Interacting with financial institutions via EBICS introduces a few problems due to the asynchronous nature of todays banking systems. Transactions are cleared once (or multiple times) a day via a central service. Due to this fact:
To solve those problems, the EBICS::Box tracks all important events and delivers webhooks to remote systems. A webhook is a simple HTTP Post request to a predefined URL. Each webhook contains most relevant information about an event, so that remote systems can perform most tasks whithout the need of an extra API request.
In order to use webhooks, you need to setup a webhook_url for each account you want
to track. Moreover, you need your organization's webhook_token to verify that requests
are really originating from your EBICS::Box.
When adding an endpoint to receive webhooks, please respond with a success http response code (something in the 2xx range). Anything else will be considered a failure and the box will retry token delivery. The Box will attempt to deliver each webhook up to 20 times with increasing time between each attempt.
The EBICS::Box API lets you perform several different actions with an Account:
id
uuid
|
Unique id for every event. |
|---|---|
account
string
|
IBAN of the account for which the event occured. |
type
string
|
Type of event. |
triggered_at
datetime
|
Date and time when given event was triggered. |
payload
object
|
Actual event payload. This differs from event to event. A list of all event types and their corresponding payloads is provided later in this document. |
signature
string
|
Based on your configuration key, the Box signs every webhook request. This way, you can ensure that payloads pushed to your webhook endpoint are really from the Box. Otherwise, "bad guys" might try to push fake webhooks to your publicly available webhook endpoint and trigger unwanted behaviour. |
webhook_status
string
|
Did the Box manage to deliver a webhook successfully. |
webhook_retries
integer
|
How often did the Box try to deliver a webhook. |
webhook_deliveries
array of objects
|
List of all attempts to deliver a webhook to your remote system. This is not provided on list views, but only when fetching details for a single event. |
_links
object
|
URLs for related resources and potential next actions |
GET
/events
page |
Page to show (default: 1) |
per_page |
Amount of results (default: 10) (maximum: 100) |
GET /events
HTTP/1.1 200 OK
[
{
"id": "30f83ad8-2291-11e6-b67b-9e71128cae77",
"signature": "lkasdjfhuahwkljehfa83h3we89oh4298HOWPEIJASDP903IJAEODS",
"account": "DE12345678987654345678",
"type": "credit_transfer_status_change",
"triggered_at": "2016-05-01 12:00:00",
"webhook_status": "success",
"webhook_retries": 2,
"_links": {
"self": "https://box.url/events/30f83ad8-2291-11e6-b67b-9e71128cae77"
}
},
…
]
GET
/events/:id
:id |
ID of credit transfer you want to fetch required |
GET /events/30f83ad8-2291-11e6-b67b-9e71128cae77
HTTP/1.1 200 OK
{
"id": "30f83ad8-2291-11e6-b67b-9e71128cae77",
"signature": "lkasdjfhuahwkljehfa83h3we89oh4298HOWPEIJASDP903IJAEODS",
"account": "DE12345678987654345678",
"type": "credit_transfer_status_change",
"triggered_at": "2016-05-01 12:00:00",
"payload": {
… depending on event …
},
"webhook_status": "success",
"webhook_retries": 2,
"webhook_deliveries": [
{
"delivery_at": "2016-05-01 12:01:05",
"response_body": "success",
"response_status": 200,
"response_time": 3
},
…
],
"_links": {
"self": "https://box.url/events/30f83ad8-2291-11e6-b67b-9e71128cae77"
}
}