| pfm_services_enabled |
bool |
Whether your client is allowed to call PFM services (Personal Finance Management). The set of PFM services is the following:<br/><br/>• all /mandatorAdmin/ibanRules/* and /mandatorAdmin/keywordRules/* services<br/>• GET /accounts/dailyBalances<br/>• all /transactions/* services, except for GET /transactions/[id(s)] and DELETE /transactions/[id]<br/>• all /categories/* services, except for GET /categories/[id(s)]<br/>• all /labels/* services<br/>• all /notificationRules/* services<br/>• all /tests/_* services |
|
| is_automatic_batch_update_enabled |
bool |
Whether finAPI performs a regular automatic update of your users' bank connections. To find out how the automatic batch update is configured for your client, i.e. which bank connections get updated, and at which time and interval, please contact your Sys-Admin. Note that even if the automatic batch update is enabled for your client, individual users can still disable the feature for their own bank connections. |
|
| is_development_mode_enabled |
bool |
Whether development mode is enabled. This setting is enabled on mandator level and allows any user to access the ‘Mock batch update’ service. <br/><br/>NOTE: This flag is meant for testing purposes during development of your application. <br/>This is why this will never be enabled on a production environment. |
|
| is_non_euro_accounts_supported |
bool |
Whether finAPI will download data (balance and transactions) for bank accounts with a currency other than EUR (affects all users). If this flag is false, then non-EUR accounts will still be returned in the account list, but they will have no balance and no transactions. Note that this currently applies to Checking accounts only. |
|
| is_auto_categorization_enabled |
bool |
Whether transactions will be categorized as soon as they are downloaded. <br/>In case this flag is false, the user needs to manually trigger categorization using the ‘Trigger categorization’ service. |
|
| mandator_license |
MandatorLicense |
<strong>Type:</strong> MandatorLicense<br/> The license associated with your client. <br/>The licensing model affects the TPP registration data used to connect to the bank (e.g. <b>finTSProductRegistrationNumber</b> for FINTS_SERVER interface). Licenses are administered by finAPI. Please contact the support to change the license that was set up for you.<br/>Possible values are:<br/>UNLICENSED: finAPI will use its own TPP registration to connect to the bank for both account information services (AIS) and payment initiation services (PIS).<br/>AISP: finAPI will use its own TPP registration to connect to the bank for PIS, and your registration for AIS.<br/>PISP: finAPI will use its own TPP registration to connect to the bank for AIS, and your registration for PIS.<br/>FULLY_LICENSED: finAPI will use your TPP registration to connect to the bank for both AIS and PIS. |
|
| preferred_consent_type |
PreferredConsentType |
<strong>Type:</strong> PreferredConsentType<br/> The preferred consent type that will be used for the XS2A interface.<br/><br/><b>ONETIME</b> - The consent can only be used once to download data associated with the account. The consent won’t be saved by finAPI.<br/><b>RECURRING</b> - The consent is valid for up to 90 days and can be used by finAPI to access and download account data for up to 4 times per day.<br/><br/>NOTE: If the bank does not support the preferred consent type, then finAPI will default to the other type. |
|
| user_notification_callback_url |
string |
Callback URL to which finAPI sends the notification messages that are triggered from the automatic batch update of the users' bank connections. This field is only relevant if the automatic batch update is enabled for your client. For details about what the notification messages look like, please see the documentation in the 'Notification Rules' section. finAPI will call this URL with HTTP method POST. Note that the response of the call is not processed by finAPI. Also note that while the callback URL may be a non-secured (http) URL on the finAPI sandbox or alpha environment, it MUST be a SSL-secured (https) URL on the finAPI live system. |
|
| user_synchronization_callback_url |
string |
Callback URL for user synchronization. This field should be set if you - as a finAPI customer - have multiple clients using finAPI. In such case, all of your clients will share the same user base, making it possible for a user to be created in one client, but then deleted in another. To keep the client-side user data consistent in all clients, you should set a callback URL for each client. finAPI will send a notification to the callback URL of each client whenever a user of your user base gets deleted. Note that finAPI will send a deletion notification to ALL clients, including the one that made the user deletion request to finAPI. So when deleting a user in finAPI, a client should rely on the callback to delete the user on its own side. <p>The notification that finAPI sends to the clients' callback URLs will be a POST request, with this body: <pre>{ "userId" : string // contains the identifier of the deleted user "event" : string // this will always be "DELETED" }</pre><br/>Note that finAPI does not process the response of this call. Also note that while the callback URL may be a non-secured (http) URL on the finAPI sandbox or alpha environment, it MUST be a SSL-secured (https) URL on the finAPI live system.</p>As long as you have just one client, you can ignore this field and let it be null. However keep in mind that in this case your client will not receive any callback when a user gets deleted - so the deletion of the user on the client-side must not be forgotten. Of course you may still use the callback URL even for just one client, if you want to implement the deletion of the user on the client-side via the callback from finAPI. |
|
| refresh_tokens_validity_period |
int |
The validity period that newly requested refresh tokens initially have (in seconds). A value of 0 means that the tokens never expire (Unless explicitly invalidated, e.g. by revocation, or when a user gets locked, or when the password is reset for a user). |
|
| user_access_tokens_validity_period |
int |
The validity period that newly requested access tokens for users initially have (in seconds). A value of 0 means that the tokens never expire (Unless explicitly invalidated, e.g. by revocation, or when a user gets locked, or when the password is reset for a user). |
|
| client_access_tokens_validity_period |
int |
The validity period that newly requested access tokens for clients initially have (in seconds). A value of 0 means that the tokens never expire (Unless explicitly invalidated, e.g. by revocation). |
|
| max_user_login_attempts |
int |
Number of consecutive failed login attempts of a user into his finAPI account that is allowed before finAPI locks the user's account. When a user's account is locked, finAPI will invalidate all user's tokens and it will deny any service call in the context of this user (i.e. any call to a service using one of the user's authorization tokens, as well as the service for requesting a new token for this user). To unlock a user's account, a new password must be set for the account by the client (see the services /users/requestPasswordChange and /users/executePasswordChange). Once a new password has been set, all services will be available again for this user and the user's failed login attempts counter is reset to 0. The user's failed login attempts counter is also reset whenever a new authorization token has been successfully retrieved, or whenever the user himself changes his password.<br/><br/>Note that when this field has a value of 0, it means that there is no limit for user login attempts, i.e. finAPI will never lock user accounts. |
|
| transaction_import_limitation |
int |
This setting defines the upper limit of how much of an account's transactions history may be downloaded whenever a new account is imported, across all of your users. More technically, it depicts the maximum number of days for which transactions might get downloaded, starting from - and including - the date of the account import. '0' means that there is no limitation. |
|
| is_user_auto_verification_enabled |
bool |
Whether users that are created with this client are automatically verified on creation. If this field is set to 'false', then any user that is created with this client must first be verified with the "Verify a user" service before he can be authorized. If the field is 'true', then no verification is required by the client and the user can be authorized immediately after creation. |
|
| is_mandator_admin |
bool |
Whether this client is a 'Mandator Admin'. Mandator Admins are special clients that can access the 'Mandator Administration' section of finAPI. If you do not yet have credentials for a Mandator Admin, please contact us at support@finapi.io. For further information, please refer to <a href='https://documentation.finapi.io/access/Application-management.2763423767.html' target='_blank'>this page</a> on our Access Public Documentation. |
|
| is_web_scraping_enabled |
bool |
Whether finAPI is allowed to use the WEB_SCRAPER interface for data download or payments. <br/><br/>If this field is set to 'true', then finAPI might download data from the online banking websites of banks (either in addition to other interfaces, or as the sole data source for the download). Also, it will be possible to do payments via the WEB_SCRAPER interface.<br/><br/>If this field is set to 'false', then finAPI will not use any web scrapers. Payments via the WEB_SCRAPER interface will not be possible, and finAPI will not allow any data download for banks where no other interface except WEB_SCRAPER is available. <br/><br/>Please contact your Sys-Admin if you want to change this setting. |
|
| payments_enabled |
bool |
Whether this client is allowed to do payments.<br/><br/>Note that on the Sandbox environment, it is always possible to execute payments (regardless of what this field says), as long as you are using a test bank (see Bank.isTestBank) |
|
| is_standalone_payments_enabled |
bool |
Whether the finAPI Payment product is enabled for this client (doing money transfers for accounts that are not imported in finAPI).<br/><br/>Note that on the Sandbox environment, it is always possible to execute payments (regardless of what this field says), as long as you are using a test bank (see Bank.isTestBank) |
|
| available_bank_groups |
string[] |
|
|
| products |
Product[] |
|
|
| fin_ts_product_registration_number |
string |
The FinTS product registration number. If a value is stored, this will always be 'XXXXX'. |
|
| ais_web_form_mode |
WebFormMode |
<strong>Type:</strong> WebFormMode<br/> Indicates whether the client is using the finAPI Web Form for Account Initiation Services.<br/><br/>Possible values: <br/>• <code>DISABLED</code> - No Web Form is triggered<br/>• <code>INTERNAL</code> - THIS VALUE IS DEPRECATED AND WILL BE REMOVED. Hence, we request customers to foresee a migration to Web Form 2.0 (value <code>EXTERNAL</code>).<br/>End users will be directed to the classical Web Form implementation.<br/>• <code>EXTERNAL</code> - End users will be directed to the <a href='https://documentation.finapi.io/webform/Introduction.2038136860.html' target='_blank'>new Web Form</a> implementation. |
|
| pis_web_form_mode |
WebFormMode |
<strong>Type:</strong> WebFormMode<br/> Indicates whether the client is using the finAPI Web Form for Standard Payment Initiation Services (Payments for accounts that have been imported in finAPI).<br/><br/>Possible values: <br/>• <code>DISABLED</code> - No Web Form is triggered<br/>• <code>INTERNAL</code> - THIS VALUE IS DEPRECATED AND WILL BE REMOVED. Hence, we request customers to foresee a migration to Web Form 2.0 (value <code>EXTERNAL</code>).<br/>End users will be directed to the classical Web Form implementation.<br/>• <code>EXTERNAL</code> - End users will be directed to the <a href='https://documentation.finapi.io/webform/Introduction.2038136860.html' target='_blank'>new Web Form</a> implementation. |
|
| pis_standalone_web_form_mode |
WebFormMode |
<strong>Type:</strong> WebFormMode<br/> Indicates whether the client is using the finAPI Web Form for Standalone Payment Initiation Services (Payments without account import).<br/><br/>Possible values: <br/>• <code>DISABLED</code> - No Web Form is triggered<br/>• <code>INTERNAL</code> - THIS VALUE IS DEPRECATED AND WILL BE REMOVED. Hence, we request customers to foresee a migration to Web Form 2.0 (value <code>EXTERNAL</code>).<br/>End users will be directed to the classical Web Form implementation.<br/>• <code>EXTERNAL</code> - End users will be directed to the <a href='https://documentation.finapi.io/webform/Introduction.2038136860.html' target='_blank'>new Web Form</a> implementation. |
|
| beta_banks_enabled |
bool |
Whether the set of banks that are available to your client contains “Beta banks”. Beta banks provide pre-release interfaces that are still in a beta phase. Communication to the bank via such interfaces might be unstable, and the correctness and/or quality of data delivery or payment execution cannot be guaranteed.<br/>As the word “BETA” already indicates, Beta banks are subject to changes. Their properties, as well as their behaviour can change based on continuous tests and customer feedback. Also, to keep our bank list clean, we might remove Beta banks at any point in time, including all related user data (bank connections, accounts, transactions etc). We still recommend you to enable beta banks in your application, because it enables us to release a stable interface faster. However, you should point it out to your users when using a beta bank (also see field Bank.isBeta).<br/><br/>If this field is true, then the GET /banks services will include beta banks in their results, and you can use beta banks in any service where you can pass a bank identifier. If the field is false, then beta banks will not exist for your client. |
|
| category_restrictions |
\OpenAPIAccess\Client\Model\Category[] |
<strong>Type:</strong> Category<br/> Defines the set of transaction categories to which your client is restricted. When retrieving transactions (via the GET /transactions services), you may request only those transactions whose 'category' is one of the listed categories. If this field is null, then there are no restrictions for your client, and you may retrieve the full set of imported transactions. |
|
| auto_dismount_web_form |
bool |
This flag indicates whether the Web Form should get removed from the parent page automatically once it’s finished. It applies ONLY to the classical embedded Web Form. That means it’s only applied if aisWebFormMode, pisWebFormMode or pisStandaloneWebFormMode are defined as INTERNAL. In case you are using our standalone Web Form by redirecting the user to our Web Form link, this feature has no effect. |
|