NAV Navbar
sandbox production

Introduction

  _   _      _ _        __        __         _     _ _ 
 | | | | ___| | | ___   \ \      / /__  _ __| | __| | |
 | |_| |/ _ \ | |/ _ \   \ \ /\ / / _ \| '__| |/ _` | |
 |  _  |  __/ | | (_) |   \ V  V / (_) | |  | | (_| |_|
 |_| |_|\___|_|_|\___/     \_/\_/ \___/|_|  |_|\__,_(_)                  

This is the Bank Frick online banking webAPI documentation. In this documentation the client can see what requirements must be fulfilled, which functionalities Bank Frick's online banking webAPI must have and how it must be set up.

The online banking webAPI enables to create and approve payment orders and receive account information in a simplified JSON format or standardized camt report without the requirement of logging in into the online banking frontend.

We have examples for the sandbox as well as for the production environment. You can view code examples in the dark area to the right, and you can switch the environment of the examples with the tabs in the top right.

Getting Started

In order to use the online banking webAPI (Sandbox & Production), the client requires having an active account which allows him to access one or multiple customers depending on the user privileges and contact to customer assignments. Here you can set up your account: Sign up

After the Sign Up, you will receive the following three pieces of information by post to access your account and use the webAPI.

If you subsequently have an active Bank Frick account, you can start webAPI with the Online Banking setup.

Currently 2 environments are available

The API is available under the following path:
BaseURL = <Environment URL>/webapi/

Schemes: https

Signatures

Message payloads must be signed by the sender of the message and be verified by the receiver. The signature will be transmitted in the ‘Signature’ header field of the HTTP Request/Response. The signature is a Base64-encoded binary SHA signature of the content of the message-body. The 'algorithm' header parameter is used to specify the digital signature algorithm to use when generating the signature. Valid values for this parameter are [rsa-sha512, rsa-sha384, rsa-sha256]. If ‘algorithm’ is not provided by the client the server will assume rsa-sha512.

SSH-Key-Management

The public key of the client must be uploaded to the server using the online banking gui manage ssh key dialog and assigned to an access token. The user must give a unique title respectively a name to the public key. The public key itself can be copied into the input field and added with the "Add SSH-Key" button. The following formats for the public key are accepted:

A public/private key pair can be created using various tools, e.g. via openssl command line

$ openssl genrsa -out private.key 4096
$ openssl rsa -in private.key -outform PEM -pubout -out public.pem

Or via Java:

KeyPairGenerator instance = KeyPairGenerator.getInstance("RSA");
instance.initialize(4096, secureRandom);
KeyPair generateKeyPair = instance.generateKeyPair();

Note: Private keys must be stored safely and never shared.

Sample signing with openssl

$ openssl dgst –sha512 –sign private.key –out request.body.sha512 request.body
$ openssl base64 -A –in request.body.sha512 -out request.signature

Sample signature verification using openssl

$ openssl base64 -A –d –in response.signature -out response.body.sha512
$ openssl dgst –sha512 –verify public.pem –signature response.body.sha512 response.body

Sample signing with Java

public String getSignature(byte[] body, PrivateKey privateKey) throws Exception {
Signature privateSignature = Signature.getInstance("SHA512withRSA");
privateSignature.initSign(privateKey);
privateSignature.update(body);
byte[] signature = privateSignature.sign();
return Base64.getEncoder().encodeToString(signature);
}

Sample signature verification using Java

public boolean isValid(byte[] body, String signature, PublicKey publicKey) throws Exception {
Signature publicSignature = Signature.getInstance("SHA512withRSA");
publicSignature.initVerify(publicKey);
publicSignature.update(body);
byte[] signatureBytes = Base64.getDecoder().decode(signature);
return publicSignature.verify(signatureBytes);
}

Manage API Keys

Now, you are able to generate a personal API-Key for an application which uses the webAPI. The API-Key replaces the user contact number for requesting a JWT from the authorization server, however for each further request it is still required that the user account is still active and accessible. If the you lock the account e.g. via the “Lock Password” function or by entering false passwords at the login, all client JWTs will lose access privileges temporarily until the user is unlocked again from an advisor in the backend.

An API-Key is a personalized access token which will be generated once by the server using the settings provided by the contact. The settings describe the name, expire date and scope of the access token. Also a client public key must be defined which will be used by the server to validate the signature of the messages send by the client.

A generated access token will be displayed after a successful entered TAN challenge for a limited amount of time. After that, the token cannot be accessed again. Changing a token would require to delete the old token and create a new one. You are responsible to save and handle the access key securely. Additionally, you can limit the access to the WebAPI of your account to a specific IP address or subnet. For that, the firewall must be configured accordingly so that your IP address is passed to the application server (transparent proxy) in the “X-FORWARDED-FOR” or any other suitable request header field.

Upload API Keys

Manage API Keys

WebHooks

This dialog shows an overview of all created and active notification rules. You are able to define notification rules to be informed when a criteria matches, e.g. a charge or credit entry on an account or an executed payment order. New rules can be created, edited or deleted at any time.

You are able to create or edit a notification rule which triggers on the defined event and notifies the user. You can define a rule for a specific customer or account or in a general case for all accounts. The notification rule condition is checked by the server in regular intervals and if a rule is fulfilled you are notified once via the selected method until the condition is reset and met again.

WebHooks allows the user to develop push notifications. These push notifications are simply an HTTP POST that is triggered by the defined action. The notification does contain information about the triggered notification rule but no further critical data. Also a signature of the body is added which can be verified by the server public key. The server will send a JSON message containing the relevant information about the rule.

If the message cannot be delivered, e.g. because the client server is not responding, the event will be discarded and not be send again until the notification condition is triggered again. The request is asynchronous meaning the server does not wait for a client response.

WebHooks

WebHooks Details

Accounts

Listing of accounts, similar to the financial overview within the online banking. Will only show accounts visible to the user as defined by the customer to contact relation and permission.

Get Accounts

GET /v2/accounts

Request

GET https://olbtest.bankfrick.li/webapi/accounts
Content-Type: */*
Accept: application/json
Authorization: ...

...    
GET https://olb.bankfrick.li/webapi/accounts
Content-Type: */*
Accept: application/json
Authorization: ...

...    

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "date" : "2018-12-31",
  "moreResults" : false,
  "resultSetSize" : 2,
  "accounts" : [ {
    "account" : "00012345/001.000.001",
    "type" : "CURRENT ACCOUNT",
    "iban" : "LI6808811000000001234",
    "customer" : "00012345 Max Muster",
    "currency" : "CHF",
    "balance" : -1321.25,
    "available" : 0
  }, {
    "account" : "00012345/400.000.840",
    "type" : "TIME DEPOSITS/FIXED DEP. CUSTOMER",
    "customer" : "00012345 Max Muster",
    "currency" : "USD",
    "balance" : 515
  } ]
}

Get the list of accounts that are visible for the user.

Request Parameters

name type description default constraints
Authorization header Bearer <token>
firstPosition query (optional) Set the position of the first result to retrieve (offset), defaults to 0 0 int
maxResults query (optional) Set the maximum number of results to retrieve (row_count), defaults to 100, max. 500 100 int
order query (optional) Defines the ordering (by customer_number and account_number) of the result where order is one of (desc, asc), defaults to asc asc

Response Codes

code condition type
200 Request successful Accounts (JSON)

Response Body

media type data type description
application/json Accounts (JSON) The list accounts according to the filter parameters as json object.

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

Get Accounts (filtered)

GET /v2/accounts/{customer}{p}{account}

Request

GET https://olbtest.bankfrick.li/webapi/accounts/0001234/001.000.001
Content-Type: */*
Accept: application/json
Authorization: ...


...
GET https://olb.bankfrick.li/webapi/accounts/0001234/001.000.001
Content-Type: */*
Accept: application/json
Authorization: ...


...

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "date" : "2018-12-31",
  "moreResults" : false,
  "resultSetSize" : 2,
  "accounts" : [ {
    "account" : "00012345/001.000.001",
    "type" : "CURRENT ACCOUNT",
    "iban" : "LI6808811000000001234",
    "customer" : "00012345 Max Muster",
    "currency" : "CHF",
    "balance" : -1321.25,
    "available" : 0
  }, {
    "account" : "00012345/400.000.840",
    "type" : "TIME DEPOSITS/FIXED DEP. CUSTOMER",
    "customer" : "00012345 Max Muster",
    "currency" : "USD",
    "balance" : 515
  } ]
}

Get the list of accounts for the user and the given filter for customer number and account number. It is possible to search only for a customer or an account by leaving the filter parameter empty. E.g. /accounts//001.000.001 would search for accounts with the account number 001.000.001 on all visible customers for the user.

If a combination of filter parameters are applied, only accounts that match both conditions are returned.

Request Parameters

name type description default constraints
Authorization header Bearer <token>
account path (optional) The account to receive information for
p path optional) Path separator between customer and account, for searching for an account number without filtering for a customer /accounts//<account_number> must be given.
firstPosition query (optional) Set the position of the first result to retrieve (offset), defaults to 0 0 int
maxResults query (optional) Set the maximum number of results to retrieve (row_count), defaults to 100, max. 500 100 int
order query (optional) Defines the ordering (by customer_number and account_number) of the result where order is one of (desc, asc), defaults to asc asc

Response Codes

code condition type
200 Request successful Accounts (JSON)

Response Body

media type data type description
application/json Accounts (JSON) The list accounts according to the filter parameters as json object.

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

Account Payment Orders

GET /v2/accounts/{customer}{p}{account}/transactions

GET /v2/accounts/{customer}{p}{account}/transactions/{orderId}

Request

GET https://olbtest.bankfrick.li/webapi/accounts/0001234/001.000.001/transactions
Content-Type: */*
Accept: application/json
Authorization: ...

...
GET https://olb.bankfrick.li/webapi/accounts/0001234/001.000.001/transactions
Content-Type: */*
Accept: application/json
Authorization: ...

...

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "moreResults" : false,
  "resultSetSize" : 1,
  "transactions" : [ {
    "orderId" : 20771,
    "customId" : "4711",
    "type" : "SEPA",
    "state" : "PREPARED",
    "amount" : "1000.00",
    "currency" : "EUR",
    "valuta" : "2018-08-02",
    "express" : false,
    "reference" : "Invoice number 123",
    "debitor" : {
      "accountNumber" : "00012345/001.000.001",
      "iban" : "LI6808811000000001234"
    },
    "creditor" : {
      "name" : "Max Muster",
      "iban" : "DE12500105170648489890",
      "bic" : "INGDDEFFXXX",
      "creditInsitution" : "ING-DiBa GERMANY"
    },
    "creator" : "6789 Max Muster",
    "right" : "Bevollmächtigter kollektiv zu 2",
    "groupPolicy" : "Group intern",
    "group" : 1,
    "quorum" : 2,
    "approvals" : [ {
      "contact" : "6789 Max Muster",
      "group" : 1,
      "dateOfApproval" : "2018-08-22T10:07:02"
    } ]
  } ]
}

Get the list of payment orders for a given account. This will forward to the transactions resource. Returns only orders that were created within the context of the online banking. Booked and external transactions must be retrieved using the camt.052/camt.053 services.

If a combination of filter parameters are applied, only orders that match all of the conditions are returned.

Request Parameters

name type description default constraints
Authorization header Bearer <token>
account path (optional) The account to receive information for
customer path (optional) The customer number to filter the list of transactions for
p path optional) Path separator between customer and account, for searching for an account number without filtering for a customer /accounts//<account_number> must be given.
customId query (optional) Filter for custom id as it was assigned by the client on transaction creation.
firstPosition query (optional) Set the position of the first result to retrieve (offset), defaults to 0 0 int
fromDate query (optional) Starting date of the timespan for which to retrieve the data. The date should be provided in ISO 8601 format: YYYY-MM-DD, defaults to current day minus 30 days, if no specific search parameter orderId or customId was given.
maxAmount query (optional) Maximum amount for a transaction to appear in the report, this parameter should be URL-Encoded.
maxResults query (optional) Set the maximum number of results to retrieve (row_count), defaults to 100, max. 500 100 int
minAmount query (optional) Minimum amount for a transaction to appear in the report, this parameter should be URL-Encoded.
order query (optional) Defines the ordering (by orderId) of the result where order is one of (desc, asc), defaults to asc asc
reference query (optional) Filter for the reference (transaction information), this parameter should be URL-Encoded.
searchIban query (optional) Filter for the beneficiary account iban.
searchName query (optional) Filter for the beneficiary name, this parameter should be URL-Encoded.
status query (optional) Filter for for transaction status, expected one of (PREPARED, IN_PROGRESS, DELETED, EXPIRED, EXECUTED, REJECTED).
toDate query (optional) Ending date of the timespan for which to retrieve the data. The date should be provided in ISO 8601 format: YYYY-MM-DD.
type query (optional) Filter for transaction type, expected one of (INTERNAL, BANK_INTERNAL, SEPA, FOREIGN, RED, ORANGE).
name type description default constraints
orderId path (optional) The payment order id as it was assigned by the server to look for regex: ((?<=/)[0-9]{0,20})?

Response Codes

code condition type
200 Request successful Accounts (JSON)

Response Body

media type data type description
application/json Accounts (JSON) The list accounts according to the filter parameters as json object.

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

Authorize

Login to the WebAPI using an API-Key and the current user password to receive a JWT. The API-Key can be generated by the user using the Manage API-Keys Dialog

POST /v2/authorize

Request

POST https://olbtest.bankfrick.li/webapi/authorize
Content-Type: application/json
Accept: application/json
Signature: ...
algorithm: ...


{
  "key" : "1234567890abcdefgHIJKLMN",
  "password" : "secret"
}
POST https://olb.bankfrick.li/webapi/authorize
Content-Type: application/json
Accept: application/json
Signature: ...
algorithm: ...


{
  "key" : "1234567890abcdefgHIJKLMN",
  "password" : "secret"
}

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "token" : "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJCYW5rIEZyaWNrIFdlYkFQSSIsInN1YiI6IlRhZ2VzYWJzY2hsdXNzIiwiY29udGFjdCI6IjY3ODkiLCJuYW1lIjoiTWF4IE11c3RlciIsInBlcm1pc3Npb25zIjpbImFjY291bnRzIiwidHJhbnNhY3Rpb25zIiwiY2FtdDA1MiIsImNhbXQwNTMiXSwiYXVkIjoicHJvZHVjdGlvbiIsImV4cCI6MTU0NjMwMDgwMCwiaWF0IjoxNTMzMTA5MzIzfQ.DlxpBZMGAZx1xK-UdA-s9SrHMrEIt60waF1kLYG6kCuTRMrcDiS3KR8p0bAyZaLUWlfSJF3TCMb2Tup5MyLFWc0fZRJfu0mBEyz74ZwbSN9iTrwzzsfIuX2E1d895hR1MgsMy2i1Qu-vwZgsW0WivnNCHBMLZH0jM94v1czt7f0"
}

Perform a login to receive the JWT. For the login an API-Key must be generated within the online banking gui application. The API-Key replaces the user contact number for requesting a JWT form the authorization server. The returned JWT token must be used to authenticate against other webapi resources which need a privileged user.

Request Parameters

name type description
Signature header <signature>
algorithm header The used signing algorithm, e.g. rsa-sha512

Request Body

media type data type description
application/json Authorize (JSON) The authorization request body

Response Codes

code condition type
200 Request successful AuthorizeResponse (JSON)

Response Body

media type data type description
application/json AuthorizeResponse (JSON) The authorize response message which contains the JWT as json object.

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

Info

Utility resource to receive status information from the backend. This is the only resource which can be used by anyone without any authorization. It can be used to test connectivity and the general availability of the service. In later releases, this method also returns important system messages which would normally be shows on the login screen.

GET /v2/info

Request

GET https://olbtest.bankfrick.li/webapi/info
Content-Type: */*
Accept: application/json

...
GET https://olb.bankfrick.li/webapi/info
Content-Type: */*
Accept: application/json

...

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "version" : "2.2.5-20180831-1144",
  "environment" : "production",
  "messages" : [ {
    "title" : "Maintenance",
    "message" : "Due to maintenance work, online banking will not be available on 26.07.2018 from 05:00 to 06:00. We apologize for any inconvenience."
  } ]
}

Get the server status information. This includes the current version number of the application on the server as well as the current environment. If available, global status messages are returned as well.

Response Codes

code condition type
200 Request successful Info (JSON)

Response Body

media type data type description
application/json Info (JSON) The status information as json object

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

RequestTan

Request a TAN challenge in order to sign one or multiple transactions with the SignTransactionWithTan message.

DELETE

DELETE /v2/requestTan

Request

DELETE https://olbtest.bankfrick.li/webapi/requestTan
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "challengeId" : "c6f8dd20-aad0-11e8-98d0-529269fb1459"
}
DELETE https://olb.bankfrick.li/webapi/requestTan
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "challengeId" : "c6f8dd20-aad0-11e8-98d0-529269fb1459"
}

Response

HTTP/1.1 204 No Content
Content-Type: application/json
Signature: ...
algorithm: ...

...

Delete a ongoing TAN request challenge.

Request Parameters

name type description
Authorization header Bearer <token>
Signature header <signature>
algorithm header The used signing algorithm, e.g. rsa-sha512

Request Body

media type data type description
application/json DeleteRequestTan (JSON) The request TAN delete body
orderIds array of number The order ids (as assigned from the server) to request a tan for. Either orderIds, customIds or combination of both must be given.
customIds array of string The custom ids (as assigned from the client) to request a tan for. Either orderIds, customIds or combination of both must be given.

Response Codes

code condition type
204 Request successful

Response Body

media type data type description
application/json object (JSON) No content

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

POST

POST /v2/requestTan

Request a tan for previously created transactions used to sign the transactions. This will send a tan via the selected method to the contact. Only one tan challenge can be active per contact at a time and must be resolved within the returned expire time.

Request

POST https://olbtest.bankfrick.li/webapi/requestTan
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "orderIds" : [ 20771, 20772 ],
  "method" : "SMS_TAN"
}
POST https://olb.bankfrick.li/webapi/requestTan
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "orderIds" : [ 20771, 20772 ],
  "method" : "SMS_TAN"
}

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "challengeId" : "c6f8dd20-aad0-11e8-98d0-529269fb1459",
  "expires" : "2018-08-22T10:07:02.895"
}

Request Parameters

name type description
Authorization header Bearer <token>
Signature header <signature>
algorithm header The used signing algorithm, e.g. rsa-sha512

Request Body

media type data type description
application/json RequestTan (JSON) The request TAN body

Response Codes

code condition type
200 Request successful RequestTanResponse (JSON)

Response Body

media type data type description
application/json RequestTanResponse (JSON) The request TAN response message as json object

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

Sign Transaction with TAN

With this message, one or multiple payment orders can be approved by the contact with a TAN that was previously requested by the RequestTan message. Only payment orders can be approved that were previously referred in the TAN challenge request. Only one TAN challenge can be active at the time per API-Key.

POST /v2/signTransactionWithTan`

Request

POST https://olbtest.bankfrick.li/webapi/signTransactionWithTan
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "challengeId" : "c6f8dd20-aad0-11e8-98d0-529269fb1459",
  "tan" : "123456"
}
POST https://olb.bankfrick.li/webapi/signTransactionWithTan
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "challengeId" : "c6f8dd20-aad0-11e8-98d0-529269fb1459",
  "tan" : "123456"
}

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "moreResults" : false,
  "resultSetSize" : 1,
  "transactions" : [ {
    "orderId" : 20771,
    "customId" : "4711",
    "type" : "SEPA",
    "state" : "PREPARED",
    "amount" : "1000.00",
    "currency" : "EUR",
    "valuta" : "2018-08-02",
    "express" : false,
    "reference" : "Invoice number 123",
    "debitor" : {
      "accountNumber" : "00012345/001.000.001",
      "iban" : "LI6808811000000001234"
    },
    "creditor" : {
      "name" : "Max Muster",
      "iban" : "DE12500105170648489890",
      "bic" : "INGDDEFFXXX",
      "creditInsitution" : "ING-DiBa GERMANY"
    },
    "creator" : "6789 Max Muster",
    "right" : "Bevollmächtigter kollektiv zu 2",
    "groupPolicy" : "Group intern",
    "group" : 1,
    "quorum" : 2,
    "approvals" : [ {
      "contact" : "6789 Max Muster",
      "group" : 1,
      "dateOfApproval" : "2018-08-22T10:07:02"
    } ]
  } ]
}

Sign a transaction with a previously requested tan.

Request Parameters

name type description
Authorization header Bearer <token>
Signature header <signature>
algorithm header The used signing algorithm, e.g. rsa-sha512

Request Body

media type data type description
application/json SignTransactionsWithTan (JSON) The request TAN delete body

Response Codes

code condition type
200 Request successful Transactions (JSON)

Response Body

media type data type description
application/json Transactions (JSON) No content

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

Sign Transaction without TAN

With this message, one or multiple payment orders can be approved without a TAN challenge. The contact must be eligible for this message and it might be used to automate the creation and approval of payment orders without direct user interaction.

POST /v2/signTransactionWithoutTan`

Request

POST https://olbtest.bankfrick.li/webapi/signTransactionWithoutTan
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "orderIds" : [ 20771, 20772 ]
}
POST https://olb.bankfrick.li/webapi/signTransactionWithoutTan
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "orderIds" : [ 20771, 20772 ]
}

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "moreResults" : false,
  "resultSetSize" : 1,
  "transactions" : [ {
    "orderId" : 20771,
    "customId" : "4711",
    "type" : "SEPA",
    "state" : "PREPARED",
    "amount" : "1.000,00",
    "currency" : "EUR",
    "valuta" : "2018-08-02",
    "express" : false,
    "reference" : "Invoice number 123",
    "debitor" : {
      "accountNumber" : "00012345/001.000.001",
      "iban" : "LI6808811000000001234"
    },
    "creditor" : {
      "name" : "Max Muster",
      "iban" : "DE12500105170648489890",
      "bic" : "INGDDEFFXXX",
      "creditInsitution" : "ING-DiBa GERMANY"
    },
    "creator" : "6789 Max Muster",
    "right" : "Bevollmächtigter kollektiv zu 2",
    "groupPolicy" : "Group intern",
    "group" : 1,
    "quorum" : 2,
    "approvals" : [ {
      "contact" : "6789 Max Muster",
      "group" : 1,
      "dateOfApproval" : "2018-08-22T10:07:02"
    } ]
  } ]
}

Sign a transaction without previously requesting a tan. This resource must be activated for the contact in the backend.

Request Parameters

name type description
Authorization header Bearer <token>
Signature header <signature>
algorithm header The used signing algorithm, e.g. rsa-sha512

Request Body

media type data type description
application/json SignTransactionsWithoutTan (JSON) The request TAN delete body

Response Codes

code condition type
200 Request successful Transactions (JSON)

Response Body

media type data type description
application/json Transactions (JSON) No content

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

Transactions

Listing of payment orders similar to the transaction overview within the online banking. Returns only orders that were created within the context of the online banking. Booked and external transactions must be retrieved using the camt.052/camt.053 services.

DELETE

DELETE /v2/transactions

Request

DELETE https://olbtest.bankfrick.li/webapi/deleteTransaction
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "orderIds" : [ 20771 ]
}
DELETE https://olb.bankfrick.li/webapi/deleteTransaction
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "orderIds" : [ 20771 ]
}

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "moreResults" : false,
  "resultSetSize" : 1,
  "transactions" : [ {
    "orderId" : 20771,
    "customId" : "4711",
    "type" : "SEPA",
    "state" : "DELETED",
    "amount" : 1000.00,
    "currency" : "EUR",
    "valuta" : "2018-08-02",
    "express" : false,
    "reference" : "Invoice number 123",
    "debitor" : {
      "accountNumber" : "00012345/001.000.001",
      "iban" : "LI6808811000000001234"
    },
    "creditor" : {
      "name" : "Max Muster",
      "iban" : "DE12500105170648489890",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa GERMANY"
    },
    "creator" : "6789 Max Muster",
    "right" : "Bevollmächtigter kollektiv zu 2",
    "groupPolicy" : "Group intern",
    "approvals" : [ {
      "contact" : "6789 Max Muster"
    } ]
  } ]
}

Delete payment orders that are not yet fully approved, only payment orders in the PREPARED state and are created by the user can be deleted.

Request Parameters

name type description
Authorization header Bearer <token>
Signature header <signature>
algorithm header The used signing algorithm, e.g. rsa-sha512

Request Body

media type data type description
application/json DeleteTransaction (JSON) The request TAN delete body

Response Codes

code condition type
200 Request successful Transactions (JSON)

Response Body

media type data type description
application/json Transactions (JSON) No content

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

GET

GET /v2/transactions

GET /v2/transactions/{orderId}

Request

GET https://olbtest.bankfrick.li/webapi/transactions
Content-Type: application/json
Accept: application/json
Authorization: ...

...
GET https://olb.bankfrick.li/webapi/transactions
Content-Type: application/json
Accept: application/json
Authorization: ...

...

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "moreResults" : false,
  "resultSetSize" : 1,
  "transactions" : [ {
    "orderId" : 20771,
    "customId" : "4711",
    "type" : "SEPA",
    "state" : "PREPARED",
    "amount" : 1000.00,
    "currency" : "EUR",
    "valuta" : "2018-08-02",
    "express" : false,
    "reference" : "Invoice number 123",
    "debitor" : {
      "accountNumber" : "00012345/001.000.001",
      "iban" : "LI6808811000000001234"
    },
    "creditor" : {
      "name" : "Max Muster",
      "iban" : "DE12500105170648489890",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa GERMANY"
    },
    "creator" : "6789 Max Muster",
    "right" : "Bevollmächtigter kollektiv zu 2",
    "groupPolicy" : "Group intern",
    "quorum" : 2,
    "approvals" : [ {
      "contact" : "6789 Max Muster",
      "dateOfApproval" : "2018-08-22T10:07:02"
    } ]
  } ]
}

Get the list of payment orders based on the search parameters. The user also requires corresponding read privileges for the customer account.

This methode only fetches outgoing transactions transmitted via the online banking or the api not the incoming booked transactions (fort hem you would either need to use camt052 or camt053 methodes)

If a combination of filter parameters are applied, only orders that match all of the conditions are returned.

Request Parameters

name type description default constraints
Authorization header Bearer <token>
firstPosition query (optional) Set the position of the first result to retrieve (offset), defaults to 0 0 int
fromDate query (optional) Starting date of the timespan for which to retrieve the data. The date should be provided in ISO 8601 format: YYYY-MM-DD, defaults to current day minus 30 days, if no specific search parameter orderId or customId was given.
maxAmount query (optional) Maximum amount for a transaction to appear in the report, this parameter should be URL-Encoded.
maxResults query (optional) Set the maximum number of results to retrieve (row_count), defaults to 100, max. 500 100 int
minAmount query (optional) Minimum amount for a transaction to appear in the report, this parameter should be URL-Encoded.
order query (optional) Defines the ordering (by orderId) of the result where order is one of (desc, asc), defaults to asc asc
reference query (optional) Filter for the reference (transaction information), this parameter should be URL-Encoded.
searchIban query (optional) Filter for the beneficiary account iban.
searchName query (optional) Filter for the beneficiary name, this parameter should be URL-Encoded.
status query (optional) Filter for for transaction status, expected one of (PREPARED, IN_PROGRESS, DELETED, EXPIRED, EXECUTED, REJECTED).
toDate query (optional) Ending date of the timespan for which to retrieve the data. The date should be provided in ISO 8601 format: YYYY-MM-DD.
type query (optional) Filter for transaction type, expected one of (INTERNAL, BANK_INTERNAL, SEPA, FOREIGN, RED, ORANGE).

Response Codes

code condition type
200 Request successful Transactions (JSON)

Response Body

media type data type description
application/json Transactions (JSON) No content

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

PUT

PUT /v2/transactions`

Request

PUT https://olbtest.bankfrick.li/webapi/transactions
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "transactions" : [ {
    "customId" : "4711",
    "type" : "SEPA",
    "amount" : 1000.00,
    "currency" : "EUR",
    "express" : false,
    "reference" : "Invoice number 123",
    "debitor" : {
      "iban" : "LI6808811000000001234"
    },
    "creditor" : {
      "name" : "Max Muster",
      "iban" : "DE12500105170648489890",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa GERMANY"
    }
  } ]
}
PUT https://olb.bankfrick.li/webapi/transactions
Content-Type: application/json
Accept: application/json
Authorization: ...
Signature: ...
algorithm: ...


{
  "transactions" : [ {
    "customId" : "4711",
    "type" : "SEPA",
    "amount" : 1000.00,
    "currency" : "EUR",
    "express" : false,
    "reference" : "Invoice number 123",
    "debitor" : {
      "iban" : "LI6808811000000001234"
    },
    "creditor" : {
      "name" : "Max Muster",
      "iban" : "DE12500105170648489890",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa GERMANY"
    }
  } ]
}

Response

HTTP/1.1 200 OK
Content-Type: application/json
Signature: ...
algorithm: ...


{
  "moreResults" : false,
  "resultSetSize" : 1,
  "transactions" : [ {
    "orderId" : 20771,
    "customId" : "4711",
    "type" : "SEPA",
    "state" : "PREPARED",
    "amount" : 1000.00,
    "currency" : "EUR",
    "valuta" : "2018-08-02",
    "express" : false,
    "reference" : "Invoice number 123",
    "debitor" : {
      "accountNumber" : "00012345/001.000.001",
      "iban" : "LI6808811000000001234"
    },
    "creditor" : {
      "name" : "Max Muster",
      "iban" : "DE12500105170648489890",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa GERMANY"
    },
    "creator" : "6789 Max Muster",
    "right" : "Bevollmächtigter kollektiv zu 2",
    "groupPolicy" : "Group intern"
  } ]
}

Create new payment orders similar to the create payment order dialogs within the online banking frontend. The required fields and field validation for each payment order depends on the order type. The frontend dialog and pain001 mapping rules apply for field validation. New payment orders can only be created for accounts with proper write privileges for the customers account. Created payment orders will be added to the system in the PREPARED state and can be approved using the “signTransaction” methods. The application must assign an idempotent customId to allow the system to identify duplicate requests. The server will then assign a unique orderId which is used to identify the transaction later for approval or deletion.

Request Parameters

name type description default constraints
Authorization header Bearer <token>
Signature header <signature>
algorithm header The used signing algorithm, e.g. rsa-sha512
test query (optional) When given as true, the system validates the input and tries to process it but does not perform the final creation of the orders. Does not check for unique customIds. false boolean

Request Body

media type data type description
application/json CreateTransaction (JSON) The request TAN delete body

Response Codes

code condition type
200 Request successful Transactions (JSON)
201 Transactions created successfully Transactions (JSON)

Response Body

media type data type description
application/json Transactions (JSON) No content

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

camt.052

This message is used to download a camt.052 report. This export format only contains booked transactions as intraday information and provides a near real time view of the accounts.

GET /v2/camt052

Request

GET https://olbtest.bankfrick.li/webapi/camt052?iban=LI11188110101101K001E
Content-Type: */*
Accept: application/xml
Authorization: ...
Signature: ...
algorithm: ...
DELETE https://olb.bankfrick.li/webapi/camt052?iban=LI11188110101101K001E
Content-Type: */*
Accept: application/xml
Authorization: ...
Signature: ...
algorithm: ...

Retrieve a camt052 (intraday information) report.

Request Parameters

name type description
Authorization header Bearer <token>
Signature header <signature>
algorithm header The used signing algorithm, e.g. rsa-sha512
iban query (mandatory) The iban of the account to get the camt052 report for. If an account does not have an iban, accountnumber must be used.
accountnumber query (mandatory) The account number of the account to get the camt053/052 report for, this parameter should be URL-Encoded. Either iban or accountnumber must be given; the report can only be created for one account per request. If an account does not have an iban, accountnumber must be used.
maxAmount query (optional) Maximum amount for a transaction to appear in the report, this parameter should be URL-Encoded
minAmount query (optional) Minimum amount for a transaction to appear in the report, this parameter should be URL-Encoded
reference query (optional) Search in the reference (transaction information), this parameter should be URL-Encoded
searchIban query (optional) Search of either the beneficiary account iban or sender account, depending on the transaction type, this parameter should be URL-Encoded
searchName query (optional) Search of either the beneficiary name or sender account, depending on the transaction type, this parameter should be URL-Encoded

Response Body

media type data type description
application/xml Document (XML) The camt052 response message as xml.

Response Codes

code condition type
200 Request successful Document (XML)

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

Response

Response

HTTP/1.1 200 OK
Content-Type: application/xml
Signature: ...
algorithm: ...

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Document xmlns:ns2="urn:iso:std:iso:20022:tech:xsd:camt.052.001.07">
    <BkToCstmrAcctRpt>
        <GrpHdr>
            <MsgId>1536245450821-b6de4c97-08c4-4a74-92</MsgId>
            <CreDtTm>2018-09-06T16:50:50.755+02:00</CreDtTm>
            <MsgRcpt>
                <Nm>Firstname Lastname</Nm>
                <PstlAdr>
                    <AdrLine>Lastname Firstname</AdrLine>
                    <AdrLine>123 Road</AdrLine>
                    <AdrLine>123123 Balzers</AdrLine>
                    <AdrLine>LIECHTENSTEIN</AdrLine>
                </PstlAdr>
                <Id>
                    <PrvtId>
                        <Othr>
                            <Id>12345</Id>
                        </Othr>
                    </PrvtId>
                </Id>
            </MsgRcpt>
            <MsgPgntn>
                <PgNb>1</PgNb>
                <LastPgInd>true</LastPgInd>
            </MsgPgntn>
        </GrpHdr>
        <Rpt>
            <Id>1234245450922-1a85b471-e995-1234-9e</Id>
            <CreDtTm>2018-09-06T17:00:00.755+02:00</CreDtTm>
            <FrToDt/>
            <Acct>
                <Id>
                    <IBAN>LI12345610609195K000E</IBAN>
                </Id>
                <Tp>
                    <Cd>CACC</Cd>
                </Tp>
                <Ccy>EUR</Ccy>
                <Nm>CURRENT ACCOUNT                    </Nm>
                <Ownr>
                    <Nm>Company Name Ltd.</Nm>
                    <PstlAdr>
                        <AdrLine>Company Name Ltd.</AdrLine>
                        <AdrLine>8 Street</AdrLine>
                        <AdrLine>The Central</AdrLine>
                        <AdrLine>123456 SINGAPORE</AdrLine>
                    </PstlAdr>
                    <Id>
                        <PrvtId>
                            <Othr>
                                <Id>0600000</Id>
                            </Othr>
                        </PrvtId>
                    </Id>
                </Ownr>
                <Svcr>
                    <FinInstnId>
                        <BICFI>BFRILI22XXX</BICFI>
                        <Nm>Bank Frick &amp; Co. Aktiengesellschaft</Nm>
                        <PstlAdr>
                            <AdrLine>Landstrasse 14</AdrLine>
                            <AdrLine>9496 Balzers</AdrLine>
                            <AdrLine>Liechtenstein</AdrLine>
                        </PstlAdr>
                        <Othr>
                            <Id>12345</Id>
                            <Issr>VAT-ID</Issr>
                        </Othr>
                    </FinInstnId>
                </Svcr>
            </Acct>
            <Bal>
                <Tp>
                    <CdOrPrtry>
                        <Cd>OPBD</Cd>
                    </CdOrPrtry>
                </Tp>
                <Amt Ccy="EUR">100000.00</Amt>
                <CdtDbtInd>CRDT</CdtDbtInd>
                <Dt>
                    <Dt>2018-09-03</Dt>
                </Dt>
            </Bal>
            <Bal>
                <Tp>
                    <CdOrPrtry>
                        <Cd>ITBD</Cd>
                        <Prtry>Interim booked balance</Prtry>
                    </CdOrPrtry>
                </Tp>
                <Amt Ccy="EUR">100000.00</Amt>
                <CdtDbtInd>CRDT</CdtDbtInd>
                <Dt>
                    <Dt>2018-09-06</Dt>
                </Dt>
            </Bal>
            <Bal>
                <Tp>
                    <CdOrPrtry>
                        <Cd>ITAV</Cd>
                        <Prtry>Interim value balance</Prtry>
                    </CdOrPrtry>
                </Tp>
                <Amt Ccy="EUR">100000.00</Amt>
                <CdtDbtInd>CRDT</CdtDbtInd>
                <Dt>
                    <Dt>2018-09-06</Dt>
                </Dt>
            </Bal>
            <Ntry>
                <Amt Ccy="EUR">100.00</Amt>
                <CdtDbtInd>DBIT</CdtDbtInd>
                <Sts>
                    <Cd>PDNG</Cd>
                </Sts>
                <ValDt>
                    <Dt>2018-08-09</Dt>
                </ValDt>
                <AcctSvcrRef>payment order id: 1234</AcctSvcrRef>
                <BkTxCd>
                    <Domn>
                        <Cd>PMNT</Cd>
                        <Fmly>
                            <Cd>ICDT</Cd>
                            <SubFmlyCd>FICT</SubFmlyCd>
                        </Fmly>
                    </Domn>
                    <Prtry>
                        <Cd>BANK_INTERNAL</Cd>
                        <Issr>Bank Frick payment order type</Issr>
                    </Prtry>
                </BkTxCd>
                <NtryDtls>
                    <TxDtls>
                        <RltdPties>
                            <Dbtr>
                                <Pty>
                                    <Nm>Company Name Ltd.</Nm>
                                </Pty>
                            </Dbtr>
                            <DbtrAcct>
                                <Id>
                                    <IBAN>LI12345610609195K000E</IBAN>
                                </Id>
                            </DbtrAcct>
                            <Cdtr>
                                <Pty>
                                    <Nm>Company XY Ltd.</Nm>
                                </Pty>
                            </Cdtr>
                            <CdtrAcct>
                                <Id>
                                    <IBAN>LI12345610609195K000E</IBAN>
                                </Id>
                            </CdtrAcct>
                        </RltdPties>
                        <RltdAgts>
                            <DbtrAgt>
                                <FinInstnId>
                                    <BICFI>BFRILI22XXX</BICFI>
                                    <Nm>Bank Frick &amp; Co. Aktiengesellschaft</Nm>
                                </FinInstnId>
                            </DbtrAgt>
                            <CdtrAgt>
                                <FinInstnId>
                                    <BICFI>BFRILI22XXX</BICFI>
                                    <Nm>Bank Frick and Co. Aktiengesellschaft, LIECHTENSTEIN</Nm>
                                </FinInstnId>
                            </CdtrAgt>
                        </RltdAgts>
                    </TxDtls>
                </NtryDtls>
            </Ntry>
        </Rpt>
    </BkToCstmrAcctRpt>
</Document>

Header

Path: Prefix: Document/BkToCstmrRpt

Path Format Mandatory Description
GrpHdr yes Header
GrpHdr/MsgId 1-35 characters yes Message Id
GrpHdr/CreDtTm IsoDateTime yes creation date
GrpHdr/MsgRcpt no Receiver
GrpHdr/MsgRcpt/Nm 1-140 characters no Name of the receiver
GrpHdr/MsgRcpt/PstlAdr no address
GrpHdr/MsgRcpt/PstlAdr/AdrLine 1-70 characters no, 0..7 row of an address
GrpHdr/MsgRcpt/Id no Id
GrpHdr/MsgRcpt/Id/PrvtId yes (or OrgId)
GrpHdr/MsgRcpt/Id/PrvtId/Othr/Id 1-35 characters Identification of the private individual
GrpHdr/MsgPgntn no
GrpHdr/MsgPgntn/PgNb 1-5 digits yes Page number (in paging)
GrpHdr/MsgPgntn/LastPgInd boolean yes Last page?
Rpt yes, 1…n
Rpt/Id 1-35 characters yes identification
Rpt/CreDtTm IsoDateTime no creation date
Rpt/FrToDt no Time interval of the move-out
Rpt/FrToDt/FrDtTm IsoDateTime yes Starting time of the account statement
Rpt/FrToDt/ToDtTm IsoDateTime yes End time of the account statement
Rpt/Acct yes
Rpt/Acct/Id yes account identification structure
Rpt/Acct/Id/IBAN [A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30} yes (or Othr)
Rpt/Acct/Tp no account type
Rpt/Acct/Tp/Cd 1-4 characters no account type
Rpt/Acct/Ccy 3 capital letters no currency
Rpt/Acct/Nm 1-70 characters no account name
Rpt/Acct/Ownr no
Rpt/Acct/Ownr/Nm no Name of the Owner
Rpt/Acct/Ownr/PstlAdr no address
Rpt/Acct/Ownr/PstlAdr/AdrLine no row of an address
Rpt/Acct/Ownr/Id no
Rpt/Acct/Ownr/Id/PrvtId no
Rpt/Acct/Ownr/Id/PrvtId/Othr no
Rpt/Acct/Ownr/Id/PrvtId/Othr/Id no Id
Rpt/Acct/Svcr no
Rpt/Acct/Svcr/FinInstnId yes identification
Rpt/Acct/Svcr/FinInstnId/BICFI BIC ( [A-Z]{6,6}[A-Z2-9][A-NP-Z0-9][A-Z0-9]{3,3}){0,1} no BIC
Rpt/Acct/Svcr/FinInstnId/Nm 1-140 characters no Name of the bank
Rpt/Acct/Svcr/FinInstnId/PstlAdr no, 0..7 mailing address
Rpt/Acct/Svcr/FinInstnId/PstlAdr/AdrLine 1-70 characters no address bar
Rpt/Acct/Svcr/FinInstnId/Othr no Further identification
Rpt/Acct/Svcr/FinInstnId/Othr/Id 1-35 characters yes identification number
Rpt/Acct/Svcr/FinInstnId/Orth/Issr 1-35 characters no Type of identification number
Rpt/Bal yes, 1..n
Rpt/Ntry no, 0..n transaction

Balance

Path: Prefix: Document/BkToCstmrRpt/Rpt/Bal

Example of opening and closing balance

Path Format Mandatory Description
Tp yes
Tp/CdOrPrtry yes
Tp/CdOrPrtry/Cd 1 to 4 characters yes (or Prtry)
Tp/CdOrPrtry/Prtry Amt 18 digits (5 decimal places) yes amount
Amt/@Ccy 1-3 characters yes currency
CdtDbtInd Enumeration yes
Dt yes date
Dt/Dt YYYY-MM-DD yes (or DtTm) Date (as opposed to a date with time)

Entry

Path: Prefix: Document/BkToCstmrRpt/Rpt/Ntry

Path Format Mandatory Description
Amt 18 digits (5 decimal places) yes amount
Amt/@Ccy 3 letters yes currency
CdtDbtInd enumeration yes Debit/Credit
Sts yes Status
Sts/Cd 1-4 characters yes (or Prtry) Status
ValDt no valuta date
ValDt/Dt YYYY-MM-DD yes (or DtTm) date
AcctSvcrRef 1 to 35 characters (if available) no Account Servicer Reference
BkTxCd yes
BkTxCd/Domn no Domaine
BkTxCd/Domn/Cd 1-4 characters yes
BkTxCd/Domn/Fmly yes
BkTxCd/Domn/Fmly/Cd 1-4 characters yes
BkTxCd/Domn/Fmly/SubfmlyCd 1-4 characters yes
BkTxCd/Prtry no
BkTxCd/Prtry/Cd max 35. characters yes
BkTxCd/Prtry/Issr max 35. characters no
NtryDtls no, 0..n
NtryDtls/TxDtls no, 0..n
NtryDtls/TxDtls/RltdPties no
NtryDtls/TxDtls/RltdPties/Dbtr no
NtryDtls/TxDtls/RltdPties/Dbtr/Pty yes (or Agt)
NtryDtls/TxDtls/RltdPties/Dbtr/Pty/Nm 1-140 characters no
NtryDtls/TxDtls/RltdPties/DbtrAcct no
NtryDtls/TxDtls/RltdPties/DbtrAcct/Id yes
NtryDtls/TxDtls/RltdPties/DbtrAcct/Id/IBAN [A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30} yes (or Othr)
NtryDtls/TxDtls/RltdPties/Cdtr no
NtryDtls/TxDtls/RltdPties/Cdtr/Pty yes (or Agt)
NtryDtls/TxDtls/RltdPties/Cdtr/Pty/Nm 1-140 characters no
NtryDtls/TxDtls/RltdPties/CdtrAcct no
NtryDtls/TxDtls/RltdPties/CdtrAcct/Id yes
NtryDtls/TxDtls/RltdPties/CdtrAcct/Id/IBAN [A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30} yes (or Othr)
NtryDtls/TxDtls/RltdAgts no
NtryDtls/TxDtls/RltdAgts/DbtrAgt no
NtryDtls/TxDtls/RltdAgts/DbtrAgt/FinInstnId yes
NtryDtls/TxDtls/RltdAgts/DbtrAgt/FinInstnId/BICFI BIC ( [A-Z]{6,6}[A-Z2-9][A-NP-Z0-9][A-Z0-9]{3,3}{0,1} ) no
NtryDtls/TxDtls/RltdAgts/DbtrAgt/FinInstnId/Nm 1 - 140 characters no
NtryDtls/TxDtls/RltdAgts/CdtrAgt no
NtryDtls/TxDtls/RltdAgts/CdtrAgt/FinInstnId yes financial institution
NtryDtls/TxDtls/RltdAgts/CdtrAgt/FinInstnId/BICFI BIC ( [A-Z]{6,6}[A-Z2-9][A-NP-Z0-9][A-Z0-9]{3,3}{0,1} ) no BIC
NtryDtls/TxDtls/RltdAgts/CdtrAgt/FinInstnId/Nm 1 - 140 characters no Name

camt.053

This message is used to download a camt053 report. This export format only contains booked transactions either from successful processed payment orders or other external transactions, similar to the “Executed” tab in the transaction overview of the online banking frontend.

GET /v2/camt053

Request

GET https://olbtest.bankfrick.li/webapi/camt053?iban=LI11188110101101K001E
Content-Type: */*
Accept: application/xml
Authorization: ...
Signature: ...
algorithm: ...
DELETE https://olb.bankfrick.li/webapi/camt053?iban=LI11188110101101K001E
Content-Type: */*
Accept: application/xml
Authorization: ...
Signature: ...
algorithm: ...

Retrieve a camt053 report.

Request Parameters

name type description
Authorization header Bearer <token>
Signature header <signature>
algorithm header The used signing algorithm, e.g. rsa-sha512
iban query (mandatory) The iban of the account to get the camt053 report for. If an account does not have an iban, accountnumber must be used.
accountnumber query (mandatory) The account number of the account to get the camt053/052 report for, this parameter should be URL-Encoded. Either iban or accountnumber must be given; the report can only be created for one account per request. If an account does not have an iban, accountnumber must be used.
fromDate query (optional) Starting date of the timespan for which to retrieve the data. The date should be provided in ISO 8601 format: YYYY-MM-DD, defaults to current day minus 30 days.
toDate query (optional) Ending date of the timespan for which to retrieve the data. The date should be provided in ISO 8601 format: YYYY-MM-DD
maxAmount query (optional) Maximum amount for a transaction to appear in the report, this parameter should be URL-Encoded
minAmount query (optional) Minimum amount for a transaction to appear in the report, this parameter should be URL-Encoded
reference query (optional) Search in the reference (transaction information), this parameter should be URL-Encoded
searchIban query (optional) Search of either the beneficiary account iban or sender account, depending on the transaction type, this parameter should be URL-Encoded
searchName query (optional) Search of either the beneficiary name or sender account, depending on the transaction type, this parameter should be URL-Encoded

Response Body

media type data type description
application/xml Document (XML) The camt053 response message as xml.

Response Codes

code condition type
200 Request successful Document (XML)

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

Response

Response

HTTP/1.1 200 OK
Content-Type: application/xml
Signature: ...
algorithm: ...

sts<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Document xmlns="urn:iso:std:iso:20022:tech:xsd:camt.053.001.07">
    <BkToCstmrStmt>
        <GrpHdr>
            <MsgId>1524148795099-aaa9380b-0bed-44a2-8a</MsgId>
            <CreDtTm>2018-04-19T16:39:50.954+02:00</CreDtTm>
            <MsgRcpt>
                <PstlAdr>
                    <AdrLine>Kundenname XY</AdrLine>
                    <AdrLine>123 Road</AdrLine>
                    <AdrLine>123123 Bern</AdrLine>
                    <AdrLine>SCHWEIZ</AdrLine>
                </PstlAdr>
                <Id>
                    <PrvtId>
                        <Othr>
                            <Id>5697</Id>
                        </Othr>
                    </PrvtId>
                </Id>
            </MsgRcpt>
            <MsgPgntn>
                <PgNb>1</PgNb>
                <LastPgInd>true</LastPgInd>
            </MsgPgntn>
        </GrpHdr>
        <Stmt>
            <Id>1524148795099-b8258e37-ebc0-4c3f-92</Id>
            <CreDtTm>2018-04-19T16:39:50.954+02:00</CreDtTm>
            <FrToDt>
                <FrDtTm>1970-01-01T00:00:00.000+01:00</FrDtTm>
                <ToDtTm>2018-04-19T23:59:59.999+02:00</ToDtTm>
            </FrToDt>
            <Acct>
                <Id>
                    <IBAN>LI50088110111111K000C</IBAN>
                </Id>
                <Tp>
                    <Cd>CACC</Cd>
                </Tp>
                <Ccy>EUR</Ccy>
                <Nm>KONTOKORRENT                       </Nm>
                <Ownr>
                    <Nm>Test Company (remitter)</Nm>
                    <PstlAdr>
                        <AdrLine>TEST COMPANY (REMITTER)</AdrLine>
                        <AdrLine>Test street 99</AdrLine>
                        <AdrLine>9472 Grabs</AdrLine>
                        <AdrLine>SCHWEIZ</AdrLine>
                    </PstlAdr>
                    <Id>
                        <PrvtId>
                            <Othr>
                                <Id>0606323</Id>
                            </Othr>
                        </PrvtId>
                    </Id>
                </Ownr>
                <Svcr>
                    <FinInstnId>
                        <BICFI>BFRILI22XXX</BICFI>
                        <Nm>Bank Frick &amp; Co. Aktiengesellschaft</Nm>
                        <PstlAdr>
                            <AdrLine>Landstrasse 14</AdrLine>
                            <AdrLine>9496 Balzers</AdrLine>
                            <AdrLine>Liechtenstein</AdrLine>
                        </PstlAdr>
                        <Othr>
                            <Id>53884</Id>
                            <Issr>VAT-ID</Issr>
                        </Othr>
                    </FinInstnId>
                </Svcr>
            </Acct>
            <Bal>
                <Tp>
                    <CdOrPrtry>
                        <Cd>OPBD</Cd>
                    </CdOrPrtry>
                </Tp>
                <Amt Ccy="EUR">0.00</Amt>
                <CdtDbtInd>CRDT</CdtDbtInd>
                <Dt>
                    <Dt>2018-01-12+01:00</Dt>
                </Dt>
            </Bal>
            <Bal>
                <Tp>
                    <CdOrPrtry>
                        <Cd>CLBD</Cd>
                    </CdOrPrtry>
                </Tp>
                <Amt Ccy="EUR">1500.00</Amt>
                <CdtDbtInd>CRDT</CdtDbtInd>
                <Dt>
                    <Dt>2018-04-17+02:00</Dt>
                </Dt>
            </Bal>
            <Ntry>
                <Amt Ccy="EUR">305.00</Amt>
                <CdtDbtInd>DBIT</CdtDbtInd>
                <Sts>
                    <Cd>BOOK</Cd>
                </Sts>
                <BookgDt>
                    <Dt>2018-04-17+02:00</Dt>
                </BookgDt>
                <ValDt>
                    <Dt>2018-04-17+02:00</Dt>
                </ValDt>
                <AcctSvcrRef>2520486</AcctSvcrRef>
                <BkTxCd>
                    <Domn>
                        <Cd>XTND</Cd>
                        <Fmly>
                            <Cd>NTAV</Cd>
                            <SubFmlyCd>NTAV</SubFmlyCd>
                        </Fmly>
                    </Domn>
                    <Prtry>
                        <Cd>081</Cd>
                        <Issr>Bank Frick OPID transaction code</Issr>
                    </Prtry>
                </BkTxCd>
                <NtryDtls>
                    <TxDtls>
                        <RmtInf>
                            <Ustrd>redemption foreign currency without Agio</Ustrd>
                        </RmtInf>
                    </TxDtls>
                </NtryDtls>
            </Ntry>
            <Ntry>
                <Amt Ccy="EUR">2097.00</Amt>
                <CdtDbtInd>DBIT</CdtDbtInd>
                <Sts>
                    <Cd>BOOK</Cd>
                </Sts>
                <BookgDt>
                    <Dt>2018-03-01+01:00</Dt>
                </BookgDt>
                <ValDt>
                    <Dt>2018-03-01+01:00</Dt>
                </ValDt>
                <AcctSvcrRef>2466849</AcctSvcrRef>
                <BkTxCd>
                    <Domn>
                        <Cd>PMNT</Cd>
                        <Fmly>
                            <Cd>ICDT</Cd>
                            <SubFmlyCd>ESCT</SubFmlyCd>
                        </Fmly>
                    </Domn>
                    <Prtry>
                        <Cd>116-reimbursement SWIFT </Cd>
                        <Issr>Bank Frick OPID transaction code</Issr>
                    </Prtry>
                </BkTxCd>
                <NtryDtls>
                    <TxDtls>
                        <RltdPties>
                            <Dbtr>
                                <Pty>
                                    <Nm>TEST COMPANY (REMITTER) Test street 99</Nm>
                                </Pty>
                            </Dbtr>
                            <DbtrAcct>
                                <Id>
                                    <IBAN>LI50088110111111K000C</IBAN>
                                </Id>
                            </DbtrAcct>
                            <Cdtr>
                                <Pty>
                                    <Nm>BENEFICIARY_name</Nm>
                                </Pty>
                            </Cdtr>
                            <CdtrAcct>
                                <Id>
                                    <IBAN>AT026000000001349870</IBAN>
                                </Id>
                            </CdtrAcct>
                        </RltdPties>
                        <RltdAgts>
                            <CdtrAgt>
                                <FinInstnId>
                                    <Nm>TEST BANK</Nm>
                                </FinInstnId>
                            </CdtrAgt>
                        </RltdAgts>
                        <RmtInf>
                            <Ustrd>1109 7890 0011 6158</Ustrd>
                        </RmtInf>
                    </TxDtls>
                </NtryDtls>
            </Ntry>
            <Ntry>
                <Amt Ccy="EUR">1800.00</Amt>
                <CdtDbtInd>DBIT</CdtDbtInd>
                <Sts>
                    <Cd>BOOK</Cd>
                </Sts>
                <BookgDt>
                    <Dt>2018-01-15+01:00</Dt>
                </BookgDt>
                <ValDt>
                    <Dt>2018-01-16+01:00</Dt>
                </ValDt>
                <AcctSvcrRef>2411569</AcctSvcrRef>
                <BkTxCd>
                    <Domn>
                        <Cd>PMNT</Cd>
                        <Fmly>
                            <Cd>ICDT</Cd>
                            <SubFmlyCd>PRCT</SubFmlyCd>
                        </Fmly>
                    </Domn>
                    <Prtry>
                        <Cd>117-REIMBURSEMENT SWIFT - Express </Cd>
                        <Issr>Bank Frick OPID transaction code</Issr>
                    </Prtry>
                </BkTxCd>
                <NtryDtls>
                    <TxDtls>
                        <RltdPties>
                            <Dbtr>
                                <Pty>
                                    <Nm>TEST COMPANY (REMITTER) Test street 99</Nm>
                                </Pty>
                            </Dbtr>
                            <DbtrAcct>
                                <Id>
                                    <IBAN>LI50088110111111K000C</IBAN>
                                </Id>
                            </DbtrAcct>
                            <Cdtr>
                                <Pty>
                                    <Nm>BENEFICIARY_name</Nm>
                                </Pty>
                            </Cdtr>
                            <CdtrAcct>
                                <Id>
                                    <IBAN>AT026000000001349870</IBAN>
                                </Id>
                            </CdtrAcct>
                        </RltdPties>
                        <RltdAgts>
                            <CdtrAgt>
                                <FinInstnId>
                                    <Nm>TEST BANK </Nm>
                                </FinInstnId>
                            </CdtrAgt>
                        </RltdAgts>
                        <RmtInf>
                            <Ustrd>ACCOUNTING ENTRY DSR0B21E7BSW0</Ustrd>
                            <Ustrd>Test Company (remitter) </Ustrd>
                            <Ustrd>20.1.-27.1.18</Ustrd>
                        </RmtInf>
                    </TxDtls>
                </NtryDtls>
            </Ntry>
        </Stmt>
    </BkToCstmrStmt>
</Document>


Header

Path: Prefix: Document/BkToCstmrRpt

Path Format Mandatory Description
GrpHdr yes Header
GrpHdr/MsgId 1-35 characters yes Message Id
GrpHdr/CreDtTm IsoDateTime yes creation date
GrpHdr/MsgRcpt no Receiver
GrpHdr/MsgRcpt/PstlAdr no address
GrpHdr/MsgRcpt/PstlAdr/AdrLine 1-70 characters no, 0..7 row of an address
GrpHdr/MsgRcpt/Id no Id
GrpHdr/MsgRcpt/Id/PrvtId yes (or OrgId)
GrpHdr/MsgRcpt/Id/PrvtId/Othr/Id 1-35 characters Identification of the private individual
GrpHdr/MsgPgntn no
GrpHdr/MsgPgntn/PgNb 1-5 digits yes Page number (in paging)
GrpHdr/MsgPgntn/LastPgInd boolean yes Last page?
Stmt yes, 1…n
Stmt/Id 1-35 characters yes identification
Stmt/CreDtTm IsoDateTime no creation date
Stmt/FrToDt no Time interval of the move-out
Stmt/FrToDt/FrDtTm IsoDateTime yes Starting time of the account statement
Stmt/FrToDt/ToDtTm IsoDateTime yes End time of the account statement
Stmt/Acct yes
Stmt/Acct/Id yes account identification structure
Stmt/Acct/Id/IBAN [A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30} yes (or Othr)
Stmt/Acct/Tp no account type
Stmt/Acct/Tp/Cd 1-4 characters no account type
Stmt/Acct/Ccy 3 capital letters no currency
Stmt/Acct/Nm 1-70 characters no account name
Stmt/Acct/Ownr no
Stmt/Acct/Ownr/Nm no Name of the Owner
Stmt/Acct/Ownr/PstlAdr no address
Stmt/Acct/Ownr/PstlAdr/AdrLine no row of an address
Stmt/Acct/Ownr/Id
Stmt/Acct/Ownr/Id/PrvtId
Stmt/Acct/Ownr/Id/PrvtId/Othr
Stmt/Acct/Ownr/Id/PrvtId/Othr/Id no Id
Stmt/Acct/Svcr no
Stmt/Acct/Svcr/FinInstnId yes identification
Stmt/Acct/Svcr/FinInstnId/BICFI BIC ( [A-Z]{6,6}[A-Z2-9][A-NP-Z0-9][A-Z0-9]{3,3}{0,1} ) no BIC
Stmt/Acct/Svcr/FinInstnId/Nm 1-140 characters no Name of the bank
Stmt/Acct/Svcr/FinInstnId/PstlAdr no, 0..7 mailing address
Stmt/Acct/Svcr/FinInstnId/PstlAdr/AdrLine 1-70 characters no address bar
Stmt/Acct/Svcr/FinInstnId/Othr no Further identification
Stmt/Acct/Svcr/FinInstnId/Othr/Id 1-35 characters yes identification number
Stmt/Acct/Svcr/FinInstnId/Orth/Issr 1-35 characters no Type of identification number
Stmt/Bal yes, 1..n
Stmt/Ntry no, 0..n transaction

Balance

Path: Prefix: Document/BkToCstmrStmt/Stmt/Bal

Example of opening and closing balance

Path Format Mandatory Description
Tp yes
Tp/CdOrPrtry yes
Tp/CdOrPrtry/Cd 1 to 4 characters yes (or Prtry)
Tp/CdOrPrtry/Prtry Amt 18 digits (5 decimal places) yes amount
Amt/@Ccy 1-3 characters yes currency
CdtDbtInd Enumeration yes
Dt yes date
Dt/Dt YYYY-MM-DD yes (or DtTm) Date (as opposed to a date with time)

Entry

Path: Prefix: Document/BkToCstmrStmt/Stmt/Ntry

Path Format Mandatory Description
Amt 18 digits (5 decimal places) yes amount
Amt/@Ccy 3 letters yes currency
CdtDbtInd enumeration yes Debit/Credit
Sts yes Status
Sts/Cd 1-4 characters yes (or Prtry) Status
BookgDt no entry date
BookgDt/Dt YYYY-MM-DD yes (alternate DtTm) date
ValDt no valuta date
ValDt/Dt YYYY-MM-DD yes (or DtTm) date
AcctSvcrRef 1 to 35 characters (if available) no Account Servicer Reference
BkTxCd yes
BkTxCd/Domn no Domain
BkTxCd/Domn/Cd 1-4 characters yes
BkTxCd/Domn/Fmly yes
BkTxCd/Domn/Fmly/Cd 1-4 characters yes
BkTxCd/Domn/Fmly/SubfmlyCd 1-4 characters yes
BkTxCd/Prtry no
BkTxCd/Prtry/Cd max 35. characters yes
BkTxCd/Prtry/Issr max 35. characters no
NtryDtls no, 0..n
NtryDtls/TxDtls no, 0..n
NtryDtls/TxDtls/RltdPties no
NtryDtls/TxDtls/RltdPties/Dbtr no
NtryDtls/TxDtls/RltdPties/Dbtr/Pty yes (or Agt)
NtryDtls/TxDtls/RltdPties/Dbtr/Pty/Nm 1-140 characters no
NtryDtls/TxDtls/RltdPties/DbtrAcct no
NtryDtls/TxDtls/RltdPties/DbtrAcct/Id yes
NtryDtls/TxDtls/RltdPties/DbtrAcct/Id/IBAN [A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30} yes (or Othr)
NtryDtls/TxDtls/RltdPties/Cdtr no
NtryDtls/TxDtls/RltdPties/Cdtr/Pty yes (or Agt)
NtryDtls/TxDtls/RltdPties/Cdtr/Pty/Nm 1-140 characters no
NtryDtls/TxDtls/RltdPties/CdtrAcct no
NtryDtls/TxDtls/RltdPties/CdtrAcct/Id yes
NtryDtls/TxDtls/RltdPties/CdtrAcct/Id/IBAN [A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30} yes (or Othr)
NtryDtls/TxDtls/RltdAgts no
NtryDtls/TxDtls/RltdAgts/CdtrAgt no
NtryDtls/TxDtls/RltdAgts/CdtrAgt/FinInstnId yes financial institution
NtryDtls/TxDtls/RltdAgts/CdtrAgt/FinInstnId/Nm 1 - 140 characters no Name
NtryDtls/TxDtls/RmtInf no purpose of use
NtryDtls/TxDtls/RmtInf/Ustrd 1 - 140 characters no purpose of use

pain.001

Resource for the pain.001 message upload.

PUT /v2/pain001

Upload a pain.001 message. Note that errors respectively the status regarding pain001 is returned as pain002 message with the HTTP 200 or 207 status code.

Request Parameters

name type description
Authorization header Bearer <token>
Signature header <signature>
algorithm header The used signing algorithm, e.g. rsa-sha512

Request Body

media type data type description
application/xml Document (XML) The pain.001 message as xml.

Response Codes

code condition type
200 Request successful Document (XML)
207 Request successful, but with pain.002 error states Document (XML)

Response Body

media type data type description
application/xml Document (XML) The pain.002 response message as xml.

Response Headers

name description
signature <signature>
algorithm The used signing algorithm, e.g. rsa-sha512

Payment Types and Example Files

Description Local Instrument Creditor Account Creditor Agent Currency
Domestic Payment (CH/LI) - ESR (Orange payment slip) CH01 CHF
Domestic Payment (CH/LI) - with IBAN IBAN in CH/LI CHF/EUR
Domestic Payment (CH/LI) - with IBAN IBAN in CH/LI All except CHF/EUR
Foreign Payment - SEPA IBAN in Europe EUR
Foreign Payment not SEPA - SWIFT IBAN BIC Any Currency
Foreign Payment not SEPA - SWIFT Account Number BIC Any Currency

Response

Header

Path Format Mandatory Description
MsgId string yes Checking for duplicates usually takes place at the Swiss financial institutions at document (message) level. This is why the „Message Identification“ element must have a unique value. The uniqueness is checked by most of the financial institutions over a period of at least 90 days. It is recommended that the „Message“
CreDtTm string yes Recommendation: Should be the same as the actual date/time of creation.
NbOfTxs string yes If there is an error, the whole message is rejected. Messages that exceed 99,999 payments (C-Level) will be rejected by the financial institutions. Depending on the financial institution, the size of the message that can be delivered may be smaller.
CtrlSum decimal Value is the same as the sum of all the „Amount elements“ („Instructed Amount“ or „Equivalent Amount“) (2.42) Recommendation: the control sum should be sent in this element in Level A. If there is an error, the whole message is rejected.
InitgPty (Group) yes At least one of the two elements „Name“ or „Identification“ must be sent.
InitgPty/Nm string Name of the message sender, maximum 70 characters.

Payment

Path Format Mandatory Description
PmtInfId string yes Value must be unique within the whole message (is used as reference in the Status Report „pain.002“). Only the SWIFT character set is permitted for this element (see section 2.4.1).
PmtMtd string yes TRA and „TRF“: same meaning, no effect on the way the debit advices are controlled. In Switzerland the „TRA“ value is processed in the same way as the „TRF“ value, it has no special function. Furthermore, for check payments, the „CHK“ value is permitted.
BtchBookg boolean The option „true“ is recommended. „true“: Wherever possible, one batch booking is made per „Payment Information“ (B). A separate B-level must be created for each currency being transferred. The booking is identified using the Payment Information Identification (B). „false“: One booking should be made for each „Credit Transfer Transaction Information“ (C). Bookings are usually identified by the „Payment Identification“ (C). Alternatively, the financial institution can also identify the booking using, for example, the „Payment Information Identification“ (B) element. If this element is not sent, then the booking proceeds as for „true“.
ReqdExctnDt string yes Contains the required date of execution. Where appropriate, the value data is automatically modified to the next possible banking/Post Office business day.
Dbtr (Group) yes The debtor is only identified by the „Debtor Account“ element. Information in the „Debtor“ field will be ignored. What is required is the master data for the financial institution for this debtor.
Dbtr/Nm string Recommendation: Use, maximum 70 characters.
DbtrAcct (Group) yes Recommendation: IBAN should be used. . However, „Other“ is currently also still permitted by some financial institutions for the proprietary account number. The „Type/Proprietary“ element can also be used to define the way the debit advice is controlled. When using the AOS „Additional participants“ (multi-banking), the third-party bank must be specified here.
DbtrAcct/Id/IBAN string Recommendation: Use. If used, „Other“ must not be present.
DbtrAgt (Group) yes The Swiss financial institutions recommend entering the BIC or IID (institutional identification) in this element. When using the AOS „Additional participants“ (multi-banking), the third-party bank must be specified here.
DbtrAgt/FinInstnId/BIC string BIC of the Debtor Bank. If used, then „Clearing System Member Identification“ must not be present.

Transaction

Path Format Mandatory Description
PmntId (Group) yes
PmntId/InstrId string Recommendation: Should be used and be unique within the B-Level. Only the SWIFT character set is permitted for this element
PmntId/EndToEndId string yes Customer reference, normally forwarded as far as the beneficiary. Only the SWIFT character set is permitted for this element
PmtTpInf/InstrPrty string Any information about the Express processing should be sent at B- Level, values in this element are ignored.
PmtTpInf/LclInstrm (Group)
Amt/InstdAmt yes If used, then „Equivalent Amount“ must not be present.
Amt/InstdAmt/@Ccy string
CdtrAgt (Group)
Cdtr/Nm string yes Must be used if "Creditor" is used, maximum 70 characters.
CdtrAcct/Id (Group) yes Recommendation: Whenever possible the IBAN should be used. Must be used if "Creditor Account" is used.
RmtInf/Strd/CdtrRefInf (Gruppe) yes

Case-Specific Attributes

Payment

Path Format Mandatory Description
PmtTpInf Can be used at B-Level or C-Level, but generally not in both at the same time. Some institutions permit it to be sent at both levels but not the same sub-element at both levels.
PmtTpInf/SvcLvl Service Level affects the way payment is made at the financial institution. The focus is on achieving the fastest possible credit for the creditor.
PmtTpInf/SvcLvl/Cd string

Transaction

Path Format Mandatory Description
CdtrAcct/Id/Othr/IBAN string

Transaction

Path Format Mandatory Description
PmtTpInf/LclInstrm/Prtry string If used, then „Code“ must not be present.
CdtrAcct/Id/Othr/Id string Must be used if "Other" is used.
RmtInf/Strd/CdtrRefInf/Ref string

Transaction

Path Format Mandatory Description
PmtTpInf/LclInstrm/Prtry string If used, then „Code“ must not be present.
CdtrAcct/Id/Othr/IBAN string

Transaction

Path Format Mandatory Description
CdtrAgt/FinInstnId/BIC string If used, then "Clearing System Member Identification" must not be present.
CdtrAcct/Id/Othr/Id string Must be used if "Other" is used.

Transaction

Path Format Mandatory Description
CdtrAgt/FinInstnId/BIC string If used, then "Clearing System Member Identification" must not be present.
CdtrAcct/Id/Othr/IBAN string

Errors

code condition type
400 Validation of input parameters failed Errors (JSON)
401 If no JWT was provided or JWT is invalid Errors (JSON)
403 API key is invalid or any other condition hinders the login Errors (JSON)
423 The Authorization is valid but the user account is locked and cannot be accessed Errors (JSON)

Data Types

Account

Response

{
  "account" : "00012345/001.000.001",
  "type" : "CURRENT ACCOUNT",
  "iban" : "LI6808811000000001234",
  "customer" : "00012345 Max Muster",
  "currency" : "CHF",
  "balance" : -1321.0,
  "available" : 0.0
}

A single account instance

Properties

name data type constraints description
account string required The account number of the account
type string required The type of the account
iban string The iban of the account if exists
customer string required The customer data of the account which consists of the customer number and name
currency string required The account currency
balance number required The current account balance
available number The available amount of the account as defined in the online banking

Accounts

Response

{
  "date" : "2018-12-31",
  "moreResults" : false,
  "resultSetSize" : 2,
  "accounts" : [ {
    "account" : "00012345/001.000.001",
    "type" : "CURRENT ACCOUNT",
    "iban" : "LI6808811000000001234",
    "customer" : "00012345 Max Muster",
    "currency" : "CHF",
    "balance" : -1321.0,
    "available" : 0.0
  }, {
    "account" : "00012345/001.000.001",
    "type" : "CURRENT ACCOUNT",
    "iban" : "LI6808811000000001234",
    "customer" : "00012345 Max Muster",
    "currency" : "CHF",
    "balance" : -1321.0,
    "available" : 0.0
  } ]
}

The accounts message response body.

Properties

name data type constraints description
date string required The balance date (today)
moreResults boolean required Attribute indicates that more results are available on the server
resultSetSize number required Number of results in the returned result set
accounts array of Account The list of accounts

Approval

Response

{
  "contact" : "1234 Max Muster",
  "group" : 1,
  "dateOfApproval" : "2018-08-22T10:07:02"
}

A approval of a transaction.

Properties

name data type constraints description
contact string The contact information about the user who gave the approval
group number The contacts group if a special group policy applies
dateOfApproval string The date the approval was given

AuthBody

Response

{
  "contactnr" : "1234",
  "password" : "secret"
}

Authorization message body

Properties

name data type constraints description
contactnr string required The contact number
password string required The contact password

Authorize

Response

{
  "key" : "1234567890abcdefgHIJKLMN",
  "password" : "secret"
}

The authorization message request body.

Properties

name data type constraints description
key string required The previously generated API-Key (Personal Access Token)
password string required The current user password

AuthorizeResponse

Response

{
  "token" : "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJCYW5rIEZyaWNrIFdlYkFQSSIsInN1YiI6IlRhZ2VzYWJzY2hsdXNzIiwiY29udGFjdCI6IjY3ODkiLCJuYW1lIjoiTWF4IE11c3RlciIsInBlcm1pc3Npb25zIjpbImFjY291bnRzIiwidHJhbnNhY3Rpb25zIiwiY2FtdDA1MiIsImNhbXQwNTMiXSwiYXVkIjoicHJvZHVjdGlvbiIsImV4cCI6MTU0NjMwMDgwMCwiaWF0IjoxNTMzMTA5MzIzfQ.DlxpBZMGAZx1xK-UdA-s9SrHMrEIt60waF1kLYG6kCuTRMrcDiS3KR8p0bAyZaLUWlfSJF3TCMb2Tup5MyLFWc0fZRJfu0mBEyz74ZwbSN9iTrwzzsfIuX2E1d895hR1MgsMy2i1Qu-vwZgsW0WivnNCHBMLZH0jM94v1czt7f0"
}

The authorization message response body.

Properties

name data type constraints description
token string required The assigned JWT for the login request

Charge

Enum values for the 'charge' field.

Properties

value description
BEN beneficiary pays costs
OUR sender pays costs
SHA shared costs

CreateTransaction

Request

{
  "transactions" : [ {
    "customId" : "4711",
    "type" : "FOREIGN",
    "amount" : 1321.00,
    "currency" : "EUR",
    "express" : true,
    "reference" : "some individual text",
    "charge" : "SHA",
    "debitor" : {
      "iban" : "LI6808811000000001234"
    },
    "creditor" : {
      "accountNumber" : "00012345/001.000.001",
      "name" : "Max Muster",
      "iban" : "DE12500105170648489890",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa",
      "esr" : "961116900000006600000009284"
    }
  }, {
    "customId" : "4711",
    "type" : "ORANGE",
    "amount" : 1321.00,
    "currency" : "EUR",
    "express" : true,
    "reference" : "some individual text",
    "charge" : "BEN",
    "debitor" : {
      "iban" : "LI6808811000000001234"
    },
    "creditor" : {
      "accountNumber" : "00012345/001.000.001",
      "name" : "Max Muster",
      "iban" : "DE12500105170648489890",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa",
      "esr" : "961116900000006600000009284"
    }
  } ]
}

The create transactions request body.

Properties

name data type constraints description
transactions array of Transaction (new instance) required the list of transactions to be created

DeleteRequestTan

Response

{
  "challengeId" : "c6f8dd20-aad0-11e8-98d0-529269fb1459"
}

The delete request tan request body.

Properties

name data type constraints description
challengeId string required The challenge ID to be deleted, cancels the TAN challenge

DeleteTransaction

Response

{
  "orderIds" : [ 12345, 12345 ]
}

The delete transactions request body.

Properties

name data type constraints description
orderIds array of number required The order ids (as assigned from the server) to be deleted

ErrorMessage

Response

{
  "message" : "Parameter iban is missing",
  "code" : "request_body_validation_error"
}

A single error message instance.

Properties

name data type constraints description
message string required An explanation about the error
code string required An internal error code

Errors

Response

{
  "errors" : [ {
    "message" : "Parameter iban is missing",
    "code" : "request_body_validation_error"
  }, {
    "message" : "Parameter iban is missing",
    "code" : "request_body_validation_error"
  } ]
}

The error message response body.

Properties

name data type constraints description
errors array of ErrorMessage required the list of error messages

Info

Response

{
  "version" : "2.2.5-20180831-1144",
  "environment" : "production",
  "messages" : [ {
    "title" : "Maintenance",
    "message" : "Due to maintenance work, online banking will not be available on 26.07.2018 from 05:00 to 06:00. We apologize for any inconvenience."
  }, {
    "title" : "Maintenance",
    "message" : "Due to maintenance work, online banking will not be available on 26.07.2018 from 05:00 to 06:00. We apologize for any inconvenience."
  } ]
}

The info response message body.

Properties

name data type constraints description
version string required The version information of the webapi service
environment string required The webapi environment
messages array of InfoMessage The list of messages

InfoMessage

Response

{
  "title" : "Maintenance",
  "message" : "Due to maintenance work, online banking will not be available on 26.07.2018 from 05:00 to 06:00. We apologize for any inconvenience."
}

A single info message instance.

Properties

name data type constraints description
title string The message title
message string The message content

Method

Enum values for the 'method' field

Properties

value description
SMS_TAN TAN send by SMS
PUSH_TAN TAN send by PushTAN App

RequestTan

Response

{
  "orderIds" : [ 12345, 12345 ],
  "method" : "SMS_TAN"
}

The request tan request body.

Properties

name data type constraints description
orderIds array of number required The order ids (as assigned from the server) to request a tan for. Either orderIds, customIds or combination of both must be given.
customIds array of string required The custom ids (as assigned from the client) to request a tan for. Either orderIds, customIds or combination of both must be given.
method Method required The TAN method to be used for sending the TAN

RequestTanResponse

Response

{
  "challange" : "c6f8dd20-aad0-11e8-98d0-529269fb1459",
  "expires" : "2018-08-22T10:07:02.895"
}

The request tan response body.

Properties

name data type constraints description
challange string required A challenge id which must be returned to the server when resolving the tan request
expires string required The time until the tan challenge must be resolved

SignTransactionsWithTan

Response

{
  "challengeId" : "zRsFYey8/uVscFn3UVxmpisAlbigLEsvy1M5crtRhMc=",
  "tan" : "123456"
}

The sign transactions with tan request body message.

Properties

name data type constraints description
challengeId string required The challenge id as given in the requestTan response message
tan string required The received (SMS-)TAN

SignTransactionsWithoutTan

Response

{
  "orderIds" : [ 12345, 12345 ]
}

The sign transactions without tan request body message.

Properties

name data type constraints description
orderIds array of number required The order ids (as assigned from the server) to be approved by the user

State

Enum values for the 'state' field.

Properties

value description
PREPARED The transaction is stored but not yet processed
IN_PROGRESS The transaction is being processed
DELETED The transaction was deleted
EXPIRED The transaction expired
EXECUTED The transaction was executed
REJECTED The transaction was rejected
ERROR The transaction was faulty

Transaction (new instance)

Request

{
  "customId" : "4711",
  "type" : "BANK_INTERNAL",
  "amount" : 1321.00,
  "currency" : "EUR",
  "express" : true,
  "reference" : "some individual text",
  "charge" : "BEN",
  "debitor" : {
    "iban" : "LI6808811000000001234"
  },
  "creditor" : {
    "accountNumber" : "00012345678",
    "name" : "Max Muster",
    "iban" : "DE12500105170648489890",
    "bic" : "INGDDEFFXXX",
    "creditInstitution" : "ING-DiBa",
    "esr" : "961116900000006600000009284"
  }
}

A single transaction instance to be created.

Properties

name data type constraints description
customId string required, max size: 50, min size: 0 Unique custom id for a transaction given by the client
type Type required The type of the payment order
amount number required, min: 0.01, max digits: 12 (integer), 2 (fraction) The amount of the transaction
currency string required, max size: 3, min size: 0 The transaction currency
express boolean required Information if it is a express transaction
reference string max size: 140, min size: 0 The reference text or individual note
charge Charge required when type FOREIGN The charging type
debitor TransactionDebitorAccount required The client information about the transaction
creditor TransactionCreditorAccount required The beneficiary information about the transaction

Transaction (existing instance)

Response

{
  "orderId" : 20222,
  "customId" : "4711",
  "type" : "FOREIGN",
  "state" : "EXECUTED",
  "amount" : 1321.00,
  "currency" : "EUR",
  "valuta" : "2018-08-27",
  "express" : true,
  "reference" : "Some Individual Text",
  "charge" : "SHA",
  "debitor" : {
    "accountNumber" : "00012345/001.000.001",
    "name" : "Max Muster",
    "iban" : "LI6808811000000001234",
    "bic" : "INGDDEFFXXX",
    "creditInstitution" : "ING-DiBa",
    "esr" : "961116900000006600000009284"
  },
  "creditor" : {
    "accountNumber" : "00012345/001.000.001",
    "name" : "Max Muster",
    "iban" : "LI6808811000000001234",
    "bic" : "INGDDEFFXXX",
    "creditInstitution" : "ING-DiBa",
    "esr" : "961116900000006600000009284"
  },
  "creator" : "1234 Max Muster",
  "createDate" : "2018-08-22T10:07:02",
  "right" : "Bevollmächtigter kollektiv zu 2",
  "groupPolicy" : "Group intern",
  "group" : 1,
  "quorum" : 2,
  "approvals" : [ {
    "contact" : "1234 Max Muster",
    "group" : 1,
    "dateOfApproval" : "2018-08-22T10:07:02"
  }, {
    "contact" : "1234 Max Muster",
    "group" : 1,
    "dateOfApproval" : "2018-08-22T10:07:02"
  } ]
}

A single transaction existing instance.

Properties

name data type constraints description
orderId number The order id as assigned by the system
customId string Unique custom id for a transaction given by the client
type Type required The type of the payment order
state State required The state of the payment order
amount number required The amount of the transaction
currency string required The transaction currency
valuta string required The (est.) valuta date of the transaction
express boolean required Information if it is a express transaction
reference string The reference text of individual notes
charge Charge The charging system of the transaction
debitor TransactionAccount required The client information about the transaction
creditor TransactionAccount required The beneficiary information about the transaction
creator string required The creator contact information
createDate string The create date
right string required The write privilege of the creator in regards to the customer
groupPolicy string Information about applied group policy
group number Information about the creators group in case a group policy applies
quorum number The total number of approvals required for the transaction
approvals array of Approval A list of approvals given to the payment order

TransactionAccount

Request

{
  "accountNumber" : "00012345678",
  "name" : "Max Muster",
  "iban" : "LI6808811000000001234",
  "bic" : "INGDDEFFXXX",
  "creditInstitution" : "ING-DiBa",
  "esr" : "961116900000006600000009284"
}

Debitor or creditor account information of the transaction.

Properties

name data type constraints description
accountNumber string The account number of the corresponding account (instead of IBAN, only type = FOREIGN )
name string The name of the client or recipient
iban string The iban of the corresponding account
bic string The bic of the corresponding accounts credit institution (only type = FOREIGN)
creditInstitution string The name of the credit institution (only type = FOREIGN)
esr string The esr number (only type = ORANGE)

TransactionCreditorAccount

Request

{
  "accountNumber" : "00012345678",
  "name" : "Max Muster",
  "iban" : "DE12500105170648489890",
  "bic" : "INGDDEFFXXX",
  "creditInstitution" : "ING-DiBa",
  "esr" : "961116900000006600000009284"
}

The transactions beneficiary account information.

Properties

name data type constraints description
accountNumber string max size: 30, min size: 0 The account number of the recipient (instead of IBAN, only type = FOREIGN )
name string required The name of the recipient
iban string max size: 34, min size: 0 The iban of the recipient account
bic string max size: 11, min size: 0 The bic of the recipient credit institution (only type = FOREIGN)
creditInstitution string max size: 50, min size: 0 The recipient credit institution (only type = FOREIGN)
esr string max size: 27, min size: 0 The esr number (only type = ORANGE)

TransactionDebitorAccount

Request

{
  "iban" : "LI6808811000000001234"
}

The transactions client account information.

Properties

name data type constraints description
iban string required, max size: 34, min size: 0 the account iban of the sender

Type

Enum values for the 'type' field

Properties

value currency description
INTERNAL Any Internal transfers within the same company
BANK_INTERNAL Any Bank Frick Internal Transfer to a different company where the contact is linked to
SEPA Euro SEPA Payment (Only transactions in Euro to European countries)
FOREIGN Any International Transfer (SWIFT)
RED CHF & EUR Red Payment Slip
ORANGE CHF & EUR Orange Payment Slip with ESR number (Only in Switzerland)

Transactions

Response

{
  "moreResults" : false,
  "resultSetSize" : 2,
  "transactions" : [ {
    "orderId" : 20222,
    "customId" : "4711",
    "type" : "FOREIGN",
    "state" : "EXPIRED",
    "amount" : 1321.00,
    "currency" : "EUR",
    "valuta" : "2018-08-27",
    "express" : true,
    "reference" : "Some Individual Text",
    "charge" : "OUR",
    "debitor" : {
      "accountNumber" : "00012345/001.000.001",
      "name" : "Max Muster",
      "iban" : "LI6808811000000001234",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa",
      "esr" : "961116900000006600000009284"
    },
    "creditor" : {
      "accountNumber" : "00012345/001.000.001",
      "name" : "Max Muster",
      "iban" : "LI6808811000000001234",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa",
      "esr" : "961116900000006600000009284"
    },
    "creator" : "1234 Max Muster",
    "createDate" : "2018-08-22T10:07:02",
    "right" : "Bevollmächtigter kollektiv zu 2",
    "groupPolicy" : "Group intern",
    "group" : 1,
    "quorum" : 2,
    "approvals" : [ {
      "contact" : "1234 Max Muster",
      "group" : 1,
      "dateOfApproval" : "2018-08-22T10:07:02"
    }, {
      "contact" : "1234 Max Muster",
      "group" : 1,
      "dateOfApproval" : "2018-08-22T10:07:02"
    } ]
  }, {
    "orderId" : 20222,
    "customId" : "4711",
    "type" : "ORANGE",
    "state" : "ERROR",
    "amount" : 1321.00,
    "currency" : "EUR",
    "valuta" : "2018-08-27",
    "express" : true,
    "reference" : "Some Individual Text",
    "charge" : "OUR",
    "debitor" : {
      "accountNumber" : "00012345/001.000.001",
      "name" : "Max Muster",
      "iban" : "LI6808811000000001234",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa",
      "esr" : "961116900000006600000009284"
    },
    "creditor" : {
      "accountNumber" : "00012345/001.000.001",
      "name" : "Max Muster",
      "iban" : "LI6808811000000001234",
      "bic" : "INGDDEFFXXX",
      "creditInstitution" : "ING-DiBa",
      "esr" : "961116900000006600000009284"
    },
    "creator" : "1234 Max Muster",
    "createDate" : "2018-08-22T10:07:02",
    "right" : "Bevollmächtigter kollektiv zu 2",
    "groupPolicy" : "Group intern",
    "group" : 1,
    "quorum" : 2,
    "approvals" : [ {
      "contact" : "1234 Max Muster",
      "group" : 1,
      "dateOfApproval" : "2018-08-22T10:07:02"
    }, {
      "contact" : "1234 Max Muster",
      "group" : 1,
      "dateOfApproval" : "2018-08-22T10:07:02"
    } ]
  } ]
}

The transactions message response body.

Properties

name data type constraints description
moreResults boolean required Attribute indicates that more results are available on the server
resultSetSize number required Number of results in the returned result set
transactions array of Transaction (existing instance) required the list of transactions