Customer Accounts v0.14.0
Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.
Customer-level API for listing banking accounts, balances, and other account-specific data.
Clients may use this API to:
listAccounts
- obtain a list of accounts that the authorized user has access to, returning aaccounts
collection with alist
of account objects.listEligibleAchAccounts
- obtain a list of ACH accounts that allow transfers based on SEC code and authorized account privileges.listAccountBalances
- list the balances of the customer' accounts.getAccount
- Fetch a more complete set of properties of an internal account.
Download OpenAPI Definition (YAML)
Base URLs:
License: Apiture API License
Authentication
- API Key (
apiKey
)- header parameter: API-Key
- API Key based client identification. See details at Secure Access.
- OpenID Connect authentication (
accessToken
)- OpenId Connect (OIDC) authentication/authorization. The client uses the
authorization_endpoint
andtoken_endpoint
to obtain an access token to pass in theAuthorization
header. Those endpoints are available via the OIDC Configuration URL. The actual URL may vary with each financial institution. See details at Secure Access. - OIDC Configuration URL =
https://oidc.apiture.com/oidc/.well-known/oidc-configuration
- OpenId Connect (OIDC) authentication/authorization. The client uses the
Accounts
Banking Accounts
listAccounts
Code samples
# You can also use wget
curl -X GET https://api.apiture.com/banking/accounts \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {access-token}'
GET https://api.apiture.com/banking/accounts HTTP/1.1
Host: api.apiture.com
Accept: application/json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.apiture.com/banking/accounts',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.apiture.com/banking/accounts',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.apiture.com/banking/accounts',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.apiture.com/banking/accounts', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.apiture.com/banking/accounts");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.apiture.com/banking/accounts", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
List Accounts
GET https://api.apiture.com/banking/accounts
Return a paginated list of the customer's accounts, consisting of internal accounts at this financial institution and accounts at other financial institutions, if any.
Parameters
Parameter | Description |
---|---|
productType | array[string] Include only accounts whose product.type is in pipe-delimited set. For example, to list only savings, checking, and CD accounts, use ?productType=savings|checking|cd .unique items minItems: 1 pipe-delimited items: » enum values: savings , checking , cd , ira , loan , creditCard |
location | string Filter accounts to just a subset of internal or external accounts (per the location property on the accountItem schema).enum values: internal , external |
allows | array[string] Filter the result to accounts that have corresponding true values in account.allows . For example ?allows=transferTo,transferFrom,view returns only accounts where account.allows.transferTo , account.allows.transferFrom , and account.allows.view are all true for the caller.unique items minItems: 1 comma-delimited items: » enum values: billPay , transferFrom , transferTo , mobileCheckDeposit , view , viewCards , manageCards |
start | string The location of the next item in the collection. This is an opaque cursor supplied by the API service. Omit this to start at the beginning of the collection. The client does not define this value; the API services automatically pass the ?start= parameter on the nextPage_url .Default: "" maxLength: 256 |
limit | integer(int32) The maximum number of items to return in this page response. Default: 100 minimum: 0 maximum: 1000 |
Example responses
200 Response
{
"start": "1922a8531e8384cfa71b",
"limit": 100,
"nextPage_url": "https://production.api.apiture.com/banking/accounts?start=641f62296ecbf1882c84?limit=100?allows=view=true",
"items": [
{
"id": "bf23bc970b78d27691e8",
"title": "Max Pike",
"nickname": "Payroll Checking",
"label": "Payroll Checking *1008",
"product": {
"type": "checking",
"code": "DDA",
"label": "Business Checking",
"description": "Basic business checking accounts"
},
"maskedNumber": "*1008",
"location": "internal",
"allows": {
"transferFrom": false,
"transferTo": true,
"billPay": false,
"mobileCheckDeposit": true,
"view": true,
"viewCards": true,
"manageCards": false
}
},
{
"id": "b78d27691e8bf23bc970",
"title": "Max Pike",
"nickname": "College CD",
"label": "College CD *2017",
"product": {
"type": "cd",
"code": "CDA",
"label": "24 Month CD",
"description": "24 Month certificate of deposit"
},
"maskedNumber": "*2017",
"location": "internal",
"allows": {
"transferFrom": false,
"transferTo": false,
"billPay": false,
"mobileCheckDeposit": false,
"view": true,
"viewCards": true,
"manageCards": false
}
}
]
}
Responses
Status | Description |
---|---|
200 | OK |
OK. A page from the full list of the customer's accounts. This list contains only accounts that the customer is entitled to access. While the nextPage_url property is present in the response, the client can fetch the next page of accounts by performing a GET on that URL. | |
Schema: accounts |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body, request headers, and/or query parameters are not well-formed. | |
Schema: problemResponse |
Status | Description |
---|---|
401 | Unauthorized |
Unauthorized. The operation require authentication but none was given. This error response may have one of the following
| |
Schema: problemResponse | |
Header | WWW-Authenticate string |
Optionally indicates the authentication scheme(s) and parameters applicable to the target resource/operation. This normally occurs if the request requires authentication but no authentication was passed. A 401 Unauthorized response may also be used for operations that have valid credentials but which require step-up authentication. |
Status | Description |
---|---|
403 | Forbidden |
Forbidden. The authenticated caller is not authorized to perform the requested operation. This error response may have one of the following
| |
Schema: problemResponse |
Status | Description |
---|---|
422 | Unprocessable Entity |
Unprocessable Entity. The request body and/or query parameters were well-formed but otherwise invalid. | |
Schema: problemResponse |
getAccount
Code samples
# You can also use wget
curl -X GET https://api.apiture.com/banking/accounts/{accountId} \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {access-token}'
GET https://api.apiture.com/banking/accounts/{accountId} HTTP/1.1
Host: api.apiture.com
Accept: application/json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.apiture.com/banking/accounts/{accountId}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.apiture.com/banking/accounts/{accountId}',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.apiture.com/banking/accounts/{accountId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.apiture.com/banking/accounts/{accountId}', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.apiture.com/banking/accounts/{accountId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.apiture.com/banking/accounts/{accountId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Get an Account
GET https://api.apiture.com/banking/accounts/{accountId}
Return details of the customer's internal account.
Parameters
Parameter | Description |
---|---|
accountId | resourceId (required) The unique identifier of this account resource. This is an opaque string. minLength: 6 maxLength: 48 pattern: ^[-_:.~$a-zA-Z0-9]+$ |
Example responses
200 Response
{
"id": "bf23bc970b78d27691e8",
"location": "internal",
"title": "Max Pike",
"nickname": "Payroll Checking",
"label": "Payroll Checking *1008",
"product": {
"type": "checking",
"code": "DDA",
"label": "Business Checking",
"description": "Business checking account"
},
"maskedNumber": "*1008",
"allows": {
"transferFrom": false,
"transferTo": true,
"billPay": false,
"mobileCheckDeposit": true,
"view": true,
"viewCards": true,
"manageCards": false
},
"electronicStatements": true
}
Responses
Status | Description |
---|---|
200 | OK |
OK. The response is a representation of the customer's account. | |
Schema: account |
Status | Description |
---|---|
401 | Unauthorized |
Unauthorized. The operation require authentication but none was given. This error response may have one of the following
| |
Schema: problemResponse | |
Header | WWW-Authenticate string |
Optionally indicates the authentication scheme(s) and parameters applicable to the target resource/operation. This normally occurs if the request requires authentication but no authentication was passed. A 401 Unauthorized response may also be used for operations that have valid credentials but which require step-up authentication. |
Status | Description |
---|---|
403 | Forbidden |
Forbidden. The authenticated caller is not authorized to perform the requested operation. This error response may have one of the following
| |
Schema: problemResponse |
Status | Description |
---|---|
404 | Not Found |
Not Found. There is no such banking account resource at the specified {accountId} . The response body contains details about the request error. | |
Schema: problemResponse |
listAccountBalances
Code samples
# You can also use wget
curl -X GET https://api.apiture.com/banking/accountBalances \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {access-token}'
GET https://api.apiture.com/banking/accountBalances HTTP/1.1
Host: api.apiture.com
Accept: application/json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.apiture.com/banking/accountBalances',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.apiture.com/banking/accountBalances',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.apiture.com/banking/accountBalances',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.apiture.com/banking/accountBalances', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.apiture.com/banking/accountBalances");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.apiture.com/banking/accountBalances", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
List Account Balances
GET https://api.apiture.com/banking/accountBalances
Return a list of the requested internal accounts' balances. The accounts
query parameter is a list of account IDs which typically comes from the getAccounts
operation response. The returned list does not include external accounts. The caller must have entitlements to view each account's details, as indicated by a true
value for account.allows.view
. Requests to list balances for accounts the user is not allowed to read results in a 403 Forbidden response.
The response may be incomplete. Given a Retry-After
response header, the client can retry the operation after a short delay, requesting only the accounts which are incomplete; see the 202 Accepted response for details.
Parameters
Parameter | Description |
---|---|
accounts | accountIds The unique account identifiers of one or more internal accounts. (Internal accounts are those with location value of internal .) Note: The account IDs are unrelated to the account number.unique items minItems: 1 maxItems: 100 comma-delimited items: » minLength: 6 » maxLength: 48 » pattern: ^[-_:.~$a-zA-Z0-9]+$ |
retryCount | integer When retrying the operation, pass the retryCount from the incompleteAccountBalances response.minimum: 1 maximum: 10 |
Example responses
200 Response
{
"items": [
{
"id": "05d00d7d-d630",
"available": "3208.20",
"current": "3448.72",
"currentWithPending": "3448.72",
"updatedAt": "2022-05-02T06:51:19.375Z",
"incomplete": false
},
{
"id": "cb5d67ea-a5c3",
"available": "1750.80",
"current": "1956.19",
"currentWithPending": "1956.19",
"updatedAt": "2022-05-02T06:51:19.375Z",
"incomplete": false
}
]
}
422 Response
{
"id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
"type": "https://production.api.apiture.com/errors/invalidAccountId/v1.0.0",
"title": "Unprocessable Entity",
"status": 422,
"occurredAt": "2022-04-25T12:42:21.375Z",
"detail": "No such account exists for the given account ID.",
"instance": "https://production.api.apiture.com/banking/accountBalances?accounts=bb709151-575041fcd617"
}
{
"id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
"type": "https://production.api.apiture.com/errors/invalidAccountId/v1.0.0",
"title": "Unprocessable Entity",
"status": 422,
"occurredAt": "2022-04-25T12:42:21.375Z",
"detail": "No such account exists for the given account ID.",
"instance": "https://production.api.apiture.com/banking/accountBalances?accounts=bb709151-575041fcd617"
}
Responses
Status | Description |
---|---|
200 | OK |
OK. The response contains the balances for all the accounts in the ?accounts= query parameter. | |
Schema: accountBalances | |
202 | Accepted |
Accepted. The service accepted the request but could not provide balances for all the requested accounts and returned an incomplete response. Try the call again after the time in the Retry-After response header has passed, and request only those accounts which are incomplete . If there is no Retry-After response header, the client has reached its maximum number of tries and should not retry the operation. | |
Schema: incompleteAccountBalances | |
Header | Retry-After string |
Indicates an absolute time, in HTTP Examples:
|
Status | Description |
---|---|
401 | Unauthorized |
Unauthorized. The operation require authentication but none was given. This error response may have one of the following
| |
Schema: problemResponse | |
Header | WWW-Authenticate string |
Optionally indicates the authentication scheme(s) and parameters applicable to the target resource/operation. This normally occurs if the request requires authentication but no authentication was passed. A 401 Unauthorized response may also be used for operations that have valid credentials but which require step-up authentication. |
Status | Description |
---|---|
403 | Forbidden |
Forbidden. The authenticated caller is not authorized to perform the requested operation. This error response may have one of the following
| |
Schema: problemResponse |
Status | Description |
---|---|
422 | Unprocessable Entity |
Unprocessable Entity. The request body and/or query parameters were well-formed but otherwise invalid. This error response may have one of the following
| |
Schema: problemResponse |
Status | Description |
---|---|
429 | Too Many Requests |
Too Many Requests. The client has sent too many requests in a given amount of time. | |
Schema: problemResponse |
Status | Description |
---|---|
503 | Service Unavailable |
Service Unavailable. Could not fetch the account balance from the banking core or from the external account. | |
Schema: problemResponse |
listEligibleAchAccounts
Code samples
# You can also use wget
curl -X GET https://api.apiture.com/banking/achEligibleAccounts?allows=billPay&secCode=arc \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {access-token}'
GET https://api.apiture.com/banking/achEligibleAccounts?allows=billPay&secCode=arc HTTP/1.1
Host: api.apiture.com
Accept: application/json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.apiture.com/banking/achEligibleAccounts?allows=billPay&secCode=arc',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.apiture.com/banking/achEligibleAccounts',
method: 'get',
data: '?allows=billPay&secCode=arc',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.apiture.com/banking/achEligibleAccounts',
params: {
'allows' => 'array[string]',
'secCode' => '[achSecCode](#schemaachseccode)'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.apiture.com/banking/achEligibleAccounts', params={
'allows': [
"billPay"
], 'secCode': 'arc'
}, headers = headers)
print r.json()
URL obj = new URL("https://api.apiture.com/banking/achEligibleAccounts?allows=billPay&secCode=arc");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.apiture.com/banking/achEligibleAccounts", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
List Eligible ACH Accounts
GET https://api.apiture.com/banking/achEligibleAccounts
Return a paginated list of a customer's accounts that are eligible for ACH transfers based on allowed privileges.
Optionally, an agent can access a business customer's ACH accounts when acting on behalf of that business customer via the optional customerId
query parameter.
Parameters
Parameter | Description |
---|---|
allows | array[string] (required) Filter the result to accounts that have corresponding true values in account.allows . For example ?allows=transferTo,transferFrom,view returns only accounts where account.allows.transferTo , account.allows.transferFrom , and account.allows.view are all true for the caller.unique items minItems: 1 comma-delimited items: » enum values: billPay , transferFrom , transferTo , mobileCheckDeposit , view , viewCards , manageCards |
secCode | achSecCode (required) Filter the result to accounts that that allow ACH transfers of the given Standard Entry Class (SEC) codes. enum values: arc , boc , ccd , cie , ctx , pop , ppd , rck , tel , web |
customerId | resourceId The optional identifier of a business customer. This is an opaque string. An agent who is operating on behalf of a business can use this to access the resources of that business customer. The agent must have entitlements to act on behalf of the business; if not, the operation returns a 403 Forbidden response. For other situations, omit this value, else this must match the authenticated caller's customer ID (not their access ID). minLength: 6 maxLength: 48 pattern: ^[-_:.~$a-zA-Z0-9]+$ |
start | string The location of the next item in the collection. This is an opaque cursor supplied by the API service. Omit this to start at the beginning of the collection. The client does not define this value; the API services automatically pass the ?start= parameter on the nextPage_url .Default: "" maxLength: 256 |
limit | integer(int32) The maximum number of items to return in this page response. Default: 100 minimum: 0 maximum: 1000 |
Example responses
200 Response
{
"start": "1922a8531e8384cfa71b",
"limit": 100,
"nextPage_url": "https://production.api.apiture.com/banking/accounts?start=641f62296ecbf1882c84?limit=100?allows=view=true",
"items": [
{
"id": "bf23bc970b78d27691e8",
"title": "Max Pike",
"nickname": "Payroll Checking",
"label": "Payroll Checking *1008",
"product": {
"type": "checking",
"code": "DDA",
"label": "Business Checking",
"description": "Basic business checking accounts"
},
"maskedNumber": "*1008",
"location": "internal",
"allows": {
"transferFrom": false,
"transferTo": true,
"billPay": false,
"mobileCheckDeposit": true,
"view": true,
"viewCards": true,
"manageCards": false
}
},
{
"id": "b78d27691e8bf23bc970",
"title": "Max Pike",
"nickname": "College CD",
"label": "College CD *2017",
"product": {
"type": "cd",
"code": "CDA",
"label": "24 Month CD",
"description": "24 Month certificate of deposit"
},
"maskedNumber": "*2017",
"location": "internal",
"allows": {
"transferFrom": false,
"transferTo": false,
"billPay": false,
"mobileCheckDeposit": false,
"view": true,
"viewCards": true,
"manageCards": false
}
}
]
}
Responses
Status | Description |
---|---|
200 | OK |
OK. A page from the full list of the customer's ACH-eligible accounts. This list contains only accounts that the customer is entitled to access. While the nextPage_url property is present in the response, the client can fetch the next page of accounts by performing a GET on that URL. | |
Schema: accounts |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body, request headers, and/or query parameters are not well-formed. | |
Schema: problemResponse |
Status | Description |
---|---|
401 | Unauthorized |
Unauthorized. The operation require authentication but none was given. This error response may have one of the following
| |
Schema: problemResponse | |
Header | WWW-Authenticate string |
Optionally indicates the authentication scheme(s) and parameters applicable to the target resource/operation. This normally occurs if the request requires authentication but no authentication was passed. A 401 Unauthorized response may also be used for operations that have valid credentials but which require step-up authentication. |
Status | Description |
---|---|
403 | Forbidden |
Forbidden. The authenticated caller is not authorized to perform the requested operation. This error response may have one of the following
| |
Schema: problemResponse |
Status | Description |
---|---|
422 | Unprocessable Entity |
Unprocessable Entity. The request body and/or query parameters were well-formed but otherwise invalid. | |
Schema: problemResponse |
Schemas
account
{
"id": "bf23bc970b78d27691e8",
"location": "internal",
"title": "Max Pike",
"nickname": "Payroll Checking",
"label": "Payroll Checking *1008",
"product": {
"type": "checking",
"code": "DDA",
"label": "Business Checking",
"description": "Business checking account"
},
"maskedNumber": "*1008",
"allows": {
"transferFrom": false,
"transferTo": true,
"billPay": false,
"mobileCheckDeposit": true,
"view": true,
"viewCards": true,
"manageCards": false
},
"electronicStatements": true
}
Account (v1.1.1)
An internal customer account.
Properties
Name | Description |
---|---|
id | string: readOnlyResourceId (required) The unique identifier for this account resource. This is an immutable opaque string. read-only minLength: 6 maxLength: 48 pattern: ^[-_:.~$a-zA-Z0-9]+$ |
title | string (required) The financial institution assigned title for the account, derived from the account owner's name. read-only maxLength: 80 |
label | string (required) The human-readable label for this account. This is either the nickname (if assigned for the current customer), or the product.label concatenated with the maskedNumber .read-only maxLength: 80 |
nickname | string: accountNickname The nickname (friendly name) the customer has given this account. Each customer can define their own nickname for the same account. If omitted, the customer has not set a nickname. maxLength: 50 |
maskedNumber | string: maskedAccountNumber (required) A masked account number: an asterisk * followed by one to four characters of the fullAccountNumber .minLength: 2 maxLength: 5 pattern: ^\*[- _a-zA-Z0-9.]{1,4}$ |
allows | object: accountPermissions (required) Flags which indicate the permissions the current authorized user has on this account resource. Most of these properties may only be true for internal accounts. |
product | object: productReference (required) A reference to a banking product. |
location | string: accountLocation (required) Indicates where an account is held. enum values: internal , external , outside |
electronicStatements | boolean (required) If true , the customer has opted in to receive account statements electronically. |
accountAllowsFilter
"billPay"
Account Allows Filter (v1.0.0)
Values for the ?allows=
filter in listAccounts
.
accountAllowsFilter
strings may have one of the following enumerated values:
Value | Description |
---|---|
billPay | Bill Pay: Include each account where the caller is allowed to use the bill pay feature. |
transferFrom | Transfer From: Include each account where the caller is allowed to transfer money from the account. |
transferTo | Transfer To: Include each account where the caller is allowed to transfer money into the account. |
mobileCheckDeposit | Mobile Check Deposit: Include each account where the caller is allowed to deposit mobile checks. |
view | View: Include each account where the caller is allowed to view full account details (balances, full account number, transactions, etc). |
viewCards | View Cards: Include each account where the caller is allowed to view debit card details. |
manageCards | Manage Cards: Include each account where the caller is allowed to manage debit card details. |
Type: string
enum values: billPay
, transferFrom
, transferTo
, mobileCheckDeposit
, view
, viewCards
, manageCards
accountBalance
{
"id": "05d00d7d-d630",
"available": "3208.20",
"current": "3448.72",
"currentWithPending": "3448.72",
"updatedAt": "2022-05-02T06:51:19.375Z",
"incomplete": false
}
Account Balance (v1.0.0)
The current balances of the given account.
Properties
Name | Description |
---|---|
id | string: readOnlyResourceId (required) The account ID. read-only minLength: 6 maxLength: 48 pattern: ^[-_:.~$a-zA-Z0-9]+$ |
available | string: creditOrDebitValue The available balance: the funds available for use. This is the string representation of the exact decimal amount. read-only pattern: ^(-|\+)?(0|[1-9][0-9]*)\.[0-9][0-9]$ |
current | string: creditOrDebitValue The current balance. This is the balance at the end of the previous business day. This is the string representation of the exact decimal amount. read-only pattern: ^(-|\+)?(0|[1-9][0-9]*)\.[0-9][0-9]$ |
updatedAt | string(date-time): readOnlyTimestamp The time when the balance values were last updated from the banking core. read-only minLength: 20 maxLength: 30 |
currentWithPending | string: creditOrDebitValue The current balance, with posted transactions. This is the string representation of the exact decimal amount. read-only pattern: ^(-|\+)?(0|[1-9][0-9]*)\.[0-9][0-9]$ |
incomplete | boolean (required) If true , the response is incomplete and the client may re-try the operation after the Retry-After time in order to fetch balances for any incomplete accounts in the items . The retry operation should only pass in accounts that are incomplete . |
accountBalances
{
"items": [
{
"id": "05d00d7d-d630",
"available": "3208.20",
"current": "3448.72",
"currentWithPending": "3448.72",
"updatedAt": "2022-05-02T06:51:19.375Z",
"incomplete": false
},
{
"id": "cb5d67ea-a5c3",
"available": "1750.80",
"current": "1956.19",
"currentWithPending": "1956.19",
"updatedAt": "2022-05-02T06:51:19.375Z",
"incomplete": false
}
]
}
Account Balances (v1.0.0)
An array of account balances by account ID.
Properties
Name | Description |
---|---|
items | array: [accountBalance] (required) An array of items, one for each of the ?accounts= in the request, returned in the same order.maxItems: 256 |
accountIds
[
"string"
]
Account IDs (v1.0.0)
An array of account IDs.
accountIds
is an array schema.
Array Elements
Name | Description |
---|---|
Account IDs (v1.0.0) | array: [resourceId] An array of account IDs. unique items minItems: 1 maxItems: 100 |
accountItem
{
"id": "bf23bc970b78d27691e8",
"location": "internal",
"title": "Max Pike",
"nickname": "Payroll Checking",
"label": "Payroll Checking *1008",
"product": {
"type": "checking",
"code": "DDA",
"label": "Business Checking",
"description": "Basic business checking account"
},
"maskedNumber": "*1008",
"allows": {
"transferFrom": false,
"transferTo": true,
"billPay": false,
"mobileCheckDeposit": true,
"view": true,
"viewCards": true,
"manageCards": true
}
}
Account Item (v1.1.1)
An account item in a list items in the accounts
schema.
Properties
Name | Description |
---|---|
id | string: readOnlyResourceId (required) The unique identifier for this account resource. This is an immutable opaque string. read-only minLength: 6 maxLength: 48 pattern: ^[-_:.~$a-zA-Z0-9]+$ |
title | string (required) The financial institution assigned title for the account, derived from the account owner's name. read-only maxLength: 80 |
label | string (required) The human-readable label for this account. This is either the nickname (if assigned for the current customer), or the product.label concatenated with the maskedNumber .read-only maxLength: 80 |
nickname | string: accountNickname The nickname (friendly name) the customer has given this account. Each customer can define their own nickname for the same account. If omitted, the customer has not set a nickname. maxLength: 50 |
maskedNumber | string: maskedAccountNumber (required) A masked account number: an asterisk * followed by one to four characters of the fullAccountNumber .minLength: 2 maxLength: 5 pattern: ^\*[- _a-zA-Z0-9.]{1,4}$ |
allows | object: accountPermissions (required) Flags which indicate the permissions the current authorized user has on this account resource. Most of these properties may only be true for internal accounts. |
product | object: productReference (required) A reference to a banking product. |
location | string: accountLocation (required) Indicates where an account is held. enum values: internal , external , outside |
accountLocation
"internal"
Account Location (v1.0.0)
Indicates where an account is held:
internal
accounts at the current financial institution;external
accounts at another financial institution;outside
accounts non-banking accounts such as brokerage and fund accounts. Account transfers are only allowed betweeninternal
andexternal
accounts. All accounts are considered when calculating total cash balance.
Type: string
enum values: internal
, external
, outside
accountNickname
"Payroll Checking"
Account Nickname (v1.1.0)
The nickname (friendly name) the customer has given this account. Each customer can define their own nickname for the same account. If omitted, the customer has not set a nickname.
Type: string
maxLength: 50
accountPermissions
{
"billPay": false,
"mobileCheckDeposit": true,
"transferFrom": true,
"transferTo": true,
"view": true,
"viewCards": true,
"manageCards": false
}
Account Permissions (v0.3.0)
Flags which indicate the permissions the current authorized user has on this account resource. Most of these properties may only be true
for internal accounts.
Properties
Name | Description |
---|---|
billPay | boolean (required) If true , the customer may use this account for Bill Pay. |
mobileCheckDeposit | boolean (required) If true , the customer may use this account for mobile check deposits. |
transferFrom | boolean (required) If true , the customer may use this account as the target (deposit) account for account-to-account transfers. |
transferTo | boolean (required) If true , the customer may use this account as the source (debit) account for account-to-account transfers. |
view | boolean (required) If true , the customer may view the details of this account, including the account balance and transactions. |
viewCards | boolean (required) If true , the customer may view debit cards associated with this account. |
manageCards | boolean (required) If true, the customer may manage debit cards associated with this account. This includes locking and unlocking cards, changing card controls, ordering cards, or canceling cards. |
accountRoutingNumber
"stringstr"
Account Routing Number (v1.0.0)
A reusable type for an account routing number.
Type: string
minLength: 9
maxLength: 9
pattern: ^[0-9]{9}$
accounts
{
"start": "1922a8531e8384cfa71b",
"limit": 100,
"nextPage_url": "https://production.api.apiture.com/banking/accounts?start=641f62296ecbf1882c84?limit=100?allows=view=true",
"items": [
{
"id": "bf23bc970b78d27691e8",
"title": "Max Pike",
"nickname": "Payroll Checking",
"label": "Payroll Checking *1008",
"product": {
"type": "checking",
"code": "DDA",
"label": "Business Checking",
"description": "Basic business checking accounts"
},
"maskedNumber": "*1008",
"location": "internal",
"allows": {
"transferFrom": false,
"transferTo": true,
"billPay": false,
"mobileCheckDeposit": true,
"view": true,
"viewCards": true,
"manageCards": false
}
},
{
"id": "b78d27691e8bf23bc970",
"title": "Max Pike",
"nickname": "College CD",
"label": "College CD *2017",
"product": {
"type": "cd",
"code": "CDA",
"label": "24 Month CD",
"description": "24 Month certificate of deposit"
},
"maskedNumber": "*2017",
"location": "internal",
"allows": {
"transferFrom": false,
"transferTo": false,
"billPay": false,
"mobileCheckDeposit": false,
"view": true,
"viewCards": true,
"manageCards": false
}
}
]
}
Accounts (v1.1.2)
A paginated list of the customer's accounts. This list contains internal banking accounts and external banking accounts. and outside fund accounts. The location
property indicates where the account is held. Items in the list contain url
links to the actual account resource which are in the accounts
, externalAccounts
or outsideAccounts
collections.
Properties
Name | Description |
---|---|
limit | integer(int32) (required) The number of items requested for this page response. The length of the items array may be less that limit .Default: 100 minimum: 0 |
nextPage_url | string(uri) The URL of the next page of accounts. If this URL is omitted, there are no more accounts. read-only maxLength: 256 |
start | string The opaque cursor that specifies the starting location of this page of items. maxLength: 256 |
items | array: [accountItem] (required) The array of items in this page of accounts. This array may be empty. read-only |
primaryAccountId | string: readOnlyResourceId The id of the customer's primary account. This property only exists for retail customers, and only if the customer has designated a primary account.read-only minLength: 6 maxLength: 48 pattern: ^[-_:.~$a-zA-Z0-9]+$ |
achSecCode
"arc"
ACH SEC Code (v1.0.0)
The ACH transfer type
achSecCode
strings may have one of the following enumerated values:
Value | Description |
---|---|
arc | Accounts Receivable |
boc | Back Office Conversion |
ccd | Credit or Debit |
cie | Customer-Initiated |
ctx | Corporate Trade Exchange |
pop | Point of Purchase |
ppd | Prearranged Payment and Deposit |
rck | Re-Presented Check |
tel | Telephone-initiated |
web | Internet-initiated/Mobile |
Type: string
enum values: arc
, boc
, ccd
, cie
, ctx
, pop
, ppd
, rck
, tel
, web
apiProblem
{
"id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
"type": "https://production.api.apiture.com/errors/accountNotFound/v1.0.0",
"title": "Account Not Found",
"status": 422,
"occurredAt": "2022-04-25T12:42:21.375Z",
"detail": "No account exists at the given account_url",
"instance": "https://production.api.apiture.com/banking/transfers/bb709151-575041fcd617"
}
API Problem (v1.1.0)
API problem or error, as per RFC 7807 application/problem+json.
Properties
Name | Description |
---|---|
type | string(uri-reference) A URI reference (RFC3986) that identifies the problem type. If present, this is the URL of human-readable HTML documentation for the problem type. When this member is not present, its value is assumed to be "about:blank" . |
title | string A short, human-readable summary of the problem type. The title is usually the same for all problem with the same type . |
status | integer(int32) The HTTP status code for this occurrence of the problem. minimum: 100 maximum: 599 |
detail | string A human-readable explanation specific to this occurrence of the problem. |
instance | string(uri-reference) A URI reference that identifies the specific occurrence of the problem. This is the URI of an API resource that the problem is related to, with a unique error correlation ID URI fragment |
id | string: readOnlyResourceId The unique identifier for this problem. This is an immutable opaque string. read-only minLength: 6 maxLength: 48 pattern: ^[-_:.~$a-zA-Z0-9]+$ |
occurredAt | string(date-time): readOnlyTimestamp The timestamp when the problem occurred, in RFC 3339 date-time YYYY-MM-DDThh:mm:ss.sssZ format, UTC.read-only minLength: 20 maxLength: 30 |
problems | array: [apiProblem] Optional root-causes if there are multiple problems in the request or API call processing. |
attributes | object Additional optional attributes related to the problem. This data conforms to the schema associated with the error type. |
creditOrDebitValue
"3456.78"
Credit Or Debit Value (v1.0.0)
The monetary value representing a credit (positive amounts with no prefix or a +
prefix) or debit (negative amounts with a -
prefix). The numeric value is represented as a string so that it can be exact with no loss of precision.
The schema creditOrDebitValue
was added on version 0.4.0
of the API.
Type: string
pattern: ^(-|+)?(0|[1-9][0-9]*).[0-9][0-9]$
fullAccountNumber
"123456789"
Full Account Number (v1.0.0)
A full account number. This is the number that the customer uses to reference the account within the financial institution.
Type: string
minLength: 1
maxLength: 32
pattern: ^[- a-zA-Z0-9.]{1,32}$
incompleteAccountBalances
{
"items": [
{
"id": "05d00d7d-d630",
"available": "3208.20",
"current": "3448.72",
"currentWithPending": "3448.72",
"updatedAt": "2022-05-02T06:51:19.375Z",
"incomplete": false
},
{
"id": "cb5d67ea-a5c3",
"available": "1750.80",
"current": "1956.19",
"currentWithPending": "1956.19",
"updatedAt": "2022-05-02T06:51:19.375Z",
"incomplete": false
},
{
"id": "b5a4f178-2baf",
"incomplete": true
},
{
"id": "959908db-fd40",
"incomplete": true
},
{
"id": "97e6166a-2a4c",
"incomplete": true
}
],
"incompleteAccounts": [
"b5a4f178-2baf",
"959908db-fd40",
"97e6166a-2a4c"
],
"retryCount": 1
}
Incomplete Account Balance (v1.0.0)
An array of account balances by account ID, some of which are incomplete. Use the values in incompleteAccounts
and retryCount
to retry.
Properties
Name | Description |
---|---|
items | array: [accountBalance] (required) An array of items, one for each of the ?accounts= in the request, returned in the same order.maxItems: 256 |
incompleteAccounts | array: accountIds (required) Pass these values as the ?accounts= query parameter on the next retry of the getAccountBalances operation. This value is empty if the client has reached the retry limit.unique items minItems: 1 maxItems: 100 |
retryCount | integer (required) Pass this value as the as the ?retryCount= parameter with the next retry of the getAccountBalances operation.minimum: 1 maximum: 10 |
maskedAccountNumber
"*1008"
Masked Account Number (v1.0.1)
A masked account number: an asterisk *
followed by one to four characters of the fullAccountNumber
.
Type: string
minLength: 2
maxLength: 5
pattern: ^*[- _a-zA-Z0-9.]{1,4}$
problemResponse
{
"id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
"type": "https://production.api.apiture.com/errors/noSuchAccount/v1.0.0",
"title": "Account Not Found",
"status": 422,
"occurredAt": "2022-04-25T12:42:21.375Z",
"detail": "No account exists for the given account reference",
"instance": "https://production.api.apiture.com/banking/transfers/bb709151-575041fcd617"
}
Problem Response (v0.3.0)
API problem or error response, as per RFC 7807 application/problem+json.
Properties
Name | Description |
---|---|
type | string(uri-reference) A URI reference (RFC3986) that identifies the problem type. If present, this is the URL of human-readable HTML documentation for the problem type. When this member is not present, its value is assumed to be "about:blank" . |
title | string A short, human-readable summary of the problem type. The title is usually the same for all problem with the same type . |
status | integer(int32) The HTTP status code for this occurrence of the problem. minimum: 100 maximum: 599 |
detail | string A human-readable explanation specific to this occurrence of the problem. |
instance | string(uri-reference) A URI reference that identifies the specific occurrence of the problem. This is the URI of an API resource that the problem is related to, with a unique error correlation ID URI fragment |
id | string: readOnlyResourceId The unique identifier for this problem. This is an immutable opaque string. read-only minLength: 6 maxLength: 48 pattern: ^[-_:.~$a-zA-Z0-9]+$ |
occurredAt | string(date-time): readOnlyTimestamp The timestamp when the problem occurred, in RFC 3339 date-time YYYY-MM-DDThh:mm:ss.sssZ format, UTC.read-only minLength: 20 maxLength: 30 |
problems | array: [apiProblem] Optional root-causes if there are multiple problems in the request or API call processing. |
attributes | object Additional optional attributes related to the problem. This data conforms to the schema associated with the error type. |
productReference
{
"type": "cd",
"code": "180D_CDA",
"label": "180 Day CD",
"description": "Certificate of Deposit with a 180 day term"
}
Product Reference (v1.0.0)
A reference to a banking product.
Properties
Name | Description |
---|---|
type | string: productType (required) The type of account. enum values: savings , checking , cd , ira , loan , creditCard |
code | string (required) The product's product code. Codes are unique to the financial institution. maxLength: 16 |
label | string (required) A human-readable label for this banking product. maxLength: 48 |
description | string(markdown) (required) A human-readable description of this banking product. maxLength: 400 |
productType
"savings"
Product Type (v2.0.0)
The type (or category) of bank account.
productType
strings may have one of the following enumerated values:
Value | Description |
---|---|
savings | Savings: Savings Account |
checking | Checking: Checking Account |
cd | CD: Certificate of Deposit Account |
ira | IRA: Individual Retirement Account |
loan | Loan: Loan Account |
creditCard | Credit Card: Credit Card Account |
Type: string
enum values: savings
, checking
, cd
, ira
, loan
, creditCard
readOnlyResourceId
"string"
Read-only Resource Identifier (v1.0.0)
The unique, opaque system-assigned identifier for a resource. This case-sensitive ID is also used in URLs as path parameters or in other properties or parameters that reference a resource by ID rather than URL. Resource IDs are immutable.
Type: string
read-only
minLength: 6
maxLength: 48
pattern: ^[-_:.~$a-zA-Z0-9]+$
readOnlyTimestamp
"2021-10-30T19:06:04.250Z"
Read-Only Timestamp (v1.0.0)
A readonly or derived timestamp (an instant in time) formatted in RFC 3339 date-time
UTC format: YYYY-MM-DDThh:mm:ss.sssZ
.
The schema readOnlyTimestamp
was added on version 0.4.0
of the API.
Type: string(date-time)
read-only
minLength: 20
maxLength: 30
resourceId
"string"
Resource Identifier (v1.0.0)
The unique, opaque system identifier for a resource. This case-sensitive ID is also used as path parameters in URLs or in other properties or parameters that reference a resource by ID rather than URL.
Type: string
minLength: 6
maxLength: 48
pattern: ^[-_:.~$a-zA-Z0-9]+$