The Al Salam Bank APIs use OAuth2 as authorization mechanism for access management to the endpoints. OAuth is an open standard that provides secure access to protected resources. Al Salam Bank authorisation server issues three types of tokens (Access Token, Refresh Token, ID Token)
Access tokens are used to allow AISPs access to protected resources (including APIs), the tokens are only valid for a short duration (e.g. 30 minutes).
ID tokens (also known as Identity Token) are provided in a standard JWT format and signed by the OpenID Provider (i.e. Al Salam Bank authorisation server), these are issued to AISP as part of a successful Consent journey.
Refresh tokens are required to obtain new access tokens when the current token becomes invalid or expires. Refresh tokens are issued to the AISP by the authorisation server.
Authorization Codes must be validated by the TPP (AISP/PISP)
The below sets out the steps you should take to use the Al Salam Bank API Exchange
Request Account Information
- The process begins with a PSU consenting to an AISP accessing their account information
Setup Account Access Consent
- The AISP connects to Al Salam Bank’s API Gateway and creates an account-access-consent resource
- This informs Al Salam Bank that one of our PSUs is granting access to account and/or transaction information to an AISP
- Al Salam Bank responds with an identifier for the resource, ConsentId - the intent identifier
- This step is carried out by making a POST request to /account-access-consents endpoint
- The account-access-consent resource will include the fields below which describe data the PSU has consented with the AISP:
- Permissions - a list of data clusters that have been consented for access
- Expiration Date - an expiration for when the AISP will no longer have access to the PSU's data
- Transaction Validity Period - the From/To date range which specifies a historical period for transactions and statements which may be accessed by the AISP
- An AISP may be a broker for data to other parties, and so it is valid for a PSU to have multiple account-access-consents for the same accounts, with different consent/authorisation parameters agreed
Authorise Consent
- The AISP requests the PSU to give its consent to authorise the AISP to deliver services enabling access to account information and to access this information for the designated payment accounts and associated
- The AISP redirects the PSU to the ASPSP
- The redirect includes the ConsentId generated in the previous step
- The PSU will be required to enter his/her CPR, Mobile and CIF and upone successful authinitcation an OTP (One Time Password - 6 digit) will be sent to his/her Bank registered mobile
- This allows the ASPSP to correlate the account-access-consent that was setup
- The ASPSP authenticates the PSU
- The ASPSP updates the state of the account-access-consent resource internally to indicate that the account access consent has been authorised
- Once the consent has been authorised, the PSU is redirected back to the AISP
- The principle is that consent is managed between the PSU and the AISP - the account-access-consent details must not be changed in this step.
- The PSU will only be able to authorise or reject the account-access-consent details in its entirety
- During authorisation, the PSU selects accounts that are authorised for the AISP request in the ASPSP's banking interface
Request Data
- This is carried out by making a GET request the relevant resource
- The unique AccountId(s) that are valid for the consent will be returned with a call to GET /accounts
- This will always be the first call once an AISP has a valid access token
Firstly, you authenticate with us and obtain an Public Token. This token is used later to register payment requests.
Example Post Request
https://ob-dev.alsalambank.com/apigateway/as/token.oauth2
Header Request
Content-Type:application/x-www-form-urlencoded
Body Request
grant_type:client_credentials
scope:accounts
client_assertion_type:urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
client_assertion:eyJhbGciOiJSUzI1NiIsImtpZCI6IjEyMzQ1IiwidHlwIjoiSldUIn0.eyJpc3MiOiJUUFAxIiwiaWF0IjoxNTYwMTUyNDM4LCJleHAiOjE1NjAyNTQ0MDAsImF1ZCI6Imh0dHBzOi8vcGctbXNzcWwubW9zY293LmNtYS5ydTo5ODc2L2FzL3Rva2VuLm9hdXRoMiIsInN1YiI6InM2QmhkUmtxdDMifQ.Sseu8PEDRWFiU-VwBoF9mlWGzjAfWB_Thy_xY5-6lnQkHiHd7qDnYUkfFfdfRvV2HKNRuiMAlv60CkRabZ6ibGbej1xOK_kBd2UfJU6bkpYhigUygDhN8J1zwE3pGLtwA6lgICv0ihELb5S2EWz7A_mXouZoydgytHuUtG1PpujIhaKnlXTDJX010Nrs3HmdrRRDLBcvPdsQHc6-ghNYTT9fAq3bMr2PNwofpvZxoNK2DpAE5Qf1ZY4sPNZAFfp8xkIFXSIX6zRaqo3rbopxKuDbhWKEXP92GIk5IRUhGzZ1j3ZD9GnT_QiBQ_GNpy53bt0f4izSZqhNM7Fg0W99UA
Corresponding Response:
{
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAxIiwic2NvcGUiOiJwYXltZW50cyIsImlzcyI6IkFQSV9HVyIsImV4cCI6MTU2MDI0MjIyMiwiaWF0IjoxNTYwMTU1ODIyfQ.eNpQEwvlHZ09h44N9Ds2j11PfWaldI925aBBQc1UnQVXg1NqDIipbPwqwt9AkU2m7M2HvPnXuxd_LBIKsUlPtz4e5P2fP4bBLa9rmzFCZqwyn8TyOFUd8Uzg4YsP9y2AE_k-MN0Ggd0FFVlLWj1Xcs5YbQxdlnhDKcwhO-4yw946qXQ4jAtA1zuoPwDkzHqojf8iSHQyPvmgvqee8XgpSLG4qEw0QGR6pKQ6VLA4WfLjVnQZVTqyHfAMA7wxS65ZhmspM6mq2xcd52BDyOw7QaecB8Tz6APt-86o7fwxQBg8YsP_Rk2sLoUdCxkePG6dwXn1pyd3WsaSGWi5oBMaNg",
"expires_in": 86400,
"token_type": "bearer",
"scope": "accounts"
}
Then we need register new consent using retrieved public token. In this step we will be redirected to AuthPage for consents authorization and in case of successful authorization will be issue authorized key which will be change on resource token (This will be used in the next query as/token.oauth2)
Example Post Request
https://ob-dev.alsalambank.com/apigateway/bobf/release1.0.0/account-access-consents
Header Request
Content-Type:application/json
Authorization:Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAxIiwic2NvcGUiOiJwYXltZW50cyIsImlzcyI6IkFQSV9HVyIsImV4cCI6MTU2MDI0MjIyMiwiaWF0IjoxNTYwMTU1ODIyfQ.eNpQEwvlHZ09h44N9Ds2j11PfWaldI925aBBQc1UnQVXg1NqDIipbPwqwt9AkU2m7M2HvPnXuxd_LBIKsUlPtz4e5P2fP4bBLa9rmzFCZqwyn8TyOFUd8Uzg4YsP9y2AE_k-MN0Ggd0FFVlLWj1Xcs5YbQxdlnhDKcwhO-4yw946qXQ4jAtA1zuoPwDkzHqojf8iSHQyPvmgvqee8XgpSLG4qEw0QGR6pKQ6VLA4WfLjVnQZVTqyHfAMA7wxS65ZhmspM6mq2xcd52BDyOw7QaecB8Tz6APt-86o7fwxQBg8YsP_Rk2sLoUdCxkePG6dwXn1pyd3WsaSGWi5oBMaNg
Body Request
{
"Data": {
"Permissions": [
"ReadAccountsBasic",
"ReadAccountsDetail",
"ReadBalances",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail",
"ReadDirectDebits",
"ReadOffers",
"ReadPAN",
"ReadParty",
"ReadSupplementaryAccountInfo",
"ReadFutureDatedPaymentsBasic",
"ReadFutureDatedPaymentsDetail",
"ReadStandingOrdersBasic",
"ReadStandingOrdersDetail",
"ReadStatementsBasic",
"ReadStatementsDetail",
"ReadTransactionsBasic",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadTransactionsDetail"
],
"TransactionFromDateTime": "2021-05-22T07:05:34.327+03:00",
"TransactionToDateTime": "2021-05-23T07:05:34.327+03:00"
}
}
Corresponding Response:
{
"Data": {
"ConsentId": "glBChqDKSK2SkOUS3n1pOQ",
"Status": "AwaitingAuthorisation",
"StatusUpdateDateTime": "2021-05-22T17:45:04.004Z",
"CreationDateTime": "2021-05-22T17:45:04.004Z",
"Permissions": [
"ReadAccountsBasic",
"ReadAccountsDetail",
"ReadBalances",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail",
"ReadDirectDebits",
"ReadOffers",
"ReadPAN",
"ReadParty",
"ReadSupplementaryAccountInfo",
"ReadFutureDatedPaymentsBasic",
"ReadFutureDatedPaymentsDetail",
"ReadStandingOrdersBasic",
"ReadStandingOrdersDetail",
"ReadStatementsBasic",
"ReadStatementsDetail",
"ReadTransactionsBasic",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadTransactionsDetail"
],
"TransactionFromDateTime": "2021-05-22T04:10:27.027Z",
"TransactionToDateTime": "2021-05-23T04:10:27.027Z"
},
"Links": {
"Self": "https://ob-dev.alsalambank.com/authpage/consentId/glBChqDKSK2SkOUS3n1pOQ"
}
}
And code response
ZXlKaGJHY2lPaUpTVXpVeE1pSjkuZXlKcGMzTWlPaUpVVFZOY0wxZ2lMQ0p6ZFdJaU9pSmhkWFJvWDJOdlpHVWlMQ0pqYjI1elpXNTBTV1FpT2lKNmRIVmpOM1ZWTWxSMVMyRkdMVWRIVVdSalRsOVJJaXdpWlhod0lqb3hOakl4Tnprek16Y3dMQ0pwWVhRaU9qRTJNakUzTURZNU56QjkuVHpTNEFHRWxJTWlGRmZwd3FNWlY3Vno0VEM1d3NiSUJLNjZiZmhfV19EOGdNNUphNnhGZng0QklWa1F1eUk2MDhhUDdSZVBkYlc4aWJfMHY1VGZjcUJiLU9HNEpNeTd5azRJaV9IWTlHTlBkRUpHc2pCREtFdUVhY0JzaXdkU05JUTl4YmJMM2lxTUVKN0ZKWXgtT2JJN09HbXpsRE5QWW5vWEF2U2lZcEM3a1RkbzJvNnQ1T2RfX1BxdV9NdWQyWEtmNndnWmFJbWc0NG1RaHNjMF91SF9VbHFrT0xHZ2VMUXY0eWRNZkJjU2g3MDBTYU9SUE13WHl5VklJR2NPYVhCRGlSQS0zN1FzR1J4OXdzUWpnWkpRWFRiaVRwMDNRckxaLU5MY3htN21JeHUwTkVCdUctT1FsM0lyWlhTMC1nQzVsR1gwQndQZXdRMXZhbEJ1RGhR
This example post request describe how to exchange authorized key to resource token
Example Post Request
https://ob-dev.alsalambank.com/apigateway/as/token.oauth2
Header Request
Content-Type:application/x-www-form-urlencoded
Body Request
grant_type:authorization_code
code:ZXlKaGJHY2lPaUpTVXpVeE1pSjkuZXlKemRXSWlPaUpoZFhSb1gyTnZaR1VpTENKamIyNXpaVzUwU1dRaU9pSnNXRGRFTFVWcU5GUnlObEZ1T0VkM1lsZFZOVVpCSWl3aWFYTnpJam9pVkUxVFhDOVlJaXdpWlhod0lqb3hOVFl3TWpReU5EUXdMQ0pwWVhRaU9qRTFOakF4TlRZd05EQjkubHc4NEVPYjZFVDJ2R0RSTU1rSHdxRWQwczVDc3FKanRjcUpkSDdjNGZLR1FGdm0tbVpLR0dOekdmS3hXTDNIZ3BxY21iMjJJNEtkN2RSVk0tcFpKVWZCZVR5ZVFuNWd1V3NFdmt6N3QzdHByazJoQmtzVC1GOE00S2hKNUhFSGt5dlpyVkExQ19VaGxVVDJoT2ZCbnRtZkxHd3JGam5vQUNmNEt4Rk9IMWtLY3p1MXVUbzBKbzJuVWI4UzFNb0U2U1JYREJvUkk5aldEZ3NyelAxaFdFeldXdDhJU3pHcWVuWHVMbm80X05MNjdPdWRRbERYaTlOeWpJU1FTZndwTTlCT2Y2VkRpejdCTHVpNTJpbmtFYTZxeEVwOG9SMWdQcTRPaXJKS1ZuZmRjQUhyUDVJa0haRjE4Z3JKUXVtd1NxYWhMZ0E0VFNYOFoxcjhzZkpzR3h3
client_assertion_type:urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
client_assertion:eyJhbGciOiJSUzI1NiIsImtpZCI6IjEyMzQ1IiwidHlwIjoiSldUIn0.eyJpc3MiOiJUUFAxIiwiaWF0IjoxNTYwMTUyNDM4LCJleHAiOjE1NjAyNTQ0MDAsImF1ZCI6Imh0dHBzOi8vcGctbXNzcWwubW9zY293LmNtYS5ydTo5ODc2L2FzL3Rva2VuLm9hdXRoMiIsInN1YiI6InM2QmhkUmtxdDMifQ.Sseu8PEDRWFiU-VwBoF9mlWGzjAfWB_Thy_xY5-6lnQkHiHd7qDnYUkfFfdfRvV2HKNRuiMAlv60CkRabZ6ibGbej1xOK_kBd2UfJU6bkpYhigUygDhN8J1zwE3pGLtwA6lgICv0ihELb5S2EWz7A_mXouZoydgytHuUtG1PpujIhaKnlXTDJX010Nrs3HmdrRRDLBcvPdsQHc6-ghNYTT9fAq3bMr2PNwofpvZxoNK2DpAE5Qf1ZY4sPNZAFfp8xkIFXSIX6zRaqo3rbopxKuDbhWKEXP92GIk5IRUhGzZ1j3ZD9GnT_QiBQ_GNpy53bt0f4izSZqhNM7Fg0W99UA
Responce
{
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJjb25zZW50SWQiOiJ6dHVjN3VVMlR1S2FGLUdHUWRjTl9RIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxNzkzNTk4LCJ0b2tlbl90eXBlIjoiUkVTT1VSQ0UiLCJpYXQiOjE2MjE3MDcxOTh9.AuaiJIJRezTXeDZXWfqWjDZBiqIfaA3t6Ekf2oGvT5AAXpxYPbNBpl7Gr2kBpQqpoVCKGIPVxDee6QJVQgQm_s1dLB21lDg6v3xKKAlTehqnWUE_8177DWhu0KUNXWwpt3GeEnbJOSC6jlbEmeISs30tx2r4N9L4UtqzWTNdMCFxB22z-gPUxd7-AhHm0FN7Z86CH4HyaYClvxLs4_3OqJluBJTqREEJNbINgQUwxzalinVYbQY5qn-fXra5fkCoTomWaDVyCbGgXm-mydfos-Gm_QuyhF-s-xhIladdmhHq8e1ljauu4MQ4gC_aLDfYL7Xv2DIlEm30rOeSLyHNeA",
"expires_in": 86400,
"token_type": "bearer",
"refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJjb25zZW50SWQiOiJ6dHVjN3VVMlR1S2FGLUdHUWRjTl9RIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODc5OTk4LCJ0b2tlbl90eXBlIjoiUkVGUkVTSCIsImlhdCI6MTYyMTcwNzE5OH0.XiPAHiZPX6qYaM6C8_udM7aPdE1XRrdy5ZvTfAoxbUXHXOejVvBO6ZLpqkyuuE4EqbZqoIt07_q-2a8lVICNZTixco6DIDplB9tI5Ly3MQnFq4-yvP7Uoi-FcBpYMPXFnkOXY2QIf5C220N2GOKQkRD8NlxDZNThGqqzWsyaMhAFw78qz0gW6sP19u0RIoWNKm0ZC1dkriLYo_HGjv2CXul7VtM_cNMUJELBECzaUUWGmIRICTJUgr-X_YEbm7TinxF-PNzworUlzhyiINeoCvKiQkScHmFCWhYTU66MY5R36SnmnDzyAdL8oyDfXTTxeICEBKKDwCcSIkeQmpA4aA"
}
In last step we will use resource token to get resource URLs via get request
Example Get Request
https://ob-dev.alsalambank.com/apigateway/bobf/release1.0.0/accounts
Header Request
Content-Type:application/json
Authorization:Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAxIiwiY29uc2VudElkIjoibFg3RC1FajRUcjZRbjhHd2JXVTVGQSIsImlzcyI6IkFQSV9HVyIsImV4cCI6MTU2MDI0MjUyMSwiaWF0IjoxNTYwMTU2MTIxfQ.HHDDSZgo4OYuH1H2BTXfYg0dWal9LOGiUx0crlxaZDzxJ4GxnEJIeWctkllD_8XcN-DlGih2R3aMmJdIqi0Dk5wvOU3nv0DN50nKTbTdjzce4DLFL2nYV21lhv0xNHKx5nG6DWXfAdLt3p_MrgMR_PO3i-4tzOrpU_QASWnlczfdxbZYbauscWdXksoaMAnVxvwqXT4TjPtCdVfm3YKSSHfC9U-698c16r0uAXZ2gmzA0GnWGqbfyv8gwV6bRY8rBv4R7huEoK0OUZtUL6NF8xbLTCJ3hHN6Gjm9kpdj-5j8fjYYbd3TgfO5Dlc_v5POrWva5E6tFlI4fJCAJET96Q
Responce
{
"Data": {
"Account": [
{
"AccountId": "dBuwH2xDSPKhiA0DQkjWaw",
"Status": "Enabled",
"Currency": "BHD",
"AccountType": "Personal",
"AccountSubType": "SAVINGS",
"Nickname": "Name-1 106976",
"Account": [
{
"SchemeName": "BH.OBF.IBAN",
"Identification": "BH13ALSA00106976100100"
}
],
"Servicer": {
"SchemeName": "BH.OBF.BICFI",
"Identification": "ALSABHB0"
}
}
]
}
}
APIs are grouped into API products, each with a subset of the API endpoints exposed as part of the banking APIs. Check out the products, API signatures, parameters, and response structure to understand the APIs from a functional perspective.
Account information APIs provide information for accounts held by the bank customer. Information is categorized into:
| Link | Resource | Endpoints |
|---|---|---|
| Account Access Consent | account-access-consents | POST /bobf/release1.0.0/account-access-consents |
| account-access-consents | GET /bobf/release1.0.0/account-access-consents/ | |
| account-access-consents | PATCH /bobf/release1.0.0/account-access-consents/ | |
| Accounts | accounts | GET /bobf/release1.0.0/accounts |
| accounts | GET /bobf/release1.0.0/accounts/ | |
| Balances | balances | GET /bobf/release1.0.0/accounts/{AccountId}/balances |
| balances | GET /bobf/release1.0.0/balances | |
| Transactions | transactions | GET /bobf/release1.0.0/accounts/{AccountId}/transactions |
| transactions | GET /bobf/release1.0.0/transactions | |
| Beneficiaries | beneficiaries | GET /bobf/release1.0.0/accounts/{AccountId}/beneficiaries |
| beneficiaries | GET /bobf/release1.0.0/beneficiaries | |
| Direct Debits | direct-debits | GET /bobf/release1.0.0/accounts/{AccountId}/direct-debits |
| direct-debits | GET /bobf/release1.0.0/direct-debits | |
| Standing Orders | standing-orders | GET /bobf/release1.0.0/accounts/{AccountId}/standing-orders |
| standing-orders | GET /bobf/release1.0.0/standing-orders | |
| Statements | statements | GET /bobf/release1.0.0/accounts/{AccountId}/statements |
| statements | GET /bobf/release1.0.0/accounts/{AccountId}/statements/ | |
| statements | GET /bobf/release1.0.0/accounts/{AccountId}/statements/{StatementId}/file | |
| transactions | GET /bobf/release1.0.0/accounts/{AccountId}/statements/{StatementId}/transactions | |
| statements | GET /bobf/release1.0.0/statements | |
| Sharing Product Details | sharing product details | GET /bobf/release1.0.0/sharing-product-details |
This API resource can be used to send an account initiation request. This allows the AISP to ask an ASPSP to create a new account-access-consent resource.
account-access-consent resource and responds with a unique ConsentId to refer to the resource.AwaitingAuthorisation.The API allows the AISP to ask an ASPSP to create a new account-access-consent resource.
This API effectively allows the AISP to send a copy of the consent to the ASPSP to authorise access to account and transaction information.
An AISP is not able to pre-select a set of accounts for account-access-consent authorisation. This is because the behaviour of the pre-selected accounts, after authorisation, is not clear from a legal perspective.
An ASPSP creates the account-access-consent resource and responds with a unique ConsentId to refer to the resource.
Prior to calling the API, the AISP must have an access token issued by the ASPSP using a client credentials grant.
An example initiating request
https://ob-dev.alsalambank.com/authpage/bobf/release1.0.0/account-access-consents
Request Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJzY29wZSI6ImFjY291bnRzIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODQ3ODY3LCJ0b2tlbl90eXBlIjoiUFVCTElDIiwiaWF0IjoxNjIxNzYxNDY3fQ.m92fBPN2ieinn2RrpGlhytUbASbDf5fu3R-97nkWxsSN_CLmzDFn4czxW2uZ1VhHhfY_RcMfCcg-ghamdxZBN1csQKkHJUcM7UIiaORtNl9UFotoNCLM73pOQZOthwMgqs7u-frCv8Om4qJZTO-21hqGWifH3ErPcgMSXGLhiLaGhGkJBGyML34AR6c7NkaVna-_jR8qoUsH5EJFvmQUSWrw93jBbLx3bZAXdt6HrvFwDss1DzIyxm62LcaDkDZDZ5HKGRJvqCh06-au7lhyYpPESg62vEYhm6IMsmMLTJapepbfWmbrdD6LhV4y5eBGLLV7JnYnI6jMvdp3rwo8hQ
Accept: application/json
Content-Type:application/json
An example initiating request body:
{
"Data": {
"Permissions": [
"ReadAccountsBasic",
"ReadAccountsDetail",
"ReadBalances",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail",
"ReadDirectDebits",
"ReadOffers",
"ReadPAN",
"ReadParty",
"ReadSupplementaryAccountInfo",
"ReadFutureDatedPaymentsBasic",
"ReadFutureDatedPaymentsDetail",
"ReadStandingOrdersBasic",
"ReadStandingOrdersDetail",
"ReadStatementsBasic",
"ReadStatementsDetail",
"ReadTransactionsBasic",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadTransactionsDetail"
],
"TransactionFromDateTime": "2021-05-22T07:05:34.327+03:00",
"TransactionToDateTime": "2021-05-23T07:05:34.327+03:00"
}
}
A sample successful response:
{
"Data": {
"ConsentId": "PTmhIm9kTjq1LK49u8PI-A",
"Status": "AwaitingAuthorisation",
"StatusUpdateDateTime": "2021-05-23T09:18:18.018Z",
"CreationDateTime": "2021-05-23T09:18:18.018Z",
"Permissions": [
"ReadAccountsBasic",
"ReadAccountsDetail",
"ReadBalances",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail",
"ReadDirectDebits",
"ReadOffers",
"ReadPAN",
"ReadParty",
"ReadSupplementaryAccountInfo",
"ReadFutureDatedPaymentsBasic",
"ReadFutureDatedPaymentsDetail",
"ReadStandingOrdersBasic",
"ReadStandingOrdersDetail",
"ReadStatementsBasic",
"ReadStatementsDetail",
"ReadTransactionsBasic",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadTransactionsDetail"
],
"TransactionFromDateTime": "2021-05-22T04:10:27.027Z",
"TransactionToDateTime": "2021-05-23T04:10:27.027Z"
},
"Links": {
"Self": "https://ob-dev.alsalambank.com/authpage/consentId/PTmhIm9kTjq1LK49u8PI-A"
}
}
Account Access Consent Status
The PSU must authenticate with the ASPSP and authorise the account-access-consent for the account-access-consent to be successfully setup.
The account-access-consent resource that is created successfully must have the following Status code-list enumeration:
AwaitingAuthorisation: The account access consent is awaiting authorisation.
After authorisation has taken place the account-access-consent resource may have these following statuses.
Rejected: The account access consent has been rejected.
Authorised: The account access consent has been successfully authorised.
Revoked: The account access consent has been revoked via the ASPSP interface.
An AISP may optionally retrieve an account-access-consent resource that they have created to check its status.
Prior to calling the API, the AISP must have an access token issued by the ASPSP using a client credentials grant.
The usage of this API endpoint will be subject to an ASPSP's fair usage policies.
Account Access Consent Status
Once the PSU authorises the account-access-consent resource - the Status of the account-access-consent resource will be updated with "Authorised".
The available Status code-list enumerations for the account-access-consent resource are:
| Status | Status Description | |
|---|---|---|
| 1 | Rejected | The account access consent has been rejected. |
| 2 | AwaitingAuthorisation | The account access consent is awaiting authorisation. |
| 3 | Authorised | The account access consent has been successfully authorised. |
| 4 | Revoked | The account access consent has been revoked via the ASPSP interface. |
An example initiating request body:
https://ob-dev.alsalambank.com/authpage/account-access-consents/4ZLw3hVjTBGe6oYW0aooiQ
Request Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJzY29wZSI6ImFjY291bnRzIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODQ3ODY3LCJ0b2tlbl90eXBlIjoiUFVCTElDIiwiaWF0IjoxNjIxNzYxNDY3fQ.m92fBPN2ieinn2RrpGlhytUbASbDf5fu3R-97nkWxsSN_CLmzDFn4czxW2uZ1VhHhfY_RcMfCcg-ghamdxZBN1csQKkHJUcM7UIiaORtNl9UFotoNCLM73pOQZOthwMgqs7u-frCv8Om4qJZTO-21hqGWifH3ErPcgMSXGLhiLaGhGkJBGyML34AR6c7NkaVna-_jR8qoUsH5EJFvmQUSWrw93jBbLx3bZAXdt6HrvFwDss1DzIyxm62LcaDkDZDZ5HKGRJvqCh06-au7lhyYpPESg62vEYhm6IMsmMLTJapepbfWmbrdD6LhV4y5eBGLLV7JnYnI6jMvdp3rwo8hQ
Accept: application/json
Content-Type:application/json
A sample successful response:
{
"Data": {
"ConsentId": "CnzJtO4sQeGwr4NxfSDEPQ",
"Status": "Revoked",
"StatusUpdateDateTime": "2021-04-28T09:28:55.055Z",
"CreationDateTime": "2021-04-28T09:28:55.055Z",
"Permissions": [
"ReadAccountsBasic",
"ReadAccountsDetail",
"ReadBalances",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail",
"ReadDirectDebits",
"ReadOffers",
"ReadPAN",
"ReadParty",
"ReadSupplementaryAccountInfo",
"ReadFutureDatedPaymentsBasic",
"ReadFutureDatedPaymentsDetail",
"ReadStandingOrdersBasic",
"ReadStandingOrdersDetail",
"ReadStatementsBasic",
"ReadStatementsDetail",
"ReadTransactionsBasic",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadTransactionsDetail"
],
"TransactionFromDateTime": "2020-03-17T04:10:27.027Z",
"TransactionToDateTime": "2020-05-17T04:10:27.027Z"
},
"Links": {
"Self": "https://ob-dev.alsalambank.com/authpage/consentId/CnzJtO4sQeGwr4NxfSDEPQ"
}
}
If the PSU revokes consent to data access with the AISP, the AISP must delete the account-access-consent resource with the ASPSP before confirming consent revocation with the PSU.
ConsentId should be passed as a path parameter.Revoked.For account Access Consents resource successfully deleted will be delete request:
https://ob-dev.alsalambank.com/authpage/bobf/release1.0.0/account-access-consents/PTmhIm9kTjq1LK49u8PI-A
Request Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJzY29wZSI6ImFjY291bnRzIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODQ3ODY3LCJ0b2tlbl90eXBlIjoiUFVCTElDIiwiaWF0IjoxNjIxNzYxNDY3fQ.m92fBPN2ieinn2RrpGlhytUbASbDf5fu3R-97nkWxsSN_CLmzDFn4czxW2uZ1VhHhfY_RcMfCcg-ghamdxZBN1csQKkHJUcM7UIiaORtNl9UFotoNCLM73pOQZOthwMgqs7u-frCv8Om4qJZTO-21hqGWifH3ErPcgMSXGLhiLaGhGkJBGyML34AR6c7NkaVna-_jR8qoUsH5EJFvmQUSWrw93jBbLx3bZAXdt6HrvFwDss1DzIyxm62LcaDkDZDZ5HKGRJvqCh06-au7lhyYpPESg62vEYhm6IMsmMLTJapepbfWmbrdD6LhV4y5eBGLLV7JnYnI6jMvdp3rwo8hQ
Accept: application/json
Content-Type:application/json
A sample successful response:
{
"Data": {
"ConsentId": "PTmhIm9kTjq1LK49u8PI-A",
"Status": "Revoked",
"StatusUpdateDateTime": "2021-05-23T09:18:18.018Z",
"CreationDateTime": "2021-05-23T09:18:18.018Z",
"Permissions": [
"ReadAccountsBasic",
"ReadAccountsDetail",
"ReadBalances",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail",
"ReadDirectDebits",
"ReadOffers",
"ReadPAN",
"ReadParty",
"ReadSupplementaryAccountInfo",
"ReadFutureDatedPaymentsBasic",
"ReadFutureDatedPaymentsDetail",
"ReadStandingOrdersBasic",
"ReadStandingOrdersDetail",
"ReadStatementsBasic",
"ReadStatementsDetail",
"ReadTransactionsBasic",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadTransactionsDetail"
],
"TransactionFromDateTime": "2021-05-22T04:10:27.027Z",
"TransactionToDateTime": "2021-05-23T04:10:27.027Z"
},
"Links": {
"Self": "https://ob-dev.alsalambank.com/authpage/consentId/PTmhIm9kTjq1LK49u8PI-A"
}
}
Read Accounts Detail
The call to GET /bobf/release1.0.0/accounts is the first step after an account-request is authorised. This will allow the AISP to discover which accounts (and AccountId values) are associated with the authorisation of consent.
In this scenario, AccountId Zz83yzNPQv6u5aWQbCwQWQ has a building society roll number;
The ReadAccountsBasic permission has been granted.
Get Bulk Accounts Request
https://ob-dev.alsalambank.com/apigatway/bobf/release1.0.0/accounts
Request Headers
Authorization: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJjb25zZW50SWQiOiJ6THk2TDlYelRqNktnYlBLTFpRTnVnIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODUwNDYyLCJ0b2tlbl90eXBlIjoiUkVTT1VSQ0UiLCJpYXQiOjE2MjE3NjQwNjJ9.BlpNU7DL41EtU1RGRTlKtsy650YadcWyPzUXiXNI7zmLxmjqdrSsd32_v7Pe_YhjWZ1tG33OORLpjA-f76e1WBd3zm4L43bQ4BtMY2AVC9g_BSpzytBTm3QNvB6e-FL_yrBJOpCoaVDcLDpGxq7Z-kUI5esNpD3GvJyHUgBGe8t8wCvcUY45j_pKqvYsXvZ9Gjitv-ig7vSs5iBzvfXPHeUtDn4bL_AbideRS54DPVZIZMFjvocfcWQVy2JNXvCX1r_5Yh6uGqlIGuHynZUZGKakyP9eHejz8fcT-mO9R-YD2GaHZ-wGcP2mtd2oBVAh17oLJJ-R66qIAgcnGa7D_A
Accept: application/json
Get Accounts Response
{
"Data": {
"Account": [
{
"AccountId": "Zz83yzNPQv6u5aWQbCwQWQ",
"Status": "Enabled",
"Currency": "BHD",
"AccountType": "Personal",
"AccountSubType": "SAVINGS",
"Nickname": "Name-1 106976",
"Account": [
{
"SchemeName": "BH.OBF.IBAN",
"Identification": "BH13ALSA00106976100100"
}
],
"Servicer": {
"SchemeName": "BH.OBF.BICFI",
"Identification": "ALSABHB0"
}
}
]
}
}
Specific Account - Detail Permission
An AISP may also retrieve the account resource details specifically for AccountId Zz83yzNPQv6u5aWQbCwQWQ.
The ReadAccountsDetail permission has been granted.
Get Accounts Request
https://ob-dev.alsalambank.com/apigatway/bobf/release1.0.0/accounts/Zz83yzNPQv6u5aWQbCwQWQ
Request Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJjb25zZW50SWQiOiJ6THk2TDlYelRqNktnYlBLTFpRTnVnIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODUwNDYyLCJ0b2tlbl90eXBlIjoiUkVTT1VSQ0UiLCJpYXQiOjE2MjE3NjQwNjJ9.BlpNU7DL41EtU1RGRTlKtsy650YadcWyPzUXiXNI7zmLxmjqdrSsd32_v7Pe_YhjWZ1tG33OORLpjA-f76e1WBd3zm4L43bQ4BtMY2AVC9g_BSpzytBTm3QNvB6e-FL_yrBJOpCoaVDcLDpGxq7Z-kUI5esNpD3GvJyHUgBGe8t8wCvcUY45j_pKqvYsXvZ9Gjitv-ig7vSs5iBzvfXPHeUtDn4bL_AbideRS54DPVZIZMFjvocfcWQVy2JNXvCX1r_5Yh6uGqlIGuHynZUZGKakyP9eHejz8fcT-mO9R-YD2GaHZ-wGcP2mtd2oBVAh17oLJJ-R66qIAgcnGa7D_A
Accept: application/json
Get Accounts Response
{
"Data": {
"Account": [
{
"AccountId": "Zz83yzNPQv6u5aWQbCwQWQ",
"Status": "Enabled",
"Currency": "BHD",
"AccountType": "Personal",
"AccountSubType": "SAVINGS",
"Nickname": "Name-1 106976",
"Account": [
{
"SchemeName": "BH.OBF.IBAN",
"Identification": "BH13ALSA00106976100100"
}
],
"Servicer": {
"SchemeName": "BH.OBF.BICFI",
"Identification": "ALSABHB0"
}
}
]
}
}
If an ASPSP has implemented the bulk retrieval endpoints, an AISP may optionally retrieve the account information resources in bulk.
This will retrieve the resources for all authorised accounts linked to the account-request.
The ReadBalances permission has been granted.
An example initiating request body:
https://ob-dev.alsalambank.com/apigatway/bobf/release1.0.0/balances
Request Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJjb25zZW50SWQiOiJ6THk2TDlYelRqNktnYlBLTFpRTnVnIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODUwNDYyLCJ0b2tlbl90eXBlIjoiUkVTT1VSQ0UiLCJpYXQiOjE2MjE3NjQwNjJ9.BlpNU7DL41EtU1RGRTlKtsy650YadcWyPzUXiXNI7zmLxmjqdrSsd32_v7Pe_YhjWZ1tG33OORLpjA-f76e1WBd3zm4L43bQ4BtMY2AVC9g_BSpzytBTm3QNvB6e-FL_yrBJOpCoaVDcLDpGxq7Z-kUI5esNpD3GvJyHUgBGe8t8wCvcUY45j_pKqvYsXvZ9Gjitv-ig7vSs5iBzvfXPHeUtDn4bL_AbideRS54DPVZIZMFjvocfcWQVy2JNXvCX1r_5Yh6uGqlIGuHynZUZGKakyP9eHejz8fcT-mO9R-YD2GaHZ-wGcP2mtd2oBVAh17oLJJ-R66qIAgcnGa7D_A
Accept: application/json
A sample successful response:
{
"Data": {
"Balance": [
{
"AccountId": "Zz83yzNPQv6u5aWQbCwQWQ",
"Amount": {
"Amount": "273.102",
"Currency": "BHD"
},
"CreditDebitIndicator": "Credit",
"Type": "Information",
"DateTime": "2021-05-23T13:11:00.117+03:00[Europe/Moscow]"
}
]
},
"Links": null
}
An AISP may retrieve the account balance information resource for a specific AccountId (which is retrieved in the call to GET /bobf/release1.0.0/accounts).
The ReadBalances permission has been granted.
Get Account Balances Request
https://ob-dev.alsalambank.com/apigatway/bobf/release1.0.0/accounts/Zz83yzNPQv6u5aWQbCwQWQ/balances
Request Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJjb25zZW50SWQiOiJ6THk2TDlYelRqNktnYlBLTFpRTnVnIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODUwNDYyLCJ0b2tlbl90eXBlIjoiUkVTT1VSQ0UiLCJpYXQiOjE2MjE3NjQwNjJ9.BlpNU7DL41EtU1RGRTlKtsy650YadcWyPzUXiXNI7zmLxmjqdrSsd32_v7Pe_YhjWZ1tG33OORLpjA-f76e1WBd3zm4L43bQ4BtMY2AVC9g_BSpzytBTm3QNvB6e-FL_yrBJOpCoaVDcLDpGxq7Z-kUI5esNpD3GvJyHUgBGe8t8wCvcUY45j_pKqvYsXvZ9Gjitv-ig7vSs5iBzvfXPHeUtDn4bL_AbideRS54DPVZIZMFjvocfcWQVy2JNXvCX1r_5Yh6uGqlIGuHynZUZGKakyP9eHejz8fcT-mO9R-YD2GaHZ-wGcP2mtd2oBVAh17oLJJ-R66qIAgcnGa7D_A
Accept: application/json
A sample successful response:
{
"Data": {
"Balance": [
{
"AccountId": "Zz83yzNPQv6u5aWQbCwQWQ",
"Amount": {
"Amount": "273.102",
"Currency": "BHD"
},
"CreditDebitIndicator": "Credit",
"Type": "Information",
"DateTime": "2021-05-23T13:12:13.539+03:00[Europe/Moscow]"
}
]
},
"Links": null
}
An AISP may retrieve the transaction resource for a specific AccountId (which is retrieved in the call to GET /bobf/release1.0.0/accounts).
The ReadTransactionsBasic permission has been granted.
An example initiating request:
https://ob-dev.alsalambank.com/apigatway/bobf/release1.0.0/transactions
Request Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJjb25zZW50SWQiOiJ6THk2TDlYelRqNktnYlBLTFpRTnVnIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODUwNDYyLCJ0b2tlbl90eXBlIjoiUkVTT1VSQ0UiLCJpYXQiOjE2MjE3NjQwNjJ9.BlpNU7DL41EtU1RGRTlKtsy650YadcWyPzUXiXNI7zmLxmjqdrSsd32_v7Pe_YhjWZ1tG33OORLpjA-f76e1WBd3zm4L43bQ4BtMY2AVC9g_BSpzytBTm3QNvB6e-FL_yrBJOpCoaVDcLDpGxq7Z-kUI5esNpD3GvJyHUgBGe8t8wCvcUY45j_pKqvYsXvZ9Gjitv-ig7vSs5iBzvfXPHeUtDn4bL_AbideRS54DPVZIZMFjvocfcWQVy2JNXvCX1r_5Yh6uGqlIGuHynZUZGKakyP9eHejz8fcT-mO9R-YD2GaHZ-wGcP2mtd2oBVAh17oLJJ-R66qIAgcnGa7D_A
Accept: application/json
A sample successful response:
{
"Data": {
"Transaction": [
{
"AccountId": "Zz83yzNPQv6u5aWQbCwQWQ",
"TransactionReference": "TT183440",
"Amount": {
"Amount": "2200.00000",
"Currency": "BHD"
},
"CreditDebitIndicator": "Debit",
"Status": "Booked",
"BookingDateTime": "2018-12-10T13:50:00+0000",
"TransactionInformation": "Cash Withdrawal-TT183440",
"DebtorAgent": {
"SchemeName": "BH.OBF.BICFI",
"Identification": "ALSABHB0"
},
"DebtorAccount": {
"SchemeName": "BH.OBF.IBAN",
"Identification": "00106976100100"
}
}
]
},
"Links": null
}
If an ASPSP has implemented the bulk retrieval endpoints, an AISP may optionally retrieve the transactions in bulk.
This will retrieve the resources for all authorised accounts linked to the account-request.
The ReadTransactionsDetail permission has been granted.
Data Model
The OBReadTransaction5 object will be used for the call to:
Resource Definition
A resource that describes a posting to an account that results in an increase or decrease to a balance.
For a specific date range, an account (AccountId) may have no transactions booked, or may have multiple transactions booked.
The ASPSP must treat the following as valid input:
In the above situations, the ASPSP must return data for the remaining valid period specified by the filter.
An example initiating request body:
https://ob-dev.alsalambank.com/apigatway/bobf/release1.0.0/accounts/Zz83yzNPQv6u5aWQbCwQWQ/transactions
Request Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJjb25zZW50SWQiOiJ6THk2TDlYelRqNktnYlBLTFpRTnVnIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODUwNDYyLCJ0b2tlbl90eXBlIjoiUkVTT1VSQ0UiLCJpYXQiOjE2MjE3NjQwNjJ9.BlpNU7DL41EtU1RGRTlKtsy650YadcWyPzUXiXNI7zmLxmjqdrSsd32_v7Pe_YhjWZ1tG33OORLpjA-f76e1WBd3zm4L43bQ4BtMY2AVC9g_BSpzytBTm3QNvB6e-FL_yrBJOpCoaVDcLDpGxq7Z-kUI5esNpD3GvJyHUgBGe8t8wCvcUY45j_pKqvYsXvZ9Gjitv-ig7vSs5iBzvfXPHeUtDn4bL_AbideRS54DPVZIZMFjvocfcWQVy2JNXvCX1r_5Yh6uGqlIGuHynZUZGKakyP9eHejz8fcT-mO9R-YD2GaHZ-wGcP2mtd2oBVAh17oLJJ-R66qIAgcnGa7D_A
Accept: application/json
A sample successful response:
{
"Data": {
"Transaction": [
{
"AccountId": "Zz83yzNPQv6u5aWQbCwQWQ",
"TransactionReference": "TT183440",
"Amount": {
"Amount": "2200.00000",
"Currency": "BHD"
},
"CreditDebitIndicator": "Debit",
"Status": "Booked",
"BookingDateTime": "2018-12-10T13:50:00+0000",
"TransactionInformation": "Cash Withdrawal-TT183440",
"DebtorAgent": {
"SchemeName": "BH.OBF.BICFI",
"Identification": "ALSABHB0"
},
"DebtorAccount": {
"SchemeName": "BH.OBF.IBAN",
"Identification": "00106976100100"
}
}
]
},
"Links": null
}
The ReadBeneficiariesBasic permission has been granted.
An example initiating request body:
https://ob-dev.alsalambank.com/apigatway/bobf/release1.0.0/beneficiaries
Request Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJjb25zZW50SWQiOiJ6THk2TDlYelRqNktnYlBLTFpRTnVnIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODUwNDYyLCJ0b2tlbl90eXBlIjoiUkVTT1VSQ0UiLCJpYXQiOjE2MjE3NjQwNjJ9.BlpNU7DL41EtU1RGRTlKtsy650YadcWyPzUXiXNI7zmLxmjqdrSsd32_v7Pe_YhjWZ1tG33OORLpjA-f76e1WBd3zm4L43bQ4BtMY2AVC9g_BSpzytBTm3QNvB6e-FL_yrBJOpCoaVDcLDpGxq7Z-kUI5esNpD3GvJyHUgBGe8t8wCvcUY45j_pKqvYsXvZ9Gjitv-ig7vSs5iBzvfXPHeUtDn4bL_AbideRS54DPVZIZMFjvocfcWQVy2JNXvCX1r_5Yh6uGqlIGuHynZUZGKakyP9eHejz8fcT-mO9R-YD2GaHZ-wGcP2mtd2oBVAh17oLJJ-R66qIAgcnGa7D_A
Accept: application/json
A sample successful response:
{
"Data": {
"Beneficiary": [
{
"AccountId": "rvLMP0Y1T1uItFyryIwqYQ",
"BeneficiaryId": "2247",
"Reference": "Installment",
"CreditorAccount": {
"SchemeName": "BH.OBF.IBAN",
"Identification": "BH10XYZU00100000005698",
"Name": "Khalid Ahmed Ali"
}
},
{
"AccountId": "rvLMP0Y1T1uItFyryIwqYQ",
"BeneficiaryId": "1567",
"Reference": "Investment",
"CreditorAccount": {
"SchemeName": "BH.OBF.IBAN",
"Identification": " BH10XYZU00100000008876",
"Name": "Ali Hassan Mohammed"
}
}
]
}
}
The ReadBeneficiariesDetail permission has been granted.
Get Account Balances Request
https://ob-dev.alsalambank.com/apigatway/bobf/release1.0.0/accounts/rvLMP0Y1T1uItFyryIwqYQ/beneficiaries
Request Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAzMjUiLCJjb25zZW50SWQiOiJ6THk2TDlYelRqNktnYlBLTFpRTnVnIiwiaXNzIjoiQVBJX0dXIiwiZXhwIjoxNjIxODUwNDYyLCJ0b2tlbl90eXBlIjoiUkVTT1VSQ0UiLCJpYXQiOjE2MjE3NjQwNjJ9.BlpNU7DL41EtU1RGRTlKtsy650YadcWyPzUXiXNI7zmLxmjqdrSsd32_v7Pe_YhjWZ1tG33OORLpjA-f76e1WBd3zm4L43bQ4BtMY2AVC9g_BSpzytBTm3QNvB6e-FL_yrBJOpCoaVDcLDpGxq7Z-kUI5esNpD3GvJyHUgBGe8t8wCvcUY45j_pKqvYsXvZ9Gjitv-ig7vSs5iBzvfXPHeUtDn4bL_AbideRS54DPVZIZMFjvocfcWQVy2JNXvCX1r_5Yh6uGqlIGuHynZUZGKakyP9eHejz8fcT-mO9R-YD2GaHZ-wGcP2mtd2oBVAh17oLJJ-R66qIAgcnGa7D_A
Accept: application/json
A sample successful response:
{
"Data": {
"Beneficiary": [
{
"AccountId": "rvLMP0Y1T1uItFyryIwqYQ",
"BeneficiaryId": "2247",
"Reference": "Installment",
"CreditorAccount": {
"SchemeName": "BH.OBF.IBAN",
"Identification": "BH10XYZU00100000005698",
"Name": "Khalid Ahmed Ali"
}
},
{
"AccountId": "rvLMP0Y1T1uItFyryIwqYQ",
"BeneficiaryId": "1567",
"Reference": "Investment",
"CreditorAccount": {
"SchemeName": "BH.OBF.IBAN",
"Identification": " BH10XYZU00100000008876",
"Name": "Ali Hassan Mohammed"
}
}
]
}
}
Type of required token is Public token
An example initiating request:
https://ob-dev.alsalambank.com/apigatway/bobf/release1.0.0/sharing-product-details
Request Headers
Content-Type:application/json
Authorization:Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJUUFAxIiwic2NvcGUiOiJwYXltZW50cyIsImlzcyI6IkFQSV9HVyIsImV4cCI6MTYyMTg3NDAyMCwidG9rZW5fdHlwZSI6IlBVQkxJQyIsImlhdCI6MTYyMTc4NzYyMH0.iJfMcKjGR7YpK5xvUlos8i_lR3BDEQpkxUt_WpravIWDvRKYZ-1IFfpwxCqpbDEHBOJaoDqAhwQbSR6hRu3Z-D9z2XtqLtGGG5ADzTb5CSmhRBcd14TLhgZVg7PvXluQtLCR_U2OvzqlYhqM7VEtWXnnaCDN3VZAG4wqu1TKYPQEs0Gplr0l8YDxMH3NHIeE9Rtgms4KiT5KEw7mIoor1wBJ1kkTBVdFmA-5Z_UcNxtoqKdN7kxJTP3O5nDQjOE-65LiWXNP0wR9uUtJYpRduybHc-EoxfplS2zRT4YqXfsYNQrl7ae5B0xb9UB_4GDJOB40h3C9z4tQr6tg7BJUKg
Accept:application/json
x-idempotency-key:XYZ.51403.MLT.30
x-jws-signature:LMlmPSqzISEpar72ce5deMGue4RsZMDnZYG1bW6hdPlvriZ=..G1rrM18vVYBmdmRurS6nIR1yFHR8bGZyIJdvaB5nKGRvm35hTr==
x-fapi-auth-date:Tue, 12 Mar 2021 09:10:17 GMT+3
x-fapi-customer-ip-address:204.35.213.15
x-fapi-interaction-id:75bdc714-b2dg-7676-c759-780d6815689f
A sample successful response:
{
"Data": {
"CreditCards": [
{
"ProductDetails": {
"CategoryName": "123",
"CategoryCode": "123",
"ProductDescription": "123",
"ProductCode": "123",
"SubProductCode": "123",
"Segment": "123"
},
"Features": {
"Currency": "BHD"
},
"Eligibility": {},
"Benefits": {},
"TermsAndConditions": {}
}
],
"Loans": [
{
"ProductDetails": {
"CategoryName": "123",
"CategoryCode": "123",
"ProductDescription": "123",
"ProductCode": "123",
"SubProductCode": "123",
"Segment": "123"
},
"Features": {
"Currency": "BHD"
},
"Eligibility": {},
"Benefits": {},
"TermsAndConditions": {}
}
],
"OBBranch": {
"Branch": [
{
"Identification": "1",
"PostalAddress": {
"GeoLocation": {}
}
}
]
}
}
}