Anytime API

Anytime API

Version : 1.0.0

Getting started

Our cookbooks

Please check our cookbooks, they will help you to understand our API.

API Server IP

If you are using a firewall, ensure that your server allow the traffic from the IP address below:

185.8.76.132

Making requests

End points

Anytime's apis provide a production endpoint and a sandbox endpoint that will allow you to test your apps with all methods

Production endpoint : ws.anyti.me

Sandbox endpoint : ws-sandbox.anyti.me

Protocol

The only allowed protocol is HTTPS.

Http verbs

As per RESTful design patterns, Anytime API implements the following HTTP verbs:

  • GET - Read resources
  • POST - Create new resources
  • PUT - Modify existing resources
  • DELETE - Remove resources

Authentication

Anytime API works with multiple security layers. Below we describe how to configure your credentials to access the API.

Generate a public and private RSA Key

The first step is to create a private RSA key with openssl. The key will be used to sign your request by passing the signature in a header parameter named. We will explain it in detail later in the documentation.

To generate the RSA key, open a terminal on your mac or linux server and type the following commands:

  1. Generate the RSA key

    openssl genrsa -des3 -out id_rsa.pem 2048

    You will be asked to enter a pass phrase and verify it. Enter a strong password and remember it.

  2. Export the public key

    openssl rsa -in id_rsa.pem -outform PEM -pubout -out id_rsa.pub

    Enter the pass phrase you set before and press enter. If the pass phrase is correct, the file "id_rsa.pub" is created containing your public key.

  3. Export the private key

    openssl rsa -in id_rsa.pem -out id_rsa -outform PEM

    Enter the pass phrase you set before and press enter. If the pass phrase is correct, the file "id_rsa" is created containing your private key.

The next step is to send your public key to us in the anytime developer zone.

Allow servers IP/ranges

In the anytime developer zone, you have to specify the IP addresses allowed to connect the API. You can set ipv4 and ipv6 ip addresses or even an ipv4 or ipv6 subnet. For example, if the ipv4 of your server is 123.45.67.89, you have to add this IP address to the allowed IP to be able to perform API requests on it.

Build your first query

When the 2 previous steps are completed, you are able to make your first request. We have a quite simple API named apicheck that allow you to make a simple call to the API and get a 200 response if all is working fine. Please follow the steps below:

  1. Call this URL

    curl "https://ws-sandbox.anyti.me/v1.0/apicheck" -X GET

    As we don't have yet a correct signature neither an oauth2 token, you should get a 401 error with the following message:

    Access denied. You have to provide valid authentication information.
  2. Build signature and validation data

    The signature works by adding this two parameters in the http header of your HTTP request:

    X-Validation-Data
    X-Signed-Request

    First you have to choose the value of the a validation data by yourself. A good practice is to have at least something unique like a timestamp with float precision. You are free to add other data to make the signature more complicated.

    Note that a validation data can be used only one time. If you try to use the same one a second time, the API will reject you with a 401 code (ValidationDataAlreadyUsedException).

    X-Validation-Data: 1478508503.5145

    Now you have to build the signature:

    1. Compute an openssl signature using the X-Validation-Data string.
    2. Encode this signature using base64 algorithm

    Example with PHP:

    $xValidationData = sha1 (microtime ().rand (0, PHP_INT_MAX));
    $signature = '';
    
    if (!@openssl_sign($xValidationData, $signature, $rsaPrivateKey)) {
        die ('The provided RSA private key is invalid.');
    }
    
    $xSignedRequest = base64_encode ($signature);
  3. Generate a token

    Once it's done, you still not able to use the API. You have to generate an OAuth2 token. To do that, just make a POST HTTP request to the following URL with the X-Validation-Data and X-Signed-Request parameters filled + the authentication information we provided to you in form-data parameter (client_id, client_secret, username, password) and also set the form-data parameter "grant_type" to "password".

    Example with curl:

    curl "https://ws-sandbox.anyti.me/oauth/v2/token" \
        -X POST \
        -H 'X-Validation-Data: string' \
        -H 'X-Signed-Request: string' \
        -d 'grant_type=password' \
        -d 'client_id=string' \
        -d 'client_secret=string' \
        -d 'username=string' \
        -d 'password=string'

    If your credentials and your signature are fine, you should receive a json response with your token:

    {
      "request_id": 90402,
      "type_response": "sync",
      "timestamp": 1478525194.6798,
      "hash": "a476623576b50ad3f2d49ae36d27b6f2e8876565e3232c04e49afeb831e1db0f",
      "body": {
        "access_token": "YOUR_TOKEN",
        "expires_in": 3600,
        "token_type": "bearer",
        "refresh_token": "YOUR_REFRESH_TOKEN"
      }
    }
  4. Make your first valid request

    Now you can use the access token to make your requests on our API.

    Example with curl:

    curl "https://ws-sandbox.anyti.me/v1.0/apicheck" \
        -X GET \
        -H 'Authorization: Bearer YOUR_TOKEN' \
        -H 'X-Validation-Data: string' \
        -H 'X-Signed-Request: string'
    

    If everything is fine you should receive a json with the current date and time.

Response validation

The purpose is to certify the origin of the response retrieved from the API. The string is an sha256 hash algorithm applied on the string below:

timestamp|username
  • Timestamp: The one displayed in the JSON response.
  • Username: The one you use to create tokens.

Once you have computed the string, you can compare it with the hash string displayed in the json response. If the computed hash is not equals to the displayed hash, you can not trust the response.

Versioning

When you make a query, you have to specify which version of the API you want to use. The version is set in the URI like this:

https://ws.anyti.me/v<version>

So if you want to call the functionality "apicheck" for the 1.0 version of the API you have to call:

https://ws.anyti.me/v1.0/apicheck

Note that we are using <major>.<minor>.<bug-fix> version format but you have to specify only the major and minor part as for each incompatible changes we will create a new major or minor version.

Incompatible changes

  • Add/Delete functionalities
  • Modify the behaviour of existing functionalities (add/delete parameters, change ordering rules, add/delete properties, modify properties format
  • Add/Modify/Delete error code
  • Deprecate functionalities or parameters

HTTP status code

We use several HTTP status code. Each HTTP status code is extended by several sub-code to have a bigger panel of error code and make easy the errors management.

  • 200 - OK

    The query succeeded.

  • 400 - Bad Request

    This error will occur if some query/form-data/uri parameters are malformed or invalid.

    Code Text code
    4000010 BadVersionFormatException
    4000011 VersionNotSupportedException
    4000050 DateStartGreaterThanDateEndFilterException
    4000210 AccountInvalidParameterException
    4000220 AccountIdenticalSrcAndDstAccountIdException
    4000230 AccountIbanAlreadyExistsException
    4000310 CardInvalidParameterException
  • 401 - Unauthorized

    This error will occur if you supply wrong credentials/signature/not allowed IP.

    Code Text code
    4010010 OAuth2AccessDeniedException
    4010020 OAuth2InvalidRequestException
    4010030 OAuth2InvalidClientException
    4010040 OAuth2InvalidGrantException
    4010050 OAuth2InvalidTokenException
    4010060 IpAddressNotAllowedException
    4010070 BadRsaSignatureException
    4010080 ValidationDataAlreadyUsedException
  • 402 - Payment Required

    This error will occur when accounts or cards have not enough money to perform the operation.

    Code Text code
    4020210 AccountSrcNotEnoughCreditException
    4020220 AccountBalanceTooLowException
    4020320 CardBalanceTooLowException
    4020321 CardBalanceTooHighException
  • 403 - Unauthorized

    This error will occur if you try to access a resource you are not allowed to handle.

    Code Text code
    4030020 SubEnvironmentAccessDeniedException
    4030030 FunctionalityNotAllowedException
    4030210 AccountIdNoRightsException
    4030211 AccountIdPartnerNoRightsException
    4030220 AccountIbanIncompleteKYCException
    4030212 AccountBadTypeException
    4030221 AccountIbanNotCreatedException
    4030310 CardAccountNoRightsException
    4030320 CardNotActivatedException
    4030330 CardLoadAmountTooLowException
    4030331 CardLoadAmountTooHighException
    4030350 CardCancelledNoActionException
    4030360 CardBadCardTypeException
    4030365 CardBadStatusUpdateException
    4030370 CardAccountCannotOrderVirtualCardsException
    4030380 CardGetPinBadCvcException
    4030390 CardUpdateCardUpdateMissingHolderDataException
    4030410 OrderIdNoRightsException
  • 404 - Not Found

    This error will occur if the uri route is wrong.

    Code Text code
    4040010 InvalidRouteException
    4040210 AccountStatementNotFoundException
    4040310 CardStatementNotFoundException
    4040410 OrderNoAvailableTrackingDataException
  • 405 - Not Allowed

    This error will occur if the method used (GET/POST/PUT...) is not available for the called URI.

    Code Text code
    4050010 MethodNotAllowedException
  • 408 - Request Timeout

    This error will occurs if we are unable to execute your request within a specified time

    Code Text code
    4080010 BankingNetworkTimeoutException
  • 429 - Too Many Request

    This error will occur if you reach any limitation.

    Code Text code
    4290010 MaxQueryRateByIpReachedException
    4290020 MaxQueryRateByFunctionalityReachedException
    4290030 MaxQueryRateByApiUserReachedException
    4290310 CardMaxLoadPerDayException
    4290311 CardMaxLoadPerMonthException
    4290312 CardMaxLoadPerYearException
    4290313 CardMaxLoadPerFourDaysException
    4290314 CardMaxLoadPerWeekException
    4290320 CardLoadCapacityException
    4290330 CardMaxAllowedOrderReachedException
    4290331 CardMaxAllowedOrderReachedForSubAccountException
  • 451 - Unavailable for legal reason

    This error will occur if you try to do something forbidden for a specific.

    Code Text code
    4510210 AccountCreditTransferKycUploadRequiredException
    4510310 CardCreditSingleUseUnavailableException
    4510320 CardOrderKycUploadRequiredException
    4510330 CardLoadKycUploadRequiredException
  • 500 - Internal Server Error

    This error will occur if there is something wrong on our side.

    Code Text code
    5000010 UnknownException

Rate limiting

We are limiting the max allowed request you can made. See below the limitation rules:

  • By user or IP: Maximum 1.000 queries by day
  • By functionality: Maximum 60 queries in 1 minute

If you reach the rate limit, you will get a 429 HTTP status code. (See HTTP status codes)

Note that the rate limiting is not enabled in the sandbox environment.

Webhook

Our webhook will send you the card transactions in realtime.

We will send you a json into the HTTP RAW DATA :

{
   "request_id":109605,
   "type_response":"async",
   "body":
     {
       "method":"card_last_tx",
       "card_ref":"ANY0000000000",
       "acc_id":"xxx",
       "transaction":
         {
           "txid":"11111111111",
           "mcc":"5942",
           "amount":98.32,
           "amount_fx":98.32,
           "currency":"EUR",
           "fx":"1.000000",
           "fx_fee":0,
           "status":"S",
           "type":"D",
           "balance_after":"0.00",
           "date":"2017-02-02 14:14:48",
           "description":"FNAC DIRECT - RUE DES BATEAUX LAVOIRS, IVRY SUR SEIN,94768,FRA,FRA"
         }
     },
   "timestamp":"1483365005",
   "hash":"[HASH]"
}
Name Type Description
request_id
integer The current API request ID
type_response
string Will always be "async"
body
object Body of the query
method
string card_last_tx
card_ref
string Reference of the card (ANYXXXXXXXXXX) attached to the transaction
acc_id
string Account id attached to the transaction
transaction
object The transaction
txid
integer Unique transaction ID
mcc
integer Payment mcc code of the transaction
amount
number Transaction amount
amount_fx
number Transaction amount in local currency
currency
string Transaction currency code
fx
number Rate fx of the transaction
fx_fee
number Rate fx fee of the transaction
status
string S = Settled, C = Cancelled, P = Pending, D = Declined
type
string C = Credit, D = Debit
balance_after
number Card balance after this transaction
date
string Transaction date
description
string Transaction description
timestamp
integer The timestamp of the request
hash
string HASH is a SHA256 value calculated by concatenating the timestamp in the data, the character "|" and your api username: SHA256(timestamp|api_username)

Oauth

Oauth - Create a new OAuth2 token

Create a new oauth2 token. When you create a new token the previous one will be automatically obsolete.

post
/oauth/v2/token
curl "https://ws-sandbox.anyti.me/oauth/v2/token" \
    -X POST \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'grant_type=string' \
    -d 'client_id=string' \
    -d 'client_secret=string' \
    -d 'username=string' \
    -d 'password=string'
php bla bla

Headers

Name Type Required Description
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
grant_type string true password The OAuth2 grant type (only the password grant type is available)
client_id string true   CLIENT_ID The client ID we have sent to you.
client_secret string true   CLIENT_SECRET The client secret we have sent to you.
username string true   USERNAME The username we have sent to you.
password string true   PASSWORD The password we have sent to you.

Success 200 : Token created

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
access_token
stringThe generated access token
expires_in
integerThe token has a validitiy of XXXX seconds
token_type
stringWe only use the Bearer token type
refresh_token
string"The refresh token (currently not used)"

Apicheck

Apicheck - Check the API

Check that the API connection succeed with correct credentials and RSA public key

get
/v1.0/apicheck
curl -G "https://ws-sandbox.anyti.me/v1.0/apicheck" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description

Success 200 : The API connection succeed

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
date_time
stringThe current date and time

Apicheck - apicheck-apicheckpost-summary

apicheck-apicheckpost-description

post
/v1.0/apicheck
curl "https://ws-sandbox.anyti.me/v1.0/apicheck" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'test_param=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
test_param string false     parameter-apicheck-test-param-description

Success 200 : apicheck-apicheckpost-response-200-description

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
test_param
stringresponse-apicheck-test-parameter

Accounts

Accounts - Retrieve the account list

Retrieve the account list

get
/v1.0/accounts
curl -G "https://ws-sandbox.anyti.me/v1.0/accounts" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'limit_start=integer' \
    -d 'limit_number=integer'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
limit_start integer false     Take only items from this position.
limit_number integer false     Number of items to retrieve at once.

Success 200 : List of accounts

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
filters
array 
total_results
integerThe total accounts available without the limit filters
accounts
arrayArray of accounts
acc_id
integerThe account ID of a corporation or a user.
acc_type
stringThe account type

Accounts - Create a new account

Create a new account, either business or individual. A cardholder must be specified for each account type.

post
/v1.0/accounts
curl "https://ws-sandbox.anyti.me/v1.0/accounts" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'acc_type=string' \
    -d 'acc_currency=string' \
    -d 'user_gender=string' \
    -d 'user_first_name=string' \
    -d 'user_last_name=string' \
    -d 'user_dob=string' \
    -d 'user_pob=string' \
    -d 'user_email=string' \
    -d 'user_mobile_number=string' \
    -d 'user_addr_line_1=string' \
    -d 'user_addr_line_2=string' \
    -d 'user_addr_zip=string' \
    -d 'user_addr_city=string' \
    -d 'user_addr_cc=string' \
    -d 'user_nationality=string' \
    -d 'corp_name=string' \
    -d 'corp_regnum=string' \
    -d 'corp_type=string' \
    -d 'corp_activity=string' \
    -d 'corp_tva=string' \
    -d 'corp_addr_line_1=string' \
    -d 'corp_addr_line_2=string' \
    -d 'corp_addr_zip=string' \
    -d 'corp_addr_city=string' \
    -d 'corp_addr_cc=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
acc_type string true   Account type (business or consumer)
acc_currency string true   Account currency code (ISO 4217)
user_gender string true   Cardholder gender (M = Male, F = Female)
user_first_name string true     Cardholder firstname
user_last_name string true     Cardholder lastname
user_dob string true   2016-01-01 Cardholder date of birth (YYYY-MM-DD)
user_pob string true     Cardholder place of birth
user_email string true     Cardholder email address
user_mobile_number string true     Cardholder phone number (international format : 33600000000)
user_addr_line_1 string true     Cardholder address street line 1
user_addr_line_2 string true     Cardholder address street line 2
user_addr_zip string true     Cardholder address zip code
user_addr_city string true     Cardholder address city
user_addr_cc string true   Cardholder address country code (ISO 3166)
user_nationality string true   Cardholder nationality (ISO 3166)
corp_name string false     Corporation legal name
corp_regnum string false     Corporation legal registration number
corp_type string false     Corporation legal type (SA, EURL, ...)
corp_activity string false     Corporation legal activity
corp_tva string false     Corporation VAT number
corp_addr_line_1 string false     Corporation address street line 1
corp_addr_line_2 string false     Corporation address street line 2
corp_addr_zip string false     Corporation address zip code
corp_addr_city string false     Corporation address city
corp_addr_cc string false   Corporation address country code (ISO 3166)

Success 200 : Account created

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
acc_type
stringThe account type
acc_id
integerThe account ID of a corporation or a user.

Error 400 : AccountInvalidParameterException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Retrieve a specific account information

Retrieve a specific account information

get
/v1.0/accounts/{id}
curl -G "https://ws-sandbox.anyti.me/v1.0/accounts/{id}" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource

Success 200 : Account info

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
acc_id
integerThe account ID of a corporation or a user.
acc_type
stringThe account ID of a corporation or a user.
acc_currency
stringresponse-accounts-currency
corp_name
stringresponse-accounts-corp-name
corp_regnum
stringresponse-accounts-corp-regnum
corp_type
stringresponse-accounts-corp-type
corp_activity
stringresponse-accounts-corp-activity
corp_tva
stringresponse-accounts-corp-tva
corp_addr_1
stringresponse-accounts-corp-addr1
corp_addr_2
stringresponse-accounts-corp-addr2
corp_zip
stringresponse-accounts-corp-zip
corp_city
stringresponse-accounts-corp-city
corp_cc
stringresponse-accounts-corp-cc
user_gender
stringresponse-accounts-user-gender ['M','F']
user_first_name
stringresponse-accounts-user-first-name
user_last_name
stringresponse-accounts-user-last-name
user_dob
stringresponse-accounts-user-dob
user_pob
stringresponse-accounts-user-pob
user_email
stringresponse-accounts-user-email
user_mobile_number
stringresponse-accounts-user-number
user_addr_1
stringresponse-accounts-user-addr1
user_addr_2
stringresponse-accounts-user-addr2
user_addr_zip
stringresponse-accounts-user-zip
user_addr_city
stringresponse-accounts-user-city
user_addr_cc
stringresponse-accounts-user-cc
user_nationality
stringresponse-accounts-user-nationality

Error 403 : AccountIdNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Update account informations

Update account informations

put
/v1.0/accounts/{id}
curl "https://ws-sandbox.anyti.me/v1.0/accounts/{id}" \
    -X PUT \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'acc_currency=string' \
    -d 'user_gender=string' \
    -d 'user_first_name=string' \
    -d 'user_last_name=string' \
    -d 'user_dob=string' \
    -d 'user_pob=string' \
    -d 'user_email=string' \
    -d 'user_mobile_number=string' \
    -d 'user_addr_line_1=string' \
    -d 'user_addr_line_2=string' \
    -d 'user_addr_zip=string' \
    -d 'user_addr_city=string' \
    -d 'user_addr_cc=string' \
    -d 'user_nationality=string' \
    -d 'corp_name=string' \
    -d 'corp_regnum=string' \
    -d 'corp_type=string' \
    -d 'corp_activity=string' \
    -d 'corp_tva=string' \
    -d 'corp_addr_line_1=string' \
    -d 'corp_addr_line_2=string' \
    -d 'corp_addr_zip=string' \
    -d 'corp_addr_city=string' \
    -d 'corp_addr_cc=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource
acc_currency string true   Account currency code (ISO 4217)
user_gender string true   Cardholder gender (M = Male, F = Female)
user_first_name string true     Cardholder firstname
user_last_name string true     Cardholder lastname
user_dob string true   2016-01-01 Cardholder date of birth (YYYY-MM-DD)
user_pob string true     Cardholder place of birth
user_email string true     Cardholder email address
user_mobile_number string true     Cardholder phone number (international format : 33600000000)
user_addr_line_1 string true     Cardholder address street line 1
user_addr_line_2 string true     Cardholder address street line 2
user_addr_zip string true     Cardholder address zip code
user_addr_city string true     Cardholder address city
user_addr_cc string true   Cardholder address country code (ISO 3166)
user_nationality string true   Cardholder nationality (ISO 3166)
corp_name string false     Corporation legal name
corp_regnum string false     Corporation legal registration number
corp_type string false     Corporation legal type (SA, EURL, ...)
corp_activity string false     Corporation legal activity
corp_tva string false     Corporation VAT number
corp_addr_line_1 string false     Corporation address street line 1
corp_addr_line_2 string false     Corporation address street line 2
corp_addr_zip string false     Corporation address zip code
corp_addr_city string false     Corporation address city
corp_addr_cc string false   Corporation address country code (ISO 3166)

Success 200 : Account updated

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
acc_type
stringThe account type
acc_id
integerThe account ID of a corporation or a user.

Error 400 : AccountInvalidParameterException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 403 : AccountIdNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Retrieve the balance of the current account

Retrieve the balance of the current account

get
/v1.0/accounts/{id}/balance
curl -G "https://ws-sandbox.anyti.me/v1.0/accounts/{id}/balance" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource

Success 200 : Account balance

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
acc_id
integerresponse-accounts-corp-acc-id
balance
numberThe current balance

Error 403 : AccountIdNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Retrieve the cards list of an account

Retrieve the cards list of an account

get
/v1.0/accounts/{id}/cards
curl -G "https://ws-sandbox.anyti.me/v1.0/accounts/{id}/cards" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'limit_start=integer' \
    -d 'limit_number=integer'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource
limit_start integer false     Take only items from this position.
limit_number integer false     Number of items to retrieve at once.

Success 200 : Account cards list

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
filters
array 
acc_id
integerresponse-accounts-corp-acc-id
total_results
integerThe total cards available without the limit filters
cards
arrayList of cards
card_ref
stringReference of the card (ANYXXXXXXXXXX)
card_type
stringPLASTIC, VIRTUAL_SINGLE_USE or VIRTUAL_MULTI_USE
status
stringStatus of the card
activation_date
stringActivation date
balance
numberBalance of the card
expiry_date
stringExpiration date of the card
atm
integerresponse-card-atm
pos
integerresponse-card-pos
card_holder
object 
gender
stringThe gender of the card holder
first_name
stringThe firstname of the card holder
last_name
stringThe lastname of the card holder

Error 403 : AccountIdNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Retrieve the statements list of an account

Retrieve the statements list of an account

get
/v1.0/accounts/{id}/statements
curl -G "https://ws-sandbox.anyti.me/v1.0/accounts/{id}/statements" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'date_start=string' \
    -d 'date_end=string' \
    -d 'limit_start=integer' \
    -d 'limit_number=integer'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource
date_start string false   2016-01-01 Add a filter to take every dated element between this date and the dateTo parameter.
date_end string false   2016-01-01 Add a filter to take every dated element between dateFrom parameter and this date.
limit_start integer false     Take only items from this position.
limit_number integer false     Number of items to retrieve at once.

Success 200 : Account statements

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
acc_id
integerThe account ID of a corporation or a user.
acc_type
stringThe account type
total_results
integerThe total statements number available without the limit filters
transactions
array 
txid
stringTransaction ID
description
stringStatement description
date
stringStatement date/time
amount
numberAmount of the transaction
type
stringThe transaction type Credit/Debit
balance
numberBalance of the card
currency
stringCurrency
iban
array 
iban
stringIBAN number
swift
stringSWIFT code
comment
stringIban transaction comment
status
stringStatement status
executionDate
stringStatement execution date/time
virtual_iban
stringThe virtual IBAN number
filters
array 

Error 403 : AccountIdNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Retrieve a specific account statement

Retrieve a specific account statement

get
/v1.0/accounts/{id}/statements/{txid}
curl -G "https://ws-sandbox.anyti.me/v1.0/accounts/{id}/statements/{txid}" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource
txid string true     Unique ID of the current resource

Success 200 : Account statement details

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
txid
stringTransaction ID
description
stringStatement description
date
stringStatement date/time
amount
numberAmount of the transaction
type
stringThe transaction type Credit/Debit
balance
numberBalance of the card
currency
stringCurrency
iban
array 
iban
stringIBAN number
swift
stringSWIFT code
comment
stringIban transaction comment
virtual_iban
stringThe virtual IBAN number
status
stringStatement status
executionDate
stringStatement execution date/time

Error 403 : AccountIdNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 404 : AccountStatementNotFoundException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Retrieve the iban statements list of an account

Retrieve the iban statements list of an account

get
/v1.0/accounts/{id}/iban-statements
curl -G "https://ws-sandbox.anyti.me/v1.0/accounts/{id}/iban-statements" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'date_start=string' \
    -d 'date_end=string' \
    -d 'limit_start=integer' \
    -d 'limit_number=integer'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource
date_start string false   2016-01-01 Add a filter to take every dated element between this date and the dateTo parameter.
date_end string false   2016-01-01 Add a filter to take every dated element between dateFrom parameter and this date.
limit_start integer false     Take only items from this position.
limit_number integer false     Number of items to retrieve at once.

Success 200 : Account IBAN statements

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
acc_id
integerThe account ID of a corporation or a user.
acc_type
stringThe account type
total_results
integerThe total statements number available without the limit filters
transactions
array 
txid
stringTransaction ID
description
stringStatement description
date
stringStatement date/time
amount
numberAmount of the transaction
type
stringThe transaction type Credit/Debit
balance
numberBalance of the card
currency
stringCurrency
iban
array 
iban
stringIBAN number
swift
stringSWIFT code
comment
stringIban transaction comment
status
stringStatement status
executionDate
stringStatement execution date/time
virtual_iban
stringThe virtual IBAN number
filters
array 

Error 403 : AccountIdNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Create a credit transfer

Create a credit transfer

post
/v1.0/accounts/{id}/credit-transfer
curl "https://ws-sandbox.anyti.me/v1.0/accounts/{id}/credit-transfer" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'dst_acc_id=integer' \
    -d 'src_comment=string' \
    -d 'dst_comment=string' \
    -d 'dst_name=string' \
    -d 'dst_type=string' \
    -d 'dst_iban=string' \
    -d 'dst_swift=string' \
    -d 'amount=number'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource
dst_acc_id integer true     Destination account unique identifier (mutually exclusive with dst_type)
src_comment string true     Source comment
dst_comment string true     Destination comment
dst_name string true     Receiver name (only if dst_type = external)
dst_type string true   Destination type (internal or external. Mutually exclusive with dst_acc_id if set to "external")
dst_iban string true     Destination iban (only if dst_type = external)
dst_swift string true     Destination swift code (only if dst_type = external)
amount number true     Amount to transfert (must be > 0)

Success 200 : Credit transfer requested

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
src_balance_after
numberThe balance of the source account after the credit transfer
dst_balance_after
numberThe balance of the destination account after the credit transfer

Error 400 : AccountInvalidParameterException | AccountIdenticalSrcAndDstAccountIdException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 403 : AccountIdNoRightsException | AccountSrcNotEnoughCreditException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 451 : AccountCreditTransferKycUploadRequiredException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Uploaded KYC list

Get a list of uploaded KYC and their status.

get
/v1.0/accounts/{id}/kyc
curl -G "https://ws-sandbox.anyti.me/v1.0/accounts/{id}/kyc" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource

Success 200 : KYC status

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
status
stringThe account status regarding the KYC
uploaded-kyc-status
objectThe list of uploaded KYC and their latest status + other info
accepted
arrayThe accepted KYC list
type
stringThe KYC type (identity, identity_back, passport...)
url
stringURL of the uploaded KYC
uploaded_at
stringThe timestamp of the uploaded KYC
pending
arrayThe pending KYC list (not yet validated)
type
stringThe KYC type (identity, identity_back, passport...)
url
stringURL of the uploaded KYC
uploaded_at
stringThe timestamp of the uploaded KYC
refused
arrayThe refused KYC list (refused after check)
type
stringThe KYC type (identity, identity_back, passport...)
url
stringURL of the uploaded KYC
uploaded_at
stringThe timestamp of the uploaded KYC
missing-kyc-types
array 

Error 403 : AccountIdNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Upload KYC files

Upload KYC files. You have to fill at least one parameter.

post
/v1.0/accounts/{id}/kyc
curl "https://ws-sandbox.anyti.me/v1.0/accounts/{id}/kyc" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'user_selfie=file' \
    -d 'user_identity=file' \
    -d 'user_identity_back=file' \
    -d 'user_passport=file' \
    -d 'user_dom_1=file' \
    -d 'user_identity_host=file' \
    -d 'user_identity_back_host=file' \
    -d 'user_dom_host=file' \
    -d 'user_affidavit=file' \
    -d 'corp_status=file' \
    -d 'corp_kbis=file'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource
user_selfie file false     Cardholder selfie
user_identity file false     Cardholder legal id front
user_identity_back file false     Cardholder legal id back
user_passport file false     Cardholder passport
user_dom_1 file false     Cardholder utility bill
user_identity_host file false     Cardholder hosting legal id front
user_identity_back_host file false     Cardholder hosting legal id back
user_dom_host file false     Cardholder hosting legal utility bill
user_affidavit file false     Cardholder affidavit if hosted by someone else
corp_status file false     Corporation legal status files
corp_kbis file false     Corporation legal kbis files

Success 200 : KYC sent

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
files_status
objectArray of files status
user_selfie
objectCardholder selfie
status
integerFile status (0 = OK, 1 = Wrong file extension, 2 = Not uploaded correctly)
error
stringError label if in error
user_identity
objectCardholder front ID
status
integerFile status (0 = OK, 1 = Wrong file extension, 2 = Not uploaded correctly)
error
stringError label if in error
user_identity_back
objectCardholder back ID
status
integerFile status (0 = OK, 1 = Wrong file extension, 2 = Not uploaded correctly)
error
stringError label if in error
user_passport
objectresponse-accounts-kyc-file-status-user-passport
status
integerFile status (0 = OK, 1 = Wrong file extension, 2 = Not uploaded correctly)
error
stringError label if in error
user_dom_1
objectCardholder bill usage
status
integerFile status (0 = OK, 1 = Wrong file extension, 2 = Not uploaded correctly)
error
stringError label if in error
user_identity_host
objectCardholder hosting front ID
status
integerFile status (0 = OK, 1 = Wrong file extension, 2 = Not uploaded correctly)
error
stringError label if in error
user_identity_back_host
objectCardholder hosting back ID
status
integerFile status (0 = OK, 1 = Wrong file extension, 2 = Not uploaded correctly)
error
stringError label if in error
user_dom_host
objectCardholder hosting bill usage
status
integerFile status (0 = OK, 1 = Wrong file extension, 2 = Not uploaded correctly)
error
stringError label if in error
user_affidavit
objectAffidavit file
status
integerFile status (0 = OK, 1 = Wrong file extension, 2 = Not uploaded correctly)
error
stringError label if in error

Error 400 : AccountInvalidParameterException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 403 : AccountIdNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Create IBAN

Create an IBAN for this account

post
/v1.0/accounts/{id}/iban
curl "https://ws-sandbox.anyti.me/v1.0/accounts/{id}/iban" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'country_code=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource
country_code string true   IBAN country code (ISO 3166)

Success 200 : IBAN created

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
iban
stringThe IBAN string
swift
stringThe IBAN swift code

Error 400 : AccountInvalidParameterException | AccountIbanAlreadyExistsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 403 : AccountIbanIncompleteKYCException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Accounts - Create a virtual IBAN

Create a virtual IBAN for this account

post
/v1.0/accounts/{id}/virtual-ibans
curl "https://ws-sandbox.anyti.me/v1.0/accounts/{id}/virtual-ibans" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'type=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource
type string true   The type of IBAN (C: Credit, D: Debit)

Success 200 : Virtual IBAN created

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
iban
stringThe IBAN string
swift
stringThe IBAN swift code
type
stringThe type of IBAN (C: Credit, D: Debit)

Error 400 : AccountInvalidParameterException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 403 : AccountIbanIncompleteKYCException | AccountBadTypeException | AccountIbanNotCreatedException | BankingNetworkTimeoutException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards

Cards - Order a new card

Order a new Visa or Mastercard payment card. Beware, virtual cards can't be ordered by a "consumer" account type.

post
/v1.0/cards
curl "https://ws-sandbox.anyti.me/v1.0/cards" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'acc_id=integer' \
    -d 'card_name=string' \
    -d 'card_type=string' \
    -d 'expiry_date=string' \
    -d 'amount=number' \
    -d 'language=string' \
    -d 'delivery_company_name=string' \
    -d 'delivery_gender=string' \
    -d 'delivery_first_name=string' \
    -d 'delivery_last_name=string' \
    -d 'delivery_addr_1=string' \
    -d 'delivery_addr_2=string' \
    -d 'delivery_zip=string' \
    -d 'delivery_city=string' \
    -d 'delivery_cc=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
acc_id integer true     Account unique identifier
card_name string true     The name that will be displayed on the card
card_type string false   PLASTIC, VIRTUAL_SINGLE_USE or VIRTUAL_MULTI_USE
expiry_date string true   2016-01-01 Card desired expiry date
amount number true     Amount to transfert (must be > 0)
language string true     Delivery language ("fr" or "en")
delivery_company_name string true     Delivery address company name
delivery_gender string true   Receiver gender
delivery_first_name string true     Receiver firstname
delivery_last_name string true     Receiver lastname
delivery_addr_1 string true     Delivery address street line 1
delivery_addr_2 string true     Delivery address street line 2
delivery_zip string true     Delivery address zip code
delivery_city string true     Delivery address city
delivery_cc string true   Delivery address country code (ISO 3166)

Success 200 : Card ordered

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
order_id
integerUnique identifier for the order
order_status
integerOrder status (3 = order complete, 9 = card is activated for a virtual card order)
card_ref
stringReference of the card (ANYXXXXXXXXXX)

Error 400 : CardInvalidParameterException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 403 : AccountIdNoRightsException | CardAccountCannotOrderVirtualCardsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 429 : CardMaxAllowedOrderReachedException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 451 : CardOrderKycUploadRequiredException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Retrieve information on this card

Retrieve information on this payment card

get
/v1.0/cards/{card_ref}
curl -G "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
card_ref string true     Unique string reference for the resource

Success 200 : Card info

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
acc_id
integerThe account ID of a corporation or a user.
card_type
stringPLASTIC, VIRTUAL_SINGLE_USE or VIRTUAL_MULTI_USE
card_ref
stringReference of the card (ANYXXXXXXXXXX)
activation_date
stringActivation date
balance
numberBalance of the card
validity_month
integerCard validity
expiry_date
stringExpiration date of the card
status
stringStatus of the card
pos
booleanAuthorize or block point of sales payments
atm
booleanAuthorize or block ATM withdrawals

Error 403 : CardAccountNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Update card info

Update card info

put
/v1.0/cards/{card_ref}
curl "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}" \
    -X PUT \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'card_status=string' \
    -d 'card_pos=integer' \
    -d 'card_atm=integer' \
    -d 'card_renew=integer'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
card_ref string true     Unique string reference for the resource
card_status string false   STO = stolen, LOS = lost, DAM = damaged, CAN = cancelled, ACT = activated, BLO = blocked
card_pos integer false   1 = allow point of sales payments, 0 = block point of sales payments
card_atm integer false   1 = allow atm withdrawal, 0 = block atm withdrawal
card_renew integer false   1 = renew this card, 0 = do not renew this card

Success 200 : Card updated

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
card_ref
stringReference of the card (ANYXXXXXXXXXX)
status
integerStatus of the card
pos
integerAuthorize or block point of sales payments
atm
integerAuthorize or block ATM withdrawals
renew
integerThis card needs to be renewed

Error 403 : CardAccountNoRightsException | CardCancelledNoActionException | CardUpdateCardUpdateMissingHolderDataException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 400 : CardInvalidParameterException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Get all cards transactions

Get all cards transactions

get
/v1.0/cards/{card_ref}/transactions
curl -G "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}/transactions" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'date_start=string' \
    -d 'date_end=string' \
    -d 'limit_start=integer' \
    -d 'limit_number=integer'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
card_ref string true     Unique string reference for the resource
date_start string false   2016-01-01 Add a filter to take every dated element between this date and the dateTo parameter.
date_end string false   2016-01-01 Add a filter to take every dated element between dateFrom parameter and this date.
limit_start integer false     Take only items from this position.
limit_number integer false     Number of items to retrieve at once.

Success 200 : Card transactions list

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
filters
array 
card_ref
stringReference of the card (ANYXXXXXXXXXX)
acc_id
integerThe account ID of a corporation or a user.
total_results
integerThe total transactions number available with no date or limit filter
transactions
arrayCard transaction list
txid
integerUnique transaction ID
mcc
integerPayment mcc code of the transaction
amount
numberTransaction amount
amount_fx
numberTransaction amount in local currency
currency
stringTransaction currency code
fx
numberRate fx of the transaction
fx_fee
numberRate fx fee of the transaction
vat_details
arrayThe VAT details of this transaction
rate
numberThe VAT rate
amount
numberThe VAT amount with the rate applied
status
stringS = Settled, C = Cancelled, P = Pending, D = Declined
type
stringC = Credit, D = Debit
balance_after
numberCard balance after this transaction
date
stringTransaction processed date
date_transaction
stringTransaction date
description
stringTransaction description

Error 403 : CardAccountNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Get transaction details

Get transaction details of a specific transaction

get
/v1.0/cards/{card_ref}/transactions/{txid}
curl -G "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}/transactions/{txid}" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
card_ref string true     Unique string reference for the resource
txid string true     Unique ID of the current resource

Success 200 : Card transactions details

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
txid
integerUnique transaction ID
mcc
integerPayment mcc code of the transaction
amount
numberTransaction amount
amount_fx
numberTransaction amount in local currency
currency
stringTransaction currency code
fx
numberRate fx of the transaction
fx_fee
numberRate fx fee of the transaction
vat_details
arrayThe VAT details of this transaction
rate
numberThe VAT rate
amount
numberThe VAT amount with the rate applied
status
stringS = Settled, C = Cancelled, P = Pending, D = Declined
type
stringC = Credit, D = Debit
balance_after
numberCard balance after this transaction
date
stringTransaction processed date
date_transaction
stringTransaction date
description
stringTransaction description

Error 403 : CardAccountNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 404 : CardStatementNotFoundException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Credit a card.

As the transaction is not processed instantly, the response you get is not the final response containing the transaction information. This one will be sent asynchronously to the webhook you have defined in your API account configuration. For more details about the response format please check the webhook section in the API documentation.

post
/v1.0/cards/{card_ref}/credit
curl "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}/credit" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'amount=number' \
    -d 'acc_comment=string' \
    -d 'card_comment=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
card_ref string true     Unique string reference for the resource
amount number true     Amount to transfert (must be > 0)
acc_comment string true     Comment to link to the account
card_comment string true     Comment to link to the card

Success 200 : Credit request sent

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
card_ref
stringReference of the card (ANYXXXXXXXXXX)
acc_id
integerCard account ID
transaction_id
integerUnique transaction ID (only in sandbox)

Error 400 : CardInvalidParameterException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 402 : AccountBalanceTooLowException | CardLoadBalanceTooHighException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 403 : CardAccountNoRightsException | CardNotActivatedException | CardLoadAmountTooLowException | CardLoadAmountTooHighException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 429 : CardMaxLoadPerDayException | CardMaxLoadPerFourDaysException | CardMaxLoadPerWeekDaysException | CardMaxLoadPerMonthException | CardMaxLoadPerYearException | CardLoadCapacityException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 451 : CardCreditSingleUseUnavailableException | CardLoadKycUploadRequiredException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Debit a card.

As the transaction is not processed instantly, the response you get is not the final response containing the transaction information. This one will be sent asynchronously to the webhook you have defined in your API account configuration. For more details about the response format please check the webhook section in the API documentation.

post
/v1.0/cards/{card_ref}/debit
curl "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}/debit" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'amount=number' \
    -d 'acc_comment=string' \
    -d 'card_comment=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
card_ref string true     Unique string reference for the resource
amount number true     Amount to transfert (must be > 0)
acc_comment string true     Comment to link to the account
card_comment string true     Comment to link to the card

Success 200 : Debit request sent

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
card_ref
stringReference of the card (ANYXXXXXXXXXX)
acc_id
integerCard account ID
transaction_id
integerUnique transaction ID (only in sandbox)

Error 400 : CardInvalidParameterException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 402 : CardBalanceTooLowException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 403 : CardAccountNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Get pin code of a card

Get pin code of a card

get
/v1.0/cards/{card_ref}/pin
curl -G "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}/pin" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'cvc=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
cvc string true   000 The CVC number of the card (3 last digits of the number printed on the back). In SANDBOX environment you have to use the code '000' as a valid CVC Code, all others CVC codes will make the request return a 403 response 'CardGetPinBadCvcException'.
card_ref string true     Unique string reference for the resource

Success 200 : Success

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
pin
stringThe card pin code.

Error 403 : CardAccountNoRightsException | CardGetPinBadCvcException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Text PIN to cardholder

Text new pin to cardholder

post
/v1.0/cards/{card_ref}/pin
curl "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}/pin" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
card_ref string true     Unique string reference for the resource

Success 200 : Card pin sent

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
acc_id
integerThe account ID of a corporation or a user.
card_ref
stringReference of the card (ANYXXXXXXXXXX)

Error 403 : CardAccountNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 408 : BankingNetworkTimeoutException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Returns information about a virtual card

For virtual cards multi use: Returns the front and back picture of the card. For virtual cards single use: Returns the pan, cvv, and expiry date. This API works only with virtual cards. If you try to use it with a physical card, you will get an error.

get
/v1.0/cards/{card_ref}/pan
curl -G "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}/pan" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
card_ref string true     Unique string reference for the resource

Success 200 : Success

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
front
stringFront picture of the card
back
stringBack picture of the card
expiry_date
stringExpiry date
pan
stringThe PAN number
cvv
stringThe CVV number

Error 403 : CardBadCardTypeException | CardBadStatusUpdateException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 408 : BankingNetworkTimeoutException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Text or email the PAN of a virtual single use card to cardholder

Text or email the PAN of a virtual single use card to cardholder

post
/v1.0/cards/{card_ref}/pan
curl "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}/pan" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'dest_method=string' \
    -d 'dest_value=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
card_ref string true     Unique string reference for the resource
dest_method string true email The notification method to use (email, sms...)
dest_value string true   valid@email.com|33600000000 The destination value depending of the destination method. If method = email, enter a valid email address. If method = sms, enter a valid international phone number containing digits only.

Success 200 : Success

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
state
stringState of the request.

Error 400 : CardInvalidParameterException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Cards - Summary

Send card detail through a link to the final customer

post
/v1.0/cards/{card_ref}/details-display
curl "https://ws-sandbox.anyti.me/v1.0/cards/{card_ref}/details-display" \
    -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING' \
    -d 'ip=string'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
card_ref string true     Unique string reference for the resource
ip string true     The IP address of the consumer that will click on the link

Success 200 : Success

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
temp_link
stringTemporary link the final user has to click on

Error 404 : CardDetailsDisplayFailToRetrieveTempLinkException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Orders

Orders - Get order tracking links.

When ordering a card you receive an order ID, you can use it to get a tracking link if available.

get
/v1.0/orders/{id}/tracking
curl -G "https://ws-sandbox.anyti.me/v1.0/orders/{id}/tracking" \
    -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'X-Validation-Data: VALIDATION_DATA_STRING' \
    -H 'X-Signed-Request: SIGNED_REQUEST_STRING'
php bla bla

Headers

Name Type Required Description
Authorization string true The string 'Bearer ' followed by the token you got by using POST /oauth/v2/token uri.
X-Validation-Data string true A random string you generate, used to sign the query
X-Signed-Request string true This is a signature generated with your private RSA key + the X-Validation-Data string.

Parameters

Name Type Required Possible values Default Description
id integer true     Unique ID of the current resource

Success 200 : Tracking data

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
tracking_link
stringThe tracking URL

Error 403 : OrderIdNoRightsException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name

Error 404 : OrderNoAvailableTrackingDataException

Name Type Description
request_id
integerThe current API request ID
type_response
stringIf this is a sync response or async response
timestamp
numberTimestamp of the query
hash
stringThis is the timestamp visible in the response concatenated with your username and finaly hashed with sha256 algorithm. Example: sha256('1472742723.9673|YourUserName')
body
objectBody of the query
error
object 
code
integerException code
message
stringException message
exception
stringException name