. Money goes into the BANK_ID and ACCOUNT_IDO specified in the request body.

Authentication is Mandatory

URL Parameters:

JSON request body fields:

JSON response body fields:

Typical Successful Response:

								
									
{ "jsonString":"{}" }
Required Roles:
  • CanCreateAnyTransactionRequest - Please login to request this Role
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-10001: Incorrect json format.
  • OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
  • OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
  • OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
  • OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
  • OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
  • OBP-20017: Current user does not have access to the view. Please specify a valid value for VIEW_ID.
  • OBP-40002: Insufficient authorisation to create TransactionRequest. The Transaction Request could not be created because you don't have access to the owner view of the from account or you don't have access to canCreateAnyTransactionRequest.
  • OBP-30004: Counterparty not found. The BANK_ID / ACCOUNT_ID specified does not exist on this server.
  • OBP-40001: Invalid value for TRANSACTION_REQUEST_TYPE
  • OBP-40003: Transaction Request Currency must be the same as From Account Currency.
  • OBP-00003: Transaction Requests is disabled in this API instance.
  • OBP-50000: Unknown Error.
  • OBP-20006: User is missing one or more roles:
Implemented in OBPv2.0.0 by createTransactionRequest, operation_id: OBPv2.0.0-createTransactionRequest

Get Transaction Request Types for Account

Returns the Transaction Request Types that the account specified by ACCOUNT_ID and view specified by VIEW_ID has access to.

These are the ways this API Server can create a Transaction via a Transaction Request
(as opposed to Transaction Types which include external types too e.g. for Transactions created by core banking etc.)

A Transaction Request Type internally determines:

  • the required Transaction Request 'body' i.e. fields that define the 'what' and 'to' of a Transaction Request,
  • the type of security challenge that may be be raised before the Transaction Request proceeds, and
  • the threshold of that challenge.

For instance in a 'SANDBOX_TAN' Transaction Request, for amounts over 1000 currency units, the user must supply a positive integer to complete the Transaction Request and create a Transaction.

This approach aims to provide only one endpoint for initiating transactions, and one that handles challenges, whilst still allowing flexibility with the payload and internal logic.

Authentication is Mandatory

URL Parameters:

JSON response body fields:

Typical Successful Response:

								
									
{ "transaction_request_types":[{ "value":"10", "charge":{ "summary":"The bank fixed charge", "value":{ "currency":"EUR", "amount":"0" } } }] }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
  • OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
  • Please specify a valid value for CURRENCY of your Bank Account.
  • Current user does not have access to the view
  • account not found at bank
  • user does not have access to owner view
  • OBP-40018: Sorry, Transaction Requests are not enabled in this API instance.
  • OBP-50000: Unknown Error.
Implemented in OBPv1.4.0 by getTransactionRequestTypes, operation_id: OBPv1.4.0-getTransactionRequestTypes

Get Transaction Requests

Returns transaction requests for account specified by ACCOUNT_ID at bank specified by BANK_ID.

The VIEW_ID specified must be 'owner' and the user must have access to this view.

Version 2.0.0 now returns charge information.

Transaction Requests serve to initiate transactions that may or may not proceed. They contain information including:

  • Transaction Request Id
  • Type
  • Status (INITIATED, COMPLETED)
  • Challenge (in order to confirm the request)
  • From Bank / Account
  • Body including To Account, Currency, Value, Description and other initiation information. (Could potentialy include a list of future transactions.)
  • Related Transactions

PSD2 Context: PSD2 requires transparency of charges to the customer.
This endpoint provides the charge that would be applied if the Transaction Request proceeds - and a record of that charge there after.
The customer can proceed with the Transaction by answering the security challenge.

Authentication is Mandatory

URL Parameters:

JSON response body fields:

Typical Successful Response:

								
									
{ "transaction_requests_with_charges":[{ "id":"82f92531-9c63-4246-abfc-96c20ec46188", "type":"SANDBOX_TAN", "from":{ "bank_id":"gh.29.uk", "account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0" }, "details":{ "to":{ "bank_id":"String", "account_id":"String" }, "value":{ "currency":"EUR", "amount":"100" }, "description":"String" }, "transaction_ids":"666666-9c63-4246-abfc-96c20ec46188", "status":"COMPLETED", "start_date":"2017-09-19T00:00:00Z", "end_date":"2017-09-19T00:00:00Z", "challenge":{ "id":"be1a183d-b301-4b83-b855-5eeffdd3526f", "allowed_attempts":3, "challenge_type":"SANDBOX_TAN" }, "charge":{ "summary":"Rent the flat", "value":{ "currency":"EUR", "amount":"0" } } }] }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
  • OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
  • OBP-20017: Current user does not have access to the view. Please specify a valid value for VIEW_ID.
  • OBP-50000: Unknown Error.
Implemented in OBPv2.0.0 by getTransactionRequests, operation_id: OBPv2.0.0-getTransactionRequests