Transactions

This is an optional step, we recommend providing transactions data if it is required for the affordability check of a given product

Upload Customer Transactions

post

This endpoint enables Partners to submit transaction data concerning customers who are seeking approval for loans. Transaction data provided will be used for essential checks, such as credit verification.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

extUserIdstringRequired

The external user ID is a GUID associated with the transaction data. This is the ID used to identify partner customer in SteadyPay.

Example: 72a55c98-8ab2-40d8-9533-49a48bf8806b

Responses

201

Transaction data has been successfully uploaded for all provided transactions.

400

The request could not be processed due to incorrect syntax, missing parameters, or invalid data. Please review and resubmit the request with correct information.

application/json

403

This can happen if the access token provided is invalid or expired.

application/json

500

An unexpected error occurred on the server side. Please try again later. If the issue persists, contact support for assistance.

application/json

post

/api/v2/partner/transaction

POST /api/v2/partner/transaction HTTP/1.1
Host: qa-api.steadypay.co
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 405

{
  "extUserId": "72a55c98-8ab2-40d8-9533-49a48bf8806b",
  "transactions": [
    {
      "tranId": "b9232b11-3eaa-4fd6-bd67-7de39bfb9d58",
      "tranDate": "2023-07-20T21:32:11",
      "tranAmount": -23.54,
      "tranCurrency": "GBP",
      "mccCode": 5600,
      "merchantName": "Google Ltd.",
      "categoryType": "INCOME",
      "subCategoryType": "GAMBLING",
      "description": "Gambling Casino",
      "transactionStatus": "BOOKED",
      "transactionType": "DEBIT",
      "merchantCategory": "travel"
    }
  ]
}

No content

Open Banking

Webhooks

Before using open banking endpoint please coordinate with our support team and provide us your web hook url. The web hook url needs to be an open post endpoint at your end that Steadypay could send notification status of the open banking connection.

The webhook categories are defined by the eventTypes field. Current event types are:

connectionCreated
insufficientTransactions

As new eventTypes related to transactions may be created in the future, and clients should be prepared to ignore an unexpected eventType.

Below are examples of the web hook notifications that will be received along with a 'Signature' in the request header. This signature is provided if partner wishes to validate the authenticity of the message received.

The Signature is encrypted using one-way hashing with the bcrypt library. Since bcrypt is a one-way hashing algorithm, the signature cannot be decrypted. Instead, to validate the signature, you must match it against the password used for authentication with SteadyPay.

Web hook notification - Create Connection

{
    "eventType: "createConnection",
    "email": "[email protected]",
    "isConnectionSuccessful": true
}

We require a certain number of transactions to perform an accurate risk assessment. You will receive the following webhook if we are not able to fetch enough transactions from a linked account.

When you receive this prompt the user to link another account if possible. They may need to link multiple accounts. Please note that the exact number of transactions required can change depending on circumstances.

Web hook notification - Insufficient Transactions

{
    "eventType: "insufficientTransactions",
    "email": "[email protected]"
}

To verify the signature:

Use the same password that you use to authenticate with SteadyPay.
Compare it with the received signature using bcrypt’s built-in verification method.
If the comparison is successful, the webhook notification is authentic.

Here is how you can verify a bcrypt hash match in different programming languages:

import org.mindrot.jbcrypt.BCrypt;

boolean isValid = BCrypt.checkpw("your_password", receivedSignature);

Bank Connection

post

Open banking bank connection used to fetch customers transactions.

Body

emailstring · emailRequiredExample: [email protected]

redirectUrlstring · uriRequired

The redirect URL where customer will be redirected to after bank connection.

Example: https://partner.com/redirect

Responses

200Success

application/json

403

This can happen if the access token provided is invalid or expired.

application/json

404

The customer does not exists.

application/json

500

An unexpected error occurred on the server side. Please try again later. If the issue persists, contact support for assistance.

application/json

post

/api/v2/partner/bankConnection

POST /api/v2/partner/bankConnection HTTP/1.1
Host: qa-api.steadypay.co
Content-Type: application/json
Accept: */*
Content-Length: 76

{
  "email": "[email protected]",
  "redirectUrl": "https://partner.com/redirect"
}

{
  "url": "https://webviewurltoconnectbank"
}

PreviousV1 (Deprecated)NextV1 (Deprecated)

Last updated 1 month ago