Skip to content

Credentials API

Credential Status

The status of a credential is an object with this shape:

"pending": bool,
"blocked": bool,
"reset_token": [ null | str ],
"last_transaction_date": str "YYYY-MM-DD",
"sca_token": [ null | str ],
"transaction_token": [ null | str ],
"name": str,
"last_update": str "YYYY-MM-DD",
"time": str "HH:MM",
"last_update_timestamp": int,
"created_at_timestamp": int,
"errored": {
    "product": {
        "auth": bool,
        "account": bool,
        "card": bool,
        "portfolio": bool,
        "investment": bool,
        "liability": bool,
        "holders": bool,
    },
    "transaction": {
        "account": bool,
        "card": bool,
        "investment": bool,
        "liability": bool
    }
},
"created": {
    "product": {
        "auth": bool,
        "account": bool,
        "card": bool,
        "portfolio": bool,
        "investment": bool,
        "liability": bool,
        "holders": bool,
    },
    "transaction": {
        "account": bool,
        "card": bool,
        "investment": bool,
        "liability": bool
    }
}

Field

Description

pending

it will be false when the initial extraction process has finished, with or without errors.

blocked

it will be set to true if the credentials does not allow to login to the website

reset_token

it will have value different to null if the account is blocked or you force it with the PUT request to the same endpoint

sca_token

if will have a value different to null if the account needs SCA (a.k.a. 2FA)

last_transaction_date

it the date of the last transactions retrieved

name

is the bank identifier

created_at_timestamp

timestamp when the credential_token was created

last_update

is the day when the last extraction finished

time

is the hour when the last extraction finished (in UTC)

last_update_timestamp

day and time when the last extraction finished (in UTC)

errored

in case of error indicates to which data affects the error

created

each field will be set to true when the extraction of the data finishes (with or without error)

Endpoints

Get Credentials Status

This method retrieves the status of a specific credential.

https://api.flanks.io/v0/bank/credentials/status

Headers

Header

Value

Authorization

Bearer <access_token> (See Authentication).

Content-Type

application/json

Body (JSON encoded)

Parameter

Type

Value

credentials_token *

String

Identifier for the credentials.

(*) Mandatory Parameters

Responses

200 OK
{ CredentialStatus }

This endpoint returns an object with the keys described in the Credential Status section.

400 Credentials Not Found
{
    "error": "You are not allowed to access to this credentials"
}

There is no credentials in our system identified by the provided credentials_token. Either the credentials_token is invalid or the credentials have been removed at some point.

500 Internal Error

{
    "error": "Internal Error"
}
The server encountered an unexpected condition that prevented it from fulfilling the request.

List Credentials

List all existing credentials. The response returns the following fields for each credential:

Field

Description

credentials_token

Identifier for the credentials.

external_id

This is the value of the alias field passed as an extra parameter to the link used to add these credentials.

bank

Name of the entity where the credentials belongs to.

status

an object with the keys described in the Credential Status section.

https://api.flanks.io/v0/bank/credentials/list

Headers

Header

Value

Authorization

Bearer <access_token> (See Authentication).

Content-Type

application/json

Responses

200 OK
{
    "items": [
        {
            "credentials_token": str,
            "external_id": [ null | str ],
            "bank": str,
            "status": CredentialStatus
        },
        ...
    ]
}
500 Internal Error

{
    "error": "Internal Error"
}
The server encountered an unexpected condition that prevented it from fulfilling the request.

Force SCA, Reset or Transactions Token

This method allows you to force different flows for the credentials.

Note that this will require user interaction. Using this method will prevent the credential from being automatically updated.

If the force parameter is sca it will set the sca_token and wait for a successful sca login interaction and then will update the data.

If the force parameter is reset it will set the reset_token and it will allow you to update the user's online banking credentials maintaining the same credentials_token. This is useful when the user changes their credentials.

If the force parameter is transaction it will enable the transaction_token flow, which enables Flanks to go backward more than 90 days in account transactions.

https://api.flanks.io/v0/bank/credentials/status

Headers

Header

Value

Authorization

Bearer <access_token> (See Authentication).

Content-Type

application/json

Body (JSON encoded)

Parameter

Type

Value

force *

String

Must be sca, reset or transaction.

credentials_token *

String

Identifier for the credentials.

(*) Mandatory Parameters

Responses

200 OK
{
    "sca_token": str
}
--------------------------------------------------------
{
    "transaction_token": str
}
--------------------------------------------------------
{
    "reset_token": str
}
400 Credentials Not Found
{
    "error": "You are not allowed to access to this credentials"
}

There is no credentials in our system identified by the provided credentials_token. Either the credentials_token is invalid or the credentials have been removed at some point.

500 Internal Error

{
    "error": "Internal Error"
}
The server encountered an unexpected condition that prevented it from fulfilling the request.

Delete Credentials

This endpoint allows you to delete credentials identified by a credentials_token.

Once the credentials are deleted it is not possible to retrieve the extracted data and Flanks will delete everything related to this credential (the user's access credentials and all the stored data).

https://api.flanks.io/v0/bank/credentials

Headers

Header

Value

Authorization

Bearer <access_token> (See Authentication).

Content-Type

application/json

Body (JSON encoded)

Parameter

Type

Value

credentials_token *

String

Identifier for the credentials.

(*) Mandatory Parameters

Responses

200 OK
{
    "message": "Successfully deleted"
}
400 Credentials Not Found
{
    "error": "You are not allowed to access to this credentials"
}

There are no credentials in our system identified by the provided credentials_token. Either the credentials_token is invalid or the credentials have been removed at some point.

500 Internal Error

{
    "error": "Internal Error"
}
The server encountered an unexpected condition that prevented it from fulfilling the request.