This repository has been archived by the owner on Jul 24, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
swagger.json
8235 lines (8235 loc) · 285 KB
/
swagger.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
{
"schemes": [
"https"
],
"swagger": "2.0",
"info": {
"description": "<h2> Introduction </h2>\nBasiq provides a collection of APIs to help you build powerful financial solutions for a wide range of use cases. The most common use cases are:\n<ul>\n<li><b>Personal Financial Management.</b> Enable your customers to aggregate all of their financial data in one place, identify expenses and gain valuable insight of their spending.</li>\n<li><b>Wealth Management.</b> Gain valuable insights and a clearer understanding of your customers’ financial positions to customize advice, recommendations, and product offerings. </li>\n<li><b>Risk Insights.</b> Gain real-time and comprehensive visibility of your customers' assets, income, non-credit payment patterns, and transactional details.</li>\n<li><b>Cashflow Analysis.</b> Provide tools that analyze cash flow and forecast future expenses and income.</li>\n<li><b>Account Summary.</b> Display the big picture with financial account data listed alongside balance information.</li>\n<li><b>Account Verification.</b> Instantly verify account ownership and balances in real time to improve the user experience and mitigate fraud and risk.</li>\n<li><b>Data Enhancement.</b> Gain greater financial insights around consumer spending patterns and trends with categorised and enriched transaction data. </li>\n</ul>\nBasiq APIs are currently only available in Australia and New Zealand. We are working to make them available in other countries - so check back soon. Use this link to see a complete list of <a href= 'http://docs.basiq.io/the-basiq-platform/supported-financial-institutions'>supported financial institutions.</a>\n<hr/>\n<h2> Basiq API Services </h2>\n\nBasiq provides three core API services which you can use to develop innovative financial solutions:\n<ul>\n<li><b>Connect</b> provides the ability to easily acquire financial data such as account details and balances and related transactions from various financial institutions.</li>\n<li><b>Enrich</b> classifies all banking, credit and debit card transactions into categories based on specific merchant, merchant type and geographical location data.</li>\n<li><b>Affordability</b> provides a complete 360 degree view of your customers financial health - by breaking down their finances into assets, liabilities, income and expenses. You can use Income and Expenses endpoints separately or as part of the full Affordability API solution.</li>\n</ul>\n\nBase URL is → https://au-api.basiq.io - you can use our sandbox environment for free right now - just grab an API key!\nEnrich URL is → https://au-api.basiq.io/enrich - contact us to have your API key activated to try out this API.\nAffordability URL is → https://au-api.basiq.io/affordability - you can use our sandbox environment for free - contact us to have your API key activated.\n<hr/>\n<h2> Getting Started </h2>\n<b>Start Developing </b>\n\nBefore you can start using any of the available Basiq APIs there are a few things you will need to do first.\n<ol>\n<li> <a href='https://dashboard.basiq.io/login'>Sign-up</a> to the Basiq API service </li>\n<li> Grab your API key for your application (via the <a href= 'https://dashboard.basiq.io/'>Developer Dashboard</a>) </li>\n</ol>\nOnce you have successfully obtained an API key, you can start using any of the available Basiq APIs.\n\nThis <a href='http://docs.basiq.io/getting-started/get-started-with-basiq'>user guide</a> gets you up and running with the Basiq API in the time it takes to make a cup of tea.\nIt includes a <a href='https://documenter.getpostman.com/view/9721346/SztEaSr2?version=latest'>Postman collection</a> to help you get a fast feel for the API.\nPlease note that all of the Basiq's Core API and Affordability APIs are accessible using the sandbox data (see testing for details). We encourage you to play with the sandbox data. Once you are ready you will need to supply payment details in order to use the full set of Basiq API services.\n<hr/>\n<h2> Authentication </h2>\nWhen working with Basiq APIs your application will need to complete the authentication process first before you can access any of the available resources.\n\nThe authentication process is fairly straight forward, and simply requires you to exchange your API key for a token. Once you obtain the token, you can call any of the available API services by simply including the token in the Authorization header of each request.\nYour API keys carry many privileges, so be sure to keep them secret! Do not share your API keys in publicly accessible areas such GitHub, client-side code, etc.\n<h3> Prerequisites </h3>\nPrior to authenticating your application you will need to complete the following steps:\n<ol>\n<li> <a href='https://dashboard.basiq.io/login'>Sign-up</a> to the Basiq API service </li>\n<li> Grab your API key for your application (via the <a href= 'https://dashboard.basiq.io/'>Developer Dashboard</a>) </li>\n</ol>\n\n<h3> Steps to authenticate </h3>\n<ol>\n<li> Call /token passing in the API key in the Authorization header of the request and Basiq API version you intent to use </li>\n<li> The server will validate the key and if everything is successful will issue an access token along with the following properties:</li>\n</ol>\n<table style=\"width: 50%\">\n<tr> <td><b>Property </b><td> <td><b>Description</b> <td><tr>\n<tr> <td>access_token - <i>string, readonly</t><td> <td>The generated access token.<td><tr>\n<tr> <td>expires_in - <i>number, readonly</i><td> <td>The number of seconds left before the token becomes invalid.<td><tr>\n<tr> <td>token_type - <i>string, readonly</i><td> <td>This value will always be <b>Bearer</b>.<td><tr>\n</table>\nThis access token is the key to making successful requests to the Basiq API. From here on you will need to include this access token in the header when requesting any of the secured resources as follows:\n\n<b>Authorization: Bearer [access_token]</b>\nNote that tokens have a short lifespan and as such should not be stored permanently. Once a token has expired your application will need to reauthenticate.\n<hr/>\n<h2> Testing </h2>\nThere’s nothing worse than developing against an API with crappy test data. We get that! This is why we have put a lot of effort into ensuring that our test data mimics real production data that your app will consume.\n<h3> Connect API </h3>\nThe test data that we provide for the Connect API service (below) has been designed to mimic a real life user. This means that just a like a real user would spend and receive funds throughout the day - our test accounts have been designed to do the same thing. Therefore you should expect to see new transaction records being created throughout the day, and the account balances adjusted accordingly.\n\nThis should give you a good feel for the type of data that you should expect to see for your own customers. The transaction data is completely random, and even we are sometimes surprised by transactions that appear :-)\nYou can use our sandbox environment for free right now - just grab an API key to get started (via the <a href='https://dashboard.basiq.io/'>Developer Dashboard</a>).\nEnsure that you pass the institution code AU00000 when using the test accounts.\n<table style=\"width: 50%\">\n<tr> <td> <b>loginId</b> </td><td> <b>password</b> </td</tr>\n<tr> <td> Wentworth-Smith </td><td> whislter </td</tr>\n<tr> <td> gavinBelson </td><td> hooli2016 </td</tr>\n<tr> <td> jared </td><td> django </td</tr>\n<tr> <td> richard </td><td> tabsnotspaces </td</tr>\n</table>\n<h3> Enrich API </h3>\nThe Enrich API returns merchant metadata regarding name, location and category.\n\nThis service can be tested using bank transaction data that you provide. You can use real bank transaction data and the Enrich API will return enriched records for those transactions. Note that the same endpoint is utilised for both testing and production users, however a limit of 100 queries is set for testing users.\nContact us (via the \"help\" icon at the bottom of the page) to have your Enrich access enabled.\n\nYou will need to ensure that the search query is <b>url encoded</b> before calling the resource and must contain at least 3 characters.\n\nExample queries:\nq=garfish%20MANLY%20NS&country=AU&institution=AU06703&accountType=transaction&amount=-12.95\nq=garfish%20MANLY%20NS&institution= AU13601\n\n<table>\n<tr> <td> Example Queries: </td> </tr>\n<tr>\n<td>\n<ol>\n<li> GARFISH MANLY NS </li>\n<li> 12 VOLT DIRECT PTY L LONSDALE AU </li>\n<li> HARVEY NORMAN AV/IT BALGOWLAH AU </li>\n<li> CALTEX ALDINGA BEACH ALDINGA BEACHAU </li>\n<li> KMART 1055 WARRIEWOOD AU </li>\n<li> KAKADU LODGE & CARAV JABIRU AU </li>\n<ol>\n</td>\n</tr>\n</table>\n\n<h3> Affordability API </h3>\nThe test data that we provide for the Affordability API service has been designed to mimic a real life user. This means that just a like a real user would spend and receive funds throughout the day - our test accounts have been designed to do the same thing. Therefore you should expect to see new transaction records being created throughout the day, and the account balances adjusted accordingly.\nYou can use our sandbox environment for free - contact us (via the \"help\" icon at the bottom of the page) to have your API key activated for Affordability.\nEnsure that you pass the institution code AU00000 when using the test accounts.\n<table style=\"width: 50%\">\n<tr> <td> <b>loginId</b> </td><td> <b>password</b> </td</tr>\n<tr> <td> Wentworth-Smith </td><td> whislter </td</tr>\n</table>\n\nOnce you have created a test connection you can access the Affordability, Income and Expense endpoints for this user. The Affordability endpoint returns links to Income and Expense resources or you can use these endpoints independently without Affordability.\n<hr/>\n<h2> Collections </h2>\nCollection resources provide access to information about a list of objects of the same type. For example, you can use a collection resource to access information about a list of users. Collection resources are paged and may be sorted and filtered (depending on availability) - and will always return an object of type list.\n<h3> Filters </h3>\nSome collections support the ability to filter the results. Filtering a collection resource is conducted via the filter query parameter using the following notation:\n\n<b>?filter=[property].[ condition ]([ value ]) </b>\nAll filter values should be URL encoded: ?filter=URLEncode(*)\n\n<h3>Accessing Properties</h3>\nProperties are accessed using the following notation <b>object.property</b>.\n<h3> Supported Conditions </h3>\n<table>\n<tr> <th>eq</th> <td> Equals <b>?filter=account.id.eq('s55bf3')</b></td> </tr>\n<tr> <th>bt</th> <td> Between two values - used for date range filtering. <b> ?filter=transaction.postDate.bt('2017-09-28','2018-01-30'). Values are inclusive.</b> </td> </tr>\n<tr> <th>gt</th> <td> Greater than <b>?filter=transaction.postDate.gt('2018-01-28')</b></td> </tr>\n<tr> <th>gteq</th> <td> Greater than or equal to <b>?filter=transaction.postDate.gteq('2018-01-28')</b> </td> </tr>\n<tr> <th>lt</th> <td> Less than <b> ?filter=transaction.postDate.lt('2018-01-28') </b></td> </tr>\n<tr> <th>lteq</th> <td> Less than or equal to <b> ?filter=transaction.postDate.lteq('2018-01-28') </b> </td> </tr>\n<tr> <th>ne</th> <td>Not equals (only currently for <b>Institutions </b>endpoint) <b> ?filter=institution.institutionType.ne('Test Bank') </b> </td> </tr>\n</table>\nWhere available, you can apply multiple filters to a collection by separating them with a comma.\n\nMultiple filters are treated as an and (&) operation example:\n\n<b> ?filter=transaction.postDate.bt('2018-01-28','2018-02-27'),account.id.eq('aef3g') </b>\n\nNote the examples above have not url encoded the filters. You will need to ensure that the filter values are url encoded before calling the resource.\n<hr/>\n<h2> Errors </h2>\nThe Connect API uses conventional HTTP response codes to indicate the success or failure of an API request. In general, codes in the 2xx range indicate success, codes in the 4xx range indicate an error that failed given the information provided (e.g., a required parameter was omitted, user's credentials are invalid, etc.), and codes in the 5xx range indicate an error with the Connect API's servers (these are rare).\nIn addition to returning an appropriate HTTP code the body will also include a JSON formatted error object that provides more details about the specifics of the error. The error object will return the error as an array to indicate multiple errors (where present).\n<table>\n<tr> <td colspan='2'><b>Attributes</b><td> </tr>\n<tr> <td> <b>correlationId</b> <td>a unique identifier for this particular occurrence of the problem.</td> </tr>\n<tr> <td> <b>code</b> <td>an application-specific error code, expressed as a string value.</td> </tr>\n<tr> <td> <b>title</b> <td>a short, human-readable summary of the problem.</td> </tr>\n<tr> <td> <b>detail</b> <td>a human-readable explanation specific to this occurrence of the problem.</td> </tr>\n<tr> <td> <b>source</b> <td>an object containing references to the source of the error, optionally including any of the following members:\n<ul>\n<li> <b>pointer</b> the location to the object or attribute that the error relates to </li>\n<li> <b>parameter</b> the location to the object or attribute that the error relates to </li>\n</ul>\n</td>\n</tr>\n</table>\n<h3> Error Codes </h3>\nBelow you will find details for our various response codes.\n<table>\n<tbody>\n<tr>\n<th>Code</th>\n<th>Description</th>\n</tr>\n<tr>\n<td>\n<p>invalid-credentials</p>\n</td>\n<td>\n<p><strong>Invalid Attribute </strong><br /> Cannot login to target institution using supplied\ncredentials. Please check credentials and try again.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>internal-server-error</p>\n</td>\n<td>\n<p><strong>Server Error </strong><br /> Internal server error<br /> All endpoints</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>access-denied</p>\n</td>\n<td>\n<p><strong>Access denied</strong><br /> Token has expired</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>invalid-authorization-token</p>\n</td>\n<td>\n<p><strong>Unauthorized </strong><br /> Invalid authorization token. Check details message.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>parameter-not-supplied</p>\n</td>\n<td>\n<p><strong>Missing Attribute </strong><br /> Required parameter not supplied. Check details and source\nmessage.<br /> e.g. One of 'email' or 'mobile' is required.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>parameter-not-valid</p>\n</td>\n<td>\n<p><strong>Invalid Attribute </strong><br /> Parameter value is not valid. Check details and source\nmessage.<br /> e.g.<br /> Provided mobile is in bad format.<br /> User ID value is not valid</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>resource-not-found</p>\n</td>\n<td>\n<p><strong>Invalid Attribute </strong><br /> Requested resource is not found. Check details message.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>resource-already-exists</p>\n</td>\n<td>\n<p><strong>Invalid Attribute </strong><br /> Resource already exists. Check details message.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>invalid-content</p>\n</td>\n<td>\n<p><strong>Invalid Attribute</strong><br /> Invalid request content. Check details message.<br /> e.g.\nempty request body</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>unsupported-content-type</p>\n</td>\n<td>\n<p><strong>Invalid Attribute </strong><br /> Requested content type is not supported.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>unsupported-accept</p>\n</td>\n<td>\n<p><strong>Invalid Attribute </strong><br /> Accept type is not supported.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>service-unavailable</p>\n</td>\n<td>\n<p><strong>Service Unavailable </strong><br /> Service is currently unavailable. Please try again later.\n</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>too-many-requests</p>\n</td>\n<td>\n<p><strong>Service Unavailable </strong><br /> Request rate limit per connection reached. Follow detail\nmessage for futher instructions.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>method-not-allowed</p>\n</td>\n<td>\n<p><strong>Not Allowed </strong><br /> Requested method is not allowed.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>unauthorized-access</p>\n</td>\n<td>\n<p><strong>Unauthorized </strong><br /> Unauthorized access.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>invalid-authorization-request</p>\n</td>\n<td>\n<p><strong>Unauthorized </strong><br /> Invalid authorization request. Check details message.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>no-production-access</p>\n</td>\n<td>\n<p><strong>Unauthorized </strong><br /> Partner has permission to access Sandbox data only. For\naccessing live Institution data, please contact us via Intercom or email.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>account-not-accessible-requires-user-action</p>\n</td>\n<td>\n<p><strong>Not Accessible </strong><br /> An action is required from end-user before account details can\nbe returned.</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>maintenance-error</p>\n</td>\n<td>\n<p><strong>Not Accessible </strong><br /> Requested resource is currently unavailable due to maintenance\non Institution's side.</p>\n</td>\n</tr><tr>\n<td>\n<p>forbidden-access</p>\n</td>\n<td>\n<p><strong>Forbidden access</strong><br /> Access to this resource is forbidden</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>institution-not-supported</p>\n</td>\n<td>\n<p><strong>Institution is not supported</strong><br /> e.g. Institution AU00000 is not supported on this\nendpoint</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>bank-statement-new-product</p>\n</td>\n<td>\n<p><strong>PDF Bank statement new product</strong><br /> New product requires config</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>bank-statement-parsing-error</p>\n</td>\n<td>\n<p><strong>PDF Bank statement parsing error</strong><br /> Unable to parse statement</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>bank-statement-not-supported</p>\n</td>\n<td>\n<p><strong>PDF bank statement not supported</strong><br /> Statement not supported</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>missing-required-field</p>\n</td>\n<td>\n<p><strong>CSV missing required field</strong><br /> CSV header does not contain required field</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>missing-required-field-value</p>\n</td>\n<td>\n<p><strong>CSV missing required field value</strong><br /> CSV row does not contain value for required\nfield</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>invalid-field-value</p>\n</td>\n<td>\n<p><strong>CSV invalid field value</strong><br /> Field value is not valid</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>account-data-differs</p>\n</td>\n<td>\n<p><strong>CSV account data differs</strong><br /> Data for single account differs across rows</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>empty-file</p>\n</td>\n<td>\n<p><strong>CSV empty file</strong><br /> CSV file has no data rows</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>row-count-exceeded</p>\n</td>\n<td>\n<p><strong>CSV row count exceeded</strong><br /> CSV row count is above limit</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>invalid-request-content</p>\n</td>\n<td>\n<p><strong>PDF/CSV invalid request content (file type)</strong><br /> Statement is not valid</p>\n</td>\n</tr>\n<tr>\n<td>\n<p>request-not-valid</p>\n</td>\n<td>\n<p><strong>PDF/CSV Invalid request</strong><br /> Request too long</p>\n</td>\n</tr>\n</tbody>\n</table>\n\n<hr/>\n<h2> Versioning </h2>\nYour API version controls the API behaviour you see e.g. what properties you see in responses, what parameters you’re permitted to send in requests etc.\nIn order to gain access to the API, you need to pass the appropriate version in HTTP header basiq-version, when exchanging your API key for a token.\nYou don't need to pass basiq-version header in any subsequent requests.",
"title": "Basiq API.",
"version": "2.1.0"
},
"host": "au-api.basiq.io",
"paths": {
"/token": {
"post": {
"security": [
{
"api_key": []
}
],
"description": "Use this endpoint to retrieve token that will be passed as authorization header for Basiq API",
"consumes": [
"application/x-www-form-urlencoded"
],
"produces": [
"application/json"
],
"tags": [
"Token"
],
"operationId": "postToken",
"parameters": [
{
"in": "formData",
"name": "scope",
"type": "string"
},
{
"type": "string",
"name": "basiq-version",
"in": "header",
"required": true
}
],
"responses": {
"200": {
"description": "Return token object that will be used for Basiq API requests. ",
"schema": {
"$ref": "#/definitions/TokenPostResponse"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error.",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
}
},
"/jobs/{jobId}": {
"get": {
"security": [
{
"application": [
"SERVER_ACCESS",
"CLIENT_ACCESS"
]
}
],
"description": "<b>Tracking the status of a job</b><br/>\nEvery step of the job has a status property that depicts its current state.<br/>\n<b>Find out what steps have been completed</b><br/>\nDepending on the job being executed, some jobs will have multiple steps which need to be executed, for e.g. refreshing a connection requires the following steps to be completed:\n<ol><li>Establish successful authentication with institution</li>\n<li>Optional: mfa-challenge only appears in MFA challenge flow.</li>\n<li>Fetch latest list of accounts</li>\n<li>Fetch latest list of transactions</li></ol>\nYou can keep track of the steps that have been completed by observing the results array property. As each step is successfully completed, its status will be updated and a result object with the link to the affected resource will be present. In the event that a step has failed, the result object will contain an embedded error object.",
"produces": [
"application/json"
],
"tags": [
"Jobs"
],
"summary": "Retrieves the details of an existing job. You need only supply the unique job identifier that was returned upon job creation.",
"operationId": "getJobs",
"parameters": [
{
"type": "string",
"description": "The identifier of the job to be retrieved.",
"name": "jobId",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "Returns a job details if a valid job ID was provided.",
"schema": {
"$ref": "#/definitions/JobData"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
}
},
"/jobs/{jobId}/mfa": {
"post": {
"security": [
{
"application": [
"CLIENT_ACCESS"
]
}
],
"description": "Ensure that you generate an authentication token with\nscope = CLIENT_ACCESS and basiq-version = 2.1 to create this resource",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Jobs"
],
"summary": "Use this to create a new MFA challenge response to job step: mfa-challenge",
"operationId": "postJobMfa",
"parameters": [
{
"type": "string",
"description": "The identifier of the job.",
"name": "jobId",
"in": "path",
"required": true
},
{
"name": "JobPostRequest",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/JobPostRequest"
}
}
],
"responses": {
"202": {
"description": "Returns a job if MFA response was correct. Returns an error otherwise.",
"schema": {
"$ref": "#/definitions/ConnectionResponseResource"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
}
},
"/users": {
"post": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Users"
],
"summary": "Use this to create a new user object.",
"operationId": "createUser",
"parameters": [
{
"name": "user",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/createUser"
}
}
],
"responses": {
"201": {
"description": "Returns the user object if the creation succeeded.",
"schema": {
"$ref": "#/definitions/UserPostResponse"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error.",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
}
},
"/users/{userId}": {
"get": {
"security": [
{
"application": [
"SERVER_ACCESS",
"CLIENT_ACCESS"
]
}
],
"produces": [
"application/json"
],
"tags": [
"Users"
],
"summary": "Retrieves the details of an existing user. You need only supply the unique user identifier that was returned upon user creation.",
"operationId": "getUser",
"parameters": [
{
"type": "string",
"description": "The identifier of the user to be retrieved.",
"name": "userId",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "Returns a user if a valid user ID was provided.",
"schema": {
"$ref": "#/definitions/UserGetResponse"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error.",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"401": {
"description": "Error status response code indicates that the request has not been applied because it lacks valid authentication credentials for the target resource.",
"schema": {
"$ref": "#/definitions/UnauthorizedError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
},
"post": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Users"
],
"summary": "Updates the specified user by setting the values of the parameters passed. Any parameters not provided will be left unchanged.",
"operationId": "updateUser",
"parameters": [
{
"type": "string",
"description": "The identifier of the user to be retrieved.",
"name": "userId",
"in": "path",
"required": true
},
{
"name": "user",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/updateUser"
}
}
],
"responses": {
"200": {
"description": "Returns the user object if the update succeeded.",
"schema": {
"$ref": "#/definitions/UserPostResponse"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error.",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
},
"delete": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"description": "Permanently deletes a user along with all of their associated connection details. All data associated with this user will deleted. You need only supply the unique user identifier that was returned upon user creation.",
"tags": [
"Users"
],
"summary": "Delete a user.",
"operationId": "deleteUser",
"parameters": [
{
"type": "string",
"description": "User identification.",
"name": "userId",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "Deletion succeeded."
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error.",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
},
"503": {
"description": "Returns error response code indicates that the server is not ready to handle the request.",
"schema": {
"$ref": "#/definitions/StatusServiceUnavailableError"
}
}
}
}
},
"/users/{userId}/accounts": {
"get": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"description": "Returns a list with a data property that contains an array of accounts. Each entry in the array is a separate object. If no data is returned, the resulting array will be empty. Otherwise, this call returns an error in the event of1 a failure.",
"produces": [
"application/json"
],
"tags": [
"Accounts"
],
"summary": "Use this collection to retrieve a list of accounts. Each entry in the array is a separate account object.",
"operationId": "getAccounts",
"parameters": [
{
"type": "string",
"description": "User identifier",
"name": "userId",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "Returns a account with details.",
"schema": {
"$ref": "#/definitions/AccountsResponseResource"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
}
},
"/users/{userId}/accounts/{accountId}": {
"get": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"description": "Returns an account if a valid account ID was provided. Returns an error otherwise.",
"produces": [
"application/json"
],
"tags": [
"Accounts"
],
"summary": "Use this to retrieve the details of a specific account. This request will return back an account object with the latest data since the last refresh. If you require the latest account details you will need to call the connection refresh resource.",
"operationId": "getAccount",
"parameters": [
{
"type": "string",
"description": "User identifier",
"name": "userId",
"in": "path",
"required": true
},
{
"type": "string",
"description": "Account identifier",
"name": "accountId",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "Returns a account with details.",
"schema": {
"$ref": "#/definitions/AccountResponseResource"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
}
},
"/users/{userId}/affordability": {
"get": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"produces": [
"application/json"
],
"tags": [
"Affordability"
],
"summary": "Returns a list with a data property that contains an array of affordability resources.",
"operationId": "getAffordabilityList",
"parameters": [
{
"type": "string",
"description": "The identifier of the user.",
"name": "userId",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "Returns a list with a data property that contains an array of affordability resources.",
"schema": {
"$ref": "#/definitions/AffordabilityListResponse"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error.",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
},
"post": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"consumes": [
"application/json"
],
"produces": [
"application/json",
"application/pdf"
],
"tags": [
"Affordability"
],
"summary": "Use this to create a new affordability report.",
"operationId": "postAffordability",
"parameters": [
{
"type": "string",
"description": "The identifier of the user.",
"name": "userId",
"in": "path",
"required": true
},
{
"name": "AffordabilityPostRequest",
"in": "body",
"schema": {
"$ref": "#/definitions/AffordabilityPostRequest"
}
}
],
"responses": {
"200": {
"description": "Returns a created affordability resource, if the operation succeeded.",
"schema": {
"$ref": "#/definitions/AffordabilityResponse"
}
},
"201": {
"description": "Returns a created affordability PDF Report, if the operation succeeded."
},
"204": {
"description": "Returns no content if there are none transactions for the requested period."
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error.",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
}
},
"/users/{userId}/affordability/{snapshotId}": {
"get": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"produces": [
"application/json",
"application/pdf"
],
"tags": [
"Affordability"
],
"summary": "Retrieves the details of an affordability summary. You need only supply the unique affordability identifier.",
"operationId": "getAffordability",
"parameters": [
{
"type": "string",
"description": "The identifier of the user.",
"name": "userId",
"in": "path",
"required": true
},
{
"type": "string",
"description": "The identifier of the affordability report to be retrieved.",
"name": "snapshotId",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "Returns a saved affordability resource JSON or PDF report file, if the operation succeeded.",
"schema": {
"$ref": "#/definitions/AffordabilityResponse"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error.",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
}
},
"/users/{userId}/affordability/{snapshotId}/transactions": {
"get": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"produces": [
"application/json",
"application/csv"
],
"tags": [
"Affordability"
],
"summary": "Returns a paginated list with a data property that contains an array of transactions from the affordability snapshot.",
"operationId": "getAffordabilitySnapshotTransactions",
"parameters": [
{
"type": "string",
"description": "The identifier of the user.",
"name": "userId",
"in": "path",
"required": true
},
{
"type": "string",
"description": "The identifier of the affordability report to be retrieved.",
"name": "snapshotId",
"in": "path",
"required": true
},
{
"type": "integer",
"description": "This represents the maximum number of transactions that may be included in the response (maximum of 500). Note that by default 500 transactions are returned if this value is not specified.",
"name": "limit",
"in": "query"
}
],
"responses": {
"200": {
"description": "Returns a affordability resource transactions JSON or CSV file, if the operation succeeded.",
"schema": {
"$ref": "#/definitions/AffordabilityTransactionsResponse"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error.",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
}
}
}
},
"/users/{userId}/auth_link": {
"get": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"description": "Returns the latest/last auth_link generated for the specified user. Returns an error otherwise.",
"produces": [
"application/json"
],
"tags": [
"AuthLinks"
],
"summary": "Use this to retrieve the latest/last auth_link generated for the specified user..",
"operationId": "getAuthLink",
"parameters": [
{
"type": "string",
"description": "The identifier of the user.",
"name": "userId",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "Returns details of a connection.",
"schema": {
"$ref": "#/definitions/AuthLinksResponseResource"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}
},
"410": {
"description": "Returns error indicating that access to the target resource is no longer available at the origin server and that this condition is likely to be permanent.",
"schema": {
"$ref": "#/definitions/GoneError"
}
},
"500": {
"description": "Returns error response code indicates that the server encountered an unexpected condition that prevented it from fulfilling the request.",
"schema": {
"$ref": "#/definitions/InternalServerError"
}
},
"503": {
"description": "Returns error response code indicates that the server is not ready to handle the request.",
"schema": {
"$ref": "#/definitions/StatusServiceUnavailableError"
}
}
}
},
"post": {
"security": [
{
"application": [
"SERVER_ACCESS"
]
}
],
"description": "Create a new auth_link object by making a POST request to the auth_link endpoint. The new auth_link will effectively delete previous auth-links for that User/applicant, rendering the previous URL(s) invalid. The 'mobile' attribute is optional. If it is specified this number will take preference over the User object mobile number for 2FA SMS verification.\n\nReturns a created auth_link resource, if the operation succeeded. Returns an error if the post failed (e.g. not supplying required properties).",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"AuthLinks"
],
"summary": "An Auth Link object can be generated to securely capture data from a User. Using the URL allows data to be captured via the hosted Basiq Connect Consent workflow for a given User.",
"operationId": "postAuthLink",
"parameters": [
{
"type": "string",
"name": "userId",
"in": "path",
"required": true
},
{
"name": "AuthLinksPostData",
"in": "body",
"schema": {
"type": "object",
"properties": {
"mobile": {
"type": "string"
}
}
}
}
],
"responses": {
"201": {
"description": "Returns a created auth_link resource, if the operation succeeded",
"schema": {
"$ref": "#/definitions/AuthLinksPostResponseResource"
}
},
"400": {
"description": "Returns error that server cannot or will not process the request due to something that is perceived to be a client error",
"schema": {
"$ref": "#/definitions/BadRequestError"
}
},
"403": {
"description": "Error that access is forbidden and tied to the application logic, such as insufficient rights to a resource.",
"schema": {
"$ref": "#/definitions/ForbiddenAccessError"
}
},
"404": {
"description": "Returns error indicating that server can't find requested resource.",
"schema": {
"$ref": "#/definitions/NotFoundError"
}