Flinks Accounts Summary API

Retrieves general account information - cardholder name (when available), account balance, category, and EFT eligibility - without full transaction history, using the RequestId from /Authorize. A /GetAccountsSummaryAsync variant supports polling of long-running requests.

OpenAPI Specification

flinks-openapi.yml Raw ↑
openapi: 3.0.1
info:
  title: Flinks API
  description: >-
    Representative specification of the Flinks financial data API. Businesses
    connect to consumer and business bank accounts to aggregate account,
    transaction, and statement data, verify identity, and derive income,
    credit-risk, and fraud analytics. A session is opened with the multi-step
    /Authorize (MFA) endpoint using a LoginId returned by Flinks Connect; the
    resulting RequestId is passed to subsequent data, enrichment, and analytics
    endpoints. All calls are authenticated with a short-lived authorize token
    supplied in the flinks-auth-key header.
  termsOfService: https://flinks.com/terms-of-service/
  contact:
    name: Flinks Support
    url: https://help.flinks.com/
  version: '3.0'
servers:
  - url: https://{instance}-api.private.fin.ag/v3/{customerId}/BankingServices
    description: Flinks per-customer instance host.
    variables:
      instance:
        default: toolbox
        description: Assigned instance / environment prefix (e.g. toolbox for sandbox).
      customerId:
        default: '00000000-0000-0000-0000-000000000000'
        description: Your Flinks customer identifier (GUID).
paths:
  /GenerateAuthorizeToken:
    post:
      operationId: generateAuthorizeToken
      tags:
        - Authorize
      summary: Generate a short-lived authorize token.
      description: >-
        Exchanges your API secret for a 30-minute authorize token that must be
        supplied in the flinks-auth-key header on all other endpoints.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GenerateAuthorizeTokenRequest'
      responses:
        '200':
          description: Authorize token generated.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthorizeTokenResponse'
  /Authorize:
    post:
      operationId: authorize
      tags:
        - Connect
      summary: Open a banking session and handle MFA.
      description: >-
        Opens a session for a Flinks Connect LoginId. Returns HTTP 200 with a
        RequestId and Links on success, or HTTP 203 with SecurityChallenges when
        a multi-factor challenge is required. Resubmit with RequestId and
        SecurityResponses to complete the challenge.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthorizeRequest'
      responses:
        '200':
          description: Authorization successful; session is ready for data calls.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthorizeResponse'
        '203':
          description: Multi-factor authentication required.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MfaChallengeResponse'
        '400':
          description: Invalid parameters.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
        '401':
          description: Authentication failed.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
  /GetAccountsDetail:
    post:
      operationId: getAccountsDetail
      tags:
        - Connect
      summary: Retrieve full account detail and transactions.
      description: >-
        Returns full detail for each linked account - identity, balances, up to
        90 or 365 days of transactions, and holder KYC. May return HTTP 202;
        poll /GetAccountsDetailAsync with the same RequestId until HTTP 200.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GetAccountsDetailRequest'
      responses:
        '200':
          description: Account detail returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccountsResponse'
        '202':
          description: Request accepted and processing; poll the async endpoint.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncPendingResponse'
  /GetAccountsDetailAsync/{requestId}:
    get:
      operationId: getAccountsDetailAsync
      tags:
        - Connect
      summary: Poll a pending accounts-detail request.
      parameters:
        - name: requestId
          in: path
          required: true
          schema:
            type: string
            format: uuid
          description: The RequestId returned by /Authorize.
      responses:
        '200':
          description: Account detail returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccountsResponse'
        '202':
          description: Still processing.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncPendingResponse'
  /GetAccountsSummary:
    post:
      operationId: getAccountsSummary
      tags:
        - Connect
      summary: Retrieve general account summary information.
      description: >-
        Returns cardholder name (when available), balance, category, and EFT
        eligibility for each linked account, without full transaction history.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RequestIdBody'
      responses:
        '200':
          description: Account summary returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccountsResponse'
        '202':
          description: Processing; poll /GetAccountsSummaryAsync.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsyncPendingResponse'
  /GetStatements:
    post:
      operationId: getStatements
      tags:
        - Connect
      summary: Retrieve PDF bank statements.
      description: >-
        Signs up one or more connected accounts to retrieve PDF statements
        issued by their financial institution.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GetStatementsRequest'
      responses:
        '200':
          description: Statements returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StatementsResponse'
  /FieldMatch:
    post:
      operationId: fieldMatch
      tags:
        - Identity
      summary: Verify applicant fields against the connected account holder.
      description: >-
        Compares supplied applicant identity fields (name, address, phone,
        email) against the identity captured on the connected bank account and
        returns per-field match results.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FieldMatchRequest'
      responses:
        '200':
          description: Field match results returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FieldMatchResponse'
  /GetCategorization:
    post:
      operationId: getCategorization
      tags:
        - Enrich
      summary: Return categorized transactional data.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RequestIdBody'
      responses:
        '200':
          description: Categorized transactions returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CategorizationResponse'
  /GetIncomeAttributes:
    post:
      operationId: getIncomeAttributes
      tags:
        - Score
      summary: Standardized income verification attributes.
      description: >-
        Returns a high-level overview of total income, employment income, and
        government income for standardized income verification.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AttributesRequest'
      responses:
        '200':
          description: Income attributes returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AttributesResponse'
  /GetCreditRiskAttributes:
    post:
      operationId: getCreditRiskAttributes
      tags:
        - Score
      summary: Credit risk and income attributes.
      description: >-
        Returns overall financial information, employment and non-employment
        income sources, loan payments, bill payments, and additional risk
        analysis measures.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AttributesRequest'
      responses:
        '200':
          description: Credit risk attributes returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AttributesResponse'
  /Upload:
    post:
      operationId: upload
      tags:
        - Fraud
      summary: Process externally supplied bank statement / transaction data.
      requestBody:
        required: true
        content:
          multipart/form-data:
            schema:
              $ref: '#/components/schemas/UploadRequest'
      responses:
        '200':
          description: Upload accepted and processed.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UploadResponse'
  /FraudAnalysis:
    post:
      operationId: fraudAnalysis
      tags:
        - Fraud
      summary: Run fraud analysis on uploaded documents.
      description: >-
        Surfaces tampering and fraud signals from an uploaded document set.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RequestIdBody'
      responses:
        '200':
          description: Fraud analysis result returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FraudAnalysisResponse'
components:
  securitySchemes:
    flinks_auth_key:
      type: apiKey
      in: header
      name: flinks-auth-key
      description: >-
        Short-lived (30-minute) authorize token obtained from
        /GenerateAuthorizeToken.
  security:
    - flinks_auth_key: []
  schemas:
    Error:
      type: object
      properties:
        HttpStatusCode:
          type: integer
        Message:
          type: string
        FlinksCode:
          type: string
          description: >-
            Machine-readable code such as INVALID_LOGIN, DISABLED_LOGIN, or
            QUESTION_NOT_FOUND.
      required:
        - HttpStatusCode
        - Message
    GenerateAuthorizeTokenRequest:
      type: object
      properties:
        secret:
          type: string
          description: Your Flinks API secret.
      required:
        - secret
    AuthorizeTokenResponse:
      type: object
      properties:
        AuthorizeToken:
          type: string
        ExpiresIn:
          type: integer
          description: Token lifetime in seconds (1800).
    Link:
      type: object
      properties:
        rel:
          type: string
        href:
          type: string
        method:
          type: string
    AuthorizeRequest:
      type: object
      properties:
        LoginId:
          type: string
          format: uuid
          description: Identifier returned by Flinks Connect after a successful login.
        MostRecentCached:
          type: boolean
          default: true
          description: Use cached data (true, recommended) or live mode (false).
        Language:
          type: string
          enum: [en, fr]
          default: en
        Save:
          type: boolean
          default: true
        Tag:
          type: string
        RequestId:
          type: string
          format: uuid
          description: Required when resubmitting after an MFA challenge.
        SecurityResponses:
          type: object
          description: >-
            Map of MFA question prompts to arrays of user answers.
          additionalProperties:
            type: array
            items:
              type: string
      required:
        - LoginId
    AuthorizeResponse:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        Institution:
          type: string
        InstitutionId:
          type: string
        Login:
          type: object
        Links:
          type: array
          items:
            $ref: '#/components/schemas/Link'
        HttpStatusCode:
          type: integer
          example: 200
    SecurityChallenge:
      type: object
      properties:
        Type:
          type: string
        Iterables:
          type: array
          items:
            type: string
        Prompt:
          type: string
    MfaChallengeResponse:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        SecurityChallenges:
          type: array
          items:
            $ref: '#/components/schemas/SecurityChallenge'
        HttpStatusCode:
          type: integer
          example: 203
    RequestIdBody:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
          description: RequestId returned by /Authorize.
      required:
        - RequestId
    GetAccountsDetailRequest:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        WithAccountIdentity:
          type: boolean
          default: true
          description: Include transit / institution / account numbers.
        WithKYC:
          type: boolean
          default: true
          description: Include account-holder identity information.
        WithTransactions:
          type: boolean
          default: true
        DaysOfTransactions:
          type: string
          enum: [Days90, Days365]
        AccountsFilter:
          type: array
          items:
            type: string
        WithDetailsAndBankingStatements:
          type: boolean
      required:
        - RequestId
    GetStatementsRequest:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        AccountsFilter:
          type: array
          items:
            type: string
        NumberOfStatements:
          type: string
          description: Number of PDF statements to retrieve (e.g. Months3, Months12).
      required:
        - RequestId
    Balance:
      type: object
      properties:
        Available:
          type: number
        Current:
          type: number
        Limit:
          type: number
    Transaction:
      type: object
      properties:
        Date:
          type: string
          format: date
        Description:
          type: string
        Debit:
          type: number
          nullable: true
        Credit:
          type: number
          nullable: true
        Balance:
          type: number
    Holder:
      type: object
      properties:
        Name:
          type: string
        Address:
          type: object
          properties:
            CivicAddress:
              type: string
            City:
              type: string
            Province:
              type: string
            PostalCode:
              type: string
            Country:
              type: string
        Email:
          type: string
        PhoneNumber:
          type: string
    Account:
      type: object
      properties:
        Id:
          type: string
        Title:
          type: string
        AccountNumber:
          type: string
        LastFourDigits:
          type: string
        TransitNumber:
          type: string
        InstitutionNumber:
          type: string
        Category:
          type: string
        Type:
          type: string
        Currency:
          type: string
        Balance:
          $ref: '#/components/schemas/Balance'
        Transactions:
          type: array
          items:
            $ref: '#/components/schemas/Transaction'
        Holder:
          $ref: '#/components/schemas/Holder'
    AccountsResponse:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        Accounts:
          type: array
          items:
            $ref: '#/components/schemas/Account'
        Institution:
          type: string
        HttpStatusCode:
          type: integer
          example: 200
    AsyncPendingResponse:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        HttpStatusCode:
          type: integer
          example: 202
        Message:
          type: string
          example: Operation is pending; poll the async endpoint.
    Statement:
      type: object
      properties:
        AccountId:
          type: string
        FileName:
          type: string
        Base64Content:
          type: string
          description: Base64-encoded PDF statement.
    StatementsResponse:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        Statements:
          type: array
          items:
            $ref: '#/components/schemas/Statement'
    FieldMatchRequest:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        Name:
          type: string
        Address:
          type: string
        Email:
          type: string
        PhoneNumber:
          type: string
      required:
        - RequestId
    FieldMatchResult:
      type: object
      properties:
        Field:
          type: string
        Matched:
          type: boolean
        Score:
          type: number
    FieldMatchResponse:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        Results:
          type: array
          items:
            $ref: '#/components/schemas/FieldMatchResult'
    Category:
      type: object
      properties:
        Name:
          type: string
        Amount:
          type: number
        Count:
          type: integer
    CategorizationResponse:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        Categories:
          type: array
          items:
            $ref: '#/components/schemas/Category'
    AttributesRequest:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        Package:
          type: string
          description: Attributes package name to compute.
      required:
        - RequestId
    Attribute:
      type: object
      properties:
        Name:
          type: string
        Value:
          type: string
    AttributesResponse:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        Attributes:
          type: array
          items:
            $ref: '#/components/schemas/Attribute'
    UploadRequest:
      type: object
      properties:
        file:
          type: string
          format: binary
          description: The bank statement or transaction document to process.
        Tag:
          type: string
      required:
        - file
    UploadResponse:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        Status:
          type: string
    FraudAnalysisResponse:
      type: object
      properties:
        RequestId:
          type: string
          format: uuid
        FraudScore:
          type: number
        Signals:
          type: array
          items:
            type: object
            properties:
              Name:
                type: string
              Severity:
                type: string
security:
  - flinks_auth_key: []