Read account information. Provides access to account lists, account details, balances and transaction information.
Aritma Banking API (1.0.0)
Over time there will be introduced changes to the API as we continuously introduce improvements. You have the option to use a specific version or the most recent version, supported versions are available in the response header api-supported-versions.
Use a specific version of the API by specifying the api-version header, for example api-version: 1.0. If you don't specify the header, the latest version will be used. If a version has been scheduled to be removed, it will be reported through the api-deprecated-versions header, for example api-deprecated-versions: 1.0, 1.1.
The API supports idempotency for safely retrying POST requests without accidentally performing the operation twice. To perform an idempotent request, specify the Idempotency-Key: UUID header with a value on UUID format, example: Idempotency-Key: 5bfa15da-0969-46a3-820d-be0ec7a16c24.
The idempotency works by storing the status code and body of the first response made for the idempotency key for a short timespan, regardless of whether if succeeds or fails. Subsequent request with the same key returns the response of the previous response. The presence of response header Idempotent-Replayed: true indicates that a previous response has been returned. Note that the replayed responses for created resources would change from status 201 to 200 ok, indicating that no resource was created.
Download OpenAPI description
Languages
Servers
Mock server
https://developer.aritma.com/_mock/apis/banking/v4/openapi/banking-openapi
https://banking.zdata.io/api
Obtaining a consent is the first thing you need to do in order to access bank information.
Start by sending a request to the create consent endpoint which will return a link you can redirect the user to. When the user visits the link, we will gather the necessary information needed to obtain a consent linked to the chosen bank.
When a consent has been obtained you can use it to access data through the available endpoints, keep in mind that a consent can potentially be withdrawn by the user at any point.
Operations
Security
Api access(Required scopes:
services.banking
api
)Optional unique identifier of the bank you are creating consent for, if not specified the user will be asked to select one. The unique identifiers can be found through the list bank API call (GET /banks).
Example: "89F7F63B-67C0-4F70-A6BE-898BC211DCA0"
The time the consent should expire. Defaults to:
- psd2: 90 days
- openbanking: no expiration
Can be used by client to keep track of consent flow. Will be returned in response to CreateConsent API call and added to return url as a queryparameter if return url is specified.
Example: "qwerty"
Id of the subscription which this consent will created under.
Example: "992606c793984bcf81e543d90ecfbb36"
Name of the resource-group which this consent will be organized under.
Example: "999999999"
- Mock serverhttps://developer.aritma.com/_mock/apis/banking/v4/openapi/banking-openapi/consents
- https://banking.zdata.io/api/consents
- Payload
- cURL
- C#
- JavaScript
- Python
- Go
- PHP
- Java
- Java 8
application/json
{ "bankId": "89F7F63B-67C0-4F70-A6BE-898BC211DCA0", "channelType": "unspecified", "expires": null, "properties": { "property1": "string", "property2": "string" }, "redirectSettings": { "success": "https://www.google.com/search?q=success", "error": "https://www.google.com/search?q=error" }, "state": "qwerty", "subscriptionId": "992606c793984bcf81e543d90ecfbb36", "resourceGroupName": "999999999", "resourceGroupDisplayName": "Organisation AB" }
Created
Fully qualified resource id of the consent
Example: "/subscriptions/992606c793984bcf81e543d90ecfbb36/resource-groups/999999999/providers/aritma.banking/consents/0cb6e03a-c1d6-4d32-b438-0c2ad1e4079b"
Url to redirect the user to. Language can be preselected with query parameter (ui-culture) when redirecting users. Current supported languages are nb (norwegian bokmål) and en (english, default). Ex: https://google.com?ui-culture=nb
Example: "https://google.com"
Status of the consent
| Enum Value | Description |
|---|---|
| unknown | |
| created | Consent session has been created |
| started | Consent flow has started |
| authorized | Consent has been obtained and is ready to be used |
| expired | The consent has expired |
| revoked | The consent has been revoked |
| failure | Failed to retrieve consent |
| awaitingApproval | Consent is being processed |
Response
application/json
{ "consentId": "1E5EFC3B-635E-4973-A605-41D7F0D6D7B3", "resourceId": "/subscriptions/992606c793984bcf81e543d90ecfbb36/resource-groups/999999999/providers/aritma.banking/consents/0cb6e03a-c1d6-4d32-b438-0c2ad1e4079b", "redirectUrl": "https://google.com", "status": "unknown", "state": "qwerty" }
- Mock serverhttps://developer.aritma.com/_mock/apis/banking/v4/openapi/banking-openapi/consents
- https://banking.zdata.io/api/consents
- Payload
- cURL
- C#
- JavaScript
- Python
- Go
- PHP
- Java
- Java 8
No request payloadResponse
application/json
{ "consents": [ { … } ], "_links": { "next": { … }, "previous": { … } } }
Security
Api access(Required scopes:
services.banking
api
)The time the consent should expire. Defaults to:
- psd2: 90 days
- openbanking: no expiration
- Mock serverhttps://developer.aritma.com/_mock/apis/banking/v4/openapi/banking-openapi/consents/{id}/refresh
- https://banking.zdata.io/api/consents/{id}/refresh
- Payload
- cURL
- C#
- JavaScript
- Python
- Go
- PHP
- Java
- Java 8
application/json
{ "expires": null, "redirectSettings": { "success": "https://www.google.com/search?q=success", "error": "https://www.google.com/search?q=error" }, "state": "qwerty" }
Created
Fully qualified resource id of the consent
Example: "/subscriptions/992606c793984bcf81e543d90ecfbb36/resource-groups/999999999/providers/aritma.banking/consents/0cb6e03a-c1d6-4d32-b438-0c2ad1e4079b"
Url to redirect the user to. Language can be preselected with query parameter (ui-culture) when redirecting users. Current supported languages are nb (norwegian bokmål) and en (english, default). Ex: https://google.com?ui-culture=nb
Example: "https://google.com"
Status of the consent
| Enum Value | Description |
|---|---|
| unknown | |
| created | Consent session has been created |
| started | Consent flow has started |
| authorized | Consent has been obtained and is ready to be used |
| expired | The consent has expired |
| revoked | The consent has been revoked |
| failure | Failed to retrieve consent |
| awaitingApproval | Consent is being processed |
Response
application/json
{ "consentId": "1E5EFC3B-635E-4973-A605-41D7F0D6D7B3", "resourceId": "/subscriptions/992606c793984bcf81e543d90ecfbb36/resource-groups/999999999/providers/aritma.banking/consents/0cb6e03a-c1d6-4d32-b438-0c2ad1e4079b", "redirectUrl": "https://google.com", "status": "unknown", "state": "qwerty" }
- Mock serverhttps://developer.aritma.com/_mock/apis/banking/v4/openapi/banking-openapi/consents/{id}
- https://banking.zdata.io/api/consents/{id}
- Payload
- cURL
- C#
- JavaScript
- Python
- Go
- PHP
- Java
- Java 8
No request payloadOK
Fully qualified resource id of the consent
Example: "/subscriptions/992606c793984bcf81e543d90ecfbb36/resource-groups/999999999/providers/aritma.banking/consents/0cb6e03a-c1d6-4d32-b438-0c2ad1e4079b"
Status of the consent
| Enum Value | Description |
|---|---|
| unknown | |
| created | Consent session has been created |
| started | Consent flow has started |
| authorized | Consent has been obtained and is ready to be used |
| expired | The consent has expired |
| revoked | The consent has been revoked |
| failure | Failed to retrieve consent |
| awaitingApproval | Consent is being processed |
Response
application/json
{ "consentId": "1E5EFC3B-635E-4973-A605-41D7F0D6D7B3", "resourceId": "/subscriptions/992606c793984bcf81e543d90ecfbb36/resource-groups/999999999/providers/aritma.banking/consents/0cb6e03a-c1d6-4d32-b438-0c2ad1e4079b", "status": "unknown", "additionalData": { "bankId": null, "expiresAtUtc": "2019-08-24T14:15:22Z", "consentData": null } }
A signing basket groups multiple payments for authorisation with a single SCA operation. The basket can contain both bulk payments and individual payment lines, each with different authorisation requirements. Payments are exported to bank as soon as their authorisation requirements are fulfilled, even if other payments in the basket are still pending.
Operations