bunq / doc Goto Github PK

View Code? Open in Web Editor NEW

28.0 5.0 18.0 13.58 MB

The bunq API documentation

Home Page: https://doc.bunq.com

License: MIT License

JavaScript 64.18% HTML 1.62% SCSS 34.21%

api-documentation api-reference bunq-api banking bank-account bank-card payment bank-statement

doc's Introduction

Intro to the bunq API

Hi! Thanks for checking out our API! It’s an incredibly powerful tool for you to automate your banking any way you like! We offer over 200 operations you can make use of.

Because our API is so powerful, it can be overwhelming when you work with it for the first time. This article is meant to help you understand how bunq works so you can easily find the right endpoints and build your integration as fast as possible.

Let’s start by looking into the objects you can work with using the bunq API and the relations between them.

Fundamental bunq API objects

No matter what integration you want to build, you will need to work with the core objects that are essential to the bunq user experience. While the concept of each is easy to understand, you’ll see that some names and relations are not what you would expect, which is because the Public bunq API is a part of our internal API, which serves the bunq app.

Without further ado, here are the objects you’ll need to know by ID:

User
MonetaryAccount
Payment
RequestInquiry
Card
Attachment
NoteAttachment

Let’s dive into the peculiarities of each of them.

`User`

As a bank, we believe in user-centred design, and so we organized everything, including our app, service, and backend, around Users. You’ll notice that and every endpoint path starts with it. We support 3 user types, which have separate endpoints, permissions and properties:

userPerson is accessible at /user-person;
userCompany is accessible at /user-company;
userPaymentServiceProvider is readable at /user-payment-service-provider.

User operates as a generalization object over all the possible user types.

userPerson and userCompany represent bunq users with subscriptions. As a bunq user, you will find yourself one of them. Getting your userId (GET /user) will be one of the first things you will do after you open your first session, as you need it to retrieve information from and perform operations with the user account.

Users with bunq subscriptions have access to the core banking services. They can create bank accounts (we call them monetary accounts), order cards, and make payments. All of them have subtypes and work with one another, which you will learn about in the following sections.

A userPaymentServiceProvider is created when a PSD2-certified company registers their eIDAS certificate to bunq. In return, if the certificate is validated, they receive an API key. These bunq users do not have access to the bunq app and can only operate on behalf of other bunq users within the scope of their PSD2 role - AISP, PISP, and/or CBPII.

`MonetaryAccount`

The second object you will use the most is MonetaryAccount. Monetary accounts are holders of money you may know as bank accounts, sub-accounts, or pots. Unlike wallets, which work directly with cards, monetary accounts are linked to a legal bank account owner.

You might have correctly guessed that Travel users (UserPersons with the Travel subscription) do not own a bank account and so the monetary account they use with a card serves as a wallet.

Most operations including payments work with monetary accounts so you will need to specify monetary-accountId for the majority of your API calls. You can find the ID of the monetary accounts as well as identify the one you want to use by listing all the monetary accounts of the user (GET /user/userId/monetary-account).

bunq offers 3 types of monetary accounts, which, just like users, have dedicated endpoints that serve as filters for your convenience:

Classic single bank accounts or MonetaryAccountBanks are accessible at /user/userId/monetary-account-bank;
(Auto-)savings accounts or MonetaryAccountSavingss are accessible at /user/userId/monetary-account-savings;
Accounts shared with other bunq users (these users become fellow legal owners of the monetary account) or MonetaryAccountJoints are accessible at /user/userId/monetary-account-joint.

VAT accounts fall under MonetaryAccountSavingss.

`Payment`

Because the money is stored in monetary accounts, all transactions derive from or target them. Payment covers both incoming and outgoing payments so if you list the payments of the user, you will get all of them.

While it’s impossible to control incoming payments, you can do so with the outgoing ones. Using the bunq API, you can create single, batch, draft and scheduled payments. All of them operate under the parent Payment object while having dedicated objects and endpoints:

single payments or Payment are accessible at /user/{userID}/monetary-account/{monetary-accountID}/payment;
an array of payments to be sent at once or PaymentBatchs are accessible at /user/{userID}/monetary-account/{monetary-accountID}/payment-batch;
initiated payments that the user needs to accept or DraftPayments are accessible at /user/{userID}/monetary-account/{monetary-accountID}/draft-payment;
scheduled payments or SchedulePayments are accessible at /user/{userID}/monetary-account/{monetary-accountID}/schedule-payment;

An array of scheduled payments or SchedulePaymentBatchs are accessible at /user/{userID}/monetary-account/{monetary-accountID}/schedule-payment-batch.

Draft scheduled payments or initiated recurring payments fall under DraftPayment. Moving the money between monetary accounts can be covered by any depending on what UX you want to achieve.

Aside from the sum to be sent, all payments require a receiver, which we call counterparty_alias. You can specify the addressee using the following pointer types: EMAIL, PHONE_NUMBER, or IBAN.

For worldwide and multi-currency payments, use our TransferWise endpoints. Follow this tutorial for the details.

`RequestInquiry`

With bunq, you can request payments from anyone - you just need to know their IBAN, email, or phone number. Non-bunq users will receive an email or an SMS leading to an interface where they can make the transaction from their bank account.

RequestInquiry is the magical object that makes the above possible. Just like payments, it links to a monetary account of a user, which you can see in the endpoint you can use to create and access RequestInquirys: /user/{userID}/monetary-account/{monetary-accountID}/request-inquiry.

`Card`

Just as cards belong to a bunq user, so is Card directly linked to User. Money needs to run into and out of monetary accounts so every card a bunq user possesses needs to be linked to one. There is no limit for how many cards can take money from a monetary account but a card can only have one primary monetary account. If the primary monetary account lacks sufficient funds, bunq checks the secondary monetary account. Else, the transaction fails.

Together with their PINs, cards ensure the 2-factor authentication of the user when the user makes a card payment. Such payments end up as Payments and so will be returned when listing the payments of the user (GET /user/{userID}/monetary-account/{monetary-accountID}/payment). If you want to list card transactions, you need to address MasterCardAction via GET /user/{userID}/monetary-account/{monetary-accountID}/mastercard-action.

There are 2 kinds of cards bunq users can order:

CardDebit at /user/{userID}/card-debit, and
CardCredit at /user/{userID}/card-credit.

CardDebitsupports Maestro, MasterCard, Tap & Pay, and virtual cards. CardCredit, on the other hand, offers MasterCards of either MASTERCARD_TRAVEL or MASTERCARD_GREEN product types. All cards of the users are listable under Card.

`Attachment` and `NoteAttachment`

Both Payment and RequestInquiry objects can have a link to Attachments - images in the .png, or .jpeg, format. This makes it possible for bunq users to send payments and payment requests with contextual photos by specifying the attachmentid and upload photos of invoices and receipts to existing transactions by creating NoteAttachments.

The difference between the Attachment and Note-attachment objects lies in their relation to other objects. Attachment is directly linked to the monetary account and thus is a higher-level resource that can be referred to underlying objects-to-be-created, while NoteAttachment is connected to the existing objects that belong to the monetary account. You can observe this relation in the following endpoints:

/user/{userID}/monetary-account/{monetary-accountID}/attachment
/user/{userID}/monetary-account/{monetary-accountID}/request-inquiry/{request-inquiryID}/note-attachment
/user/{userID}/monetary-account/{monetary-accountID}/payment/{paymentID}/note-attachment
/user/{userID}/monetary-account/{monetary-accountID}/draft-payment/{draft-paymentID}/note-attachment
/user/{userID}/monetary-account/{monetary-accountID}/schedule-payment/{schedule-paymentID}/note-attachment

Security setup

As a bank, bunq puts tremendous effort into user data security. That is why you need to do a setup we call “creating an API context” before you can send your first custom API request. API context assures us the sender of the request is you, you are who you say you are, and, if you are a PSD2-certified party, what you are allowed to do.

API context creation flow was designed to exchange the crucial information to form signatures that will let you and bunq verify each other’s calls.

Our SDKs handle the API context creation flow for you so you’ll only need to provide us with some constants such as your API key and - only if you are a PSD2-certified party - certificate, certificate chain and the private key belonging to the QSEAL certificate.

OAuth is the obligatory authentication method for public projects whereas using API keys is allowed as long as only you have access to your application.

🌈 You’ve mastered the basics

Now you know how bunq works and can move on to building your own app! Jump to one of the below:

doc's People

Contributors

Stargazers

Watchers

Forkers

d-on-github crecket painjansen avanheuvelen holtkamp lexym stevenbunq sudarsan-sridharan root-ish tomasz815 rlanga e-tech-ventures pinkdiamond1 bravawal earlycrusher meslubi2021 mikesecurity

doc's Issues

Signing response return error without explanation

Hello,

I'm trying to call /v1/session-server url. I can successfully call before endpoints. In this url, It returns me;

{ "Error" : [ { "error_description_translated" : "For this operation a request signature is required. Check the urls for more information.", "error_description" : "For this operation a request signature is required. Check the urls for more information.", "error_additional_parameter" : [ { "url_together_post" : "https:\/\/together.bunq.com\/d\/15399" } ] } ] }
error. I tried to call it with IGNORE_ONLY_FOR_TESTING but It returns me the same error. I'm using javascript function which is also in postman to sign it with private key. My data to sign is in as below;

Post /v1/session-server\nX-Bunq-Region: en_US\nX-Bunq-Language: en_US\nX-Bunq-Geolocation: 0 0 0 0 000\nX-Bunq-Client-Request-Id: mp3vuWWoH2vVF368BGOs\nX-Bunq-Client-Authentication: ef3e3252270456bedf53ed775761f642ecfce89a75fb881ee2890085548dacee\nUser-Agent: postman\nCache-Control: no-cache\n\n{secret:sandbox_5b987d687645854c8d2414aa1fdd6be5780d304bf8c36c7809b35e92}"

What am I doing wrong? Thank you.

MasterCardAction endpoint is missing

Title says enough 😮

Service workers

I was thinking it'd be nice to add a service worker to the new documentation page which could significantly speed up the loading time for the new documentation. And since the service worker works in the background it wouldn't require some kind of rewrite in the theme/template that is currently used.

If you want I can create a pull request to set this up using something like sw-precahe which is Google's library to easily create a service worker script.

The trade-off then becomes that new versions of the documentation won't be visible instantly since a cached version will be shown first but you would have sub 1 second/near instant load times

Improve doc: not clear if is possible to exchange real money between two accounts using the api

Reading through https://doc.bunq.com/, I don't get if is possible to exchange real money between two accounts using the api.

The OAuth Section says, under the "What can my apps do with OAuth?" section:

Create new Payments, but only between Monetary Accounts belonging to the same user.

So, probably, this means that I cannot create an app on top of the api where an user give his permission, so then he can simply tap a button and the app can get money from his bank account right?

What I think I can do, based on the Payment Request Section, is to ask the user to make a payment each time he taps the button. In this way he can select his preferred way of payment (through ideal, for example). Is this right?

Can you please confirm my assumptions? Thanks for your time 👍

ShareInviteBankResponse.relation_user is missing from the OpenAPI definition

The OpenAPI definition does not mention the relation_user property of a ShareInviteBankResponse object.

Info on auto savings

I'm looking for info on how to recognize automated savings, ie. when a user makes bunq round up all transactions to 5 euro's. When the user pays for something that costs 4,-, 1,- is transferred to a savings goal.

I can see these transactions in the API (List_all_Payment_for_User_MonetaryAccount) but they are listed under a type "SAVINGS" that is not documented.

Likewise, the type "MASTERCARD" isn't documented either.

But anyway, can I distinguish these transactions in anyway? Is it the type that tells me these are automated?

Add Google Tag Manager snippet to Doc

In order to improve the experience developers have on doc.bunq.com we will add some trackers via Google Tag Manager.

The same cookie policy we have on https:://www.bunq.com will be applied here.

Fix broken internal links and add external resources

Since the update to Swagger some of the links have been broken because of the very specific scrolling navigation it introduced. They should be fixed.

Moreover we should include also links to external resources such as GitHub and Stack Overflow.

Add MAESTRO as possible value for Payment.type

The type field of the Payment model can be MAESTRO. This is not reflected in the documentation.

Move to static HTML page

The pre-render command from redoc overwrites our custom tags so a script to insert these automatically would be useful

Headers are rendered incorrectly in doc

Instead of correct header list "Cache-Control" is rendered repeatedly like that:

That's related to incorrect outgoing header specification in swagger.

Fix long text formatting in model definition

When a model has long descriptions (e.g. status in Card) the text overflows.

word-break: break-word should be added for those strings.

Page title should not contain dashes

Update Doc to improve usability

Doc has been moved to Swagger, but it still needs some work to improve it.

The following is required:

Add a sidebar with links to all topics and endpoints
Remove hashes from model names
Add a mapping between pre-Swagger doc urls and new ones

Typo's in base.json

Found two small typo's in the base.json file.

tranlsated -> translated
lenguage -> language

Pagination instructions seem incorrect

The section about pagination states:

The older_id is always the ID of the first item in the current page.

However: by default Payments are sorted descending by creation date: the newest Payment is the first item in the current page, for example when GETting 5 Payments out of 10:

GET /v1/user/1/monetary-account/1/payment?count=5
- Payment#10
- Payment#9
- Payment#8
- Payment#7
- Payment#6

According to the documentation, for the next page the older_id should be the ID of the first item: 10:

GET /v1/user/1/monetary-account/1/payment?count=5&older_id=10:
- Payment#9
- Payment#8
- Payment#7
- Payment#6
- Payment#5

This seems incorrect: Payment#9 to Payment#6 were already returned on the first "page".

Instead, older_id should be 6, so the next page with older items would be:

GET /v1/user/1/monetary-account/1/payment?count=5&older_id=6:
- Payment#5
- Payment#4
- Payment#3
- Payment#2
- Payment#1

I guess that would mean that "the older_id is always the ID of the LAST item in the current page".

A proper/complete and logical example in the documentation would clarify a lot.

I would say that the documentation should be agnostic of the order the Payments are retrieved by using an explanation like:

"The older_id is always the ID of the oldest item in the current page".

OAuth authorization request parameter response_code not correct

The parameter "response_code" on line 63 of DESCRIPTION.md (https://github.com/bunq/doc/blame/master/DESCRIPTION.md#L63) must be "response_type"

Correct headers normalisation

See https://together.bunq.com/topic/announcement-regarding-response-verification for info.

Explain getting sandbox API Key

E. g.
curl https://public-api.sandbox.bunq.com/v1/sandbox-user -X POST --header "Content-Type: application/json" --header "Cache-Control: none" --header "User-Agent: curl-request" --header "X-Bunq-Client-Request-Id: $(date)randomId" --header "X-Bunq-Language: nl_NL" --header "X-Bunq-Region: nl_NL" --header "X-Bunq-Geolocation: 0 0 0 0 000"

See https://together.bunq.com/d/6347-documentation-update

x-bunq-warning header and callback information outdated

Doc shows outdated information about callback origin and is missing information about the x-bunq-warning header

Add oauth support.

Signing section contains duplicate request example

Scrolling on https://doc.bunq.com/#/signing, there is exactly the same post request. The section after

Let's sign that request. First create a variable $dataToSign, starting with the type and endpoint url. Follow that by a list of headers only including Cache-Control, User-Agent and headers starting with X-Bunq-. Add an extra (so double) linefeed after the list of headers. Finally end with the body of the request:

should contain something similar at "Response verifying example" (basically, the concatenation of the data to create the request signature)

Mention default pincode for sandbox app

Hi,

It might be nice to add the pincode 000000 and 992266 to the documentation and how to get a account (tell them its through a tinker script) to help developers start quicker with developing.

Minify swagger.json

Remove old php examples from doc

Document how to permit a wildcard IP on device-server

According to this thread on together you can add a wildcard IP to a device-server by using a *.

(...) it is possible to create a wildcard key if you populate the permitted_ips with the current IP you're making calls from and * to also add wildcard.

This information is critical when you're dealing with dynamic IPs (which is most of the time I think). Therefore I think this information should be added to the documentation.

Change service worker to networkFirst.

\cc @Crecket

monetary-account-joint endpoint is missing

Steps to reproduce:

Go to https://doc.bunq.com/#/monetary-account-joint

What should happen:

Show information about the monetary-account-joint endpoint

What happens:

It doesn't show the information

Move to new sandbox.

See referenced issue for info.

OpenAPI specification still mentions ShareInviteBankInquiry

Hi, bunq🌈!

I just noticed that the OpenAPI specification (swagger.json) doesn't include this changelog item: https://beta.doc.bunq.com/basics/changelog#july-9-2019

As a result, the following removed models are still part of the specification:

ShareInviteBankInquiry(Read|Update|Listing|Create|Batch)
ShareInviteBankResponse(Read|Update|Listing|Create|Batch)
and likely a few others

Small typo

In DESCRIPTION.md, it says "Befor you start" instead of "Before you start".

https://github.com/bunq/doc/blob/develop/DESCRIPTION.md#befor-you-start

Code generation using swagger / openapi specification file

Hi,

I tried to use the openapi-generator-cli to generate a client for the bunq api using the provided swagger/openapi specification file (https://raw.githubusercontent.com/bunq/doc/master/swagger.json) but I am having trouble with the code generation.

How are the bunq sdks (python, php, csharp) generated? Are they also using the openapi generator?

Code generation

Using the following command:

java -jar openapi-generator-cli.jar generate -i https://raw.githubusercontent.com/bunq/doc/master/swagger.json -g go -o ./bunq

Gives me the following error output:

java.net.URISyntaxException: Illegal character in path at index 36: https://public-api.sandbox.bunq.com/{basePath}
	at java.net.URI$Parser.fail(URI.java:2848)
	at java.net.URI$Parser.checkChars(URI.java:3021)
	at java.net.URI$Parser.parseHierarchical(URI.java:3105)
	at java.net.URI$Parser.parse(URI.java:3053)
	at java.net.URI.<init>(URI.java:588)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.getServer(OpenAPIDeserializer.java:397)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.getServersList(OpenAPIDeserializer.java:363)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.parseRoot(OpenAPIDeserializer.java:157)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.deserialize(OpenAPIDeserializer.java:111)
	at io.swagger.v3.parser.OpenAPIV3Parser.readWithInfo(OpenAPIV3Parser.java:104)
	at io.swagger.v3.parser.OpenAPIV3Parser.readWithInfo(OpenAPIV3Parser.java:142)
	at io.swagger.v3.parser.OpenAPIV3Parser.readLocation(OpenAPIV3Parser.java:45)
	at io.swagger.parser.OpenAPIParser.readLocation(OpenAPIParser.java:19)
	at org.openapitools.codegen.config.CodegenConfigurator.toClientOptInput(CodegenConfigurator.java:552)
	at org.openapitools.codegen.cmd.Generate.run(Generate.java:348)
	at org.openapitools.codegen.OpenAPIGenerator.main(OpenAPIGenerator.java:62)
java.net.URISyntaxException: Illegal character in path at index 21: https://api.bunq.com/{basePath}
	at java.net.URI$Parser.fail(URI.java:2848)
	at java.net.URI$Parser.checkChars(URI.java:3021)
	at java.net.URI$Parser.parseHierarchical(URI.java:3105)
	at java.net.URI$Parser.parse(URI.java:3053)
	at java.net.URI.<init>(URI.java:588)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.getServer(OpenAPIDeserializer.java:397)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.getServersList(OpenAPIDeserializer.java:363)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.parseRoot(OpenAPIDeserializer.java:157)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.deserialize(OpenAPIDeserializer.java:111)
	at io.swagger.v3.parser.OpenAPIV3Parser.readWithInfo(OpenAPIV3Parser.java:104)
	at io.swagger.v3.parser.OpenAPIV3Parser.readWithInfo(OpenAPIV3Parser.java:142)
	at io.swagger.v3.parser.OpenAPIV3Parser.readLocation(OpenAPIV3Parser.java:45)
	at io.swagger.parser.OpenAPIParser.readLocation(OpenAPIParser.java:19)
	at org.openapitools.codegen.config.CodegenConfigurator.toClientOptInput(CodegenConfigurator.java:552)
	at org.openapitools.codegen.cmd.Generate.run(Generate.java:348)
	at org.openapitools.codegen.OpenAPIGenerator.main(OpenAPIGenerator.java:62)
Exception in thread "main" org.openapitools.codegen.SpecValidationException: There were issues with the specification. The option can be disabled via validateSpec (Maven/Gradle) or --skip-validate-spec (CLI).
 | Error count: 52, Warning count: 2
Errors: 
	-attribute components.schemas.NoteAttachmentIdealMerchantTransaction_5be1e76160c9d.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentPayment_5be1e76173c42.properties is not of type `object`
	-attribute components.schemas.DraftShareInviteApiKeyQrCodeContent_5be1e75ebc5ad.properties is not of type `object`
	-attribute components.schemas.TabQrCodeContent_5be1e765a27f4.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentPaymentBatch_5be1e7616bfd1.properties is not of type `object`
	-attribute components.schemas.TabUsageSingle_5be1e765ac20a.properties is not of type `object`
	-attribute components.schemas.NoteTextSofortMerchantTransaction_5be1e7618aa66.properties is not of type `object`
	-attribute components.schemas.AttachmentTab.properties is not of type `object`
	-attribute components.schemas.TabUsageMultiple_5be1e765a522c.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentScheduleInstance_5be1e761841b9.properties is not of type `object`
	-attribute components.schemas.NoteTextWhitelistResult_5be1e7618e74b.properties is not of type `object`
	-attribute components.schemas.NoteTextMasterCardAction_5be1e7616a142.properties is not of type `object`
	-attribute components.schemas.NoteTextIdealMerchantTransaction_5be1e7616501a.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentBunqMeFundraiserResult_5be1e76159505.properties is not of type `object`
	-attribute components.schemas.AttachmentPublicContent_5be1e75e5b254.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentRequestInquiryBatch_5be1e76177e58.properties is not of type `object`
	-attribute components.schemas.ScheduleUser_5be1e765663e0.properties is not of type `object`
	-attribute components.schemas.AttachmentConversationContent_5be1e75e5a571.properties is not of type `object`
	-attribute components.schemas.NoteTextRequestResponse_5be1e761824fb.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentBankSwitchServiceNetherlandsIncomingPayment_5be1e76154f08.properties is not of type `object`
	-attribute components.schemas.Session_5be1e7657b84d.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentMasterCardAction_5be1e7616704c.properties is not of type `object`
	-attribute components.schemas.TabItemShop_5be1e7657fc43.properties is not of type `object`
	-attribute components.schemas.NoteTextDraftPayment_5be1e7615f12c.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentWhitelistResult_5be1e7618c958.properties is not of type `object`
	-attribute components.schemas.ExportAnnualOverview_5be1e76103da1.properties is not of type `object`
	-attribute components.schemas.DraftShareInviteBankQrCodeContent_5be1e75ebf101.properties is not of type `object`
	-attribute components.schemas.SchedulePaymentBatch_5be1e7652e387.properties is not of type `object`
	-attribute components.schemas.CertificatePinned_5be1e75e979d5.properties is not of type `object`
	-attribute components.schemas.SandboxUser.properties is not of type `object`
	-attribute components.schemas.SchedulePayment_5be1e76537a3a.properties is not of type `object`
	-attribute components.schemas.AttachmentTabContent_5be1e75e5bb2d.properties is not of type `object`
	-attribute components.schemas.ExportAnnualOverviewContent_5be1e761027be.properties is not of type `object`
	-attribute components.schemas.NoteTextRequestInquiryBatch_5be1e7617a11c.properties is not of type `object`
	-attribute components.schemas.CustomerStatementExportContent_5be1e761051d6.properties is not of type `object`
	-attribute components.schemas.AttachmentPublic.properties is not of type `object`
	-attribute components.schemas.NoteTextScheduleInstance_5be1e76186266.properties is not of type `object`
	-attribute components.schemas.Whitelist_5be1e75f4f26d.properties is not of type `object`
	-attribute components.schemas.CashRegisterQrCodeContent_5be1e75e85b04.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentRequestResponse_5be1e7618030d.properties is not of type `object`
	-attribute components.schemas.NoteTextPayment_5be1e76175f59.properties is not of type `object`
	-attribute components.schemas.TabAttachmentTabContent_5be1e75e5c5bf.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentRequestInquiry_5be1e7617bdb3.properties is not of type `object`
	-attribute components.schemas.NoteTextPaymentBatch_5be1e76171b90.properties is not of type `object`
	-attribute components.schemas.AttachmentMonetaryAccount.properties is not of type `object`
	-attribute components.schemas.CustomerStatementExport_5be1e761085da.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentSofortMerchantTransaction_5be1e76188575.properties is not of type `object`
	-attribute components.schemas.NoteTextRequestInquiry_5be1e7617dea5.properties is not of type `object`
	-attribute components.schemas.ShareInviteBankAmountUsed_5be1e7610d237.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentDraftPayment_5be1e7615cd09.properties is not of type `object`
	-attribute components.schemas.NoteTextBankSwitchServiceNetherlandsIncomingPayment_5be1e7615755e.properties is not of type `object`
	-attribute components.schemas.NoteTextBunqMeFundraiserResult_5be1e7615b22c.properties is not of type `object`
Warnings: 
	-Unused model: Avatar_5be1e75e3de25
	-Unused model: Tab_5be1e75f49f9e

	at org.openapitools.codegen.config.CodegenConfigurator.toClientOptInput(CodegenConfigurator.java:569)
	at org.openapitools.codegen.cmd.Generate.run(Generate.java:348)
	at org.openapitools.codegen.OpenAPIGenerator.main(OpenAPIGenerator.java:62)

Validation

Trying to validate the openapi file gives the following errors:

java -jar openapi-generator-cli.jar validate -i https://raw.githubusercontent.com/bunq/doc/master/swagger.json

Validating spec (https://raw.githubusercontent.com/bunq/doc/master/swagger.json)
java.net.URISyntaxException: Illegal character in path at index 36: https://public-api.sandbox.bunq.com/{basePath}
	at java.net.URI$Parser.fail(URI.java:2848)
	at java.net.URI$Parser.checkChars(URI.java:3021)
	at java.net.URI$Parser.parseHierarchical(URI.java:3105)
	at java.net.URI$Parser.parse(URI.java:3053)
	at java.net.URI.<init>(URI.java:588)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.getServer(OpenAPIDeserializer.java:397)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.getServersList(OpenAPIDeserializer.java:363)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.parseRoot(OpenAPIDeserializer.java:157)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.deserialize(OpenAPIDeserializer.java:111)
	at io.swagger.v3.parser.OpenAPIV3Parser.readWithInfo(OpenAPIV3Parser.java:104)
	at io.swagger.v3.parser.OpenAPIV3Parser.readWithInfo(OpenAPIV3Parser.java:142)
	at io.swagger.v3.parser.OpenAPIV3Parser.readLocation(OpenAPIV3Parser.java:45)
	at io.swagger.parser.OpenAPIParser.readLocation(OpenAPIParser.java:19)
	at org.openapitools.codegen.cmd.Validate.run(Validate.java:46)
	at org.openapitools.codegen.OpenAPIGenerator.main(OpenAPIGenerator.java:62)
java.net.URISyntaxException: Illegal character in path at index 21: https://api.bunq.com/{basePath}
	at java.net.URI$Parser.fail(URI.java:2848)
	at java.net.URI$Parser.checkChars(URI.java:3021)
	at java.net.URI$Parser.parseHierarchical(URI.java:3105)
	at java.net.URI$Parser.parse(URI.java:3053)
	at java.net.URI.<init>(URI.java:588)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.getServer(OpenAPIDeserializer.java:397)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.getServersList(OpenAPIDeserializer.java:363)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.parseRoot(OpenAPIDeserializer.java:157)
	at io.swagger.v3.parser.util.OpenAPIDeserializer.deserialize(OpenAPIDeserializer.java:111)
	at io.swagger.v3.parser.OpenAPIV3Parser.readWithInfo(OpenAPIV3Parser.java:104)
	at io.swagger.v3.parser.OpenAPIV3Parser.readWithInfo(OpenAPIV3Parser.java:142)
	at io.swagger.v3.parser.OpenAPIV3Parser.readLocation(OpenAPIV3Parser.java:45)
	at io.swagger.parser.OpenAPIParser.readLocation(OpenAPIParser.java:19)
	at org.openapitools.codegen.cmd.Validate.run(Validate.java:46)
	at org.openapitools.codegen.OpenAPIGenerator.main(OpenAPIGenerator.java:62)
Errors:
	-attribute components.schemas.NoteAttachmentIdealMerchantTransaction_5be1e76160c9d.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentPayment_5be1e76173c42.properties is not of type `object`
	-attribute components.schemas.DraftShareInviteApiKeyQrCodeContent_5be1e75ebc5ad.properties is not of type `object`
	-attribute components.schemas.TabQrCodeContent_5be1e765a27f4.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentPaymentBatch_5be1e7616bfd1.properties is not of type `object`
	-attribute components.schemas.TabUsageSingle_5be1e765ac20a.properties is not of type `object`
	-attribute components.schemas.NoteTextSofortMerchantTransaction_5be1e7618aa66.properties is not of type `object`
	-attribute components.schemas.AttachmentTab.properties is not of type `object`
	-attribute components.schemas.TabUsageMultiple_5be1e765a522c.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentScheduleInstance_5be1e761841b9.properties is not of type `object`
	-attribute components.schemas.NoteTextWhitelistResult_5be1e7618e74b.properties is not of type `object`
	-attribute components.schemas.NoteTextMasterCardAction_5be1e7616a142.properties is not of type `object`
	-attribute components.schemas.NoteTextIdealMerchantTransaction_5be1e7616501a.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentBunqMeFundraiserResult_5be1e76159505.properties is not of type `object`
	-attribute components.schemas.AttachmentPublicContent_5be1e75e5b254.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentRequestInquiryBatch_5be1e76177e58.properties is not of type `object`
	-attribute components.schemas.ScheduleUser_5be1e765663e0.properties is not of type `object`
	-attribute components.schemas.AttachmentConversationContent_5be1e75e5a571.properties is not of type `object`
	-attribute components.schemas.NoteTextRequestResponse_5be1e761824fb.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentBankSwitchServiceNetherlandsIncomingPayment_5be1e76154f08.properties is not of type `object`
	-attribute components.schemas.Session_5be1e7657b84d.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentMasterCardAction_5be1e7616704c.properties is not of type `object`
	-attribute components.schemas.TabItemShop_5be1e7657fc43.properties is not of type `object`
	-attribute components.schemas.NoteTextDraftPayment_5be1e7615f12c.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentWhitelistResult_5be1e7618c958.properties is not of type `object`
	-attribute components.schemas.ExportAnnualOverview_5be1e76103da1.properties is not of type `object`
	-attribute components.schemas.DraftShareInviteBankQrCodeContent_5be1e75ebf101.properties is not of type `object`
	-attribute components.schemas.SchedulePaymentBatch_5be1e7652e387.properties is not of type `object`
	-attribute components.schemas.CertificatePinned_5be1e75e979d5.properties is not of type `object`
	-attribute components.schemas.SandboxUser.properties is not of type `object`
	-attribute components.schemas.SchedulePayment_5be1e76537a3a.properties is not of type `object`
	-attribute components.schemas.AttachmentTabContent_5be1e75e5bb2d.properties is not of type `object`
	-attribute components.schemas.ExportAnnualOverviewContent_5be1e761027be.properties is not of type `object`
	-attribute components.schemas.NoteTextRequestInquiryBatch_5be1e7617a11c.properties is not of type `object`
	-attribute components.schemas.CustomerStatementExportContent_5be1e761051d6.properties is not of type `object`
	-attribute components.schemas.AttachmentPublic.properties is not of type `object`
	-attribute components.schemas.NoteTextScheduleInstance_5be1e76186266.properties is not of type `object`
	-attribute components.schemas.Whitelist_5be1e75f4f26d.properties is not of type `object`
	-attribute components.schemas.CashRegisterQrCodeContent_5be1e75e85b04.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentRequestResponse_5be1e7618030d.properties is not of type `object`
	-attribute components.schemas.NoteTextPayment_5be1e76175f59.properties is not of type `object`
	-attribute components.schemas.TabAttachmentTabContent_5be1e75e5c5bf.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentRequestInquiry_5be1e7617bdb3.properties is not of type `object`
	-attribute components.schemas.NoteTextPaymentBatch_5be1e76171b90.properties is not of type `object`
	-attribute components.schemas.AttachmentMonetaryAccount.properties is not of type `object`
	-attribute components.schemas.CustomerStatementExport_5be1e761085da.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentSofortMerchantTransaction_5be1e76188575.properties is not of type `object`
	-attribute components.schemas.NoteTextRequestInquiry_5be1e7617dea5.properties is not of type `object`
	-attribute components.schemas.ShareInviteBankAmountUsed_5be1e7610d237.properties is not of type `object`
	-attribute components.schemas.NoteAttachmentDraftPayment_5be1e7615cd09.properties is not of type `object`
	-attribute components.schemas.NoteTextBankSwitchServiceNetherlandsIncomingPayment_5be1e7615755e.properties is not of type `object`
	-attribute components.schemas.NoteTextBunqMeFundraiserResult_5be1e7615b22c.properties is not of type `object`

[error] Spec has 52 errors.

PSD2 production request

Add oauth assests to description.

The oauth assets are not available on the doc.

Events response section can not be rendered

Viewing the event endpoint in the docs shows an error and the response data can't be viewed because of it. Probably caused by a schema issue of some sort.

The console shows the following error in both Chrome and Firefox.

swagger-ui.js:7382 TypeError: Cannot read property 'anyOf' of undefined
    at e (swagger-ui.js:3154)
    at e (swagger-ui.js:3136)
    at e (swagger-ui.js:3136)
    at e (swagger-ui.js:3136)
    at e (swagger-ui.js:3166)
    at configure-map.js:63
    at t.getSampleSchema (swagger-ui.js:784)
    at t.value (swagger-ui.js:26540)
    at t.render (swagger-ui.js:7380)
    at s._renderValidatedComponentWithoutOwnerOrContext (ReactCompositeComponent.js:815)
t.render @ swagger-ui.js:7382

OAuth Sandbox URL undocumented

https://oauth.sandbox.bunq.com/auth

I believe this used to work. Did the OAuth sandbox URL change?

Also, this URL is undocumented.

Sandbox Android App Stuck in "Your Submission is Under Review"

As part of my development process, I installed
https://appstore.bunq.com/api/android/builds/bunq-android-sandbox-master.apk
in my android phone. Entered all the details, was able to validate the number with smscode 123456, then entered address, email, copy of ID document, validated bank address and also set a pin.

Next it comes into a screen "Your Submission is Under Review" for more than 24 hours. I tried reinstalling with a different name and number (This time I gave a Netherlands address, phone number, nationality and all other details). Still it ends up in the same screen. Please let me know how to handle this.
I work from India for a client who wants some development done. Does country from where the install happen, matter?

Replace ReDoc with Swagger

As above: since ReDoc has been giving issues to people (e.g. loading times) we are replacing it with SwaggerUI.

Current issues:

Deeplinking to tags works, while doing the same for a tag/method does not.

SANDBOX/PRODUCTION API key to context mprovements

Two small suggestions for improvements for new API users (rookie level):
a) To prevent failing PRODUCTION context creation issues make the quickfix of removing line 315 (CURLOPT_PINNEDPUBLICKEY) in ApiClient.php a definite one. If this balances out the problems which the current SDK causes (spend a lot of time trying to figure out the problem and upgrading cUrl on CentOS/PHP7.0 is not that easy) versus the benefits (which I don't have knowledge about).

b) Update in https://doc.bunq.com/, introduction, 4th bullet point to explain the difference between the production API key obtained through the App and the sandbox API key obtained through (link to article, current link https://doc.bunq.com/#/android-emulator goes to the same page, tipo in link?). Someting like: 'The sandbox API key is different from the production API key. Instructions to get it are found in <page with at least the curl option, maybe more options?>

Improve Sandbox documentation

Mention new verification code. (#58)
Mention process to get a new user.

PSD2 production request

I've tried to make requests for to enlist with our PSD2 certificates, but there looks like some stuff is missing from the docs.

SDK's weren't a help in trying to rebuild the request.

Is it possible to provide detailed info on how to form the request and sign them with QSEAL?

Can't view the first chapters before "amount-used"

Can't see anything before the "amount-used" chapter. Tested on different browsers and devices.

bunq is capitalized in the documentation title

The header for the docs is capitalized thanks to a css rule from the theme.

Fix response id header.

Steps to reproduce:

1.Check the response headers of.

What should happen:

There should be X-Bunq-Client-Response-Id

What happens:

Instead there is X-Bunq-Server-Response-Id

Endpoint titles not all shown entirely

Steps to reproduce:

Go to https://doc.bunq.com/#tag/request-response/paths/~1user~1{userID}~1monetary-account~1{monetary-accountID}~1request-response~1{itemId}/put

What should happen:

Title says: Update the status to accept or reject the RequestResponse

What happens instead:

Title says: Update the status to accept or reject the RequestR

bunq / doc Goto Github PK

doc's Introduction

Intro to the bunq API

Fundamental bunq API objects

User

MonetaryAccount

Payment

RequestInquiry

Card

Attachment and NoteAttachment

Security setup

🌈 You’ve mastered the basics

doc's People

Contributors

Stargazers

Watchers

Forkers

doc's Issues

Steps to reproduce:

What should happen:

What happens:

Code generation

Validation

Steps to reproduce:

What should happen:

What happens:

Steps to reproduce:

What should happen:

What happens instead:

Recommend Projects

Recommend Topics

Recommend Org

`User`

`MonetaryAccount`

`Payment`

`RequestInquiry`

`Card`

`Attachment` and `NoteAttachment`