MENU navbar-image

Introduction

Public API to create and retrieve payment requests using the Wonderful Payments Public API interface.

This documentation aims to provide all the information you need to work with our API.

Authenticating requests

To authenticate requests, include an Authorization header with the value "Bearer {YOUR_AUTH_KEY}".

All authenticated endpoints are marked with a requires authentication badge in the documentation below.

You can request your Public API token by contacting Wonderful support.

Account Information Services

requires authentication

Returns a list of all Account Links created for this Merchant.

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/account-links" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/account-links"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/account-links';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/account-links'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

requires authentication

Before you can request data from an ASPSP you will need to create an Account Link. The Account Link uses AIS permissions that define what data the User will agree to share from their linked account. If you do not provide a list of permissions we will request ReadAccountsDetail which will allow you to read account names and numbers.

To create an Account Link you must provide the ASPSP name (from the Supported Banks endpoint) and a unique reference to identify the Account Link within your system. You may also supply explicit AIS permissions, an expiry date, and a return URL that will redirect you user back to after the authorisation process.

If you are requesting any Transaction based permissions (ReadTransactionsBasic, ReadTransactionsDetail, ReadTransactionsCredit, ReadTransactionsDebit) we also recommend you set the transaction start and end dates.

The API response will contain a link_url within the aspsp object. You should redirect your customer to this URL to complete the authorisation process. After your customer has been redirected back to your application you should use the "Show Account Link Details" endpoint to check the state of the Account Link has been set to "consented".

Example request:
curl --request POST \
    "https://wonderful.co.uk/api/public/v1/account-links" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"selected_aspsp\": \"natwest_ais\",
    \"merchant_reference\": \"MYREF-661D6B9CB5D09\",
    \"expires_at\": \"2024-07-15T18:02:04+00:00\",
    \"permissions\": [
        [
            \"ReadAccountsDetail\",
            \"ReadBalances\",
            \"ReadTransactionsDetail\",
            \"ReadTransactionsDebits\",
            \"ReadTransactionsCredits\"
        ]
    ],
    \"transactions_start_at\": \"2024-03-15T18:02:04+00:00\",
    \"transactions_end_at\": \"2024-04-15T18:02:04+00:00\",
    \"return_url\": \"https:\\/\\/your-website.example.com\\/redirect\"
}"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/account-links"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "selected_aspsp": "natwest_ais",
    "merchant_reference": "MYREF-661D6B9CB5D09",
    "expires_at": "2024-07-15T18:02:04+00:00",
    "permissions": [
        [
            "ReadAccountsDetail",
            "ReadBalances",
            "ReadTransactionsDetail",
            "ReadTransactionsDebits",
            "ReadTransactionsCredits"
        ]
    ],
    "transactions_start_at": "2024-03-15T18:02:04+00:00",
    "transactions_end_at": "2024-04-15T18:02:04+00:00",
    "return_url": "https:\/\/your-website.example.com\/redirect"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/account-links';
$response = $client->post(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
        'json' => [
            'selected_aspsp' => 'natwest_ais',
            'merchant_reference' => 'MYREF-661D6B9CB5D09',
            'expires_at' => '2024-07-15T18:02:04+00:00',
            'permissions' => [
                [
                    'ReadAccountsDetail',
                    'ReadBalances',
                    'ReadTransactionsDetail',
                    'ReadTransactionsDebits',
                    'ReadTransactionsCredits',
                ],
            ],
            'transactions_start_at' => '2024-03-15T18:02:04+00:00',
            'transactions_end_at' => '2024-04-15T18:02:04+00:00',
            'return_url' => 'https://your-website.example.com/redirect',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/account-links'
payload = {
    "selected_aspsp": "natwest_ais",
    "merchant_reference": "MYREF-661D6B9CB5D09",
    "expires_at": "2024-07-15T18:02:04+00:00",
    "permissions": [
        [
            "ReadAccountsDetail",
            "ReadBalances",
            "ReadTransactionsDetail",
            "ReadTransactionsDebits",
            "ReadTransactionsCredits"
        ]
    ],
    "transactions_start_at": "2024-03-15T18:02:04+00:00",
    "transactions_end_at": "2024-04-15T18:02:04+00:00",
    "return_url": "https:\/\/your-website.example.com\/redirect"
}
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('POST', url, headers=headers, json=payload)
response.json()

Example response (201):


{
    "data": {
        "id": "176491d6",
        "status": "created",
        "merchant_reference": "TEST-1706026366",
        "expires_at": "2024-07-21T16:12:47+00:00",
        "created_at": "2024-01-23T16:12:47+00:00",
        "return_url": "https://your-website.example.com/redirect",
        "permissions": [
            "ReadAccountsDetail",
            "ReadTransactionsDetail",
            "ReadTransactionsCredits",
            "ReadTransactionsDebits",
            "ReadBalances",
            "ReadBeneficiariesDetail",
            "ReadDirectDebits",
            "ReadStandingOrdersDetail",
            "ReadAccountsBasic"
        ],
        "aspsp": {
            "name": "natwest_ais",
            "display_name": "NatWest (Staging)",
            "consent_status": null,
            "link_url": "https://wonderful.co.uk/link-account/176491d6?signature=fa4554d9b0e0bf0ac1ac9c48578994a008e05c146eb5f37d226f5fff99b45373"
        }
    }
}
 

Example response (401, invalid token):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Response

Response Fields

id   string   

The ID of the AIS Account Link. Example: 176491d6

status   string   

The state of the AIS Account Link. Example: created

merchant_reference   string   

The Merchant Reference of the AIS Account Link. Example: TEST-1706026366

expires_at   string   

The ISO 8601 date-time at which the AIS Account Link expires. Example: 2024-07-21T16:12:47+00:00

created_at   string   

The ISO 8601 date-time at which the AIS Account Link was created. Example: 2024-01-23T16:12:47+00:00

return_url   string   

The URL we will redirect the user to after the AIS Account Link has been created. Example: https://your-website.example.com/redirect

permissions   string[]   

The permissions the user has granted to the ASPSP. Example: ["ReadAccountsDetail", "ReadBalances"]

aspsp   object   
name   string   

The ASPSP (Bank) identifier. Example: natwest_ais

display_name   string   

The display name of the ASPSP that you can show to end users. Example: NatWest

consent_status   string   

The consent status at the ASPSP. Example: Authorised

link_url   string   

The URL that you should redirect your customer to, to complete the authorisation process.

requires authentication

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/account-links/odio" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/account-links/odio"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/account-links/odio';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/account-links/odio'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (200):


{
    "data": {
        "id": "176491d6",
        "status": "consented",
        "merchant_reference": "TEST-1706026366",
        "expires_at": "2024-07-21T16:12:58+00:00",
        "created_at": "2024-01-23T16:12:47+00:00",
        "return_url": "https://eoz5oi25gqxj9rb.m.pipedream.net/",
        "permissions": [
            "ReadAccountsDetail",
            "ReadAccountsDetail",
            "ReadAccountsDetail",
            "ReadTransactionsDetail",
            "ReadTransactionsCredits",
            "ReadTransactionsDebits",
            "ReadBalances",
            "ReadBeneficiariesDetail",
            "ReadDirectDebits",
            "ReadStandingOrdersDetail",
            "ReadAccountsBasic"
        ],
        "aspsp": {
            "name": "natwest_ais",
            "display_name": "NatWest (Staging)",
            "consent_status": "Authorised"
        }
    }
}
 

Example response (401, invalid token):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (404, not found):


{
    "status": "error",
    "error_code": "not_found",
    "error_message": "Account link not found."
}
 

Response

Response Fields

id   string   

The ID of the AIS Account Link. Example: 176491d6

status   string   

The state of the AIS Account Link. Example: consented

merchant_reference   string   

The Merchant Reference of the AIS Account Link. Example: TEST-1706026366

expires_at   string   

The ISO 8601 date-time at which the AIS Account Link expires. Example: 2024-07-21T16:12:47+00:00

created_at   string   

The ISO 8601 date-time at which the AIS Account Link was created. Example: 2024-01-23T16:12:47+00:00

return_url   string   

The URL we will redirect the user to after the AIS Account Link has been created. Example: https://your-website.example.com/redirect

permissions   string[]   

The permissions the user has granted to the ASPSP. Example: ["ReadAccountsDetail", "ReadBalances"]

aspsp   object   
name   string   

The ASPSP (Bank) identifier. Example: natwest_ais

display_name   string   

The display name of the ASPSP that you can show to end users. Example: NatWest

consent_status   string   

The consent status at the ASPSP. Example: Authorised

link_url   string   

optional The URL that you should redirect your customer to, to complete the authorisation process.

requires authentication

Example request:
curl --request DELETE \
    "https://wonderful.co.uk/api/public/v1/account-links/rerum" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/account-links/rerum"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/account-links/rerum';
$response = $client->delete(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/account-links/rerum'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('DELETE', url, headers=headers)
response.json()

Accounts

requires authentication

Show account details for all linked Accounts.

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/qui/accounts" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/qui/accounts"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/qui/accounts';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/qui/accounts'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (200):


{
    "data": {
        "account": [
            {
                "account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
                "currency": "GBP",
                "account_type": "Personal",
                "account_sub_type": "Savings",
                "description": "Personal",
                "nickname": "Sydney Beard",
                "account": [
                    {
                        "scheme_name": "UK.OBIE.SortCodeAccountNumber",
                        "identification": "50000012345602",
                        "name": "Sydney Beard"
                    }
                ]
            },
            {
                "account_id": "3910a968-c46a-44d0-b648-015af1e92cfe",
                "currency": "GBP",
                "account_type": "Personal",
                "account_sub_type": "CurrentAccount",
                "description": "Personal",
                "nickname": "Sydney Beard",
                "account": [
                    {
                        "scheme_name": "UK.OBIE.SortCodeAccountNumber",
                        "identification": "50000012345601",
                        "name": "Sydney Beard"
                    }
                ]
            }
        ]
    },
    "links": {
        "self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts"
    }
}
 

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

requires authentication

Account details for a specific linked Account

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/dolore/accounts/alias" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/dolore/accounts/alias"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/dolore/accounts/alias';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/dolore/accounts/alias'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (200):


{
    "data": {
        "account": [
            {
                "account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
                "currency": "GBP",
                "account_type": "Personal",
                "account_sub_type": "Savings",
                "description": "Personal",
                "nickname": "Sydney Beard",
                "account": [
                    {
                        "scheme_name": "UK.OBIE.SortCodeAccountNumber",
                        "identification": "50000012345602",
                        "name": "Sydney Beard"
                    }
                ]
            }
        ]
    },
    "links": {
        "self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696"
    }
}
 

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Balances

requires authentication

Returns the balances for all linked Accounts.

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/veniam/balances" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/veniam/balances"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/veniam/balances';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/veniam/balances'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 997
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (404, endpoint not supported: {):


status":"error","error_code":"not_supported","error_message":"This ASPSP does not support the Balances bulk endpoint","account_link":"176491d6"}
 

requires authentication

List the Balances for a specific linked Account

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/sequi/accounts/dicta/balances" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/sequi/accounts/dicta/balances"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/sequi/accounts/dicta/balances';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/sequi/accounts/dicta/balances'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (200):


{
    "data": {
        "balance": [
            {
                "account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
                "credit_debit_indicator": "Credit",
                "type": "Expected",
                "date_time": "2024-01-16T16:44:36.813Z",
                "amount": {
                    "amount": "94213.07",
                    "currency": "GBP"
                }
            },
            {
                "account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
                "credit_debit_indicator": "Credit",
                "type": "ForwardAvailable",
                "date_time": "2024-01-16T16:44:36.813Z",
                "amount": {
                    "amount": "94213.07",
                    "currency": "GBP"
                }
            }
        ]
    },
    "links": {
        "self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696/balances"
    }
}
 

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Beneficiaries

requires authentication

Beneficiaries of all linked accounts

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/dolorem/beneficiaries" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/dolorem/beneficiaries"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/dolorem/beneficiaries';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/dolorem/beneficiaries'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 996
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (404, endpoint not supported):


{
    "status": "error",
    "error_code": "not_supported",
    "error_message": "This ASPSP does not support the Beneficiaries bulk endpoint",
    "account_link": "176491d6"
}
 

requires authentication

Beneficiaries for a specific linked Account

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/perspiciatis/accounts/quaerat/beneficiaries" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/perspiciatis/accounts/quaerat/beneficiaries"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/perspiciatis/accounts/quaerat/beneficiaries';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/perspiciatis/accounts/quaerat/beneficiaries'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (200):


{
    "data": {
        "beneficiary": []
    },
    "links": {
        "self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696/beneficiaries"
    }
}
 

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Direct Debits

requires authentication

Direct Debits for all linked Accounts

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/omnis/direct-debits" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/omnis/direct-debits"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/omnis/direct-debits';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/omnis/direct-debits'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 995
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (404, endpoint not supported):


{
    "status": "error",
    "error_code": "not_supported",
    "error_message": "This ASPSP does not support the Direct Debit bulk endpoint",
    "account_link": "176491d6"
}
 

requires authentication

Direct Debits for a specific linked Account

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/saepe/accounts/sunt/direct-debits" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/saepe/accounts/sunt/direct-debits"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/saepe/accounts/sunt/direct-debits';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/saepe/accounts/sunt/direct-debits'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (200):


{
    "data": {
        "direct_debit": []
    },
    "links": {
        "self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696/direct-debits"
    }
}
 

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Parties

requires authentication

Returns the details of the user that authorised the Account Link.

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/officia/party" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/officia/party"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/officia/party';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/officia/party'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 994
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

requires authentication

Return details on the account owner(s)/holder(s) and operator(s).

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/eaque/accounts/id/parties" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/eaque/accounts/id/parties"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/eaque/accounts/id/parties';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/eaque/accounts/id/parties'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 993
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

requires authentication

Return details on the account owner/holder:

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/aut/accounts/a/party" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/aut/accounts/a/party"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/aut/accounts/a/party';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/aut/accounts/a/party'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 992
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Scheduled Payments

requires authentication

Scheduled Payments for all linked Accounts

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/esse/scheduled-payments" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/esse/scheduled-payments"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/esse/scheduled-payments';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/esse/scheduled-payments'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 991
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

requires authentication

Scheduled Payments for a specific linked Account

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/doloremque/accounts/possimus/scheduled-payments" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/doloremque/accounts/possimus/scheduled-payments"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/doloremque/accounts/possimus/scheduled-payments';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/doloremque/accounts/possimus/scheduled-payments'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 990
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Standing Orders

requires authentication

Standing Orders for all linked Accounts

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/quam/standing-orders" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/quam/standing-orders"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/quam/standing-orders';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/quam/standing-orders'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 989
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (404, endpoint not supported):


{
    "status": "error",
    "error_code": "not_supported",
    "error_message": "This ASPSP does not support the Standing Orders bulk endpoint",
    "account_link": "176491d6"
}
 

requires authentication

Standing Orders for a specific linked Account

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/qui/accounts/nemo/standing-orders" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/qui/accounts/nemo/standing-orders"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/qui/accounts/nemo/standing-orders';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/qui/accounts/nemo/standing-orders'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (200):


{
    "data": {
        "standing_order": []
    },
    "links": {
        "self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696/standing-orders"
    }
}
 

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Transactions

requires authentication

Transactions for all linked Accounts

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/et/transactions" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/et/transactions"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/et/transactions';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/et/transactions'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 988
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (404, endpoint not supported):


{
    "status": "error",
    "error_code": "not_supported",
    "error_message": "This ASPSP does not support the Transactions bulk endpoint",
    "account_link": "176491d6"
}
 

requires authentication

Transactions for a specific linked Account

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/totam/accounts/iusto/transactions" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/totam/accounts/iusto/transactions"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/totam/accounts/iusto/transactions';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/totam/accounts/iusto/transactions'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (200):


{
    "data": {
        "transaction": [
            {
                "account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
                "transaction_id": "8cda05f1-39bb-4824-84a1-78a41b60260c",
                "credit_debit_indicator": "Debit",
                "status": "Booked",
                "booking_date_time": "2024-01-16T16:44:36.813Z",
                "amount": {
                    "amount": "25.00",
                    "currency": "GBP"
                },
                "proprietary_bank_transaction_code": {
                    "code": "TFR"
                },
                "transaction_information": "WNDRFL000043963",
                "balance": {
                    "credit_debit_indicator": "Credit",
                    "type": "Information",
                    "amount": {
                        "amount": "94213.07",
                        "currency": "GBP"
                    }
                }
            },
            {
                "account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
                "transaction_id": "667de332-ef37-4758-be57-cc063318d75b",
                "credit_debit_indicator": "Debit",
                "status": "Booked",
                "booking_date_time": "2024-01-15T10:16:51.046Z",
                "amount": {
                    "amount": "0.20",
                    "currency": "GBP"
                },
                "proprietary_bank_transaction_code": {
                    "code": "TFR"
                },
                "transaction_information": "WOO-87EB1D-59",
                "balance": {
                    "credit_debit_indicator": "Credit",
                    "type": "Information",
                    "amount": {
                        "amount": "94238.07",
                        "currency": "GBP"
                    }
                }
            }
        ]
    },
    "links": {
        "self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696/transactions"
    }
}
 

Example response (401):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Payment Requests

Show Payment Request.

requires authentication

This endpoint will return the current state of your Payment Request. You will need to provide the Wonderful Payment ID we sent you in the HTTP response when you created the Payment Request, so make sure you keep track of that as that is the only value we currently support to look up an existing payment.

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (200):


{
    "data": {
        "status": "expired",
        "amount": 15,
        "formatted_amount": "0.15",
        "currency": "GBP",
        "customer_email_hash": "832a8c7bcdd314b13178fdef5f94c3f9017250e67d9cc65bd607a02d587321be",
        "payment_reference": "WNDRFL000015550",
        "wonderful_payments_id": "48ee6f08-d6d6-4894-8866-2fdca56bcd2e",
        "created_at": "2022-08-10T14:47:55.000000Z",
        "selected_bank": null,
        "redirect_url": "https://wonderful-org.test/payment-redirect",
        "webhook_url": "https://wonderful-org.test/webhooks/v1/wonderful-payments",
        "is_refundable": false
    }
}
 

Example response (401, Invalid auth token):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Example response (404, Payment Request not found):


{
    "status": "error",
    "error_code": "failed_validation",
    "error_message": "no payment found"
}
 

Request   

GET api/public/v1/payments/{payment}

Headers

Authorization      

Example: Bearer {YOUR_AUTH_KEY}

Content-Type      

Example: application/json

Accept      

Example: application/json

URL Parameters

payment   string   

Wonderful Payment ID. Example: 44a3a820-2d9b-43c6-a4e5-666486ec8cfa

Response

Response Fields

status   string   

Current status. Enum: created, selected, consented, redirected, authed, pending, accepted, completed, rejected, cancelled, errored, expired. Example: completed

amount   integer   

Payment amount in base units (GB Pence). Example 12345

formatted_amount   string   

Formatted payment amount in GBP (Pounds). Example: 123.45

currency   string   

Currency. Example: GBP

customer_email_hash   string   

SHA-256 hash of the customer email address supplied when creating the request. Example: 832a8c7bcdd314b13178fdef5f94c3f9017250e67d9cc65bd607a02d587321be

payment_reference   string   

The Merchant provided payment reference. Example: MY_ORDER_12345

wonderful_payments_id   string   

Wonderful Payments identifider. Example: 44a3a820-2d9b-43c6-a4e5-666486ec8cfa

created_at   string   

ISO-8601 timestamp of when the payment request was created

selected_bank   string   

The display name of the ASPSP (bank) selected by the customer. Example: Bank of Scotland

redirect_url   string   

The URL set by the Merchant to redirect the customer to after payment Example: https://your-website.example.com/payment-complete

webhook_url   string   

The URL set by the Merchant to send webhook status updates to. Example: https://your-website.example.com/webhooks-handler

Create a new Payment Request.

requires authentication

To create a new payment, we need to know who is making the payment, how much the payment should be for, and where to send the person making the payment after they have completed the payment or cancelled. You can also optionally send us an extra URL where we will send you webhook updates as the payment is progressing through the checkout.

If the customer bank name and account details are known they can be set on the request in the payer attribute. Note: If the account details and ASPSP (bank) do not match, the ASPSP will reject the payment request.

Example request:
curl --request POST \
    "https://wonderful.co.uk/api/public/v1/payments" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"customer_email_address\": \"[email protected]\",
    \"merchant_payment_reference\": \"MY_ORDER_12345\",
    \"amount\": 12345,
    \"redirect_url\": \"https:\\/\\/your-website.example.com\\/return-url\",
    \"webhook_url\": \"https:\\/\\/your-website.example.com\\/webhook-url\",
    \"selected_aspsp\": \"natwest\",
    \"consented_at\": \"2024-04-15T18:02:04+00:00\",
    \"payer\": {
        \"account_name\": \"Sydney Beard\",
        \"account_number\": \"12345602\",
        \"sort_code\": \"500000\"
    }
}"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/payments"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "customer_email_address": "[email protected]",
    "merchant_payment_reference": "MY_ORDER_12345",
    "amount": 12345,
    "redirect_url": "https:\/\/your-website.example.com\/return-url",
    "webhook_url": "https:\/\/your-website.example.com\/webhook-url",
    "selected_aspsp": "natwest",
    "consented_at": "2024-04-15T18:02:04+00:00",
    "payer": {
        "account_name": "Sydney Beard",
        "account_number": "12345602",
        "sort_code": "500000"
    }
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/payments';
$response = $client->post(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
        'json' => [
            'customer_email_address' => '[email protected]',
            'merchant_payment_reference' => 'MY_ORDER_12345',
            'amount' => 12345,
            'redirect_url' => 'https://your-website.example.com/return-url',
            'webhook_url' => 'https://your-website.example.com/webhook-url',
            'selected_aspsp' => 'natwest',
            'consented_at' => '2024-04-15T18:02:04+00:00',
            'payer' => [
                'account_name' => 'Sydney Beard',
                'account_number' => '12345602',
                'sort_code' => '500000',
            ],
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/payments'
payload = {
    "customer_email_address": "[email protected]",
    "merchant_payment_reference": "MY_ORDER_12345",
    "amount": 12345,
    "redirect_url": "https:\/\/your-website.example.com\/return-url",
    "webhook_url": "https:\/\/your-website.example.com\/webhook-url",
    "selected_aspsp": "natwest",
    "consented_at": "2024-04-15T18:02:04+00:00",
    "payer": {
        "account_name": "Sydney Beard",
        "account_number": "12345602",
        "sort_code": "500000"
    }
}
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('POST', url, headers=headers, json=payload)
response.json()

Example response (200):


{
    "data": {
        "status": "created",
        "payment_reference": "WNDRFL000015550",
        "wonderful_payments_id": "48ee6f08-d6d6-4894-8866-2fdca56bcd2e",
        "redirect_to": "http://wonderful.co.uk/payments/48ee6f08-d6d6-4894-8866-2fdca56bcd2e"
    }
}
 

Example response (400, Validation error):


{
    "status": "error",
    "error_code": "failed_validation",
    "error_message": "<Details about the validation failure>"
}
 

Example response (401, Invalid auth token):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Request   

POST api/public/v1/payments

Headers

Authorization      

Example: Bearer {YOUR_AUTH_KEY}

Content-Type      

Example: application/json

Accept      

Example: application/json

Body Parameters

customer_email_address   string   

The email address of the person making the payment i.e. the customer. Must be a valid email address. Example: [email protected]

merchant_payment_reference   string   

Your payment reference. This must be unique and should uniquely identify the transaction on your system. Must not be greater than 18 characters. Example: MY_ORDER_12345

amount   integer   

The payment request amount in pence sterling e.g. £12.45 would be sent as 1245. Must be at least 5. Example: 12345

redirect_url   string   

The URL to redirect the customer to after the payment has been completed (or cancelled). Must be a valid URL. Example: https://your-website.example.com/return-url

webhook_url   string  optional  

The URL that you want us to send webhook updates to for this specific transaction. Must be a valid URL. Example: https://your-website.example.com/webhook-url

selected_aspsp   string  optional  

The ASPSP that the customer banks with (this determines which banking app to open). Values should match those provided from the banks list endpoint. This field is required when payer is present. Example: natwest

consented_at   string  optional  

ISO 8601 date time string that represents when the customer consented to Wonderful processing a payment initiation on their behalf. This field is required when selected_aspsp or payer is present. Must be a valid date. Example: 2024-04-15T18:02:04+00:00

payer   object  optional  
account_name   string  optional  

The name of the customer as it appears on their bank account. This field is required when payer is present. Example: Sydney Beard

account_number   string  optional  

The customer's bank account number. Must be 8 digits, zero-padded. This field is required when payer is present. Must be 8 characters. Example: 12345602

sort_code   string  optional  

The customer's bank sort code. Must be 6 digits, zero-padded. This field is required when payer is present. Must be 6 characters. Example: 500000

Response

Response Fields

status   string   

Current status. Example: created

payment_reference   string   

The Merchant provided payment reference. Example: MY_ORDER_12345

wonderful_payments_id   string   

Wonderful Payments identifider. Example: 44a3a820-2d9b-43c6-a4e5-666486ec8cfa

redirect_to   string   

The URL to redirect the customer to. Note: This might be a Wonderful checkout page or in some cases it could be a URL at the selected ASPSP (Bank) Example: https://wonderful.co.uk/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa

Refund Requests

GET api/public/v1/payments/{payment}/refunds

requires authentication

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/payments/quo/refunds" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/payments/quo/refunds"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/payments/quo/refunds';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/payments/quo/refunds'
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers)
response.json()

Example response (401):

Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
access-control-allow-origin: *
 

{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Request   

GET api/public/v1/payments/{payment}/refunds

Headers

Authorization      

Example: Bearer {YOUR_AUTH_KEY}

Content-Type      

Example: application/json

Accept      

Example: application/json

URL Parameters

payment   string   

The payment. Example: quo

Create a new Refund Request.

requires authentication

To create a new refund, we need to how much the refund should be for, and where to send the person making the payment after they have completed the payment or cancelled. You can also optionally send us an extra URL where we will send you webhook updates as the payment is progressing through the checkout.

Example request:
curl --request POST \
    "https://wonderful.co.uk/api/public/v1/payments/eaque/refunds" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"amount\": 12345,
    \"merchant_payment_reference\": \"MY_REFUND_12345\",
    \"redirect_url\": \"https:\\/\\/your-website.example.com\\/return-url\",
    \"webhook_url\": \"https:\\/\\/your-website.example.com\\/webhook-url\"
}"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/payments/eaque/refunds"
);

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "amount": 12345,
    "merchant_payment_reference": "MY_REFUND_12345",
    "redirect_url": "https:\/\/your-website.example.com\/return-url",
    "webhook_url": "https:\/\/your-website.example.com\/webhook-url"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/payments/eaque/refunds';
$response = $client->post(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
        'json' => [
            'amount' => 12345,
            'merchant_payment_reference' => 'MY_REFUND_12345',
            'redirect_url' => 'https://your-website.example.com/return-url',
            'webhook_url' => 'https://your-website.example.com/webhook-url',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/payments/eaque/refunds'
payload = {
    "amount": 12345,
    "merchant_payment_reference": "MY_REFUND_12345",
    "redirect_url": "https:\/\/your-website.example.com\/return-url",
    "webhook_url": "https:\/\/your-website.example.com\/webhook-url"
}
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('POST', url, headers=headers, json=payload)
response.json()

Example response (200):


{
    "data": {
        "status": "created",
        "payment_reference": "WNDRFL000015550",
        "wonderful_payments_id": "48ee6f08-d6d6-4894-8866-2fdca56bcd2e",
        "redirect_to": "https://wonderful.co.uk/payments/48ee6f08-d6d6-4894-8866-2fdca56bcd2e"
    }
}
 

Example response (400, Validation error):


{
    "status": "error",
    "error_code": "failed_validation",
    "error_message": "<Details about the validation failure>"
}
 

Example response (401, Invalid auth token):


{
    "status": "error",
    "error_code": "unauthorized",
    "error_message": "Invalid Bearer Token"
}
 

Request   

POST api/public/v1/payments/{payment}/refunds

Headers

Authorization      

Example: Bearer {YOUR_AUTH_KEY}

Content-Type      

Example: application/json

Accept      

Example: application/json

URL Parameters

payment   string   

The payment. Example: eaque

Body Parameters

amount   integer   

The refund request amount in pence sterling e.g. £12.45 would be sent as 1245. Must be at least 1. Example: 12345

merchant_payment_reference   string  optional  

Your payment reference. This should uniquely identify the refund on your system. Must not be greater than 18 characters. Example: MY_REFUND_12345

redirect_url   string   

The URL to redirect the merchant to after the refund has been completed (or cancelled). Must be a valid URL. Example: https://your-website.example.com/return-url

webhook_url   string  optional  

The URL that you want us to send webhook updates to for this specific refund. Must be a valid URL. Example: https://your-website.example.com/webhook-url

Response

Response Fields

status   string   

Current status. Example: created

payment_reference   string   

The Merchant provided payment reference. Example: MY_ORDER_12345

wonderful_payments_id   string   

Wonderful Payments identifider. Example: 44a3a820-2d9b-43c6-a4e5-666486ec8cfa

redirect_to   string   

The URL to redirect the customer to. Note: This might be a Wonderful checkout page or in some cases it could be a URL at the selected ASPSP (Bank) Example: https://wonderful.co.uk/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa

Supported Banks

Active ASPSPs List

requires authentication

Returns a list of the currently supported ASPSPs, with their current status and latest logo image. The status could be:

When an ASPSP is marked as issues we may be experiencing some connectivity or processing errors between Wonderful Payments and the ASPSP. Our systems normally self-heal and return ASPSPs to online when they detect normal service has resumed. In cases where an ASPSP is marked offline there may be an active service incident or a situation where we have manually disabled the connection for our customers benefit. Service disruptions will be communicated on our social channels and on our Wonderful Support website.

Selecting the ASPSP at the time of checkout

When creating a Payment Request with the ASPSP selected at the Merchant, use the aspsp_name from this endpoint as the selected_aspsp value when creating the Payment Request. For example, to select "Bank of Scotland" use the value bos.

Example request:
curl --request GET \
    --get "https://wonderful.co.uk/api/public/v1/supported-banks?type=pis" \
    --header "Authorization: Bearer {YOUR_AUTH_KEY}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"
const url = new URL(
    "https://wonderful.co.uk/api/public/v1/supported-banks"
);

const params = {
    "type": "pis",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {YOUR_AUTH_KEY}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/supported-banks';
$response = $client->get(
    $url,
    [
        'headers' => [
            'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
            'Content-Type' => 'application/json',
            'Accept' => 'application/json',
        ],
        'query' => [
            'type' => 'pis',
        ],
    ]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json

url = 'https://wonderful.co.uk/api/public/v1/supported-banks'
params = {
  'type': 'pis',
}
headers = {
  'Authorization': 'Bearer {YOUR_AUTH_KEY}',
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

response = requests.request('GET', url, headers=headers, params=params)
response.json()

Example response (200):


{
    "data": {
        "aspsp_name": "santander",
        "display_name": "SANTANDER (sandbox)",
        "logo": "http://wonderful.co.uk/img/bank_logos/santander.png",
        "status": "issues"
    }
}
 

Example response (200, PIS (Payments) list):


{
    "data": [
        {
            "aspsp_name": "aib",
            "display_name": "Allied Irish Bank (GB)",
            "logo": "https://payments.test/img/bank_logos/aib.png",
            "status": "online"
        },
        {
            "aspsp_name": "danske",
            "display_name": "Danske Bank",
            "logo": "https://payments.test/img/bank_logos/danske.png",
            "status": "online"
        }
    ]
}
 

Request   

GET api/public/v1/supported-banks

Headers

Authorization      

Example: Bearer {YOUR_AUTH_KEY}

Content-Type      

Example: application/json

Accept      

Example: application/json

Query Parameters

type   string  optional  

The ASPSP type you require. Set to ais to return AIS (accounts) banks. Returns PIS (payments) by default. Example: pis

Must be one of:
  • ais
  • pis

Response

Response Fields

aspsp_name   string   

The ASPSP (Bank) identifier to use in the Create Payment Request call.

display_name   string   

The display name of the ASPSP that you can show to end users.

logo   string   

URL to the ASPSP logo, hosted on the Wonderful Payments platform.

status   string   

The current ASPSP status. Enum: online, issues, offline Example: online