Accounts
All
Returns all accounts belonging to a PSU and all relevant information about them. This endpoint should be called after refreshing PSU data on Salt Edge side.
CURL
![]()
curl -i \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InBlcl9wYWdlIjo1MCwiZnJvbV9pZCI6NjY1fSwiZXhwIjoxNzg0MzUyNDE4LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.AlOGP2m4Agy_wrM-wNXHelw-hA8ik1eW39lxq5-gWfKS5XreLrOEErXmDck9FuAceBHNE-_ENUQWAt5J10DVDBWeFW4SiWGoBdHbB_mhsywz43ztnu-WAouo3Btr-3OaME0E7PXScHPea8EJuWpScw9C_VLkP5Hjd-F1dBkH0M5_Ruj3WGj7a2KrkYsWxiBYyIbLF-bDvXvMhTXegywpmVV8ZUUkOmd5RZJtdWxrAhXHeTbSNOqUJfaDFq-KW7VNOyGwh_15hj7v2dnUv3EXr6LotWtfeYoHVkQ7aC4j5JfreyqH_89nAZa3xXu4oN44FQTlL2hQQU-TROzmGW5zpw" \
-H "App-Id: hdxOnJzz7tUdwso5TeGIOQ" \
-H "App-Secret: mQdTa13N7SoBsmnoHok0mQ" \
-H "Access-Token: 0bd6a34ce608515b9ce2c2afae5d52fa047aaa07c10563b9e7ef4e786faf935f29d255858fac37d314bef7d24651ddebe60cb4342d98e0feaee5ca010c500c04" \
-H "Client-Request-Id: 34" \
-X GET "/api/v2/accounts/all"
Example of request parameters
![]()
{"data":{"per_page":50,"from_id":665},"exp":1574093211}
Example of response
![]()
{"meta":{"time":"2019-11-18T16:04:51.182Z","next_id":865},"data":[{"id":"864","name":"Visa","nature":"credit_card","iban":"FK54RAND61068428516174","number":"450746508","sort_code":"16-26-63","swift_code":"qALtN","currency_code":"GBP","balance":37,"available_amount":30.5,"provider_account_id":"229","extra":{},"payment_account":true,"created_at":"2019-11-18T16:04:51.182Z","updated_at":"2019-11-18T16:04:51.182Z"}]}
Request
GET
/api/v2/accounts/all
Headers
| Header | Type | Description |
|---|---|---|
Authorization
|
string, required |
JSON Web Token containing payload, signed using RSA256 and application.private_key.
Can raise:
AuthorizationMissing
|
App-Id
|
string, required |
Application’s app_id from connection details tab.
Can raise:
OauthAppNotFound, CertificateNotFound
|
App-Secret
|
string, required |
Application’s app_secret from connection details tab.
|
Access-Token
|
string, required | Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired |
Client-Request-Id
|
string, optional |
Request identifier. If present, it will be returned within meta field in response.
|
Unpacked Request Authorization
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| TokenMissing | 400 | This request cannot be performed without Access_Token header. |
| AuthorizationMissing | 401 | Authorization header is missing. |
| TokenRevoked | 401 | Token specified in request is revoked and cannot be used anymore. |
| TokenExpired | 401 | Token specified in request is expired and cannot be used. |
| OauthAppNotFound | 404 | OAuth Application specified in request does not exist or cannot be retrieved. |
| CertificateNotFound | 404 | Certificate has no permissions. |
| TokenNotFound | 404 | Token specified in request does not exist or cannot be retrieved. |
Holder
Returns holder information that belongs to a PSU. This endpoint should be called after refreshing PSU data on Salt Edge side.
CURL
![]()
curl -i \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzg0MzUyNDE4LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.dEtJFBriwNQgnC9gnrYnwnhVC9N6__5AkU_spb-1R_yoPFkZm5QhkLq6pZKBlCSX209efYEPeOUMztB2txAc7XDUfiTdcHUShj96K5TysqhWtg2KcgJi9CobVmn-IaL2-SmLTNN0MXOZUk9PSqWAtiho7E88AuI51WMxv2bcH_yFvlfpDjHyQmUcjq40MCRRbGxps6l7hYN9gbSxiRTvwydhOjRslK_4vFtaGJHBtqEWVpHP4b--I7FwXrn1u8oCzHhBnsyv-J6rkV7LmwYZGbk9G5JZVQ1sn5SvaAuCCNo7IE143p8C47Vys09SM1aRW9vfmpWjRHU6tZhyUzhpow" \
-H "App-Id: HyR-HnEk7_WMUJv8BD6LkA" \
-H "App-Secret: yqQW_-qL3l1YnoJyzDvX-g" \
-H "Access-Token: 20442d11db40783035aa521337d264760fe46e0b241389fdc2081dae37a9952f6b5f58a7341a990c46a38b6b38c03770a4ecbd4d495c4030e323ad1b292d428f" \
-H "Client-Request-Id: 17" \
-X GET "/api/v2/accounts/holder"
Example of request parameters
![]()
{"data":{},"exp":1574093211}
Example of response
![]()
{"data":{"name":"John Smith"}}
Request
GET
/api/v2/accounts/holder
Headers
| Header | Type | Description |
|---|---|---|
Authorization
|
string, required |
JSON Web Token containing payload, signed using RSA256 and application.private_key.
Can raise:
AuthorizationMissing
|
App-Id
|
string, required |
Application’s app_id from connection details tab.
Can raise:
OauthAppNotFound, CertificateNotFound
|
App-Secret
|
string, required |
Application’s app_secret from connection details tab.
|
Access-Token
|
string, required | Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired |
Client-Request-Id
|
string, optional |
Request identifier. If present, it will be returned within meta field in response.
|
Unpacked Request Authorization
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| TokenMissing | 400 | This request cannot be performed without Access_Token header. |
| AuthorizationMissing | 401 | Authorization header is missing. |
| TokenRevoked | 401 | Token specified in request is revoked and cannot be used anymore. |
| TokenExpired | 401 | Token specified in request is expired and cannot be used. |
| OauthAppNotFound | 404 | OAuth Application specified in request does not exist or cannot be retrieved. |
| CertificateNotFound | 404 | Certificate has no permissions. |
| TokenNotFound | 404 | Token specified in request does not exist or cannot be retrieved. |
Payment
Returns accounts that are available for making payments and belong to a PSU. This endpoint should be called after refreshing PSU data on Salt Edge side.
CURL
![]()
curl -i \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzg0MzUyNDE4LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.dEtJFBriwNQgnC9gnrYnwnhVC9N6__5AkU_spb-1R_yoPFkZm5QhkLq6pZKBlCSX209efYEPeOUMztB2txAc7XDUfiTdcHUShj96K5TysqhWtg2KcgJi9CobVmn-IaL2-SmLTNN0MXOZUk9PSqWAtiho7E88AuI51WMxv2bcH_yFvlfpDjHyQmUcjq40MCRRbGxps6l7hYN9gbSxiRTvwydhOjRslK_4vFtaGJHBtqEWVpHP4b--I7FwXrn1u8oCzHhBnsyv-J6rkV7LmwYZGbk9G5JZVQ1sn5SvaAuCCNo7IE143p8C47Vys09SM1aRW9vfmpWjRHU6tZhyUzhpow" \
-H "App-Id: 9zP5wU8ItSUlkvWHViCt1w" \
-H "App-Secret: SJDCclW3NkeeAhJX7CX4dA" \
-H "Access-Token: 728037d96181287cd2394f43943d07897fc1a52a0b657489ee2fc34c54c7e8dc95959621394c1a6ce49db0c6e19a9a62909152bd4e39a9a7ca57bb572ee7ef41" \
-H "Client-Request-Id: 17" \
-X GET "/api/v2/accounts/payment"
Example of request parameters
![]()
{"data":{},"exp":1574093211}
Example of response
![]()
{"data":[{"id":"735","name":"Test payment","nature":"account","iban":"FK93RAND00954339238694","number":"836076798","sort_code":"84-42-94","swift_code":"CN9zd","currency_code":"EUR","provider_account_id":"43","created_at":"2019-11-18T16:04:50.985Z","updated_at":"2019-11-18T16:04:50.986Z"}]}
Request
GET
/api/v2/accounts/payment
Headers
| Header | Type | Description |
|---|---|---|
Authorization
|
string, required |
JSON Web Token containing payload, signed using RSA256 and application.private_key.
Can raise:
AuthorizationMissing
|
App-Id
|
string, required |
Application’s app_id from connection details tab.
Can raise:
OauthAppNotFound, CertificateNotFound
|
App-Secret
|
string, required |
Application’s app_secret from connection details tab.
|
Access-Token
|
string, required | Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired |
Client-Request-Id
|
string, optional |
Request identifier. If present, it will be returned within meta field in response.
|
Unpacked Request Authorization
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| TokenMissing | 400 | This request cannot be performed without Access_Token header. |
| AuthorizationMissing | 401 | Authorization header is missing. |
| TokenRevoked | 401 | Token specified in request is revoked and cannot be used anymore. |
| TokenExpired | 401 | Token specified in request is expired and cannot be used. |
| OauthAppNotFound | 404 | OAuth Application specified in request does not exist or cannot be retrieved. |
| CertificateNotFound | 404 | Certificate has no permissions. |
| TokenNotFound | 404 | Token specified in request does not exist or cannot be retrieved. |
Refresh
Initiates the process of refreshing PSU data (accounts, transactions, holder info) on Salt Edge PSD2 Compliance side from the ASPSP which issued the access token.
CURL
![]()
curl -i \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImZyb21fZGF0ZSI6IjIwMTktMDgtMTgiLCJ0b19kYXRlIjoiMjAxOS0xMS0xOCIsImluaXRpYXRlZF9ieV9jdXN0b21lciI6ZmFsc2UsInJlZGlyZWN0X3VybCI6Imh0dHBzOi8vdXNlci53aWxsLmJlL3JlZGlyZWN0ZWQvaGVyZSJ9LCJleHAiOjE3ODQzNTI0MTgsImlzcyI6InByaW9yYS5zYWx0ZWRnZS5jb20ifQ.PbBjKTKD7FM5afZRfW0UId7A1wFlO5U2-4gSuphKbSfYUuvMy3fa1_uAW6Bn_UYFs2rghtZB15xfmnhcLLjq3YI1dLz1lStXtNf9H0OkKZNEt9pkizCbSYso4e6vKEoMVvQY3Hn2dWIb46BgwbMS3d-HXFvyd9emyW-6Fj9gffQ0kLEgeq2VSeY4Z7gtNPAeCHeMK2IusfF1yrlURxNDXChLf-dxRosGS6_YmTpFUeR_eeBXcbhogTjdCdvuZ7LVehAUFRKgdiApb0Nq44g1N4q59Uo5R2ErrQvm4H1RPtaz_CklfqtvbXuzoBMhPCCqbHEmE8bFQwhWvtbUfvLLjQ" \
-H "App-Id: UJbEee74CaUNMzrvzfAtUQ" \
-H "App-Secret: B_oeBL7GIK9jPxzQSrmlLQ" \
-H "Access-Token: b2e3f5f24b69dad11a89e9fdada9dd695a1e8f965a3f33248ea41ae6ca46c0d3a2ea38233fe9b6cedeaa9067ee89bb87981d0988bd688e8b8056640c86350b6f" \
-H "Client-Request-Id: 17" \
-X PUT "/api/v2/accounts"
Example of request parameters
![]()
{"data":{"from_date":"2019-08-18","to_date":"2019-11-18","initiated_by_customer":false,"redirect_url":"https://user.will.be/redirected/here"},"exp":1574093211}
Example of response
![]()
{"data":{"session_secret":"fssZuhgv1LNyG_TaHmgv"}}
Request
PUT
/api/v2/accounts
Headers
| Header | Type | Description |
|---|---|---|
Authorization
|
string, required |
JSON Web Token containing payload, signed using RSA256 and application.private_key.
Can raise:
AuthorizationMissing
|
App-Id
|
string, required |
Application’s app_id from connection details tab.
Can raise:
OauthAppNotFound, CertificateNotFound
|
App-Secret
|
string, required |
Application’s app_secret from connection details tab.
|
Access-Token
|
string, required | Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired |
Client-Request-Id
|
string, optional |
Request identifier. If present, it will be returned within meta field in response.
|
Unpacked Request Authorization
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| TokenMissing | 400 | This request cannot be performed without Access_Token header. |
| AuthorizationMissing | 401 | Authorization header is missing. |
| TokenRevoked | 401 | Token specified in request is revoked and cannot be used anymore. |
| TokenExpired | 401 | Token specified in request is expired and cannot be used. |
| OauthAppNotFound | 404 | OAuth Application specified in request does not exist or cannot be retrieved. |
| CertificateNotFound | 404 | Certificate has no permissions. |
| TokenNotFound | 404 | Token specified in request does not exist or cannot be retrieved. |
| ActionNotAllowed | 406 | You're not allowed to perform this action. This might be a configuration problem or parameters incompatibility. |
| AccessExceeded | 429 | Exceeded the number of automatic requests for this action. |
| AccessExceeded | 429 | Exceeded the number of automatic requests for this action. |
Transactions
Returns transactions for a specific account. This endpoint should be called after refreshing PSU data on Salt Edge side.
CURL
![]()
curl -i \
-H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InBlcl9wYWdlIjo1MCwiZnJvbV9pZCI6MTY1fSwiZXhwIjoxNzg0MzUyNDE5LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.CyB_Rhy1QawTo7s3mVVQixkW-5bG6vgMkbH_PBjIRsbcgoFjZWZ_HJevQLVI9st0kXkdsFWJ6ccSNaZYzzkzcYpHuuXnXd2KsN8wVZGmbTzbH3_X3sN3C3SWCvEvUUDopEXOIhn5UUNxmkWTnQMM04cGpkoYza5QlrFDjQANBC2mLEu5S8CypJe4c_qiUo2KEpUe-XfUAOepuR1dyh-gypzruUF86SG9-8GvTbVtJl0PuX1v94QMekz3j0CWdsMIL4IX1FPzIz5_HfOQUmnKl4PfdnKoqXNmpt0rklFmAUUWx7KOglVgQfQ9jlImFmyZQjx7M9hVzC6ZszEBKXSIhg" \
-H "App-Id: 1aeKgOrMn24XdsU8K5vgNw" \
-H "App-Secret: YTYP2gAUWcXW3l9wvtMT6w" \
-H "Access-Token: cf3f53fd0422519c4259cbbad9cdd556a5e6e03618a474431823e394b6f1204c98a46609f0606e8920a153665175739cc0174f721b263aeb0838f1a1afef8d3e" \
-H "Client-Request-Id: 17" \
-X GET "/api/v2/accounts/:account_id/transactions"
Example of request parameters
![]()
{"data":{"per_page":50,"from_id":165},"exp":1574093211}
Example of response
![]()
{"meta":{"time":"2019-11-18T16:04:51.253Z","next_id":1055},"data":[{"id":1054,"account_id":711,"currency_code":"EUR","amount":16.54,"fees":[{}],"description":"Internal transfer.","extra":{},"provider_transaction_id":"614","made_on":"2019-11-18T16:04:51.252Z","status":"posted","category":"transfer","created_at":"2019-11-18T16:04:51.253Z","updated_at":"2019-11-18T16:04:51.253Z"}]}
Request
GET
/api/v2/accounts/:account_id/transactions
Headers
| Header | Type | Description |
|---|---|---|
Authorization
|
string, required |
JSON Web Token containing payload, signed using RSA256 and application.private_key.
Can raise:
AuthorizationMissing
|
App-Id
|
string, required |
Application’s app_id from connection details tab.
Can raise:
OauthAppNotFound, CertificateNotFound
|
App-Secret
|
string, required |
Application’s app_secret from connection details tab.
|
Access-Token
|
string, required | Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired |
Client-Request-Id
|
string, optional |
Request identifier. If present, it will be returned within meta field in response.
|
Unpacked Request Authorization
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| TokenMissing | 400 | This request cannot be performed without Access_Token header. |
| AuthorizationMissing | 401 | Authorization header is missing. |
| TokenRevoked | 401 | Token specified in request is revoked and cannot be used anymore. |
| TokenExpired | 401 | Token specified in request is expired and cannot be used. |
| AccountNotFound | 404 | Account specified in request does not exist or cannot be retrieved. |
| OauthAppNotFound | 404 | OAuth Application specified in request does not exist or cannot be retrieved. |
| CertificateNotFound | 404 | Certificate has no permissions. |
| TokenNotFound | 404 | Token specified in request does not exist or cannot be retrieved. |