Customer Accounts v0.14.0

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

Customer-level API for listing banking accounts, balances, and other account-specific data.

Clients may use this API to:

listAccounts - obtain a list of accounts that the authorized user has access to, returning a accounts collection with a list of account objects.
listEligibleAchAccounts - obtain a list of ACH accounts that allow transfers based on SEC code and authorized account privileges.
listAccountBalances - list the balances of the customer' accounts.
getAccount - Fetch a more complete set of properties of an internal account.

Download OpenAPI Definition (YAML)

Base URLs:

https://api.apiture.com/banking

Email: Apiture Web: Apiture

License: Apiture API License

Authentication

API Key (apiKey)
- header parameter: API-Key
- API Key based client identification. See details at Secure Access.

OpenID Connect authentication (accessToken)
- OpenId Connect (OIDC) authentication/authorization. The client uses the authorization_endpoint and token_endpoint to obtain an access token to pass in the Authorization header. Those endpoints are available via the OIDC Configuration URL. The actual URL may vary with each financial institution. See details at Secure Access.
- OIDC Configuration URL = https://oidc.apiture.com/oidc/.well-known/oidc-configuration

Accounts

Banking Accounts

listAccounts

Code samples

# You can also use wget
curl -X GET https://api.apiture.com/banking/accounts \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.apiture.com/banking/accounts HTTP/1.1
Host: api.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.apiture.com/banking/accounts',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.apiture.com/banking/accounts',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.apiture.com/banking/accounts',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.apiture.com/banking/accounts', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.apiture.com/banking/accounts");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.apiture.com/banking/accounts", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

List Accounts

GET https://api.apiture.com/banking/accounts

Return a paginated list of the customer's accounts, consisting of internal accounts at this financial institution and accounts at other financial institutions, if any.

Parameters

Parameter	Description
`productType`	`array[string]` Include only accounts whose `product.type` is in pipe-delimited set. For example, to list only savings, checking, and CD accounts, use `?productType=savings\|checking\|cd`. `unique items` `minItems: 1` `pipe-delimited` items: » enum values: `savings`, `checking`, `cd`, `ira`, `loan`, `creditCard`
`location`	`string` Filter accounts to just a subset of `internal` or `external` accounts (per the `location` property on the `accountItem` schema). enum values: `internal`, `external`
`allows`	`array[string]` Filter the result to accounts that have corresponding `true` values in `account.allows`. For example `?allows=transferTo,transferFrom,view` returns only accounts where `account.allows.transferTo`, `account.allows.transferFrom`, and `account.allows.view` are all `true` for the caller. `unique items` `minItems: 1` `comma-delimited` items: » enum values: `billPay`, `transferFrom`, `transferTo`, `mobileCheckDeposit`, `view`, `viewCards`, `manageCards`
`start`	`string` The location of the next item in the collection. This is an opaque cursor supplied by the API service. Omit this to start at the beginning of the collection. The client does not define this value; the API services automatically pass the `?start=` parameter on the `nextPage_url`. Default: `""` `maxLength: 256`
`limit`	`integer(int32)` The maximum number of items to return in this page response. Default: `100` `minimum: 0` `maximum: 1000`

Example responses

200 Response

{
  "start": "1922a8531e8384cfa71b",
  "limit": 100,
  "nextPage_url": "https://production.api.apiture.com/banking/accounts?start=641f62296ecbf1882c84?limit=100?allows=view=true",
  "items": [
    {
      "id": "bf23bc970b78d27691e8",
      "title": "Max Pike",
      "nickname": "Payroll Checking",
      "label": "Payroll Checking *1008",
      "product": {
        "type": "checking",
        "code": "DDA",
        "label": "Business Checking",
        "description": "Basic business checking accounts"
      },
      "maskedNumber": "*1008",
      "location": "internal",
      "allows": {
        "transferFrom": false,
        "transferTo": true,
        "billPay": false,
        "mobileCheckDeposit": true,
        "view": true,
        "viewCards": true,
        "manageCards": false
      }
    },
    {
      "id": "b78d27691e8bf23bc970",
      "title": "Max Pike",
      "nickname": "College CD",
      "label": "College CD *2017",
      "product": {
        "type": "cd",
        "code": "CDA",
        "label": "24 Month CD",
        "description": "24 Month certificate of deposit"
      },
      "maskedNumber": "*2017",
      "location": "internal",
      "allows": {
        "transferFrom": false,
        "transferTo": false,
        "billPay": false,
        "mobileCheckDeposit": false,
        "view": true,
        "viewCards": true,
        "manageCards": false
      }
    }
  ]
}

Responses

Status	Description
200	OK
	OK. A page from the full list of the customer's accounts. This list contains only accounts that the customer is entitled to access. While the `nextPage_url` property is present in the response, the client can fetch the next page of accounts by performing a `GET` on that URL.
	Schema: `accounts`

Status	Description
400	Bad Request
	Bad Request. The request body, request headers, and/or query parameters are not well-formed.
	Schema: `problemResponse`

Status	Description
401	Unauthorized
	Unauthorized. The operation require authentication but none was given. This error response may have one of the following `type` values: `https://production.api.apiture.com/errors/unauthorized/v1.0.0` The request lacks valid authentication credentials for the target resource or operation. Remediation: Authenticate the user and pass the required authorization with the request. `https://production.api.apiture.com/errors/sessionExpired/v1.0.0` The user's session has expired. Remediation: Re-authenticate the user to get a new access token or other authorization. `https://production.api.apiture.com/errors/additionalAuthenticationRequired/v1.0.0` Additional authentication, such as multi-factor authentication, required. Remediation: Complete the additional factors as per the `WWW-Authenticate` response header and add an additional `Authorization` to the call. `https://production.api.apiture.com/errors/loginIncomplete/v1.0.0` The user is correctly authenticated but additional actions are required for activating their login session. Remediation: Instruct the user to complete the additional actions to activate their login session. `https://production.api.apiture.com/errors/passwordChangeRequired/v1.0.0` The user must change their password. Remediation: Instruct the user to change their password or other login credentials. `https://production.api.apiture.com/errors/invalidCsrfToken/v1.0.0` The CSRF token is invalid. Remediation: The client application is not correctly configured to send CSRF.
	Schema: `problemResponse`
Header	`WWW-Authenticate` `string`
	Optionally indicates the authentication scheme(s) and parameters applicable to the target resource/operation. This normally occurs if the request requires authentication but no authentication was passed. A 401 Unauthorized response may also be used for operations that have valid credentials but which require step-up authentication.

Status Description

403 Forbidden

Status	Description
403	Forbidden
	Forbidden. The authenticated caller is not authorized to perform the requested operation. This error response may have one of the following `type` values: `https://production.api.apiture.com/errors/forbidden/v1.0.0` The user or agent is not allowed to perform this operation; authentication credentials were provided in the request, but the server considers them insufficient to grant access. Remediation: Check the user's permissions and entitlements before attempting the operation. `https://production.api.apiture.com/errors/customerDisabled/v1.0.0` The customer is disabled. Remediation: Have the customer contact the financial institution for support. `https://production.api.apiture.com/errors/antiMalwareRequired/v1.0.0` The financial institution requires the customer to have anti-malware software installed. Remediation: Direct the user to the software requirements guide to install the correct anti-malware software. `https://production.api.apiture.com/errors/modificationForbidden/v1.0.0` The customer is properly authenticated but not authorized to create, modify, or delete resources. Remediation: Avoid modification operation for customers with read-only authorization.
	Schema: `problemResponse`

Forbidden. The authenticated caller is not authorized to perform the requested operation.

This error response may have one of the following type values:

https://production.api.apiture.com/errors/forbidden/v1.0.0
The user or agent is not allowed to perform this operation; authentication credentials were provided in the request, but the server considers them insufficient to grant access. Remediation: Check the user's permissions and entitlements before attempting the operation.
https://production.api.apiture.com/errors/customerDisabled/v1.0.0
The customer is disabled. Remediation: Have the customer contact the financial institution for support.
https://production.api.apiture.com/errors/antiMalwareRequired/v1.0.0
The financial institution requires the customer to have anti-malware software installed. Remediation: Direct the user to the software requirements guide to install the correct anti-malware software.
https://production.api.apiture.com/errors/modificationForbidden/v1.0.0
The customer is properly authenticated but not authorized to create, modify, or delete resources. Remediation: Avoid modification operation for customers with read-only authorization.

Schema: problemResponse

Status	Description
422	Unprocessable Entity
	Unprocessable Entity. The request body and/or query parameters were well-formed but otherwise invalid.
	Schema: `problemResponse`

getAccount

Code samples

# You can also use wget
curl -X GET https://api.apiture.com/banking/accounts/{accountId} \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.apiture.com/banking/accounts/{accountId} HTTP/1.1
Host: api.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.apiture.com/banking/accounts/{accountId}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.apiture.com/banking/accounts/{accountId}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.apiture.com/banking/accounts/{accountId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.apiture.com/banking/accounts/{accountId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.apiture.com/banking/accounts/{accountId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.apiture.com/banking/accounts/{accountId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Get an Account

GET https://api.apiture.com/banking/accounts/{accountId}

Return details of the customer's internal account.

Parameters

Parameter	Description
`accountId`	`resourceId` (required) The unique identifier of this account resource. This is an opaque string. `minLength: 6` `maxLength: 48` `pattern: ^[-_:.~$a-zA-Z0-9]+$`

Example responses

200 Response

{
  "id": "bf23bc970b78d27691e8",
  "location": "internal",
  "title": "Max Pike",
  "nickname": "Payroll Checking",
  "label": "Payroll Checking *1008",
  "product": {
    "type": "checking",
    "code": "DDA",
    "label": "Business Checking",
    "description": "Business checking account"
  },
  "maskedNumber": "*1008",
  "allows": {
    "transferFrom": false,
    "transferTo": true,
    "billPay": false,
    "mobileCheckDeposit": true,
    "view": true,
    "viewCards": true,
    "manageCards": false
  },
  "electronicStatements": true
}

Responses

Status	Description
200	OK
	OK. The response is a representation of the customer's account.
	Schema: `account`

Status	Description
401	Unauthorized
	Unauthorized. The operation require authentication but none was given. This error response may have one of the following `type` values: `https://production.api.apiture.com/errors/unauthorized/v1.0.0` The request lacks valid authentication credentials for the target resource or operation. Remediation: Authenticate the user and pass the required authorization with the request. `https://production.api.apiture.com/errors/sessionExpired/v1.0.0` The user's session has expired. Remediation: Re-authenticate the user to get a new access token or other authorization. `https://production.api.apiture.com/errors/additionalAuthenticationRequired/v1.0.0` Additional authentication, such as multi-factor authentication, required. Remediation: Complete the additional factors as per the `WWW-Authenticate` response header and add an additional `Authorization` to the call. `https://production.api.apiture.com/errors/loginIncomplete/v1.0.0` The user is correctly authenticated but additional actions are required for activating their login session. Remediation: Instruct the user to complete the additional actions to activate their login session. `https://production.api.apiture.com/errors/passwordChangeRequired/v1.0.0` The user must change their password. Remediation: Instruct the user to change their password or other login credentials. `https://production.api.apiture.com/errors/invalidCsrfToken/v1.0.0` The CSRF token is invalid. Remediation: The client application is not correctly configured to send CSRF.
	Schema: `problemResponse`
Header	`WWW-Authenticate` `string`
	Optionally indicates the authentication scheme(s) and parameters applicable to the target resource/operation. This normally occurs if the request requires authentication but no authentication was passed. A 401 Unauthorized response may also be used for operations that have valid credentials but which require step-up authentication.

Status Description

403 Forbidden

Status	Description
403	Forbidden
	Forbidden. The authenticated caller is not authorized to perform the requested operation. This error response may have one of the following `type` values: `https://production.api.apiture.com/errors/forbidden/v1.0.0` The user or agent is not allowed to perform this operation; authentication credentials were provided in the request, but the server considers them insufficient to grant access. Remediation: Check the user's permissions and entitlements before attempting the operation. `https://production.api.apiture.com/errors/customerDisabled/v1.0.0` The customer is disabled. Remediation: Have the customer contact the financial institution for support. `https://production.api.apiture.com/errors/antiMalwareRequired/v1.0.0` The financial institution requires the customer to have anti-malware software installed. Remediation: Direct the user to the software requirements guide to install the correct anti-malware software. `https://production.api.apiture.com/errors/modificationForbidden/v1.0.0` The customer is properly authenticated but not authorized to create, modify, or delete resources. Remediation: Avoid modification operation for customers with read-only authorization.
	Schema: `problemResponse`

Forbidden. The authenticated caller is not authorized to perform the requested operation.

This error response may have one of the following type values:

https://production.api.apiture.com/errors/forbidden/v1.0.0
The user or agent is not allowed to perform this operation; authentication credentials were provided in the request, but the server considers them insufficient to grant access. Remediation: Check the user's permissions and entitlements before attempting the operation.
https://production.api.apiture.com/errors/customerDisabled/v1.0.0
The customer is disabled. Remediation: Have the customer contact the financial institution for support.
https://production.api.apiture.com/errors/antiMalwareRequired/v1.0.0
The financial institution requires the customer to have anti-malware software installed. Remediation: Direct the user to the software requirements guide to install the correct anti-malware software.
https://production.api.apiture.com/errors/modificationForbidden/v1.0.0
The customer is properly authenticated but not authorized to create, modify, or delete resources. Remediation: Avoid modification operation for customers with read-only authorization.

Schema: problemResponse

Status	Description
404	Not Found
	Not Found. There is no such banking account resource at the specified `{accountId}`. The response body contains details about the request error.
	Schema: `problemResponse`

listAccountBalances

Code samples

# You can also use wget
curl -X GET https://api.apiture.com/banking/accountBalances \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.apiture.com/banking/accountBalances HTTP/1.1
Host: api.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.apiture.com/banking/accountBalances',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.apiture.com/banking/accountBalances',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.apiture.com/banking/accountBalances',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.apiture.com/banking/accountBalances', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.apiture.com/banking/accountBalances");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.apiture.com/banking/accountBalances", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

List Account Balances

GET https://api.apiture.com/banking/accountBalances

Return a list of the requested internal accounts' balances. The accounts query parameter is a list of account IDs which typically comes from the getAccounts operation response. The returned list does not include external accounts. The caller must have entitlements to view each account's details, as indicated by a true value for account.allows.view. Requests to list balances for accounts the user is not allowed to read results in a 403 Forbidden response.

The response may be incomplete. Given a Retry-After response header, the client can retry the operation after a short delay, requesting only the accounts which are incomplete; see the 202 Accepted response for details.

Parameters

Parameter	Description
`accounts`	`accountIds` The unique account identifiers of one or more internal accounts. (Internal accounts are those with `location` value of `internal`.) Note: The account IDs are unrelated to the account number. `unique items` `minItems: 1` `maxItems: 100` `comma-delimited` items: » `minLength: 6` » `maxLength: 48` » `pattern: ^[-_:.~$a-zA-Z0-9]+$`
`retryCount`	`integer` When retrying the operation, pass the `retryCount` from the `incompleteAccountBalances` response. `minimum: 1` `maximum: 10`

Example responses

200 Response

{
  "items": [
    {
      "id": "05d00d7d-d630",
      "available": "3208.20",
      "current": "3448.72",
      "currentWithPending": "3448.72",
      "updatedAt": "2022-05-02T06:51:19.375Z",
      "incomplete": false
    },
    {
      "id": "cb5d67ea-a5c3",
      "available": "1750.80",
      "current": "1956.19",
      "currentWithPending": "1956.19",
      "updatedAt": "2022-05-02T06:51:19.375Z",
      "incomplete": false
    }
  ]
}

422 Response

{
  "id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
  "type": "https://production.api.apiture.com/errors/invalidAccountId/v1.0.0",
  "title": "Unprocessable Entity",
  "status": 422,
  "occurredAt": "2022-04-25T12:42:21.375Z",
  "detail": "No such account exists for the given account ID.",
  "instance": "https://production.api.apiture.com/banking/accountBalances?accounts=bb709151-575041fcd617"
}

{
  "id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
  "type": "https://production.api.apiture.com/errors/invalidAccountId/v1.0.0",
  "title": "Unprocessable Entity",
  "status": 422,
  "occurredAt": "2022-04-25T12:42:21.375Z",
  "detail": "No such account exists for the given account ID.",
  "instance": "https://production.api.apiture.com/banking/accountBalances?accounts=bb709151-575041fcd617"
}

Responses

Status	Description
200	OK
	OK. The response contains the balances for all the accounts in the `?accounts=` query parameter.
	Schema: `accountBalances`
202	Accepted
	Accepted. The service accepted the request but could not provide balances for all the requested accounts and returned an incomplete response. Try the call again after the time in the `Retry-After` response header has passed, and request only those accounts which are `incomplete`. If there is no `Retry-After` response header, the client has reached its maximum number of tries and should not retry the operation.
	Schema: `incompleteAccountBalances`
Header	`Retry-After` `string`
	Indicates an absolute time, in HTTP `date-time` format, UTC or a delay in seconds (a non-negative integer) after which the client may retry the operation. See RFC7231: Retry-After Examples: `Retry-After: 5` `Retry-After: Mon, 03 May 2022 23:59:59 GMT`

Status	Description
401	Unauthorized
	Unauthorized. The operation require authentication but none was given. This error response may have one of the following `type` values: `https://production.api.apiture.com/errors/unauthorized/v1.0.0` The request lacks valid authentication credentials for the target resource or operation. Remediation: Authenticate the user and pass the required authorization with the request. `https://production.api.apiture.com/errors/sessionExpired/v1.0.0` The user's session has expired. Remediation: Re-authenticate the user to get a new access token or other authorization. `https://production.api.apiture.com/errors/additionalAuthenticationRequired/v1.0.0` Additional authentication, such as multi-factor authentication, required. Remediation: Complete the additional factors as per the `WWW-Authenticate` response header and add an additional `Authorization` to the call. `https://production.api.apiture.com/errors/loginIncomplete/v1.0.0` The user is correctly authenticated but additional actions are required for activating their login session. Remediation: Instruct the user to complete the additional actions to activate their login session. `https://production.api.apiture.com/errors/passwordChangeRequired/v1.0.0` The user must change their password. Remediation: Instruct the user to change their password or other login credentials. `https://production.api.apiture.com/errors/invalidCsrfToken/v1.0.0` The CSRF token is invalid. Remediation: The client application is not correctly configured to send CSRF.
	Schema: `problemResponse`
Header	`WWW-Authenticate` `string`
	Optionally indicates the authentication scheme(s) and parameters applicable to the target resource/operation. This normally occurs if the request requires authentication but no authentication was passed. A 401 Unauthorized response may also be used for operations that have valid credentials but which require step-up authentication.

Status Description

403 Forbidden

Status	Description
403	Forbidden
	Forbidden. The authenticated caller is not authorized to perform the requested operation. This error response may have one of the following `type` values: `https://production.api.apiture.com/errors/forbidden/v1.0.0` The user or agent is not allowed to perform this operation; authentication credentials were provided in the request, but the server considers them insufficient to grant access. Remediation: Check the user's permissions and entitlements before attempting the operation. `https://production.api.apiture.com/errors/customerDisabled/v1.0.0` The customer is disabled. Remediation: Have the customer contact the financial institution for support. `https://production.api.apiture.com/errors/antiMalwareRequired/v1.0.0` The financial institution requires the customer to have anti-malware software installed. Remediation: Direct the user to the software requirements guide to install the correct anti-malware software. `https://production.api.apiture.com/errors/modificationForbidden/v1.0.0` The customer is properly authenticated but not authorized to create, modify, or delete resources. Remediation: Avoid modification operation for customers with read-only authorization.
	Schema: `problemResponse`

Forbidden. The authenticated caller is not authorized to perform the requested operation.

This error response may have one of the following type values:

https://production.api.apiture.com/errors/forbidden/v1.0.0
The user or agent is not allowed to perform this operation; authentication credentials were provided in the request, but the server considers them insufficient to grant access. Remediation: Check the user's permissions and entitlements before attempting the operation.
https://production.api.apiture.com/errors/customerDisabled/v1.0.0
The customer is disabled. Remediation: Have the customer contact the financial institution for support.
https://production.api.apiture.com/errors/antiMalwareRequired/v1.0.0
The financial institution requires the customer to have anti-malware software installed. Remediation: Direct the user to the software requirements guide to install the correct anti-malware software.
https://production.api.apiture.com/errors/modificationForbidden/v1.0.0
The customer is properly authenticated but not authorized to create, modify, or delete resources. Remediation: Avoid modification operation for customers with read-only authorization.

Schema: problemResponse

Status Description

422 Unprocessable Entity

Unprocessable Entity. The request body and/or query parameters were well-formed but otherwise invalid.

This error response may have one of the following type values:

https://production.api.apiture.com/errors/invalidAccountId/v0.2.0
The named accountId does not exist or the user is not entitled to access the account. Remediation: Pass the id of an existing account the caller has access to.

Schema: problemResponse

Status	Description
429	Too Many Requests
	Too Many Requests. The client has sent too many requests in a given amount of time.
	Schema: `problemResponse`

Status	Description
503	Service Unavailable
	Service Unavailable. Could not fetch the account balance from the banking core or from the external account.
	Schema: `problemResponse`

listEligibleAchAccounts

Code samples

# You can also use wget
curl -X GET https://api.apiture.com/banking/achEligibleAccounts?allows=billPay&secCode=arc \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.apiture.com/banking/achEligibleAccounts?allows=billPay&secCode=arc HTTP/1.1
Host: api.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.apiture.com/banking/achEligibleAccounts?allows=billPay&secCode=arc',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.apiture.com/banking/achEligibleAccounts',
  method: 'get',
  data: '?allows=billPay&secCode=arc',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.apiture.com/banking/achEligibleAccounts',
  params: {
  'allows' => 'array[string]',
'secCode' => '[achSecCode](#schemaachseccode)'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.apiture.com/banking/achEligibleAccounts', params={
  'allows': [
  "billPay"
],  'secCode': 'arc'
}, headers = headers)

print r.json()

URL obj = new URL("https://api.apiture.com/banking/achEligibleAccounts?allows=billPay&secCode=arc");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.apiture.com/banking/achEligibleAccounts", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

List Eligible ACH Accounts

GET https://api.apiture.com/banking/achEligibleAccounts

Return a paginated list of a customer's accounts that are eligible for ACH transfers based on allowed privileges.

Optionally, an agent can access a business customer's ACH accounts when acting on behalf of that business customer via the optional customerId query parameter.

Parameters

Parameter	Description
`allows`	`array[string]` (required) Filter the result to accounts that have corresponding `true` values in `account.allows`. For example `?allows=transferTo,transferFrom,view` returns only accounts where `account.allows.transferTo`, `account.allows.transferFrom`, and `account.allows.view` are all `true` for the caller. `unique items` `minItems: 1` `comma-delimited` items: » enum values: `billPay`, `transferFrom`, `transferTo`, `mobileCheckDeposit`, `view`, `viewCards`, `manageCards`
`secCode`	`achSecCode` (required) Filter the result to accounts that that allow ACH transfers of the given Standard Entry Class (SEC) codes. enum values: `arc`, `boc`, `ccd`, `cie`, `ctx`, `pop`, `ppd`, `rck`, `tel`, `web`
`customerId`	`resourceId` The optional identifier of a business customer. This is an opaque string. An agent who is operating on behalf of a business can use this to access the resources of that business customer. The agent must have entitlements to act on behalf of the business; if not, the operation returns a 403 Forbidden response. For other situations, omit this value, else this must match the authenticated caller's customer ID (not their access ID). `minLength: 6` `maxLength: 48` `pattern: ^[-_:.~$a-zA-Z0-9]+$`
`start`	`string` The location of the next item in the collection. This is an opaque cursor supplied by the API service. Omit this to start at the beginning of the collection. The client does not define this value; the API services automatically pass the `?start=` parameter on the `nextPage_url`. Default: `""` `maxLength: 256`
`limit`	`integer(int32)` The maximum number of items to return in this page response. Default: `100` `minimum: 0` `maximum: 1000`

Example responses

200 Response

{
  "start": "1922a8531e8384cfa71b",
  "limit": 100,
  "nextPage_url": "https://production.api.apiture.com/banking/accounts?start=641f62296ecbf1882c84?limit=100?allows=view=true",
  "items": [
    {
      "id": "bf23bc970b78d27691e8",
      "title": "Max Pike",
      "nickname": "Payroll Checking",
      "label": "Payroll Checking *1008",
      "product": {
        "type": "checking",
        "code": "DDA",
        "label": "Business Checking",
        "description": "Basic business checking accounts"
      },
      "maskedNumber": "*1008",
      "location": "internal",
      "allows": {
        "transferFrom": false,
        "transferTo": true,
        "billPay": false,
        "mobileCheckDeposit": true,
        "view": true,
        "viewCards": true,
        "manageCards": false
      }
    },
    {
      "id": "b78d27691e8bf23bc970",
      "title": "Max Pike",
      "nickname": "College CD",
      "label": "College CD *2017",
      "product": {
        "type": "cd",
        "code": "CDA",
        "label": "24 Month CD",
        "description": "24 Month certificate of deposit"
      },
      "maskedNumber": "*2017",
      "location": "internal",
      "allows": {
        "transferFrom": false,
        "transferTo": false,
        "billPay": false,
        "mobileCheckDeposit": false,
        "view": true,
        "viewCards": true,
        "manageCards": false
      }
    }
  ]
}

Responses

Status	Description
200	OK
	OK. A page from the full list of the customer's ACH-eligible accounts. This list contains only accounts that the customer is entitled to access. While the `nextPage_url` property is present in the response, the client can fetch the next page of accounts by performing a `GET` on that URL.
	Schema: `accounts`

Status	Description
400	Bad Request
	Bad Request. The request body, request headers, and/or query parameters are not well-formed.
	Schema: `problemResponse`

Status	Description
401	Unauthorized
	Unauthorized. The operation require authentication but none was given. This error response may have one of the following `type` values: `https://production.api.apiture.com/errors/unauthorized/v1.0.0` The request lacks valid authentication credentials for the target resource or operation. Remediation: Authenticate the user and pass the required authorization with the request. `https://production.api.apiture.com/errors/sessionExpired/v1.0.0` The user's session has expired. Remediation: Re-authenticate the user to get a new access token or other authorization. `https://production.api.apiture.com/errors/additionalAuthenticationRequired/v1.0.0` Additional authentication, such as multi-factor authentication, required. Remediation: Complete the additional factors as per the `WWW-Authenticate` response header and add an additional `Authorization` to the call. `https://production.api.apiture.com/errors/loginIncomplete/v1.0.0` The user is correctly authenticated but additional actions are required for activating their login session. Remediation: Instruct the user to complete the additional actions to activate their login session. `https://production.api.apiture.com/errors/passwordChangeRequired/v1.0.0` The user must change their password. Remediation: Instruct the user to change their password or other login credentials. `https://production.api.apiture.com/errors/invalidCsrfToken/v1.0.0` The CSRF token is invalid. Remediation: The client application is not correctly configured to send CSRF.
	Schema: `problemResponse`
Header	`WWW-Authenticate` `string`
	Optionally indicates the authentication scheme(s) and parameters applicable to the target resource/operation. This normally occurs if the request requires authentication but no authentication was passed. A 401 Unauthorized response may also be used for operations that have valid credentials but which require step-up authentication.

Status Description

403 Forbidden

Status	Description
403	Forbidden
	Forbidden. The authenticated caller is not authorized to perform the requested operation. This error response may have one of the following `type` values: `https://production.api.apiture.com/errors/forbidden/v1.0.0` The user or agent is not allowed to perform this operation; authentication credentials were provided in the request, but the server considers them insufficient to grant access. Remediation: Check the user's permissions and entitlements before attempting the operation. `https://production.api.apiture.com/errors/customerDisabled/v1.0.0` The customer is disabled. Remediation: Have the customer contact the financial institution for support. `https://production.api.apiture.com/errors/antiMalwareRequired/v1.0.0` The financial institution requires the customer to have anti-malware software installed. Remediation: Direct the user to the software requirements guide to install the correct anti-malware software. `https://production.api.apiture.com/errors/modificationForbidden/v1.0.0` The customer is properly authenticated but not authorized to create, modify, or delete resources. Remediation: Avoid modification operation for customers with read-only authorization.
	Schema: `problemResponse`

Forbidden. The authenticated caller is not authorized to perform the requested operation.

This error response may have one of the following type values:

https://production.api.apiture.com/errors/forbidden/v1.0.0
The user or agent is not allowed to perform this operation; authentication credentials were provided in the request, but the server considers them insufficient to grant access. Remediation: Check the user's permissions and entitlements before attempting the operation.
https://production.api.apiture.com/errors/customerDisabled/v1.0.0
The customer is disabled. Remediation: Have the customer contact the financial institution for support.
https://production.api.apiture.com/errors/antiMalwareRequired/v1.0.0
The financial institution requires the customer to have anti-malware software installed. Remediation: Direct the user to the software requirements guide to install the correct anti-malware software.
https://production.api.apiture.com/errors/modificationForbidden/v1.0.0
The customer is properly authenticated but not authorized to create, modify, or delete resources. Remediation: Avoid modification operation for customers with read-only authorization.

Schema: problemResponse

Status	Description
422	Unprocessable Entity
	Unprocessable Entity. The request body and/or query parameters were well-formed but otherwise invalid.
	Schema: `problemResponse`

Schemas

account

{
  "id": "bf23bc970b78d27691e8",
  "location": "internal",
  "title": "Max Pike",
  "nickname": "Payroll Checking",
  "label": "Payroll Checking *1008",
  "product": {
    "type": "checking",
    "code": "DDA",
    "label": "Business Checking",
    "description": "Business checking account"
  },
  "maskedNumber": "*1008",
  "allows": {
    "transferFrom": false,
    "transferTo": true,
    "billPay": false,
    "mobileCheckDeposit": true,
    "view": true,
    "viewCards": true,
    "manageCards": false
  },
  "electronicStatements": true
}

Account (v1.1.1)

An internal customer account.

Properties

Name	Description
`id`	`string: readOnlyResourceId` (required) The unique identifier for this account resource. This is an immutable opaque string. `read-only` `minLength: 6` `maxLength: 48` `pattern: ^[-_:.~$a-zA-Z0-9]+$`
`title`	`string` (required) The financial institution assigned title for the account, derived from the account owner's name. `read-only` `maxLength: 80`
`label`	`string` (required) The human-readable label for this account. This is either the `nickname` (if assigned for the current customer), or the `product.label` concatenated with the `maskedNumber`. `read-only` `maxLength: 80`
`nickname`	`string: accountNickname` The nickname (friendly name) the customer has given this account. Each customer can define their own nickname for the same account. If omitted, the customer has not set a nickname. `maxLength: 50`
`maskedNumber`	`string: maskedAccountNumber` (required) A masked account number: an asterisk `` followed by one to four characters of the `fullAccountNumber`. `minLength: 2` `maxLength: 5` `pattern: ^\[- _a-zA-Z0-9.]{1,4}$`
`allows`	`object: accountPermissions` (required) Flags which indicate the permissions the current authorized user has on this account resource. Most of these properties may only be `true` for internal accounts.
`product`	`object: productReference` (required) A reference to a banking product.
`location`	`string: accountLocation` (required) Indicates where an account is held. enum values: `internal`, `external`, `outside`
`electronicStatements`	`boolean` (required) If `true`, the customer has opted in to receive account statements electronically.

accountAllowsFilter

"billPay"

Account Allows Filter (v1.0.0)

Values for the ?allows= filter in listAccounts.

accountAllowsFilter strings may have one of the following enumerated values:

Value	Description
`billPay`	Bill Pay: Include each account where the caller is allowed to use the bill pay feature.
`transferFrom`	Transfer From: Include each account where the caller is allowed to transfer money from the account.
`transferTo`	Transfer To: Include each account where the caller is allowed to transfer money into the account.
`mobileCheckDeposit`	Mobile Check Deposit: Include each account where the caller is allowed to deposit mobile checks.
`view`	View: Include each account where the caller is allowed to view full account details (balances, full account number, transactions, etc).
`viewCards`	View Cards: Include each account where the caller is allowed to view debit card details.
`manageCards`	Manage Cards: Include each account where the caller is allowed to manage debit card details.

Type: string
enum values: billPay, transferFrom, transferTo, mobileCheckDeposit, view, viewCards, manageCards

accountBalance

{
  "id": "05d00d7d-d630",
  "available": "3208.20",
  "current": "3448.72",
  "currentWithPending": "3448.72",
  "updatedAt": "2022-05-02T06:51:19.375Z",
  "incomplete": false
}

Account Balance (v1.0.0)

The current balances of the given account.

Properties

Name	Description
`id`	`string: readOnlyResourceId` (required) The account ID. `read-only` `minLength: 6` `maxLength: 48` `pattern: ^[-_:.~$a-zA-Z0-9]+$`
`available`	`string: creditOrDebitValue` The available balance: the funds available for use. This is the string representation of the exact decimal amount. `read-only` `pattern: ^(-\|\+)?(0\|[1-9][0-9]*)\.[0-9][0-9]$`
`current`	`string: creditOrDebitValue` The current balance. This is the balance at the end of the previous business day. This is the string representation of the exact decimal amount. `read-only` `pattern: ^(-\|\+)?(0\|[1-9][0-9]*)\.[0-9][0-9]$`
`updatedAt`	`string(date-time): readOnlyTimestamp` The time when the balance values were last updated from the banking core. `read-only` `minLength: 20` `maxLength: 30`
`currentWithPending`	`string: creditOrDebitValue` The current balance, with posted transactions. This is the string representation of the exact decimal amount. `read-only` `pattern: ^(-\|\+)?(0\|[1-9][0-9]*)\.[0-9][0-9]$`
`incomplete`	`boolean` (required) If `true`, the response is incomplete and the client may re-try the operation after the `Retry-After` time in order to fetch balances for any incomplete accounts in the `items`. The retry operation should only pass in accounts that are `incomplete`.

accountBalances

{
  "items": [
    {
      "id": "05d00d7d-d630",
      "available": "3208.20",
      "current": "3448.72",
      "currentWithPending": "3448.72",
      "updatedAt": "2022-05-02T06:51:19.375Z",
      "incomplete": false
    },
    {
      "id": "cb5d67ea-a5c3",
      "available": "1750.80",
      "current": "1956.19",
      "currentWithPending": "1956.19",
      "updatedAt": "2022-05-02T06:51:19.375Z",
      "incomplete": false
    }
  ]
}

Account Balances (v1.0.0)

An array of account balances by account ID.

Properties

Name	Description
`items`	`array: [accountBalance]` (required) An array of items, one for each of the `?accounts=` in the request, returned in the same order. `maxItems: 256`

accountIds

[
  "string"
]

Account IDs (v1.0.0)

An array of account IDs.

accountIds is an array schema.

Array Elements

Name	Description
`Account IDs (v1.0.0)`	`array: [resourceId]` An array of account IDs. `unique items` `minItems: 1` `maxItems: 100`

accountItem

{
  "id": "bf23bc970b78d27691e8",
  "location": "internal",
  "title": "Max Pike",
  "nickname": "Payroll Checking",
  "label": "Payroll Checking *1008",
  "product": {
    "type": "checking",
    "code": "DDA",
    "label": "Business Checking",
    "description": "Basic business checking account"
  },
  "maskedNumber": "*1008",
  "allows": {
    "transferFrom": false,
    "transferTo": true,
    "billPay": false,
    "mobileCheckDeposit": true,
    "view": true,
    "viewCards": true,
    "manageCards": true
  }
}

Account Item (v1.1.1)

An account item in a list items in the accounts schema.

Properties

Name	Description
`id`	`string: readOnlyResourceId` (required) The unique identifier for this account resource. This is an immutable opaque string. `read-only` `minLength: 6` `maxLength: 48` `pattern: ^[-_:.~$a-zA-Z0-9]+$`
`title`	`string` (required) The financial institution assigned title for the account, derived from the account owner's name. `read-only` `maxLength: 80`
`label`	`string` (required) The human-readable label for this account. This is either the `nickname` (if assigned for the current customer), or the `product.label` concatenated with the `maskedNumber`. `read-only` `maxLength: 80`
`nickname`	`string: accountNickname` The nickname (friendly name) the customer has given this account. Each customer can define their own nickname for the same account. If omitted, the customer has not set a nickname. `maxLength: 50`
`maskedNumber`	`string: maskedAccountNumber` (required) A masked account number: an asterisk `` followed by one to four characters of the `fullAccountNumber`. `minLength: 2` `maxLength: 5` `pattern: ^\[- _a-zA-Z0-9.]{1,4}$`
`allows`	`object: accountPermissions` (required) Flags which indicate the permissions the current authorized user has on this account resource. Most of these properties may only be `true` for internal accounts.
`product`	`object: productReference` (required) A reference to a banking product.
`location`	`string: accountLocation` (required) Indicates where an account is held. enum values: `internal`, `external`, `outside`

accountLocation

"internal"

Account Location (v1.0.0)

Indicates where an account is held:

internal accounts at the current financial institution;
external accounts at another financial institution;
outside accounts non-banking accounts such as brokerage and fund accounts. Account transfers are only allowed between internal and external accounts. All accounts are considered when calculating total cash balance.

Type: string
enum values: internal, external, outside

accountNickname

"Payroll Checking"

Account Nickname (v1.1.0)

The nickname (friendly name) the customer has given this account. Each customer can define their own nickname for the same account. If omitted, the customer has not set a nickname.

Type: string
maxLength: 50

accountPermissions

{
  "billPay": false,
  "mobileCheckDeposit": true,
  "transferFrom": true,
  "transferTo": true,
  "view": true,
  "viewCards": true,
  "manageCards": false
}

Account Permissions (v0.3.0)

Flags which indicate the permissions the current authorized user has on this account resource. Most of these properties may only be true for internal accounts.

Properties

Name	Description
`billPay`	`boolean` (required) If `true`, the customer may use this account for Bill Pay.
`mobileCheckDeposit`	`boolean` (required) If `true`, the customer may use this account for mobile check deposits.
`transferFrom`	`boolean` (required) If `true`, the customer may use this account as the target (deposit) account for account-to-account transfers.
`transferTo`	`boolean` (required) If `true`, the customer may use this account as the source (debit) account for account-to-account transfers.
`view`	`boolean` (required) If `true`, the customer may view the details of this account, including the account balance and transactions.
`viewCards`	`boolean` (required) If `true`, the customer may view debit cards associated with this account.
`manageCards`	`boolean` (required) If true, the customer may manage debit cards associated with this account. This includes locking and unlocking cards, changing card controls, ordering cards, or canceling cards.

accountRoutingNumber

"stringstr"

Account Routing Number (v1.0.0)

A reusable type for an account routing number.

Type: string
minLength: 9
maxLength: 9
pattern: ^[0-9]{9}$

accounts

{
  "start": "1922a8531e8384cfa71b",
  "limit": 100,
  "nextPage_url": "https://production.api.apiture.com/banking/accounts?start=641f62296ecbf1882c84?limit=100?allows=view=true",
  "items": [
    {
      "id": "bf23bc970b78d27691e8",
      "title": "Max Pike",
      "nickname": "Payroll Checking",
      "label": "Payroll Checking *1008",
      "product": {
        "type": "checking",
        "code": "DDA",
        "label": "Business Checking",
        "description": "Basic business checking accounts"
      },
      "maskedNumber": "*1008",
      "location": "internal",
      "allows": {
        "transferFrom": false,
        "transferTo": true,
        "billPay": false,
        "mobileCheckDeposit": true,
        "view": true,
        "viewCards": true,
        "manageCards": false
      }
    },
    {
      "id": "b78d27691e8bf23bc970",
      "title": "Max Pike",
      "nickname": "College CD",
      "label": "College CD *2017",
      "product": {
        "type": "cd",
        "code": "CDA",
        "label": "24 Month CD",
        "description": "24 Month certificate of deposit"
      },
      "maskedNumber": "*2017",
      "location": "internal",
      "allows": {
        "transferFrom": false,
        "transferTo": false,
        "billPay": false,
        "mobileCheckDeposit": false,
        "view": true,
        "viewCards": true,
        "manageCards": false
      }
    }
  ]
}

Accounts (v1.1.2)

A paginated list of the customer's accounts. This list contains internal banking accounts and external banking accounts. and outside fund accounts. The location property indicates where the account is held. Items in the list contain url links to the actual account resource which are in the accounts, externalAccounts or outsideAccounts collections.

Properties

Name	Description
`limit`	`integer(int32)` (required) The number of items requested for this page response. The length of the `items` array may be less that `limit`. Default: `100` `minimum: 0`
`nextPage_url`	`string(uri)` The URL of the next page of accounts. If this URL is omitted, there are no more accounts. `read-only` `maxLength: 256`
`start`	`string` The opaque cursor that specifies the starting location of this page of items. `maxLength: 256`
`items`	`array: [accountItem]` (required) The array of items in this page of accounts. This array may be empty. `read-only`
`primaryAccountId`	`string: readOnlyResourceId` The `id` of the customer's primary account. This property only exists for retail customers, and only if the customer has designated a primary account. `read-only` `minLength: 6` `maxLength: 48` `pattern: ^[-_:.~$a-zA-Z0-9]+$`

achSecCode

"arc"

ACH SEC Code (v1.0.0)

The ACH transfer type

achSecCode strings may have one of the following enumerated values:

Value	Description
`arc`	Accounts Receivable
`boc`	Back Office Conversion
`ccd`	Credit or Debit
`cie`	Customer-Initiated
`ctx`	Corporate Trade Exchange
`pop`	Point of Purchase
`ppd`	Prearranged Payment and Deposit
`rck`	Re-Presented Check
`tel`	Telephone-initiated
`web`	Internet-initiated/Mobile

Type: string
enum values: arc, boc, ccd, cie, ctx, pop, ppd, rck, tel, web

apiProblem

{
  "id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
  "type": "https://production.api.apiture.com/errors/accountNotFound/v1.0.0",
  "title": "Account Not Found",
  "status": 422,
  "occurredAt": "2022-04-25T12:42:21.375Z",
  "detail": "No account exists at the given account_url",
  "instance": "https://production.api.apiture.com/banking/transfers/bb709151-575041fcd617"
}

API Problem (v1.1.0)

API problem or error, as per RFC 7807 application/problem+json.

Properties

Name	Description
`type`	`string(uri-reference)` A URI reference (RFC3986) that identifies the problem type. If present, this is the URL of human-readable HTML documentation for the problem type. When this member is not present, its value is assumed to be `"about:blank"`.
`title`	`string` A short, human-readable summary of the problem type. The title is usually the same for all problem with the same `type`.
`status`	`integer(int32)` The HTTP status code for this occurrence of the problem. `minimum: 100` `maximum: 599`
`detail`	`string` A human-readable explanation specific to this occurrence of the problem.
`instance`	`string(uri-reference)` A URI reference that identifies the specific occurrence of the problem. This is the URI of an API resource that the problem is related to, with a unique error correlation ID URI fragment
`id`	`string: readOnlyResourceId` The unique identifier for this problem. This is an immutable opaque string. `read-only` `minLength: 6` `maxLength: 48` `pattern: ^[-_:.~$a-zA-Z0-9]+$`
`occurredAt`	`string(date-time): readOnlyTimestamp` The timestamp when the problem occurred, in RFC 3339 date-time `YYYY-MM-DDThh:mm:ss.sssZ` format, UTC. `read-only` `minLength: 20` `maxLength: 30`
`problems`	`array: [apiProblem]` Optional root-causes if there are multiple problems in the request or API call processing.
`attributes`	`object` Additional optional attributes related to the problem. This data conforms to the schema associated with the error type.

creditOrDebitValue

"3456.78"

Credit Or Debit Value (v1.0.0)

The monetary value representing a credit (positive amounts with no prefix or a + prefix) or debit (negative amounts with a - prefix). The numeric value is represented as a string so that it can be exact with no loss of precision.
The schema creditOrDebitValue was added on version 0.4.0 of the API.

Type: string
pattern: ^(-|+)?(0|[1-9][0-9]*).[0-9][0-9]$

fullAccountNumber

"123456789"

Full Account Number (v1.0.0)

A full account number. This is the number that the customer uses to reference the account within the financial institution.

Type: string
minLength: 1
maxLength: 32
pattern: ^[- a-zA-Z0-9.]{1,32}$

incompleteAccountBalances

{
  "items": [
    {
      "id": "05d00d7d-d630",
      "available": "3208.20",
      "current": "3448.72",
      "currentWithPending": "3448.72",
      "updatedAt": "2022-05-02T06:51:19.375Z",
      "incomplete": false
    },
    {
      "id": "cb5d67ea-a5c3",
      "available": "1750.80",
      "current": "1956.19",
      "currentWithPending": "1956.19",
      "updatedAt": "2022-05-02T06:51:19.375Z",
      "incomplete": false
    },
    {
      "id": "b5a4f178-2baf",
      "incomplete": true
    },
    {
      "id": "959908db-fd40",
      "incomplete": true
    },
    {
      "id": "97e6166a-2a4c",
      "incomplete": true
    }
  ],
  "incompleteAccounts": [
    "b5a4f178-2baf",
    "959908db-fd40",
    "97e6166a-2a4c"
  ],
  "retryCount": 1
}

Incomplete Account Balance (v1.0.0)

An array of account balances by account ID, some of which are incomplete. Use the values in incompleteAccounts and retryCount to retry.

Properties

Name	Description
`items`	`array: [accountBalance]` (required) An array of items, one for each of the `?accounts=` in the request, returned in the same order. `maxItems: 256`
`incompleteAccounts`	`array: accountIds` (required) Pass these values as the `?accounts=` query parameter on the next retry of the `getAccountBalances` operation. This value is empty if the client has reached the retry limit. `unique items` `minItems: 1` `maxItems: 100`
`retryCount`	`integer` (required) Pass this value as the as the `?retryCount=` parameter with the next retry of the `getAccountBalances` operation. `minimum: 1` `maximum: 10`

maskedAccountNumber

"*1008"

Masked Account Number (v1.0.1)

A masked account number: an asterisk * followed by one to four characters of the fullAccountNumber.

Type: string
minLength: 2
maxLength: 5
pattern: ^*[- _a-zA-Z0-9.]{1,4}$

problemResponse

{
  "id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
  "type": "https://production.api.apiture.com/errors/noSuchAccount/v1.0.0",
  "title": "Account Not Found",
  "status": 422,
  "occurredAt": "2022-04-25T12:42:21.375Z",
  "detail": "No account exists for the given account reference",
  "instance": "https://production.api.apiture.com/banking/transfers/bb709151-575041fcd617"
}

Problem Response (v0.3.0)

API problem or error response, as per RFC 7807 application/problem+json.

Properties

Name	Description
`type`	`string(uri-reference)` A URI reference (RFC3986) that identifies the problem type. If present, this is the URL of human-readable HTML documentation for the problem type. When this member is not present, its value is assumed to be `"about:blank"`.
`title`	`string` A short, human-readable summary of the problem type. The title is usually the same for all problem with the same `type`.
`status`	`integer(int32)` The HTTP status code for this occurrence of the problem. `minimum: 100` `maximum: 599`
`detail`	`string` A human-readable explanation specific to this occurrence of the problem.
`instance`	`string(uri-reference)` A URI reference that identifies the specific occurrence of the problem. This is the URI of an API resource that the problem is related to, with a unique error correlation ID URI fragment
`id`	`string: readOnlyResourceId` The unique identifier for this problem. This is an immutable opaque string. `read-only` `minLength: 6` `maxLength: 48` `pattern: ^[-_:.~$a-zA-Z0-9]+$`
`occurredAt`	`string(date-time): readOnlyTimestamp` The timestamp when the problem occurred, in RFC 3339 date-time `YYYY-MM-DDThh:mm:ss.sssZ` format, UTC. `read-only` `minLength: 20` `maxLength: 30`
`problems`	`array: [apiProblem]` Optional root-causes if there are multiple problems in the request or API call processing.
`attributes`	`object` Additional optional attributes related to the problem. This data conforms to the schema associated with the error type.

productReference

{
  "type": "cd",
  "code": "180D_CDA",
  "label": "180 Day CD",
  "description": "Certificate of Deposit with a 180 day term"
}

Product Reference (v1.0.0)

A reference to a banking product.

Properties

Name	Description
`type`	`string: productType` (required) The type of account. enum values: `savings`, `checking`, `cd`, `ira`, `loan`, `creditCard`
`code`	`string` (required) The product's product code. Codes are unique to the financial institution. `maxLength: 16`
`label`	`string` (required) A human-readable label for this banking product. `maxLength: 48`
`description`	`string(markdown)` (required) A human-readable description of this banking product. `maxLength: 400`

productType

"savings"

Product Type (v2.0.0)

The type (or category) of bank account.

productType strings may have one of the following enumerated values:

Value	Description
`savings`	Savings: Savings Account
`checking`	Checking: Checking Account
`cd`	CD: Certificate of Deposit Account
`ira`	IRA: Individual Retirement Account
`loan`	Loan: Loan Account
`creditCard`	Credit Card: Credit Card Account

Type: string
enum values: savings, checking, cd, ira, loan, creditCard

readOnlyResourceId

"string"

Read-only Resource Identifier (v1.0.0)

The unique, opaque system-assigned identifier for a resource. This case-sensitive ID is also used in URLs as path parameters or in other properties or parameters that reference a resource by ID rather than URL. Resource IDs are immutable.

Type: string
read-only
minLength: 6
maxLength: 48
pattern: ^[-_:.~$a-zA-Z0-9]+$

readOnlyTimestamp

"2021-10-30T19:06:04.250Z"

Read-Only Timestamp (v1.0.0)

A readonly or derived timestamp (an instant in time) formatted in RFC 3339 date-time UTC format: YYYY-MM-DDThh:mm:ss.sssZ.
The schema readOnlyTimestamp was added on version 0.4.0 of the API.

Type: string(date-time)
read-only
minLength: 20
maxLength: 30

resourceId

"string"

Resource Identifier (v1.0.0)

The unique, opaque system identifier for a resource. This case-sensitive ID is also used as path parameters in URLs or in other properties or parameters that reference a resource by ID rather than URL.

Type: string
minLength: 6
maxLength: 48
pattern: ^[-_:.~$a-zA-Z0-9]+$