Introduction
Public API to create and retrieve payment requests using the Wonderful Payments Public API interface.
This documentation aims to provide all the information you need to work with our API.
Authenticating requests
To authenticate requests, include an Authorization
header with the value "Bearer {YOUR_AUTH_KEY}"
.
All authenticated endpoints are marked with a requires authentication
badge in the documentation below.
You can request your Public API token by contacting Wonderful support.
Account Information Services
Account Links
List Account Links
requires authentication
Returns a list of all Account Links created for this Merchant.
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/account-links" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/account-links"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/account-links';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/account-links'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Create Account Link Request
requires authentication
Before you can request data from an ASPSP you will need to create an Account Link.
The Account Link uses AIS permissions that define what data the User will agree to
share from their linked account. If you do not provide a list of permissions we will
request ReadAccountsDetail
which will allow you to read account names and numbers.
To create an Account Link you must provide the ASPSP name (from the Supported Banks endpoint) and a unique reference to identify the Account Link within your system. You may also supply explicit AIS permissions, an expiry date, and a return URL that will redirect you user back to after the authorisation process.
If you are requesting any Transaction based permissions (ReadTransactionsBasic
,
ReadTransactionsDetail
, ReadTransactionsCredit
, ReadTransactionsDebit
)
we also recommend you set the transaction start and end dates.
The API response will contain a link_url
within the aspsp
object. You should redirect
your customer to this URL to complete the authorisation process. After your customer
has been redirected back to your application you should use the "Show Account Link Details"
endpoint to check the state of the Account Link has been set to "consented".
Example request:
curl --request POST \
"https://wonderful.co.uk/api/public/v1/account-links" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"selected_aspsp\": \"natwest_ais\",
\"merchant_reference\": \"MYREF-661D6B9CB5D09\",
\"expires_at\": \"2024-07-15T18:02:04+00:00\",
\"permissions\": [
[
\"ReadAccountsDetail\",
\"ReadBalances\",
\"ReadTransactionsDetail\",
\"ReadTransactionsDebits\",
\"ReadTransactionsCredits\"
]
],
\"transactions_start_at\": \"2024-03-15T18:02:04+00:00\",
\"transactions_end_at\": \"2024-04-15T18:02:04+00:00\",
\"return_url\": \"https:\\/\\/your-website.example.com\\/redirect\"
}"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/account-links"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"selected_aspsp": "natwest_ais",
"merchant_reference": "MYREF-661D6B9CB5D09",
"expires_at": "2024-07-15T18:02:04+00:00",
"permissions": [
[
"ReadAccountsDetail",
"ReadBalances",
"ReadTransactionsDetail",
"ReadTransactionsDebits",
"ReadTransactionsCredits"
]
],
"transactions_start_at": "2024-03-15T18:02:04+00:00",
"transactions_end_at": "2024-04-15T18:02:04+00:00",
"return_url": "https:\/\/your-website.example.com\/redirect"
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/account-links';
$response = $client->post(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
'json' => [
'selected_aspsp' => 'natwest_ais',
'merchant_reference' => 'MYREF-661D6B9CB5D09',
'expires_at' => '2024-07-15T18:02:04+00:00',
'permissions' => [
[
'ReadAccountsDetail',
'ReadBalances',
'ReadTransactionsDetail',
'ReadTransactionsDebits',
'ReadTransactionsCredits',
],
],
'transactions_start_at' => '2024-03-15T18:02:04+00:00',
'transactions_end_at' => '2024-04-15T18:02:04+00:00',
'return_url' => 'https://your-website.example.com/redirect',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/account-links'
payload = {
"selected_aspsp": "natwest_ais",
"merchant_reference": "MYREF-661D6B9CB5D09",
"expires_at": "2024-07-15T18:02:04+00:00",
"permissions": [
[
"ReadAccountsDetail",
"ReadBalances",
"ReadTransactionsDetail",
"ReadTransactionsDebits",
"ReadTransactionsCredits"
]
],
"transactions_start_at": "2024-03-15T18:02:04+00:00",
"transactions_end_at": "2024-04-15T18:02:04+00:00",
"return_url": "https:\/\/your-website.example.com\/redirect"
}
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('POST', url, headers=headers, json=payload)
response.json()
Example response (201):
{
"data": {
"id": "176491d6",
"status": "created",
"merchant_reference": "TEST-1706026366",
"expires_at": "2024-07-21T16:12:47+00:00",
"created_at": "2024-01-23T16:12:47+00:00",
"return_url": "https://your-website.example.com/redirect",
"permissions": [
"ReadAccountsDetail",
"ReadTransactionsDetail",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadBalances",
"ReadBeneficiariesDetail",
"ReadDirectDebits",
"ReadStandingOrdersDetail",
"ReadAccountsBasic"
],
"aspsp": {
"name": "natwest_ais",
"display_name": "NatWest (Staging)",
"consent_status": null,
"link_url": "https://wonderful.co.uk/link-account/176491d6?signature=fa4554d9b0e0bf0ac1ac9c48578994a008e05c146eb5f37d226f5fff99b45373"
}
}
}
Example response (401, invalid token):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Response
Response Fields
id
string
The ID of the AIS Account Link. Example: 176491d6
status
string
The state of the AIS Account Link. Example: created
merchant_reference
string
The Merchant Reference of the AIS Account Link. Example: TEST-1706026366
expires_at
string
The ISO 8601 date-time at which the AIS Account Link expires. Example: 2024-07-21T16:12:47+00:00
created_at
string
The ISO 8601 date-time at which the AIS Account Link was created. Example: 2024-01-23T16:12:47+00:00
return_url
string
The URL we will redirect the user to after the AIS Account Link has been created. Example: https://your-website.example.com/redirect
permissions
string[]
The permissions the user has granted to the ASPSP. Example: ["ReadAccountsDetail", "ReadBalances"]
aspsp
object
name
string
The ASPSP (Bank) identifier. Example: natwest_ais
display_name
string
The display name of the ASPSP that you can show to end users. Example: NatWest
consent_status
string
The consent status at the ASPSP. Example: Authorised
link_url
string
The URL that you should redirect your customer to, to complete the authorisation process.
Show Account Link Details
requires authentication
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/account-links/odio" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/account-links/odio"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/account-links/odio';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/account-links/odio'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (200):
{
"data": {
"id": "176491d6",
"status": "consented",
"merchant_reference": "TEST-1706026366",
"expires_at": "2024-07-21T16:12:58+00:00",
"created_at": "2024-01-23T16:12:47+00:00",
"return_url": "https://eoz5oi25gqxj9rb.m.pipedream.net/",
"permissions": [
"ReadAccountsDetail",
"ReadAccountsDetail",
"ReadAccountsDetail",
"ReadTransactionsDetail",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadBalances",
"ReadBeneficiariesDetail",
"ReadDirectDebits",
"ReadStandingOrdersDetail",
"ReadAccountsBasic"
],
"aspsp": {
"name": "natwest_ais",
"display_name": "NatWest (Staging)",
"consent_status": "Authorised"
}
}
}
Example response (401, invalid token):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (404, not found):
{
"status": "error",
"error_code": "not_found",
"error_message": "Account link not found."
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Response
Response Fields
id
string
The ID of the AIS Account Link. Example: 176491d6
status
string
The state of the AIS Account Link. Example: consented
merchant_reference
string
The Merchant Reference of the AIS Account Link. Example: TEST-1706026366
expires_at
string
The ISO 8601 date-time at which the AIS Account Link expires. Example: 2024-07-21T16:12:47+00:00
created_at
string
The ISO 8601 date-time at which the AIS Account Link was created. Example: 2024-01-23T16:12:47+00:00
return_url
string
The URL we will redirect the user to after the AIS Account Link has been created. Example: https://your-website.example.com/redirect
permissions
string[]
The permissions the user has granted to the ASPSP. Example: ["ReadAccountsDetail", "ReadBalances"]
aspsp
object
name
string
The ASPSP (Bank) identifier. Example: natwest_ais
display_name
string
The display name of the ASPSP that you can show to end users. Example: NatWest
consent_status
string
The consent status at the ASPSP. Example: Authorised
link_url
string
optional The URL that you should redirect your customer to, to complete the authorisation process.
Revoke Account Link
requires authentication
Example request:
curl --request DELETE \
"https://wonderful.co.uk/api/public/v1/account-links/rerum" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/account-links/rerum"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "DELETE",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/account-links/rerum';
$response = $client->delete(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/account-links/rerum'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('DELETE', url, headers=headers)
response.json()
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Accounts
List Accounts
requires authentication
Show account details for all linked Accounts.
- Requires permissions:
ReadAccountsBasic
orReadAccountsDetail
- OB Endpoint: GET /accounts
- ASPSP Implementation : Mandatory
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/qui/accounts" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/qui/accounts"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/qui/accounts';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/qui/accounts'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (200):
{
"data": {
"account": [
{
"account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
"currency": "GBP",
"account_type": "Personal",
"account_sub_type": "Savings",
"description": "Personal",
"nickname": "Sydney Beard",
"account": [
{
"scheme_name": "UK.OBIE.SortCodeAccountNumber",
"identification": "50000012345602",
"name": "Sydney Beard"
}
]
},
{
"account_id": "3910a968-c46a-44d0-b648-015af1e92cfe",
"currency": "GBP",
"account_type": "Personal",
"account_sub_type": "CurrentAccount",
"description": "Personal",
"nickname": "Sydney Beard",
"account": [
{
"scheme_name": "UK.OBIE.SortCodeAccountNumber",
"identification": "50000012345601",
"name": "Sydney Beard"
}
]
}
]
},
"links": {
"self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts"
}
}
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Show Account Details
requires authentication
Account details for a specific linked Account
- Requires permissions:
ReadAccountsBasic
orReadAccountsDetail
- OB Endpoint: GET /accounts/{accountId}
- ASPSP Implementation : Mandatory
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/dolore/accounts/alias" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/dolore/accounts/alias"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/dolore/accounts/alias';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/dolore/accounts/alias'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (200):
{
"data": {
"account": [
{
"account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
"currency": "GBP",
"account_type": "Personal",
"account_sub_type": "Savings",
"description": "Personal",
"nickname": "Sydney Beard",
"account": [
{
"scheme_name": "UK.OBIE.SortCodeAccountNumber",
"identification": "50000012345602",
"name": "Sydney Beard"
}
]
}
]
},
"links": {
"self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696"
}
}
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Balances
List Balances
requires authentication
Returns the balances for all linked Accounts.
- Requires permissions:
ReadBalances
- OB Endpoint: GET /balances
- ASPSP Implementation : Optional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/veniam/balances" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/veniam/balances"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/veniam/balances';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/veniam/balances'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 997
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (404, endpoint not supported: {):
status":"error","error_code":"not_supported","error_message":"This ASPSP does not support the Balances bulk endpoint","account_link":"176491d6"}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Account Balances
requires authentication
List the Balances for a specific linked Account
- Requires permissions:
ReadBalances
- OB Endpoint: GET /accounts/{accountId}/balances
- ASPSP Implementation : Mandatory
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/sequi/accounts/dicta/balances" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/sequi/accounts/dicta/balances"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/sequi/accounts/dicta/balances';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/sequi/accounts/dicta/balances'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (200):
{
"data": {
"balance": [
{
"account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
"credit_debit_indicator": "Credit",
"type": "Expected",
"date_time": "2024-01-16T16:44:36.813Z",
"amount": {
"amount": "94213.07",
"currency": "GBP"
}
},
{
"account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
"credit_debit_indicator": "Credit",
"type": "ForwardAvailable",
"date_time": "2024-01-16T16:44:36.813Z",
"amount": {
"amount": "94213.07",
"currency": "GBP"
}
}
]
},
"links": {
"self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696/balances"
}
}
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Beneficiaries
List Beneficiaries
requires authentication
Beneficiaries of all linked accounts
- Requires permissions:
ReadBeneficiariesBasic
orReadBeneficiariesDetail
- OB Endpoint: GET /beneficiaries
- ASPSP Implementation : Optional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/dolorem/beneficiaries" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/dolorem/beneficiaries"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/dolorem/beneficiaries';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/dolorem/beneficiaries'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 996
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (404, endpoint not supported):
{
"status": "error",
"error_code": "not_supported",
"error_message": "This ASPSP does not support the Beneficiaries bulk endpoint",
"account_link": "176491d6"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Account Beneficiaries
requires authentication
Beneficiaries for a specific linked Account
- Requires permissions:
ReadBeneficiariesBasic
orReadBeneficiariesDetail
- OB Endpoint: GET /accounts/{accountId}/beneficiaries
- ASPSP Implementation : Conditional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/perspiciatis/accounts/quaerat/beneficiaries" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/perspiciatis/accounts/quaerat/beneficiaries"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/perspiciatis/accounts/quaerat/beneficiaries';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/perspiciatis/accounts/quaerat/beneficiaries'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (200):
{
"data": {
"beneficiary": []
},
"links": {
"self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696/beneficiaries"
}
}
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Direct Debits
List Direct Debits
requires authentication
Direct Debits for all linked Accounts
- Requires permissions:
ReadDirectDebits
- OB Endpoint: GET /direct-debits
- ASPSP Implementation : Optional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/omnis/direct-debits" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/omnis/direct-debits"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/omnis/direct-debits';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/omnis/direct-debits'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 995
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (404, endpoint not supported):
{
"status": "error",
"error_code": "not_supported",
"error_message": "This ASPSP does not support the Direct Debit bulk endpoint",
"account_link": "176491d6"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Account Direct Debits
requires authentication
Direct Debits for a specific linked Account
- Requires permissions:
ReadDirectDebits
- OB Endpoint: GET /accounts/{accountId}/direct-debits
- ASPSP Implementation : Conditional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/saepe/accounts/sunt/direct-debits" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/saepe/accounts/sunt/direct-debits"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/saepe/accounts/sunt/direct-debits';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/saepe/accounts/sunt/direct-debits'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (200):
{
"data": {
"direct_debit": []
},
"links": {
"self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696/direct-debits"
}
}
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Parties
PSU Party
requires authentication
Returns the details of the user that authorised the Account Link.
- Requires permissions:
ReadPartyPSU
- OB Endpoint: GET /party
- ASPSP Implementation : Conditional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/officia/party" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/officia/party"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/officia/party';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/officia/party'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 994
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Account Parties
requires authentication
Return details on the account owner(s)/holder(s) and operator(s).
- Requires permissions:
ReadParty
- OB Endpoint: GET /accounts/{accountId}/parties
- ASPSP Implementation : Conditional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/eaque/accounts/id/parties" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/eaque/accounts/id/parties"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/eaque/accounts/id/parties';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/eaque/accounts/id/parties'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 993
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Account Party
requires authentication
Return details on the account owner/holder:
-
In the case of a business, this will be the details of the business
-
In the case of a joint account, this will be the party that has given authorisation to the AISP to view the account
-
Requires permissions:
ReadParty
-
OB Endpoint: GET /accounts/{accountId}/party
-
ASPSP Implementation : Conditional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/aut/accounts/a/party" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/aut/accounts/a/party"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/aut/accounts/a/party';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/aut/accounts/a/party'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 992
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Scheduled Payments
List Scheduled Payments
requires authentication
Scheduled Payments for all linked Accounts
- Requires permissions:
ReadScheduledPaymentsBasic
orReadScheduledPaymentsDetail
- OB Endpoint: GET /scheduled-payments
- ASPSP Implementation : Optional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/esse/scheduled-payments" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/esse/scheduled-payments"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/esse/scheduled-payments';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/esse/scheduled-payments'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 991
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Account Scheduled Payments
requires authentication
Scheduled Payments for a specific linked Account
- Requires permissions:
ReadScheduledPaymentsBasic
orReadScheduledPaymentsDetail
- OB Endpoint: GET /accounts/{accountId}/scheduled-payments
- ASPSP Implementation : Conditional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/doloremque/accounts/possimus/scheduled-payments" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/doloremque/accounts/possimus/scheduled-payments"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/doloremque/accounts/possimus/scheduled-payments';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/doloremque/accounts/possimus/scheduled-payments'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 990
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Standing Orders
List Standing Orders
requires authentication
Standing Orders for all linked Accounts
- Requires permissions:
ReadStandingOrdersBasic
orReadStandingOrdersDetail
- OB Endpoint: GET /standing-orders
- ASPSP Implementation : Optional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/quam/standing-orders" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/quam/standing-orders"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/quam/standing-orders';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/quam/standing-orders'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 989
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (404, endpoint not supported):
{
"status": "error",
"error_code": "not_supported",
"error_message": "This ASPSP does not support the Standing Orders bulk endpoint",
"account_link": "176491d6"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Account Standing Orders
requires authentication
Standing Orders for a specific linked Account
- Requires permissions:
ReadStandingOrdersBasic
orReadStandingOrdersDetail
- OB Endpoint: GET /accounts/{accountId}/standing-orders
- ASPSP Implementation : Conditional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/qui/accounts/nemo/standing-orders" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/qui/accounts/nemo/standing-orders"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/qui/accounts/nemo/standing-orders';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/qui/accounts/nemo/standing-orders'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (200):
{
"data": {
"standing_order": []
},
"links": {
"self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696/standing-orders"
}
}
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Transactions
List Transactions
requires authentication
Transactions for all linked Accounts
- Requires permissions:
ReadTransactionsCredits
and/orReadTransactionsDebits
, plusReadTransactionsBasic
orReadTransactionsDetail
- OB Endpoint: GET /transactions
- ASPSP Implementation : Optional
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/et/transactions" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/et/transactions"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/et/transactions';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/et/transactions'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 988
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (404, endpoint not supported):
{
"status": "error",
"error_code": "not_supported",
"error_message": "This ASPSP does not support the Transactions bulk endpoint",
"account_link": "176491d6"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Account Transactions
requires authentication
Transactions for a specific linked Account
- Requires permissions:
ReadTransactionsCredits
and/orReadTransactionsDebits
, plusReadTransactionsBasic
orReadTransactionsDetail
- OB Endpoint: GET /accounts/{accountId}/transactions
- ASPSP Implementation : Mandatory
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/totam/accounts/iusto/transactions" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/totam/accounts/iusto/transactions"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/totam/accounts/iusto/transactions';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/totam/accounts/iusto/transactions'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (200):
{
"data": {
"transaction": [
{
"account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
"transaction_id": "8cda05f1-39bb-4824-84a1-78a41b60260c",
"credit_debit_indicator": "Debit",
"status": "Booked",
"booking_date_time": "2024-01-16T16:44:36.813Z",
"amount": {
"amount": "25.00",
"currency": "GBP"
},
"proprietary_bank_transaction_code": {
"code": "TFR"
},
"transaction_information": "WNDRFL000043963",
"balance": {
"credit_debit_indicator": "Credit",
"type": "Information",
"amount": {
"amount": "94213.07",
"currency": "GBP"
}
}
},
{
"account_id": "184bfebc-1314-41aa-9d76-af7e84f90696",
"transaction_id": "667de332-ef37-4758-be57-cc063318d75b",
"credit_debit_indicator": "Debit",
"status": "Booked",
"booking_date_time": "2024-01-15T10:16:51.046Z",
"amount": {
"amount": "0.20",
"currency": "GBP"
},
"proprietary_bank_transaction_code": {
"code": "TFR"
},
"transaction_information": "WOO-87EB1D-59",
"balance": {
"credit_debit_indicator": "Credit",
"type": "Information",
"amount": {
"amount": "94238.07",
"currency": "GBP"
}
}
}
]
},
"links": {
"self": "https://wonderful.co.uk/api/public/v1/176491d6/accounts/184bfebc-1314-41aa-9d76-af7e84f90696/transactions"
}
}
Example response (401):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Payment Requests
Show Payment Request.
requires authentication
This endpoint will return the current state of your Payment Request. You will need to provide the Wonderful Payment ID we sent you in the HTTP response when you created the Payment Request, so make sure you keep track of that as that is the only value we currently support to look up an existing payment.
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (200):
{
"data": {
"status": "expired",
"amount": 15,
"formatted_amount": "0.15",
"currency": "GBP",
"customer_email_hash": "832a8c7bcdd314b13178fdef5f94c3f9017250e67d9cc65bd607a02d587321be",
"payment_reference": "WNDRFL000015550",
"wonderful_payments_id": "48ee6f08-d6d6-4894-8866-2fdca56bcd2e",
"created_at": "2022-08-10T14:47:55.000000Z",
"selected_bank": null,
"redirect_url": "https://wonderful-org.test/payment-redirect",
"webhook_url": "https://wonderful-org.test/webhooks/v1/wonderful-payments",
"is_refundable": false
}
}
Example response (401, Invalid auth token):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Example response (404, Payment Request not found):
{
"status": "error",
"error_code": "failed_validation",
"error_message": "no payment found"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Response
Response Fields
status
string
Current status. Enum: created, selected, consented, redirected, authed, pending, accepted, completed, rejected, cancelled, errored, expired. Example: completed
amount
integer
Payment amount in base units (GB Pence). Example 12345
formatted_amount
string
Formatted payment amount in GBP (Pounds). Example: 123.45
currency
string
Currency. Example: GBP
customer_email_hash
string
SHA-256 hash of the customer email address supplied when creating the request. Example: 832a8c7bcdd314b13178fdef5f94c3f9017250e67d9cc65bd607a02d587321be
payment_reference
string
The Merchant provided payment reference. Example: MY_ORDER_12345
wonderful_payments_id
string
Wonderful Payments identifider. Example: 44a3a820-2d9b-43c6-a4e5-666486ec8cfa
created_at
string
ISO-8601 timestamp of when the payment request was created
selected_bank
string
The display name of the ASPSP (bank) selected by the customer. Example: Bank of Scotland
redirect_url
string
The URL set by the Merchant to redirect the customer to after payment Example: https://your-website.example.com/payment-complete
webhook_url
string
The URL set by the Merchant to send webhook status updates to. Example: https://your-website.example.com/webhooks-handler
Create a new Payment Request.
requires authentication
To create a new payment, we need to know who is making the payment, how much the payment should be for, and where to send the person making the payment after they have completed the payment or cancelled. You can also optionally send us an extra URL where we will send you webhook updates as the payment is progressing through the checkout.
If the customer bank name and account details are known they can be set on the request in the payer
attribute.
Note: If the account details and ASPSP (bank) do not match, the ASPSP will reject the payment request.
Example request:
curl --request POST \
"https://wonderful.co.uk/api/public/v1/payments" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"customer_email_address\": \"[email protected]\",
\"merchant_payment_reference\": \"MY_ORDER_12345\",
\"amount\": 12345,
\"redirect_url\": \"https:\\/\\/your-website.example.com\\/return-url\",
\"webhook_url\": \"https:\\/\\/your-website.example.com\\/webhook-url\",
\"selected_aspsp\": \"natwest\",
\"consented_at\": \"2024-04-15T18:02:04+00:00\",
\"payer\": {
\"account_name\": \"Sydney Beard\",
\"account_number\": \"12345602\",
\"sort_code\": \"500000\"
}
}"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/payments"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"customer_email_address": "[email protected]",
"merchant_payment_reference": "MY_ORDER_12345",
"amount": 12345,
"redirect_url": "https:\/\/your-website.example.com\/return-url",
"webhook_url": "https:\/\/your-website.example.com\/webhook-url",
"selected_aspsp": "natwest",
"consented_at": "2024-04-15T18:02:04+00:00",
"payer": {
"account_name": "Sydney Beard",
"account_number": "12345602",
"sort_code": "500000"
}
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/payments';
$response = $client->post(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
'json' => [
'customer_email_address' => '[email protected]',
'merchant_payment_reference' => 'MY_ORDER_12345',
'amount' => 12345,
'redirect_url' => 'https://your-website.example.com/return-url',
'webhook_url' => 'https://your-website.example.com/webhook-url',
'selected_aspsp' => 'natwest',
'consented_at' => '2024-04-15T18:02:04+00:00',
'payer' => [
'account_name' => 'Sydney Beard',
'account_number' => '12345602',
'sort_code' => '500000',
],
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/payments'
payload = {
"customer_email_address": "[email protected]",
"merchant_payment_reference": "MY_ORDER_12345",
"amount": 12345,
"redirect_url": "https:\/\/your-website.example.com\/return-url",
"webhook_url": "https:\/\/your-website.example.com\/webhook-url",
"selected_aspsp": "natwest",
"consented_at": "2024-04-15T18:02:04+00:00",
"payer": {
"account_name": "Sydney Beard",
"account_number": "12345602",
"sort_code": "500000"
}
}
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('POST', url, headers=headers, json=payload)
response.json()
Example response (200):
{
"data": {
"status": "created",
"payment_reference": "WNDRFL000015550",
"wonderful_payments_id": "48ee6f08-d6d6-4894-8866-2fdca56bcd2e",
"redirect_to": "http://wonderful.co.uk/payments/48ee6f08-d6d6-4894-8866-2fdca56bcd2e"
}
}
Example response (400, Validation error):
{
"status": "error",
"error_code": "failed_validation",
"error_message": "<Details about the validation failure>"
}
Example response (401, Invalid auth token):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Response
Response Fields
status
string
Current status. Example: created
payment_reference
string
The Merchant provided payment reference. Example: MY_ORDER_12345
wonderful_payments_id
string
Wonderful Payments identifider. Example: 44a3a820-2d9b-43c6-a4e5-666486ec8cfa
redirect_to
string
The URL to redirect the customer to. Note: This might be a Wonderful checkout page or in some cases it could be a URL at the selected ASPSP (Bank) Example: https://wonderful.co.uk/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa
Refund Requests
GET api/public/v1/payments/{payment}/refunds
requires authentication
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/payments/quo/refunds" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/payments/quo/refunds"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/payments/quo/refunds';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/payments/quo/refunds'
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers)
response.json()
Example response (401):
Show headers
cache-control: no-cache, private
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
access-control-allow-origin: *
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Create a new Refund Request.
requires authentication
To create a new refund, we need to how much the refund should be for, and where to send the person making the payment after they have completed the payment or cancelled. You can also optionally send us an extra URL where we will send you webhook updates as the payment is progressing through the checkout.
Example request:
curl --request POST \
"https://wonderful.co.uk/api/public/v1/payments/eaque/refunds" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data "{
\"amount\": 12345,
\"merchant_payment_reference\": \"MY_REFUND_12345\",
\"redirect_url\": \"https:\\/\\/your-website.example.com\\/return-url\",
\"webhook_url\": \"https:\\/\\/your-website.example.com\\/webhook-url\"
}"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/payments/eaque/refunds"
);
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
let body = {
"amount": 12345,
"merchant_payment_reference": "MY_REFUND_12345",
"redirect_url": "https:\/\/your-website.example.com\/return-url",
"webhook_url": "https:\/\/your-website.example.com\/webhook-url"
};
fetch(url, {
method: "POST",
headers,
body: JSON.stringify(body),
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/payments/eaque/refunds';
$response = $client->post(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
'json' => [
'amount' => 12345,
'merchant_payment_reference' => 'MY_REFUND_12345',
'redirect_url' => 'https://your-website.example.com/return-url',
'webhook_url' => 'https://your-website.example.com/webhook-url',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/payments/eaque/refunds'
payload = {
"amount": 12345,
"merchant_payment_reference": "MY_REFUND_12345",
"redirect_url": "https:\/\/your-website.example.com\/return-url",
"webhook_url": "https:\/\/your-website.example.com\/webhook-url"
}
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('POST', url, headers=headers, json=payload)
response.json()
Example response (200):
{
"data": {
"status": "created",
"payment_reference": "WNDRFL000015550",
"wonderful_payments_id": "48ee6f08-d6d6-4894-8866-2fdca56bcd2e",
"redirect_to": "https://wonderful.co.uk/payments/48ee6f08-d6d6-4894-8866-2fdca56bcd2e"
}
}
Example response (400, Validation error):
{
"status": "error",
"error_code": "failed_validation",
"error_message": "<Details about the validation failure>"
}
Example response (401, Invalid auth token):
{
"status": "error",
"error_code": "unauthorized",
"error_message": "Invalid Bearer Token"
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Response
Response Fields
status
string
Current status. Example: created
payment_reference
string
The Merchant provided payment reference. Example: MY_ORDER_12345
wonderful_payments_id
string
Wonderful Payments identifider. Example: 44a3a820-2d9b-43c6-a4e5-666486ec8cfa
redirect_to
string
The URL to redirect the customer to. Note: This might be a Wonderful checkout page or in some cases it could be a URL at the selected ASPSP (Bank) Example: https://wonderful.co.uk/payments/44a3a820-2d9b-43c6-a4e5-666486ec8cfa
Supported Banks
Active ASPSPs List
requires authentication
Returns a list of the currently supported ASPSPs, with their current status and latest logo image. The status could be:
online
: no issues reported, payments are being accepted.issues
: payments are being accepted, but we are aware of some service degradation.offline
: we support this bank, but payments are not currently being accepted.
When an ASPSP is marked as issues
we may be experiencing some connectivity or processing errors
between Wonderful Payments and the ASPSP. Our systems normally self-heal and return ASPSPs to online
when they detect normal service has resumed.
In cases where an ASPSP is marked offline
there may be an active service incident or a situation
where we have manually disabled the connection for our customers benefit. Service disruptions
will be communicated on our social channels and on our
Wonderful Support website.
Selecting the ASPSP at the time of checkout
When creating a Payment Request with the ASPSP selected at the Merchant, use the aspsp_name
from this endpoint as the selected_aspsp
value when creating the Payment Request.
For example, to select "Bank of Scotland" use the value bos
.
Example request:
curl --request GET \
--get "https://wonderful.co.uk/api/public/v1/supported-banks?type=pis" \
--header "Authorization: Bearer {YOUR_AUTH_KEY}" \
--header "Content-Type: application/json" \
--header "Accept: application/json"
const url = new URL(
"https://wonderful.co.uk/api/public/v1/supported-banks"
);
const params = {
"type": "pis",
};
Object.keys(params)
.forEach(key => url.searchParams.append(key, params[key]));
const headers = {
"Authorization": "Bearer {YOUR_AUTH_KEY}",
"Content-Type": "application/json",
"Accept": "application/json",
};
fetch(url, {
method: "GET",
headers,
}).then(response => response.json());
$client = new \GuzzleHttp\Client();
$url = 'https://wonderful.co.uk/api/public/v1/supported-banks';
$response = $client->get(
$url,
[
'headers' => [
'Authorization' => 'Bearer {YOUR_AUTH_KEY}',
'Content-Type' => 'application/json',
'Accept' => 'application/json',
],
'query' => [
'type' => 'pis',
],
]
);
$body = $response->getBody();
print_r(json_decode((string) $body));
import requests
import json
url = 'https://wonderful.co.uk/api/public/v1/supported-banks'
params = {
'type': 'pis',
}
headers = {
'Authorization': 'Bearer {YOUR_AUTH_KEY}',
'Content-Type': 'application/json',
'Accept': 'application/json'
}
response = requests.request('GET', url, headers=headers, params=params)
response.json()
Example response (200):
{
"data": {
"aspsp_name": "santander",
"display_name": "SANTANDER (sandbox)",
"logo": "http://wonderful.co.uk/img/bank_logos/santander.png",
"status": "issues"
}
}
Example response (200, PIS (Payments) list):
{
"data": [
{
"aspsp_name": "aib",
"display_name": "Allied Irish Bank (GB)",
"logo": "https://payments.test/img/bank_logos/aib.png",
"status": "online"
},
{
"aspsp_name": "danske",
"display_name": "Danske Bank",
"logo": "https://payments.test/img/bank_logos/danske.png",
"status": "online"
}
]
}
Received response:
Request failed with error:
Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.
Response
Response Fields
aspsp_name
string
The ASPSP (Bank) identifier to use in the Create Payment Request call.
display_name
string
The display name of the ASPSP that you can show to end users.
logo
string
URL to the ASPSP logo, hosted on the Wonderful Payments platform.
status
string
The current ASPSP status. Enum: online, issues, offline Example: online