Skip to main content

Fena Account and Transaction Data API Specification (1.0.1)

Download OpenAPI specification:Download

API Documentation for Fena Data Account and Transaction

Supported UK Banks

UK Banks Provider Name Status
Lloyds Personal ob-lloyds-personal Active
Revolut ob-revolut Active
Santander ob-santander Active
Halifax ob-halifax-personal Active
Natwest ob-natwest Active
TSB ob-tsb Active
HSBC Personal ob-hsbc-personal Active
Bank of Scotland Personal ob-bos-personal Active
Monzo ob-monzo Active
First Direct ob-first-direct Active
Royal Bank of Scotland ob-rbs Active
Ulster ob-ulster Active
Nationwide ob-nationwide Active
Starling starling Active
Lloyds Business ob-lloyds-business Active
Barclys Business ob-barclays-business Active
Barclys Corporate ob-barclays-corporate Active
Bank of Scotland Business ob-bos-business Active
Danske Business ob-danske-business Active
Danske Private ob-danske-private Active
HSBC Business ob-hsbc-business Active
Virgin Money ob-virgin-money Active
Lloyds Sandbox ob-sandbox-lloyds Inactive
Metro Personal ob-metro-personal Inactive
Mettle ob-mettle Active
Tide ob-tide Active

Authentication

Fena only supports API Key authentication:

  • API Key

clientId

Security Scheme Type API Key
Header parameter name: client_id

clientSecret

Security Scheme Type API Key
Header parameter name: client_secret

Create Account Access Consents

Authorizations:
header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Request Body schema: application/json
provider
required
string
Enum: "ob-sandbox-lloyds" "ob-sandbox-coutts" "ob-lloyds-personal" "ob-barclays-personal" "ob-barclays-business" "ob-barclays-corporate" "ob-revolut" "ob-santander" "ob-halifax-personal" "ob-natwest" "ob-tsb" "ob-hsbc-personal" "ob-hsbc-business" "ob-bos-personal" "ob-lloyds-business" "ob-bos-business" "ob-monzo" "ob-virgin-money" "ob-first-direct" "ob-rbs" "ob-ulster" "ob-metro-personal" "ob-nationwide" "ob-tide" "ob-mettle" "ob-chase" "ob-aibgb-retail" "ob-aibgb-corporate" "ob-starling" "starling" "ob-danske-business" "ob-danske-private"

Provider name

flow
string
Enum: "accounts" "balances" "transactions"

If supplied create consent call will automatically trigger the selected flow (after redirecting back from bank's consent authorization page) and return appropriate data in the response. All in one call.

accountId
string

Required if 'flow' is supplied and 'balances' or 'transactions' is selected.

transactionStartDate
string

May be supplied with 'transactions' flow to pinpoint the date beginning from which transactions should be returned. Otherwise, by default, will be set to 1970-01-01T00:00:00.000Z

transactionEndDate
string

May be supplied with 'transactions' flow to pinpoint the date until which transactions should be returned. Otherwise, by default, will be set to the current date

starlingCategoryId
string

May be supplied with 'transactions' flow if provider is set to 'starling'.

customerConsentId
string

Optional identifier for the consent, generated on client side.

object

Responses

Request samples

Content type
application/json
{
  • "provider": "ob-sandbox-lloyds",
  • "flow": "accounts",
  • "accountId": "string",
  • "transactionStartDate": "2021-01-01T00:00:00.000Z",
  • "transactionEndDate": "2022-03-01T00:00:00.000Z",
  • "starlingCategoryId": "string",
  • "customerConsentId": "f929d718-1496-11eb-adc1-0242ac120002",
  • "Option": {
    }
}

Response samples

Content type
application/json; charset=utf-8
{
  • "result": {
    }
}

Get Account Access Consents

Authorizations:
path Parameters
consentId
required
string

ID of the consent created.

header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
{
  • "Data": {
    },
  • "Risk": { },
  • "Links": {},
  • "Meta": {
    }
}

Delete Account Access Consents

Authorizations:
path Parameters
consentId
required
string

ID of the consent created.

header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
{
  • "result": {
    }
}

Reconfirm Account Access Consent

Authorizations:
path Parameters
consentId
required
string

ID of the consent created.

header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
{
  • "message": "string",
  • "lastAuthorizationAt": "2019-08-24T14:15:22Z"
}

Accounts

Get Accounts

Authorizations:
path Parameters
consentId
required
string

ID of the consent created.

header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
Example
{
  • "Data": {
    }
}

Balances

Get Balances

Authorizations:
path Parameters
consentId
required
string

ID of the consent created.

accountId
required
string

ID of the account.

header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
Example
{
  • "Data": {
    }
}

Transactions

Get Transactions

Authorizations:
path Parameters
consentId
required
string

ID of the consent created.

accountId
required
string

ID of the account.

query Parameters
transactionStartDate
string <date-time>

ID of the account.

transactionEndDate
string <date-time>

ID of the account.

header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
{
  • "Data": {
    }
}

Variable Recurring Payment Consents

Create VRP Consent

Authorizations:
header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Request Body schema: application/json
provider
required
string (VRP Provider)
Enum: "ob-sandbox-natwest" "ob-natwest" "ob-nationwide" "ob-rbs" "ob-ulster" "ob-hsbc-personal" "ob-hsbc-business" "ob-hsbc-net" "ob-lloyds-personal" "ob-lloyds-business" "ob-halifax-personal" "ob-bos-personal" "ob-bos-business" "ob-first-direct" "ob-santander" "ob-barclays-personal" "ob-barclays-business" "ob-barclays-corporate" "ob-danske-business" "ob-danske-private" "ob-monzo" "ob-mettle"

Providers that support VRPs

reference
string or null [ 1 .. 18 ] characters
risk
object (VRP Risk)
object (VRP Option)
object (VRP Remitter)

VRP Remitter Object

required
object (VRP Beneficiary)

VRP Beneficiary Object

maximumIndividualAmount
required
string (VRPMaximumIndividualAmount) [ 4 .. 10 ] characters ^\d+\.\d{0,2}$

Maximum amount of an individual payment that consent allows

required
Array of objects (VRPPeriodicLimits) non-empty [ items ]
vrpType
required
Array of strings (VRPType) non-empty
Items Enum: "Sweeping" "Other"

The types of payments that can be made under this VRP consent. This can be used to indicate whether this include sweeping payment or other ecommerce payments. Where 'sweeping payments' enable customers to automatically ‘sweep’ funds between their accounts on a recurring basis. And 'non-sweeping payments' enable payment providers to give businesses a new option for managing customer payments for a range of services, including utility bills and subscriptions. Despite the presence of 'Other' value in OpenBanking API schemas, only the 'Sweeping' is currently supported by banks.

psuAuthenticationMethods
required
Array of strings (VRPPsuAuthenticationMethods) non-empty
Items Enum: "SCA" "SCANotRequired"

Indicates the PSU authentication methods supported. Despite the presence of 'SCA' value in OpenBanking API schemas, only the 'SCANotRequired' is currently supported by banks.

validFrom
string (VRPValidFrom)

Start date time for which the consent remains valid. In ISO 8601 Format

validTo
string (VRPValidTo)

End date time for which the consent remains valid. In ISO 8601 Format

Responses

Request samples

Content type
application/json
{
  • "provider": "ob-natwest",
  • "reference": "string",
  • "risk": { },
  • "option": {
    },
  • "remitter": {
    },
  • "beneficiary": {
    },
  • "maximumIndividualAmount": "string",
  • "periodicLimits": [
    ],
  • "vrpType": [
    ],
  • "psuAuthenticationMethods": [
    ],
  • "validFrom": "string",
  • "validTo": "string"
}

Response samples

Content type
application/json; charset=utf-8
{}

Get VRP Consent

Authorizations:
path Parameters
id
required
string <uuid>
header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
{
  • "id": "0e7722c7-a076-4151-a864-85c26117e996",
  • "maximumIndividualAmount": "10.00",
  • "periodicLimits": "[{\"periodType\":\"Day\",\"periodAlignment\":\"Consent\",\"amount\":\"20.00\"},{\"periodType\":\"Month\",\"periodAlignment\":\"Consent\",\"amount\":\"100.00\"}]",
  • "vrpType": "[\"Sweeping\"]",
  • "psuAuthenticationMethods": "[\"SCANotRequired\"]",
  • "status": "awaiting_authorization",
  • "referenceNumber": "333333",
  • "risk": null,
  • "beneficiaryIdentificationType": "SortCodeAccountNumber",
  • "beneficiarySortCode": "040004",
  • "beneficiaryAccountNumber": "11397104",
  • "beneficiaryIban": null,
  • "beneficiaryName": "Isaac Harper",
  • "remitterIdentificationType": "SortCodeAccountNumber",
  • "remitterSortCode": null,
  • "remitterAccountNumber": null,
  • "remitterIban": null,
  • "remitterName": null,
  • "validFrom": null,
  • "validTo": null,
  • "completedAt": null,
  • "createdAt": "2023-03-25T12:51:38.574Z",
  • "updatedAt": "2023-03-25T12:51:43.539Z",
  • "redirectUri": null,
  • "webhookUri": null,
  • "provider": {
    },
  • "providerData": {
    }
}

Delete VRP Consent

Authorizations:
path Parameters
id
required
string <uuid>
header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
{
  • "successfullyDeleted": true,
  • "message": "Request is completed successfully"
}

Variable Recurring Payments

Initiate VRP Payment

Authorizations:
header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Request Body schema: application/json
vrpConsentId
required
string^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]...

The ID of the VRP consent that this payment is made under.

amount
required
string [ 4 .. 10 ] characters ^\d+\.\d{0,2}$
psuAuthenticationMethod
required
string (VRPPsuAuthenticationMethod)
Enum: "SCA" "SCANotRequired"

The authentication method used to authenticate the PSU. Despite the presence of 'SCA' value in OpenBanking API schemas, only the 'SCANotRequired' is currently supported by banks.

object (VRP Option)

Responses

Request samples

Content type
application/json
{
  • "vrpConsentId": "string",
  • "amount": "string",
  • "psuAuthenticationMethod": "SCA",
  • "option": {
    }
}

Response samples

Content type
application/json; charset=utf-8
{
  • "result": {
    }
}

Get VRP Payment

Authorizations:
path Parameters
id
required
string <uuid>
header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
{
  • "id": "2423e5ef-3064-4d6c-b48a-abda67ef787e",
  • "amount": "0.01",
  • "psuAuthenticationMethod": "SCANotRequired",
  • "status": "executed",
  • "completedAt": "2023-03-27T10:11:34.102Z",
  • "createdAt": "2023-03-27T10:11:23.962Z",
  • "updatedAt": "2023-03-27T10:11:34.111Z",
  • "redirectUri": null,
  • "webhookUri": null,
  • "provider": {
    },
  • "vrpConsent": {
    }
}

Webhook

Create a Webhook

Authorizations:
header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Request Body schema: application/json
consentId
required
string

Consent ID

url
required
string

Your webhook URL

event
required
string
Enum: "ACCOUNT_ACCESS_CONSENT" "ACCOUNT" "ACCOUNTS" "ACCOUNT_BALANCES" "ACCOUNT_TRANSACTION" "ACCOUNT_TRANSACTIONS" "DOMESTIC_STANDING_ACCESS_CONSENT"

Event

product
required
string
Enum: "ACCOUNTS" "DOMESTIC_STANDING_PAYMENTS"

Product. Note: you can use 'ACCOUNTS' product for UK providers and also EU providers

Responses

Request samples

Content type
application/json
{
  • "consentId": "string",
  • "url": "string",
  • "event": "ACCOUNT_ACCESS_CONSENT",
  • "product": "ACCOUNTS"
}

Response samples

Content type
application/json; charset=utf-8
{
  • "message": "Request is completed successfully."
}

Get Webhook

Authorizations:
path Parameters
consentId
required
string <uuid>

ID of the consent the webhook was registered with

header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
{
  • "consentId": "string",
  • "url": "string",
  • "event": "ACCOUNT_ACCESS_CONSENT",
  • "product": "ACCOUNTS"
}

Delete a Webhook

Authorizations:
path Parameters
consentId
required
string <uuid>

ID of the consent the webhook was registered with

header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
{
  • "message": "Request is completed successfully."
}

Providers

Get Providers

Authorizations:
header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
[]

Get Providers Supporting VRPs

Authorizations:
path Parameters
providerId
required
string
Example: ob-natwest

ID of the provider.

query Parameters
filterSandbox
boolean

Filter out sandbox banks so the response contains only live banks.

header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
[]

Get Provider

Authorizations:
header Parameters
client_id
required
string <uuid>

Client clientId.

client_secret
required
string <uuid>

Client clientSecret.

Responses

Response samples

Content type
application/json; charset=utf-8
{}