Welcome to Fimento's Bank Data Insights API documentation, a resource that facilitates access to bank data insights and enables the initiation of data collection processes. This API serves as a tool for developers and businesses seeking to integrate financial information seamlessly. Access to the API requires credentials, which are provided exclusively by our sales team. Throughout this documentation, you'll find detailed information on the API's functionalities and authentication procedures. Dive in to discover how the Bank Data Insights API can contribute to your projects by providing essential banking data access and processing capabilities.
There are three main flows surrounding the usage of the API:
- Collecting the consent and the bank data from the end user
- Collecting the insights from this bank data for automated credit decision
- Visualising the insights from this bank data for manual investigation as part of a credit decision
This API is using a Bearer authentication. All endpoints except from the login endpoint requires a valid authentication token to be present in the authorization header as a Bearer token.
The login endpoint can be used to retrieve a new authentication token using a username and password. They should be provided by the Fimento team as part of the onboarding process to our services. An authentication token is valid for a limited time. It should be cached on the API client side during its validity period to avoid unnecessary calls to the login endpoint. The login endpoint returns the validity time of the token as a convenience to set a time to live (TTL) for caching the auth token.
To explore the demo/testing environment, use the demo API user on the production server and follow the usual endpoints. Demo credentials will be provided by Fimento upon request. Within the production environment, two sets of credentials are available: one for demo/testing purposes, using only test data from our bank data provider, and another for authentic scenarios, incorporating real bank data.
For testing the demo flow with your demo API user, employ our test SSNs designed for both "bad" and "good" customer scenarios. Use the specified SSN when initiating a new process.
| SSN | Quality |
|---|---|
| 199503096316 | Good data |
| 197710114682 | Bad data |
Login
Use this endpoint to retrieve an authentication token. Tokens should be cached between requests to avoid unnecessary calls to the login endpoint. The valid until timestamp in the response can be used to set a time to live (TTL) for the cached token
Request Body schema: application/jsonrequired
| name required | string The username of the API user |
| password required | string The password of the API user |
Responses
Request samples
- Payload
{- "name": "string",
- "password": "string"
}Response samples
- 200
- 400
- 401
{- "access_token": "string",
- "valid_until": 0
}We set the overall flow status on the process itself (consentFlowStatus) and more bank/user specific flow status in the customer bank process (customerBankConsent[].status).
The order of the statuses should be set in the order they are presented in the tables below. In addition, that the Customer Bank Consent statuses is set
"between" the consentLinkOpened and customerApprovedConsent in the consentFlowStatus field. I.e. after the consentLinkOpened status is set in the consentFlowStatus field, the next status
that should be set is the bankAddedNotCompletedAuthFlow in the customerBankConsent[].status field and then the subsequent Customer Bank Consent status.
The customerApprovedConsent and customerDeniedConsent can be set anytime after the fetchingTransactionsStarted is set.
The status has the following structure.
const status = {
code: 'string',
desc: 'string',
timestamp: '2024-01-12T17:04:56.239+00:00',
isError: boolean, // on authError only
errorMessage: 'string', // on authError only
};
Consent flow statuses
Is set in the consentFlowStatus field on the process.
| Code | Description | Information |
|---|---|---|
| created | Created - No banks added | Initial status when the process is created |
| consentLinkOpened | Consent link opened | When end user has opened the link. If the user opens the link n times, it will save this status n times |
| customerApprovedConsent* | Customer has approved consent | When the end user has approved the consent for the selected bank flow |
| customerDeniedConsent* | Customer has denied/revoked consent | When the user has revoked its consent. This will result in a deletion of all data related to the user. |
| categorisationStarted | Categorising transaction data - Started | When we start to categorise the tranasction data. |
| categorisationDone | Categorising transaction data - Done | When the categorisation is done |
| insightsStarted | Generate insights - Started | When we start to generate the insights from the transactions |
| completed | Customer has approved consent and insights is generated | When the user has approved consent and there is a insight generated |
| authError | Auth error | Will contain different errors if the auth against the bank fails. E.g. denied sharing consent |
* Can be set anytime after the fetchingTransactionsStarted is set
Customer Bank Consent status
is set in customerBankConsent.status array
| Code | Description | Information | |
|---|---|---|---|
| bankAddedNotCompletedAuthFlow | Bank added, not completed auth flow | When the user has selected a bank and not yet completed the auth against this bank | |
| bankAddedCompletedAuthFlow | Bank added, completed auth flow | When the user has selected a bank and completed the auth against this bank | |
| fetchingTransactionsStarted | Fetching transactions - Started | When we start to fetching the users transaction data from the bank | |
| fetchingTransactionsDone | Fetching transactions - Done | When the transactions are fetched and saved to our database |
*** In addition to the statuses we set a string value to the consent field when the user has revoked or approved the consent to
share the data.
null - initial value, neither revoked or approved,
"revoked" - revoked consent
"approved" - approved consent
Starts the initiation process
Use this endpoint to start a data collection process. The endpoint will respond with the processId and, amoung other fields, a "consent-link". Share the "consent-link" value to the end-user for them to give consent to share their bank data with one or more banks. The link is valid for 24 hours. Use the POST /process/:processId/consent endpoint to create a new consent flow in the same process if the end-user did not share all his bank data using the first consent flow. Or use the POST /process/:processId/consent-link endpoint to get a new consent link when the end-user did not use the previous consent link within 24h.
Authorizations:
header Parameters
| partner-bank-id required | string The partner bank id for this process |
| idempotency-key | string A unique id for this request. Used for idempotency. If not set the request will not be idempotent |
Request Body schema: application/jsonrequired
| socialSecurityNumber required | string The social security number of the end user |
| market required | string Enum: "SE" "FI" The market of the process. This will affect the banks and the languages available in the consent flow |
| firstName | string The first name of the end user |
| lastName | string The last name of the end user |
| redirectUrl | string The redirect url after the consent flow is finished |
| dataCollectionType | string Enum: "transaction-categorisation" "bank-account-verification" The type of data collection that indicates how to collect and process the customer data. |
Array of objects (BrokerBank) List of banks from broker for consent. Only used when the partnerBank is a broker |
Responses
Request samples
- Payload
{- "socialSecurityNumber": "string",
- "market": "SE",
- "firstName": "string",
- "lastName": "string",
- "redirectUrl": "string",
- "dataCollectionType": "transaction-categorisation",
- "brokerBanks": [
- {
- "name": "string",
- "id": "string",
- "logoUri": "string"
}
]
}Response samples
- 201
- 400
{- "_id": "605c6c479691950d359bb0e9",
- "consentFlowStatuses": [
- {
- "customerBank": {
- "name": "string",
- "country": "string"
}, - "status": {
- "current": {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}, - "history": [
- {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}
]
}, - "consentGivenAt": "2019-08-24T14:15:22Z",
- "consentFlowStatusId": "6630da8590502faa7517e0fc"
}
], - "consentFlowStatus": {
- "current": {
- "code": "created",
- "desc": "Created - No banks added",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "history": [
- {
- "code": "created",
- "desc": "Created - No banks added",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "consent": "null",
- "_id": "6630da8590502faa7517e0fc"
}, - "market": "SE",
- "partnerBank": "605c6c479691950d359bb0e9",
- "socialSecurityNumber": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "customerBankConsent": [
- {
- "customerBank": {
- "name": "string",
- "country": "string"
}, - "status": {
- "current": {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}, - "history": [
- {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}
]
}, - "consentGivenAt": "2019-08-24T14:15:22Z",
- "consentFlowStatusId": "6630da8590502faa7517e0fc"
}
], - "firstName": "string",
- "lastName": "string",
- "consent": "null",
- "updatedAt": "2019-08-24T14:15:22Z",
- "dataCollectionType": "transaction-categorisation",
- "brokerBanks": [
- "string"
]
}Generate consent link for process
Use this endpoint to get a new consent link when the end-user did not use the previous consent link within 24h. The endpoint will return a response with the consent link. Share the "consent-link" value to the end-user for them to give consent to share their bank data with one or more banks. The link is valid for 24 hours.
Authorizations:
header Parameters
| partner-bank-id required | string The partner bank id for this process |
Responses
Response samples
- 200
- 400
{
}Get single process
Use this endpoint to retrieve information about an already created process. This can be useful if you want to check the status of a process for example.
Authorizations:
path Parameters
| processId required | string Example: 605c6c479691950d359bb0e9 Id of the process |
header Parameters
| partner-bank-id required | string The partner bank id for this process |
Responses
Response samples
- 200
- 400
{- "_id": "605c6c479691950d359bb0e9",
- "consentFlowStatuses": [
- {
- "customerBank": {
- "name": "string",
- "country": "string"
}, - "status": {
- "current": {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}, - "history": [
- {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}
]
}, - "consentGivenAt": "2019-08-24T14:15:22Z",
- "consentFlowStatusId": "6630da8590502faa7517e0fc"
}
], - "consentFlowStatus": {
- "current": {
- "code": "created",
- "desc": "Created - No banks added",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "history": [
- {
- "code": "created",
- "desc": "Created - No banks added",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "consent": "null",
- "_id": "6630da8590502faa7517e0fc"
}, - "market": "SE",
- "partnerBank": "605c6c479691950d359bb0e9",
- "socialSecurityNumber": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "customerBankConsent": [
- {
- "customerBank": {
- "name": "string",
- "country": "string"
}, - "status": {
- "current": {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}, - "history": [
- {
- "code": "bankAddedNotCompletedAuthFlow",
- "desc": "Bank added, not completed auth flow",
- "timestamp": "2019-08-24T14:15:22Z",
- "isError": true,
- "errorMessage": "string"
}
]
}, - "consentGivenAt": "2019-08-24T14:15:22Z",
- "consentFlowStatusId": "6630da8590502faa7517e0fc"
}
], - "firstName": "string",
- "lastName": "string",
- "consent": "null",
- "updatedAt": "2019-08-24T14:15:22Z",
- "dataCollectionType": "transaction-categorisation",
- "brokerBanks": [
- "string"
]
}Delete a process
Use this endpoint to delete a process along with the collected data and generated insights.
Authorizations:
header Parameters
| partner-bank-id required | string The partner bank id for this process |
Responses
Response samples
- 400
{- "message": [
- "name is required"
], - "error": "Bad request",
- "statusCode": 400
}Creates a new consent flow for the process
Use this endpoint when the end user wants to share more bank data from another bank in case they did not share it in the previous consent link. The previous consent flow must be revoked or approved before being able to create a new one. That way, there cannot be more than 1 consent flow valid at a time for the process. The endpoint will return a response with the consent link. Share the "consent-link" value to the end-user for them to give consent to share their bank data with one or more banks. The link is valid for 24 hours.
Authorizations:
header Parameters
| partner-bank-id required | string The partner bank id for this process |
Responses
Response samples
- 200
- 400
{
}Subscribes to process updates
Add the webhookUrl to the list of webhooks that will be called when a process is updated
Authorizations:
Request Body schema: application/jsonrequired
| webhookUrl required | string The URL to the webhook |
Responses
Request samples
- Payload
{- "webhookUrl": "string"
}Use these endpoints to retrieve the credit insights data generated after the the data collection process.
Get link for visualisation
This endpoint retrieves the iFrame link that embeds the visualisation tool that can be used to view bank data from a specific end-user. The visualisation link is only valid for a limited time. It should be fetched every time a user wants to access the visualisation interface.
Authorizations:
path Parameters
| processId required | string The id of the process which is included in the visualisation interface |
header Parameters
| partner-bank-id required | string The partner bank id for this insight/process |
Responses
Response samples
- 200
- 400
{- "visualisationUrl": "string"
}Get insights
This endpoint retrieves the object with insights data that can be used in KALP calculation and automatic credit rules.
Authorizations:
path Parameters
| processId required | string The id of the process which produced the insights |
header Parameters
| partner-bank-id required | string The partner bank id for this insight/process |
Responses
Response samples
- 200
- 400
{- "transactionGraph": [
- {
- "date": "string",
- "info": {
- "balance": 0,
- "negativeSum": 0,
- "positiveSum": 0,
- "negativeTransactions": [
- {
- "description": "string",
- "amount": 0,
- "category": "string"
}
], - "positiveTransactions": [
- {
- "description": "string",
- "amount": 0,
- "category": "string"
}
]
}
}
], - "accountsInfo": [
- {
- "accountNumber": "string",
- "name": "string",
- "balance": 0,
- "type": "string",
- "bank": "string"
}
], - "totalBalance": { },
- "fetchedAtInterval": {
- "min": "2019-08-24T14:15:22Z",
- "max": "2019-08-24T14:15:22Z"
}, - "categorisation": { },
- "socialSecurityNumber": "string",
- "firstName": "string",
- "lastName": "string",
- "processId": "string",
- "computationAutomation": { }
}Get categorised transactions
Use this endpoint to get the categorised transactions that were used to generate the insights. It can be usefull if you want to build your own insights computations
Authorizations:
path Parameters
| processId required | string The id of the process which produced the insights |
query Parameters
| page required | number The page number of the transactions to fetch |
Responses
Response samples
- 200
- 400
{- "transactions": [
- {
- "_id": "string",
- "amount": 0,
- "date": "2019-08-24T14:15:22Z",
- "description": "string",
- "accountId": "string",
- "category": "income",
- "cBankId": "string"
}
]
}