GET /accounts

As a recognized TPP, access the user's account information by making a GET request to the /accounts endpoint. Remember to include the base URL.

Here's a simplified example of the bank's response:

{

    "accounts": [

        {

         "id": "a:8DbPteGnytmMbKXdnWTReeRB6cYWKXZ84JgLTBC7fKL4:5zKcENpV",

         "name": "Main Checking",

         "bankId": "xyz-bank",

         "accountFeatures": {

             "supportsInformation": true,

             "supportsPayment": true,

         },

         "accountDetails": {

             "identifier": "MJzqR1A2NSgTg",

             "type": "CHECKING",

             "status": "ACTIVE",

             "metadata": {        // see note on provider metadata

                 "clientId": "1"

             }

         }

        },

        {

         "id": "a:6hLu9jSeDpXV9cWafdQxvxVFgoptZX65hwVWPgzCBBGL:5zKcENpV",

         "name": "N26 Savings",

         "bankId": "n26",

         "accountFeatures": {

             "supportsInformation": true,

             "supportsSendPayment": true,

             "supportsReceivePayment": true

         },

         "accountDetails": {

             "identifier": "r4KIihP9twv5",

             "type": "CHECKING",

             "status": "ACTIVE",

             "metadata": {        // see note on provider metadata

                 "clientId": "1"

             }

         }

    }

  ]

}

Key bank-dependent fields in the accounts object and their corresponding descriptions are listed in the following table.

Key Fields in the Bank's Account Access Response
Field Subfield Description
accountDetails accountHolderName Name of the individual listed as owner of the account
accountIdentifiers One of four supported categories of bank and account identification – bbanClosedBasic Bank Account Number – represents a country-specific bank account number. The BBAN is the last part of the IBAN when used for international funds transfers. Every country has its own specific BBAN format and length. See https://www.mobilefish.com/services/bban_iban/bban_iban.php for help with BBAN conversion., gbDomesticClosedDomestic bank account identifier in the United Kingdom. Contains accountNumber and sortCode. The ISO country code is assumed to be GB., ibanClosedInternational Bank Account Number – a number attached to all bank accounts in the EU countries, plus Norway, Switzerland, Liechtenstein and Hungary. The IBAN is made up of a code identifying the country to which the account belongs, the account holder's bank, and the account number itself., or tokenClosedOne of four supported categories of accountIdentifiers defined in the API's AccountDetails object. It identifies the user member's account by accountId and memberId.
bicClosedBank Identifier Code – a unique identifier for a specific financial institution. A BIC is composed of a 4-character bank code, a 2-character country code, a 2-character location code and an optional 3-character branch code. String value representing the bank identification code
providerAccountDetails Specific information regarding the ASPSPClosedAccount Servicing Payment Services Provider – any financial institution that offers a payment account with online access. This includes banks and building societies. PSD2 requires ASPSPs to provide access to trusted third parties for initiating payments and accessing account information. required by the respective Open Banking API standard adopted by the bank. These include additional ASPSP business identifiers and contact information (address, phone, email, etc.) for:

The PAN and/or masked PAN are never included in the account details.

See the protobuf reference or Swagger spec (under the Model tab) for object and field details. See also the notes on provider metadata below.

status Provider-dependent string (ex. "Active", "Inactive", etc.)
type Type of provider account; i.e., CHECKING, SAVINGS, LOAN, CARD, OTHER
accountFeatures requiresExternalAuth Boolean. PSUClosedPayment Services User – an individual person or legal business entity making use of an Open Banking service as a payee, payer or both. must authenticate using an external (non-bank) mechanism/service
supportsInformation Boolean. Account information may be shared given upon verified customer consent
supportsPayment Boolean. Account supports authorised payment initiation
supportsSendPayment Boolean. Account can send payments
bankId System-generated Bank ID
id System-generated account ID
isLocked Boolean. The account is locked
name User-defined name of the account

 

In the GET /accounts response payload, account_identifiers are specified in accountDetails, which include bic and account_holder_name, along with account_number and/or sort_code. An example of the JSONClosedJavaScript Object Notation – a lightweight format for storing and transporting data, often when data is sent from a server to a web page. for account_identifiers might look something like this:

account_details {

    provider_aaccount_details {

        cma9_account_details {

            account_type: BUSINESS_ACCOUNT

            account_subtype: CURRENT_ACCOUNT}

    },

    account_identifiers: [

    {

       gb_domestic

          {sort_code: "700001",

           account_number: "70000005"}

    }

]}

Possible account_identifiers in the bank's response payload comprise:

Only fields supported by the responding bank will be populated.

Previously, TPPs could obtain these data — account identifiers, BICClosedBank Identifier Code – a unique identifier for a specific financial institution. A BIC is composed of a 4-character bank code, a 2-character country code, a 2-character location code and an optional 3-character branch code., and customer name — after a GET /account call with a subsequent GET /account/{account_Id}/transfer-destinations call, wherein the debit-side bank returned its preferred transfer method(s) — SEPAClosedSingle Euro Payments Area – a payments system created by the European Union (EU) which harmonizes the way cashless payments transact between euro countries. European consumers, businesses, and government agents who make payments by direct debit, instant credit transfer, and through credit transfers use the SEPA architecture. The single euro payment area is approved and regulated by the European Commission. SEPA currently includes 36 members. It encompasses the 28 EU member states along with Iceland, Norway, Liechtenstein, Switzerland, Andorra, Vatican City, Monaco and San Marino. The single euro payment area remains an ongoing, collaborative process between these parties. SEPA is in the process of harmonizing rules regarding mobile and online payments., FPSClosedFaster Payments Service – UK banking initiative to reduce payment times between different banks' customer accounts from the three working days that transfers take using the long-established BACS system to typically a few seconds., DomesticClosedBanks make domestic wire transfers (as opposed to international wire transfers) to send funds to financial institutions residing in the same country or financial zone., etc. — along with the bic and CustomerData.

However, to optimise API utilisation and eliminate the additional call to transfer-destinations to get account details, banks are now required to populate account_identifiers, bic and account_holder_name in the accountDetails returned by the GET /accounts call.

More notes on provider metadata: The provider metadata in accountDetails and providerTransactionDetails included in the AIS code samples presented consist of additional fields returned by the bank at its option in response to your particular request. The presence and type of metadata are entirely dependent on the bank to which you submit your request and generally comprise additional information about the account or the transaction pertinent to your specific use case. How you use this information, when included in the bank's response, is entirely up to you.

Please refer to the API's Swagger Reference for additional details on all of the above.