Shell HTTP Node.JS JavaScript Ruby Python Java Go

Cards v0.28.2

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

Monitor and manage debit cards associated with a bank account.

This API defines models and operations for the following resources:

This API provides the following features to customers (the card holder):

Only the card holder (the individual the card is issued to) may access the card control, account linking, and card replacement operations.

This API provides the following features to financial institution administrative users:

Additionally, administrative users may perform the following operations on behalf of the customer:

Multi-factor authentication challenges

To prevent account takeover attacks, some operations to request cards or to operate on cards require multi-factor authentication (MFA). An MFA challenge is a process to verify the user's identity through one or more additional authentication steps.

For example, when the client tries the createCardRequest without a valid redeemable Apiture-Challenge request header, the operation may fail with a 409 Conflict. The response body, defined by the challengeErrorResponse schema, contains a challenge resource which includes one or more authenticators. An authenticator may require the user to enter a verification code sent to the user's email account or mobile phone. (The client may let the user choose which authenticators to use, if there are more options than the required minimum.) Next, the client should start least one of the authenticators.

The user completes the authenticator(s), for example by entering the verification code. Once the user has completed all the authenticators successfully, the client passes the resource ID of the challenge resource in the Apiture-Challenge request header to continue the operation that required MFA. Thus, these operations may require two tries: the first (without the Apiture-Challenge header), which fails with a 409 status (the response contains the challenge object), then after completing the challenges' authenticators, a second try, passing in the Apiture-Challenge header.

Error Types

Error responses in this API may have one of the type values described below. See Errors for more information on error responses and error types.

cannotAddAccount

Description: Cannot add this secondary account to the card. The card may already have the maximum number of secondary accounts, or the financial institution may not allow additional accounts for this card.
Remediation: Unlink an unneeded account to make room.

cardRefNotFound

Description: The request card resource ID does not identify a card.
Remediation: Pass the ID of an existing card resource.

cardRequestRefNotFound

Description: The request card request resource ID does not identify a card.
Remediation: Pass the ID of an existing card request resource.

challengedAlreadyRedeemed

Description: The challenge resource specified in the Apiture-Challenge request header has been redeemed the maximum number of times.
Remediation: Obtain a new challenge resource.

challengedExpired

Description: The challenge resource specified in the Apiture-Challenge request header has expired.
Remediation: Obtain a new challenge resource.

challengedNotVerified

Description: The challenge resource specified in the Apiture-Challenge request header has not been verified.
Remediation: Complete the challenge verification before using a challenge resource.

duplicateAccount

Description: This account is already linked to this card.
Remediation: Select a different eligible account.

groupNotFound

Description: No Groups were found for the specified groupName.
Remediation: Check to make sure that the supplied groupName corresponds to an apiture group resource.

ineligibleAccount

Description: The specified account is not eligible to be linked to this card.
Remediation: Use an eligible account from the linkableAccounts operation.

Description: The request contains an invalid reference to an account.
Remediation: Pass the URI of a valid account that the current user holds.

invalidShippingAddress

Description: The shippingAddress is not a valid, eligible, active address, or the address data does not match the apiture:shippingAddress content.
Remediation: Pass an address with a valid apiture:shippingAddress link and data that matches.

invalidShippingAddressId

Description: The shippingAddressId is not a valid, active address.
Remediation: Pass the _id of a valid, active address.

Description: The request does not contain the apiture:account link in the _links object.
Remediation: Pass the href of an account resource with the apiture:account link relation in the _links object.

missingApitureChallengeHeader

Description: The Apiture-Challenge request header was not passed.
Remediation: Pass the _id of a valid, verified challenge resource in the Apiture-Challenge request header.

noSuchCard

Description: There is no card associated with the cardId in the request.
Remediation: Pass the _id of an existing active card, or omit cardId from the request.

noSuchSecondaryAccount

Description: The request secondary account ID does not identify an account.
Remediation: Pass the ID of an existing secondary account for this card.

productDoesNotSupportCards

Description: The banking product associated with the account does not support card requests.
Remediation: Select an account that supports cards.

recentCardOrders

Description: The financial institution has rejected the card order request due to too many recent card orders.
Remediation: Please wait until the financial institution's security hold period on card orders has passed.

recentProfileChanges

Description: The financial institution has rejected the card order request due to too many recent changes to the customer's key profile data.
Remediation: Please wait until the financial institution's security hold period on card orders has passed.

valueNotFound

Description: No Group values were found for the specified groupName and valueName.
Remediation: Check to make sure that the supplied groupName and valueName corresponds to an apiture group and value resource.

Download OpenAPI Definition (YAML)

Base URLs:

Terms of service

Email: Apiture Web: Apiture

Authentication

Scope Scope Description
card/read Read access to cards and card replacements.
card/write Write (update) access to cards and card replacements.
card/delete Delete access to cards and card replacements.
card/full Full access to cards and card replacements.
admin/write Administrative write (update) access to cards and card replacements.

Card Requests

Requests to Issue New or Replacement Cards

getCardRequests

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/cardRequests \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/cardRequests HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cardRequests',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cardRequests',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/cardRequests',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/cardRequests', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cardRequests");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/cardRequests", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return a collection of card requests

GET /cardRequests

Return a paginated sortable filterable searchable collection of requests for new or replacement card. The links in the response include pagination links.

For financial institution customers, this collection only returns card requests that the customer has created or which apply to their cards.

Parameters

ParameterDescription
start integer(int64)
The zero-based index of the first card request item to include in this page. The default 0 denotes the beginning of the collection.
Default: 0
limit integer(int32)
The maximum number of card request representations to return in this page.
Default: 100
sortBy string
Optional sort criteria. See sort criteria format, such as ?sortBy=field1,-field2.
This collection may be sorted by the following properties:
state
submittedAt
resolvedAt
updatedAt.
filter string
Optional filter criteria. See filtering.
This collection may be filtered by the following properties and functions:
• Property description using functions contains, search
• Property resolutionReason using functions contains, search
• Property state using functions eq, ne, in
• Property submittedOn using functions eq, ne, lt, le, gt, ge, in
• Property resolvedOn using functions eq, ne, lt, le, gt, ge, in
• Property modifiedOn using functions eq, ne, lt, le, gt, ge, in
• Property updatedAt using functions eq, ne, lt, le, gt, ge
• Property updatedBy using functions eq, ne, lt, le, gt, ge, startsWith, endsWith, contains, search.
q string
Optional search string. See searching.
state string
Filter responses to list only cards in the listed state or |-separated set of states. Examples: ?state=submitted , ?state=canceled|completed|rejected.
enum values: pending, submitted, canceled, rejected, completed
submittedOn string(date)
Filter the response to card requests submitted on this date or set of |-separated dates. Dates are in RFC 3339 YYYY-MM-DD format. Examples: ?submittedDate=2019-06-10 or ?submittedDate=2019-06-10|2019-06-08|2019-06-07.
modifiedOn string(date)
Filter the response to card requests last modified on this date or set of |-separated dates. Dates are in RFC 3339 YYYY-MM-DD format. Examples: ?modifiedOn=2019-06-10 or ?modifiedOn=2019-06-10|2019-06-08|2019-06-07.
resolvedOn string(date)
Filter the response to card requests resolved on this date or set of |-separated dates. Dates are in RFC 3339 YYYY-MM-DD format. Examples: ?resolvedOn=2019-06-10 or ?resolvedOn=2019-06-10|2019-06-08|2019-06-07.
updatedBy string
Filter the response to card requests created by the user named by this user ID.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardRequests/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cardRequests?start=10&limit=10"
    },
    "first": {
      "href": "/cards/cardRequests?start=0&limit=10"
    },
    "next": {
      "href": "/cards/cardRequests?start=20&limit=10"
    },
    "collection": {
      "href": "/cards/cardRequests"
    }
  },
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "cardRequests",
  "_embedded": {
    "items": [
      {
        "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
        "_profile": "https://production.api.apiture.com/schemas/cards/cardRequest/v1.4.1/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cardRequests/0399abed-fd3d-4830-a88b-30f38b8a365c"
          }
        }
      },
      {
        "_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
        "_profile": "https://production.api.apiture.com/schemas/cards/cardRequest/v1.4.1/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cardRequests/d62c0701-0d74-4836-83f9-ebf3709442ea"
          }
        }
      }
    ]
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: cardRequests
StatusDescription
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
422 Unprocessable Entity
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.
Schema: errorResponse

createCardRequest

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/cards/cardRequests \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'Apiture-Challenge: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST https://api.devbank.apiture.com/cards/cardRequests HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
Apiture-Challenge: string

const fetch = require('node-fetch');
const inputBody = '{
  "_profile": "https://production.api.apiture.com/schemas/cards/createCardRequest/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    },
    "apiture:account": {
      "href": "https://api.devbank.apiture.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:shippingAddress": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  },
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "shippingAddressId": "ha0"
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'Apiture-Challenge':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cardRequests',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'Apiture-Challenge':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cardRequests',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'Apiture-Challenge' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://api.devbank.apiture.com/cards/cardRequests',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'Apiture-Challenge': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://api.devbank.apiture.com/cards/cardRequests', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cardRequests");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "Apiture-Challenge": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/cards/cardRequests", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Request a new or replacement card

POST /cardRequests

Request a new or replacement card by creating a new card request resource, adding it to the cardRequests collection.

This operation may require the user to complete an additional multi-factor authentication (MFA) challenge if the financial institution has configured MFA on new or replacement card requests. If the request fails because MFA is required, the response code is 409 and the _error.type in the response is missingApitureChallengeHeader. The client should complete the MFA challenge and retry the operation with the Apiture-Challenge request header as described in Multi-factor authentication challenges above.

This operation supports pre-flight validation. If invoked with the ?preFlightValidate=true query parameter, this operation validates the request body and also checks if the financial institution allows ordering a new or replacement card for the given account. The required reason property and apiture:account link must be set in the request body. If the financial institution's business rules disallow the card request for this account, the operation returns a 409 Conflict response with an _error object and the error type indicates why the request is not allowed.

Body parameter

{
  "_profile": "https://production.api.apiture.com/schemas/cards/createCardRequest/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    },
    "apiture:account": {
      "href": "https://api.devbank.apiture.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:shippingAddress": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  },
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "shippingAddressId": "ha0"
}

Parameters

ParameterDescription
Apiture-Challenge string
The unique identifier of a Challenge resource which demonstrates the user has recently verified their identity. See the discussion of Multi-factor authentication challenges above. The value must be the _id string of a valid, redeemable Challenge resource which matches the challenge context.
preFlightValidate boolean
If true, the operation performs pre-flight validation of the request body but does not actually create the card order. The operation returns 409 Conflict errors if the account does not allow card ordering or if other business rules prohibit card ordering due to recent changes. Using ?preFlightValidate=true does not verify the Apiture-Challenge, if any, or count against it's redemptionCount, but does check if a challenge is required and will return the missingApitureChallengeHeader error type if it is required but not present.
body createCardRequest (required)
The data necessary to create a new card request resource.

Try It

Example responses

201 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardRequest/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:account": {
      "href": "https://api.devbank.apiture.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:shippingAddress": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  },
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "shippingAddressId": "ha1",
  "shippingAddress": {
    "_id": "ha0",
    "type": "home",
    "addressLine1": "555 N Front Street",
    "addressLine2": "Suite 5555",
    "city": "Wilmington",
    "regionCode": "NC",
    "postalCode": "28401-5405",
    "countryCode": "US",
    "state": "approved",
    "_links": {
      "self": {
        "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha0"
      }
    }
  }
}

Responses

StatusDescription
201 Created
Created.
Schema: cardRequest
StatusDescription
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
409 Conflict

Conflict. The request is not allowed or requires a valid Apiture-Challenge header The error response will contain a challenge object and one or more authenticators for the client to start and complete before retrying. See See Multi-factor authentication challenges above.

This error response may have one of the following type values:

Schema: challengeErrorResponse
StatusDescription
422 Unprocessable Entity

Unprocessable Entity.

This error response may have one of the following type values:

Schema: challengeErrorResponse

Response Headers

StatusDescription
201 Location string uri
The URI of the new resource. If the URI begins with / it is relative to the API root context. Else, it is a full URI starting with scheme://host
201 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

getCardRequest

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/cardRequests/{cardRequestId} \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/cardRequests/{cardRequestId} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cardRequests/{cardRequestId}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cardRequests/{cardRequestId}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/cardRequests/{cardRequestId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/cardRequests/{cardRequestId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cardRequests/{cardRequestId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/cardRequests/{cardRequestId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a representation of this card request

GET /cardRequests/{cardRequestId}

Return a HAL representation of this card request resource.

Parameters

ParameterDescription
cardRequestId string (required)
The unique identifier of this card request resource. This is an opaque string.
If-None-Match string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET will return 304 (Not Modified) and no response body, else the resource representation will be returned.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardRequest/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:account": {
      "href": "https://api.devbank.apiture.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:shippingAddress": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  },
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "shippingAddressId": "ha1",
  "shippingAddress": {
    "_id": "ha0",
    "type": "home",
    "addressLine1": "555 N Front Street",
    "addressLine2": "Suite 5555",
    "city": "Wilmington",
    "regionCode": "NC",
    "postalCode": "28401-5405",
    "countryCode": "US",
    "state": "approved",
    "_links": {
      "self": {
        "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha0"
      }
    }
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: cardRequest
StatusDescription
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
StatusDescription
404 Not Found
Not Found. There is no such card card request resource at the specified {cardRequestId}. The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update this card request resource.

createCardIssuerParameters

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/cards/issuerParameters?issuer=string \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST https://api.devbank.apiture.com/cards/issuerParameters?issuer=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/issuerParameters?issuer=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/issuerParameters',
  method: 'post',
  data: '?issuer=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://api.devbank.apiture.com/cards/issuerParameters',
  params: {
  'issuer' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://api.devbank.apiture.com/cards/issuerParameters', params={
  'issuer': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/issuerParameters?issuer=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/cards/issuerParameters", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Generate card issuer parameters

POST /issuerParameters

Generate parameters for integrating with the card issuer. The client may embed a secure application component. This operation fetches parameters to allow this integration, based on the current user and optionally a card. There is no request body for this operation.

Parameters

ParameterDescription
card string
The optional resource identifier of an existing card. This is the card's _id property, not the card/account number. Use this to request parameters for the card issuer integration to change the card's PIN.
issuer string (required)
The name of the card issuer, such as marqueta. This determines which issue parameters are returned to the client.

Try It

Example responses

201 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardIssuerParameters/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "issuer": "marqueta",
  "parameters": [
    {
      "name": "user_token",
      "value": "cd8775f7f49a/408a|9afa-982a78bd08bd::7466c8c38489/4541|b695/af7ac2ba4537"
    },
    {
      "name": "onetime_token",
      "value": "130d1a7d_fa0c/453a|86a9_93c411a9df3a::5f1d4ade5c34/40e4|8098/493475dd0c92"
    },
    {
      "name": "application_id",
      "value": "09CF5D57C6084956866126610758E149"
    },
    {
      "name": "card_token",
      "value": "77639FAF::7E77::4CDF::B096::4B5C5F971691--fc09b0af::a30b::4D34834F682826EE1C44"
    }
  ]
}

Responses

StatusDescription
201 Created
Created. The response contains the parameters to integrate with the card issuer components.
Schema: cardIssuerParameters
StatusDescription
400 Bad Request
Bad Request. The parameters are not well-formed.
Schema: errorResponse
StatusDescription
422 Unprocessable Entity

Unprocessable Entity. The parameters, while well-formed, are invalid.

This error response may have one of the following type values:

Schema: errorResponse

getCardShippingAddresses

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/cardShippingAddresses \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/cardShippingAddresses HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cardShippingAddresses',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cardShippingAddresses',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/cardShippingAddresses',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/cardShippingAddresses', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cardShippingAddresses");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/cardShippingAddresses", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

List card shipping addresses

GET /cardShippingAddresses

Returns a list of the addresses related to the user and either an account or an organization. The response includes a flag indicating which addresses are eligible for card shipment. The service determines which addresses are eligible based on the account, the user, the an optional business, and financial institution configuration.

Parameters

ParameterDescription
account string
The _id of the Apiture account resource for which the user is requesting a card. This is not the account number.
minLength: 16
maxLength: 48
organization string
The _id of the Apiture organization resource for the card request. Use this when requesting a card for a business account when the account resource does not yet exist, such as when opening a new business account.
minLength: 16
maxLength: 48

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardShippingAddresses/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "addresses": [
    {
      "_id": "ha1",
      "type": "home",
      "addressLine1": "555 N Front Street",
      "addressLine2": "Suite 5555",
      "city": "Wilmington",
      "regionCode": "NC",
      "postalCode": "28401-5405",
      "countryCode": "US",
      "state": "approved",
      "eligible": true,
      "preferredMailingAddress": true,
      "taxAddress": false,
      "_links": {
        "self": {
          "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
        }
      }
    },
    {
      "_id": "wa1",
      "type": "work",
      "addressLine1": "123 S 3rd Street",
      "addressLine2": "Apt 42",
      "city": "Wilmington",
      "regionCode": "NC",
      "postalCode": "28411-5405",
      "countryCode": "US",
      "preferredMailingAddress": false,
      "taxAddress": false,
      "state": "pending",
      "eligible": false,
      "_links": {
        "self": {
          "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/wa1"
        }
      }
    },
    {
      "_id": "po0",
      "type": "work",
      "addressLine1": "P.O. Box 5405",
      "city": "Wilmington",
      "regionCode": "NC",
      "postalCode": "28411-5405",
      "countryCode": "US",
      "state": "approved",
      "eligible": false,
      "preferredMailingAddress": false,
      "taxAddress": false,
      "_links": {
        "self": {
          "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/wa1"
        }
      }
    }
  ]
}

Responses

StatusDescription
200 OK
OK. The operation completed successfully.
Schema: cardShippingAddresses

Card Request Actions

Actions on Card Requests

completeCardRequest

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/cards/completedCardRequests?cardRequest=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST https://api.devbank.apiture.com/cards/completedCardRequests?cardRequest=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/completedCardRequests?cardRequest=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/completedCardRequests',
  method: 'post',
  data: '?cardRequest=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://api.devbank.apiture.com/cards/completedCardRequests',
  params: {
  'cardRequest' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://api.devbank.apiture.com/cards/completedCardRequests', params={
  'cardRequest': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/completedCardRequests?cardRequest=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/cards/completedCardRequests", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Complete a card request

POST /completedCardRequests

Mark a card request as completed when the card order has been sent for processing by the card issuer. This changes the state property of the card request to completed. This operation is available via the apiture:complete link on the card request resource, if and only if the card request is eligible for the complete operation. Only the FI admin may invoke this operation. The response is the updated representation of the card request. The If-Match request header value must match the current entity tag value of the card request.

Parameters

ParameterDescription
cardRequest string (required)
A string which uniquely identifies a card request which is to added to the canceled card requests resource set. This may be the unique cardRequestId or the URI of the card request.
If-Match string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardRequest/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:account": {
      "href": "https://api.devbank.apiture.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:shippingAddress": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  },
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "shippingAddressId": "ha1",
  "shippingAddress": {
    "_id": "ha0",
    "type": "home",
    "addressLine1": "555 N Front Street",
    "addressLine2": "Suite 5555",
    "city": "Wilmington",
    "regionCode": "NC",
    "postalCode": "28401-5405",
    "countryCode": "US",
    "state": "approved",
    "_links": {
      "self": {
        "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha0"
      }
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card request was updated and its state changed to completed.
Schema: cardRequest
StatusDescription
400 Bad Request

Bad Request. The cardRequest parameter was malformed or does not refer to an existing or accessible card request.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
409 Conflict
Conflict. The request to complete the card request is not allowed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

rejectCardRequest

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/cards/rejectedCardRequests?cardRequest=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST https://api.devbank.apiture.com/cards/rejectedCardRequests?cardRequest=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/rejectedCardRequests?cardRequest=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/rejectedCardRequests',
  method: 'post',
  data: '?cardRequest=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://api.devbank.apiture.com/cards/rejectedCardRequests',
  params: {
  'cardRequest' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://api.devbank.apiture.com/cards/rejectedCardRequests', params={
  'cardRequest': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/rejectedCardRequests?cardRequest=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/cards/rejectedCardRequests", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Reject a card request

POST /rejectedCardRequests

Mark a card request as rejected. This changes the state property of the card request to rejected. Only the FI admin may invoke this operation.

This operation is available via the apiture:reject link on the card request resource, if and only if the card request is eligible for the reject operation. The response is the updated representation of the card request. The If-Match request header value, if passed, must match the current entity tag value of the card request.

Parameters

ParameterDescription
cardRequest string (required)
A string which uniquely identifies a card request which is to added to the canceled card requests resource set. This may be the unique cardRequestId or the URI of the card request.
If-Match string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardRequest/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:account": {
      "href": "https://api.devbank.apiture.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:shippingAddress": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  },
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "shippingAddressId": "ha1",
  "shippingAddress": {
    "_id": "ha0",
    "type": "home",
    "addressLine1": "555 N Front Street",
    "addressLine2": "Suite 5555",
    "city": "Wilmington",
    "regionCode": "NC",
    "postalCode": "28401-5405",
    "countryCode": "US",
    "state": "approved",
    "_links": {
      "self": {
        "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha0"
      }
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card request was updated and its state changed to rejected.
Schema: cardRequest
StatusDescription
400 Bad Request

Bad Request. The cardRequest parameter was malformed or does not refer to an existing or accessible card request.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
409 Conflict
Conflict. The request to reject the card request is not allowed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

cancelCardRequest

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/canceledCardRequests',
  method: 'post',
  data: '?cardRequest=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://api.devbank.apiture.com/cards/canceledCardRequests',
  params: {
  'cardRequest' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://api.devbank.apiture.com/cards/canceledCardRequests', params={
  'cardRequest': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/cards/canceledCardRequests", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Cancel a card request

POST /canceledCardRequests

Cancel a card replacement request. This changes the state property of the card request to canceled. This operation is available via the apiture:cancel link on the card request resource, if and only if the card request is eligible for the cancel operation. The response is the updated representation of the card request. The If-Match request header value, if passed, must match the current entity tag value of the card request.

Parameters

ParameterDescription
cardRequest string (required)
A string which uniquely identifies a card request which is to added to the canceled card requests resource set. This may be the unique cardRequestId or the URI of the card request.
If-Match string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardRequest/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:account": {
      "href": "https://api.devbank.apiture.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:shippingAddress": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  },
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "shippingAddressId": "ha1",
  "shippingAddress": {
    "_id": "ha0",
    "type": "home",
    "addressLine1": "555 N Front Street",
    "addressLine2": "Suite 5555",
    "city": "Wilmington",
    "regionCode": "NC",
    "postalCode": "28401-5405",
    "countryCode": "US",
    "state": "approved",
    "_links": {
      "self": {
        "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha0"
      }
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card request was updated and its state changed to canceled.
Schema: cardRequest
StatusDescription
400 Bad Request

Bad Request. The cardRequest parameter was malformed or does not refer to an existing or accessible card request.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
409 Conflict
Conflict. The request to cancel the card request is not allowed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

Cards

Debit Cards Issued by the Financial Institution

getCards

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/cards \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/cards HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cards',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cards',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/cards',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/cards', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cards");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/cards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return a collection of cards

GET /cards

Return a paginated sortable filterable searchable collection of cards for the user's accounts or the subset of those cards that satisfy the filter criteria. links in the response include pagination links.

For an account owner or joint owner of a personal account, the default response includes all cards issued to all primary or joint owners of the account. For authorized signers on business accounts, the default response includes cards for all authorized signers for that account.

There is another version of this operation which allows getting a list of cards based on the query constraints passed in the request body; see the getCardsForAccount operation.

Parameters

ParameterDescription
start integer(int64)
The zero-based index of the first card item to include in this page. The default 0 denotes the beginning of the collection.
Default: 0
limit integer(int32)
The maximum number of card representations to return in this page.
Default: 100
sortBy string
Optional sort criteria. See sort criteria format, such as ?sortBy=field1,-field2.
This collection may be sorted by the following properties:
accountName
state
replacementState
fulfillmentState
updatedAt.
filter string
Optional filter criteria. See filtering.
This collection may be filtered by the following properties and functions:
• Property account using functions eq, ne, in
• Property accountName using functions eq, ne, lt, le, gt, ge, startsWith, endsWith, contains, search
• Property accountCategory using functions eq, ne, in
• Property accountType using functions eq, ne, in
• Property state using functions eq, ne, in
• Property replacementState using functions eq, ne, in
• Property fulfillmentState using functions eq, ne, in
• Property updatedAt using functions eq, ne, lt, le, gt, ge
• Property modifiedOn using functions eq, ne, lt, le, gt, ge, in
• Property issuedOn using functions eq, ne, lt, le, gt, ge, in
• Property expiresOn using functions eq, ne, lt, le, gt, ge, in.
q string
Optional search string. See searching.
unmasked boolean
For security reasons, the default response includes only a masked banking account number, for partial identification purposes. For ?unmasked=true, the response body includes the full account number for each of the requested cards. Requests for full account numbers are auditable.
Note that card numbers are always masked.
Default: false
mine boolean
If true, limit the response to only cards issued to the user making the request.
Default: false
account array[string]
Filter cards to only those for the account with the account ID named in this query parameter. (By default, the list is pre-filtered to only accounts that the user has access to; this further narrows that list. FI admins can use this to view cards for a user.) This can match exactly one account ID, or a set of |-separated IDs This parameter is mutually exclusive with ?accountName=. Examples: ?account=a223db933809 or ?account=a223db933809|fd89d651283b.
pipe-delimited
accountName array[string]
Filter cards to those whose account name matches this value. This can match exactly one account name, or a set of |-separated names. This parameter is mutually exclusive with ?account=. Examples: ?accountName=My%20Basic%20Savings or ?accountName=My%20Basic%20Savings|My%20Joint%02Savings.
pipe-delimited
state string
Filter cards on the state of the card. This can match exactly one state, or a set of |-separated states. Examples: ?state=requested , ?state=lost|stolen|damaged.
fulfillmentState array[string]
Filter the response to card by the state of their replacement states. This can match exactly one state, or a set of |-separated states. Examples: ?fulfillmentState=requested , ?fulfillmentState=ordered|reordered.
pipe-delimited
items:
» enum values: none, requested, ordered, issued, shipped, rejected
modifiedOn array[string]
Filter the response to cards last modified on this date or set of |-separated dates. Dates are in RFC 3339 YYYY-MM-DD format. Examples: ?modifiedOn=2019-06-10 , ?modifiedOn=2019-06-10|2019-06-08|2019-06-07.
pipe-delimited
issuedOn array[string]
Filter the response to cards issued on this date or set of |-separated dates. Dates are in RFC 3339 YYYY-MM-DD format. Examples: ?issuedOn=2019-06-10 , ?issuedOn=2019-06-10|2019-06-08|2019-06-07.
pipe-delimited
updatedBy string
Filter the response to card requests created by the user named by this user ID.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cards/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cards?start=10&limit=10"
    },
    "first": {
      "href": "/cards/cards?start=0&limit=10"
    },
    "next": {
      "href": "/cards/cards?start=20&limit=10"
    },
    "collection": {
      "href": "/cards/cards"
    }
  },
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "cards",
  "_embedded": {
    "items": [
      {
        "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
        "_profile": "https://production.api.apiture.com/schemas/cards/card/v2.2.1/profile.json",
        "holderName": "LUCILLE WELLPHUNDED",
        "label": "Premiere Checking *3210",
        "accountName": "Premiere Checking",
        "accountNumbers": {
          "masked": "*************3210",
          "full": "9876543210"
        },
        "cardNumbers": {
          "masked": "************3210"
        },
        "state": "active",
        "fulfillmentState": "shipped",
        "fulfillmentDescription": "Shipped on June 7, 2020",
        "mine": true,
        "issuedAt": "2019-06-07T05:18:30.375Z",
        "updatedAt": "2019-06-07T05:18:30.375Z",
        "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
        "expiresOn": "2021-04-30",
        "_links": {
          "self": {
            "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
          },
          "apiture:account": {
            "href": "/accounts/accounts/d62c0701-0d74-4836-83f9-ebf3709442ea"
          }
        }
      }
    ]
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: cards
StatusDescription
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
422 Unprocessable Entity
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.
Schema: errorResponse

getCard

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/cards/{cardId} \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/cards/{cardId} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cards/{cardId}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cards/{cardId}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/cards/{cardId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/cards/{cardId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cards/{cardId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/cards/{cardId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a representation of this card

GET /cards/{cardId}

Return a HAL representation of this card resource.

Parameters

ParameterDescription
cardId string (required)
The unique identifier of this card. This is an opaque string.
If-None-Match string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET will return 304 (Not Modified) and no response body, else the resource representation will be returned.
unmasked boolean
For security reasons, the default response includes only a masked banking account number, for partial identification purposes. For ?unmasked=true, the response body includes the full account number for each of the requested cards. Requests for full account numbers are auditable.
Note that card numbers are always masked.
Default: false

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/card/v2.2.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:account": {
      "href": "/accounts/accounts/d62c0701-0d74-4836-83f9-ebf3709442ea"
    }
  },
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "holderName": "LUCILLE WELLPHUNDED",
  "label": "Premiere Checking *3210",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210"
  },
  "state": "active",
  "fulfillmentState": "shipped",
  "fulfillmentDescription": "Shipped on June 30, 2021",
  "issuedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "mine": true,
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": "2021-04-30",
  "_embedded": {},
  "name": "My debit card for Premiere Checking",
  "shippedOn": "2021-07-30",
  "activationExpiresOn": "2021-09-15"
}

Responses

StatusDescription
200 OK
OK.
Schema: card
StatusDescription
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
StatusDescription
404 Not Found
Not Found. There is no such card resource at the specified {cardId}. The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update this card resource.

Card Actions

Actions on Debit Cards

activateCard

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/cards/activeCards?card=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST https://api.devbank.apiture.com/cards/activeCards?card=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/activeCards?card=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/activeCards',
  method: 'post',
  data: '?card=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://api.devbank.apiture.com/cards/activeCards',
  params: {
  'card' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://api.devbank.apiture.com/cards/activeCards', params={
  'card': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/activeCards?card=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/cards/activeCards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Activate a card

POST /activeCards

Activate a card so a customer can use it and change the card's state property to active. Services or administrative users may activate a requested card after a card request has been approved. Customers may not use this operation for activating new cards.

This operation is available via the apiture:activate link on the card resource, if and only if the activation operation is available. The response is the updated representation of the card. The If-Match request header value must match the current entity tag value of the card.

Parameters

ParameterDescription
card string (required)
A string which uniquely identifies a card. This may be the unique {cardId} or the URI of the card.
If-Match string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/card/v2.2.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:account": {
      "href": "/accounts/accounts/d62c0701-0d74-4836-83f9-ebf3709442ea"
    }
  },
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "holderName": "LUCILLE WELLPHUNDED",
  "label": "Premiere Checking *3210",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210"
  },
  "state": "active",
  "fulfillmentState": "shipped",
  "fulfillmentDescription": "Shipped on June 30, 2021",
  "issuedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "mine": true,
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": "2021-04-30",
  "_embedded": {},
  "name": "My debit card for Premiere Checking",
  "shippedOn": "2021-07-30",
  "activationExpiresOn": "2021-09-15"
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card was updated and its state changed to active.
Schema: card
StatusDescription
400 Bad Request

Bad Request. The card parameter was malformed or does not refer to an existing or accessible card.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
409 Conflict
Conflict. The request to activate the card is not allowed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

lockCard

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/cards/lockedCards?card=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST https://api.devbank.apiture.com/cards/lockedCards?card=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/lockedCards?card=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/lockedCards',
  method: 'post',
  data: '?card=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://api.devbank.apiture.com/cards/lockedCards',
  params: {
  'card' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://api.devbank.apiture.com/cards/lockedCards', params={
  'card': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/lockedCards?card=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/cards/lockedCards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Lock a card

POST /lockedCards

Lock a card so that it cannot be used for debits or other financial activity. (This differs from locking the entire account.) This is also referred to a placing a hold on the card. This is one step before reporting a card as lost or stolen. A user can unlock the card (restore it to the normal, active state) by using the apiture:unlock link which invokes the unlockCard operation. This is a self-service operation which a card holder may take if they want to prevent fraudulent use of the card, such as if they have misplaced it (but expect to find it again), or will be out of the country.

This operation changes the state property of the card to locked. This operation is available via the apiture:lock link on the card resource, if and only if the card is eligible for the lock operation. The response is the updated representation of the card. The If-Match request header value must match the current entity tag value of the card.

Only the card holder or an admin can lock a card.

Parameters

ParameterDescription
card string (required)
A string which uniquely identifies a card. This may be the unique {cardId} or the URI of the card.
If-Match string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/card/v2.2.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:account": {
      "href": "/accounts/accounts/d62c0701-0d74-4836-83f9-ebf3709442ea"
    }
  },
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "holderName": "LUCILLE WELLPHUNDED",
  "label": "Premiere Checking *3210",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210"
  },
  "state": "active",
  "fulfillmentState": "shipped",
  "fulfillmentDescription": "Shipped on June 30, 2021",
  "issuedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "mine": true,
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": "2021-04-30",
  "_embedded": {},
  "name": "My debit card for Premiere Checking",
  "shippedOn": "2021-07-30",
  "activationExpiresOn": "2021-09-15"
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card was updated and its state changed to locked.
Schema: card
StatusDescription
400 Bad Request

Bad Request. The card parameter was malformed or does not refer to an existing or accessible card.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
409 Conflict
Conflict. The request to lock the card is not allowed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

unlockCard

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/cards/unlockedCards?card=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST https://api.devbank.apiture.com/cards/unlockedCards?card=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/unlockedCards?card=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/unlockedCards',
  method: 'post',
  data: '?card=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://api.devbank.apiture.com/cards/unlockedCards',
  params: {
  'card' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://api.devbank.apiture.com/cards/unlockedCards', params={
  'card': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/unlockedCards?card=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/cards/unlockedCards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Unlock a card

POST /unlockedCards

Unlock a locked card so that it can be used for debits or other financial activity. This changes the state property of the card back to active. This operation is available via the apiture:unlock link on the card resource, if and only if the card is currently locked. The response is the updated representation of the card. The If-Match request header value, if passed, must match the current entity tag value of the card.

Only the card holder or an admin can unlock a card.

Parameters

ParameterDescription
card string (required)
A string which uniquely identifies a card. This may be the unique {cardId} or the URI of the card.
If-Match string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/card/v2.2.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:account": {
      "href": "/accounts/accounts/d62c0701-0d74-4836-83f9-ebf3709442ea"
    }
  },
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "holderName": "LUCILLE WELLPHUNDED",
  "label": "Premiere Checking *3210",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210"
  },
  "state": "active",
  "fulfillmentState": "shipped",
  "fulfillmentDescription": "Shipped on June 30, 2021",
  "issuedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "mine": true,
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": "2021-04-30",
  "_embedded": {},
  "name": "My debit card for Premiere Checking",
  "shippedOn": "2021-07-30",
  "activationExpiresOn": "2021-09-15"
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card was updated and its state changed to active.
Schema: card
StatusDescription
400 Bad Request

Bad Request. The card parameter was malformed or does not refer to an existing or accessible card.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
409 Conflict
Conflict. The request to unlock the card is not allowed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

closeCard

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/cards/closedCards?card=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST https://api.devbank.apiture.com/cards/closedCards?card=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/closedCards?card=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/closedCards',
  method: 'post',
  data: '?card=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://api.devbank.apiture.com/cards/closedCards',
  params: {
  'card' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://api.devbank.apiture.com/cards/closedCards', params={
  'card': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/closedCards?card=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/cards/closedCards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Close a card

POST /closedCards

Close a card by adding it to the set of closed cards. This changes the state property of the card to closed. This operation is available via the apiture:close link on the card resource, if and only if the card is eligible for the close operation. The response is the updated representation of the card. The If-Match request header value, if passed, must match the current entity tag value of the card.

Only the card holder or an admin can close a card.

Parameters

ParameterDescription
card string (required)
A string which uniquely identifies a card. This may be the unique {cardId} or the URI of the card.
If-Match string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/card/v2.2.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:account": {
      "href": "/accounts/accounts/d62c0701-0d74-4836-83f9-ebf3709442ea"
    }
  },
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "holderName": "LUCILLE WELLPHUNDED",
  "label": "Premiere Checking *3210",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210"
  },
  "state": "active",
  "fulfillmentState": "shipped",
  "fulfillmentDescription": "Shipped on June 30, 2021",
  "issuedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "mine": true,
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": "2021-04-30",
  "_embedded": {},
  "name": "My debit card for Premiere Checking",
  "shippedOn": "2021-07-30",
  "activationExpiresOn": "2021-09-15"
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card was updated and its state changed to closed.
Schema: card
StatusDescription
400 Bad Request

Bad Request. The card parameter was malformed or does not refer to an existing or accessible card.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
409 Conflict
Conflict. The request to close the card is not allowed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

Secondary Accounts

Secondary Accounts Linked to a Card

getSecondaryAccounts

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return a list of secondary (linked) accounts

GET /cards/{cardId}/secondaryAccounts

Return an array of secondary accounts attached to this card. The array is empty [] if there are no secondary accounts.

Parameters

ParameterDescription
cardId string (required)
The unique identifier of this card. This is an opaque string.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/secondaryAccounts/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/cards/secondaryAccounts"
    }
  },
  "name": "secondaryAccounts",
  "accounts": [
    {
      "_id": "4",
      "_profile": "https://production.api.apiture.com/schemas/cards/secondaryAccount/v1.1.1/profile.json",
      "name": "My Checking",
      "title": "Susan Wheeling",
      "accountNumbers": {
        "masked": "*************3210"
      },
      "balance": "1234.56",
      "currency": "USD",
      "_links": {
        "self": {
          "href": "https://api.devbank.apiture.com/cards/secondaryAccounts/4"
        },
        "apiture:account": {
          "href": "https://api.devbank.apiture.com/accounts/accounts/a401db7e-8f3b-4bb5-a6c6-2fa622399299"
        }
      }
    }
  ]
}

Responses

StatusDescription
200 OK
OK.
Schema: secondaryAccounts
StatusDescription
404 Not Found
Not Found. There is no such card resource at the specified {cardId}. The _error field in the response will contain details about the request error.
Schema: errorResponse

getEligibleSecondaryAccounts

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return a list of accounts eligible to be linked s card.

GET /cards/{cardId}/eligibleSecondaryAccounts

Return an array of secondary accounts that are eligible to be linked to this card. The response omits any accounts already linked to the card. The array is empty [] if there are no additional eligible secondary accounts.

Parameters

ParameterDescription
cardId string (required)
The unique identifier of this card. This is an opaque string.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/secondaryAccounts/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/cards/secondaryAccounts"
    }
  },
  "name": "secondaryAccounts",
  "accounts": [
    {
      "_id": "4",
      "_profile": "https://production.api.apiture.com/schemas/cards/secondaryAccount/v1.1.1/profile.json",
      "name": "My Checking",
      "title": "Susan Wheeling",
      "accountNumbers": {
        "masked": "*************3210"
      },
      "balance": "1234.56",
      "currency": "USD",
      "_links": {
        "self": {
          "href": "https://api.devbank.apiture.com/cards/secondaryAccounts/4"
        },
        "apiture:account": {
          "href": "https://api.devbank.apiture.com/accounts/accounts/a401db7e-8f3b-4bb5-a6c6-2fa622399299"
        }
      }
    }
  ]
}

Responses

StatusDescription
200 OK
OK.
Schema: secondaryAccounts
StatusDescription
404 Not Found
Not Found. There is no such card resource at the specified {cardId}. The _error field in the response will contain details about the request error.
Schema: errorResponse

addSecondaryAccount

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/json
Accept: application/json

const fetch = require('node-fetch');
const inputBody = '{
  "_profile": "https://production.api.apiture.com/schemas/cards/createSecondaryAccount/v1.0.1/profile.json",
  "_links": {
    "apiture:account": {
      "href": "https://production.api.apiture.com/accounts/accounts/3631bb1f-f6d1-4023-99c9-89367a12bf1e"
    }
  }
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/json',
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/json',
  'Accept': 'application/json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/json"},
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/cards/cards/{cardId}/eligibleSecondaryAccounts", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Add a new secondary account to the card

POST /cards/{cardId}/eligibleSecondaryAccounts

Add a secondary (linked) account to the card.

Body parameter

{
  "_profile": "https://production.api.apiture.com/schemas/cards/createSecondaryAccount/v1.0.1/profile.json",
  "_links": {
    "apiture:account": {
      "href": "https://production.api.apiture.com/accounts/accounts/3631bb1f-f6d1-4023-99c9-89367a12bf1e"
    }
  }
}

Parameters

ParameterDescription
body createSecondaryAccount
The data necessary to add a new secondary account.
cardId string (required)
The unique identifier of this card. This is an opaque string.

Try It

Example responses

201 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/secondaryAccount/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/cards/secondaryAccounts/4"
    }
  },
  "_id": "4",
  "name": "My Checking",
  "title": "Susan Wheeling",
  "accountNumbers": {
    "masked": "*************3210"
  },
  "balance": "1234.56",
  "currency": "USD",
  "_embedded": {}
}

Responses

StatusDescription
201 Created
Created.
Schema: secondaryAccount
StatusDescription
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
409 Conflict

Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
422 Unprocessable Entity

Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.

This error response may have one of the following type values:

Schema: errorResponse

Response Headers

StatusDescription
201 Location string uri
The URI of the new resource. If the URI begins with / it is relative to the API root context. Else, it is a full URI starting with scheme://host
201 ETag string
An entity tag which may be passed in the If-Match request header for PUT or PATCH operations which update the resource.

getSecondaryAccount

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId} \
  -H 'Accept: application/json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a representation of this secondary account

GET /cards/{cardId}/secondaryAccounts/{secondaryAccountId}

Return a HAL representation of this secondary account resource.

Parameters

ParameterDescription
If-None-Match string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET will return 304 (Not Modified) and no response body, else the resource representation will be returned.
cardId string (required)
The unique identifier of this card. This is an opaque string.
secondaryAccountId string (required)
The unique identifier of this secondary account.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/cards/secondaryAccount/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/cards/secondaryAccounts/4"
    }
  },
  "_id": "4",
  "name": "My Checking",
  "title": "Susan Wheeling",
  "accountNumbers": {
    "masked": "*************3210"
  },
  "balance": "1234.56",
  "currency": "USD",
  "_embedded": {}
}

Responses

StatusDescription
200 OK
OK.
Schema: secondaryAccount
StatusDescription
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
StatusDescription
404 Not Found

Not Found. There is no such secondary account resource at the specified {secondaryAccountId}. The _error field in the response contains details about the request error.

This error response may have one of the following type values:

Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT or PATCH operations which update this secondary account resource.

deleteSecondaryAccount

Code samples

# You can also use wget
curl -X DELETE https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId} \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

DELETE https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}',
{
  method: 'DELETE',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}',
  method: 'delete',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.delete 'https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.delete('https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("DELETE");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("DELETE", "https://api.devbank.apiture.com/cards/cards/{cardId}/secondaryAccounts/{secondaryAccountId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Unlink a secondary account

DELETE /cards/{cardId}/secondaryAccounts/{secondaryAccountId}

Delete this secondary account from the card. This "unlinks" the account from the card, so the account's balance, withdrawals, deposits, and other features are no longer available for this account. Secondary accounts are also removed when they are closed.

Parameters

ParameterDescription
cardId string (required)
The unique identifier of this card. This is an opaque string.
secondaryAccountId string (required)
The unique identifier of this secondary account.

Try It

Example responses

404 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Responses

StatusDescription
204 No Content
No Content. The resource was deleted successfully.
StatusDescription
404 Not Found

Not Found. There is no such secondary account resource at the specified {secondaryAccountId}. The _error field in the response contains details about the request error.

This error response may have one of the following type values:

Schema: errorResponse

API

The Cards API

getLabels

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/labels \
  -H 'Accept: application/hal+json' \
  -H 'Accept-Language: string' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/cards/labels HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
Accept-Language: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'Accept-Language':'string',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/cards/labels',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'Accept-Language':'string',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/labels',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'Accept-Language' => 'string',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/labels',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'Accept-Language': 'string',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/cards/labels', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/labels");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "Accept-Language": []string{"string"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/labels", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Localized Labels

GET /labels

Return a JSON object which defines labels for enumeration types defined by the schemas defined in this API. The labels in the response may not all match the requested language; some may be in the default language (en-us).

Parameters

ParameterDescription
Accept-Language string
The weighted language tags which indicate the user's preferred natural language for the localized labels in the response, as per RFC 7231.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/labelGroups/v1.1.3/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "groups": {
    "firstGroup": {
      "unknown": {
        "label": "Unknown",
        "code": "0",
        "hidden": true
      },
      "key1": {
        "label": "Label for Key 1",
        "code": "1",
        "variants": {
          "es": {
            "label": "(Spanish label for Key 1)"
          },
          "fr": {
            "label": "(French label for Key 1)"
          }
        }
      },
      "key2": {
        "label": "Label for Key 2",
        "code": "2",
        "variants": {
          "es": {
            "label": "(Spanish label for Key 2)"
          },
          "fr": {
            "label": "(French label for Key 2)"
          }
        }
      },
      "key3": {
        "label": "Label for Key 3",
        "code": "3",
        "variants": {
          "es": {
            "label": "(Spanish label for Key 3)"
          },
          "fr": {
            "label": "(French label for Key 3)"
          }
        }
      },
      "other": {
        "label": "Other",
        "variants": {
          "es": {
            "label": "(Spanish label for Other)"
          },
          "fr": {
            "label": "(French label for Other)"
          }
        },
        "code": "254"
      }
    },
    "secondGroup": {
      "unknown": {
        "label": "Unknown",
        "code": "?",
        "hidden": true
      },
      "optionA": {
        "label": "Option A",
        "code": "A"
      },
      "optionB": {
        "label": "Option B",
        "code": "B"
      },
      "optionC": {
        "label": "Option C",
        "code": "C"
      },
      "other": {
        "label": "Other",
        "code": "_"
      }
    }
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: labelGroups

getApi

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/ \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/cards/ HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/cards/',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/cards/', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Top-level resources and operations in this API

GET /

Return links to the top-level resources and operations in this API.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "id": "apiName",
  "name": "API name",
  "apiVersion": "1.0.0"
}

Responses

StatusDescription
200 OK
OK.
Schema: root

getApiDoc

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/apiDoc \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/cards/apiDoc HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/cards/apiDoc',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/apiDoc',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/apiDoc',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/cards/apiDoc', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/apiDoc");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/apiDoc", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return API definition document

GET /apiDoc

Return the OpenAPI document that describes this API.

Try It

Example responses

200 Response

{}

Responses

StatusDescription
200 OK
OK.
Schema: Inline

Response Schema

Configuration

Products Service Configuration

getConfigurationGroups

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/configurations/groups \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/configurations/groups HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/configurations/groups',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/configurations/groups',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/configurations/groups',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/configurations/groups', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/configurations/groups");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/configurations/groups", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return a collection of configuration groups

GET /configurations/groups

Return a paginated sortable filterable searchable collection of configuration groups. The links in the response include pagination links.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroups/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/configurations/groups?start=10&limit=10"
    },
    "first": {
      "href": "/configurations/configurations/groups?start=0&limit=10"
    },
    "next": {
      "href": "/configurations/configurations/groups?start=20&limit=10"
    },
    "collection": {
      "href": "/configurations/configurations/groups"
    }
  },
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "configurationGroups",
  "_embedded": {
    "items": [
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/basic"
          }
        },
        "name": "basic",
        "label": "Basic Settings",
        "description": "The basic settings for the Transfers API"
      },
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/calendar"
          }
        },
        "name": "calendar",
        "label": "Calendar",
        "description": "A calendar that specifies which dates are valid for performing transfers (e.g., weekdays excluding federal holidays)"
      }
    ]
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: configurationGroups
StatusDescription
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
422 Unprocessable Entity
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.
Schema: errorResponse

getConfigurationGroup

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/configurations/groups/{groupName} \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/configurations/groups/{groupName} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/configurations/groups/{groupName}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/configurations/groups/{groupName}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a representation of this configuration group

GET /configurations/groups/{groupName}

Return a HAL representation of this configuration group resource.

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
If-None-Match string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET will return 304 (Not Modified) and no response body, else the resource representation will be returned.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/groups/basic"
    }
  },
  "name": "basic",
  "label": "Basic Settings",
  "description": "The basic settings for the Transfers API",
  "schema": {
    "type": "object",
    "properties": {
      "dailyLimit": {
        "type": "number",
        "description": "The daily limit for the number of transfers"
      },
      "cutoffTime": {
        "type": "string",
        "format": "time",
        "description": "The cutoff time for scheduling transfers for the current day"
      }
    }
  },
  "values": {
    "dailyLimit": 5,
    "cutoffTime": 63000
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: configurationGroup
StatusDescription
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
StatusDescription
404 Not Found
Not Found. There is no such configuration group resource at the specified {groupName} The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-None-Match request header for GET operations for this configuration group resource.

getConfigurationGroupSchema

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/schema \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/schema HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/schema',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/schema',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/schema',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/schema', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/schema");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/schema", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch the schema for this configuration group

GET /configurations/groups/{groupName}/schema

Return a HAL representation of this configuration group schema resource.

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
If-None-Match string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET will return 304 (Not Modified) and no response body, else the resource representation will be returned.

Try It

Example responses

200 Response

{
  "type": "object",
  "properties": {
    "dailyLimit": {
      "type": "number",
      "description": "The daily limit for the number of transfers"
    },
    "cutoffTime": {
      "type": "string",
      "format": "time",
      "description": "The cutoff time for scheduling transfers for the current day"
    }
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: configurationSchema
StatusDescription
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
StatusDescription
404 Not Found
Not Found. There is no such configuration group resource at the specified {groupName} The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT

getConfigurationGroupValues

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch the values for the specified configuration group

GET /configurations/groups/{groupName}/values

Return a representation of this configuration group values resource.

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
If-None-Match string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET will return 304 (Not Modified) and no response body, else the resource representation will be returned.

Try It

Example responses

200 Response

{
  "dailyLimit": 5,
  "cutoffTime": 63000
}

Responses

StatusDescription
200 OK
OK.
Schema: configurationValues
StatusDescription
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
StatusDescription
404 Not Found
Not Found. There is no such configuration group resource at the specified {groupName} The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT

updateConfigurationGroupValues

Code samples

# You can also use wget
curl -X PUT https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

PUT https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');
const inputBody = '{
  "dailyLimit": 5,
  "cutoffTime": 63000
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values',
{
  method: 'PUT',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values',
  method: 'put',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.put 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.put('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("PUT", "https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Update the values for the specified configuration group

PUT /configurations/groups/{groupName}/values

Perform a complete replacement of this set of values.

Body parameter

{
  "dailyLimit": 5,
  "cutoffTime": 63000
}

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
If-Match string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.
body configurationValues (required)

Try It

Example responses

200 Response

{
  "type": "object",
  "properties": {
    "dailyLimit": {
      "type": "number",
      "description": "The daily limit for the number of transfers"
    },
    "cutoffTime": {
      "type": "string",
      "format": "time",
      "description": "The cutoff time for scheduling transfers for the current day"
    }
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: configurationSchema
StatusDescription
400 Bad Request
Bad Request. The request body is invalid. It is either not valid JSON or it does not conform to the corresponding configuration group schema. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
403 Forbidden
Access denied. Only administrators may update configuration.
Schema: errorResponse
StatusDescription
404 Not Found
Not Found. There is no such configuration group resource at the specified {groupName} The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT

getConfigurationGroupValue

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName} \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a single value associated with the specified configuration group

GET /configurations/groups/{groupName}/values/{valueName}

Fetch a single value associated with this configuration group. This provides convenient access to individual values of the configuration group. The response is always a JSON value which can be parsed with a strict JSON parser. The response may be

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
valueName string (required)
The unique name of a value in a configuration group. This is the name of the value in the schema. A {valueName} must be a simple identifier following the pattern letter [letter | digit | '-' | '_']*.

Try It

Example responses

200 Response

"string"

Responses

StatusDescription
200 OK
OK. The value of the named configuration value as a JSON string, number, boolean, array, or object.
Schema: string
StatusDescription
404 Not Found

Not Found. There is either no such configuration group resource at the specified {groupName} or no such value at the specified {valueName}. The _error field in the response will contain details about the request error.

This error response may have one of the following type values:

Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT or PATCH operations which update this configuration group resource.

updateConfigurationGroupValue

Code samples

# You can also use wget
curl -X PUT https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName} \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

PUT https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName} HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');
const inputBody = 'string';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}',
{
  method: 'PUT',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}',
  method: 'put',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.put 'https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.put('https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("PUT", "https://api.devbank.apiture.com/cards/configurations/groups/{groupName}/values/{valueName}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Update a single value associated with the specified configuration group

PUT /configurations/groups/{groupName}/values/{valueName}

Update a single value associated with this configuration group. This provides convenient access to individual values of the configuration group as defined in the configuration group's schema. The request body must conform to the configuration group's schema for the named {valueName}. This operation is idempotent. The request body must be a JSON value which can be parsed with a strict JSON parser. The response may be

Body parameter

"string"

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
valueName string (required)
The unique name of a value in a configuration group. This is the name of the value in the schema. A {valueName} must be a simple identifier following the pattern letter [letter | digit | '-' | '_']*.
If-Match string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.
body string (required)
The request body must a valid JSON value and should be parsable with a JSON parser. The result may be a string, number, boolean, array, or object.

Try It

Example responses

200 Response

"string"

Responses

StatusDescription
200 OK
OK.
Schema: string
StatusDescription
400 Bad Request
Bad Request. The request body is invalid. It is either not valid JSON or it does not conform to the corresponding configuration group schema. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
403 Forbidden
Access denied. Only administrators may update configuration.
Schema: errorResponse
StatusDescription
404 Not Found

Not Found. There is either no such configuration group resource at the specified {groupName} or no such value at the specified {valueName}. The _error field in the response will contain details about the request error.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT or PATCH operations which update this configuration group resource.

Schemas

abstractRequest

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {}
}

Abstract Request (v2.0.0)

An abstract schema used to define other request-only schemas. This is a HAL resource representation, minus the _error defined in abstractResource.

This schema was resolved from common/abstractRequest.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only

abstractResource

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Abstract Resource (v2.1.0)

An abstract schema used to define other schemas for request and response bodies. This is a HAL resource representation. This model contains hypermedia _links, and either optional domain object data with _profile and optional _embedded objects, or an _error object. In responses, if the operation was successful, this object will not include the _error, but if the operation was a 4xx or 5xx error, this object will not include _embedded or any data fields, only _error and optionally _links.

This schema was resolved from common/abstractResource.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only

accountNumbers

{
  "masked": "*************3210",
  "full": "9876543210"
}

Account Numbers (v1.0.1)

Different representations of an account number.

This schema was resolved from common/accountNumbers.

Properties

NameDescription
masked string
A partial account number that does not contain all the digits of the full account number. This masked number appears in statements or in user experience presentation. It is sufficient for a user to differentiate this account from other accounts they hold, but is not sufficient for initiating transfers, etc. The first character is the mask character and is repeated; this does not indicate that the full account number is the same as the mask length. This value is derived and immutable.
read-only
minLength: 8
maxLength: 32
full string
The full account number. This value only appears when ?unmasked=true is passed on the GET request. Not included in the summary representation of the account that is included in account collection responses. This value is derived and immutable.
read-only
minLength: 4
maxLength: 17

address

{
  "addressLine1": "555 N Front Street",
  "addressLine2": "Suite 5555",
  "city": "Wilmington",
  "regionCode": "NC",
  "postalCode": "28401-5405",
  "countryCode": "US",
  "_id": "ha5",
  "type": "home"
}

Address (v1.0.0)

A postal address with the address type and an identifier.

This schema was resolved from contacts/address.

Properties

NameDescription
addressLine1 string
The first street address line of the address, normally a house number and street name.
minLength: 4
maxLength: 128
addressLine2 string
The optional second street address line of the address.
maxLength: 128
city string
The name of the city or municipality.
minLength: 2
maxLength: 128
regionCode string
The mailing address region code, such as state in the US, or a province in Canada. This is normalized to uppercase.
minLength: 2
maxLength: 2
pattern: ^[a-zA-Z]{2}$
postalCode string
The mailing address postal code, such as a US Zip or Zip+4 code, or a Canadian postal code.
minLength: 5
maxLength: 10
pattern: ^[0-9]{5}(?:-[0-9]{4})?$
countryCode string
The ISO 3166-1 alpha-2 country code. This is normalized to uppercase.
minLength: 2
maxLength: 2
pattern: ^[a-zA-Z]{2}$
type string: addressType (required)
The type of this address.
enum values: unknown, home, prior, work, school, mailing, vacation, shipping, billing, headquarters, commercial, site, property, other, notApplicable
label string
A text label, suitable for presentation to the end user. This is derived from type or from otherType if type is other
read-only
minLength: 4
maxLength: 32
otherType string
The actual address type if type is other.
minLength: 4
maxLength: 32
_id string
An identifier for this address, so that it can be referenced uniquely. The service will assign a unique _id if the client does not provide one. The _id must be unique across all addresses within the addresses array.
minLength: 1
maxLength: 8
pattern: ^[-a-zA-Z0-9_]{1,8}$

addressType

"unknown"

Address Type (v1.0.0)

The type of a postal address.

Warning: The enum list will be removed in a future release.

The allowed values for this property are defined at runtime in the label group named addressType in the response from the getLabels operation.

This schema was resolved from contacts/addressType.

Type: string
enum values: unknown, home, prior, work, school, mailing, vacation, shipping, billing, headquarters, commercial, site, property, other, notApplicable

attributes

{}

Attributes (v2.1.0)

An optional map of name/value pairs which contains additional dynamic data about the resource.

This schema was resolved from common/attributes.

Properties

authenticator

{
  "_profile": "https://production.api.apiture.com/schemas/auth/authenticator/v1.2.0/profile.json",
  "_links": {
    "self": {
      "href": "/auth/challenges/2e61e506-1568-4f1a-a93e-4d0a48a06d0e/authenticators/7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
    },
    "apiture:challenge": {
      "href": "/auth/challenges/challenges/b59438cd-5efb-4915-916b-0600bb2a4e1e"
    },
    "apiture:retry": {
      "href": "/auth/challenges/retriedAuthenticators?authenticator=7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
    },
    "apiture:verify": {
      "href": "/auth/challenges/verifiedAuthenticators"
    }
  },
  "_id": "7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3",
  "userId": "b2720469-3497-4b82-8b85-30f2155aa66d",
  "state": "started",
  "maskedTarget": "****1234",
  "type": {
    "name": "sms",
    "label": "SMS Code",
    "description": "Enter a code sent via SMS to the user's preferred mobile device.",
    "category": "device",
    "schema": {
      "title": "SMS attributes",
      "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
      "type": "object",
      "required": [
        "code",
        "length"
      ],
      "properties": {
        "code": {
          "type": "string",
          "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
          "minLength": 3,
          "maxLength": 10
        },
        "length": {
          "description": "The number of digits/characters that are sent to the user via SMS.",
          "type": "integer",
          "minimum": 3,
          "maximum": 10,
          "example": 6
        }
      }
    }
  },
  "maximumRetries": 3,
  "retryCount": 1,
  "createdAt": "2019-08-23T12:42:50.375Z",
  "expiresAt": "2019-08-23T13:12:50.375Z"
}

Authenticator (v1.2.0)

Representation of authenticators which verify a user's identity.

Response and request bodies using this authenticator schema may contain the following links:

RelSummaryMethod
apiture:retryRetry an authenticatorPOST
apiture:startStart an authenticatorPOST
apiture:verifyVerify a user's identityPOST
apiture:challengeFetch a representation of this challengeGET

This schema was resolved from auth/authenticator.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
type object: authenticatorType
The type of this authenticator. This must be one of the items in the /authenticatorTypes resource.
maximumRetries integer
The maximum number of times the user may retry this authenticator. If 0, the user must authenticate correctly on the first try. When an authenticator is retried, the client should POST to the apiture:retry link on the authenticators; absence of the link means the user cannot retry the authenticator. The default is 3.
minimum: 0
maximum: 10
_id string
The unique identifier for this authenticator resource. This is an immutable opaque string assigned upon creation.
read-only
userId string
The user ID of the user who is requested to verify their identity.
state string: authenticatorState
The state of this authenticator. This is derived and read-only.
read-only
enum values: pending, started, verified, failed, expired
maskedTarget string
A masked value which helps identify the specific authenticator target, such as a masked mobile phone or a masked email address.
retryCount integer
The actual number of times a user has retried this authenticator.
read-only
minimum: 0
maximum: 10
attributes object
Data collected from the user that is used to verify this authenticator. This data conforms to the schema defined in the type. For example, for sms, the attributes must contains a code.
createdAt string(date-time)
The time stamp when authenticator was created, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
verifiedAt string(date-time)
The time stamp when authenticator was verified in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
failedAt string(date-time)
The time stamp when the user failed to verify their identity verification (authentication) for this challenge, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
expiresAt string(date-time)
The time stamp when the this challenge expires, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only

authenticatorCategory

"knowledge"

authenticatorCategory (v1.0.0)

Categories which help classify and organize different authenticator types:

authenticatorCategory strings may have one of the following enumerated values:

ValueDescription
knowledgeKnowledge: Authenticate with information the user knows, such as a password or answers to personal questions.
biometricBiometric: Authenticate with physical characteristics of the user, such as fingerprints, voiceprint, or faceprint.
deviceDevice: Authenticate with a device that the user has, such as a mobile phone or an electronic key.

These enumeration values are further described by the label group named authenticatorCategory in the response from the getLabels operation.

This schema was resolved from auth/authenticatorCategory.

Type: string
enum values: knowledge, biometric, device

authenticatorState

"pending"

Authenticator State (v1.0.0)

The state of a challenge authenticator resource.

authenticatorState strings may have one of the following enumerated values:

ValueDescription
pendingPending: The authenticator is created but not yet started.
startedStarted: The user has started the authenticator.
verifiedVerified: The user corresponding verified the authenticator.
failedFailed: The user failed the authenticators criteria.
expiredExpired: The authenticator expired before the user completed the criteria.

These enumeration values are further described by the label group named authenticatorState in the response from the getLabels operation.

This schema was resolved from auth/authenticatorState.

Type: string
enum values: pending, started, verified, failed, expired

authenticatorType

{
  "name": "sms",
  "label": "SMS code",
  "description": "Enter a code sent via SMS to the user's preferred mobile device.",
  "category": "device",
  "schema": {
    "title": "SMS attributes",
    "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
    "type": "object",
    "required": [
      "code",
      "length"
    ],
    "properties": {
      "code": {
        "type": "string",
        "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
        "minLength": 3,
        "maxLength": 10
      },
      "length": {
        "description": "The number of digits/characters that are sent to the user via SMS.",
        "type": "integer",
        "minimum": 3,
        "maximum": 10,
        "example": 6
      }
    }
  }
}

Authenticator Type (v1.0.0)

An authenticator type description.

This schema was resolved from auth/authenticatorType.

Properties

NameDescription
name string
The name of this authenticator; also the key in the authenticatorTypes object.
label string
A localized label or title which may be used labels or other UI controls which present a value.
description string
A more detailed localized description of an authenticator type.
language string
The actual natural language tag to which this authentication type description is associated, as per RFC 7231. If omitted, this serves as the default.
category string: authenticatorCategory
The authentication category.
enum values: knowledge, biometric, device
schema object
The JSON schema which describe the attributes object for all authenticators of this type. For example, for sms, the schema defines a required code string.

card

{
  "_profile": "https://production.api.apiture.com/schemas/cards/card/v2.2.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:account": {
      "href": "/accounts/accounts/d62c0701-0d74-4836-83f9-ebf3709442ea"
    }
  },
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "holderName": "LUCILLE WELLPHUNDED",
  "label": "Premiere Checking *3210",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210"
  },
  "state": "active",
  "fulfillmentState": "shipped",
  "fulfillmentDescription": "Shipped on June 30, 2021",
  "issuedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "mine": true,
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": "2021-04-30",
  "_embedded": {},
  "name": "My debit card for Premiere Checking",
  "shippedOn": "2021-07-30",
  "activationExpiresOn": "2021-09-15"
}

Card (v2.2.1)

A card resource, which represents physical Debit cards associated with a banking account or credit cards.

The default representation includes only a masked card number. Use ?unmasked=true on the request to include the full card number.

The hypermedia _links in the response (listed below) include several action links which change the state of the card. These links should be used with the POST verb (see Resource sets).

Response and request bodies using this card schema may contain the following links:

RelSummaryMethod
selfFetch a representation of this cardGET
apiture:account The Account associated with this cardGET
apiture:unlockUnlock a cardPOST
apiture:closeClose a cardPOST
apiture:lockLock a cardPOST
apiture:activateActivate a cardPOST
apiture:replaceRequest a new or replacement cardPOST

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
accountName string
The name of the account that this card is tied to.
read-only
minLength: 1
maxLength: 128
accountNumbers object: accountNumbers
The masked and (optionally) full number for the account this card is associated with. This is derived from the account used in the initial card request. By default, only the masked number is returned; use ?unmasked=true to reveal the full account number.
read-only
_id string
The unique identifier for this card resource. This is an immutable opaque string.
read-only
label string
The text label for this card.
read-only
minLength: 1
maxLength: 128
holderName string
The card holder's full name, as it appears on the card. This value is often ALL CAPS.
read-only
cardNumbers object: cardNumbers
The masked and full card number this card.
read-only
fulfillmentState string: cardFulfillmentState
Indicates the state of a card replacement request. The user cannot change this property.
read-only
enum values: none, requested, ordered, reordered, issued, shipped, rejected
fulfillmentDescription string
The card provider's explanation of the current fulfillmentState.
read-only
mine boolean
If true, the card is owned by the user making the request. By default a user can view all cards for a given Account, but they may only take action on cards they own.
read-only
state string: cardState
The state of this card. This is derived.
read-only
enum values: unknown, requested, issued, active, locked, lost, stolen, damaged, frozen, closed
issuedAt string(date-time)
The date-time when this card was issued. This is in RFC 3339 UTC format. This field is present only after the card has been issued, and if the card vendor provides the time stamp.
read-only
activatedAt string(date-time)
The date-time when this card was activated. This is in RFC 3339 UTC format. This field is present only after the card has been activated, and if the card vendor provides the time stamp.
read-only
expiresOn string(date)
The card's expiration date. The day should is the last day of the month, such as 2021-10-31 if the card expires at the end of October, 2021. in RFC 3339 YYYY-MM-DD format.
read-only
updatedAt string(date-time)
The date-time when this card's state or other attributes were last changed. This is in RFC 3339 UTC format.
read-only
updatedBy string
The username of the person who last modified this card resource.
read-only
shippedOn string(date)
The date that a new or replacement card's was shipped, in RFC 3339 YYYY-MM-DD format. This property is only present when a new or replacement card is pending but not activated.
read-only
activationExpiresOn string(date)
The user must activate the card by this date (expressed in RFC 3339 YYYY-MM-DD format), or the card will expire and not activate (it may have been lost or stolen in shipment.) This property is only present when a new or replacement card is pending but not activated. This date is usually 30 to 45 days after the shippedOn date, depending on financial institution configuration.
read-only

cardFulfillmentState

"none"

Card Fulfillment State (v1.0.0)

The state of a card order fulfillment from the provider.

cardFulfillmentState strings may have one of the following enumerated values:

ValueDescription
noneNone: No card replacement requests are active.
requestedRequested: The user has requested a card replacement.
orderedOrdered: The card replacement order has been sent to the card provider.
reorderedReordered: A card has been reordered after the card holder did not receive the original order.
issuedIssued: The card has been issued by the card provider.
shippedShipped: The issued card has been shipped by the card provider.
rejectedRejected: The card provider rejected the card replacement.

These enumeration values are further described by the label group named cardFulfillmentState in the response from the getLabels operation.

Type: string
enum values: none, requested, ordered, reordered, issued, shipped, rejected

cardIssuerParameter

{
  "name": "card_token",
  "value": "77639FAF::7E77::4CDF::B096::4B5C5F971691--fc09b0af::a30b::4D34834F682826EE1C44"
}

Card Issuer Parameter (v1.0.0)

A single name/value parameter that the client passes to the card issuer user interface component.

Properties

NameDescription
name string (required)
The parameter name.
minLength: 4
maxLength: 32
pattern: ^[a-zA-Z][-a-zA-Z0-9_]{3,31}
value string (required)
The parameter value.
maxLength: 256

cardIssuerParameters

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardIssuerParameters/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "issuer": "marqueta",
  "parameters": [
    {
      "name": "user_token",
      "value": "cd8775f7f49a/408a|9afa-982a78bd08bd::7466c8c38489/4541|b695/af7ac2ba4537"
    },
    {
      "name": "onetime_token",
      "value": "130d1a7d_fa0c/453a|86a9_93c411a9df3a::5f1d4ade5c34/40e4|8098/493475dd0c92"
    },
    {
      "name": "application_id",
      "value": "09CF5D57C6084956866126610758E149"
    },
    {
      "name": "card_token",
      "value": "77639FAF::7E77::4CDF::B096::4B5C5F971691--fc09b0af::a30b::4D34834F682826EE1C44"
    }
  ]
}

Card Issuer Parameters (v1.1.1)

Parameters that the client passes to the card issuer user interface component. The example shows possible parameters for the card issuer Marqueta.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
issuer string (required)
The name of the card issuer associated with the parameters.
parameters array: [cardIssuerParameter] (required)
An array of individual card issuer parameters.

cardNumbers

{
  "masked": "************3210"
}

Card Numbers (v1.0.0)

Masked and full representation of a card number.

Properties

NameDescription
masked string
A partial (masked) card number that does not contain all the digits of the full card number. This masked number appears in statements or in user experience presentation. It is sufficient for a user to differentiate this card from other cards the user holds, but is not sufficient for initiating transactions, etc. The first character is the mask character and is repeated; this does not indicate that the full card number is the same as the mask length. This value is derived and immutable.
read-only
maxLength: 16

cardRequest

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardRequest/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:account": {
      "href": "https://api.devbank.apiture.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:shippingAddress": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  },
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "shippingAddressId": "ha1",
  "shippingAddress": {
    "_id": "ha0",
    "type": "home",
    "addressLine1": "555 N Front Street",
    "addressLine2": "Suite 5555",
    "city": "Wilmington",
    "regionCode": "NC",
    "postalCode": "28401-5405",
    "countryCode": "US",
    "state": "approved",
    "_links": {
      "self": {
        "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha0"
      }
    }
  }
}

Card Request (v1.4.1)

Representation of a card request resource. This represents a request to issue a new card or replace a lost, stolen, or damaged card.

The hypermedia _links in the card request representation (listed below) include several action links which change the state of the card request. These links should be used with the POST verb (see Resource sets).

Response and request bodies using this cardRequest schema may contain the following links:

RelSummaryMethod
self GET
apiture:cancelCancel a card requestPOST
apiture:completeComplete a card requestPOST
apiture:rejectReject a card requestPOST
apiture:shippingAddress The shipping address resource, from a User or Organization resourceGET

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
cardId string
The resource ID of the card that is to be replaced.
reason string: cardRequestReason (required)
Reasons which describe why the user is requesting a a card.
enum values: initial, lost, stolen, damaged, neverReceived, reorder
description any
The card holder's description, note, or explanation of why they requested a card. type: string
accountNumbers object: accountNumbers
The masked and (optionally) full number for the account this card is associated with. The full number is only returned when requests contain the ?unmasked query parameter.
read-only
_id string
The unique identifier for this card request resource. This is an immutable opaque string.
read-only
state string: cardRequestState
Indicates the state of a card request.
read-only
enum values: pending, submitted, underReview, canceled, rejected, completed
shippingAddressId string
The _id of the user's address where they wish the card to be shipped. If present, this must be an active address. If omitted, the card is mailed to the user's preferred mailing address. Use the _id of one of the addresses in the response from the List eligible shipping addresses operations, where eligible equals true.
Warning: The property shippingAddressId was deprecated on version v1.4.0 of the schema. Use the shippingAddress property instead. shippingAddressId will be removed on version v2.0.0 of the schema.
deprecated
minLength: 1
maxLength: 8
pattern: ^[-a-zA-Z0-9_]{1,8}$
shippingAddress object: cardRequestShippingAddress
The card's shipping address. This is a copy of the address data as it existed when the user submitted the card request.
submittedAt string(date-time)
The date-time when this card request request was submitted. This is in RFC 3339 UTC format.
read-only
resolvedAt string(date-time)
The date-time when this card request request was completed, rejected, or canceled. This is in RFC 3339 UTC format.
read-only
updatedAt string(date-time)
The date-time when this card request attributes were last changed. This is in RFC 3339 UTC format.
read-only
resolutionReason string
The explanation for why the card was resolved. This may be the reason the card request was rejected.
maxLength: 2048
updatedBy string
The username of the person who last modified or resolved this card request.
read-only

cardRequestReason

"initial"

Card Request Reason (v1.1.0)

The reason the user is requesting a replacement card.

cardRequestReason strings may have one of the following enumerated values:

ValueDescription
initialInitial Card Request
lostLost Card
stolenStolen Card
damagedDamaged Card
neverReceivedNever Received: The card holder is requesting a replacement of card that was shipped but never received.
reorderReorder Closed Card: The card holder is requesting a replacement of a previously closed card.

These enumeration values are further described by the label group named cardRequestReason in the response from the getLabels operation.

Type: string
enum values: initial, lost, stolen, damaged, neverReceived, reorder

cardRequestShippingAddress

{
  "addressLine1": "555 N Front Street",
  "addressLine2": "Suite 5555",
  "city": "Wilmington",
  "regionCode": "NC",
  "postalCode": "28401-5405",
  "countryCode": "US",
  "_id": "ha1",
  "type": "home",
  "state": "approved",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  }
}

card Shipping Address (v1.1.0)

An address for card shipment.

The self link in the _links object is the link to the original User or Organization address resource. Note that a bank customer might change or remove the referenced user or organization address after requesting a card. This address object is a snapshot of the address at the time the user submitted the card request.

Response and request bodies using this cardRequestShippingAddress schema may contain the following links:

RelSummaryMethod
self The User or Organization address resource from which the address was derived.GET

Properties

NameDescription
addressLine1 string (required)
The first street address line of the address, normally a house number and street name.
minLength: 4
maxLength: 128
addressLine2 string
The optional second street address line of the address.
maxLength: 128
city string (required)
The name of the city or municipality.
minLength: 2
maxLength: 128
regionCode string (required)
The mailing address region code, such as state in the US, or a province in Canada. This is normalized to uppercase.
minLength: 2
maxLength: 2
pattern: ^[a-zA-Z]{2}$
postalCode string (required)
The mailing address postal code, such as a US Zip or Zip+4 code, or a Canadian postal code.
minLength: 5
maxLength: 10
pattern: ^[0-9]{5}(?:-[0-9]{4})?$
countryCode string (required)
The ISO 3166-1 alpha-2 country code. This is normalized to uppercase.
minLength: 2
maxLength: 2
pattern: ^[a-zA-Z]{2}$
type string: addressType (required)
The type of this address.
enum values: unknown, home, prior, work, school, mailing, vacation, shipping, billing, headquarters, commercial, site, property, other, notApplicable
label string
A text label, suitable for presentation to the end user. This is derived from type or from otherType if type is other
read-only
minLength: 4
maxLength: 32
otherType string
The actual address type if type is other.
minLength: 4
maxLength: 32
_id string (required)
An identifier for this address, so that it can be referenced uniquely. The service will assign a unique _id if the client does not provide one. The _id must be unique across all addresses within the addresses array.
minLength: 1
maxLength: 8
pattern: ^[-a-zA-Z0-9_]{1,8}$

cardRequestState

"pending"

Card Request State (v1.0.0)

Indicates the state of a card request.

cardRequestState strings may have one of the following enumerated values:

ValueDescription
pendingPending: A card request has been created but not yet submitted.
submittedSubmitted: A card request has been submitted but not processed.
underReviewUnder Review: A card request has been submitted and is under review triggered by the financial institution's business rules.
canceledCanceled: A card request has been canceled.
rejectedRejected: A card request has been rejected.
completedCompleted: A card request has been completed.

These enumeration values are further described by the label group named cardRequestState in the response from the getLabels operation.

Type: string
enum values: pending, submitted, underReview, canceled, rejected, completed

cardRequests

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardRequests/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cardRequests?start=10&limit=10"
    },
    "first": {
      "href": "/cards/cardRequests?start=0&limit=10"
    },
    "next": {
      "href": "/cards/cardRequests?start=20&limit=10"
    },
    "collection": {
      "href": "/cards/cardRequests"
    }
  },
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "cardRequests",
  "_embedded": {
    "items": [
      {
        "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
        "_profile": "https://production.api.apiture.com/schemas/cards/cardRequest/v1.4.1/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cardRequests/0399abed-fd3d-4830-a88b-30f38b8a365c"
          }
        }
      },
      {
        "_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
        "_profile": "https://production.api.apiture.com/schemas/cards/cardRequest/v1.4.1/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cardRequests/d62c0701-0d74-4836-83f9-ebf3709442ea"
          }
        }
      }
    ]
  }
}

Card Requests Collection (v1.4.1)

Collection of requests to issue a new or replacement card. The items in the collection are ordered in the _embedded.items array; the name is replacements. The top-level _links object may contain pagination links (self, next, prev, first, last, collection).

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
Embedded objects.
» items array: [summaryCardRequest]
An array containing a page of replacement items.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
count integer
The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter.
start integer
The start index of this page of items.
limit integer
The maximum number of items per page.
name string
The name of the collection.

cardShippingAddress

{
  "addressLine1": "555 N Front Street",
  "addressLine2": "Suite 5555",
  "city": "Wilmington",
  "regionCode": "NC",
  "postalCode": "28401-5405",
  "countryCode": "US",
  "_id": "ha1",
  "type": "home",
  "state": "approved",
  "eligible": true,
  "preferredMailingAddress": true,
  "taxAddress": false,
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  }
}

Card Shipping Address (v1.1.0)

An address for card shipment. The eligible boolean property indicates if the address may be used for card shipment. The self link in the _links object is the link to a User or Organization address resource.

Response and request bodies using this cardShippingAddress schema may contain the following links:

RelSummaryMethod
self The User or Organization address resource from which the address was derived.GET

Properties

NameDescription
addressLine1 string (required)
The first street address line of the address, normally a house number and street name.
minLength: 4
maxLength: 128
addressLine2 string
The optional second street address line of the address.
maxLength: 128
city string (required)
The name of the city or municipality.
minLength: 2
maxLength: 128
regionCode string (required)
The mailing address region code, such as state in the US, or a province in Canada. This is normalized to uppercase.
minLength: 2
maxLength: 2
pattern: ^[a-zA-Z]{2}$
postalCode string (required)
The mailing address postal code, such as a US Zip or Zip+4 code, or a Canadian postal code.
minLength: 5
maxLength: 10
pattern: ^[0-9]{5}(?:-[0-9]{4})?$
countryCode string (required)
The ISO 3166-1 alpha-2 country code. This is normalized to uppercase.
minLength: 2
maxLength: 2
pattern: ^[a-zA-Z]{2}$
type string: addressType (required)
The type of this address.
enum values: unknown, home, prior, work, school, mailing, vacation, shipping, billing, headquarters, commercial, site, property, other, notApplicable
label string
A text label, suitable for presentation to the end user. This is derived from type or from otherType if type is other
read-only
minLength: 4
maxLength: 32
otherType string
The actual address type if type is other.
minLength: 4
maxLength: 32
_id string (required)
An identifier for this address, so that it can be referenced uniquely. The service will assign a unique _id if the client does not provide one. The _id must be unique across all addresses within the addresses array.
minLength: 1
maxLength: 8
pattern: ^[-a-zA-Z0-9_]{1,8}$
eligible boolean (required)
If true, this address is eligible for use as a shipping address.
preferredMailingAddress boolean (required)
If true, this address is the user's preferred mailing address.
taxAddress boolean (required)
If true, this address is the user's tax address.
_links object (required)
An map of links, mapping each link relation to a link object.
» additionalProperties object: link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.

This schema was resolved from common/link.

cardShippingAddresses

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cardShippingAddresses/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "addresses": [
    {
      "_id": "ha1",
      "type": "home",
      "addressLine1": "555 N Front Street",
      "addressLine2": "Suite 5555",
      "city": "Wilmington",
      "regionCode": "NC",
      "postalCode": "28401-5405",
      "countryCode": "US",
      "state": "approved",
      "eligible": true,
      "preferredMailingAddress": true,
      "taxAddress": false,
      "_links": {
        "self": {
          "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
        }
      }
    },
    {
      "_id": "wa1",
      "type": "work",
      "addressLine1": "123 S 3rd Street",
      "addressLine2": "Apt 42",
      "city": "Wilmington",
      "regionCode": "NC",
      "postalCode": "28411-5405",
      "countryCode": "US",
      "preferredMailingAddress": false,
      "taxAddress": false,
      "state": "pending",
      "eligible": false,
      "_links": {
        "self": {
          "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/wa1"
        }
      }
    },
    {
      "_id": "po0",
      "type": "work",
      "addressLine1": "P.O. Box 5405",
      "city": "Wilmington",
      "regionCode": "NC",
      "postalCode": "28411-5405",
      "countryCode": "US",
      "state": "approved",
      "eligible": false,
      "preferredMailingAddress": false,
      "taxAddress": false,
      "_links": {
        "self": {
          "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/wa1"
        }
      }
    }
  ]
}

Card Shipping Addresses (v1.1.1)

A list of all addresses for card shipment, with a flag indicating if the address is eligible or not. The client can display all eligible addresses to the user for selection, or automatically select the address if only one is eligible. Use the _id of one of the addresses where eligible equals true as the shippingAddressId of the createCardRequest request body of the createCardRequest operation. Note that the financial institution may configure P.O. Box addresses as ineligible.

Response and request bodies using this cardShippingAddresses schema may contain the following links:

RelSummaryMethod
apiture:account The banking account for the card shipment.GET

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
addresses array: [cardShippingAddress] (required)
A list of all possible addresses, with a flag indicating which are eligible.

cardState

"unknown"

Card State (v1.0.0)

The state of a card.

cardState strings may have one of the following enumerated values:

ValueDescription
unknownUnknown
requestedRequested: The used has submitted the request to issue the card but the request has not been completed.
issuedIssued: The card has been issued but the card holder has not activated it.
activeActive: The card has been issued and activated an is available for use.
lockedLocked: The user has requested that the card be locked so that it may not be used. This is useful if they have misplaced the card but do not yet want to report it as lost.
lostReported as lost: The user has reported the card as lost. The card is disabled. A new card (with a new card number) will be issued.
stolenReported as stolen: The user has reported the card as stolen. The card is disabled. A new card (with a new card number) will be issued.
damagedReported as damaged: The user has reported the card as stolen. A new card with the same card number will be issued.
frozenFrozen: The financial institution has frozen the card or the account associated with this card.
closedClosed: The card has been closed at the card holder's request or by the financial institution. The card is disabled and the card holder cannot use it for banking activity.

These enumeration values are further described by the label group named cardState in the response from the getLabels operation.

Type: string
enum values: unknown, requested, issued, active, locked, lost, stolen, damaged, frozen, closed

cards

{
  "_profile": "https://production.api.apiture.com/schemas/cards/cards/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cards?start=10&limit=10"
    },
    "first": {
      "href": "/cards/cards?start=0&limit=10"
    },
    "next": {
      "href": "/cards/cards?start=20&limit=10"
    },
    "collection": {
      "href": "/cards/cards"
    }
  },
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "cards",
  "_embedded": {
    "items": [
      {
        "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
        "_profile": "https://production.api.apiture.com/schemas/cards/card/v2.2.1/profile.json",
        "holderName": "LUCILLE WELLPHUNDED",
        "label": "Premiere Checking *3210",
        "accountName": "Premiere Checking",
        "accountNumbers": {
          "masked": "*************3210",
          "full": "9876543210"
        },
        "cardNumbers": {
          "masked": "************3210"
        },
        "state": "active",
        "fulfillmentState": "shipped",
        "fulfillmentDescription": "Shipped on June 7, 2020",
        "mine": true,
        "issuedAt": "2019-06-07T05:18:30.375Z",
        "updatedAt": "2019-06-07T05:18:30.375Z",
        "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
        "expiresOn": "2021-04-30",
        "_links": {
          "self": {
            "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
          },
          "apiture:account": {
            "href": "/accounts/accounts/d62c0701-0d74-4836-83f9-ebf3709442ea"
          }
        }
      }
    ]
  }
}

Card Collection (v2.1.1)

Collection of cards. The items in the collection are ordered in the _embedded.items array; the name is cards. The top-level _links object may contain pagination links (self, next, prev, first, last, collection).

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
Embedded objects.
» items array: [summaryCard]
An array containing a page of card items.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
count integer
The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter.
start integer
The start index of this page of items.
limit integer
The maximum number of items per page.
name string
The name of the collection.

challenge

{
  "_profile": "https://production.api.apiture.com/schemas/auth/challenge/v1.2.0/profile.json",
  "_links": {
    "self": {
      "href": "/auth/challenges/5d63053d-435c-4455-a0b5-6f88ab729d1a"
    },
    "apiture:redeem": {
      "href": "/auth/redeemedChallenges?challenge=5d63053d-435c-4455-a0b5-6f88ab729d1a"
    }
  },
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "reason": "Transfer amount much higher than normal",
  "contextUri": "https://fi.apiture.com/transfers/scheduledTransfers/50b9df19-d6bf-4ac0-b5f4-3e6448b7dacd",
  "minimumAuthenticatorCount": 1,
  "authenticators": [
    {
      "_id": "7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3",
      "_profile": "https://production.api.apiture.com/schemas/auth/authenticator/v1.2.0/profile.json",
      "userId": "b2720469-3497-4b82-8b85-30f2155aa66d",
      "state": "started",
      "type": {
        "name": "sms",
        "label": "SMS Code",
        "description": "Enter a code sent via SMS to the user's preferred mobile device.",
        "category": "device",
        "schema": {
          "title": "SMS attributes",
          "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
          "type": "object",
          "required": [
            "code",
            "length"
          ],
          "properties": {
            "code": {
              "type": "string",
              "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
              "minLength": 3,
              "maxLength": 10
            },
            "length": {
              "description": "The number of digits/characters that are sent to the user via SMS.",
              "type": "integer",
              "minimum": 3,
              "maximum": 10,
              "example": 6
            }
          }
        }
      },
      "maximumRetries": 3,
      "retryCount": 1,
      "createdAt": "2019-08-23T12:42:50.375Z",
      "expiresAt": "2019-08-23T13:12:50.375Z",
      "_links": {
        "self": {
          "href": "/auth/challenges/0399abed-fd3d-4830-a88b-30f38b8a365c/authenticators/7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
        },
        "apiture:challenge": {
          "href": "/auth/challenges/0399abed-fd3d-4830-a88b-30f38b8a365c"
        },
        "apiture:retry": {
          "href": "/auth/challenges/retriedAuthenticators?authenticator=7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
        },
        "apiture:verify": {
          "href": "/auth/challenges/verifiedAuthenticators"
        }
      }
    }
  ],
  "maximumRedemptionCount": 1,
  "redemptionCount": 0,
  "state": "pending",
  "createdAt": "2019-08-23T11:37:55.375Z",
  "expiresAt": "2019-08-23T12:37:55.375Z"
}

Challenge (v1.2.0)

A resource which represents an identity verification challenge to a user. The user must verify one or more of the authentication methods defined in this challenge in order to proceed with a banking operation (such as scheduling a larger than normal transfer, adding a joint owner or authorized signer to an account, or changing their mailing address or mobile phone number).

Response and request bodies using this challenge schema may contain the following links:

RelSummaryMethod
apiture:redeemRedeem or use a challengePOST

This schema was resolved from auth/challenge.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
reason string
The reason the application or service has issued a challenge requesting the user verify their identity. This is for labeling or informational purposes.
contextUri string(uri)
The URI of a resource that establishes the context in which the user is asked to authenticate their identity. For example, for this may be for a pending transfer, a user's mailing address, or an account if adding a joint owner.
maxLength: 2048
userId string
The user ID of the user who is requested to verify their identity. The default is the userID of the authenticated person creating the challenge.
minimumAuthenticatorCount integer
The minimum number of different authenticators the user must verify in order to satisfy the identity challenge. The default is 1.
minimum: 0
maximum: 4
maximumRedemptionCount integer
The maximum number of times the challenge may be used or redeemed. The default is 1.
minimum: 1
_id string
The unique identifier for this challenge resource. This is an immutable opaque string assigned upon creation.
read-only
redemptionCount integer
How many times the challenge has been redeemed.
read-only
state string: challengeState
The state of this authenticator.
read-only
enum values: pending, started, verified, failed, redeemed, expired
createdAt string(date-time)
The time stamp when challenge was created, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
authenticators array: [authenticator]
An array of authenticators with which the user can verify their identity. This is derived; the array and the authenticators are constructed in the createChallenge operation.
read-only
redeemable boolean
true if and only if the challenge may be redeemed. This is derived from the states of the challenge's authenticators; if the number of verified authenticators meets or exceeds the minimumAuthenticatorCount, the challenge becomes verified and may be redeemed via a POST to href in the challenge's apiture:redeem link.
read-only
verifiedAt string(date-time)
The time stamp when challenge was verified in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
failedAt string(date-time)
The time stamp when the user failed to verify their identity verification (authentication) for this challenge, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
expiresAt string(date-time)
The time stamp when the this challenge expires, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
redemptionHistory array: [string]
The time stamps when a service or operation redeemed this challenge, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). Item 0 is the time stamp the challenge was first redeemed, item 1 is the time stamp of the next redemption, and so on.
read-only
items:
» read-only
code string
An optional authentication code which is only returned in the challenge resource if both a) the platform assigned the code when constructing the challenge), and b) the user has successfully verified the challenge. The client must re-fetch the verified challenge in order to access this property.
read-only
minLength: 16
maxLength: 128

challengeError

{
  "_id": "2eae46e1575c0a7b0115a4b3",
  "message": "Descriptive error message...",
  "statusCode": 422,
  "type": "errorType1",
  "remediation": "Remediation string...",
  "occurredAt": "2018-01-25T05:50:52.375Z",
  "errors": [
    {
      "_id": "ccdbe2c5c938a230667b3827",
      "message": "An optional embedded error"
    },
    {
      "_id": "dbe9088dcfe2460f229338a3",
      "message": "Another optional embedded error"
    }
  ],
  "_links": {
    "describedby": {
      "href": "https://developer.apiture.com/errors/errorType1"
    }
  }
}

Challenge Error (v1.2.0)

The operation error description with an embedded identity challenge.

This schema was resolved from auth/challengeError.

Properties

NameDescription
message string (required)
A localized message string describing the error condition.
_id string
A unique identifier for this error instance. This may be used as a correlation ID with the root cause error (i.e. this ID may be logged at the source of the error). This is is an opaque string.
read-only
statusCode integer
The HTTP status code associate with this error.
minimum: 100
maximum: 599
type string
An error identifier which indicates the category of error and associate it with API support documentation or which the UI tier can use to render an appropriate message or hint. This provides a finer level of granularity than the statusCode. For example, instead of just 400 Bad Request, the type may be much more specific. such as integerValueNotInAllowedRange or numericValueExceedsMaximum or stringValueNotInAllowedSet.
occurredAt string(date-time)
An RFC 3339 UTC time stamp indicating when the error occurred.
attributes object: attributes
Informative values or constraints which describe the error. For example, for a value out of range error, the attributes may specify the minimum and maximum values. This allows clients to present error messages as they see fit (the API does not assume the client/presentation tier). The set of attributes varies by error type.
remediation string
An optional localized string which provides hints for how the user or client can resolve the error.
errors array: [error]
An optional array of nested error objects. This property is not always present.
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
Embedded objects
» challenge object: challenge
The details of the identity verification challenge.

challengeErrorResponse

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Challenge Error Response (v1.2.0)

When an operation requires an additional identity verification challenge, it returns a 401 Unauthorized response status code and an error response with a challenge resource embedded in the _error._embedded.challenge. This informs the caller that they should verify the challenge via one or more of its authenticators, then retry the operation with the Apiture-Challenge header that references the challenge's _id.

This schema was resolved from auth/challengeErrorResponse.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: challengeError
The description of the error.

challengeState

"pending"

Challenge States (v1.0.0)

The state of an identity challenge resource. This is derived based on the state of the challenge's authenticators.

challengeState strings may have one of the following enumerated values:

ValueDescription
pendingPending: The challenge is created but not yet started.
startedStarted: The user has started the challenge and associated authenticator(s).
verifiedVerified: The user correctly verified the corresponding authenticator(s), marking the challenge as verified.
failedFailed: The challenge has failed, often because the user failed one or more of the authenticators.
redeemedRedeemed: The user has redeemed (used) the challenge.
expiredExpired: The challenge has expired without being verified.

These enumeration values are further described by the label group named challengeState in the response from the getLabels operation.

This schema was resolved from auth/challengeState.

Type: string
enum values: pending, started, verified, failed, redeemed, expired

collection

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Collection (v2.1.1)

A collection of resources. This is an abstract model schema which is extended to define specific resource collections.

This schema was resolved from common/collection.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
count integer
The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter.
start integer
The start index of this page of items.
limit integer
The maximum number of items per page.
name string
The name of the collection.

configurationGroup

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/groups/basic"
    }
  },
  "name": "basic",
  "label": "Basic Settings",
  "description": "The basic settings for the Transfers API",
  "schema": {
    "type": "object",
    "properties": {
      "dailyLimit": {
        "type": "number",
        "description": "The daily limit for the number of transfers"
      },
      "cutoffTime": {
        "type": "string",
        "format": "time",
        "description": "The cutoff time for scheduling transfers for the current day"
      }
    }
  },
  "values": {
    "dailyLimit": 5,
    "cutoffTime": 63000
  }
}

Configuration Group (v2.1.1)

Represents a configuration group.

This schema was resolved from configurations/configurationGroup.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
name string
The name of this configuration group, must be unique within the set of all resources of this type.
minLength: 1
maxLength: 48
pattern: [a-zA-Z][-\w_]*
label string
The text label for this resource, suitable for presentation to the client.
minLength: 1
maxLength: 128
description string
The full description for this resource, suitable for presentation to the client.
minLength: 1
maxLength: 4096
schema object: configurationSchema
The schema which defines the name and types of the variables that are part of this configuration definition. Property names must be simple identifiers which follow the pattern letter [letter | digit | - | _]*.

This is implicitly a schema for type: object and contains the properties.

The values in a configuration conform to the schema. The names and types are described with a subset of JSON Schema Core and JSON Schema Validation similar to that used to define schemas in OpenAPI Specification 2.0.

This schema was resolved from configurations/configurationSchema.

values object: configurationValues
The data values associated with this configuration group: the group's variable names and values. These values must conform to this item's schema.

Note: the schema may also contain default values which, if present, are used if a value is not set in the definition's values.

For example, multiple configurations may use the same schema that defines values a, b, and c, but each configuration may have their own unique values for a, b, and c which is separate from the schema.

This schema was resolved from configurations/configurationValues.

configurationGroupSummary

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroupSummary/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/groups/basic"
    }
  },
  "name": "basic",
  "label": "Basic Settings",
  "description": "The basic settings for the Transfers API"
}

Configuration Group Summary (v2.1.1)

A summary of the data contained within a configuration group resource.

This schema was resolved from configurations/configurationGroupSummary.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
name string
The name of this configuration group, must be unique within the set of all resources of this type.
minLength: 1
maxLength: 48
pattern: [a-zA-Z][-\w_]*
label string
The text label for this resource, suitable for presentation to the client.
minLength: 1
maxLength: 128
description string
The full description for this resource, suitable for presentation to the client.
minLength: 1
maxLength: 4096

configurationGroups

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroups/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/configurations/groups?start=10&limit=10"
    },
    "first": {
      "href": "/configurations/configurations/groups?start=0&limit=10"
    },
    "next": {
      "href": "/configurations/configurations/groups?start=20&limit=10"
    },
    "collection": {
      "href": "/configurations/configurations/groups"
    }
  },
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "configurationGroups",
  "_embedded": {
    "items": [
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/basic"
          }
        },
        "name": "basic",
        "label": "Basic Settings",
        "description": "The basic settings for the Transfers API"
      },
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/calendar"
          }
        },
        "name": "calendar",
        "label": "Calendar",
        "description": "A calendar that specifies which dates are valid for performing transfers (e.g., weekdays excluding federal holidays)"
      }
    ]
  }
}

Configuration Group Collection (v2.1.1)

Collection of configuration groups. The items in the collection are ordered in the _embedded object with name items. The top-level _links object may contain pagination links (self, next, prev, first, last, collection).

This schema was resolved from configurations/configurationGroups.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object: configurationGroupsEmbedded
Embedded objects.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
count integer
The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter.
start integer
The start index of this page of items.
limit integer
The maximum number of items per page.
name string
The name of the collection.

configurationGroupsEmbedded

{
  "items": [
    {
      "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroupSummary/v2.1.1/profile.json",
      "_links": {
        "self": {
          "href": "/configurations/groups/basic"
        }
      },
      "name": "basic",
      "label": "Basic Settings",
      "description": "The basic settings for the Transfers API"
    }
  ]
}

Configuration Groups Embedded Objects (v1.1.1)

Objects embedded in the configurationGroupscollection.

This schema was resolved from configurations/configurationGroupsEmbedded.

Properties

NameDescription
items array: [configurationGroupSummary]
An array containing a page of configuration group items.

configurationSchema

{
  "type": "object",
  "properties": {
    "dailyLimit": {
      "type": "number",
      "description": "The daily limit for the number of transfers"
    },
    "cutoffTime": {
      "type": "string",
      "format": "time",
      "description": "The cutoff time for scheduling transfers for the current day"
    }
  }
}

Configuration Schema (v2.1.0)

The schema which defines the name and types of the variables that are part of this configuration definition. Property names must be simple identifiers which follow the pattern letter [letter | digit | - | _]*.

This is implicitly a schema for type: object and contains the properties.

The values in a configuration conform to the schema. The names and types are described with a subset of JSON Schema Core and JSON Schema Validation similar to that used to define schemas in OpenAPI Specification 2.0.

This schema was resolved from configurations/configurationSchema.

Properties

NameDescription
additionalProperties object: configurationSchemaValue
The data associated with this configuration schema.

This schema was resolved from configurations/configurationSchemaValue.

configurationSchemaValue

{}

Configuration Schema Value (v2.0.0)

The data associated with this configuration schema.

This schema was resolved from configurations/configurationSchemaValue.

Properties

configurationValue

{}

Configuration Value (v2.0.0)

The data associated with this configuration.

This schema was resolved from configurations/configurationValue.

Properties

configurationValues

{
  "dailyLimit": 5,
  "cutoffTime": 63000
}

Configuration Values (v2.0.0)

The data values associated with this configuration group: the group's variable names and values. These values must conform to this item's schema.

Note: the schema may also contain default values which, if present, are used if a value is not set in the definition's values.

For example, multiple configurations may use the same schema that defines values a, b, and c, but each configuration may have their own unique values for a, b, and c which is separate from the schema.

This schema was resolved from configurations/configurationValues.

Properties

NameDescription
additionalProperties object: configurationValue
The data associated with this configuration.

This schema was resolved from configurations/configurationValue.

createCardRequest

{
  "_profile": "https://production.api.apiture.com/schemas/cards/createCardRequest/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    },
    "apiture:account": {
      "href": "https://api.devbank.apiture.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:shippingAddress": {
      "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha1"
    }
  },
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "shippingAddressId": "ha0"
}

Create Card Request (v1.4.1)

Representation used to request a new or replacement card.

The _links in the request must contain a apiture:account link to the user's banking account; that account must allow card ordering (as contained in the banking product's card object; see the Products API.)

The object may also include an apiture:shippingAddress link to an eligible shipping address if the card should be shipped to an address other than the user's preferred mailing address. (Use the self link from one of the addresses returned from the getCardShippingAddresses operation.)

Response and request bodies using this createCardRequest schema may contain the following links:

RelSummaryMethod
apiture:account The banking account associated with the cardGET

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
cardId string
The resource ID of the card that is to be replaced.
reason string: cardRequestReason (required)
Reasons which describe why the user is requesting a a card.
enum values: initial, lost, stolen, damaged, neverReceived, reorder
description any
The card holder's description, note, or explanation of why they requested a card. type: string
accountNumbers object: accountNumbers
The masked and (optionally) full number for the account this card is associated with. The full number is only returned when requests contain the ?unmasked query parameter.
read-only
shippingAddressId string
The _id of the user's address where they wish the card to be shipped. If present, this must be an active address. If omitted, the card is mailed to the user's preferred mailing address. Use the _id of one of the addresses in the response from the List eligible shipping addresses operations, where eligible equals true.
Warning: The property shippingAddressId was deprecated on version v1.3.0 of the schema. Use the apiture:shippingAddress link in the _links object instead. shippingAddressId will be removed on version v2.0.0 of the schema.
deprecated
minLength: 1
maxLength: 8
pattern: ^[-a-zA-Z0-9_]{1,8}$

createSecondaryAccount

{
  "_profile": "https://production.api.apiture.com/schemas/cards/createSecondaryAccount/v1.0.1/profile.json",
  "_links": {
    "apiture:account": {
      "href": "https://production.api.apiture.com/accounts/accounts/3631bb1f-f6d1-4023-99c9-89367a12bf1e"
    }
  }
}

Create Secondary Account (v1.0.1)

Request body used to add a secondary (or linked) account to a card. The _links in the request body must include the 'apiture:account' that references an eligible internal account.

Response and request bodies using this createSecondaryAccount schema may contain the following links:

RelSummaryMethod
apiture:account Secondary AccountGET

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only

error

{
  "_id": "2eae46e1575c0a7b0115a4b3",
  "message": "Descriptive error message...",
  "statusCode": 422,
  "type": "errorType1",
  "remediation": "Remediation string...",
  "occurredAt": "2018-01-25T05:50:52.375Z",
  "errors": [
    {
      "_id": "ccdbe2c5c938a230667b3827",
      "message": "An optional embedded error"
    },
    {
      "_id": "dbe9088dcfe2460f229338a3",
      "message": "Another optional embedded error"
    }
  ],
  "_links": {
    "describedby": {
      "href": "https://developer.apiture.com/errors/errorType1"
    }
  }
}

Error (v2.1.0)

Describes an error in an API request or in a service called via the API.

This schema was resolved from common/error.

Properties

NameDescription
message string (required)
A localized message string describing the error condition.
_id string
A unique identifier for this error instance. This may be used as a correlation ID with the root cause error (i.e. this ID may be logged at the source of the error). This is is an opaque string.
read-only
statusCode integer
The HTTP status code associate with this error.
minimum: 100
maximum: 599
type string
An error identifier which indicates the category of error and associate it with API support documentation or which the UI tier can use to render an appropriate message or hint. This provides a finer level of granularity than the statusCode. For example, instead of just 400 Bad Request, the type may be much more specific. such as integerValueNotInAllowedRange or numericValueExceedsMaximum or stringValueNotInAllowedSet.
occurredAt string(date-time)
An RFC 3339 UTC time stamp indicating when the error occurred.
attributes object: attributes
Informative values or constraints which describe the error. For example, for a value out of range error, the attributes may specify the minimum and maximum values. This allows clients to present error messages as they see fit (the API does not assume the client/presentation tier). The set of attributes varies by error type.
remediation string
An optional localized string which provides hints for how the user or client can resolve the error.
errors array: [error]
An optional array of nested error objects. This property is not always present.
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

errorResponse

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Error Response (v2.1.0)

Describes an error response, typically returned on 4xx or 5xx errors from API operations. The _error object contains the error details.

This schema was resolved from common/errorResponse.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only

labelGroup

{
  "unknown": {
    "label": "Unknown",
    "code": "0",
    "hidden": true
  },
  "under1Million": {
    "label": "Under $1M",
    "code": "1",
    "range": "[0,1000000.00)",
    "variants": {
      "fr": {
        "label": "Moins de $1M"
      }
    }
  },
  "from1to10Million": {
    "label": "$1M to $10M",
    "code": "2",
    "range": "[1000000.00,10000000.00)",
    "variants": {
      "fr": {
        "label": "$1M \\u00e0 $10M"
      }
    }
  },
  "from10to100Million": {
    "label": "$10M to $100M",
    "code": "3",
    "range": "[10000000.00,100000000.00)",
    "variants": {
      "fr": {
        "label": "$10M \\u00e0 $100M"
      }
    }
  },
  "over100Million": {
    "label": "Over $100,000,000.00",
    "code": "4",
    "range": "[100000000.00,]",
    "variants": {
      "fr": {
        "label": "Plus de $10M"
      }
    }
  },
  "other": {
    "label": "Other",
    "code": "254"
  }
}

Label Group (v1.0.3)

A map that defines labels for the items in a group. This is a map from each item namea labelItem object. For example, consider a JSON response that includes a property named revenueEstimate; the values for revenueEstimate must be one of the items in the group named estimatedAnnualRevenue, with options ranging under1Million, to over100Million. The item name is used as the selected value in an Apiture representation, such as { ..., "revenueEstimate" : "from10to100Million" , ...}, and the item with the name from10to100Million defines the presentation labels for that item, as well as other metadata about that choice: this is the range [10000000.00,100000000.00).

This allows the client to let the user select a value from a list, such as the following derived from the labels in the example:

Note that the other item is hidden from the selection list, as that item is marked as hidden. For items which define numeric ranges, a client may instead let the customer directly enter their estimated annual revenue as a number, such as 4,500,000.00. The client can then match that number to one of ranges in the items and set the revenueEstimate to the corresponding item's name: { ..., "revenueEstimate" : "from1to10Million", ... }.

This schema was resolved from common/labelGroup.

Properties

NameDescription
additionalProperties object: labelItem
An item in a labelGroup, with a set of variants which contains different localized labels for the item. Each simpleLabel variant defines the presentation text label and optional description for a language. Items may also have a lookup code to map to external systems, a numeric range, and a hidden boolean to indicate the item is normally hidden in the UI.

This schema was resolved from common/labelItem.

labelGroups

{
  "_profile": "https://production.api.apiture.com/schemas/common/labelGroups/v1.1.3/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "groups": {
    "firstGroup": {
      "unknown": {
        "label": "Unknown",
        "code": "0",
        "hidden": true
      },
      "key1": {
        "label": "Label for Key 1",
        "code": "1",
        "variants": {
          "es": {
            "label": "(Spanish label for Key 1)"
          },
          "fr": {
            "label": "(French label for Key 1)"
          }
        }
      },
      "key2": {
        "label": "Label for Key 2",
        "code": "2",
        "variants": {
          "es": {
            "label": "(Spanish label for Key 2)"
          },
          "fr": {
            "label": "(French label for Key 2)"
          }
        }
      },
      "key3": {
        "label": "Label for Key 3",
        "code": "3",
        "variants": {
          "es": {
            "label": "(Spanish label for Key 3)"
          },
          "fr": {
            "label": "(French label for Key 3)"
          }
        }
      },
      "other": {
        "label": "Other",
        "variants": {
          "es": {
            "label": "(Spanish label for Other)"
          },
          "fr": {
            "label": "(French label for Other)"
          }
        },
        "code": "254"
      }
    },
    "secondGroup": {
      "unknown": {
        "label": "Unknown",
        "code": "?",
        "hidden": true
      },
      "optionA": {
        "label": "Option A",
        "code": "A"
      },
      "optionB": {
        "label": "Option B",
        "code": "B"
      },
      "optionC": {
        "label": "Option C",
        "code": "C"
      },
      "other": {
        "label": "Other",
        "code": "_"
      }
    }
  }
}

Label Groups (v1.1.3)

A set of named groups of labels, each of which contains multiple item labels.

The abbreviated example shows two groups, one named structure and one named estimatedAnnualRevenue. The first has items with names such as corporation, llc and soleProprietorship, with text labels for each in the default and in French. The second has items for estimated revenue ranges but no localized labels. For example, the item named from1to10Million has the label "$1M to $10M" and the range [1000000.00,10000000.00).

This schema was resolved from common/labelGroups.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
groups object
Groups of localized labels. This maps group namesa group of labels within that group.
» additionalProperties object: labelGroup
A map that defines labels for the items in a group. This is a map from each item namea labelItem object. For example, consider a JSON response that includes a property named revenueEstimate; the values for revenueEstimate must be one of the items in the group named estimatedAnnualRevenue, with options ranging under1Million, to over100Million. The item name is used as the selected value in an Apiture representation, such as { ..., "revenueEstimate" : "from10to100Million" , ...}, and the item with the name from10to100Million defines the presentation labels for that item, as well as other metadata about that choice: this is the range [10000000.00,100000000.00).

This allows the client to let the user select a value from a list, such as the following derived from the labels in the example:

  • Unknown
  • Under $1M
  • $1M to $10M
  • $10M to $100M
  • $100M or more

Note that the other item is hidden from the selection list, as that item is marked as hidden. For items which define numeric ranges, a client may instead let the customer directly enter their estimated annual revenue as a number, such as 4,500,000.00. The client can then match that number to one of ranges in the items and set the revenueEstimate to the corresponding item's name: { ..., "revenueEstimate" : "from1to10Million", ... }.

This schema was resolved from common/labelGroup.

labelItem

{
  "label": "Over $100,000,000.00",
  "code": "4",
  "range": "[100000000.00,]",
  "variants": {
    "fr": {
      "label": "Plus de $10M"
    }
  }
}

Label Item (v1.0.2)

An item in a labelGroup, with a set of variants which contains different localized labels for the item. Each simpleLabel variant defines the presentation text label and optional description for a language. Items may also have a lookup code to map to external systems, a numeric range, and a hidden boolean to indicate the item is normally hidden in the UI.

This schema was resolved from common/labelItem.

Properties

NameDescription
label string (required)
A label or title which may be used as labels or other UI controls which present a value.
description string
A more detailed localized description of a localizable label.
variants object
The language-specific variants of this label. The keys in this object are RFC 7231 language codes.
» additionalProperties object: simpleLabel
A text label and optional description.

This schema was resolved from common/simpleLabel.

code string
If the localized value is associated with an external standard or definition, this is a lookup code or key or URI for that value.
minLength: 1
hidden boolean
If true, this item is normally hidden from the User Interface.
range string
The range of values, if the item describes a bounded numeric value. This is range notation such as [min,max], (exclusiveMin,max], [min,exclusiveMax), or (exclusiveMin,exclusiveMax). For example, [0,100) is the range greater than or equal to 0 and less than 100. If the min or max value are omitted, that end of the range is unbounded. For example, (,1000.00) means less than 1000.00 and [20000.00,] means 20000.00 or more. The ranges do not overlap or have gaps.
pattern: ^[\[\(](-?(0|[1-9][0-9]*)(\.[0-9]+)?)?,(-?(0|[1-9][0-9]*)(\.[0-9]+)?)?[\]\)]$

{
  "href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
  "title": "Application"
}

Link (v1.0.0)

Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.

This schema was resolved from common/link.

NameDescription
href string(uri) (required)
The URI or URI template for the resource/operation this link refers to.
type string
The media type for the resource.
templated boolean
If true, the link's href is a URI template.
title string
An optional human-readable localized title for the link.
deprecation string(uri)
If present, the containing link is deprecated and the value is a URI which provides human-readable text information about the deprecation.
profile string(uri)
The URI of a profile document, a JSON document which describes the target resource/operation.

{
  "property1": {
    "href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
    "title": "Application"
  },
  "property2": {
    "href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
    "title": "Application"
  }
}

Links (v1.0.0)

An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

NameDescription
additionalProperties object: link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.

This schema was resolved from common/link.

root

{
  "_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "id": "apiName",
  "name": "API name",
  "apiVersion": "1.0.0"
}

API Root (v2.1.1)

A HAL response, with hypermedia _links for the top-level resources and operations in API.

This schema was resolved from common/root.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
_id string
This API's unique ID.
read-only
name string
This API's name.
apiVersion string
This API's version.

secondaryAccount

{
  "_profile": "https://production.api.apiture.com/schemas/cards/secondaryAccount/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/cards/secondaryAccounts/4"
    }
  },
  "_id": "4",
  "name": "My Checking",
  "title": "Susan Wheeling",
  "accountNumbers": {
    "masked": "*************3210"
  },
  "balance": "1234.56",
  "currency": "USD",
  "_embedded": {}
}

Secondary Account (v1.1.1)

Representation of a secondary account resource. Secondary accounts linked to a card.

Response and request bodies using this secondaryAccount schema may contain the following links:

RelSummaryMethod
apiture:account Secondary AccountGET
apiture:cardFetch a representation of this cardGET

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
_id string
The unique name of this secondary account.
name string
The account name.
read-only
title string
The account title
read-only
accountNumbers object: accountNumbers
The masked account number of the secondary (linked) account.
balance string
The string representation of the account's exact decimal balance.
read-only
currency string
The ISO 4217 currency code for the balance.
read-only

secondaryAccounts

{
  "_profile": "https://production.api.apiture.com/schemas/cards/secondaryAccounts/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/cards/secondaryAccounts"
    }
  },
  "name": "secondaryAccounts",
  "accounts": [
    {
      "_id": "4",
      "_profile": "https://production.api.apiture.com/schemas/cards/secondaryAccount/v1.1.1/profile.json",
      "name": "My Checking",
      "title": "Susan Wheeling",
      "accountNumbers": {
        "masked": "*************3210"
      },
      "balance": "1234.56",
      "currency": "USD",
      "_links": {
        "self": {
          "href": "https://api.devbank.apiture.com/cards/secondaryAccounts/4"
        },
        "apiture:account": {
          "href": "https://api.devbank.apiture.com/accounts/accounts/a401db7e-8f3b-4bb5-a6c6-2fa622399299"
        }
      }
    }
  ]
}

Secondary Account Collection (v1.1.1)

Collection of secondary accounts. The items in the collection are ordered in the _embedded.items array; the name is secondaryAccounts. The top-level _links object may contain pagination links (self, next, prev, first, last, collection).

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
accounts array: [secondaryAccount]
Secondary accounts linked to this card..

simpleAddress

{
  "addressLine1": "555 N Front Street",
  "addressLine2": "Suite 5555",
  "city": "Wilmington",
  "regionCode": "NC",
  "postalCode": "28401-5405",
  "countryCode": "US"
}

Simple Address (v1.0.0)

A postal address.

This schema was resolved from contacts/simpleAddress.

Properties

NameDescription
addressLine1 string
The first street address line of the address, normally a house number and street name.
minLength: 4
maxLength: 128
addressLine2 string
The optional second street address line of the address.
maxLength: 128
city string
The name of the city or municipality.
minLength: 2
maxLength: 128
regionCode string
The mailing address region code, such as state in the US, or a province in Canada. This is normalized to uppercase.
minLength: 2
maxLength: 2
pattern: ^[a-zA-Z]{2}$
postalCode string
The mailing address postal code, such as a US Zip or Zip+4 code, or a Canadian postal code.
minLength: 5
maxLength: 10
pattern: ^[0-9]{5}(?:-[0-9]{4})?$
countryCode string
The ISO 3166-1 alpha-2 country code. This is normalized to uppercase.
minLength: 2
maxLength: 2
pattern: ^[a-zA-Z]{2}$

simpleLabel

{
  "label": "Board of Directors",
  "description": "string"
}

Simple Label (v1.0.0)

A text label and optional description.

This schema was resolved from common/simpleLabel.

Properties

NameDescription
label string (required)
A label or title which may be used as labels or other UI controls which present a value.
description string
A more detailed localized description of a localizable label.

summaryCard

{
  "_profile": "https://production.api.apiture.com/schemas/cards/summaryCard/v2.0.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:account": {
      "href": "/accounts/accounts/d62c0701-0d74-4836-83f9-ebf3709442ea"
    }
  },
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "holderName": "LUCILLE WELLPHUNDED",
  "label": "Premiere Checking *3210",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210"
  },
  "state": "active",
  "fulfillmentState": "shipped",
  "fulfillmentDescription": "Shipped on June 7, 2020",
  "issuedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "mine": true,
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": "2012-04-30",
  "_embedded": {}
}

Card Summary (v2.0.1)

Summary representation of a card resource in cards collections. This representation normally does not contain any _embedded objects. If needed, call the GET operation on the item's self link to get _embedded objects.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
accountName string
The name of the account that this card is tied to.
read-only
minLength: 1
maxLength: 128
accountNumbers object: accountNumbers
The masked and (optionally) full number for the account this card is associated with. This is derived from the account used in the initial card request. By default, only the masked number is returned; use ?unmasked=true to reveal the full account number.
read-only
_id string
The unique identifier for this card resource. This is an immutable opaque string.
read-only
label string
The text label for this card.
read-only
minLength: 1
maxLength: 128
holderName string
The card holder's full name, as it appears on the card. This value is often ALL CAPS.
read-only
cardNumbers object: cardNumbers
The masked and full card number this card.
read-only
fulfillmentState string: cardFulfillmentState
Indicates the state of a card replacement request. The user cannot change this property.
read-only
enum values: none, requested, ordered, reordered, issued, shipped, rejected
fulfillmentDescription string
The card provider's explanation of the current fulfillmentState.
read-only
mine boolean
If true, the card is owned by the user making the request. By default a user can view all cards for a given Account, but they may only take action on cards they own.
read-only
state string: cardState
The state of this card. This is derived.
read-only
enum values: unknown, requested, issued, active, locked, lost, stolen, damaged, frozen, closed
issuedAt string(date-time)
The date-time when this card was issued. This is in RFC 3339 UTC format. This field is present only after the card has been issued, and if the card vendor provides the time stamp.
read-only
activatedAt string(date-time)
The date-time when this card was activated. This is in RFC 3339 UTC format. This field is present only after the card has been activated, and if the card vendor provides the time stamp.
read-only
expiresOn string(date)
The card's expiration date. The day should is the last day of the month, such as 2021-10-31 if the card expires at the end of October, 2021. in RFC 3339 YYYY-MM-DD format.
read-only
updatedAt string(date-time)
The date-time when this card's state or other attributes were last changed. This is in RFC 3339 UTC format.
read-only
updatedBy string
The username of the person who last modified this card resource.
read-only

summaryCardRequest

{
  "_profile": "https://production.api.apiture.com/schemas/cards/summaryCardRequest/v1.4.1/profile.json",
  "_links": {
    "self": {
      "href": "/cards/cards/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:account": {
      "href": "https://api.devbank.apiture.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.devbank.apiture.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  },
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": "2019-06-07T05:18:30.375Z",
  "updatedAt": "2019-06-07T05:18:30.375Z",
  "updatedBy": "lucy.wellphunded@bankcustomer.example.com",
  "shippingAddressId": "ha0",
  "shippingAddress": {
    "_id": "ha0",
    "type": "home",
    "addressLine1": "555 N Front Street",
    "addressLine2": "Suite 5555",
    "city": "Wilmington",
    "regionCode": "NC",
    "postalCode": "28401-5405",
    "countryCode": "US",
    "state": "approved",
    "_links": {
      "self": {
        "href": "https://api.devbank.apiture.com/users/users/f2d87aa6-33c8-458c-819b-41bb00f1ec08/addresses/ha0"
      }
    }
  }
}

Card Request Summary (v1.4.1)

Summary representation of a card request resource in replacements collections. This representation normally does not contain any _embedded objects. If needed, call the GET operation on the item's self link to get _embedded objects.

Response and request bodies using this summaryCardRequest schema may contain the following links:

RelSummaryMethod
self GET
apiture:shippingAddress The shipping address resource, from a User or Organization resourceGET

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
cardId string
The resource ID of the card that is to be replaced.
reason string: cardRequestReason (required)
Reasons which describe why the user is requesting a a card.
enum values: initial, lost, stolen, damaged, neverReceived, reorder
description any
The card holder's description, note, or explanation of why they requested a card. type: string
accountNumbers object: accountNumbers
The masked and (optionally) full number for the account this card is associated with. The full number is only returned when requests contain the ?unmasked query parameter.
read-only
_id string
The unique identifier for this card request resource. This is an immutable opaque string.
read-only
state string: cardRequestState
Indicates the state of a card request.
read-only
enum values: pending, submitted, underReview, canceled, rejected, completed
shippingAddressId string
The _id of the user's address where they wish the card to be shipped. If present, this must be an active address. If omitted, the card is mailed to the user's preferred mailing address. Use the _id of one of the addresses in the response from the List eligible shipping addresses operations, where eligible equals true.
Warning: The property shippingAddressId was deprecated on version v1.4.0 of the schema. Use the shippingAddress property instead. shippingAddressId will be removed on version v2.0.0 of the schema.
deprecated
minLength: 1
maxLength: 8
pattern: ^[-a-zA-Z0-9_]{1,8}$
shippingAddress object: cardRequestShippingAddress
The card's shipping address. This is a copy of the address data as it existed when the user submitted the card request.
submittedAt string(date-time)
The date-time when this card request request was submitted. This is in RFC 3339 UTC format.
read-only
resolvedAt string(date-time)
The date-time when this card request request was completed, rejected, or canceled. This is in RFC 3339 UTC format.
read-only
updatedAt string(date-time)
The date-time when this card request attributes were last changed. This is in RFC 3339 UTC format.
read-only
resolutionReason string
The explanation for why the card was resolved. This may be the reason the card request was rejected.
maxLength: 2048
updatedBy string
The username of the person who last modified or resolved this card request.
read-only

summaryChallenge

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Summary Challenge (v1.1.0)

Summary representation of a challenge, used in the challenge collection.

This schema was resolved from auth/summaryChallenge.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
reason string
The reason the application or service has issued a challenge requesting the user verify their identity. This is for labeling or informational purposes.
contextUri string(uri)
The URI of a resource that establishes the context in which the user is asked to authenticate their identity. For example, for this may be for a pending transfer, a user's mailing address, or an account if adding a joint owner.
maxLength: 2048
userId string
The user ID of the user who is requested to verify their identity. The default is the userID of the authenticated person creating the challenge.
minimumAuthenticatorCount integer
The minimum number of different authenticators the user must verify in order to satisfy the identity challenge. The default is 1.
minimum: 0
maximum: 4
maximumRedemptionCount integer
The maximum number of times the challenge may be used or redeemed. The default is 1.
minimum: 1
_id string
The unique identifier for this challenge resource. This is an immutable opaque string assigned upon creation.
read-only
redemptionCount integer
How many times the challenge has been redeemed.
read-only
state string: challengeState
The state of this authenticator.
read-only
enum values: pending, started, verified, failed, redeemed, expired
createdAt string(date-time)
The time stamp when challenge was created, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only