Search

/

Reference

Pages

Homeorganizationproductsdeposit accountsloan accountstransactionsservicesledgersuserssystem

This documentation is incomplete. Please fill all the blanks in before publishing onto GitHub.

Welcome to Core Banking API Reference

The Core Banking API is a RESTful API that provides access to the functionalities of the Core Banking System. All of our documentations are available along with the source code on GitHub.

We offer language bindings in Go, Java, Python, JavaScript, TypeScript, and PHP.


Usage

Overview

Organizational-wide endpoints such as manipulating branches, centres, clients and the default format for client IDs are managed in the organization section.

To create users and API keys, the users section allows doing so, in addition to managing the users' permission in the Core Banking system.

Product management such as loan products, deposit products and risk levels are managed in the products section. The loan account section and the deposit account section allows the creation of accounts based on these products in addition to applying account-specific configuration.

The transactions section manages both loan and deposit transactions while ledgers and reports can be found in the ledgers section.

The services section includes all services provided by the organization such as cards, currency exchange and revolving accounts.

System maintenance such as aliveness checks, database backups and jobs are done in the system section.

Endpoints

The API is served on / while the documentation is served on /docs.

Programs should only rely on endpoints under /v{Version} where Version is an integer as other endpoints may change without notice.

The UAT environment for the Core is available at https://api.corebank.uat.apix.global.

Example: The echo endpoint (documented as /v1/util/echo) is available at https://api.corebank.uat.apix.global/v1/util/echo as it is an API endpoint.

A list of other endpoints is available in their respective categories accessible via the sidebar on the left.

Authentication

Authentication on the API is done by passing the authentication token to the Authorization header. A valid API key can be generated by the user in the Core Banking System's settings page or via OAuth2 set up by your administrator.

All users except the first user must have an associated user created to authenticate using OAuth2. The Core Banking System will return an authentication error even when the OAuth2 flow succeeds if the user does not have a corresponding account.

The validity of the authentication token can be checked safely with the /api/v1/util/echo endpoint.

Idempotency

Idempotent requests on Core Banking API are done by passing an idempotency key in the X-Idempotency-Key header.

The server will return the same response if the idempotency key has been used by the same user in the past 3 hours, after which requests using the same idempotency key will no longer be considered duplicates. The validity period is NOT renewed on duplicate requests.

All requests support the idempotency key and it SHOULD be used for all requests that creates a new object.

Note: Idempotency keys are not necessary for requests to a GET endpoint as GET endpoints are side-effectless and can be repeated multiple times without consequences.

Using idempotency keys will still work but are not recommended, as fetching new values is typically preferred for GET requests.

Common Errors

Code Description
403 Forbidden

Pagination

All List endpoints support pagination. The first page can be accessed by omitting the page_token parameter.

For subsequent pages, the page_token parameter should be set to next_page_token returned in the last response. Other parameters should not be provided in an API request to fetch next pages.

page_token must be treated as opaque and must not be parsed or crafted by the user interface.

When page_size is set to 0, the default page size will be used instead.

Date and Time Format

For fields with the type Timestamp, the API uses RFC3339 format for date and time. Compliant JSON libraries should already use this format automatically.


Support

For more support or assistance with the Core Banking API, (FILL ME IN)

Bugs

If you believe you have found a bug in the API, please report it on GitHub. However if you have believe you have found a security vulnerability in the API, please report it as (FILL ME IN with bug bounty program).