Close

Close

Incorrect username/password


Enter the correct login details.
Your profile will be blocked after three failed attempts.


If you have forgotten or would like to reset your username/password, select 'Forgot password'.



Username

Password

FORGOT PASSWORD

API Real Time Notifications

Back

API Overview

Overview

Description

API Scope

Description

What can this API do?

Getting Started

How to get the API

How to connect to the API

Security access and control

Available Transports

Rest API

API References

What format is the API in?

API Real Time Notifications

API Overview

Overview

Receive notifications about what goes in and out of your account.

Description

This service allows you to:

  • Request to receive a real-time notification when there's a debit entry reported on your account/s.
  • Request to receive a real time notification when a credit entry settles into your account/s
  • Choose which type of transactions you want to receive real time notifications on. example, only credit notifications via EFT.

API Scope

Description

The API is currently available to certain customer groups, countries and covers a specific list of product accounts.

This API is available for business, commercial, corporate and investment customers in South Africa.

What can this API do?

This service allows the client to:

  • Connect on their own behalf.
  • Connect through a Third-Party.
  • Request to receive real-time notifications when there's a debit entry reported on their account/s.
  • Request to receive real-time notifications when a credit entry settles into their account/s.
  • Choose which type of transactions they want to receive real-time notifications on. For example, only credit notifications via EFT.
  • Request to retrieve notifications that have already been downloaded.

Getting Started

How to get the API

You need to be an Online Banking Enterprise ™ user or complete the platform registration.

There are a few ways in which you can get and connect to the API.

  • Unassisted: With unassisted, you can subscribe to the Account Verification Service API on integration channel, which is found under the Business Solutions tab on Online Banking Enterprise ™
  • Assisted: You can contact your digital profile manager, transactional portfolio manager or implementation manager who can assist in connecting you to the API.

How to connect to the API

The client can connect and consume the API in two ways:

1 On my own behalf

The client can connect to the API directly from their line of business system. This can be achieved without a technology intermediary or third-party (System Operator or technology partner).

In both unassisted and assisted journeys, the client can maintain their connection details to their line of business system.

2 Through a Third-Party

The client can delegate the API processing and connection responsibility to an intermediary or Third-Party (System Operator or technology partner).

With this connection type, the client will be required to provide the bank with consent to share their product account information with the Third-Party as well as indicate which accounts the Third-Party can retrieve information on.

In both unassisted and assisted journeys, the client can maintain or revoke the consent for the Third-Party to act on your behalf as well as the selection of the accounts.

Security access and control

Our APls are secured and protected. We require positive authentication, authorisation and access tokens to gain access to the API.

Authentication

API client authentication use JWT signed tokens. Authentication will be done through the use of a client ID and client secret that will serve as credentials to positively identify the client The credentials are provided through the subscribe process on the Integration Channel.

Authorisation

Authorisation is achieved through the OAuth 2.0 standard using the authorisation code flow. The authorisation code flow includes using an Auth Code to receive an access token to initiate the process to make calls. The authorisation code will be received through the use of a redirect URL shared either by the client when connecting on their own or by the partner when connecting through a Third-Party.

Access Token

This is treated as a subset of authorisation. Access tokens can be obtained through the OAuth 2.0 token endpoint by either presenting the authorisation code or a refresh token. An access token is used each time a call is made and has a set life span, once expired the refresh token can be used to request a new access token. In the instance where both the access and refresh token expire, the client will need to request for a new access and refresh token by initiating the connect process again.

Available Transports

Rest API

RESTful API represents API call received through a RESTful service using the HTTP as a transport layer. RESTful API's are useful when broken down into simple method calls as it enables the simplified interaction with the Bank and the future development of the FirstRand API Economy.

API References

What format is the API in?

Transaction History API uses OpenAPI Specification (OAS) standard.

OpenAPI Specification (OAS) is an industry standard, programming language-agnostic specification standard for RESTful APls. OAS allows easy access to discover and understand the API without having access to the source code, documentation or implementation logic. OAS is also widely known as a Swagger Document.

Get - Retrieve notifications

Retrieve Transaction History:

Allows the client to retrieve notifications when a new credit or debit entry is reported on their account(s).

Post - Retrieve downloaded notifications

Allows the client to retrieve notifications that have already been