-
Notifications
You must be signed in to change notification settings - Fork 0
/
original_budgea_openapi.json
26339 lines (26339 loc) · 758 KB
/
original_budgea_openapi.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
{
"info": {
"version": "2.0",
"description": "# Budgea Development Guides\n\nWelcome to **Budgea**'s documentation.\n\nThis documentation is intended to get you up-and-running with our APIs and advise on the implementation of some regulatory aspects of your application, following the DSP2's guidelines.\n\n## Getting Started\n**IMPORTANT**\nDepending on your status with regard of the DSP2 regulation, **agent** or **partner**, you may call our APIs or simply use our Webview and callbacks to get the financial data of your users.\nAs an **agent**, you are allowed to call directly our APIs and implement your own form to get the user's credentials.\nAs a **partner**, you cannot manipulate the credentials, and have to delegate this step to us through our webview.\n\nThe sections below will document how to use our APIs, make sure you have the **agent** status to do so.\nFor the **partner**, please refer to the section *Webview* and *Callbacks* of this documentation.\n\n### Overview\nYour API is a REST API which requires a communication through https to send and receive JSON documents.\nDuring your tests, we recommend to make calls to the API with curl or any other HTTP client of your choice.\nYou can watch a video demonstration on this [URL](https://asciinema.org/a/FsaFyt3WAPyDm7sfaZPkwal3V).\nFor the examples we'll use the demo API with address `https://demo.biapi.pro`, you should change that name to your API's name.\n\n### Hello World\nLet's start by calling the service `/banks` which lists all available banks.\n```\ncurl https://demo.biapi.pro/2.0/banks/\n```\nTo log in to a bank webpage, you'll need to know for a given bank, the fields your user should fill in the form.\nLet's call a specific bank and ask for an additional resource *fields*.\n```\ncurl https://demo.biapi.pro/2.0/banks/59?expand=fields\n```\nThe response here concerns only 1 bank (since we specified an id) and the resource _Fields_ is added to the response thanks to the query parameter `expand`.\n\nTo get more interesting things done, you'll need to send authenticated requests.\n\n### Authentication\nThe way to authenticate is by passing the `Authorization: Bearer <token>` header in your request.\nAt the setup a _manage token_ have been generated, you can use this token for now, when creating your user we'll see how to generate a user's token.\n```\ncurl https://demo.biapi.pro/2.0/config \\\n -H 'Authorization: Bearer <token>'\n```\nThis endpoint will list all the parameters you can change to adapt Budgea to your needs.\n\nWe've covered the very first calls. Before diving deeper, let's see some general information about the APIs.\n\n## Abstract\n\n### API URL\n`https://demo.biapi.pro/2.0`\n\n### Requests format\nData format: **application/x-www-form-urlencoded** or **application/json** (suggested)\n\nAdditional headers: Authorization: User's token (private)\n\n### Responses format\nData format: **application/json** ([http://www.json.org](http://www.json.org/))\nCharset: **UTF-8**\n\n### Resources\nEach call on an endpoint will return resources. The main resources are:\n| Resource | Description |\n| ---------------------|:------------------------------------------------------------------------------------------------------------------ |\n|Users |Represent a user |\n|Connection |A set of data used to authenticate on a website (usually a login and password). There is 1 connection for each website|\n|Account |A bank account contained in a connection |\n|Transaction |An entry in a bank account |\n|Investment |An asset in a bank account |\n\nThe chain of resources is as follow: **Users ∈ Connections ∈ Accounts ∈ Transactions or Investments**\n\n### RESTful API\n\nThis API is RESTful, which means it is stateless and each resource is accessed with an unique URI.\n\nSeveral HTTP methods are available:\n\n| Method | Description |\n| ------------------------|:-------------------------------|\n| GET /resources | List resources |\n| GET /resources/{ID} | Get a resource from its ID |\n| POST /resources | Create a new resource |\n| POST /resources/{ID} | Update a resource |\n| PUT /resources /{ID} | Update a resource |\n| DELETE /resources | Remove every resources |\n| DELETE /resources/{ID} | Delete a resource |\n\n\nEach resource can contain sub-resources, for example:\n`/users/me/connections/2/accounts/23/transactions/48`\n\n### HTTP response codes\n\n| Code | Message | Description |\n| ----------- |:---------------------:|-----------------------------------------------------------------------------------------------|\n| 200 | OK |Default response when a GET or POST request has succeed |\n| 202 | Accepted |For a new connection this code means it is necessary to provide complementary information (2FA)|\n| 204 | No content |Default response when a POST request succeed without content |\n| 400 | Bad request |Supplied parameters are incorrect |\n| 403 | Forbidden |Invalid token |\n| 500 | Internal Servor Error |Server error |\n| 503 | Service Unavailable |Service is temporarily unavailable |\n\n### Errors management\nIn case an error occurs (code 4xx or 5xx), the response can contain a JSON object describing this error:\n```json\n{\n \"code\": \"authFailure\",\n \"message\": \"Wrong password\" // Optional\n}\n```\nIf an error is displayed on the website, Its content is returned in error_message field.\nThe list of all possible errors is listed further down this page.\n\n### Authentication\nA user is authenticated by an access_token which is sent by the API during a call on one of the authentication services, and can be supplied with this header:\n`Authorization: Bearer YYYYYYYYYYYYYYYYYYYYYYYYYYY`\n\n There are two user levels:\n\n - Normal user, which can only access to his own accounts\n - Administrator, with extended rights\n\n### Default filters\nDuring a call to an URI which lists resources, some filters can be passed as query parameters:\n\n| Parameter | Type | Description |\n| ----------- |:---------:|-----------------------------------------------------------|\n| offset | Integer |Offset of the first returned resource |\n| limit | Integer |Limit number of results |\n| min_date | Date |Minimal date (if supported by service), format: YYYY-MM-DD |\n| max_date | Date |Maximal date (if supported by service), format: YYYY-MM-DD |\n\n### Extend requests\nDuring a GET on a set of resources or on a unique resource, it is possible to add a parameter expand to the request to extend relations with other resources:\n\n`GET /2.0/users/me/accounts/123?expand=transactions[category],connection`\n\n```json\n{\n \"id\" : 123\n \"name\" : \"Compte chèque\"\n \"balance\" : 1561.15\n \"transactions\" : [\n {\n \"id\" : 9849,\n \"simplified_wording\" : \"HALL'S BEER\",\n \"value\" : -513.20,\n ...\n \"category\" : {\n \"id\" : 561,\n \"name\" : \"Sorties / Bar\",\n ...\n }\n },\n ...\n ],\n \"id_user\" : 1,\n \"connection\" : {\n \"id\" : 1518,\n \"id_bank\" : 41,\n \"id_user\" : 1,\n \"error\" : null,\n ...\n }\n}\n```\n\n### Request example\n```http\nGET /2.0/banks?offset=0&limit=10&expand=fields\nHost: demo.biapi.pro\nAccept: application/json\nAuthorization: Bearer <token>\n```\n```http\nHTTP/1.1 200 OK\nContent-Type: application/json\nContent-Length: 3026\nServer: Apache\nDate: Fri, 14 Mar 2014 08:24:02 GMT\n\n{\n \"banks\" : [\n {\n \"id_weboob\" : \"bnporc\",\n \"name\" : \"BNP Paribas\",\n \"id\" : 3,\n \"hidden\" : false,\n \"fields\" : [\n {\n \"id\" : 1,\n \"id_bank\" : 3,\n \"regex\" : \"^[0-9]{5,10}$\",\n \"name\" : \"login\",\n \"type\" : \"text\",\n \"label\" : \"Numéro client\"\n },\n {\n \"id\" : 2,\n \"id_bank\" : 3,\n \"regex\" : \"^[0-9]{6}$\",\n \"name\" : \"password\",\n \"type\" : \"password\",\n \"label\" : \"Code secret\"\n }\n ]\n },\n ...\n ]\n \"total\" : 41\n}\n```\n\n### Constants\n#### List of bank account types\n| Type |Description |\n| ----------- |-----------------------------------|\n| checking |Checking account |\n| savings |Savings account |\n| deposit |Deposit accounts |\n| loan |Loan |\n| market | Market accounts |\n| joint |Joint account |\n| card |Card |\n| lifeinsurance |Life insurance accounts |\n| pee |Plan Épargne Entreprise |\n| perco |Plan Épargne Retraite |\n| article83 |Article 83 |\n| rsp |Réserve spéciale de participation |\n| pea |Plan d'épargne en actions |\n| capitalisation|Contrat de capitalisation |\n| perp |Plan d'épargne retraite populaire |\n| madelin |Contrat retraite Madelin |\n| unknown |Inconnu |\n\n#### List of transaction types\n\n| Type |Description |\n| ----------- |-----------------------------------|\n|transfer |Transfers |\n|order |Orders |\n|check |Checks |\n|deposit |Cash deposit |\n|payback |Payback |\n|withdrawal |Withdrawal |\n|loan_payment |Loan payment |\n|bank |Bank fees |\n|card |Card operation |\n|deferred_card |Deferred card operation |\n|card_summary |Mensual debit of a deferred card |\n\n#### List of synchronization errors\n##### Error on Connection object\nThe error field may take one of the below values in case of error when accessing the user space.\n\n| Error |Description |\n| ----------------------- |--------------------------------------------------------------------------------------------------|\n|wrongpass |The authentication on website has failed |\n|additionalInformationNeeded |Additional information is needed such as an OTP |\n|websiteUnavailable |The website is unavailable, for instance we get a HTTP 503 response when requesting the website |\n|actionNeeded |An action is needed on the website by the user, scraping is blocked |\n|SCARequired |An SCA process must be done by updating the connection |\n|decoupled |Requires a user validation (ex: digital key)|\n|passwordExpired |The password has expired and needs to be changed on the website. |\n|webauthRequired |A complete authentication process is required by update the connection via redirect |\n|bug |A bug has occurred during the synchronization. An alert has been sent to Budget Insight |\n\n#### Error on Account object\nErrors can be filled at the account level in case we access the user's dashboard but some account related data cannot be retrieved.\nFor instance, we may not access the transactions or investments for a specific account.\nGetting an error during an account synchronization does not impact the scraping of other acccounts.\n\n| Error |Description |\n| ----------------------- |--------------------------------------------------------------------------------------------------|\n|websiteUnavailable |The website or a page is unavailable |\n|actionNeeded |An action is needed on the website by the user, scraping is blocked |\n|bug |A bug has occurred during the synchronization. An alert has been sent to Budget Insight |\n\nNow you know the basics of Budgea API\n- Basic call to retrieve resources\n- Add query parameters to aplly filters\n- Expand resources\n- Authenticated calls\n\nWe're good for the basics! Now let's see how to integrate Budgea in your app and create your first user.\n\n## Integrate Budgea *(protocol or Webview)*\n### The workflow\nUsers of your application exist in the Budgea API.\nEvery User is identified by an access_token which is the shared secret between your application and our API.\n\nThe workflow is as below:\n1. The user is on your application and wants to share his bank accounts or invoices.\n2. A call is made **client side** (browser's javascript or desktop application) to create a temporarily token which will be used to make API calls.\n3. A form is built, allowing the user to select the connector to use (bank or provider, depending on context). Every connector requires different kind of credentials.\n4. A call on the API is made with the temporarily token to add a **Connection** with the credentials supplied by user.\n5. In case of success, the user chooses what bank accounts (**Account**) or subscriptions (**Subscription**) he wants to share with your application.\n6. When he validates the share, the temporarily token is transmitted to your server. This one will call the Budgea API with this token to get a permanent token.\n\n**Note**\nIn case your application works without a server (for example a desktop application), the permanent token can be obtained on the 1st step, by supplying a client_secret to /auth/init and the step 6 is omitted. To get more information, read the protocol.\n\nThere are 3 steps to integrate Budgea in your application:\n1. Provide a way for your users to share their credentials with you\n2. Get the data scraped from Budgea\n3. Be sure to follow the good practices before going into production\n\n### Get credentials from users\nYou have 2 options here:\n- Integrate the Budget Insight's Webview, a turnkey solution to get user's credentials\n- Create your own form following the protocol (must have the *agent* status)\n\n### Budgea webview\n\nThe Budgea webview complements REST API endpoints with web-based services to handle sensitive or complex operations:\n- add a connection (to a bank or a provider), or edit/repare access to a connection;\n- manage connections (add/remove/edit);\n- edit and validate bank transfers (alpha preview).\n\nUsage of the webview is mandatory if you don't hold an Agent status, since you are not allowed to use API endpoints carrying user credentials, and optional otherwise.\n\n#### Implementation guidelines\n\n##### Base URL\n\nThe base URL of all services must be customized: \n`https://{{domain}}.biapi.pro/2.0/auth/webview/` \n`https://{{domain}}.biapi.pro/2.0/auth/webview/{{lang}}/` \n- `{{domain}}`: substitute with you API domain;\n- `{{lang}}`: optionally specify the language of the webview, `en` or `fr` (if not specified, an automatic redirection will be performed following the language of the browser).\n\n##### Browser integration\n\nServices available as part of the webview are designed as parameterized URLs intended to be opened in a web browser. A callback URI must be specified by callers to be notified at the end of the operation flow, similar to OAuth 2 specification.\n\nYou are encouraged to integrate web-based steps in your product following UX best practices:\n- in a web environment, perform a full-page redirect to the URL (using either [HTTP redirect](https://developer.mozilla.org/fr/docs/Web/HTTP/Status/302) or [scripting](https://developer.mozilla.org/fr/docs/Web/API/Location)), and avoid new tabs or popups;\n- in a native Android app, prefer opening the default browser or relying on [Chrome Custom Tabs](https://developer.chrome.com/multidevice/android/customtabs) to integrating a WebView;\n- in a native iOS app, prefer using a [SFSafariViewController](https://developer.apple.com/documentation/safariservices/sfsafariviewcontroller) to integrating a WKWebView.\n\n##### Callback handling\n\nMost flows redirect to a callback URI at the end of the process. Query parameters are added to the URI to identify successful or failed operations.\n\nSuccessful parameters are specific to each flow. In case of an error, the following parameters are added:\n\n| Parameter | Description |\n| - | - |\n| `error` | An lowercase string error code identifying the kind of error that occurred. When the parameter is not present, the response is successful. |\n| `error_description` | A longer string description of the error (not intended for user display). |\n\nCommon error codes include:\n\n| Code | Description |\n| - | - |\n| `access_denied` | The user explicitly cancelled the flow. |\n| `server_error` | Oops, a technical failure occurred during the process. |\n\n**Forward compatibility requirement**: Additional error codes may be added in the future to describe specific cases. When implementing error codes handling, always fallback to a generic case for unknown codes.\n\n##### Browser compatibility\n\nThe webview is designed and tested to work with browsers supported by the Angular framework: \nhttps://angular.io/guide/browser-support\n\n##### Privacy / GDPR status\n\nThe webview itself does not use any kind of long-term data persistence mechanism such as cookies or local storage, but some authentication or authorization steps may delegate to third-party web services that may implement them.\n\n#### Configuration\n\nYou can configure the appearance and behaviour of the webview by configuring the associated *Client Application* in the console:\n\n| Key | Format | Description |\n| - | - | - |\n| `primary_color` | String | Optional. An accent color (hexadecimal string without '#' prefix) to personalize the UI elements of the webview. If absent, the default color is grey. |\n| `redirect_uri` | String | Optional. A recommended security whitelist configuration. The `redirect_uri` parameter sent to any endpoint of the webview is checked against the configuration, if any. |\n| `config.disable_connector_hints` | Boolean | Optional. This flags hides the list of most-used entries in the connector selection step. The default is `false`, i.e. the list is shown. |\n| `config.use_app_layout` | Boolean | Optional. Use this flag to enable presenting your log as an app icon. The default value is ` false`, i.e. the logo is shown in the top bar of the UI. |\n| `config.disable_accounts_pre_check` | Boolean | Optional. An optional boolean flag to prevent bank accounts to be automatically pre-checked when the user enters the activation step. The default value is ` false`, i.e. the bank accounts are pre-checked. |\n\n#### Endpoints reference\n\n##### Add connection flow\n```\nhttps://{{domain}}.biapi.pro/2.0/auth/webview/{{lang}}/connect\n```\n\nThis flow allows an end-user to add a new connection to the API. The flow handles the following steps:\n- selecting a connector;\n- authenticating & authorizing with the connector, by collecting credentials or delegating;\n- managing consent to aggregate accounts/subscriptions;\n- collecting required information for professional accounts.\n\n###### Endpoint parameters\n\n| Parameter | Description |\n| - | - |\n| `client_id` | Required. The ID of the requesting client application. You can manage client applications of your domain in the admin console. |\n| `redirect_uri` | Required. An absolute callback URI. The webview will redirect to it at the end of the flow. |\n| `code` | Optional. A user-scoped temporary code to use with the Budgea API.<br>If you don't provide a code, a new anonymous user will be created before the connection is added, and you will be returned an access token code scoped to it with the success callback. |\n| `state` | Optional. An opaque string parameter that you can use to carry state across the flow. The parameter will be set \"as is\" on the callback URI. Make sure that the `state` you provide is properly URL-encoded. |\n| `connector_ids` | Optional. A comma-separated list of connector IDs available to pick from.<br>If the parameter is omitted, all active connectors are available.<br>If you pass a single value, the user is not prompted to choose the connector.<br>This parameter is mutually exclusive with `connector_uuids`. |\n| `connector_uuids` | Optional. A comma-separated list of connector UUIDs available to pick from.<br>If the parameter is omitted, all active connectors are available.<br>If you pass a single value, the user is not prompted to choose the connector.<br>This parameter is mutually exclusive with `connector_ids`. |\n| `connector_capabilities` | Optional. A comma-separated list of capabilities to filter available connectors.<br>If the parameter is omitted, `bank` is inferred.<br>If multiple values are provided, only connectors that expose all the requested capabilities are available.<br>To request a bank connection, use `bank`.<br>To request a provider connection, use `document`. |\n| `account_ibans` | Optional. A comma-separated list of IBANs to filter accounts available for activation in a bank connection context. Other accounts will not be selectable. |\n| `account_types` | Optional. A comma-separated list of account types to filter accounts available for activation in a bank connection context. Other accounts will not be selectable. |\n| `account_usages` | Optional. A comma-separated list of account usages to filter accounts available for activation in a bank connection context. Other accounts will not be selectable. |\n\n###### Successful callback parameters\n\n| Parameter | Description |\n| - | - |\n| `connection_id` | The id of the newly created connection. Please note that when redirecting to the callback URI, the accounts and/or subscriptions are available in the API, but bank transactions or documents may still be syncing in background. |\n| `code` | Optional. If a `code` was *not* initially specified, an API code that you must exchange to obtain a permanent access token associated with the newly-created anonymous user holding the connection. The parameter is URL-encoded, make sure to handle it accordingly. |\n| `state` | Optional. Identical to the `state` parameter that was initially specified. |\n\n###### Additional error codes\n\n| Code | Description |\n| - | - |\n| `tos_declined` | The end-user refused to validate the terms of service. |\n\n##### Re-auth / edit connection credentials flow\n\n```\nhttps://{{domain}}.biapi.pro/2.0/auth/webview/{{lang}}/reconnect\n```\n\nThis flow allows an end-user to re-authenticate against a bank or a provider in order to recover an existing connection, or to completely reset credentials associated with a connection.\n\n###### Endpoint parameters\n\n| Parameter | Description |\n| - | - |\n| `client_id` | Required. The ID of the requesting client application. You can manage client applications of your domain in the admin console. |\n| `redirect_uri` | Required. An absolute callback URI. The webview will redirect to it at the end of the flow. |\n| `code` | Required. A user-scoped temporary code to use with the Budgea API. |\n| `connection_id` | Required. The id of the existing connection. |\n| `state` | Optional. An opaque string parameter that you can use to carry state across the flow. The parameter will be set \"as is\" on the callback URI. Make sure that the `state` you provide is properly URL-encoded. |\n| `reset_credentials` | Optional. In the default mode (`false`), the service will try to recover the connection and prompt the user only with outdated or transient information (new password, OTP...).<br>Set the parameter to `true` to force resetting all the credentials associated with the connection. This parameter may not apply to all connectors. |\n\n###### Successful callback parameters\n\nThis flow adds no parameter to the callback URI in case of success, except from `state`.\n\n##### Manage connections\n\n```\nhttps://{{domain}}.biapi.pro/2.0/auth/webview/{{lang}}/manage\n```\nThis flow allows an end-user to manage the connections associated with his account in the API. The user can add new connections, remove existing ones, fix connection errors, reset credentials or activate/deactivate bank accounts.\n\nSupport of `redirect_uri` in this flow is optional, as it can be integrated or presented as a terminal step, without relying on a final redirection.\n\n###### Endpoint parameters\n\n| Parameter | Description |\n| - | - |\n| `client_id` | Required. The ID of the requesting client application. You can manage client applications of your domain in the admin console. |\n| `code` | Required. A user-scoped temporary code to use with the Budgea API. |\n| `redirect_uri` | Optional. An absolute callback URI. When provided, the webview will display a close button that redirects to it. |\n| `state` | Optional. An opaque string parameter that you can use to carry state across the flow when providing a `redirect_uri`. The parameter will be set \"as is\" on the callback URI. Make sure that the `state` you provide is properly URL-encoded. |\n| `connector_capabilities` | Optional. A comma-separated list of capabilities to filter available connectors when adding a new connection.<br>If the parameter is omitted, `bank` is inferred.<br>If multiple values are provided, only connectors that expose all the requested capabilities are available.<br>To request a bank connection, use `bank`.<br>To request a provider connection, use `document`. |\n| `account_types` | Optional. A comma-separated list of account types to filter accounts available for activation on adding a new bank connection or updating existing connections. Other accounts will not be selectable. |\n| `account_usages` | Optional. A comma-separated list of account usages to filter accounts available for activation in a bank connection context. Other accounts will not be selectable. |\n\n###### Callback parameters\n\nThis flow adds no parameter to the callback URI, except from `state`.\n\n##### Execute a bank transfer (preview)\n\n**Disclaimer**: Transfer or payment services are available as a preview, protocols and parameters are subject to change in upcoming beta/final releases.\n\n```\nhttps://{{domain}}.biapi.pro/2.0/auth/webview/{{lang}}/transfer\n```\nThis flow allows an end-user to execute a bank transfer. The flow handles the following steps:\n- if the transfer is not already created, all steps to authenticate with a bank, select the recipient, the emitter account, the amount and label;\n- executing the transfer, including managing SCAs for recipient registration and/or transfer validation.\n\n###### Endpoint parameters\n\n| Parameter | Description |\n| - | - |\n| `client_id` | Required. The ID of the requesting client application. You can manage client applications of your domain in the admin console. |\n| `redirect_uri` | Required. An absolute callback URI. The webview will redirect to it at the end of the flow. |\n| `code` | Required. A user-scoped temporary code to use with the Budgea API.<br>If you don't provide a code, a new anonymous user will be created before a connection is added and the transfer is executed, and you will be returned an access token code scoped to it with the success callback. |\n| `state` | Optional. An opaque string parameter that you can use to carry state across the flow. The parameter will be set \"as is\" on the callback URI. Make sure that the `state` you provide is properly URL-encoded. |\n| `transfer_id`| Optional. The ID of an prepared transfer to be validated in the webview. The user cannot edit anything on the transfer before validation. |\n\n###### Successfull callback parameters\n\n| Parameter | Description |\n| - | - |\n| `transfer_id` | The ID of the transfer that was created and executed. |\n| `code` | Optional. If a `code` was *not* initially specified, an API code that you can exchange to obtain a permanent access token associated with the newly-created anonymous user holding the transfer. The parameter is URL-encoded, make sure to handle it accordingly. |\n| `state` | Optional. Identical to the `state` parameter that was initially specified. |\n\n###### Additional error codes\n\n| Code | Description |\n| - | - |\n| `tos_declined` | The end-user refused to validate the terms of service. |\n\n#### Migrating from v3\n\nWe provide a full backward compatibility layer with current implementations of the webview v3 to ease the transition. All endpoints remains accessible, with the same parameters and callback behaviour. Migration instructions are provided below.\n\n*The v3 compatibility mode is expected to be removed on 31 December 2019.* You should migrate your implementation a soon as possible to new endpoints and parameters.\n\n##### Add connection flow / Edit connection credentials \n```\n/connect/select\n```\n\nThis endpoint has been superseded by `/connect` (no suffix) for adding a new connection, and `/reconnect` for resetting or updating an existing connection.\n\n| Endpoint parameter | Migration instructions |\n| - | - |\n| `client_id` | No change. |\n| `redirect_uri`, `state` | No change. |\n| `response_type` | This parameter is not used anymore. |\n| `id_connector`, `connectors` | Superseded by `connector_ids` sent to the `/connect` endpoint. |\n| `types` | Superseded by `connector_capabilities` sent to the `/connect` endpoint.<br>Use`connector_capabilities=bank` (bank connection) or `connector_capabilities=document` (provider connection). |\n| `id_connection` | Superseded by `connection_id` sent to the `/reconnect` endpoint. |\n\nPassing the code or access token as an URL fragment is no longer supported, use the `code` query parameter.\n\n| Callback parameter | Migration instructions |\n| - | - |\n| `id_connection` | Superseded by `connection_id`.<br>In the `/reconnect` flow, this parameter is not returned anymore. |\n| `code` | Still named `code`, but in the `/connect` flow the parameter is now **only** added if an anonymous user was created, i.e. the `code` parameter was **not** provided as a query parameter or fragment.<br>In the `/reconnect` flow, this parameter is not returned anymore. |\n| `state` | No change. |\n\n##### Manage connections\n\n```\n/accounts\n```\n\nThis endpoint has been superseded by `/manage`, that now fully allows users to add/remove connections, reset their credentials or recover from error states.\n\n| Endpoint parameter | Migration instructions |\n| - | - |\n| `client_id` | No change. |\n| `redirect_uri`, `state` | No change, these parameters are now optional. |\n| `response_type` | This parameter is not used anymore. |\n| `types` | Superseded by `connector_capabilities`.<br>Use`connector_capabilities=bank` (bank connection) or `connector_capabilities=document` (provider connection). |\n\nPassing the code or access token as an URL fragment is no longer supported, use the `code` query parameter.\n\n| Callback parameter | Migration instructions |\n| - | - |\n| `code` | This parameter is not returned anymore. |\n| `state` | No change. |\n\n##### Behaviour change\n\nIn v3, the `/accounts` flow used to redirect to the `redirect_uri` after a connection addition. This is no longer the case in v4, where redirection is only performed when the user explicitly closes the flow. If you need to perform actions when a connection is added or removed, you should rely on webhooks.\n\n#### Protocol\nThis section describes the protocol used to set bank and provider accounts of a user, in case you don't want to use the webview.\n\nThe idea is to call the following services client-side (with AJAX in case of a web application), to ensure the bank and providers credentials will not be sent to your servers.\n\n1. /auth/init\n```http\nPOST /auth/init\n```\n```json\n{\n \"auth_token\" : \"fBqjMZbYddebUGlkR445JKPA6pCoRaGb\",\n \"type\" : \"temporary\",\n \"expires_in\" : 1800,\n \"id_user\": 1\n}\n```\nThis service creates a temporarily token, to use in the \"Authorization\" header in next calls to the API\n\nThe returned token has a life-time of 30 minutes, and should be transfered to the API then (cf Permanent Token), so that your server can get a permanent access_token.\n\nIt is possible to generate a permanent token immediately, by calling the service with the manage_token, or by supply parameters client_id and client_secret.\n\n2. /banks or /providers\n```http\nGET /banks?expand=fields\nAuthorization: Bearer <token>\n```\n```json\n{\n \"hidden\" : false,\n \"charged\" : true,\n \"name\" : \"American Express\",\n \"id\" : 30,\n \"fields\" : [\n {\n \"values\" : [\n {\n \"label\" : \"Particuliers/Professionnels\",\n \"value\" : \"pp\"\n },\n {\n \"value\" : \"ent\",\n \"label\" : \"Entreprises\"\n }\n ],\n \"label\" : \"Type de compte\",\n \"regex\" : null,\n \"name\" : \"website\",\n \"type\" : \"list\"\n },\n {\n \"type\" : \"password\",\n \"label\" : \"Code secret\",\n \"name\" : \"password\",\n \"regex\" : \"^[0-9]{6}$\"\n }\n ],\n },\n ...\n ],\n \"total\" : 44,\n}\n```\nYou get a list of connectors, and all associated fields needed to build the form at step 3.\nYou can also use that list to show to your user, all available banks.\n\n3. /users/me/connections\nMake a POST request and supply the id_bank (ID of the chosen bank) or id_provider (ID of provider), and all requested fields as key/value parameters.\nFor example:\n```http\nPOST /users/me/connections\nAuthorization: Bearer <token>\n-F login=12345678\n-F password=123456\n-F id_bank=59\n```\nYou can get the following return codes:\n\n|Code |Description |\n|---------------|------------------------------------------------------------ |\n|200 |The connection has succeed and has been created |\n|202 |It is necessary to provide complementary information. This occurs on the first connection on some kind of Boursorama accounts for example, where a SMS is sent to the customer. It is necessary to ask the user to fill fields requested in the fields, and do a POST again on /users/me/connections/ID, with the connection ID in id_connection. |\n|400 |Unable to connect to the website, the field error in the JSON can be **websiteUnavailable** or **wrongpass** |\n|403 |Invalid token |\n\n4. Activate accounts\nThe accounts the user wants to aggregate must be activated before any transaction or investment is retrieved.\nSeveral accounts can be activated in 1 request by separating the account ids with commas.\n```http\nPUT /users/me/connections/<id_connection>/accounts/<id_account>?all\n```\n\n5. Permanent token\nIf the user validates the share of his accounts, it is necessary to transform the temporary code to a permanent access_token (so that the user won't expire).\n\nTo do that, make a POST request on /auth/token/access with the following parameters:\n|Parameter |Description |\n|---------------------|----------------------------------------------------------------|\n|code |The temporarily token which will let you get the access_token |\n|client_id |The ID of your client application |\n|client_secret |The secret of your client application |\n\n```json\nPOST /auth/token/access\n\n{\n \"client_id\" : 17473055,\n \"client_secret\" : \"54tHJHjvodbANVzaRtcLzlHGXQiOgw80\",\n \"code\" : \"fBqjMZbYddebUGlkR445JKPA6pCoRaGb\"\n}\n```\n```http\nHTTP/1.1 200 OK\n\n{\n \"access_token\" : \"7wBPuFfb1Hod82f1+KNa0AmrkIuQ3h1G\",\n \"token_type\":\"Bearer\"\n}\n```\n\n### Update accounts\nAnother important call is when a user wants to add/remove connections to banks or providers, or to change the password on one of them, it is advised to give him a temporarily code from the permanent access_token, with the following call (using the access_token as bearer):\n```http\nPOST /auth/token/code\nAuthorization: Bearer <token>\n```\n```json\n{\n \"code\" : \"/JiDppWgbmc+5ztHIUJtHl0ynYfw682Z\",\n \"type\" : \"temporary\",\n \"expires_in\" : 1800,\n}\n```\nIts life-time is 30 minutes, and let the browser to list connections and accounts, via `GET /users/me/connections?expand=accounts` for example.\n\n To update the password of a connection, you can do a POST on the *connection* resource, with the field *password* in the data. The new credentials are checked to make sure they are valid, and the return codes are the same as when adding a connection.\n\n## Getting the data (Webhooks)\nYou have created your users and their connections, now it's time to get the data.\nThere are 2 ways to retrieve it, the 2 can be complementary:\n- make regular calls to the API\n- use the webhooks (recommended)\n\n### Manual Synchronization\nIt is possible to do a manual synchronization of a user. We recommend to use this method in case the user wants fresh data after logging in.\n\nTo trigger the synchronization, call the API as below:\n`PUT /users/ID/connections`\nThe following call is blocking until the synchronization is terminated.\n\nEven if it is not recommended, it's possible to fetch synchronously new data. To do that, you can use the *expand* parameter:\n` /users/ID/connections?expand=accounts[transactions,investments[type]],subscriptions`\n```json\n{\n \"connections\" : [\n {\n \"accounts\" : [\n {\n \"balance\" : 7481.01,\n \"currency\" : {\n \"symbol\" : \"€\",\n \"id\" : \"EUR\",\n \"prefix\" : false\n },\n \"deleted\" : null,\n \"display\" : true,\n \"formatted_balance\" : \"7 481,01 €\",\n \"iban\" : \"FR76131048379405300290000016\",\n \"id\" : 17,\n \"id_connection\" : 7,\n \"investments\" : [\n {\n \"code\" : \"FR0010330902\",\n \"description\" : \"\",\n \"diff\" : -67.86,\n \"id\" : 55,\n \"id_account\" : 19,\n \"id_type\" : 1,\n \"label\" : \"Agressor PEA\",\n \"portfolio_share\" : 0.48,\n \"prev_diff\" : 2019.57,\n \"quantity\" : 7.338,\n \"type\" : {\n \"color\" : \"AABBCC\",\n \"id\" : 1,\n \"name\" : \"Fonds action\"\n },\n \"unitprice\" : 488.98,\n \"unitvalue\" : 479.73,\n \"valuation\" : 3520.28\n }\n ],\n \"last_update\" : \"2015-07-04 15:17:30\",\n \"name\" : \"Compte chèque\",\n \"number\" : \"3002900000\",\n \"transactions\" : [\n {\n \"active\" : true,\n \"application_date\" : \"2015-06-17\",\n \"coming\" : false,\n \"comment\" : null,\n \"commission\" : null,\n \"country\" : null,\n \"date\" : \"2015-06-18\",\n \"date_scraped\" : \"2015-07-04 15:17:30\",\n \"deleted\" : null,\n \"documents_count\" : 0,\n \"formatted_value\" : \"-16,22 €\",\n \"id\" : 309,\n \"id_account\" : 17,\n \"id_category\" : 9998,\n \"id_cluster\" : null,\n \"last_update\" : \"2015-07-04 15:17:30\",\n \"new\" : true,\n \"original_currency\" : null,\n \"original_value\" : null,\n \"original_wording\" : \"FACTURE CB HALL'S BEER\",\n \"rdate\" : \"2015-06-17\",\n \"simplified_wording\" : \"HALL'S BEER\",\n \"state\" : \"parsed\",\n \"stemmed_wording\" : \"HALL'S BEER\",\n \"type\" : \"card\",\n \"value\" : -16.22,\n \"wording\" : \"HALL'S BEER\"\n }\n ],\n \"type\" : \"checking\"\n }\n ],\n \"error\" : null,\n \"expire\" : null,\n \"id\" : 7,\n \"id_user\" : 7,\n \"id_bank\" : 41,\n \"last_update\" : \"2015-07-04 15:17:31\"\n }\n ],\n \"total\" : 1,\n}\n```\n\n### Background synchronizations & Webhooks\nWebhooks are callbacks sent to your server, when an event is triggered during a synchronization.\nSynchronizations are automatic, the frequency can be set using the configuration key `autosync.frequency`.\nUsing webhooks allows you to get the most up-to-date data of your users, after each synchronization.\n\nThe automatic synchronization makes it possible to recover new bank entries, or new invoices, at a given frequency.\nYou have the possibility to add webhooks on several events, and choose to receive each one on a distinct URL.\nTo see the list of available webhooks you can call the endpoint hereunder:\n```\ncurl https://demo.biapi.pro/2.0/webhooks_events \\\n -H 'Authorization: Bearer <token>'\n```\n\nThe background synchronizations for each user are independent, and their plannings are spread over the day so that they do not overload any website.\n\nOnce the synchronization of a user is over, a POST request is sent on the callback URL you have defined, including all webhook data.\nA typical json sent to your server is as below:\n```http\nPOST /callback HTTP/1.1\nHost: example.org\nContent-Length: 959\nAccept-Encoding: gzip, deflate, compress\nAccept: */*\nUser-Agent: Budgea API/2.0\nContent-Type: application/json; charset=utf-8\nAuthorization: Bearer sl/wuqgD2eOo+4Zf9FjvAz3YJgU+JKsJ\n\n{\n \"connections\" : [\n {\n \"accounts\" : [\n {\n \"balance\" : 7481.01,\n \"currency\" : {\n \"symbol\" : \"€\",\n \"id\" : \"EUR\",\n \"prefix\" : false\n },\n \"deleted\" : null,\n \"display\" : true,\n \"formatted_balance\" : \"7 481,01 €\",\n \"iban\" : \"FR76131048379405300290000016\",\n \"id\" : 17,\n \"id_connection\" : 7,\n \"investments\" : [\n {\n \"code\" : \"FR0010330902\",\n \"description\" : \"\",\n \"diff\" : -67.86,\n \"id\" : 55,\n \"id_account\" : 19,\n \"id_type\" : 1,\n \"label\" : \"Agressor PEA\",\n \"portfolio_share\" : 0.48,\n \"prev_diff\" : 2019.57,\n \"quantity\" : 7.338,\n \"type\" : {\n \"color\" : \"AABBCC\",\n \"id\" : 1,\n \"name\" : \"Fonds action\"\n },\n \"unitprice\" : 488.98,\n \"unitvalue\" : 479.73,\n \"valuation\" : 3520.28\n }\n ],\n \"last_update\" : \"2015-07-04 15:17:30\",\n \"name\" : \"Compte chèque\",\n \"number\" : \"3002900000\",\n \"transactions\" : [\n {\n \"active\" : true,\n \"application_date\" : \"2015-06-17\",\n \"coming\" : false,\n \"comment\" : null,\n \"commission\" : null,\n \"country\" : null,\n \"date\" : \"2015-06-18\",\n \"date_scraped\" : \"2015-07-04 15:17:30\",\n \"deleted\" : null,\n \"documents_count\" : 0,\n \"formatted_value\" : \"-16,22 €\",\n \"id\" : 309,\n \"id_account\" : 17,\n \"id_category\" : 9998,\n \"id_cluster\" : null,\n \"last_update\" : \"2015-07-04 15:17:30\",\n \"new\" : true,\n \"original_currency\" : null,\n \"original_value\" : null,\n \"original_wording\" : \"FACTURE CB HALL'S BEER\",\n \"rdate\" : \"2015-06-17\",\n \"simplified_wording\" : \"HALL'S BEER\",\n \"state\" : \"parsed\",\n \"stemmed_wording\" : \"HALL'S BEER\",\n \"type\" : \"card\",\n \"value\" : -16.22,\n \"wording\" : \"HALL'S BEER\"\n }\n ],\n \"type\" : \"checking\"\n }\n ],\n \"bank\" : {\n \"id_weboob\" : \"ing\",\n \"charged\" : true,\n \"name\" : \"ING Direct\",\n \"id\" : 7,\n \"hidden\" : false\n },\n \"error\" : null,\n \"expire\" : null,\n \"id\" : 7,\n \"id_user\" : 7,\n \"id_bank\" : 41,\n \"last_update\" : \"2015-07-04 15:17:31\"\n }\n ],\n \"total\" : 1,\n \"user\" : {\n \"signin\" : \"2015-07-04 15:17:29\",\n \"id\" : 7,\n \"platform\" : \"sharedAccess\"\n }\n}\n```\nThe authentication on the callback is made with the access_token of the user (which is a shared secret between your server and the Budgea API).\n\nWhen you are in production, it is needed to define a HTTPS URL using a valid certificate, delivered by a recognized authority. If this is not the case, you can contact us to add your CA (Certificate Authority) to our PKI (Public Key Infrastructure).\n\nImportant: it is necessary to send back a HTTP 200 code, without what we consider that data is not correctly taken into account on your system, and it will be sent again at the next user synchronization.\n\n## Guidelines for production\nNow you should have integrated the API inside your application. Make sure your Webhooks URLs are in HTTPS, if so you can enable the production state of the API.\n\nTo make things great, here are some good practices, please check you have respected them:\n- You have provided to your users a way to configure their accounts\n- You have provided to your users a way to change their account passwords\n- You consider the **error** field of Connections, to alert the user in case the state is **wrongpass**\n- You map IDs of Accounts, Subscriptions, Transactions and Documents in your application, to be sure to correctly match them\n- When the deleted field is set on a bank transaction, you delete it in your database\n- You don't loop on all users to launch synchronizations, this might saturate the service\n\nIf you have questions about above points, please contact us. Otherwise, you can put into production!\n\n### Going further\nIf you want to raise the bar for your app and add features such as the ability to do transfers, get invoices, aggregate patrimony and more, please refer to the sections below.\nWe'll discuss complementary APIs building upon the aggregation, allowing for the best of financial apps.\n\n## Budgea API Pay\nThis API allows for the emition of transfers between the aggregated accounts.\nJust like the simple aggregation, BI provides a webview or a protocol to follow, to implement this feature.\n\n### API pay protocol\nThis section describes how the transfer and recipient protocol work, in case you don't want to integrate the webview.\nThe idea is to do following calls client side (with AJAX in case of a web application), so that the interaction with the Budgea API is transparent.\n\n#### Executing a transfer\n1. /auth/token/code\nIf you do calls client side, get a new temporary code for the user, from the access_token. This will prevent security issues.\n```\ncurl -d '' \\\n https://demo.biapi.pro/2.0/auth/token/code \\\n -H 'Authorization: Bearer <token>'\n```\n```json\n{\n \"code\": \"/JiDppWgbmc+5ztHIUJtHl0ynYfw682Z\",\n \"type\": \"temporary\",\n \"expires_in\": 1800\n}\n```\nThe returned token has a life-time of 30 minutes.\n\n2. /users/me/accounts?able_to_transfer=1\nList all the accounts that can do transfers. Authenticate the call with the code you got at step 1.\n```\ncurl https://demo.biapi.pro/2.0/users/me/accounts?able_to_transfer=1 \\\n -H 'Authorization: Bearer /JiDppWgbmc+5ztHIUJtHl0ynYfw682Z'\n```\n```json\n{\n \"accounts\" : [\n {\n \"display\" : true,\n \"balance\" : 2893.36,\n \"id_type\" : 2,\n \"number\" : \"****1572\",\n \"type\" : \"checking\",\n \"deleted\" : null,\n \"bic\" : \"BNPAFRPPXXX\",\n \"bookmarked\" : false,\n \"coming\" : -2702.74,\n \"id_user\" : 1,\n \"original_name\" : \"Compte de chèques\",\n \"currency\" : {\n \"symbol\" : \"€\",\n \"id\" : \"EUR\",\n \"prefix\" : false\n },\n \"name\" : \"lol\",\n \"iban\" : \"FR7630004012550000041157244\",\n \"last_update\" : \"2016-12-28 12:31:04\",\n \"id\" : 723,\n \"formatted_balance\" : \"2893,36 €\",\n \"able_to_transfer\" : true,\n \"id_connection\" : 202\n }\n ],\n \"total\" : 1\n}\n```\n\n3. /users/me/accounts/ID/recipients\nList all available recipients for a given account.\n```\ncurl https://demo.biapi.pro/2.0/users/me/accounts/723/recipients?limit=1 \\\n -H 'Authorization: Bearer /JiDppWgbmc+5ztHIUJtHl0ynYfw682Z'\n```\n```json\n{\n \"total\" : 27,\n \"recipients\" : [\n {\n \"bank_name\" : \"BNP PARIBAS\",\n \"bic\" : \"BNPAFRPPXXX\",\n \"category\" : \"Interne\",\n \"deleted\" : null,\n \"enabled_at\" : \"2016-10-31 18:52:53\",\n \"expire\" : null,\n \"iban\" : \"FR7630004012550003027641744\",\n \"id\" : 1,\n \"id_account\" : 1,\n \"id_target_account\" : 2,\n \"label\" : \"Livret A\",\n \"last_update\" : \"2016-12-05 12:07:24\",\n \"time_scraped\" : \"2016-10-31 18:52:54\",\n \"webid\" : \"2.4.188268268091098819849694548441184167285851255682796371\"\n }\n ]\n}\n```\n\n4. /users/me/accounts/ID/recipients/ID/transfers\nCreate the transfer\n```\ncurl \\\n https://demo.biapi.pro/2.0/users/me/accounts/1/recipients/1/transfers \\\n -H 'Authorization: Bearer /JiDppWgbmc+5ztHIUJtHl0ynYfw682Z' \\\n -F amount=10, \\\n -F label=\"Test virement\", \\\n -F exec_date=\"2018-09-12\" // optional\n```\n```json\n{\n \"account_iban\" : \"FR7630004012550000041157244\",\n \"amount\" : 10,\n \"currency\" : {\n \"id\" : \"EUR\",\n \"prefix\" : false,\n \"symbol\" : \"€\"\n },\n \"exec_date\" : \"2018-09-12\",\n \"fees\" : null\n \"formatted_amount\" : \"10,00 €\",\n \"id\" : 22,\n \"id_account\" : 1,,\n \"id_recipient\" : 1,\n \"label\" : \"Test virement\",\n \"recipient_iban\" : \"FR7630004012550003027641744\",\n \"register_date\" : \"2018-09-12 10:34:59\",\n \"state\" : \"created\",\n \"webid\" : null\n}\n```\n\n5. /users/me/transfers/ID\nExecute the transfer\n```\ncurl \\\n https://demo.biapi.pro/2.0/users/me/transfers/22 \\\n -H 'Authorization: Bearer /JiDppWgbmc+5ztHIUJtHl0ynYfw682Z' \\\n -F validated=true\n```\n```json\n{\n \"account_iban\" : \"FR7630004012550000041157244\",\n \"amount\" : 10,\n \"currency\" : {\n \"id\" : \"EUR\",\n \"prefix\" : false,\n \"symbol\" : \"€\"\n },\n \"exec_date\" : \"2016-12-19\",\n \"fees\" : null,\n \"fields\" : [\n {\n \"label\" : \"Code secret BNP Paribas\",\n \"type\" : \"password\",\n \"regex\" : \"^[0-9]{6}$\",\n \"name\" : \"password\"\n }\n ],\n \"formatted_amount\" : \"10,00 €\",\n \"id\" : 22,\n \"id_account\" : 1,\n \"id_recipient\" : 1,\n \"label\" : \"Test virement\",\n \"recipient_iban\" : \"FR7630004012550003027641744\",\n \"register_date\" : \"2016-12-19 10:34:59\",\n \"state\" : \"created\",\n \"webid\" : null\n}\n```\nHere, an authentication step asks user to enter his bank password. The transfer can be validated with:\n\n```\ncurl \\\n https://demo.biapi.pro/2.0/users/me/transfers/22 \\\n -H 'Authorization: Bearer /JiDppWgbmc+5ztHIUJtHl0ynYfw682Z' \\\n -F validated=true \\\n -F password=\"123456\"\n```\n```json\n{\n \"account_iban\" : \"FR7630004012550000041157244\",\n \"currency\" : {\n \"id\" : \"EUR\",\n \"prefix\" : false,\n \"symbol\" : \"€\"\n },\n \"amount\" : 10,\n \"exec_date\" : \"2016-12-19\",\n \"fees\" : 0,\n \"formatted_amount\" : \"10,00 €\",\n \"id\" : 22,\n \"id_account\" : 1,\n \"id_recipient\" : 1,\n \"label\" : \"Test virement\",\n \"recipient_iban\" : \"FR7630004012550003027641744\",\n \"register_date\" : \"2016-12-19 10:34:59\",\n \"state\" : \"pending\",\n \"webid\" : \"ZZ10C4FKSNP05TK95\"\n}\n```\nThe field state is changed to *pending*, telling that the transfer has been correctly executed on the bank. A connection synchronization is then launched, to find the bank transaction in the movements history. In this case, the transfer state will be changed to *done*.\n\n#### Adding a recipient\n1. /auth/token/code\nGet a temporary token for the user. Same procedure than step 1 for a transfer.\n\n2. /users/me/accounts?able_to_transfer=1\nList accounts allowing transfers. Same procedure than step 2 for a transfer.\n\n3. /users/me/accounts/ID/recipients/\nAdd a new recipient.\n```\ncurl \\\n https://demo.biapi.pro/2.0/users/me/accounts/1/recipients \\\n -H 'Authorization: Bearer /JiDppWgbmc+5ztHIUJtHl0ynYfw682Z' \\\n -F iban=FR7613048379405300290000355 \\\n -F label=\"Papa\", \\\n -F category=\"Famille\" // optional\n```\n```json\n{\n \"bank_name\" : \"BNP PARIBAS\",\n \"bic\" : \"BNPAFRPPXXX\",\n \"category\" : \"Famille\",\n \"deleted\" : null,\n \"enabled_at\" : null,\n \"expire\" : \"2017-04-29 16:56:20\",\n \"fields\" : [\n {\n \"label\" : \"Veuillez entrer le code reçu par SMS\",\n \"type\" : \"password\",\n \"regex\" : \"^[0-9]{6}$\",\n \"name\" : \"sms\"\n }\n ],\n \"iban\" : \"FR7613048379405300290000355\",\n \"id\" : 2,\n \"id_account\" : 1,\n \"id_target_account\" : null,\n \"label\" : \"Papa\",\n \"last_update\" : \"2017-04-29 16:26:20\",\n \"time_scraped\" : null,\n \"webid\" : null\n}\n```\nIt is necessary to post on the object Recipient with the requested fields (here sms), until the add is validated:\n```\ncurl \\\n https://demo.biapi.pro/2.0/users/me/accounts/1/recipients/2 \\\n -H 'Authorization: Bearer /JiDppWgbmc+5ztHIUJtHl0ynYfw682Z' \\\n -F sms=\"123456\"\n```\n```json\n{\n \"bank_name\" : \"BNP PARIBAS\",\n \"bic\" : \"BNPAFRPPXXX\",\n \"category\" : \"Famille\",\n \"deleted\" : null,\n \"enabled_at\" : \"2017-05-01 00:00:00\",\n \"expire\" : null,\n \"iban\" : \"FR7613048379405300290000355\",\n \"id\" : 2,\n \"id_account\" : 1,\n \"id_target_account\" : null,\n \"label\" : \"Papa\",\n \"last_update\" : \"2017-04-29 16:26:20\",\n \"time_scraped\" : null,\n \"webid\" : \"2.4.188268268091098819849694548441184167285851255682796371\"\n}\n```\nIf the field enabled_at is in the future, it means that it isn't possible yet to execute a transfer, as the bank requires to wait a validation period.\n\n### API Pay Webview\nThis section describes how to integrate the webview of the Budgea Pay API inside your application, to let your users do transfers to their recipients.\n\n#### User redirection\nTo redirect the user to the webview, it is necessary to build a URI authenticated with a temporary token.\nThis can be done from our library, or by calling the endpoint `/auth/token/code` (see the protocol section for an example).\nIf the parameter **redirect_uri** is supplied, the user will be redirected to that page once the transfer is done.\n\n#### List of pages\nHere are a list a pages you may call to redirect your user directly on a page of the process:\n|Path |Description of the page |\n|-------------------------------------|----------------------------------------------------------------------------------|\n|/transfers |List Transfers |\n|/transfers/accounts |List emitter accounts |\n|/transfers/accounts/id/recipients |List recipients |\n|/transfers/accounts/id/recipients/id |Initialization of a transfer between the account and the recipient |\n|/transfers/id |Detail of a given transfer |\n\n## Deprecated\n\nThis section lists all the deprecated features in Budgea API. The associated date is the date of its removal.\n**Do not use them**.\n\n### Key Investments (**2019-06-24**)\n\nAdding a temporary new key \"all_investments\" that will include deleted investments in the **webhooks**.\n\n### No automatic expand on User objects (**2019-07-30**)\nIn the API responses, by default, User objects won't display the keys \"config\", \"alert_settings\" and \"invites\" anymore.\nYou will still be able to access this data by expanding the request.\nExample: GET /users/me/?expand=alert_settings,config\n\n### Renaming of \"type\" field for jwt tokens (**2019-07-30**)\nFor user's tokens in the jwt format, the \"type\" field will be renamed from \"shared_access\" to \"sharedAccess\".\n",
"title": "Budgea API Documentation"
},
"paths": {
"/account_types": {
"get": {
"responses": {
"200": {
"description": "accounttypes",
"schema": {
"required": [
"accounttypes"
],
"type": "object",
"properties": {
"accounttypes": {
"items": {
"$ref": "#/definitions/AccountType"
},
"type": "array"
},
"total": {
"type": "number",
"description": "total number of results"
}
}
}
}
},
"tags": [
"Banks"
],
"description": "",
"parameters": [
{
"required": false,
"type": "string",
"name": "expand",
"in": "query"
}
],
"summary": "Get account types"
}
},
"/account_types/{id_account_type}": {
"get": {
"responses": {
"200": {
"description": "Successful GET on AccountType resource",
"schema": {
"$ref": "#/definitions/AccountType"
}
}
},
"tags": [
"Banks"
],
"description": "",
"parameters": [
{
"required": true,
"in": "path",
"type": "integer",
"name": "id_account_type",
"description": ""
},
{
"required": false,
"type": "string",
"name": "expand",
"in": "query"
}
],
"summary": "Get an account type"
}
},
"/admin/jwt": {
"post": {
"responses": {
"200": {
"schema": {
"required": [
"jwt_token",
"payload"
],
"type": "object"
},
"description": "",
"examples": {
"jwt_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1Mzg1OTUwODYsInR5cGUiOiJtYW5hZ2VfdG9rZW4iLCJhdWQiOiJsb2NhbGhvc3Q6MzE1OCIsImV4cCI6MTUzODU5NTE0Niwic2NvcGUiOiJjb25maWcifQ.Z-ygtorGB3yitd2MNias9r3dPojPh4yxFKO5uVM0NhEty5UhnwkqSZA29JKZKmTc7mUSDc30THFIL-VkHBOu2gfxv3fjrZ9R35jo29H_TEYpxiOxxl0m5jLxDn4KEoWpDCiuwkoEdklVJCOMFGC_Sp3uZ89C82OZ_-7CDExnA99FPKbJpVVHaIQdlmOAATHG-KvRJKJu7j2wIUSpIZ3flIqav9dBtaHbjaI-K0WTSC-a13gdzHJKhHmReKWNL8cOMIziPrUx4zv57_DSLWSI2e2FJ_SKbiEAgHcfEmnwktPwTeAdJhgUq5UVH1EP71NkpTQQL4SzHi3tlKmsG3SCbg",
"payload": {
"iat": 1538595086,
"type": "manage_token",
"aud": "localhost:3158",
"exp": 1538595146,
"scope": "config"
}
}
}
},
"tags": [
"Authentication"
],
"description": "This endpoint generates a new jwt manage token. It requires an admin manage token to be used<br><br>",
"parameters": [
{
"required": false,
"in": "formData",
"type": "string",
"name": "scope",
"description": "scope requested for the token (default: config)"
},
{
"required": false,
"in": "formData",
"type": "integer",
"name": "duration",
"description": "number of minute before the token expiration (0 for token that won't expire unless the client application is deleted) (default: 1)"
}
],
"summary": "Generate a jwt manage token"
}
},
"/auth/confirm": {
"post": {
"responses": {
"200": {
"schema": {
"required": [
"token",
"user"
],
"type": "object",
"properties": {
"token": {
"type": "string",
"description": "confirmed token"
},
"user": {
"type": "object",
"description": "user data object"
}
}
},
"description": "",
"examples": {
"token": "A37mwXNCblbWX0LrvpRq60sZ6NBft/t5tsHhADie56/TJscwSi8NSjVmUIf6iLqpDwPe6lyFXM3z7E/zKf9eRHUWzx4QryEgmCtwZ0XgQb9SE+HwaenwqwTuv1gHZD+n",
"user": {}
}
}
},
"tags": [
"PFM"
],
"description": "<br><br>",
"parameters": [
{
"required": true,
"in": "formData",
"type": "string",
"name": "token",
"description": "token received in email"
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "application",
"description": "application in use"
}
],
"summary": "Confirm email address"
}
},
"/auth/confirmNewEmail": {
"post": {
"responses": {
"200": {
"description": "standard HTTP response"
}
},
"tags": [
"PFM"
],
"description": "",
"parameters": [
{
"required": true,
"in": "formData",
"type": "string",
"name": "token",
"description": "token received by email"
}
],
"summary": "Confirm new email address"
}
},
"/auth/cookie": {
"post": {
"responses": {
"200": {
"description": "standard HTTP response"
}
},
"tags": [
"PFM"
],
"description": "",
"parameters": [
{
"required": true,
"in": "formData",
"type": "string",
"name": "username",
"description": "username"
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "password",
"description": "password"
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "application",
"description": "application name"
},
{
"required": false,
"in": "formData",
"type": "string",
"name": "scope",
"description": "scope requested for the token"
}
],
"summary": "Login with credentials and set as cookie"
}
},
"/auth/init": {
"post": {
"responses": {
"200": {
"schema": {
"required": [
"auth_token",
"type"
],
"type": "object",
"properties": {
"expires_in": {
"type": "integer",
"description": "duration in seconds of the token validity"
},
"auth_token": {
"type": "string",
"description": "new token created for the new anonymous user"
},
"type": {
"type": "string",
"description": "type of the token"
}
}
},
"description": "",
"examples": {
"expires_in": 1800,
"auth_token": "A37mwXNCblbWX0LrvpRq60sZ6NBft/t5tsHhADie56/TJscwSi8NSjVmUIf6iLqpDwPe6lyFXM3z7E/zKf9eRHUWzx4QryEgmCtwZ0XgQb9SE+HwaenwqwTuv1gHZD+n",
"type": "temporary"
}
}
},
"tags": [
"Authentication"
],
"description": "This endpoint creates a new temporary token related to a new anonymous user.<br><br>It will expire 30 minutes after.<br><br>Note: if you supply client_id and client_secret, or if you call this endpoint with the manage_token, the token will be permanent.<br><br>",
"parameters": [
{
"required": false,
"in": "formData",
"type": "string",
"name": "client_id",
"description": "ID of the client"
},
{
"required": false,
"in": "formData",
"type": "string",
"name": "client_secret",
"description": "secret of the client"
}
],
"summary": "Create a new anonymous user"
}
},
"/auth/jwt": {
"post": {
"responses": {
"200": {
"schema": {
"required": [
"jwt_token",
"payload"
],
"type": "object",
"properties": {
"jwt_token": {
"type": "string",
"description": "the jwt token"
},
"payload": {
"type": "object",
"description": "the payload contained in the jwt token"
}
}
},
"description": "",
"examples": {
"jwt_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZF91c2VyIjozMywiYXVkIjoibG9jYWxob3N0OjMxNTgiLCJpc3MiOjE5ODM4OTgyLCJleHAiOjE1Mzg1OTY2OTcsInNjb3BlIjoiIiwiaWF0IjoxNTM4NTk0ODk3LCJ0eXBlIjoic2hhcmVkX2FjY2VzcyJ9.Tesc90tQ35Fk2SbRXw_Da1Ec-AwAzi104N-hrZWyBeXYkoao6512Ym8v_3207zm-bE1mRDjmQJQN0bbvImZlNGKA8JqoxbXF5l8eetXnv-U9yZXp9ScpUoNWxrRbtyyiwIGWDsRjCjOXcrVvzYd0oJ2RpUXR2NFyCCRjuMJFU87ojGj9eHo5e1B78vB1xZe3c3Yyx8bCvm0Qe2JjoSuhnXgMzAuLQm2KHha_9iHuQBC4zmmICOvNsQ5gBWAnf0W0IYHTZG1vioGNstX05nYiGSSlmzP6HgA5CmB2A57rBERFYB7V59wSQJzUyVOpCOuPCp7zPkRNfgFsZqqACg-DDg",
"payload": {
"id_user": 33,
"aud": "localhost:3158",
"iss": 19838982,
"exp": 1538596697,
"iat": 1538594897,
"scope": "",
"type": "sharedAccess"
}
}
}
},
"tags": [
"Authentication"
],
"description": "This endpoint generates a new jwt token for the user. This token will last the time in minutes given by the config key auth.default_token_expire (permanent if this the parameter expire=False is given)<br><br>",
"parameters": [
{
"required": false,
"in": "formData",
"type": "string",
"name": "client_id",
"description": "id of the client"
},
{
"required": false,
"in": "formData",
"type": "string",
"name": "client_secret",
"description": "secret for the client"
},
{
"required": false,
"in": "formData",
"type": "string",
"name": "scope",
"description": "scope requested for the token"
},
{
"required": false,
"in": "formData",
"type": "integer",
"name": "id_user",
"description": "user for whom the token has to be generated. If not supplied, a user will be created"
},
{
"required": false,
"in": "formData",
"type": "boolean",
"name": "expire",
"description": "if set to True, the token will expire n minutes after its creation, n being the value of configuration key auth.default_token_expire (default: True)"
}
],
"summary": "Generate a user jwt token"
}
},
"/auth/register": {
"post": {
"responses": {
"200": {
"schema": {
"required": [
"token",
"user",
"profile"
],
"type": "object",
"properties": {
"profile": {
"type": "object",
"description": "the user profile data object"
},
"token": {
"type": "string",
"description": "the requested token"
},
"user": {
"type": "object",
"description": "the user data object"
}
}
},
"description": "",
"examples": {
"profile": {},
"token": "A37mwXNCblbWX0LrvpRq60sZ6NBft/t5tsHhADie56/TJscwSi8NSjVmUIf6iLqpDwPe6lyFXM3z7E/zKf9eRHUWzx4QryEgmCtwZ0XgQb9SE+HwaenwqwTuv1gHZD+n",
"user": {}
}
}
},
"tags": [
"PFM"
],
"description": "Create a new user with his email address and password.<br><br><br><br>",
"parameters": [
{
"required": true,
"in": "formData",
"type": "string",
"name": "email",
"description": "email address"
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "password",
"description": "password"
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "application",
"description": "application in use"
},
{
"required": false,
"in": "formData",
"type": "string",
"name": "sponsor",
"description": "sponsor code to get advantages"
},
{
"required": false,
"in": "formData",
"type": "string",
"name": "notification_token",
"description": "APNS or GCM token to send notifications to device"
}
],
"summary": "Register to API"
}
},
"/auth/resendConfirmEmail": {
"post": {
"responses": {
"200": {
"description": "standard HTTP response"
}
},
"tags": [
"PFM"
],
"description": "Sent token can be re-generated as it might be expired. Note that requesting email confirmation on already confirmed profile will raise a BadRequest.<br><br>",
"parameters": [],
"summary": "Resend an email to confirm email address."
}
},
"/auth/token": {
"post": {
"responses": {
"200": {
"schema": {
"required": [
"token",
"scope",
"user",
"profile"
],
"type": "object",
"properties": {
"profile": {
"type": "object",
"description": "the user profile data object"
},
"scope": {
"type": "string",
"description": "the token scope"
},
"token": {
"type": "string",
"description": "the requested token"
},
"expires_in": {
"type": "integer",
"description": "duration in seconds of the token validity"
},
"user": {
"type": "object",
"description": "the user data object"
}
}
},
"description": "",
"examples": {
"profile": {},
"scope": "",
"token": "A37mwXNCblbWX0LrvpRq60sZ6NBft/t5tsHhADie56/TJscwSi8NSjVmUIf6iLqpDwPe6lyFXM3z7E/zKf9eRHUWzx4QryEgmCtwZ0XgQb9SE+HwaenwqwTuv1gHZD+n",
"user": {}
}
}
},
"tags": [
"PFM"
],
"description": "Request a new user token by giving an username and a password.<br><br><br><br>",
"parameters": [
{
"required": true,
"in": "formData",
"type": "string",
"name": "username",
"description": "username"
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "password",
"description": "password"
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "application",
"description": "application name"
},
{
"required": false,
"in": "formData",
"type": "string",
"name": "scope",
"description": "scope requested for the token"
}
],
"summary": "Login to API with credentials"
},
"delete": {
"responses": {
"200": {
"description": "standard HTTP response"
}
},
"tags": [
"Authentication",
"PFM"
],
"description": "This endpoint removes the token in use.<br><br>",
"parameters": [],
"summary": "Remove user access"
}
},
"/auth/token/access": {
"post": {
"responses": {
"200": {
"schema": {
"required": [
"access_token",
"token_type"
],
"type": "object",
"properties": {
"access_token": {
"type": "string",
"description": "the access token transformed from the temporary one"
},
"token_type": {
"type": "string",
"description": "the access token type"
}
}
},
"description": "",
"examples": {
"access_token": "A37mwXNCblbWX0LrvpRq60sZ6NBft/t5tsHhADie56/TJscwSi8NSjVmUIf6iLqpDwPe6lyFXM3z7E/zKf9eRHUWzx4QryEgmCtwZ0XgQb9SE+HwaenwqwTuv1gHZD+n",
"token_type": "Bearer"
}
}
},
"tags": [
"Authentication"
],
"description": "In order to register a new user with the OAuth 2 process, the client has to call this endpoint to request a granted access_token with the received temporary code.<br><br>",
"parameters": [
{
"required": false,
"in": "formData",
"type": "string",
"name": "grant_type",
"description": "default is \"authorization_code\""
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "client_id",
"description": "ID of the client"
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "client_secret",
"description": "secret of the client"
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "code",
"description": "user's temporary code"
},
{
"required": false,
"in": "formData",
"type": "string",
"name": "redirect_uri",
"description": "redirect uri used by user"
}
],
"summary": "Transform a temporary code to a access_token"
}
},
"/auth/token/code": {
"get": {
"responses": {
"200": {
"schema": {
"required": [
"code",
"type",
"expires_in"
],
"type": "object",
"properties": {
"expires_in": {
"type": "integer",
"description": "duration in seconds of the token validity"
},
"code": {
"type": "string",
"description": "the temporary token"
},
"type": {
"type": "object",
"description": "the token type"
}
}
},
"description": "",
"examples": {
"expires_in": 1800,
"code": "A37mwXNCblbWX0LrvpRq60sZ6NBft/t5tsHhADie56/TJscwSi8NSjVmUIf6iLqpDwPe6lyFXM3z7E/zKf9eRHUWzx4QryEgmCtwZ0XgQb9SE+HwaenwqwTuv1gHZD+n",
"type": "temporary"
}
}
},
"tags": [
"Authentication"
],
"description": "This endpoint generates a new temporary token for the user.<br><br>In case the access_token is used by a trusted device, and you want to let another one (for example a web browser) access to user resources, use this service to create a token which will expire in 30 minutes.<br><br>",
"parameters": [],
"summary": "Generate a user temporary token"
}
},
"/banks": {
"get": {
"responses": {
"200": {
"description": "banks",
"schema": {
"required": [
"banks"
],
"type": "object",
"properties": {
"banks": {
"items": {
"$ref": "#/definitions/Connector"
},
"type": "array"
},
"total": {
"type": "number",
"description": "total number of results"
}
}
}
}
},
"tags": [
"Connections",
"Banks",
"Providers"
],
"description": "",
"parameters": [
{
"required": false,
"type": "string",
"name": "expand",
"in": "query"
}
],
"summary": "Get list of connectors"
}
},
"/banks/categories": {
"post": {
"responses": {
"200": {
"description": "Successful POST on ConnectorCategory resource",
"schema": {
"$ref": "#/definitions/ConnectorCategory"
}
}
},
"tags": [
"Banks"
],
"description": "It requires the name of the category to be created<br><br>",
"parameters": [
{
"required": true,
"in": "formData",
"type": "string",
"name": "name",
"description": "name of the category to be created"
},
{
"required": false,
"type": "string",
"name": "expand",
"in": "query"
}
],
"summary": "Create bank categories"
}
},
"/banks/categories/{id_category}": {
"post": {
"responses": {
"200": {
"description": "Successful POST on ConnectorCategory resource",
"schema": {
"$ref": "#/definitions/ConnectorCategory"
}
}
},
"tags": [
"Banks"
],
"description": "Edit the name for the supplied category.<br><br>",
"parameters": [
{
"required": true,
"in": "path",
"type": "integer",
"name": "id_category",
"description": ""
},
{
"required": true,
"in": "formData",
"type": "string",
"name": "name",
"description": "new name for the supplied category"
},
{
"required": false,
"type": "string",
"name": "expand",
"in": "query"
}
],
"summary": "Edit a bank categories"
},
"delete": {
"responses": {
"200": {
"description": "Successful DELETE on ConnectorCategory resource",
"schema": {
"$ref": "#/definitions/ConnectorCategory"
}
}
},
"tags": [
"Banks"
],
"description": "",
"parameters": [
{
"required": true,
"in": "path",
"type": "integer",
"name": "id_category",
"description": ""
},
{
"required": false,
"type": "string",
"name": "expand",
"in": "query"
}
],
"summary": "Delete the supplied category"
}
},
"/banks/{id_connector}/connections": {
"get": {
"responses": {
"200": {
"description": "connections",
"schema": {
"required": [
"connections"
],
"type": "object",
"properties": {
"connections": {
"items": {
"$ref": "#/definitions/Connection"
},
"type": "array"
},
"total": {
"type": "number",
"description": "total number of results"
}
}
}
}
},
"tags": [
"Banks",
"Connections"
],
"description": "By default, it selects a set of 3 connections.<br><br>",
"parameters": [
{
"required": true,
"in": "path",
"type": "integer",
"name": "id_connector",
"description": ""
},
{
"required": false,
"in": "query",
"type": "integer",
"name": "range",
"description": "the length of the connection subset"
},
{
"required": false,
"in": "query",
"type": "integer",
"name": "type",
"description": "to target a specific account type which will be"
},
{
"required": false,
"in": "query",
"type": "integer",
"name": "occurrences",
"description": "require at least N accounts of the targeted"
},
{
"required": false,
"type": "string",
"name": "expand",
"in": "query"
}
],
"summary": "Get a subset of id_connection with the largest diversity of account"
}
},
"/banks/{id_connector}/logos": {
"get": {
"responses": {
"200": {
"description": "connectorlogos",
"schema": {
"required": [
"connectorlogos"
],
"type": "object",
"properties": {
"connectorlogos": {
"items": {
"$ref": "#/definitions/ConnectorLogo"
},
"type": "array"
},
"total": {
"type": "number",
"description": "total number of results"
}
}
}
}
},
"tags": [
"Banks",
"Providers"
],
"description": "This endpoint returns all links to files associated with this connector.<br><br>",
"parameters": [
{
"required": true,
"in": "path",
"type": "integer",
"name": "id_connector",
"description": ""
},
{
"required": false,
"type": "string",
"name": "expand",
"in": "query"
}
],
"summary": "Get all links to the files associated with this connector."
}
},
"/banks/{id_connector}/logos/main": {
"get": {
"responses": {
"200": {
"description": "connectorlogos",
"schema": {
"required": [
"connectorlogos"
],
"type": "object",
"properties": {
"connectorlogos": {
"items": {
"$ref": "#/definitions/ConnectorLogo"
},
"type": "array"
},
"total": {
"type": "number",
"description": "total number of results"
}
}
}
}
},
"tags": [
"Banks",
"Providers"
],
"description": "This endpoint returns all links to files associated with this connector.<br><br>",
"parameters": [
{
"required": true,
"in": "path",
"type": "integer",
"name": "id_connector",
"description": ""
},
{
"required": false,
"type": "string",
"name": "expand",
"in": "query"
}
],
"summary": "Get all links to the files associated with this connector."
}
},
"/banks/{id_connector}/logos/thumbnail": {
"get": {
"responses": {
"200": {
"description": "connectorlogos",
"schema": {
"required": [
"connectorlogos"
],
"type": "object",