Appearance

v2.0

BANKSapi API Reference

Download OpenAPI Document

Servers

https://banksapi.io

Get Users

GET
/auth/mgmt/v1/tenants/{tenant-name}/users

Get all activated users. Requires an admin client - contact BANKSapi for access.

Authorizations

httpBearer
Type
HTTP (bearer)

Parameters

Path Parameters

tenant-name*

Tenant name plays a role in using the API. The tenant name is a URL component in the management API.

Type
string
Required
Example"demo"

Query Parameters

includeInactive

Whether or not to also include inactive users

Type
boolean
Exampletrue
Default
false

Responses

Returns an array of User

application/json
JSON
[
{
"userReference": "1c5b33f6-9c4d-11e6-ba80-480fcfb9550f",
"username": "demo-user"
}
]

Playground

Authorization
Variables
Key
Value

Samples

Encrypt

Operations

PUT/encrypt

Encrypt plaintexts

PUT
/encrypt

Encrypt a given plaintext for the tenant identified by the given bearer token.

Authorizations

httpBearer
Type
HTTP (bearer)

Request Body

application/octet-stream+base64
JSON
"aGCZBgX ... 8Fi7xMQ="

Responses

Ciphertext (encrypted plaintext) encoded in Base64

application/octet-stream+base64
JSON
"aGCZBgX ... 8Fi7xMQ="

Playground

Authorization
Body

Samples

Get Providers

GET
/providers/v2

Retrieve a list of and information for all providers.

Authorizations

httpBearer
Type
HTTP (bearer)

Responses

Returns an array of providers.

application/json
JSON
[
{
"id": "00000000-0000-0000-0000-000000000000",
"name": "Demo Provider",
"consumerRelevant": true,
"group": "demo",
"blz": "12345678",
"bic": "DEMO1234",
"relations": [
{
"rel": "self",
"href": "https://banksapi.io/providers/v2/00000000-0000-0000-0000-000000000000"
},
{
"rel": "logo",
"href": "https://banksapi.io/providers/v2/demo.svg"
}
],
"capabilities": [
"KONTEN",
"KARTEN",
"DEPOTS"
],
"channels": [
[
"GIROKONTO"
],
[
"KREDITKARTE",
"TAGESGELDKONTO"
]
],
"authenticationInfo": {
"loginHint": "Der Demo Provider bietet drei Zugänge demo1/demo1, demo2/demo2 und demo3/demo3",
"fields": [
{
"fieldkey": "userid",
"label": "Demo-User",
"secret": false,
"hint": "demo1, demo2 oder demo3",
"format": "^.{1,50}$"
},
{
"fieldkey": "pin",
"label": "Demo-Passwort",
"secret": true,
"hint": "demo1, demo2 oder demo3",
"format": "^.{1,50}$"
}
]
}
}
]

Playground

Authorization

Samples

Customer

Operations

GET/customer/v2DELETE/customer/v2

Get Customer

GET
/customer/v2

Retrieves the customer object for the authenticated user. It is also the entry point to the deeper functions of the interface.

Authorizations

httpBearer
Type
HTTP (bearer)

Responses

Returns customer object of the user.

application/json
JSON
{
"bankzugaenge": {
"4000fda7-18af-463f-b694-bbafe5d23a48": {
"messages": [
{
"level": "INFO",
"code": "BA3010",
"message": "SCA benötigt",
"details": "Bitte wählen Sie eine SCA-Methode aus"
}
],
"sicherheitsverfahren": [
{
"kodierung": 980,
"name": "mTAN",
"hinweis": "mTAN"
},
{
"name": "SMS_OTP",
"kodierung": "942",
"hinweis": "SMS OTP"
}
],
"relations": [
{
"rel": "startSCA",
"href": "https://banksapi.io/v2/customer/consent/1345340218050910215PSDDE-BAFIN-152070CO4960JJ"
}
]
}
},
"relations": [
{
"rel": "self",
"href": "https://banksapi.io/customer/v2"
},
{
"rel": "get_bankzugaenge",
"href": "https://banksapi.io/customer/v2/bankzugaenge"
},
{
"rel": "add_bankzugaenge",
"href": "https://banksapi.io/customer/v2/bankzugaenge"
},
{
"rel": "delete_bankzugaenge",
"href": "https://banksapi.io/customer/v2/bankzugaenge"
}
]
}

Playground

Authorization

Samples

Get Bank Accesses

GET
/customer/v2/bankzugaenge

Retrieves all bank accesses for this user.

Authorizations

httpBearer
Type
HTTP (bearer)

Responses

The success response contains an collection of bank accesses.

application/json
JSON
{
"0b7f4783-4c93-4820-8e73-354a0f1c469e": {
"id": "0b7f4783-4c93-4820-8e73-354a0f1c469e",
"providerId": "00000000-0000-0000-0000-000000000000",
"aktualisierungszeitpunkt": "2021-10-15 09:13:44",
"tanMedien": [
{
"name": "Mobil",
"medienklasse": "MOBIL",
"gueltigVon": "2021-10-15 09:13:44",
"gueltigBis": "2021-10-15 09:13:44"
}
],
"sicherheitsverfahren": [
{
"kodierung": 1,
"name": "mockTAN",
"hinweis": "Gib eine durch 2 teilbare Zahl ein"
},
{
"kodierung": 999,
"name": "iTAN",
"hinweis": "Gib die TAN "12" an."
}
],
"aktivesSicherheitsverfahren": {
"kodierung": 999,
"name": "iTAN",
"hinweis": "Gib die TAN "12" an."
},
"relations": [
{
"rel": "self",
"href": "https://banksapi.io/customer/v2/bankzugaenge/0b7f4783-4c93-4820-8e73-354a0f1c469e"
},
{
"rel": "delete_bankzugang",
"href": "https://banksapi.io/customer/v2/bankzugaenge/0b7f4783-4c93-4820-8e73-354a0f1c469e"
}
],
"status": "VOLLSTAENDIG",
"bankprodukte": [
{
"id": "DE00123456789012345679",
"status": "VOLLSTAENDIG",
"bezeichnung": "Tagesgeldkonto",
"kategorie": "TAGESGELDKONTO",
"saldo": 27365.56,
"aktualisierungszeitpunkt": "2021-10-15 09:13:44",
"saldoDatum": "2021-10-15 00:00:00",
"waehrung": "EUR",
"kontonummer": "9012345679",
"iban": "DE00123456789012345679",
"bic": "XXX12345678",
"blz": "12345678",
"kreditinstitut": "Demo Provider",
"inhaber": "Fritz Testmüller",
"transferSupport": true,
"relations": [
{
"rel": "get_kontoumsaetze",
"href": "https://banksapi.io/customer/v2/bankzugaenge/0b7f4783-4c93-4820-8e73-354a0f1c469e/DE00123456789012345679/kontoumsaetze"
},
{
"rel": "initiate_single_transfer",
"href": "https://banksapi.io/customer/v2/payment/single-transfer"
},
{
"rel": "initiate_bulk_transfer",
"href": "https://banksapi.io/customer/v2/payment/bulk-transfer"
}
],
"messages": [
],
"verfuegungsrahmen": 27365.56,
"verfuegterBetrag": 0
}
],
"sync": true
},
"4000fda7-18af-463f-b694-bbafe5d23a48": {
"status": "VOLLSTAENDIG",
"tanMedien": [
{
"gueltigVon": "2016-06-03 17:17:41",
"gueltigBis": "2016-06-03 17:17:41",
"name": "Mobil",
"medienklasse": "MOBIL"
}
],
"sicherheitsverfahren": [
{
"kodierung": 2,
"name": "mTAN",
"hinweis": "mTAN"
},
{
"kodierung": 1,
"name": "Mock-TAN",
"hinweis": "Mock-TAN"
}
],
"aktivesSicherheitsverfahren": {
"kodierung": 1,
"name": "Mock-TAN",
"hinweis": "Mock-TAN"
},
"aktualisierungszeitpunkt": "2016-06-10 17:17:40",
"timeout": "2016-12-24 13:37:42",
"messages": [
],
"bankprodukte": [
],
"relations": [
],
"sync": false
}
}

Playground

Authorization

Samples

Push transactions for the given product

POST
/customer/v2/bankzugaenge/{access-id}/{product-id}/kontoumsaetze

Pushes transactions for the given product identified by an access and a product ID

Authorizations

httpBearer
Type
HTTP (bearer)

Parameters

Path Parameters

access-id*

ID of the bank access

Type
string
Required
Example"d23710a9-8e4b-4595-b01c-dad9499c9fdb"
Format
"uuid"
product-id*

ID of a banking product

Type
string
Required
Example"DE00123456789012345678"

Request Body

application/json
JSON
[
{
"betrag": -70,
"verwendungszweck": "EC 68096654 140215204106OC3 Ref. 5CC15048A1824480/89280",
"buchungsdatum": "2016-11-17 00:00:00",
"wertstellungsdatum": "2016-11-15 00:00:00",
"gegenkontoInhaber": "La Sopia GmbH München",
"gegenkontoIban": "DE00123456789012345679",
"gegenkontoBic": "XXX12345678",
"primanotaNummer": "421337",
"identifier": {
"batchId": "eeToqu2V"
}
},
{
"betrag": -42.23,
"verwendungszweck": "My in-app purchase",
"buchungsdatum": "2022-11-17 00:00:00",
"wertstellungsdatum": "2022-11-17 00:00:00",
"gegenkontoInhaber": "Gaming Now",
"gegenkontoIban": "DE80123456789012345777",
"gegenkontoBic": "XXX12345678",
"identifier": {
"batchId": "eeToqu2V"
}
}
]

Responses

Created

Playground

Authorization
Variables
Key
Value
Body

Samples

Start SCA

POST
/customer/v2/bankzugaenge/{access-id}/consent

Starts the SCA renewal process

Authorizations

httpBearer
Type
HTTP (bearer)

Parameters

Header Parameters

Customer-IP-Address*

The IP address of the customer. Must be a public IP address (IPv4, IPv6)

Type
string
Required
Example"154.25.45.133"

Path Parameters

access-id*

ID of the bank access

Type
string
Required
Example"d23710a9-8e4b-4595-b01c-dad9499c9fdb"
Format
"uuid"

Query Parameters

callbackUrl

Required for non-REG/Protect tenants. Get redirected here after a Redirect SCA.

Type
string
Example"https://demo-tenant.com/callback?state=123"
Format
"url"
queryTanSettings

Flag to ignore saved TAN-settings and query them.

Type
boolean
Example"true"
maxTransactions

Indicator if transactions older than 90 days should be fetched. Best used when first creating the bank access to avoid unnecessary SCAs during refresh operations.

Type
string
Valid values
"none""all""paymentAccounts"

Request Body

application/json
JSON
{
"815251d6-c062-4f61-bec0-182bc14a48fb": {
"providerId": "00000000-0000-0000-0000-000000000000",
"credentials": {
"userid": "mOd2uKYr+2 ... TWOPCAt5zP",
"pin": "Hhnc+aW/eM ... 7F+XRSHasW"
},
"sync": true,
"selectedBankProducts": [
"DE00123456789012345679"
]
}
}

Responses

HTTP status 201 (Created) is returned together with the HTTP header Location. Under the URL specified in the header, the added bank accesses can be queried analogously by means of an HTTP GET call.

Playground

Authorization
Headers
Variables
Key
Value
Body

Samples

Initiate a single transfer

POST
/customer/v2/bankzugaenge/{access-id}/{product-id}/payment/single-transfer

Initiates a payment for the given bank access, without providing access credentials

Authorizations

httpBearer
Type
HTTP (bearer)

Parameters

Header Parameters

Customer-IP-Address*

The IP address of the customer. Must be a public IP address (IPv4, IPv6)

Type
string
Required
Example"154.25.45.133"
Rejection-NoFunds-Preferred

If set to "true", the bank should reject the payment if there are insufficient funds. If set to "false", the bank may wait for a certain period for funds to arrive. This parameter may be ignored by the bank.

Type
boolean
Example"true"

Path Parameters

access-id*

ID of the bank access

Type
string
Required
Example"d23710a9-8e4b-4595-b01c-dad9499c9fdb"
Format
"uuid"
product-id*

ID of a banking product

Type
string
Required
Example"DE00123456789012345678"

Query Parameters

callbackUrl

Required for non-REG/Protect tenants. Get redirected here after a Redirect SCA.

Type
string
Example"https://demo-tenant.com/callback?state=123"
Format
"url"
editableDetails

Flag for REG/Protect to control whether fields on the frontend are editable

Type
boolean
Example"false"
autoConfirm

Flag for REG/Protect to control whether transfers can be entered without interaction. Currently only supported for EBICS.

Type
boolean
Example"false"
paymentId

Unique UUID for the payment. Required for non-REG/Protect tenants. When provided, the same ID must be used for related VOP (Verification of Payee) requests.

Type
string
Example"d308a7ae-b762-4a20-8996-7fa22aed6b73"
Format
"uuid"

Request Body

application/json
JSON
{
"instant": true,
"requestedExecutionDate": "string",
"vopId": "4f89e03f-8773-45d0-b6d5-9a047af3ada2",
"transferDetails": {
"recipient": "string",
"purpose": "string",
"iban": "string",
"bic": "string",
"currency": "string",
"amount": 0,
"endToEndId": "string",
"purposeCode": "SALA, DIVD, PENS, LOAN, ...",
"ultimateDebtor": "string",
"ultimateCreditor": "string"
}
}

Responses

Returns object with the transfer status

application/json
JSON
{
"messages": [
{
"level": "INFO",
"code": "BA3010",
"message": "SCA Methode auswählen",
"details": "Bitte wählen Sie eine SCA-Methode aus"
}
],
"scaMethods": [
{
"code": 2,
"name": "mTAN",
"hint": "mTAN"
},
{
"code": 1,
"name": "Mock-TAN",
"hint": "Mock-TAN"
}
],
"relations": [
{
"rel": "self",
"href": "https://banksapi.io/customer/v2/payment/single-transfer/3e97fa51-ce7b-42a0-9101-50fd67dbc3e7"
},
{
"rel": "set_method",
"href": "https://banksapi.io/customer/v2/consent/3e97fa51-ce7b-42a0-9101-50fd67dbc3e7"
}
],
"transfer": {
"provider": "ca650b48-3edc-45f4-938d-d21df8cba761",
"product": "DE89370400440532013000",
"paymentId": "5208b5cb-2f88-4bba-87a5-c5e0356c460c",
"ebics": false,
"instant": false,
"requestedExecutionDate": {
},
"transferDetails": {
"recipient": "netzpolitik.org e. V.",
"purpose": "Spende netzpolitik.de",
"iban": "DE62430609671149278400",
"bic": "GENODEM1GLS",
"currency": "EUR",
"amount": 1337.42,
"endToEndId": "be7649876d5f439886fa816993ac9f9f"
}
}
}

Playground

Authorization
Headers
Variables
Key
Value
Body

Samples

Deprecated

Create Transfer

POST
/customer/v2/ueberweisung/{provider-id}/{product-id}

Creates a payment (i.e. initializes a SEPA transfer).

Authorizations

httpBearer
Type
HTTP (bearer)

Parameters

Header Parameters

Customer-IP-Address*

The IP address of the customer. Must be a public IP address (IPv4, IPv6)

Type
string
Required
Example"154.25.45.133"

Path Parameters

provider-id*

ID of a provider

Type
string
Required
Example"00000000-0000-0000-0000-000000000000"
Format
"uuid"
product-id*

ID of a banking product

Type
string
Required
Example"DE00123456789012345678"

Query Parameters

callbackUrl

Required for non-REG/Protect tenants. Get redirected here after a Redirect SCA.

Type
string
Example"https://demo-tenant.com/callback?state=123"
Format
"url"
editableDetails

Flag for REG/Protect to control whether fields on the frontend are editable

Type
boolean
Example"false"
paymentId

Unique UUID for the payment. Required for non-REG/Protect tenants. When provided, the same ID must be used for related VOP (Verification of Payee) requests.

Type
string
Example"d308a7ae-b762-4a20-8996-7fa22aed6b73"
Format
"uuid"

Request Body

application/json
JSON
{
"credentials": {
"userid": "mXlkGe+ukAEs+2iHjc ... 6uyURWRD/MOfGsd8HY=",
"pin": "XO2jgZX9V5GvB9rg8 ... CbzjWKilAXdeBXVHC9W1Rv5GfhKpZmw="
},
"empfaenger": "netzpolitik.org e. V.",
"verwendungszweck": "Spende netzpolitik.de",
"iban": "DE62430609671149278400",
"bic": "GENODEM1GLS",
"waehrung": "EUR",
"betrag": 1337.42,
"ausfuehrungsdatum": "2016-12-24",
"sicherheitsverfahrenKodierung": "1",
"tanMediumName": "Mobil"
}

Responses

Returns object with the transfer status

application/json
JSON
{
"ueberweisung": {
"empfaenger": "netzpolitik.org e. V.",
"verwendungszweck": "Spende netzpolitik.de",
"iban": "DE62430609671149278400",
"bic": "GENODEM1GLS",
"waehrung": "EUR",
"betrag": 1337.42
},
"ausfuehrungsdatum": "2016-12-24",
"tanMediumName": "Mobil",
"tanMedien": [
{
"gueltigVon": "2016-06-03 17:17:41",
"gueltigBis": "2016-06-03 17:17:41",
"name": "Mobil",
"medienklasse": "MOBIL"
}
],
"sicherheitsverfahren": [
{
"kodierung": 2,
"name": "mTAN",
"hinweis": "mTAN"
},
{
"kodierung": 1,
"name": "Mock-TAN",
"hinweis": "Mock-TAN"
}
],
"messages": [
{
"level": "INFO",
"code": "BA3010",
"message": "SCA benötigt",
"details": "Bitte wählen Sie eine SCA-Methode aus"
}
],
"relations": [
{
"rel": "set_method",
"href": "https://banksapi.io/customer/v2/ueberweisung/3e97fa51-ce7b-42a0-9101-50fd67dbc3e7/consent"
}
]
}

Playground

Authorization
Headers
Variables
Key
Value
Body

Samples

Initiate Single Transfer

POST
/customer/v2/payment/single-transfer

Initiates a single transfer (e.g. a SEPA transfer).

Authorizations

httpBearer
Type
HTTP (bearer)

Parameters

Header Parameters

Customer-IP-Address*

The IP address of the customer. Must be a public IP address (IPv4, IPv6)

Type
string
Required
Example"154.25.45.133"
Rejection-NoFunds-Preferred

If set to "true", the bank should reject the payment if there are insufficient funds. If set to "false", the bank may wait for a certain period for funds to arrive. This parameter may be ignored by the bank.

Type
boolean
Example"true"

Query Parameters

callbackUrl

Required for non-REG/Protect tenants. Get redirected here after a Redirect SCA.

Type
string
Example"https://demo-tenant.com/callback?state=123"
Format
"url"
queryTanSettings

Flag to ignore saved TAN-settings and query them.

Type
boolean
Example"true"
editableDetails

Flag for REG/Protect to control whether fields on the frontend are editable

Type
boolean
Example"false"
paymentId

Unique UUID for the payment. Required for non-REG/Protect tenants. When provided, the same ID must be used for related VOP (Verification of Payee) requests.

Type
string
Example"d308a7ae-b762-4a20-8996-7fa22aed6b73"
Format
"uuid"

Request Body

application/json
JSON
{
"provider": "ca650b48-3edc-45f4-938d-d21df8cba761",
"credentials": {
"userid": "mXlkGe+ukAEs+2iH ... D/MOfGsd8HY=",
"pin": "XO2jgZ ... 5GfhKpZmw="
},
"product": "DE89370400440532013000",
"instant": false,
"requestedExecutionDate": {
},
"transferDetails": {
"recipient": "netzpolitik.org e. V.",
"purpose": "Spende netzpolitik.de",
"iban": "DE62430609671149278400",
"bic": "GENODEM1GLS",
"currency": "EUR",
"amount": 1337.42,
"endToEndId": "be7649876d5f439886fa816993ac9f9f"
}
}

Responses

Returns object with the transfer status

application/json
JSON
{
"messages": [
{
"level": "INFO",
"code": "BA3010",
"message": "SCA Methode auswählen",
"details": "Bitte wählen Sie eine SCA-Methode aus"
}
],
"scaMethods": [
{
"code": 2,
"name": "mTAN",
"hint": "mTAN"
},
{
"code": 1,
"name": "Mock-TAN",
"hint": "Mock-TAN"
}
],
"relations": [
{
"rel": "self",
"href": "https://banksapi.io/customer/v2/payment/single-transfer/3e97fa51-ce7b-42a0-9101-50fd67dbc3e7"
},
{
"rel": "set_method",
"href": "https://banksapi.io/customer/v2/consent/3e97fa51-ce7b-42a0-9101-50fd67dbc3e7"
}
],
"transfer": {
"provider": "ca650b48-3edc-45f4-938d-d21df8cba761",
"product": "DE89370400440532013000",
"paymentId": "5208b5cb-2f88-4bba-87a5-c5e0356c460c",
"ebics": false,
"instant": false,
"requestedExecutionDate": {
},
"transferDetails": {
"recipient": "netzpolitik.org e. V.",
"purpose": "Spende netzpolitik.de",
"iban": "DE62430609671149278400",
"bic": "GENODEM1GLS",
"currency": "EUR",
"amount": 1337.42,
"endToEndId": "be7649876d5f439886fa816993ac9f9f"
}
}
}

Playground

Authorization
Headers
Variables
Key
Value
Body

Samples

Get Consent

GET
/customer/v2/consent/{consent-id}

Get the current status of the consent, without polling the provider

Authorizations

httpBearer
Type
HTTP (bearer)

Parameters

Path Parameters

consent-id*

ID of the consent

Type
string
Required
Example"3e97fa51-ce7b-42a0-9101-50fd67dbc3e7"
Format
"uuid"

Responses

Returns the current status of the consent.

application/json
JSON
{
"messages": [
{
"level": "INFO",
"code": "BA3020",
"message": "SCA Medium auswählen",
"details": "Bitte wählen Sie ein SCA-Medium aus"
}
],
"scaMediums": [
{
"name": "Handy Eins",
"mediaClass": "MOBILE"
}
],
"relations": [
{
"rel": "self",
"href": "https://banksapi.io/customer/v2/consent/3e97fa51-ce7b-42a0-9101-50fd67dbc3e7"
},
{
"rel": "set_medium",
"href": "https://banksapi.io/customer/v2/consent/3e97fa51-ce7b-42a0-9101-50fd67dbc3e7"
}
]
}

Playground

Authorization
Variables
Key
Value

Samples

Delete all REG/Protect sessions

DELETE
/customer/v2/regprotect/sessions

Invalidates all REG/Protect sessions of the authenticated user.

Authorizations

httpBearer
Type
HTTP (bearer)

Responses

The HTTP status 200 returns without any further response body.

Playground

Authorization

Samples

Powered by VitePress OpenAPI