Welcome to finAPI XS2A Server!

finAPI offers XS2A Server to the banks to allow licensed TPPs to access payment accounts via the API Interface following the Berlin Group Standard.

This documentation covers the API specification for the XS2A interface

More information about the APIs and the sandbox data is available in the TPP-Developer Guide. The sandbox and production URLs are published by the banks.

If you need any help with the API, contact xs2a-support@finapi.io.

Welcome to finAPI Access!

Access REST Services lie at the Core of finAPI’s Open Banking ecosystem. Access provides easy-to-integrate APIs to connect and extract bank account information to implement your business requirements.
Please use the API documentation for further testing and learning about our services.

The API Documentation can be broadly divided into the following categories:

1. Client (Mandator) Integration and Administration will help you get started whether you are a licensed TPP or otherwise.
2. User required, Bank Repository and Bank Integration will help you integrate with all functions needed for a user to access their bank accounts.
3. Transaction Categorization and Labeling provides you with all end points to make sure you or the end user can re-categorize and/or label their transactions.
4. Payments has end points for you to integrate with our classical payment solution which require account import as a pre-requisite. (You can find standalone payments here: finAPI Payment)

Furthermore, we use cutting edge technology for constantly enhancing our services, from data analysis pipelines to an event driven system, which is built in scalable modules, that you also may use in a proprietary environment. If you are interested in this kind of usage, please feel free to contact us for an offer.
Additional information about our API can be found here: Access public documentation

Two views on the API are provided as separate OpenAPI files. (You can toggle between the two via the SELECT PRODUCT combo box on the left):

• finAPI Access: This is a cleaned-up API view. Services, parameters and fields that have been deprecated over time are removed here, giving you a clear view on the latest API functionality. This view should be preferred in general and is selected by default. The filename is openapi-access-latest.yaml.
• finAPI Access (with deprecation): The full API including deprecations. Please use this API if you still rely on deprecated services, parameters or response fields. The filename is openapi-access.yaml.

Please note that both OpenAPI files only present different views on the same technical API. So if you call the cleaned-up API from within this page or with a generic HTTP client (e.g. Postman), you will still get deprecated fields returned, as those clients don't work on OpenAPI level.
But a generated OpenAPI client will respect the OpenAPI contract and won't contain deprecated fields.

If you need any help with the API, contact support@finapi.io.

Welcome to finAPI Access!

Please note that you have arrived at Access API Overview page which also includes fields, services we plan to deprecate from our offering. We urge you to refer to the newer view which excludes the deprecation and provides a cleaner view. You can find it from the SELECT PRODUCT combo box on the left.

Additional information about our API can be found here: Access public documentation

If you need any help with the API, contact support@finapi.io.

Welcome to finAPI Payment!

Enable your users to pay directly from their bank account with easy-to-integrate finAPI Payment REST Services.

With our broad bank reach, you can streamline your payment flow, taking advantage of the minimal number of the strong customer authentication required by the user (usually only one for XS2A). No bank account import necessary!
The API documentation includes the services which are only necessary for the payment initiation as well as mandator and user administration.

Additional information about our API can be found here: Payment public documentation

If you need any help with the API, contact support@finapi.io.

Welcome to finAPI GiroIdent!

GiroIdent is a XS2A-based KYC solution which enables online identification of end customers with a high degree of security. By relying on the user simply providing access to their bank accounts, GiroIdent makes identity verification quick and user-friendly.

To meet the varying degrees of KYC strictness businesses must adhere to, we currently offer three types of identity checks:

• GiroIdent Basis: Verifies the identity of the end user (Name) by using finAPI access to bank account capabilities
• GiroIdent Plus: Verifies the identity of the end user (Name, Address, DOB) by using finAPI access to bank account capabilities and Schufa data
• GiroIdent GWG (§ 14 GwG): Verifies the proven identity of the end user (Name, Address, DOB, Bank account) by using finAPI access to bank account capabilities and Schufa data
• GiroIdent GwG Total (§ 12 GwG), i.e. SCHUFA MyConnect: FinAPI offers the complete KYC flow according to § 12 GwG in partnership with SCHUFA. The end-to-end customer flow ensures full AML compliance, including a Qualified Electronic Signature as per the legal requirements. finAPI Verifies the proven identity of the end-user (Name, Address, DOB, Bank account) by using finAPI access to bank account capabilities and Schufa data. Additionally, it allows the end-user to perform a “reference bank transfer” as requested by the § 12 GwG. For more information on the SCHUFA MyConnect flow, please reach out to us via support@finapi.io.

Additional information about our API can be found here: GiroIdent public documentation.

Welcome to finAPI Data Intelligence!

With finAPI Data Intelligence REST services we want to provide a deeper insight in the picture that describes the financial situation of a customer. Although we already provide services suitable for an individualized personal finance management experience of an end user with our Access PFM product, with Data Intelligence we complete this picture for B2B customers with the need of a deep insight in the financial situation of their users.

To achieve this we structured our Data Intelligence services accordingly:

• Under the Risk Reports section you can find reports related to transactions which might be connected to a payment risk, if you provide goods with a payment plan to this customer. We detect these transactions and bundle them under one report, which your application can consume within seconds.

• To have a deeper understanding of the cash flow of your users, we provide the whole Cash Flow Reports section. Here you can find a variety of income and expenditure related labels, in which we aggregate and summarize the according transactions belonging to a specific field, like insurances, income or rent and living.

To provide data in the highest possible quality, DI normalises all data flows received via various data sources. The services can be furthermore easily integrated together with finAPI Access.

Various business needs are covered by using a combination of an expert system, driven by clear defined rules and also machine learning approaches for, on the one hand refining the expert system and on the other hand providing a label coverage near to 100% for all transactions.

Furthermore, we use cutting edge technology for constantly enhancing our services, from data analysis pipelines to an event driven system, which is build in scalable modules, that you also may use in a proprietary environment. If you are interested in this kind of usage, please feel free to contact us for an offer.

Please find further information about implementation and usage of this API here: Data Intelligence public documentation

If you need any help with the API, contact support@finapi.io.

Welcome to finAPI Web Form 2.0!

finAPI's Web Form 2.0 is a complementary product to finAPI Access. It is our product offering for Compliance-as-a-Service.

As a customer, if you do not have a PSD2 license or if you are interested in using finAPI's license to manage end user credentials for bank communication, we welcome you to explore the endpoints in this section further.
All POST endpoints will generate a unique URL. This URL can be provided to the end customer. He/she can render a web form with it. finAPI will then orchestrate the next steps between the end user and bank to complete the request.

Additional information about our API can be found here: Web Form public documentation

If you need any help with the API, contact support@finapi.io.

Welcome to the finAPI System Administration!

The System Administration API lets you administer the mandators/clients that exist in the finAPI system.

Use the BASIC AUTH button in the navigation to log in with your Sys-Admin credentials. Please use the ‘Change password’ service regularly to keep your credentials secure.

Note that all requests to this API are being logged, and can be linked to your person.

If you need any help with the API, contact support@finapi.io.