diff --git a/.eslintrc b/.eslintrc new file mode 100644 index 0000000..c95df73 --- /dev/null +++ b/.eslintrc @@ -0,0 +1,73 @@ +{ + "extends": ["react-app"], + "plugins": ["react"], + "rules": { + "quotes": ["error", "double"], // Use double-quotes for strings. + "jsx-quotes": ["error", "prefer-double"], // Use double-quotes for strings in JSX. + "semi": ["error", "always"], // Enforce semicolon at the end of statements. + "indent": ["error", 4, { "SwitchCase": 1 }], // Indent with 4 spaces. + "react/jsx-indent": ["error", 4], // Indent JSX with 4 spaces. + "no-multi-spaces": "error", // Do not allow multiple spaces in js. + "no-multiple-empty-lines": ["error", { "max": 1 }], // Do not allow consecutive empty lines. + "no-trailing-spaces": "error", // Disallow trailing whitespace at the end of lines. + "max-len": ["error", { "code": 120 }], // Restrict maximum line length to 120 characters. + "no-console": "warn", // Restrict usage of console.log/error etc. + "no-unused-vars": "error", // Do not allow declaring unused variables. + "prefer-template": "error", // Use back-tick for string concatanation if needed. + "object-curly-spacing": ["error", "always"], // Enforce spaces inside inline object curly braces. + "newline-before-return": "error", // Enforce new-line before return statements. + "react/jsx-curly-spacing": [2, {"when": "always", // Enforce spaces inside objects in JSX. + "spacing": { + "objectLiterals": "never" + }, + "children": true + }], + "react/jsx-tag-spacing": ["error", { // Enforce space before tag close in JSX. + "closingSlash": "never", + "beforeSelfClosing": "always", + "afterOpening": "never", + "beforeClosing": "never" + }], + + // Doc-block settings + "require-jsdoc": ["error", { + "require": { + "FunctionDeclaration": true, + "MethodDefinition": true, + "ClassDeclaration": true, + "ArrowFunctionExpression": true, + "FunctionExpression": true + } + }], + "valid-jsdoc": ["error", { + "prefer": { + "arg": "param", + "argument": "param", + "class": "constructor", + "return": "returns", + "virtual": "abstract" + }, + "preferType": { + "Boolean": "boolean", + "Number": "number", + "object": "Object", + "String": "string" + }, + "requireReturn": false, + "requireReturnType": true, + "requireParamDescription": false, + "requireReturnDescription": false + }], + + // React-specific settings + "react/forbid-component-props": ["error", { "forbid": ["style"] }], // Forbid inline style in JSX. + + // Flow-specific settings + "flowtype/newline-after-flow-annotation": [2, "never"], // Do not allow empty line after flow annotation. + "flowtype/require-valid-file-annotation": [2, "always"], // Validate flow annotations and report missing ones. + + /* the following are to suppress some warnings that might come up due to eslint version inconsistency */ + "jsx-a11y/href-no-hash": "off", + "jsx-a11y/anchor-is-valid": ["warn", { "aspects": ["invalidHref"] }] + } +} diff --git a/.flowconfig b/.flowconfig new file mode 100644 index 0000000..4609532 --- /dev/null +++ b/.flowconfig @@ -0,0 +1,14 @@ +[ignore] +node_modules + +[include] + +[libs] + +[lints] + +[options] +module.system.node.resolve_dirname=node_modules +module.system.node.resolve_dirname=src + +[strict] diff --git a/.gitignore b/.gitignore index 3c3629e..3a55ed7 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,13 @@ -node_modules +# dependencies +/node_modules + +# misc +.DS_Store +.idea + +npm-debug.log* +yarn-debug.log* +yarn-error.log* + +# css +src/**/*.css diff --git a/SERVICEWORKER.md b/SERVICEWORKER.md deleted file mode 100644 index 92f5fcf..0000000 --- a/SERVICEWORKER.md +++ /dev/null @@ -1,30 +0,0 @@ -# Service worker - -## Behavior -The current service worker will statically cache the `docs/index.html` file and calculate a hash value for the contents. When the index file has been modified a new hash value should be created by running the generation script to let the browser know that a new version is available. - -```js -staticFileGlobs: [rootDir + "/index.html"], -``` - -For all other requests matching the pattern the [fastest](https://github.com/GoogleChromeLabs/sw-toolbox/blob/master/docs/api.md#toolboxfastest) handler is used which will serve a cache version first when possible. While it returns the cached version it will still attempt to do a network request. When this network request succeeds it will automatically update the cached data so on the next page load the new version is served from cache. - -```js -{ - urlPattern: /swagger\.json$/, - handler: "fastest" -}, -{ - urlPattern: /[.]?(html|js|css|json|png|jpg|svg|gif|jpeg|woff|woff2|ttf|eot)/, - handler: "fastest" -}, -``` - -Alternatively the `networkFirst` strategy could be used. That will mean there won't be any noticable performance improvements while still allowing the documentation to be used offline since it will fall-back to a cached version if the network request fails. - -## Generation -Generating/updating the service worker file is done by running the `generate-service-worker.js` file using node with no extra arguments. - -```bash -node generate-service-worker.js -``` \ No newline at end of file diff --git a/build/asset-manifest.json b/build/asset-manifest.json new file mode 100644 index 0000000..58bc1b8 --- /dev/null +++ b/build/asset-manifest.json @@ -0,0 +1,6 @@ +{ + "main.css": "static/css/main.9c9d507a.css", + "main.css.map": "static/css/main.9c9d507a.css.map", + "main.js": "static/js/main.9b60bc3c.js", + "main.js.map": "static/js/main.9b60bc3c.js.map" +} \ No newline at end of file diff --git a/build/favicon.ico b/build/favicon.ico new file mode 100644 index 0000000..704ca7b Binary files /dev/null and b/build/favicon.ico differ diff --git a/build/index.html b/build/index.html new file mode 100644 index 0000000..c8aa8e8 --- /dev/null +++ b/build/index.html @@ -0,0 +1 @@ +
Download OpenAPI specification:Download
NOTICE: We have updated the sandbox base url to https://public-api.sandbox.bunq.com/v1/. Please update your applications accordingly. Check here: https://github.com/bunq/sdk_php/issues/149 for more info.
-Welcome to bunq!
-Our API is currently in an initial testing phase. This means we will iterate quickly to improve it and related tooling. This also allows us to quickly process your feedback (which we are happy to receive!). Therefore, we have chosen not to attach any version numbers to the changes just yet. We will inform you in a timely manner of any important changes we make before they are deployed on together.bunq.com.
-Once the speed of iteration slows down and more developers start using the API and its sandbox we will start versioning the API using the version number in the HTTP URLs (i.e. the '/v1' part of the path). We will inform you when this happens.
-OAuth 2.0 is a protocol that will let your app connect to your bunq users in a safe and easy way.
-Follow these steps to get started with OAuth:
-redirect_uri
with an authorization Code parameter.We decided to launch OAuth with a default permission that allows you to perform the following actions:
-Your web or mobile app should redirect users to the following URL:
-https://oauth.bunq.com/auth
The following parameters should be passed:
-response_type
- bunq supports the authorization code grant, provide code
as parameter (required)client_id
- your Client ID, get it from the bunq app (required)redirect_uri
- the URL you wish the user to be redirected after the authorization, make sure you register the Redirect URL in the bunq app (required)state
- a unique string to be passed back upon completion (optional)Authorization request example:
-https://oauth.bunq.com/auth?response_type=code
-&client_id=1cc540b6e7a4fa3a862620d0751771500ed453b0bef89cd60e36b7db6260f813
-&redirect_uri=https://www.bunq.com
-&state=594f5548-6dfb-4b02-8620-08e03a9469e6
-
Authorization request response:
-https://www.bunq.com/?code=7d272be434a75933f40c13d56aef6c31496005b653074f7d6ac57029d9995d30
-&state=594f5548-6dfb-4b02-8620-08e03a9469e6
-
-
If everything went well then you can exchange the authorization Code that we returned you for an Access Token to use with the bunq API.
-Make a POST call to the following endpoint:
-https://api.oauth.bunq.com/v1/token
The following parameters should be passed:
-grant_type
- the grant type used, authorization_code
for now (required)code
- the authorization code received from bunq (required)redirect_uri
- the same Redirect URL used in the authorisation request (required)client_id
- your Client ID (required)client_secret
- your Client Secret (required)Token request example:
-https://api.oauth.bunq.com/v1/token?grant_type=authorization_code&code=7d272be434a75933f40c13d56aef6c31496005b653074f7d6ac57029d9995d30
-&redirect_uri=https://www.bunq.com/
-&client_id=1cc540b6e7a4fa3a862620d0751771500ed453b0bef89cd60e36b7db6260f813
-&client_secret=184f969765f6f74f53bf563ae3e9f891aec9179157601d25221d57f2f1151fd5
-
Note: the request only contains URL parameters.
-Example successful response:
-{
- "access_token": "8baec0ac1aafca3345d5b811042feecfe0272514c5d09a69b5fbc84cb1c06029",
- "token_type": "bearer",
- "state": "594f5548-6dfb-4b02-8620-08e03a9469e6"
-}
-
Example error response:
-{
- "error": "invalid_grant",
- "error_description": "The authorization code is invalid or expired."
-}
-
All good? Ready to connect to your bunq users? Refer to our style guide and use the following assets when implementing the Connect to bunq button.
- -Visit us on together.bunq.com, share your creations, ask question and build your very own bunq app!
-When using a standard API Key the DeviceServer and Installation that are created in this process are bound to the IP address they are created from. Afterwards it is only possible to add IP addresses via the Permitted IP endpoint.
-Using a Wildcard API Key gives you the freedom to make API calls from any IP address after the POST device-server. You can switch to a Wildcard API Key by tapping on “Allow All IP Addresses” in your API Key menu inside the bunq app. Find out more at this link https://bunq.com/en/apikey-dynamic-ip.
-To avoid modification of API call data while in transit (i.e. man-in-the-middle attacks), we use a request/response signing system. The signature ensures that the data is coming from the party that has the correct private key.
-While this system is already implemented in our SDKs, you should always follow the guidelines on this page when using the bunq API to make sure you correctly sign your calls.
-The signatures are created using the SHA256 cryptographic hash function and included (encoded in base 64) in the X-Bunq-Client-Signature
request header and X-Bunq-Server-Signature
response header. The data to sign is the following:
POST /v1/user
works; POST https://sandbox.public.api.bunq.com/v1/user
will not.\n
(linefeed) newline separator.:
(a colon followed by a space) and only including Cache-Control
, User-Agent
and headers starting with X-Bunq-
. The headers should be separated from each other with a \n
(linefeed) newline. For a full list of required call headers, see the headers page.\n
(linefeed) newlines (even when there is no body).Consider the following request, a POST
to /v1/user/126/monetary-account/222/payment
(the JSON is formatted with newlines and indentations to make it more readable):
Header | -Value | -
---|---|
Cache-Control: | -no-cache | -
User-Agent: | -bunq-TestServer/1.00 sandbox/0.17b3 | -
X-Bunq-Client-Authentication: | -f15f1bbe1feba25efb00802fa127042b54101c8ec0a524c36464f5bb143d3b8b | -
X-Bunq-Client-Request-Id: | -57061b04b67ef | -
X-Bunq-Client-Signature: | -UINaaJELGHekiye4JExGx6TCs2lKMta74oVlZlwVNuVD6xPpH7RS6H58C21MmiQ75/MSVjUePC8gBjtARW2HpUKN7hANJqo/UtDb7mgDMsuz7Cf/hKeUCX0T55w2X+NC3i1T+QOQVQ1gALBT1Eif6qgyyY1wpWJUYft0MmCGEYg/ao9r3g026DNlRmRpBVxXtyJiOUImuHbq/rWpoDZRQTfvGL4KH4iKV4Lcb+o9lw11xOl4LQvNOHq3EsrfnTIa5g80pg9TS6G0SvjWmFAXBmDXatqfVhImuKZtd1dQI12JNK/++isBsP79eNtK1F5rSksmsTfAeHMy7HbfAQSDbg== | -
X-Bunq-Geolocation: | -0 0 0 0 NL | -
X-Bunq-Language: | -en_US | -
X-Bunq-Region: | -en_US | -
{
- "amount": {
- "value": "12.50",
- "currency": "EUR"
- },
- "counterparty_alias": {
- "type": "EMAIL",
- "value": "bravo@bunq.com"
- },
- "description": "Payment for drinks."
-}
-
-Let's sign that request (using PHP example code). First create a variable $dataToSign
, starting with the type and endpoint url. Follow that by a list of headers only including Cache-Control
, User-Agent
and headers starting with X-Bunq-
. Add an extra (so double) linefeed after the list of headers. Finally end with the body of the request:
POST /v1/user/126/monetary-account/222/payment
Header | -Value | -
---|---|
Cache-Control: | -no-cache | -
User-Agent: | -bunq-TestServer/1.00 sandbox/0.17b3 | -
X-Bunq-Client-Authentication: | -f15f1bbe1feba25efb00802fa127042b54101c8ec0a524c36464f5bb143d3b8b | -
X-Bunq-Client-Request-Id: | -57061b04b67ef | -
X-Bunq-Geolocation: | -0 0 0 0 NL | -
X-Bunq-Language: | -en_US | -
X-Bunq-Region: | -en_US | -
{"amount":{"value":"12.50","currency":"EUR"},"counterparty\_alias":{"type":"EMAIL","value":"bravo@bunq.com"},"description":"Payment for drinks."}
-
-Next, create the signature of $dataToSign
using the SHA256 algorithm and the private key $privateKey
of the Installation's key pair. In PHP, use the following to create a signature. The signature will be passed by reference into $signature
.
openssl_sign($dataToSign, $signature, $privateKey, OPENSSL_ALGO_SHA256);
Encode the resulting $signature
using base64, and add the resulting value to the request under the header X-Bunq-Client-Signature
. You have now signed your request, and can send it!
The response to the previous request is as follows (the JSON is formatted with newlines and indentations to make it more readable):
-Header | -Value | -
---|---|
Access-Control-Allow-Origin: | -* | -
Content-Type: | -application/json | -
Date: | -Thu, 07 Apr 2016 08:32:04 GMT | -
Server: | -Apache | -
Strict-Transport-Security: | -max-age=31536000 | -
Transfer-Encoding: | -chunked | -
X-Bunq-Client-Response-Id: | -89dcaa5c-fa55-4068-9822-3f87985d2268 | -
X-Bunq-Client-Request-Id: | -57061b04b67ef | -
X-Bunq-Server-Signature: | -ee9sDfzEhQ2L6Rquyh2XmJyNWdSBOBo6Z2eUYuM4bAOBCn9N5vjs6k6RROpagxXFXdGI9sT15tYCaLe5FS9aciIuJmrVW/SZCDWq/nOvSThi7+BwD9JFdG7zfR4afC8qfVABmjuMrtjaUFSrthyHS/5wEuDuax9qUZn6sVXcgZEq49hy4yHrV8257I4sSQIHRmgds4BXcGhPp266Z6pxjzAJbfyzt5JgJ8/suxgKvm/nYhnOfsgIIYCgcyh4DRrQltohiSon6x1ZsRIfQnCDlDDghaIxbryLfinT5Y4eU1eiCkFB4D69S4HbFXYyAxlqtX2W6Tvax6rIM2MMPNOh4Q== | -
X-Frame-Options: | -SAMEORIGIN | -
{
- "Response": [
- {
- "Id": {
- "id": 1561
- }
- }
- ]
-}
-
-Now we need to verify that this response actually came from the server and not from a man-in-the-middle. So, first we built the data that is to be verified, starting with the response code (200). Follow this by a list of the bunq headers (sorted alphabetically and excluding the signature header itself). Note: you should only include headers starting with X-Bunq-, so omit headers like Cache-Control for the verification of the response. Finally, add two line feeds followed by the response body. Note: The headers might change in transit from X-Header-Capitalization-Style
to x-header-non-capitalization-style
. Make sure you change them to X-Header-Capitalization-Style
before verifying the response signature.
200
-X-Bunq-Client-Request-Id: 57061b04b67ef
-X-Bunq-Server-Response-Id: 89dcaa5c-fa55-4068-9822-3f87985d2268
-
-{"Response":[{"Id":{"id":1561}}]}
-
Now, verify the signature of $dataToVerify
using the SHA256 algorithm and the public key $publicKey
of the server. In PHP, use the following to verify the signature.
openssl_sign($dataToVerify, $signature, $publicKey, OPENSSL_ALGO_SHA256);
If you get an error telling you "The request signature is invalid", please check the following:
-POST https://sandbox.public.api.bunq.com/v1/user
Cache-Control
, User-Agent
and headers starting with X-Bunq-
.:
separating the header key and value in your data to sign.X-Bunq-Client-Signature
header to the list of headers (that would also be impossible).X-Bunq-Client-Signature
.HTTP headers allow your client and bunq to pass on additional information along with the request or response.
-While this is already implemented in our SDKs, please follow these instructions to make sure you set appropriate headers for calls if using bunq API directly.
-Cache-Control: no-cache
The standard HTTP Cache-Control header is required for all requests.
-User-Agent: bunq-TestServer/1.00 sandbox/0.17b3
The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header.
-X-Bunq-Language: en_US
The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore.
-Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US.
-X-Bunq-Region: en_US
The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore.
-X-Bunq-Client-Request-Id: a4f0de
This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer.
-X-Bunq-Geolocation: 4.89 53.2 12 100 NL
X-Bunq-Geolocation: 0 0 0 0 000
This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued.
-X-Bunq-Client-Signature: XLOwEdyjF1d+tT2w7a7Epv4Yj7w74KncvVfq9mDJVvFRlsUaMLR2q4ISgT+5mkwQsSygRRbooxBqydw7IkqpuJay9g8eOngsFyIxSgf2vXGAQatLm47tLoUFGSQsRiYoKiTKkgBwA+/3dIpbDWd+Z7LEYVbHaHRKkEY9TJ22PpDlVgLLVaf2KGRiZ+9/+0OUsiiF1Fkd9aukv0iWT6N2n1P0qxpjW0aw8mC1nBSJuuk5yKtDCyQpqNyDQSOpQ8V56LNWM4Px5l6SQMzT8r6zk5DvrMAB9DlcRdUDcp/U9cg9kACXIgfquef3s7R8uyOWfKLSNBQpdVIpzljwNKI1Q
The signature header is included for all API calls except for POST /v1/installation. See the signing page for details on how to create this signature.
-X-Bunq-Client-Authentication: 622749ac8b00c81719ad0c7d822d3552e8ff153e3447eabed1a6713993749440
The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call
-Content-Type: image/jpeg
This header should be used when uploading an attachment to pass its MIME type. Supported types are: image/png, image/jpeg and image/gif.
-X-Bunq-Attachment-Description: Check out these cookies. -This header should be used when uploading an Attachment's content to give it a description.
-X-Bunq-Client-Request-Id: a4f0de
The same ID that was provided in the request's X-Bunq-Client-Request-Id header. Is included in the response (and request) signature, so can be used to ensure this is the response for the sent request.
-X-Bunq-Client-Response-Id: 76cc7772-4b23-420a-9586-8721dcdde174
A unique ID for the response formatted as a UUID. Clients can use it to add extra protection against replay attacks.
-X-Bunq-Server-Signature: XBBwfDaOZJapvcBpAIBT1UOmczKqJXLSpX9ZWHsqXwrf1p+H+eON+TktYksAbmkSkI4gQghw1AUQSJh5i2c4+CTuKdZ4YuFT0suYG4sltiKnmtwODOFtu1IBGuE5XcfGEDDSFC+zqxypMi9gmTqjl1KI3WP2gnySRD6PBJCXfDxJnXwjRkk4kpG8Ng9nyxJiFG9vcHNrtRBj9ZXNdUAjxXZZFmtdhmJGDahGn2bIBWsCEudW3rBefycL1DlpJZw6yRLoDltxeBo7MjgROBpIeElh5qAz9vxUFLqIQC7EDONBGbSBjaXS0wWrq9s2MGuOi9kJxL2LQm/Olj2g==
The server's signature for this response. See the signing page for details on how to verify this signature.
-X-Bunq-Warning: "You have a negative balance. Please check the app for more details."
Used to inform you on situations that might impact your bunq account and API access.
-Familiar HTTP response codes are used to indicate the success or failure of an API request.
-Generally speaking, codes in the 2xx range indicate success, while codes in the 4xx range indicate an error having to do with provided information (e.g. a required parameter was missing, insufficient funds, etc.).
-Finally, codes in the 5xx range indicate an error with bunq servers. If this is the case, please stop by the support chat and report it to us.
-Code | -Error | -Description | -
---|---|---|
200 | -OK | -Successful HTTP request. | -
399 | -NOT MODIFIED | -Same as a 304, it implies you have a local cached copy of the data. | -
400 | -BAD REQUEST | -Most likely a parameter is missing or invalid. | -
401 | -UNAUTHORISED | -Token or signature provided is not valid. | -
403 | -FORBIDDEN | -You're not allowed to make this call. | -
404 | -NOT FOUND | -The object you're looking for cannot be found. | -
405 | -METHOD NOT ALLOWED | -The method you are using is not allowed for this endpoint. | -
429 | -RATE LIMIT | -Too many API calls have been made in a too short period. | -
490 | -USER ERROR | -Most likely a parameter is missing or invalid. | -
491 | -MAINTENANCE ERROR | -bunq is in maintenance mode. | -
500 | -INTERNAL SERVER ERROR | -Something went wrong on bunq's end. | -
All errors 4xx code errors will include a JSON body explaining what went wrong.
-If you are receiving the error 429, please make sure you are sending requests at rates that are below our rate limits.
-Our rate limits per IP address per endpoint:
-Make sure to follow these indications when using the bunq API or get started with our SDKs.
-All JSON responses have one top level object. In this object will be a Response field of which the value is always an array, even for responses that only contain one object.
-Example response body
-{
- "Response": [
- {
- "DataObject": {}
- }
- ]
-}
-
-Example response body
-{
- "Error": [
- {
- "error_description": "Error description",
- "error_description_translated": "User facing error description"
- }
- ]
-}
-
-When the API returns different types of objects for the same field, they will be nested in another JSON object that includes a specific field for each one of them. Within bunq SDKs a BunqResponse object will be returned as the top level object.
-In this example there is a field content, which can have multiple types of objects as value such as — in this case — ChatMessageContentText. Be sure to follow this convention or use bunq SDKs instead.
-{
- "content": {
- "ChatMessageContentText": {
- "text": "Hi! This is an automated security message. We saw you just logged in on an My Device Description. If you believe someone else logged in with your account, please get in touch with Support."
- }
- }
-}
-
-Times and dates being sent to and from the API are in UTC. The format that should be used is YYYY-MM-DD hh:mm:ss.ssssss
, where the letters have the meaning as specified in ISO 8601. For example: 2017-01-13 13:19:16.215235
.
Callbacks are used to send information about events on your bunq account to a URL of your choice, so that you can receive real-time updates.
-In order to receive notifications for certain activities on your bunq account, you have to create notification filters. These can be set for your UserPerson or UserCompany, MonetaryAccount or CashRegister.
-The notification_filters
object looks like this:
{
- "notification_filters": [
- {
- "notification_delivery_method": "URL",
- "notification_target": “{YOUR_CALLBACK_URL}",
- "category": "REQUEST"
- },
- {
- "notification_delivery_method": "URL",
- "notification_target": "{YOUR_CALLBACK_URL}",
- "category": "PAYMENT"
- }
- ]
- }
-
-notification_delivery_method
: choose between URL (sending an HTTP request to the provided URL) and PUSH (sending a push notification to user's phone). To receive callbacks, a notification has to be set for URL.notification_target
: provide the URL you want to receive the callbacks on. This URL must use HTTPS.category
: provides for which type of events you would like to receive a callback.Category | -Description | -
---|---|
BILLING | -notifications for all bunq invoices. | -
CARD_TRANSACTION_SUCCESSFUL | -notifications for successful card transactions. | -
CARD_TRANSACTION_FAILED | -notifications for failed card transaction. | -
CHAT | -notifications for received chat messages. | -
DRAFT_PAYMENT | -notifications for creation and updates of draft payments. | -
IDEAL | -notifications for iDEAL-deposits towards a bunq account. | -
SOFORT | -notifications for SOFORT-deposits towards a bunq account. | -
MUTATION | -notifications for any action that affects a monetary account’s balance. | -
PAYMENT | -notifications for payments created from, or received on a bunq account (doesn’t include payments that result out of paying a Request, iDEAL, Sofort or Invoice). Outgoing payments have a negative value while incoming payments have a positive value. | -
REQUEST | -notifications for incoming requests and updates on outgoing requests. | -
SCHEDULE_RESULT | -notifications for when a scheduled payment is executed. | -
SCHEDULE_STATUS | -notifications about the status of a scheduled payment, e.g. when the scheduled payment is updated or cancelled. | -
SHARE | -notifications for any updates or creation of Connects (ShareInviteBankInquiry). | -
TAB_RESULT | -notifications for updates on Tab payments. | -
BUNQME_TAB | -notifications for updates on bunq.me Tab (open request) payments. | -
SUPPORT | -notifications for messages received from us through support chat. | -
A Mutation is a change in the balance of a monetary account. So, for each payment-like object, such as a request, iDEAL-payment or a regular payment, a Mutation is created. Therefore, the MUTATION
category can be used to keep track of a monetary account's balance.
Callbacks for the sandbox environment will be made from different IP's at AWS.
Callbacks for the production environment will be made from 185.40.108.0/22.
The IP addresses might change. We will notify you in a timely fashion if such a change would take place.
-When the execution of a callback fails (e.g. if the callback server is down or the response contains an error) it is tried again for a maximum of 5 times, with an interval of one minute between each try. If your server is not reachable by the callback after the 6th total try, the callback is not sent anymore.
-We recommend you use certificate pinning as an extra security measure. With certificate pinning, we check the certificate of the server on which you want to receive callbacks against the pinned certificate that has been provided by you and cancel the callback if that check fails.
-Retrieve the SSL certificate of your server using the following command:
-openssl s_client -servername www.example.com -connect www.example.com:443 < /dev/null | sed -n "/-----BEGIN/,/-----END/p" > www.example.com.pem
POST
the certificate to the certificate-pinned endpoint.Now every callback that is made will be checked against the pinned certificate that you provided. Note that if the SSL certificate on your server expires or is changed, our callbacks will fail.
-In order to control the size of the response of a LIST
request, items can be paginated. A LIST
request is a request for every one of a certain resources, for instance all payments of a certain monetary account GET /v1/user/1/monetary-account/1/payment
). You can decide on the maximum amount of items of a response by adding a count
query parameter with the number of items you want per page to the URL. For instance:
GET /v1/user/1/monetary-account/1/payment?count=25
When no count
is given, the default count is set to 10. The maximum count
you can set is 200.
With every listing, a Pagination
object will be added to the response, containing the URLs to be used to get the next or previous set of items. The URLs in the Pagination object can be used to navigate through the listed resources. The Pagination object looks like this given a count of 25:
"Pagination": {
- "future_url": null,
- "newer_url": "/v1/user/1/monetary-account/1/payment?count=25&newer_id=249",
- "older_url": "/v1/user/1/monetary-account/1/payment?count=25&older_id=224"
-}
-
-The newer_url
value can be used to get the next page. The newer_id
is always the ID of the last item in the current page. If newer_url
is null
, there are no more recent items before the current page.
The older_url
value can be used to get the previous page. The older_id
is always the ID of the first item in the current page. If older_url
is null
, there are no older items after the current page.
The future_url
can be used to refresh and check for newer items that didn't exist when the listing was requested. The newer_id
will always be the ID of the last item in the current page. future_url
will be null
if newer_id
is not also the ID of the latest item.
Have you tested your bunq integration to the fullest and are you now ready to introduce it to the world? Then the time has come to move it to a production environment!
-To get started you'll need some fresh API keys for the production environment, which you can create via your bunq app. You can create these under "Profile" by tapping the "Security" menu. We do, however, highly recommend using a standard API Key instead of a Wildcard API Key. The former is significantly safer and it protects you from intrusions and possible attacks.
-There's only a few things to do before your beautiful bunq creation can be moved to production. You're going to have to change your API Key and redo the sequence of calls to open a session.
-The bunq Public API production environment is hosted at https://api.bunq.com
.
Do you have any questions or remarks about the process, or do you simply want to show off with your awesome creations? Don't hesitate to drop us a line on together.bunq.com.
-In case you do not own an Android device on which you can run our Sandbox app for end-to-end testing, you can set up an emulator to run the bunq Sandbox app for Android.
-Things you will need
-Starting the Android Virtual Device (AVD) Manager
-Setting up a new virtual device
-Starting the virtual device
-Installing the bunq Sandbox App APK
-cd ~/Library/Android/sdk/platform-tools
on macOS)../adb install ~/Downloads/bunq-android-sandboxEmulator-public-api.apk
, this may take a few minutes, and should finish with "Success".Creating an account or logging in
---Tested with Android Studio 2.3 (February 24th, 2017)
-
So, you want to start using the bunq API, awesome! To do this, you have to open a session in which you will be making those calls.
-To connect to the API, you have to make sure you have received an API key. For the production environment, you can generate your own keys in the bunq app (under 'Profile' -> 'Security'). For the sandbox environment you can request a key through Support chat in the bunq app.
-To create additional API keys for the sandbox environment, log in to the sandbox app for Android as either a UserPerson or UserCompany. Navigate to Profile > Security > API keys and click the '+' button. Please be aware that the API key can only be assigned to an IP within 4 hours after its creation. After the 4 hours, it will become invalid if not assigned. API keys that are created via the sandbox app are wiped with each sandbox reset.
-The calls you need to perform to set up a session from scratch are the following:
-Each call needs to be signed with your own private key. An Installation is used to tell the server about the public key of your key pair. The server uses this key to verify your subsequent calls.
-Start by generating a 2048-bit RSA key pair. You can find out how to generate a key pair in our PHP coding examples.
-On the headers page you can find out about the mandatory headers. Take care that if you are in the sandbox environment, you set an Authorization
header. Specific to the POST /installation
call, you shouldn't use the X-Bunq-Client-Authentication
or the X-Bunq-Client-Signature
headers.
Post your public key to the Installation endpoint (use \n
for newlines in your public key).
Save the Installation token and the bunq API's public key from the response. This token is used in the Authentication
header to register a DeviceServer
and to start a SessionServer
. The bunq API's public key should be used to verify future responses received from the bunq API.
Further calls made to the server need to come from a registered device. POST /device-server
registers your current device and the IP address(es) it uses to connect to the bunq API.
Use the token you received from POST /installation
in the X-Bunq-Client-Authentication
header. Make sure you sign your call, passing the call signature in X-Bunq-Client-Signature
header.
For the secret, use the API key you received. If you want to create another API key, you can do so in the bunq sandbox app (or production app for the production environment). Login, go to Profile > Security and tap 'API keys'. The freshly created API key can be assigned to one or multiple IP addresses using POST device-server
within 4 hours before becoming invalid. As soon as you start using your API key, it will remain valid until the next sandbox reset.
For the secret, use the API key you received.
To make any calls besides installation
and device-server
, you need to open a session.
Use the token you received from POST /installation
in the X-Bunq-Client-Authentication
header. Make sure you sign your call, passing the call signature in X-Bunq-Client-Signature
header.
For the secret, use the API key you received.
-The token received in the response to POST /session-server
should be used to authenticate your calls in this session. Pass this session's token in the X-Bunq-Client-Authentication
header on every call you make in this session.
You want to offer bunq payments on a website or in an application.
-In this use case the consumer and the merchant both have a bunq account. The consumer wants to pay with bunq and enters their alias in the bunq payment field at checkout. The merchant sends the request for payment to the consumer when the consumer presses enter. The consumer agrees to the request in the bunq mobile app and the merchant has immediate confirmation of the payment.
-Make sure that you have opened a session and that for any call you make after that, you pass the session’s token in the X-Bunq-Client-Authentication header.
-The consumer is at checkout and selects the bunq payment method. This would be a logical time to open a session on the bunq server.
-When a request for payment is accepted, the money will be deposited on the bank account the request for payment is connected to. Let’s start by finding all your available bank accounts. Pick one of them to make the request for payment with and save its id
.
Optionally, you can attach an image to the request for payment.
-Make sure you set the Content-Type
header to match the MIME type of the image. It’s also required you pass a description of the image via the X-Bunq-Attachment-Description
header.
The payload of this request is the binary representation of the image file. Do not use any JSON formatting.
-Save the id
of the posted attachment. You’ll need it to attach it to the request for payment.
Next, create a request inquiry. A request inquiry is the request for payment that your customer can respond to by accepting or rejecting it.
-Pass the customer’s email address, phone number or IBAN in the counterparty_alias
. Make sure you set the correct type
for the alias, depending on what you pass. When providing an IBAN, a name of the counterparty_alias
is required. You can provide the id
of the created attachment.
You will receive the id
of the created request inquiry in the response. Save this id
. You will need it to check if the customer has responded to the request yet.
After you’ve sent the request for payment, its status can be checked.
-When the status
is ACCEPTED
, the customer has accepted and paid the request, and you will have received the money on the connected monetary account. If the status
is REJECTED
, the customer did not accept the request.
You will create a tab that can be paid once by a single user, a so called TagUsageSingle, and explore three different ways to make the Tab visible to your customers:
-Make sure that you have opened a session and that for any call you make after that, you pass the session’s token in the X-Bunq-Client-Authentication
header.
Start by creating an attachment that will be used for the avatar for the cash register.
-Make sure you set the Content-Type
header to match the MIME type of the image. It is also required you pass a description of the image via the X-Bunq-Attachment-Description
header.
The payload of this request is the binary representation of the image file. Do not use any JSON formatting.
-Save the uuid
of the posted attachment. You'll need it to create the avatar in the next step.
Make an avatar using the public attachment you've just created.
-The payload of this request is the uuid
of the attachment public.
In response, you’ll receive the UUID of the avatar created using the attachment. Save this UUID. You’ll use it as the avatar for the cash register you're about to create.
-Get a listing of all available monetary accounts. Choose one, and save the id of the monetary account you want your cash register to be connected to. Each paid tab for the cash register will transfer the money to this account.
-Create a cash register. Use the id
of the monetary account you want to connect the cash register to in the URL of the request.
In the body provide the uuid
of the avatar you created for this cash register. Also make sure to provide a unique name for your cash register. Set the status to PENDING_APPROVAL
.
The response contains the id
of the cash register you created. Save this id
. You will need it to create subsequent tabs and tab items.
On the production environment, a bunq admin will review and approve your cash register. In the sandbox environment, your cash register will be automatically approved.
-Create a new tab that is connected to your cash register. Use the id of the cash register you want to connect this tab to in the URL of your request.
-Give the tab a name in merchant_reference
. Create the tab with status OPEN
, and give the tab a starting amount. You can update this amount later.
The response contains the uuid of the tab you created.
-You can add items to a tab. For instance, if a customer will be paying for multiple products via this tab, you can decide to add an item for each of these. Adding items to a tab is optional, and adding them will not change the total amount of the tab itself. However, if you've added any tab items the sum of the amounts of these items must be equal to the total_amount
of the tab when you change its status to WAITING_FOR_PAYMENT
.
Update the status of the tab to WAITING_FOR_PAYMENT
if you want the costumer to pay the tab, and you're done adding any tab items. You can use this request to make the tab visible for your costumers.
To decide how you are going to make your tab visible, pass a visibility object in the payload.
-Setting cash_register_qr_code
to true will connect this tab to the QR code from the cash register. If this cash register does not have a QR code yet, one will be created. Only one Tab can be connected to the cash register’s QR code at any given time.
Setting tab_qr_code
to true will create a QR code specifically for this tab. This QR code can not be linked to anything else.
Reset the available budget for a bank account share. To be called without any ID at the end of the path.
-userID required | integer |
monetary-accountID required | integer |
share-invite-bank-inquiryID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
When you have connected your monetary account bank to a user, and given this user a (for example) daily budget of 10 EUR. If this users has used his entire budget or part of it, this call can be used to reset the amount he used to 0. The user can then spend the daily budget of 10 EUR again.
-This is how the error response looks like for 4XX response codes
-Create a new monetary account attachment. Create a POST request with a payload that contains the binary representation of the file, without any JSON wrapping. Make sure you define the MIME type (i.e. image/jpeg) in the Content-Type header. You are required to provide a description of the attachment using the X-Bunq-Attachment-Description header.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This call is used to upload an attachment that can be referenced to in payment requests and payments sent from a specific monetary account. Attachments supported are png, jpg and gif.
-This is how the error response looks like for 4XX response codes
-Get a specific attachment. The header of the response contains the content-type of the attachment.
-tabUUID required | string |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This call is used to view an attachment that is linked to a tab.
-This is how the error response looks like for 4XX response codes
-Create a new public attachment. Create a POST request with a payload that contains a binary representation of the file, without any JSON wrapping. Make sure you define the MIME type (i.e. image/jpeg, or image/png) in the Content-Type header. You are required to provide a description of the attachment using the X-Bunq-Attachment-Description header.
-Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This call is used to upload an attachment that can be referenced to as an avatar (through the Avatar endpoint) or in a tab sent. Attachments supported are png, jpg and gif.
-This is how the error response looks like for 4XX response codes
-Get a specific attachment's metadata through its UUID. The Content-Type header of the response will describe the MIME type of the attachment file.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This call is used to upload an attachment that can be referenced to as an avatar (through the Avatar endpoint) or in a tab sent. Attachments supported are png, jpg and gif.
-This is how the error response looks like for 4XX response codes
-Upload a new attachment to use with a tab, and to read its metadata. Create a POST request with a payload that contains the binary representation of the file, without any JSON wrapping. Make sure you define the MIME type (i.e. image/jpeg) in the Content-Type header. You are required to provide a description of the attachment using the X-Bunq-Attachment-Description header.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This call is used to upload an attachment that will be accessible only through tabs. This can be used for example to upload special promotions or other attachments. Attachments supported are png, jpg and gif.
-This is how the error response looks like for 4XX response codes
-Get a specific attachment. The header of the response contains the content-type of the attachment.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This call is used to upload an attachment that will be accessible only through tabs. This can be used for example to upload special promotions or other attachments. Attachments supported are png, jpg and gif.
-This is how the error response looks like for 4XX response codes
-Avatars are public images used to represent you or your company. Avatars are used to represent users, monetary accounts and cash registers. Avatars cannot be deleted, only replaced. Avatars can be updated after uploading the image you would like to use through AttachmentPublic. Using the attachment_public_uuid which is returned you can update your Avatar. Avatars used for cash registers and company accounts will be reviewed by bunq.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Avatars are public images used to represent you or your company. Avatars are used to represent users, monetary accounts and cash registers. Avatars cannot be deleted, only replaced. Avatars can be updated after uploading the image you would like to use through AttachmentPublic. Using the attachment_public_uuid which is returned you can update your Avatar. Avatars used for cash registers and company accounts will be reviewed by bunq.
-This is how the error response looks like for 4XX response codes
-Avatars are public images used to represent you or your company. Avatars are used to represent users, monetary accounts and cash registers. Avatars cannot be deleted, only replaced. Avatars can be updated after uploading the image you would like to use through AttachmentPublic. Using the attachment_public_uuid which is returned you can update your Avatar. Avatars used for cash registers and company accounts will be reviewed by bunq.
-Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
attachment_public_uuid required | string The public UUID of the public attachment from which an avatar image must be created. - |
Avatars are public images used to represent you or your company. Avatars are used to represent users, monetary accounts and cash registers. Avatars cannot be deleted, only replaced. Avatars can be updated after uploading the image you would like to use through AttachmentPublic. Using the attachment_public_uuid which is returned you can update your Avatar. Avatars used for cash registers and company accounts will be reviewed by bunq.
-This is how the error response looks like for 4XX response codes
-bunq.me tabs allows you to create a payment request and share the link through e-mail, chat, etc. Multiple persons are able to respond to the payment request and pay through bunq, iDeal or SOFORT.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
bunqme_tab_entry required | object (BunqMeTabEntry_5b6aacaec4c88) |
status | string The status of the bunq.me. Ignored in POST requests but can be used for cancelling the bunq.me by setting status as CANCELLED with a PUT request. - |
bunq.me tabs allows you to create a payment request and share the link through e-mail, chat, etc. Multiple persons are able to respond to the payment request and pay through bunq, iDeal or SOFORT.
-This is how the error response looks like for 4XX response codes
-bunq.me tabs allows you to create a payment request and share the link through e-mail, chat, etc. Multiple persons are able to respond to the payment request and pay through bunq, iDeal or SOFORT.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
bunq.me tabs allows you to create a payment request and share the link through e-mail, chat, etc. Multiple persons are able to respond to the payment request and pay through bunq, iDeal or SOFORT.
-This is how the error response looks like for 4XX response codes
-bunq.me tabs allows you to create a payment request and share the link through e-mail, chat, etc. Multiple persons are able to respond to the payment request and pay through bunq, iDeal or SOFORT.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
bunqme_tab_entry required | object (BunqMeTabEntry_5b6aacaec4c88) |
status | string The status of the bunq.me. Ignored in POST requests but can be used for cancelling the bunq.me by setting status as CANCELLED with a PUT request. - |
bunq.me tabs allows you to create a payment request and share the link through e-mail, chat, etc. Multiple persons are able to respond to the payment request and pay through bunq, iDeal or SOFORT.
-This is how the error response looks like for 4XX response codes
-bunq.me tabs allows you to create a payment request and share the link through e-mail, chat, etc. Multiple persons are able to respond to the payment request and pay through bunq, iDeal or SOFORT.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
bunq.me tabs allows you to create a payment request and share the link through e-mail, chat, etc. Multiple persons are able to respond to the payment request and pay through bunq, iDeal or SOFORT.
-This is how the error response looks like for 4XX response codes
-Return all the cards available to the user.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Endpoint for retrieving details for the cards the user has access to.
-This is how the error response looks like for 4XX response codes
-Update the card details. Allow to change pin code, status, limits, country permissions and the monetary account connected to the card. When the card has been received, it can be also activated through this endpoint.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
pin_code | string The plaintext pin code. Requests require encryption to be enabled. - |
activation_code | string The activation code required to set status to ACTIVE initially. Can only set status to ACTIVE using activation code when order_status is ACCEPTED_FOR_PRODUCTION and status is DEACTIVATED. - |
status | string The status to set for the card. Can be ACTIVE, DEACTIVATED, LOST, STOLEN or CANCELLED, and can only be set to LOST/STOLEN/CANCELLED when order status is ACCEPTED_FOR_PRODUCTION/DELIVERED_TO_CUSTOMER/CARD_UPDATE_REQUESTED/CARD_UPDATE_SENT/CARD_UPDATE_ACCEPTED. Can only be set to DEACTIVATED after initial activation, i.e. order_status is DELIVERED_TO_CUSTOMER/CARD_UPDATE_REQUESTED/CARD_UPDATE_SENT/CARD_UPDATE_ACCEPTED. Mind that all the possible choices (apart from ACTIVE and DEACTIVATED) are permanent and cannot be changed after. - |
limit | Array of object The limits to define for the card, among CARD_LIMIT_CONTACTLESS, CARD_LIMIT_ATM, CARD_LIMIT_DIPPING and CARD_LIMIT_POS_ICC (e.g. 25 EUR for CARD_LIMIT_CONTACTLESS). All the limits must be provided on update. - |
mag_stripe_permission | object (CardMagStripePermission_5b6aacaed165a) |
country_permission | Array of object The countries for which to grant (temporary) permissions to use the card. - |
pin_code_assignment | Array of object Array of Types, PINs, account IDs assigned to the card. - |
monetary_account_id_fallback | integer ID of the MA to be used as fallback for this card if insufficient balance. Fallback account is removed if not supplied. - |
Endpoint for retrieving details for the cards the user has access to.
-This is how the error response looks like for 4XX response codes
-Return the details of a specific card.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Endpoint for retrieving details for the cards the user has access to.
-This is how the error response looks like for 4XX response codes
-Used to update multiple cards in a batch.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
cards required | Array of object The cards that need to be updated. - |
Used to update multiple cards in a batch.
-This is how the error response looks like for 4XX response codes
-Create a new debit card request.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
second_line required | string The second line of text on the card, used as name/description for it. It can contain at most 17 characters and it can be empty. - |
name_on_card required | string The user's name as it will be on the card. Check 'card-name' for the available card names for a user. - |
alias | object (Pointer_5b6aacaeac0b3) |
type | string The type of card to order. Can be MAESTRO or MASTERCARD. - |
pin_code_assignment | Array of object Array of Types, PINs, account IDs assigned to the card. - |
monetary_account_id_fallback | integer ID of the MA to be used as fallback for this card if insufficient balance. Fallback account is removed if not supplied. - |
With bunq it is possible to order debit cards that can then be connected with each one of the monetary accounts the user has access to (including connected accounts).
-This is how the error response looks like for 4XX response codes
-Return all the accepted card names for a specific user.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Endpoint for getting all the accepted card names for a user. As bunq do not allow total freedom in choosing the name that is going to be printed on the card, the following formats are accepted: Name Surname, N. Surname, N Surname or Surname.
-This is how the error response looks like for 4XX response codes
-Create a new CashRegister. Only an UserCompany can create a CashRegisters. They need to be created with status PENDING_APPROVAL, an bunq admin has to approve your CashRegister before you can use it. In the sandbox testing environment an CashRegister will be automatically approved immediately after creation.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
name required | string The name of the CashRegister. Must be unique for this MonetaryAccount. - |
status required | string The status of the CashRegister. Can only be created or updated with PENDING_APPROVAL or CLOSED. - |
avatar_uuid required | string The UUID of the avatar of the CashRegister. Use the calls /attachment-public and /avatar to create a new Avatar and get its UUID. - |
location | object (Geolocation_5b6aacaecba10) |
notification_filters | Array of object The types of notifications that will result in a push notification or URL callback for this CashRegister. - |
tab_text_waiting_screen | Array of object The tab text for waiting screen of CashRegister. - |
CashRegisters are virtual points of sale. They have a specific name and avatar, and optionally, a location.
With a CashRegister you can create a Tab and then use a QR code to receive payments.
Check out our Quickstart example to learn how you can easily create Tab payments.
Notification filters can be set on a CashRegister to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Get a collection of CashRegister for a given user and monetary account.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
CashRegisters are virtual points of sale. They have a specific name and avatar, and optionally, a location.
With a CashRegister you can create a Tab and then use a QR code to receive payments.
Check out our Quickstart example to learn how you can easily create Tab payments.
Notification filters can be set on a CashRegister to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Get a specific CashRegister.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
CashRegisters are virtual points of sale. They have a specific name and avatar, and optionally, a location.
With a CashRegister you can create a Tab and then use a QR code to receive payments.
Check out our Quickstart example to learn how you can easily create Tab payments.
Notification filters can be set on a CashRegister to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Modify or close an existing CashRegister. You must set the status back to PENDING_APPROVAL if you modify the name, avatar or location of a CashRegister. To close a cash register put its status to CLOSED.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
name required | string The name of the CashRegister. Must be unique for this MonetaryAccount. - |
status required | string The status of the CashRegister. Can only be created or updated with PENDING_APPROVAL or CLOSED. - |
avatar_uuid required | string The UUID of the avatar of the CashRegister. Use the calls /attachment-public and /avatar to create a new Avatar and get its UUID. - |
location | object (Geolocation_5b6aacaecba10) |
notification_filters | Array of object The types of notifications that will result in a push notification or URL callback for this CashRegister. - |
tab_text_waiting_screen | Array of object The tab text for waiting screen of CashRegister. - |
CashRegisters are virtual points of sale. They have a specific name and avatar, and optionally, a location.
With a CashRegister you can create a Tab and then use a QR code to receive payments.
Check out our Quickstart example to learn how you can easily create Tab payments.
Notification filters can be set on a CashRegister to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Remove the pinned certificate chain with the specific ID.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This endpoint allow you to pin the certificate chains to your account. These certificate chains are used for SSL validation whenever a callback is initiated to one of your https callback urls.
-This is how the error response looks like for 4XX response codes
-Get the pinned certificate chain with the specified ID.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This endpoint allow you to pin the certificate chains to your account. These certificate chains are used for SSL validation whenever a callback is initiated to one of your https callback urls.
-This is how the error response looks like for 4XX response codes
-Pin the certificate chain.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
certificate_chain required | Array of object The certificate chain in .PEM format. - |
This endpoint allow you to pin the certificate chains to your account. These certificate chains are used for SSL validation whenever a callback is initiated to one of your https callback urls.
-This is how the error response looks like for 4XX response codes
-List all the pinned certificate chain for the given user.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This endpoint allow you to pin the certificate chains to your account. These certificate chains are used for SSL validation whenever a callback is initiated to one of your https callback urls.
-This is how the error response looks like for 4XX response codes
-Get the raw content of a specific attachment.
-tabUUID required | string |
attachmentID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Fetch the raw content of a tab attachment with given ID. The raw content is the binary representation of a file, without any JSON wrapping.
-This is how the error response looks like for 4XX response codes
-Get the raw content of a specific attachment.
-userID required | integer |
monetary-accountID required | integer |
attachment-tabID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Fetch the raw content of a tab attachment with given ID. The raw content is the binary representation of a file, without any JSON wrapping.
-This is how the error response looks like for 4XX response codes
-Get the raw content of a specific attachment.
-attachment-publicUUID required | string |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Fetch the raw content of a public attachment with given ID. The raw content is the binary representation of a file, without any JSON wrapping.
-This is how the error response looks like for 4XX response codes
-Get the raw content of a specific attachment.
-userID required | integer |
chat-conversationID required | integer |
attachmentID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Fetch the raw content of an attachment with given ID. The raw content is the base64 of a file, without any JSON wrapping.
-This is how the error response looks like for 4XX response codes
-Fetch the raw content of a statement export. The returned file format could be MT940, CSV or PDF depending on the statement format specified during the statement creation. The doc won't display the response of a request to get the content of a statement export.
-userID required | integer |
monetary-accountID required | integer |
customer-statementID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Fetch the raw content of a statement export. The returned file format could be MT940, CSV or PDF depending on the statement format specified during the statement creation. The doc won't display the response of a request to get the content of a statement export.
-This is how the error response looks like for 4XX response codes
-Show the raw contents of a QR code
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
qr-codeID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Show the raw contents of a QR code. First you need to created a QR code using ../cash-register/{id}/qr-code.
-This is how the error response looks like for 4XX response codes
-Used to retrieve the raw content of an annual overview.
-userID required | integer |
export-annual-overviewID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Fetch the raw content of an annual overview. The annual overview is always in PDF format. Doc won't display the response of a request to get the content of an annual overview.
-This is how the error response looks like for 4XX response codes
-Create a credential of a user for server authentication, or delete the credential of a user for server authentication.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Create a credential of a user for server authentication, or delete the credential of a user for server authentication.
-This is how the error response looks like for 4XX response codes
-Create a credential of a user for server authentication, or delete the credential of a user for server authentication.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Create a credential of a user for server authentication, or delete the credential of a user for server authentication.
-This is how the error response looks like for 4XX response codes
-Used to create new and read existing statement exports. Statement exports can be created in either CSV, MT940 or PDF file format.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
statement_format required | string The format type of statement. Allowed values: MT940, CSV, PDF. - |
date_start required | string The start date for making statements. - |
date_end required | string The end date for making statements. - |
regional_format | string Required for CSV exports. The regional format of the statement, can be UK_US (comma-separated) or EUROPEAN (semicolon-separated). - |
Used to create new and read existing statement exports. Statement exports can be created in either CSV, MT940 or PDF file format.
-This is how the error response looks like for 4XX response codes
-Used to create new and read existing statement exports. Statement exports can be created in either CSV, MT940 or PDF file format.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create new and read existing statement exports. Statement exports can be created in either CSV, MT940 or PDF file format.
-This is how the error response looks like for 4XX response codes
-Used to create new and read existing statement exports. Statement exports can be created in either CSV, MT940 or PDF file format.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create new and read existing statement exports. Statement exports can be created in either CSV, MT940 or PDF file format.
-This is how the error response looks like for 4XX response codes
-Used to create new and read existing statement exports. Statement exports can be created in either CSV, MT940 or PDF file format.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create new and read existing statement exports. Statement exports can be created in either CSV, MT940 or PDF file format.
-This is how the error response looks like for 4XX response codes
-Get a single Device. A Device is either a DevicePhone or a DeviceServer.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to get a Device or a listing of Devices. Creating a DeviceServer should happen via /device-server
-This is how the error response looks like for 4XX response codes
-Get a collection of Devices. A Device is either a DevicePhone or a DeviceServer.
-Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to get a Device or a listing of Devices. Creating a DeviceServer should happen via /device-server
-This is how the error response looks like for 4XX response codes
-Create a new DeviceServer providing the installation token in the header and signing the request with the private part of the key you used to create the installation. The API Key that you are using will be bound to the IP address of the DeviceServer which you have created.
Using a Wildcard API Key gives you the freedom to make API calls even if the IP address has changed after the POST device-server.
Find out more at this link https:/bunq.com/en/apikey-dynamic-ip.
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
description required | string The description of the DeviceServer. This is only for your own reference when reading the DeviceServer again. - |
secret required | string The API key. You can request an API key in the bunq app. - |
permitted_ips | Array of string An array of IPs (v4 or v6) this DeviceServer will be able to do calls from. These will be linked to the API key. - |
After having created an Installation you can now create a DeviceServer. A DeviceServer is needed to do a login call with session-server.
-This is how the error response looks like for 4XX response codes
-Get a collection of all the DeviceServers you have created.
-Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
After having created an Installation you can now create a DeviceServer. A DeviceServer is needed to do a login call with session-server.
-This is how the error response looks like for 4XX response codes
-Get one of your DeviceServers.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
After having created an Installation you can now create a DeviceServer. A DeviceServer is needed to do a login call with session-server.
-This is how the error response looks like for 4XX response codes
-Create a new DraftPayment.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
status | string The status of the DraftPayment. - |
entries required | Array of object The list of entries in the DraftPayment. Each entry will result in a payment when the DraftPayment is accepted. - |
previous_updated_timestamp | string The last updated_timestamp that you received for this DraftPayment. This needs to be provided to prevent race conditions. - |
number_of_required_accepts required | integer The number of accepts that are required for the draft payment to receive status ACCEPTED. Currently only 1 is valid. - |
A DraftPayment is like a regular Payment, but it needs to be accepted by the sending party before the actual Payment is done.
-This is how the error response looks like for 4XX response codes
-Get a listing of all DraftPayments from a given MonetaryAccount.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
A DraftPayment is like a regular Payment, but it needs to be accepted by the sending party before the actual Payment is done.
-This is how the error response looks like for 4XX response codes
-Update a DraftPayment.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
status | string The status of the DraftPayment. - |
entries required | Array of object The list of entries in the DraftPayment. Each entry will result in a payment when the DraftPayment is accepted. - |
previous_updated_timestamp | string The last updated_timestamp that you received for this DraftPayment. This needs to be provided to prevent race conditions. - |
number_of_required_accepts required | integer The number of accepts that are required for the draft payment to receive status ACCEPTED. Currently only 1 is valid. - |
A DraftPayment is like a regular Payment, but it needs to be accepted by the sending party before the actual Payment is done.
-This is how the error response looks like for 4XX response codes
-Get a specific DraftPayment.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
A DraftPayment is like a regular Payment, but it needs to be accepted by the sending party before the actual Payment is done.
-This is how the error response looks like for 4XX response codes
-Used to create a draft share invite for a user with another bunq user. The user that accepts the invite can share his MAs with the user that created the invite.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
status | string The status of the draft share invite. Can be CANCELLED (the user cancels the draft share before it's used). - |
sub_status | string The sub-status of the draft share invite. Can be NONE, ACCEPTED or REJECTED. - |
expiration required | string The moment when this draft share invite expires. - |
Used to create a draft share invite for a user with another bunq user. The user that accepts the invite can share his MAs with the user that created the invite.
-This is how the error response looks like for 4XX response codes
-Used to create a draft share invite for a user with another bunq user. The user that accepts the invite can share his MAs with the user that created the invite.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create a draft share invite for a user with another bunq user. The user that accepts the invite can share his MAs with the user that created the invite.
-This is how the error response looks like for 4XX response codes
-Get the details of a specific draft of a share invite.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create a draft share invite for a user with another bunq user. The user that accepts the invite can share his MAs with the user that created the invite.
-This is how the error response looks like for 4XX response codes
-Update a draft share invite. When sending status CANCELLED it is possible to cancel the draft share invite.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
status | string The status of the draft share invite. Can be CANCELLED (the user cancels the draft share before it's used). - |
sub_status | string The sub-status of the draft share invite. Can be NONE, ACCEPTED or REJECTED. - |
expiration required | string The moment when this draft share invite expires. - |
Used to create a draft share invite for a user with another bunq user. The user that accepts the invite can share his MAs with the user that created the invite.
-This is how the error response looks like for 4XX response codes
-Used to create a draft share invite for a monetary account with another bunq user, as in the 'Connect' feature in the bunq app. The user that accepts the invite can share one of their MonetaryAccounts with the user that created the invite.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
status | string The status of the draft share invite. Can be CANCELLED (the user cancels the draft share before it's used). - |
expiration required | string The moment when this draft share invite expires. - |
draft_share_settings required | object (DraftShareInviteEntry_5b6aacaf1d225) |
Used to create a draft share invite for a monetary account with another bunq user, as in the 'Connect' feature in the bunq app. The user that accepts the invite can share one of their MonetaryAccounts with the user that created the invite.
-This is how the error response looks like for 4XX response codes
-Used to create a draft share invite for a monetary account with another bunq user, as in the 'Connect' feature in the bunq app. The user that accepts the invite can share one of their MonetaryAccounts with the user that created the invite.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create a draft share invite for a monetary account with another bunq user, as in the 'Connect' feature in the bunq app. The user that accepts the invite can share one of their MonetaryAccounts with the user that created the invite.
-This is how the error response looks like for 4XX response codes
-Get the details of a specific draft of a share invite.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create a draft share invite for a monetary account with another bunq user, as in the 'Connect' feature in the bunq app. The user that accepts the invite can share one of their MonetaryAccounts with the user that created the invite.
-This is how the error response looks like for 4XX response codes
-Update a draft share invite. When sending status CANCELLED it is possible to cancel the draft share invite.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
status | string The status of the draft share invite. Can be CANCELLED (the user cancels the draft share before it's used). - |
expiration required | string The moment when this draft share invite expires. - |
draft_share_settings required | object (DraftShareInviteEntry_5b6aacaf1d225) |
Used to create a draft share invite for a monetary account with another bunq user, as in the 'Connect' feature in the bunq app. The user that accepts the invite can share one of their MonetaryAccounts with the user that created the invite.
-This is how the error response looks like for 4XX response codes
-Get an annual overview for a user by its id.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create new and read existing annual overviews of all the user's monetary accounts. Once created, annual overviews can be downloaded in PDF format via the 'export-annual-overview/{id}/content' endpoint.
-This is how the error response looks like for 4XX response codes
-Used to create new and read existing annual overviews of all the user's monetary accounts. Once created, annual overviews can be downloaded in PDF format via the 'export-annual-overview/{id}/content' endpoint.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create new and read existing annual overviews of all the user's monetary accounts. Once created, annual overviews can be downloaded in PDF format via the 'export-annual-overview/{id}/content' endpoint.
-This is how the error response looks like for 4XX response codes
-Create a new annual overview for a specific year. An overview can be generated only for a past year.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
year required | integer The year for which the overview is. - |
Used to create new and read existing annual overviews of all the user's monetary accounts. Once created, annual overviews can be downloaded in PDF format via the 'export-annual-overview/{id}/content' endpoint.
-This is how the error response looks like for 4XX response codes
-List all the annual overviews for a user.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create new and read existing annual overviews of all the user's monetary accounts. Once created, annual overviews can be downloaded in PDF format via the 'export-annual-overview/{id}/content' endpoint.
-This is how the error response looks like for 4XX response codes
-Get the details for a specific generated CVC2 code.
-userID required | integer |
cardID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Endpoint for generating and retrieving a new CVC2 code.
-This is how the error response looks like for 4XX response codes
-Endpoint for generating and retrieving a new CVC2 code.
-userID required | integer |
cardID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
type | string The type of generated cvc2. Can be STATIC or GENERATED. - |
Endpoint for generating and retrieving a new CVC2 code.
-This is how the error response looks like for 4XX response codes
-Generate a new CVC2 code for a card.
-userID required | integer |
cardID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
type | string The type of generated cvc2. Can be STATIC or GENERATED. - |
Endpoint for generating and retrieving a new CVC2 code.
-This is how the error response looks like for 4XX response codes
-Get all generated CVC2 codes for a card.
-userID required | integer |
cardID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Endpoint for generating and retrieving a new CVC2 code.
-This is how the error response looks like for 4XX response codes
-This is the only API call that does not require you to use the "X-Bunq-Client-Authentication" and "X-Bunq-Client-Signature" headers. - You provide the server with the public part of the key pair that you are going to use to create the value of the signature header for all future API calls. The server creates an installation for you. Store the Installation Token and ServerPublicKey from the response. This token is used in the "X-Bunq-Client-Authentication" header for the creation of a DeviceServer and SessionServer.
-Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
client_public_key required | string Your public key. This is the public part of the key pair that you are going to use to create value of the "X-Bunq-Client-Signature" header for all future API calls. - |
Installation is used to tell the server about the public key of your key pair. The server uses this key to verify your subsequent calls, which need to be signed with your own private key. Additionally, you can use the token you get from an Installation to authenticate the registration of a new device.
-This is how the error response looks like for 4XX response codes
-You must have an active session to make this call. This call returns the Id of the the Installation you are using in your session.
-Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Installation is used to tell the server about the public key of your key pair. The server uses this key to verify your subsequent calls, which need to be signed with your own private key. Additionally, you can use the token you get from an Installation to authenticate the registration of a new device.
-This is how the error response looks like for 4XX response codes
-You must have an active session to make this call. This call is used to check whether the Id you provide is the Id of your current installation or not.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Installation is used to tell the server about the public key of your key pair. The server uses this key to verify your subsequent calls, which need to be signed with your own private key. Additionally, you can use the token you get from an Installation to authenticate the registration of a new device.
-This is how the error response looks like for 4XX response codes
-Used to view a bunq invoice.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to view a bunq invoice.
-This is how the error response looks like for 4XX response codes
-Used to list bunq invoices by user.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to list bunq invoices by user.
-This is how the error response looks like for 4XX response codes
-Used to list bunq invoices by user.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to list bunq invoices by user.
-This is how the error response looks like for 4XX response codes
-Used to view a bunq invoice.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to view a bunq invoice.
-This is how the error response looks like for 4XX response codes
-Manage the IPs which may be used for a credential of a user for server authentication.
-userID required | integer |
credential-password-ipID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Manage the IPs which may be used for a credential of a user for server authentication.
-This is how the error response looks like for 4XX response codes
-Manage the IPs which may be used for a credential of a user for server authentication.
-userID required | integer |
credential-password-ipID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
ip required | string The IP address. - |
status | string The status of the IP. May be "ACTIVE" or "INACTIVE". It is only possible to make requests from "ACTIVE" IP addresses. Only "ACTIVE" IPs will be billed. - |
Manage the IPs which may be used for a credential of a user for server authentication.
-This is how the error response looks like for 4XX response codes
-Manage the IPs which may be used for a credential of a user for server authentication.
-userID required | integer |
credential-password-ipID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
ip required | string The IP address. - |
status | string The status of the IP. May be "ACTIVE" or "INACTIVE". It is only possible to make requests from "ACTIVE" IP addresses. Only "ACTIVE" IPs will be billed. - |
Manage the IPs which may be used for a credential of a user for server authentication.
-This is how the error response looks like for 4XX response codes
-Manage the IPs which may be used for a credential of a user for server authentication.
-userID required | integer |
credential-password-ipID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Manage the IPs which may be used for a credential of a user for server authentication.
-This is how the error response looks like for 4XX response codes
-MasterCard transaction view.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
MasterCard transaction view.
-This is how the error response looks like for 4XX response codes
-MasterCard transaction view.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
MasterCard transaction view.
-This is how the error response looks like for 4XX response codes
-Get a specific MonetaryAccount.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to show the MonetaryAccounts that you can access. Currently the only MonetaryAccount type is MonetaryAccountBank. See also: monetary-account-bank.
Notification filters can be set on a monetary account level to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Get a collection of all your MonetaryAccounts.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to show the MonetaryAccounts that you can access. Currently the only MonetaryAccount type is MonetaryAccountBank. See also: monetary-account-bank.
Notification filters can be set on a monetary account level to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Create new MonetaryAccountBank.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
currency required | string The currency of the MonetaryAccountBank as an ISO 4217 formatted currency code. - |
description | string The description of the MonetaryAccountBank. Defaults to 'bunq account'. - |
daily_limit | object (Amount_5b6aacaea9d10) |
avatar_uuid | string The UUID of the Avatar of the MonetaryAccountBank. - |
status | string The status of the MonetaryAccountBank. Ignored in POST requests (always set to ACTIVE) can be CANCELLED or PENDING_REOPEN in PUT requests to cancel (close) or reopen the MonetaryAccountBank. When updating the status and/or sub_status no other fields can be updated in the same request (and vice versa). - |
sub_status | string The sub-status of the MonetaryAccountBank providing extra information regarding the status. Should be ignored for POST requests. In case of PUT requests with status CANCELLED it can only be REDEMPTION_VOLUNTARY, while with status PENDING_REOPEN it can only be NONE. When updating the status and/or sub_status no other fields can be updated in the same request (and vice versa). - |
reason | string The reason for voluntarily cancelling (closing) the MonetaryAccountBank, can only be OTHER. Should only be specified if updating the status to CANCELLED. - |
reason_description | string The optional free-form reason for voluntarily cancelling (closing) the MonetaryAccountBank. Can be any user provided message. Should only be specified if updating the status to CANCELLED. - |
notification_filters | Array of object The types of notifications that will result in a push notification or URL callback for this MonetaryAccountBank. - |
setting | object (MonetaryAccountSetting_5b6aacaf3df61) |
With MonetaryAccountBank you can create a new bank account, retrieve information regarding your existing MonetaryAccountBanks and update specific fields of an existing MonetaryAccountBank. Examples of fields that can be updated are the description, the daily limit and the avatar of the account.
Notification filters can be set on a monetary account level to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Gets a listing of all MonetaryAccountBanks of a given user.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
With MonetaryAccountBank you can create a new bank account, retrieve information regarding your existing MonetaryAccountBanks and update specific fields of an existing MonetaryAccountBank. Examples of fields that can be updated are the description, the daily limit and the avatar of the account.
Notification filters can be set on a monetary account level to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Get a specific MonetaryAccountBank.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
With MonetaryAccountBank you can create a new bank account, retrieve information regarding your existing MonetaryAccountBanks and update specific fields of an existing MonetaryAccountBank. Examples of fields that can be updated are the description, the daily limit and the avatar of the account.
Notification filters can be set on a monetary account level to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Update a specific existing MonetaryAccountBank.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
currency required | string The currency of the MonetaryAccountBank as an ISO 4217 formatted currency code. - |
description | string The description of the MonetaryAccountBank. Defaults to 'bunq account'. - |
daily_limit | object (Amount_5b6aacaea9d10) |
avatar_uuid | string The UUID of the Avatar of the MonetaryAccountBank. - |
status | string The status of the MonetaryAccountBank. Ignored in POST requests (always set to ACTIVE) can be CANCELLED or PENDING_REOPEN in PUT requests to cancel (close) or reopen the MonetaryAccountBank. When updating the status and/or sub_status no other fields can be updated in the same request (and vice versa). - |
sub_status | string The sub-status of the MonetaryAccountBank providing extra information regarding the status. Should be ignored for POST requests. In case of PUT requests with status CANCELLED it can only be REDEMPTION_VOLUNTARY, while with status PENDING_REOPEN it can only be NONE. When updating the status and/or sub_status no other fields can be updated in the same request (and vice versa). - |
reason | string The reason for voluntarily cancelling (closing) the MonetaryAccountBank, can only be OTHER. Should only be specified if updating the status to CANCELLED. - |
reason_description | string The optional free-form reason for voluntarily cancelling (closing) the MonetaryAccountBank. Can be any user provided message. Should only be specified if updating the status to CANCELLED. - |
notification_filters | Array of object The types of notifications that will result in a push notification or URL callback for this MonetaryAccountBank. - |
setting | object (MonetaryAccountSetting_5b6aacaf3df61) |
With MonetaryAccountBank you can create a new bank account, retrieve information regarding your existing MonetaryAccountBanks and update specific fields of an existing MonetaryAccountBank. Examples of fields that can be updated are the description, the daily limit and the avatar of the account.
Notification filters can be set on a monetary account level to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Create a new Payment.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
amount required | object (Amount_5b6aacaea9d10) |
counterparty_alias required | object (Pointer_5b6aacaeac0b3) |
description required | string The description for the Payment. Maximum 140 characters for Payments to external IBANs, 9000 characters for Payments to only other bunq MonetaryAccounts. Field is required but can be an empty string. - |
attachment | Array of object The Attachments to attach to the Payment. - |
merchant_reference | string Optional data to be included with the Payment specific to the merchant. - |
Using Payment, you can send payments to bunq and non-bunq users from your bunq MonetaryAccounts. This can be done using bunq Aliases or IBAN Aliases. When transferring money to other bunq MonetaryAccounts you can also refer to Attachments. These will be received by the counter-party as part of the Payment. You can also retrieve a single Payment or all executed Payments of a specific monetary account.
-This is how the error response looks like for 4XX response codes
-Get a listing of all Payments performed on a given MonetaryAccount (incoming and outgoing).
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Using Payment, you can send payments to bunq and non-bunq users from your bunq MonetaryAccounts. This can be done using bunq Aliases or IBAN Aliases. When transferring money to other bunq MonetaryAccounts you can also refer to Attachments. These will be received by the counter-party as part of the Payment. You can also retrieve a single Payment or all executed Payments of a specific monetary account.
-This is how the error response looks like for 4XX response codes
-Get a specific previous Payment.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Using Payment, you can send payments to bunq and non-bunq users from your bunq MonetaryAccounts. This can be done using bunq Aliases or IBAN Aliases. When transferring money to other bunq MonetaryAccounts you can also refer to Attachments. These will be received by the counter-party as part of the Payment. You can also retrieve a single Payment or all executed Payments of a specific monetary account.
-This is how the error response looks like for 4XX response codes
-Create a payment batch by sending an array of single payment objects, that will become part of the batch.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
payments required | Array of object The list of payments we want to send in a single batch. - |
Create a payment batch, or show the payment batches of a monetary account.
-This is how the error response looks like for 4XX response codes
-Return all the payment batches for a monetary account.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Create a payment batch, or show the payment batches of a monetary account.
-This is how the error response looks like for 4XX response codes
-Revoke a bunq.to payment batch. The status of all the payments will be set to REVOKED.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
payments required | Array of object The list of payments we want to send in a single batch. - |
Create a payment batch, or show the payment batches of a monetary account.
-This is how the error response looks like for 4XX response codes
-Return the details of a specific payment batch.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Create a payment batch, or show the payment batches of a monetary account.
-This is how the error response looks like for 4XX response codes
-Modify a QR code in a given CashRegister. You can only have one ACTIVE CashRegister QR code at the time.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
status required | string The status of the QR code. ACTIVE or INACTIVE. Only one QR code can be ACTIVE for a CashRegister at any time. Setting a QR code to ACTIVE will deactivate any other CashRegister QR codes. - |
Once your CashRegister has been activated you can create a QR code for it. The visibility of a tab can be modified to be linked to this QR code. If a user of the bunq app scans this QR code, the linked tab will be shown on his device.
-This is how the error response looks like for 4XX response codes
-Get the information of a specific QR code. To get the RAW content of the QR code use ../qr-code/{id}/content
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Once your CashRegister has been activated you can create a QR code for it. The visibility of a tab can be modified to be linked to this QR code. If a user of the bunq app scans this QR code, the linked tab will be shown on his device.
-This is how the error response looks like for 4XX response codes
-Create a new QR code for this CashRegister. You can only have one ACTIVE CashRegister QR code at the time.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
status required | string The status of the QR code. ACTIVE or INACTIVE. Only one QR code can be ACTIVE for a CashRegister at any time. Setting a QR code to ACTIVE will deactivate any other CashRegister QR codes. - |
Once your CashRegister has been activated you can create a QR code for it. The visibility of a tab can be modified to be linked to this QR code. If a user of the bunq app scans this QR code, the linked tab will be shown on his device.
-This is how the error response looks like for 4XX response codes
-Get a collection of QR code information from a given CashRegister
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Once your CashRegister has been activated you can create a QR code for it. The visibility of a tab can be modified to be linked to this QR code. If a user of the bunq app scans this QR code, the linked tab will be shown on his device.
-This is how the error response looks like for 4XX response codes
-Returns the raw content of the QR code that links to this Tab. The raw content is the binary representation of a file, without any JSON wrapping.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
tabUUID required | string |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This call returns the raw content of the QR code that links to this Tab. When a bunq user scans this QR code with the bunq app the Tab will be shown on his/her device.
-This is how the error response looks like for 4XX response codes
-Returns the raw content of the QR code that links to this draft share invite. The raw content is the binary representation of a file, without any JSON wrapping.
-userID required | integer |
draft-share-invite-bankID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This call returns the raw content of the QR code that links to this draft share invite. When a bunq user scans this QR code with the bunq app the draft share invite will be shown on his/her device.
-This is how the error response looks like for 4XX response codes
-Returns the raw content of the QR code that links to this draft share invite. The raw content is the binary representation of a file, without any JSON wrapping.
-userID required | integer |
draft-share-invite-api-keyID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
This call returns the raw content of the QR code that links to this draft share invite. When a bunq user scans this QR code with the bunq app the draft share invite will be shown on his/her device.
-This is how the error response looks like for 4XX response codes
-Request a card replacement.
-userID required | integer |
cardID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
name_on_card | string The user's name as it will be on the card. Check 'card-name' for the available card names for a user. - |
pin_code | string The plaintext pin code. Requests require encryption to be enabled. - |
second_line | string The second line on the card. - |
It is possible to order a card replacement with the bunq API.
You can order up to one free card replacement per year. Additional replacement requests will be billed.
The card replacement will have the same expiry date and the same pricing as the old card, but it will have a new card number. You can change the description and optional the PIN through the card replacement endpoint.
This is how the error response looks like for 4XX response codes
-Revoke a request for payment, by updating the status to REVOKED.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
amount_inquired required | object (Amount_5b6aacaea9d10) |
counterparty_alias required | object (Pointer_5b6aacaeac0b3) |
description required | string The description for the RequestInquiry. Maximum 9000 characters. Field is required but can be an empty string. - |
attachment | Array of object The Attachments to attach to the RequestInquiry. - |
merchant_reference | string Optional data to be included with the RequestInquiry specific to the merchant. Has to be unique for the same source MonetaryAccount. - |
status | string The status of the RequestInquiry. Ignored in POST requests but can be used for revoking (cancelling) the RequestInquiry by setting REVOKED with a PUT request. - |
minimum_age | integer The minimum age the user accepting the RequestInquiry must have. Defaults to not checking. If set, must be between 12 and 100 inclusive. - |
require_address | string Whether a billing and shipping address must be provided when paying the request. Possible values are: BILLING, SHIPPING, BILLING_SHIPPING, NONE, OPTIONAL. Default is NONE. - |
want_tip | boolean [DEPRECATED] Whether or not the accepting user can give an extra tip on top of the requested Amount. Defaults to false. - |
allow_amount_lower | boolean [DEPRECATED] Whether or not the accepting user can choose to accept with a lower amount than requested. Defaults to false. - |
allow_amount_higher | boolean [DEPRECATED] Whether or not the accepting user can choose to accept with a higher amount than requested. Defaults to false. - |
allow_bunqme required | boolean Whether or not sending a bunq.me request is allowed. - |
redirect_url | string The URL which the user is sent to after accepting or rejecting the Request. - |
event_id | integer The ID of the associated event if the request was made using 'split the bill'. - |
RequestInquiry, aka 'RFP' (Request for Payment), is one of the innovative features that bunq offers. To request payment from another bunq account a new Request Inquiry is created. As with payments you can add attachments to a RFP. Requests for Payment are the foundation for a number of consumer features like 'Split the bill' and 'Request forwarding'. We invite you to invent your own based on the bunq api!
-This is how the error response looks like for 4XX response codes
-Get the details of a specific payment request, including its status.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
RequestInquiry, aka 'RFP' (Request for Payment), is one of the innovative features that bunq offers. To request payment from another bunq account a new Request Inquiry is created. As with payments you can add attachments to a RFP. Requests for Payment are the foundation for a number of consumer features like 'Split the bill' and 'Request forwarding'. We invite you to invent your own based on the bunq api!
-This is how the error response looks like for 4XX response codes
-Create a new payment request.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
amount_inquired required | object (Amount_5b6aacaea9d10) |
counterparty_alias required | object (Pointer_5b6aacaeac0b3) |
description required | string The description for the RequestInquiry. Maximum 9000 characters. Field is required but can be an empty string. - |
attachment | Array of object The Attachments to attach to the RequestInquiry. - |
merchant_reference | string Optional data to be included with the RequestInquiry specific to the merchant. Has to be unique for the same source MonetaryAccount. - |
status | string The status of the RequestInquiry. Ignored in POST requests but can be used for revoking (cancelling) the RequestInquiry by setting REVOKED with a PUT request. - |
minimum_age | integer The minimum age the user accepting the RequestInquiry must have. Defaults to not checking. If set, must be between 12 and 100 inclusive. - |
require_address | string Whether a billing and shipping address must be provided when paying the request. Possible values are: BILLING, SHIPPING, BILLING_SHIPPING, NONE, OPTIONAL. Default is NONE. - |
want_tip | boolean [DEPRECATED] Whether or not the accepting user can give an extra tip on top of the requested Amount. Defaults to false. - |
allow_amount_lower | boolean [DEPRECATED] Whether or not the accepting user can choose to accept with a lower amount than requested. Defaults to false. - |
allow_amount_higher | boolean [DEPRECATED] Whether or not the accepting user can choose to accept with a higher amount than requested. Defaults to false. - |
allow_bunqme required | boolean Whether or not sending a bunq.me request is allowed. - |
redirect_url | string The URL which the user is sent to after accepting or rejecting the Request. - |
event_id | integer The ID of the associated event if the request was made using 'split the bill'. - |
RequestInquiry, aka 'RFP' (Request for Payment), is one of the innovative features that bunq offers. To request payment from another bunq account a new Request Inquiry is created. As with payments you can add attachments to a RFP. Requests for Payment are the foundation for a number of consumer features like 'Split the bill' and 'Request forwarding'. We invite you to invent your own based on the bunq api!
-This is how the error response looks like for 4XX response codes
-Get all payment requests for a user's monetary account.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
RequestInquiry, aka 'RFP' (Request for Payment), is one of the innovative features that bunq offers. To request payment from another bunq account a new Request Inquiry is created. As with payments you can add attachments to a RFP. Requests for Payment are the foundation for a number of consumer features like 'Split the bill' and 'Request forwarding'. We invite you to invent your own based on the bunq api!
-This is how the error response looks like for 4XX response codes
-Revoke a request batch. The status of all the requests will be set to REVOKED.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
request_inquiries required | Array of object The list of request inquiries we want to send in 1 batch. - |
status | string The status of the request. - |
total_amount_inquired required | object (Amount_5b6aacaea9d10) |
event_id | integer The ID of the associated event if the request batch was made using 'split the bill'. - |
Create a batch of requests for payment, or show the request batches of a monetary account.
-This is how the error response looks like for 4XX response codes
-Return the details of a specific request batch.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Create a batch of requests for payment, or show the request batches of a monetary account.
-This is how the error response looks like for 4XX response codes
-Create a request batch by sending an array of single request objects, that will become part of the batch.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
request_inquiries required | Array of object The list of request inquiries we want to send in 1 batch. - |
status | string The status of the request. - |
total_amount_inquired required | object (Amount_5b6aacaea9d10) |
event_id | integer The ID of the associated event if the request batch was made using 'split the bill'. - |
Create a batch of requests for payment, or show the request batches of a monetary account.
-This is how the error response looks like for 4XX response codes
-Return all the request batches for a monetary account.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Create a batch of requests for payment, or show the request batches of a monetary account.
-This is how the error response looks like for 4XX response codes
-Update the status to accept or reject the RequestResponse.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
amount_responded | object (Amount_5b6aacaea9d10) |
status required | string The responding status of the RequestResponse. Can be ACCEPTED or REJECTED. - |
address_shipping | object (Address_5b6aacaeac59c) |
address_billing | object (Address_5b6aacaeac59c) |
A RequestResponse is what a user on the other side of a RequestInquiry gets when he is sent one. So a RequestInquiry is the initiator and visible for the user that sent it and that wants to receive the money. A RequestResponse is what the other side sees, i.e. the user that pays the money to accept the request. The content is almost identical.
-This is how the error response looks like for 4XX response codes
-Get the details for a specific existing RequestResponse.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
A RequestResponse is what a user on the other side of a RequestInquiry gets when he is sent one. So a RequestInquiry is the initiator and visible for the user that sent it and that wants to receive the money. A RequestResponse is what the other side sees, i.e. the user that pays the money to accept the request. The content is almost identical.
-This is how the error response looks like for 4XX response codes
-Get all RequestResponses for a MonetaryAccount.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
A RequestResponse is what a user on the other side of a RequestInquiry gets when he is sent one. So a RequestInquiry is the initiator and visible for the user that sent it and that wants to receive the money. A RequestResponse is what the other side sees, i.e. the user that pays the money to accept the request. The content is almost identical.
-This is how the error response looks like for 4XX response codes
-Used to create a sandbox user.
-Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to create a sandbox user.
-This is how the error response looks like for 4XX response codes
-Get a collection of scheduled definition for all accessible monetary accounts of the user. You can add the parameter type to filter the response. When type={SCHEDULE_DEFINITION_PAYMENT,SCHEDULE_DEFINITION_PAYMENT_BATCH} is provided only schedule definition object that relate to these definitions are returned.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
view for reading the scheduled definitions.
-This is how the error response looks like for 4XX response codes
-Get a specific schedule definition for a given monetary account.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
view for reading the scheduled definitions.
-This is how the error response looks like for 4XX response codes
-Get a collection of scheduled definition for a given monetary account. You can add the parameter type to filter the response. When type={SCHEDULE_DEFINITION_PAYMENT,SCHEDULE_DEFINITION_PAYMENT_BATCH} is provided only schedule definition object that relate to these definitions are returned.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
view for reading the scheduled definitions.
-This is how the error response looks like for 4XX response codes
-view for reading, updating and listing the scheduled instance.
-userID required | integer |
monetary-accountID required | integer |
scheduleID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
view for reading, updating and listing the scheduled instance.
-This is how the error response looks like for 4XX response codes
-view for reading, updating and listing the scheduled instance.
-userID required | integer |
monetary-accountID required | integer |
scheduleID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
view for reading, updating and listing the scheduled instance.
-This is how the error response looks like for 4XX response codes
-view for reading, updating and listing the scheduled instance.
-userID required | integer |
monetary-accountID required | integer |
scheduleID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
state required | string Change the state of the scheduleInstance from FAILED_USER_ERROR to RETRY. - |
view for reading, updating and listing the scheduled instance.
-This is how the error response looks like for 4XX response codes
-Endpoint for schedule payments.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
payment required | object (SchedulePaymentEntry_5b6aacb069c47) |
schedule required | object (Schedule_5b6aacb06bf37) |
Endpoint for schedule payments.
-This is how the error response looks like for 4XX response codes
-Endpoint for schedule payments.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Endpoint for schedule payments.
-This is how the error response looks like for 4XX response codes
-Endpoint for schedule payments.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Endpoint for schedule payments.
-This is how the error response looks like for 4XX response codes
-Endpoint for schedule payments.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Endpoint for schedule payments.
-This is how the error response looks like for 4XX response codes
-Endpoint for schedule payments.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
payment required | object (SchedulePaymentEntry_5b6aacb069c47) |
schedule required | object (Schedule_5b6aacb06bf37) |
Endpoint for schedule payments.
-This is how the error response looks like for 4XX response codes
-Endpoint for schedule payment batches.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
payments required | Array of object The payment details. - |
schedule required | object (Schedule_5b6aacb06bf37) |
Endpoint for schedule payment batches.
-This is how the error response looks like for 4XX response codes
-Endpoint for schedule payment batches.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
payments required | Array of object The payment details. - |
schedule required | object (Schedule_5b6aacb06bf37) |
Endpoint for schedule payment batches.
-This is how the error response looks like for 4XX response codes
-Endpoint for schedule payment batches.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Endpoint for schedule payment batches.
-This is how the error response looks like for 4XX response codes
-Show the ServerPublicKey for this Installation.
-installationID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Using /installation/_/server-public-key you can request the ServerPublicKey again. This is done by referring to the id of the Installation.
-This is how the error response looks like for 4XX response codes
-Deletes the current session.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Endpoint for operations over the current session.
-This is how the error response looks like for 4XX response codes
-Create a new session for a DeviceServer. Provide the Installation token in the "X-Bunq-Client-Authentication" header. And don't forget to create the "X-Bunq-Client-Signature" header. The response contains a Session token that should be used for as the "X-Bunq-Client-Authentication" header for all future API calls. The ip address making this call needs to match the ip address bound to your API key.
-Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
secret required | string The API key of the user you want to login. If your API key has not been used before, it will be bound to the ip address of this DeviceServer. - |
Once you have created an Installation and a DeviceServer with that Installation, then you are ready to start a session! A session expires after the same amount of time you have set for Auto Logout in your user account. By default this is 1 week. If a request is made 30 seconds before a session expires, it will be extended from that moment by your auto logout time, but never by more than 5 minutes.
-This is how the error response looks like for 4XX response codes
-Create a new share inquiry for a monetary account, specifying the permission the other bunq user will have on it.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
counter_user_alias required | object (Pointer_5b6aacaeac0b3) |
draft_share_invite_bank_id | integer The id of the draft share invite bank. - |
share_detail required | object (ShareDetail_5b6aacaf1d614) |
status required | string The status of the share. Can be PENDING, REVOKED (the user deletes the share inquiry before it's accepted), ACCEPTED, CANCELLED (the user deletes an active share) or CANCELLATION_PENDING, CANCELLATION_ACCEPTED, CANCELLATION_REJECTED (for canceling mutual connects). - |
share_type | string The share type, either STANDARD or MUTUAL. - |
start_date | string The start date of this share. - |
end_date | string The expiration date of this share. - |
Used to share a monetary account with another bunq user, as in the 'Connect' feature in the bunq app. Allow the creation of share inquiries that, in the same way as request inquiries, can be revoked by the user creating them or accepted/rejected by the other party.
-This is how the error response looks like for 4XX response codes
-Get a list with all the share inquiries for a monetary account, only if the requesting user has permission to change the details of the various ones.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to share a monetary account with another bunq user, as in the 'Connect' feature in the bunq app. Allow the creation of share inquiries that, in the same way as request inquiries, can be revoked by the user creating them or accepted/rejected by the other party.
-This is how the error response looks like for 4XX response codes
-Get the details of a specific share inquiry.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to share a monetary account with another bunq user, as in the 'Connect' feature in the bunq app. Allow the creation of share inquiries that, in the same way as request inquiries, can be revoked by the user creating them or accepted/rejected by the other party.
-This is how the error response looks like for 4XX response codes
-Update the details of a share. This includes updating status (revoking or cancelling it), granted permission and validity period of this share.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
counter_user_alias required | object (Pointer_5b6aacaeac0b3) |
draft_share_invite_bank_id | integer The id of the draft share invite bank. - |
share_detail required | object (ShareDetail_5b6aacaf1d614) |
status required | string The status of the share. Can be PENDING, REVOKED (the user deletes the share inquiry before it's accepted), ACCEPTED, CANCELLED (the user deletes an active share) or CANCELLATION_PENDING, CANCELLATION_ACCEPTED, CANCELLATION_REJECTED (for canceling mutual connects). - |
share_type | string The share type, either STANDARD or MUTUAL. - |
start_date | string The start date of this share. - |
end_date | string The expiration date of this share. - |
Used to share a monetary account with another bunq user, as in the 'Connect' feature in the bunq app. Allow the creation of share inquiries that, in the same way as request inquiries, can be revoked by the user creating them or accepted/rejected by the other party.
-This is how the error response looks like for 4XX response codes
-Return the details of a specific share a user was invited to.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to view or respond to shares a user was invited to. See 'share-invite-bank-inquiry' for more information about the inquiring endpoint.
-This is how the error response looks like for 4XX response codes
-Accept or reject a share a user was invited to.
-userID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
status | string The status of the share. Can be PENDING, REVOKED (the user deletes the share inquiry before it's accepted), ACCEPTED, CANCELLED (the user deletes an active share) or CANCELLATION_PENDING, CANCELLATION_ACCEPTED, CANCELLATION_REJECTED (for canceling mutual connects) - |
Used to view or respond to shares a user was invited to. See 'share-invite-bank-inquiry' for more information about the inquiring endpoint.
-This is how the error response looks like for 4XX response codes
-Return all the shares a user was invited to.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to view or respond to shares a user was invited to. See 'share-invite-bank-inquiry' for more information about the inquiring endpoint.
-This is how the error response looks like for 4XX response codes
-Get a specific tab. This returns a TabUsageSingle or TabUsageMultiple.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Once your CashRegister has been activated you can use it to create Tabs. A Tab is a template for a payment. In contrast to requests a Tab is not pointed towards a specific user. Any user can pay the Tab as long as it is made visible by you. The creation of a Tab happens with /tab-usage-single or /tab-usage-multiple. A TabUsageSingle is a Tab that can be paid once. A TabUsageMultiple is a Tab that can be paid multiple times by different users.
-This is how the error response looks like for 4XX response codes
-Get a collection of tabs.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Once your CashRegister has been activated you can use it to create Tabs. A Tab is a template for a payment. In contrast to requests a Tab is not pointed towards a specific user. Any user can pay the Tab as long as it is made visible by you. The creation of a Tab happens with /tab-usage-single or /tab-usage-multiple. A TabUsageSingle is a Tab that can be paid once. A TabUsageMultiple is a Tab that can be paid multiple times by different users.
-This is how the error response looks like for 4XX response codes
-Get a publicly visible tab.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to read a single publicly visible tab.
-This is how the error response looks like for 4XX response codes
-Modify a TabItem from a given Tab.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
tabUUID required | string |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
description required | string The TabItem's brief description. Can't be empty and must be no longer than 100 characters - |
ean_code | string The TabItem's EAN code. - |
avatar_attachment_uuid | string An AttachmentPublic UUID that used as an avatar for the TabItem. - |
tab_attachment | array A list of AttachmentTab attached to the TabItem. - |
quantity | string The quantity of the TabItem. Formatted as a number containing up to 15 digits, up to 15 decimals and using a dot. - |
amount | object (Amount_5b6aacaea9d10) |
After you’ve created a Tab using /tab-usage-single or /tab-usage-multiple you can add items and attachments using tab-item. You can only add or modify TabItems of a Tab which status is OPEN. The amount of the TabItems will not influence the total_amount of the corresponding Tab. However, if you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to PAYABLE/WAITING_FOR_PAYMENT.
-This is how the error response looks like for 4XX response codes
-Delete a specific TabItem from a Tab.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
tabUUID required | string |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
After you’ve created a Tab using /tab-usage-single or /tab-usage-multiple you can add items and attachments using tab-item. You can only add or modify TabItems of a Tab which status is OPEN. The amount of the TabItems will not influence the total_amount of the corresponding Tab. However, if you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to PAYABLE/WAITING_FOR_PAYMENT.
-This is how the error response looks like for 4XX response codes
-Get a specific TabItem from a given Tab.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
tabUUID required | string |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
After you’ve created a Tab using /tab-usage-single or /tab-usage-multiple you can add items and attachments using tab-item. You can only add or modify TabItems of a Tab which status is OPEN. The amount of the TabItems will not influence the total_amount of the corresponding Tab. However, if you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to PAYABLE/WAITING_FOR_PAYMENT.
-This is how the error response looks like for 4XX response codes
-Create a new TabItem for a given Tab.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
tabUUID required | string |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
description required | string The TabItem's brief description. Can't be empty and must be no longer than 100 characters - |
ean_code | string The TabItem's EAN code. - |
avatar_attachment_uuid | string An AttachmentPublic UUID that used as an avatar for the TabItem. - |
tab_attachment | array A list of AttachmentTab attached to the TabItem. - |
quantity | string The quantity of the TabItem. Formatted as a number containing up to 15 digits, up to 15 decimals and using a dot. - |
amount | object (Amount_5b6aacaea9d10) |
After you’ve created a Tab using /tab-usage-single or /tab-usage-multiple you can add items and attachments using tab-item. You can only add or modify TabItems of a Tab which status is OPEN. The amount of the TabItems will not influence the total_amount of the corresponding Tab. However, if you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to PAYABLE/WAITING_FOR_PAYMENT.
-This is how the error response looks like for 4XX response codes
-Get a collection of TabItems from a given Tab.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
tabUUID required | string |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
After you’ve created a Tab using /tab-usage-single or /tab-usage-multiple you can add items and attachments using tab-item. You can only add or modify TabItems of a Tab which status is OPEN. The amount of the TabItems will not influence the total_amount of the corresponding Tab. However, if you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to PAYABLE/WAITING_FOR_PAYMENT.
-This is how the error response looks like for 4XX response codes
-Create tab items as a batch.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
tabUUID required | string |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
tab_items required | Array of object The list of tab items we want to create in a single batch. Limited to 50 items per batch. - |
Create a batch of tab items.
-This is how the error response looks like for 4XX response codes
-Used to view a list of TabResultInquiry objects belonging to a tab.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
tabUUID required | string |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to view TabResultInquiry objects belonging to a tab. A TabResultInquiry is an object that holds details on both the tab and a single payment made for that tab.
-This is how the error response looks like for 4XX response codes
-Used to view a single TabResultInquiry belonging to a tab.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
tabUUID required | string |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to view TabResultInquiry objects belonging to a tab. A TabResultInquiry is an object that holds details on both the tab and a single payment made for that tab.
-This is how the error response looks like for 4XX response codes
-Used to view a list of TabResultResponse objects belonging to a tab.
-userID required | integer |
monetary-accountID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to view TabResultResponse objects belonging to a tab. A TabResultResponse is an object that holds details on a tab which has been paid from the provided monetary account.
-This is how the error response looks like for 4XX response codes
-Used to view a single TabResultResponse belonging to a tab.
-userID required | integer |
monetary-accountID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Used to view TabResultResponse objects belonging to a tab. A TabResultResponse is an object that holds details on a tab which has been paid from the provided monetary account.
-This is how the error response looks like for 4XX response codes
-Create a TabUsageMultiple. On creation the status must be set to OPEN
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
description required | string The description of the TabUsageMultiple. Maximum 9000 characters. Field is required but can be an empty string. - |
status required | string The status of the TabUsageMultiple. On creation the status must be set to OPEN. You can change the status from OPEN to PAYABLE. If the TabUsageMultiple gets paid the status will remain PAYABLE. - |
amount_total required | object (Amount_5b6aacaea9d10) |
allow_amount_higher | boolean [DEPRECATED] Whether or not a higher amount can be paid. - |
allow_amount_lower | boolean [DEPRECATED] Whether or not a lower amount can be paid. - |
want_tip | boolean [DEPRECATED] Whether or not the user paying the Tab should be asked if he wants to give a tip. When want_tip is set to true, allow_amount_higher must also be set to true and allow_amount_lower must be false. - |
minimum_age | integer The minimum age of the user paying the Tab. - |
require_address | string Whether a billing and shipping address must be provided when paying the Tab. Possible values are: BILLING, SHIPPING, BILLING_SHIPPING, NONE, OPTIONAL. Default is NONE. - |
redirect_url | string The URL which the user is sent to after paying the Tab. - |
visibility | object (TabVisibility_5b6aacaedee2d) |
expiration | string The moment when this Tab expires. Can be at most 365 days into the future. - |
tab_attachment | Array of object An array of attachments that describe the tab. Uploaded through the POST /user/{userid}/attachment-tab endpoint. - |
TabUsageMultiple is a Tab that can be paid by multiple users. Just like the TabUsageSingle it is created with the status OPEN, the visibility can be defined in the visibility object and TabItems can be added as long as the status is OPEN. When you change the status to PAYABLE any bunq user can use the tab to make a payment to your account. After an user has paid your TabUsageMultiple the status will not change, it will stay PAYABLE. For example: you can create a TabUsageMultiple with require_address set to true. Now show the QR code of this Tab on your webshop, and any bunq user can instantly pay and order something from your webshop.
-This is how the error response looks like for 4XX response codes
-Get a collection of TabUsageMultiple.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
TabUsageMultiple is a Tab that can be paid by multiple users. Just like the TabUsageSingle it is created with the status OPEN, the visibility can be defined in the visibility object and TabItems can be added as long as the status is OPEN. When you change the status to PAYABLE any bunq user can use the tab to make a payment to your account. After an user has paid your TabUsageMultiple the status will not change, it will stay PAYABLE. For example: you can create a TabUsageMultiple with require_address set to true. Now show the QR code of this Tab on your webshop, and any bunq user can instantly pay and order something from your webshop.
-This is how the error response looks like for 4XX response codes
-Modify a specific TabUsageMultiple. You can change the amount_total, status and visibility. Once you change the status to PAYABLE the TabUsageMultiple will expire after a year (default). If you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to PAYABLE.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
description required | string The description of the TabUsageMultiple. Maximum 9000 characters. Field is required but can be an empty string. - |
status required | string The status of the TabUsageMultiple. On creation the status must be set to OPEN. You can change the status from OPEN to PAYABLE. If the TabUsageMultiple gets paid the status will remain PAYABLE. - |
amount_total required | object (Amount_5b6aacaea9d10) |
allow_amount_higher | boolean [DEPRECATED] Whether or not a higher amount can be paid. - |
allow_amount_lower | boolean [DEPRECATED] Whether or not a lower amount can be paid. - |
want_tip | boolean [DEPRECATED] Whether or not the user paying the Tab should be asked if he wants to give a tip. When want_tip is set to true, allow_amount_higher must also be set to true and allow_amount_lower must be false. - |
minimum_age | integer The minimum age of the user paying the Tab. - |
require_address | string Whether a billing and shipping address must be provided when paying the Tab. Possible values are: BILLING, SHIPPING, BILLING_SHIPPING, NONE, OPTIONAL. Default is NONE. - |
redirect_url | string The URL which the user is sent to after paying the Tab. - |
visibility | object (TabVisibility_5b6aacaedee2d) |
expiration | string The moment when this Tab expires. Can be at most 365 days into the future. - |
tab_attachment | Array of object An array of attachments that describe the tab. Uploaded through the POST /user/{userid}/attachment-tab endpoint. - |
TabUsageMultiple is a Tab that can be paid by multiple users. Just like the TabUsageSingle it is created with the status OPEN, the visibility can be defined in the visibility object and TabItems can be added as long as the status is OPEN. When you change the status to PAYABLE any bunq user can use the tab to make a payment to your account. After an user has paid your TabUsageMultiple the status will not change, it will stay PAYABLE. For example: you can create a TabUsageMultiple with require_address set to true. Now show the QR code of this Tab on your webshop, and any bunq user can instantly pay and order something from your webshop.
-This is how the error response looks like for 4XX response codes
-Close a specific TabUsageMultiple.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
TabUsageMultiple is a Tab that can be paid by multiple users. Just like the TabUsageSingle it is created with the status OPEN, the visibility can be defined in the visibility object and TabItems can be added as long as the status is OPEN. When you change the status to PAYABLE any bunq user can use the tab to make a payment to your account. After an user has paid your TabUsageMultiple the status will not change, it will stay PAYABLE. For example: you can create a TabUsageMultiple with require_address set to true. Now show the QR code of this Tab on your webshop, and any bunq user can instantly pay and order something from your webshop.
-This is how the error response looks like for 4XX response codes
-Get a specific TabUsageMultiple.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
TabUsageMultiple is a Tab that can be paid by multiple users. Just like the TabUsageSingle it is created with the status OPEN, the visibility can be defined in the visibility object and TabItems can be added as long as the status is OPEN. When you change the status to PAYABLE any bunq user can use the tab to make a payment to your account. After an user has paid your TabUsageMultiple the status will not change, it will stay PAYABLE. For example: you can create a TabUsageMultiple with require_address set to true. Now show the QR code of this Tab on your webshop, and any bunq user can instantly pay and order something from your webshop.
-This is how the error response looks like for 4XX response codes
-Create a TabUsageSingle. The initial status must be OPEN
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
merchant_reference | string The reference of the Tab, as defined by the owner. This reference will be set for any payment that is generated by this tab. Must be unique among all the owner's tabs for the used monetary account. - |
description required | string The description of the Tab. Maximum 9000 characters. Field is required but can be an empty string. - |
status required | string The status of the Tab. On creation the status must be set to OPEN. You can change the status from OPEN to WAITING_FOR_PAYMENT. - |
amount_total required | object (Amount_5b6aacaea9d10) |
allow_amount_higher | boolean [DEPRECATED] Whether or not a higher amount can be paid. - |
allow_amount_lower | boolean [DEPRECATED] Whether or not a lower amount can be paid. - |
want_tip | boolean [DEPRECATED] Whether or not the user paying the Tab should be asked if he wants to give a tip. When want_tip is set to true, allow_amount_higher must also be set to true and allow_amount_lower must be false. - |
minimum_age | integer The minimum age of the user paying the Tab. - |
require_address | string Whether a billing and shipping address must be provided when paying the Tab. Possible values are: BILLING, SHIPPING, BILLING_SHIPPING, NONE, OPTIONAL. Default is NONE. - |
redirect_url | string The URL which the user is sent to after paying the Tab. - |
visibility | object (TabVisibility_5b6aacaedee2d) |
expiration | string The moment when this Tab expires. Can be at most 1 hour into the future. - |
tab_attachment | Array of object An array of attachments that describe the tab. Uploaded through the POST /user/{userid}/attachment-tab endpoint. - |
TabUsageSingle is a Tab that can be paid once. The TabUsageSingle is created with the status OPEN. Optionally you can add TabItems to the tab using /tab/_/tab-item, TabItems don't affect the total amount of the Tab. However, if you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to WAITING_FOR_PAYMENT. By setting the visibility object a TabUsageSingle with the status OPEN or WAITING_FOR_PAYMENT can be made visible to customers. As soon as a customer pays the TabUsageSingle its status changes to PAID, and it can't be paid again.
-This is how the error response looks like for 4XX response codes
-Get a collection of TabUsageSingle.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
TabUsageSingle is a Tab that can be paid once. The TabUsageSingle is created with the status OPEN. Optionally you can add TabItems to the tab using /tab/_/tab-item, TabItems don't affect the total amount of the Tab. However, if you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to WAITING_FOR_PAYMENT. By setting the visibility object a TabUsageSingle with the status OPEN or WAITING_FOR_PAYMENT can be made visible to customers. As soon as a customer pays the TabUsageSingle its status changes to PAID, and it can't be paid again.
-This is how the error response looks like for 4XX response codes
-Modify a specific TabUsageSingle. You can change the amount_total, status and visibility. Once you change the status to WAITING_FOR_PAYMENT the TabUsageSingle will expire after 5 minutes (default) or up to 1 hour if a different expiration is provided.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
merchant_reference | string The reference of the Tab, as defined by the owner. This reference will be set for any payment that is generated by this tab. Must be unique among all the owner's tabs for the used monetary account. - |
description required | string The description of the Tab. Maximum 9000 characters. Field is required but can be an empty string. - |
status required | string The status of the Tab. On creation the status must be set to OPEN. You can change the status from OPEN to WAITING_FOR_PAYMENT. - |
amount_total required | object (Amount_5b6aacaea9d10) |
allow_amount_higher | boolean [DEPRECATED] Whether or not a higher amount can be paid. - |
allow_amount_lower | boolean [DEPRECATED] Whether or not a lower amount can be paid. - |
want_tip | boolean [DEPRECATED] Whether or not the user paying the Tab should be asked if he wants to give a tip. When want_tip is set to true, allow_amount_higher must also be set to true and allow_amount_lower must be false. - |
minimum_age | integer The minimum age of the user paying the Tab. - |
require_address | string Whether a billing and shipping address must be provided when paying the Tab. Possible values are: BILLING, SHIPPING, BILLING_SHIPPING, NONE, OPTIONAL. Default is NONE. - |
redirect_url | string The URL which the user is sent to after paying the Tab. - |
visibility | object (TabVisibility_5b6aacaedee2d) |
expiration | string The moment when this Tab expires. Can be at most 1 hour into the future. - |
tab_attachment | Array of object An array of attachments that describe the tab. Uploaded through the POST /user/{userid}/attachment-tab endpoint. - |
TabUsageSingle is a Tab that can be paid once. The TabUsageSingle is created with the status OPEN. Optionally you can add TabItems to the tab using /tab/_/tab-item, TabItems don't affect the total amount of the Tab. However, if you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to WAITING_FOR_PAYMENT. By setting the visibility object a TabUsageSingle with the status OPEN or WAITING_FOR_PAYMENT can be made visible to customers. As soon as a customer pays the TabUsageSingle its status changes to PAID, and it can't be paid again.
-This is how the error response looks like for 4XX response codes
-Cancel a specific TabUsageSingle.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
TabUsageSingle is a Tab that can be paid once. The TabUsageSingle is created with the status OPEN. Optionally you can add TabItems to the tab using /tab/_/tab-item, TabItems don't affect the total amount of the Tab. However, if you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to WAITING_FOR_PAYMENT. By setting the visibility object a TabUsageSingle with the status OPEN or WAITING_FOR_PAYMENT can be made visible to customers. As soon as a customer pays the TabUsageSingle its status changes to PAID, and it can't be paid again.
-This is how the error response looks like for 4XX response codes
-Get a specific TabUsageSingle.
-userID required | integer |
monetary-accountID required | integer |
cash-registerID required | integer |
itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
TabUsageSingle is a Tab that can be paid once. The TabUsageSingle is created with the status OPEN. Optionally you can add TabItems to the tab using /tab/_/tab-item, TabItems don't affect the total amount of the Tab. However, if you've created any TabItems for a Tab the sum of the amounts of these items must be equal to the total_amount of the Tab when you change its status to WAITING_FOR_PAYMENT. By setting the visibility object a TabUsageSingle with the status OPEN or WAITING_FOR_PAYMENT can be made visible to customers. As soon as a customer pays the TabUsageSingle its status changes to PAID, and it can't be paid again.
-This is how the error response looks like for 4XX response codes
-Create a request from an ideal transaction.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
token required | string The token passed from a site or read from a QR code. - |
Using this call you create a request for payment from an external token provided with an ideal transaction. Make sure your iDEAL payments are compliant with the iDEAL standards, by following the following manual: https:/www.bunq.com/terms-idealstandards. It's very important to keep these points in mind when you are using the endpoint to make iDEAL payments from your application.
-This is how the error response looks like for 4XX response codes
-Create a request from an SOFORT transaction.
-userID required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
token required | string The token passed from a site or read from a QR code. - |
Using this call you can create a SOFORT Request assigned to your User by providing the Token of the request.
-This is how the error response looks like for 4XX response codes
-Get a specific user.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Using this call you can retrieve information of the user you are logged in as. This includes your user id, which is referred to in endpoints.
-This is how the error response looks like for 4XX response codes
-Get a collection of all available users.
-Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
Using this call you can retrieve information of the user you are logged in as. This includes your user id, which is referred to in endpoints.
-This is how the error response looks like for 4XX response codes
-Get a specific company.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
With UserCompany you can retrieve information regarding the authenticated UserCompany and update specific fields.
Notification filters can be set on a UserCompany level to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Modify a specific company's data.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
name | string The company name. - |
public_nick_name | string The company's nick name. - |
avatar_uuid | string The public UUID of the company's avatar. - |
address_main required | object (Address_5b6aacaeac59c) |
address_postal | object (Address_5b6aacaeac59c) |
language required | string The person's preferred language. Formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, seperated by an underscore. - |
region required | string The person's preferred region. Formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, seperated by an underscore. - |
country | string The country where the company is registered. - |
ubo | Array of object The names and birth dates of the company's ultimate beneficiary owners. Minimum zero, maximum four. - |
chamber_of_commerce_number | string The company's chamber of commerce number. - |
status | string The user status. Can be: ACTIVE, SIGNUP, RECOVERY. - |
sub_status | string The user sub-status. Can be: NONE, FACE_RESET, APPROVAL, APPROVAL_DIRECTOR, APPROVAL_PARENT, APPROVAL_SUPPORT, COUNTER_IBAN, IDEAL or SUBMIT. - |
session_timeout | integer The setting for the session timeout of the company in seconds. - |
daily_limit_without_confirmation_login | object (Amount_5b6aacaea9d10) |
notification_filters | Array of object The types of notifications that will result in a push notification or URL callback for this UserCompany. - |
With UserCompany you can retrieve information regarding the authenticated UserCompany and update specific fields.
Notification filters can be set on a UserCompany level to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Get a specific person.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
With UserPerson you can retrieve information regarding the authenticated UserPerson and update specific fields.
Notification filters can be set on a UserPerson level to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-Modify a specific person object's data.
-itemId required | integer |
Cache-Control required | string The standard HTTP Cache-Control header is required for all requests. - |
User-Agent required | string The User-Agent header field should contain information about the user agent originating the request. There are no restrictions on the value of this header. - |
X-Bunq-Language required | string The X-Bunq-Language header must contain a preferred language indication. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. Currently only the languages en_US and nl_NL are supported. Anything else will default to en_US. - |
X-Bunq-Region required | string The X-Bunq-Region header must contain the region (country) of the client device. The value of this header is formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, separated by an underscore. - |
X-Bunq-Client-Request-Id required | string This header must specify an ID with each request that is unique for the logged in user. There are no restrictions for the format of this ID. However, the server will respond with an error when the same ID is used again on the same DeviceServer. - |
X-Bunq-Geolocation required | string This header must specify the geolocation of the device. The format of this value is longitude latitude altitude radius country. The country is expected to be formatted of an ISO 3166-1 alpha-2 country code. When no geolocation is available or known the header must still be included but can be zero valued. - |
X-Bunq-Client-Authentication required | string The authentication token is used to authenticate the source of the API call. It is required by all API calls except for POST /v1/installation. It is important to note that the device and session calls are using the token from the response of the installation call, while all the other calls use the token from the response of the session-server call - |
first_name | string The person's first name. - |
middle_name | string The person's middle name. - |
last_name | string The person's last name. - |
public_nick_name | string The person's public nick name. - |
address_main required | object (Address_5b6aacaeac59c) |
address_postal | object (Address_5b6aacaeac59c) |
avatar_uuid required | string The public UUID of the user's avatar. - |
tax_resident | Array of object The user's tax residence numbers for different countries. - |
document_type required | string The type of identification document the person registered with. - |
document_number required | string The identification document number the person registered with. - |
document_country_of_issuance required | string The country which issued the identification document the person registered with. - |
document_front_attachment_id required | integer The reference to the uploaded picture/scan of the front side of the identification document. - |
document_back_attachment_id | integer The reference to the uploaded picture/scan of the back side of the identification document. - |
date_of_birth required | string The person's date of birth. Accepts ISO8601 date formats. - |
place_of_birth required | string The person's place of birth. - |
country_of_birth required | string The person's country of birth. Formatted as a SO 3166-1 alpha-2 country code. - |
nationality required | string The person's nationality. Formatted as a SO 3166-1 alpha-2 country code. - |
language required | string The person's preferred language. Formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, seperated by an underscore. - |
region required | string The person's preferred region. Formatted as a ISO 639-1 language code plus a ISO 3166-1 alpha-2 country code, seperated by an underscore. - |
gender required | string The person's gender. Can be: MALE, FEMALE and UNKNOWN. - |
status required | string The user status. You are not allowed to update the status via PUT. - |
sub_status required | string The user sub-status. Can be updated to SUBMIT if status is RECOVERY. - |
legal_guardian_alias required | object (Pointer_5b6aacaeac0b3) |
session_timeout required | integer The setting for the session timeout of the user in seconds. - |
card_ids | Array of object Card ids used for centralized card limits. - |
card_limits | Array of object The centralized limits for user's cards. - |
daily_limit_without_confirmation_login required | object (Amount_5b6aacaea9d10) |
notification_filters | Array of object The types of notifications that will result in a push notification or URL callback for this UserPerson. - |
With UserPerson you can retrieve information regarding the authenticated UserPerson and update specific fields.
Notification filters can be set on a UserPerson level to receive callbacks. For more information check the dedicated callbacks page.
This is how the error response looks like for 4XX response codes
-