Welcome to Fimento's Bank Data Insights API documentation, a resource that facilitates access to bank data insights and enables the initiation of data collection processes. This API serves as a tool for developers and businesses seeking to integrate financial information seamlessly. Access to the API requires credentials, which are provided exclusively by our sales team. Throughout this documentation, you'll find detailed information on the API's functionalities and authentication procedures. Dive in to discover how the Bank Data Insights API can contribute to your projects by providing essential banking data access and processing capabilities.
There are three main flows surrounding the usage of the API:
This API is using a Bearer authentication. All endpoints except from the login endpoint requires a valid authentication token to be present in the authorization header as a Bearer token.
The login endpoint can be used to retrieve a new authentication token using a username and password. They should be provided by the Fimento team as part of the onboarding process to our services. An authentication token is valid for a limited time. It should be cached on the API client side during its validity period to avoid unnecessary calls to the login endpoint. The login endpoint returns the validity time of the token as a convenience to set a time to live (TTL) for caching the auth token.
To explore the demo/testing environment, use the demo API user on the production server and follow the usual endpoints. Demo credentials will be provided by Fimento upon request. Within the production environment, two sets of credentials are available: one for demo/testing purposes, using only test data from our bank data provider, and another for authentic scenarios, incorporating real bank data.
For testing the demo flow with your demo API user, employ our test SSNs designed for both "bad" and "good" customer scenarios. Use the specified SSN when initiating a new process.
SSN | Quality |
---|---|
199503096316 | Good data |
197710114682 | Bad data |
Use this endpoint to retrieve an authentication token. Tokens should be cached between requests to avoid unnecessary calls to the login endpoint. The valid until timestamp in the response can be used to set a time to live (TTL) for the cached token
name required | string The username of the API user |
password required | string The password of the API user |
{- "name": "string",
- "password": "string"
}
{- "access_token": "string",
- "valid_until": 0
}
We set the overall flow status on the process itself (consentFlowStatus
) and more bank/user specific flow status in the customer bank process (customerBankConsent[].status
).
The order of the statuses should be set in the order they are presented in the tables below. In addition, that the Customer Bank Consent statuses
is set
"between" the consentLinkOpened
and customerApprovedConsent
in the consentFlowStatus
field. I.e. after the consentLinkOpened
status is set in the consentFlowStatus
field, the next status
that should be set is the bankAddedNotCompletedAuthFlow
in the customerBankConsent[].status
field and then the subsequent Customer Bank Consent status.
The customerApprovedConsent
and customerDeniedConsent
can be set anytime after the fetchingTransactionsStarted
is set.
The status has the following structure.
const status = {
code: 'string',
desc: 'string',
timestamp: '2024-01-12T17:04:56.239+00:00',
isError: boolean, // on authError only
errorMessage: 'string', // on authError only
};
Is set in the consentFlowStatus field on the process.
Code | Description | Information |
---|---|---|
created | Created - No banks added | Initial status when the process is created |
consentLinkOpened | Consent link opened | When end user has opened the link. If the user opens the link n times, it will save this status n times |
customerApprovedConsent* | Customer has approved consent | When the end user has approved the consent for the selected bank flow |
customerDeniedConsent* | Customer has denied/revoked consent | When the user has revoked its consent. This will result in a deletion of all data related to the user. |
categorisationStarted | Categorising transaction data - Started | When we start to categorise the tranasction data. |
categorisationDone | Categorising transaction data - Done | When the categorisation is done |
insightsStarted | Generate insights - Started | When we start to generate the insights from the transactions |
completed | Customer has approved consent and insights is generated | When the user has approved consent and there is a insight generated |
authError | Auth error | Will contain different errors if the auth against the bank fails. E.g. denied sharing consent |
* Can be set anytime after the fetchingTransactionsStarted
is set
is set in customerBankConsent.status
array
Code | Description | Information | |
---|---|---|---|
bankAddedNotCompletedAuthFlow | Bank added, not completed auth flow | When the user has selected a bank and not yet completed the auth against this bank | |
bankAddedCompletedAuthFlow | Bank added, completed auth flow | When the user has selected a bank and completed the auth against this bank | |
fetchingTransactionsStarted | Fetching transactions - Started | When we start to fetching the users transaction data from the bank | |
fetchingTransactionsDone | Fetching transactions - Done | When the transactions are fetched and saved to our database |
*** In addition to the statuses we set a string value to the consent
field when the user has revoked or approved the consent to
share the data.
null - initial value, neither revoked or approved,
"revoked" - revoked consent
"approved" - approved consent
Use this endpoint to start a data collection process. The endpoint will respond with the processId and, amoung other fields, a "consent-link". Share the "consent-link" value to the end-user for them to give consent to share their bank data with one or more banks. The link is valid for 24 hours. Use the POST /process/:processId/consent
endpoint to create a new consent flow in the same process if the end-user did not share all his bank data using the first consent flow. Or use the POST /process/:processId/consent-link
endpoint to get a new consent link when the end-user did not use the previous consent link within 24h.
partner-bank-id required | string The partner bank id for this process |
idempotency-key | string A unique id for this request. Used for idempotency. If not set the request will not be idempotent |
socialSecurityNumber required | string The social security number of the end user |
market required | string Enum: "SE" "FI" The market of the process. This will affect the banks and the languages available in the consent flow |
firstName | string The first name of the end user |
lastName | string The last name of the end user |
redirectUrl | string The redirect url after the consent flow is finished |
dataCollectionType | string Enum: "transaction-categorisation" "bank-account-verification" The type of data collection that indicates how to collect and process the customer data. |
Array of objects (BrokerBank) List of banks from broker for consent. Only used when the partnerBank is a broker |
{- "socialSecurityNumber": "string",
- "market": "SE",
- "firstName": "string",
- "lastName": "string",
- "redirectUrl": "string",
- "dataCollectionType": "transaction-categorisation",
- "brokerBanks": [
- {
- "name": "string",
- "id": "string",
- "logoUri": "string"
}
]
}
{- "_id": "605c6c479691950d359bb0e9",
- "consentFlowStatuses": [
- {
- "customerBank": {
- "name": "string",
- "country": "string"
}, - "status": {
- "current": {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}, - "history": [
- {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}
]
}, - "consentGivenAt": "2019-08-24T14:15:22Z",
- "consentFlowStatusId": "6630da8590502faa7517e0fc"
}
], - "consentFlowStatus": {
- "current": {
- "code": "created",
- "desc": "Created - No banks added",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "history": [
- {
- "code": "created",
- "desc": "Created - No banks added",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "consent": "null",
- "_id": "6630da8590502faa7517e0fc"
}, - "market": "SE",
- "partnerBank": "605c6c479691950d359bb0e9",
- "socialSecurityNumber": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "customerBankConsent": [
- {
- "customerBank": {
- "name": "string",
- "country": "string"
}, - "status": {
- "current": {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}, - "history": [
- {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}
]
}, - "consentGivenAt": "2019-08-24T14:15:22Z",
- "consentFlowStatusId": "6630da8590502faa7517e0fc"
}
], - "firstName": "string",
- "lastName": "string",
- "consent": "null",
- "updatedAt": "2019-08-24T14:15:22Z",
- "dataCollectionType": "transaction-categorisation",
- "brokerBanks": [
- "string"
]
}
Use this endpoint to get a new consent link when the end-user did not use the previous consent link within 24h. The endpoint will return a response with the consent link. Share the "consent-link" value to the end-user for them to give consent to share their bank data with one or more banks. The link is valid for 24 hours.
partner-bank-id required | string The partner bank id for this process |
{
}
Use this endpoint to retrieve information about an already created process. This can be useful if you want to check the status of a process for example.
processId required | string Example: 605c6c479691950d359bb0e9 Id of the process |
partner-bank-id required | string The partner bank id for this process |
{- "_id": "605c6c479691950d359bb0e9",
- "consentFlowStatuses": [
- {
- "customerBank": {
- "name": "string",
- "country": "string"
}, - "status": {
- "current": {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}, - "history": [
- {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}
]
}, - "consentGivenAt": "2019-08-24T14:15:22Z",
- "consentFlowStatusId": "6630da8590502faa7517e0fc"
}
], - "consentFlowStatus": {
- "current": {
- "code": "created",
- "desc": "Created - No banks added",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "history": [
- {
- "code": "created",
- "desc": "Created - No banks added",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "consent": "null",
- "_id": "6630da8590502faa7517e0fc"
}, - "market": "SE",
- "partnerBank": "605c6c479691950d359bb0e9",
- "socialSecurityNumber": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "customerBankConsent": [
- {
- "customerBank": {
- "name": "string",
- "country": "string"
}, - "status": {
- "current": {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}, - "history": [
- {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}
]
}, - "consentGivenAt": "2019-08-24T14:15:22Z",
- "consentFlowStatusId": "6630da8590502faa7517e0fc"
}
], - "firstName": "string",
- "lastName": "string",
- "consent": "null",
- "updatedAt": "2019-08-24T14:15:22Z",
- "dataCollectionType": "transaction-categorisation",
- "brokerBanks": [
- "string"
]
}
Use this endpoint to delete a process along with the collected data and generated insights.
partner-bank-id required | string The partner bank id for this process |
{- "message": [
- "name is required"
], - "error": "Bad request",
- "statusCode": 400
}
Use this endpoint when the end user wants to share more bank data from another bank in case they did not share it in the previous consent link. The previous consent flow must be revoked or approved before being able to create a new one. That way, there cannot be more than 1 consent flow valid at a time for the process. The endpoint will return a response with the consent link. Share the "consent-link" value to the end-user for them to give consent to share their bank data with one or more banks. The link is valid for 24 hours.
partner-bank-id required | string The partner bank id for this process |
{
}
Add the webhookUrl to the list of webhooks that will be called when a process is updated
webhookUrl required | string The URL to the webhook |
{- "webhookUrl": "string"
}
Use these endpoints to retrieve the credit insights data generated after the the data collection process.
This endpoint retrieves the iFrame link that embeds the visualisation tool that can be used to view bank data from a specific end-user. The visualisation link is only valid for a limited time. It should be fetched every time a user wants to access the visualisation interface.
processId required | string The id of the process which is included in the visualisation interface |
partner-bank-id required | string The partner bank id for this insight/process |
{- "visualisationUrl": "string"
}
This endpoint retrieves the object with insights data that can be used in KALP calculation and automatic credit rules.
processId required | string The id of the process which produced the insights |
partner-bank-id required | string The partner bank id for this insight/process |
{- "transactionGraph": [
- {
- "date": "string",
- "info": {
- "balance": 0,
- "negativeSum": 0,
- "positiveSum": 0,
- "negativeTransactions": [
- {
- "description": "string",
- "amount": 0,
- "category": "string"
}
], - "positiveTransactions": [
- {
- "description": "string",
- "amount": 0,
- "category": "string"
}
]
}
}
], - "accountsInfo": [
- {
- "accountNumber": "string",
- "name": "string",
- "balance": 0,
- "type": "string",
- "bank": "string"
}
], - "totalBalance": { },
- "fetchedAtInterval": {
- "min": "2019-08-24T14:15:22Z",
- "max": "2019-08-24T14:15:22Z"
}, - "categorisation": { },
- "socialSecurityNumber": "string",
- "firstName": "string",
- "lastName": "string",
- "processId": "string",
- "computationAutomation": { }
}
Use this endpoint to get the categorised transactions that were used to generate the insights. It can be usefull if you want to build your own insights computations
processId required | string The id of the process which produced the insights |
page required | number The page number of the transactions to fetch |
{- "transactions": [
- {
- "_id": "string",
- "amount": 0,
- "date": "2019-08-24T14:15:22Z",
- "description": "string",
- "accountId": "string",
- "category": "income",
- "cBankId": "string"
}
]
}