Connections
Connections materialize the individual link between a user and a connector. They act as a parent for business data and hold metadata about the synchronization state, the PSU credentials and consents.
API endpoints
Authentication: endpoints listed in this page require header authentication with a user token.
Connections management
Create a new connection
POST
https://{domain}.biapi.pro/2.0/users/{userId}/connections
Request body: ConnectionRequest object
Path Parameters
Name | Type | Description |
---|---|---|
userId* | Interger or "me" | ID of the related user. |
Response body: Connection object
List connections
GET
https://{domain}.biapi.pro/2.0/users/{userId}/connections
Path Parameters
Name | Type | Description |
---|---|---|
userId* | Interger or "me" | ID of the related user. |
Response body: ConnectionsList object
Get a connection
GET
https://{domain}.biapi.pro/2.0/users/{userId}/connections/{connectionId}
Get a single connection by ID.
Path Parameters
Name | Type | Description |
---|---|---|
userId* | Interger or "me" | ID of the related user. |
connectionId* | Integer | ID of the connection. |
Response body: Connection object
Update a connection
POST
https://{domain}.biapi.pro/2.0/users/{userId}/connections/{connectionId}
Update a single connection by ID.
Request body: ConnectionUpdateRequest object
Path Parameters
Name | Type | Description |
---|---|---|
userId* | Interger or "me" | ID of the related user. |
connectionId* | Integer | ID of the connection. |
Query Parameters
Name | Type | Description |
---|---|---|
background | Boolean | Flag to make the request asynchronous (i.e. the API will respond immediately and process the synchronization with the bank in background). When using this option, you must implement polling on the connection to monitor the state. |
Response body: Connection object
Sync a connection
PUT
https://{domain}.biapi.pro/2.0/users/{userId}/connections/{connectionId}
Request synchronization of a single connection by ID.
Path Parameters
Name | Type | Description |
---|---|---|
userId* | Interger or "me" | ID of the related user. |
connectionId* | Integer | ID of the connection. |
Query Parameters
Name | Type | Description |
---|---|---|
psu_requested | Boolean | Flag to indicate whether the refresh of the connection was asked by the final user. If set to |
Response body: Connection object
Delete a connection
DELETE
https://{domain}.biapi.pro/2.0/users/{userId}/connections/{connectionId}
This operation deletes the connection and all its related data (accounts, transactions, subscriptions, documents, identities...). This is a hard delete and cannot be reversed: the data (including full history) is permanently erased from Powens' databases. This operation meets GDPR requirements related to the deletion of personal data.
Path Parameters
Name | Type | Description |
---|---|---|
userId* | Interger or "me" | ID of the related user. |
connectionId* | Integer | ID of the connection. |
Response body: Connection object
Web authorization
Construct a connection URL for web authorization
GET
https://{domain}.biapi.pro/2.0/webauth-url
Constructs a connection URL for connectors (and sources) using the webauth
auth mechanism. The same service can be used for both establishing a new connection and resuming an existing connection that requires an update for SCA or consent renewal (i.e. in the SCARequired
state).
The returned URL should be presented on the device of the PSU using the most appropriate front-end components, taking full advantage of URL-handling behaviors to enable app-to-app experiences when available.
Query Parameters
Name | Type | Description |
---|---|---|
client_id* | Integer | The client ID of your client application. |
redirect_uri* | String | The final redirect URL to be redirected to after the flow has completed. This URL must not contain query parameters. Make sure to properly encode it. |
id_connector | Integer | To add a new connection only, the ID of the connector. The connector must have |
id_connection | Integer | To recover or resume a connection only, the ID of the connection. |
source | String | The specific source (designated by its |
state | String | An optional opaque string that will be returned 'as is' with the redirect URL. |
Response body: WebauthURL object
Redirect to a URL for web authorization
GET
https://{domain}.biapi.pro/2.0/webauth
The /webauth-url
endpoint provides an alternate (recommended) way to obtain the redirection URL in order to optimize app-to-app experiences.
This endpoint is a special redirection service to help presenting the auth webview from a connector (e.g. using OAuth2 protocol). This service is not an API endpoint, the URL must be navigated to in a browser.
Query Parameters
Name | Type | Description |
---|---|---|
client_id* | Integer | The client ID of your client application. |
redirect_uri* | String | The final redirect URL to be redirected to after the flow has completed. This URL must not contain query parameters. Make sure to properly encode it. |
id_connector | Integer | To add a new connection only, the ID of the connector. The connector must have |
id_connection | Integer | To recover or resume a connection only, the ID of the connection. |
source | String | The specific source (designated by its |
state | String | An optional opaque string that will be returned 'as is' with the redirect URL. |
token | String | A temporary authorization code to secure the call. |
Response body: WebauthURL object
To optimize user experience, the URL should be opened in a fully-capable browser. From a website or webapp, perform a full-page redirect. In a native Android app, prefer opening the default browser or relying on Chrome Custom Tabs. In a native iOS app, prefer using a SFSafariViewController.
After the flow has terminated, a redirection will be performed to the provided redirect_uri
, with additional query parameters:
Success callback parameters
Parameter | Type | Description |
---|---|---|
| Integer | The ID of the connection that was created or updated during the webauth flow. |
Error callback parameters
Parameter | Type | Description |
---|---|---|
| String | This parameter is added if an error occurred. |
| String | The description of the error, if available. |
Connection sources management
List sources of a connection
GET
https://{domain}.biapi.pro/2.0/users/{userId}/connections/{connectionId}/sources
By default, disabled
sources are omitted in the response. Add the all
query parameter to include them.
Path Parameters
Name | Type | Description |
---|---|---|
userId* | Interger or "me" | ID of the related user. |
connectionId* | Integer | ID of the connection. |
Query Parameters
Name | Type | Description |
---|---|---|
all | Value-less | Flag to include disabled sources. |
Response body: ConnectionSourcesList object
Get a connection source
GET
https://{domain}.biapi.pro/2.0/users/{userId}/connections/{connectionId}/sources/{sourceId}
Path Parameters
Name | Type | Description |
---|---|---|
userId* | Interger or "me" | ID of the related user. |
connectionId* | Integer | ID of the connection. |
sourceId* | Integer | ID of the source. |
Query Parameters
Name | Type | Description |
---|---|---|
all | Value-less | Flag to enable access to a disabled source. |
Response body: ConnectionSource object
Update a connection source
POST
https://{domain}.biapi.pro/2.0/users/{userId}/connections/{connectionId}/sources/{sourceId}
Request body: ConnectionSourceUpdateRequest object
Path Parameters
Name | Type | Description |
---|---|---|
userId* | Interger or "me" | ID of the related user. |
connectionId* | Integer | ID of the connection. |
sourceId* | Integer | ID of the source. |
Query Parameters
Name | Type | Description |
---|---|---|
all | Value-less | Flag to enable access to a disabled source. |
Response body: ConnectionSource object
Connection logs
List synchronization logs
GET
https://{domain}.biapi.pro/2.0/users/{userId}/connections/{connectionId}/logs
List synchronization logs of a connection by ID.
Path Parameters
Name | Type | Description |
---|---|---|
userId* | Interger or "me" | ID of the related user. |
connectionId* | Integer | ID of the connection. |
Query Parameters
Name | Type | Description |
---|---|---|
limit | Integer | Maximum number of results. |
offset | Integer | First result offset. |
min_date | Date | Minimum date. |
max_date | Date | Maximum date. |
id_source | Integer | ID of a connection source. |
Response body: ConnectionSourcesList object
Webhooks
Connection synced
A CONNECTION_SYNCED
webhook is emitted after a connection has been synced.
Webhook request:
Property | Type | Description |
---|---|---|
| User object | The user related to the sync. |
| Connection object | The connection details. |
| Connector object | The connector associated with the connection. |
| Array of ConnectionSource objects | The activated connection sources that were synced. |
| Array of BankAccount objects | The activated bank accounts sources that were synced. |
| Array of Investment objects | On each |
| Array of MarketOrder objects | On each |
| Array of Pocket objects | On each |
| Array of Recipient objects | (Deprecated) On each |
| Array of Transaction objects | On each |
| Array of Transfer objects | (Deprecated) On each |
| Array of Subscription objects | The activated subscriptions sources that were synced. |
| Array of Document objects | On each |
Connection deleted
A CONNECTION_DELETED
webhook is emitted after a connection has been deleted.
Webhook request: Connection object
Data model
ConnectionRequest object
Name | Type | Required | Description |
---|---|---|---|
| Integer | No | ID of the connector. Required if |
| String | No | UUID of the connector. Required if |
| String | No | The specific source (designated by its |
To add a connection to a connector/source using the credentials
AuthMechanism, you must also include in the request values from the connector fields
definition.
ConnectionsList object
Property | Type | Description |
---|---|---|
| Array of Connection objects | List of connections. |
Connection object
Property | Type | Description |
---|---|---|
| Integer | ID of the connection. |
| Integer or null | ID of the related user. |
| Integer | ID of the related connector. |
| Integer | (Deprecated) ID of the provider. |
| Integer | (Deprecated) ID of the bank. |
| ConnectionState string or null | If the last update failed, the state code. The |
| ConnectionState string or null | (Deprecated) If the last update failed, the state code. The |
| String or null | If the last update failed, an optional message from the institution to guide the user into recovering from the error. |
| Array of ConnectorField objects or null | For connections in an error state, an optional list of connector fields that must be prompted to the end-user. |
| DateTime or null | Last successful update. |
| DateTime or null | Creation date of the connection. |
| Boolean | Whether this connection is active and will be automatically synced. |
| DateTime or null | Last successful push. |
| DateTime or null | Highest value among expiration dates of connection sources. |
| String | UUID of the related connector. |
| DateTime or null | Scheduled date of next synchronization. |
Available expands
The following parameters can be used for response properties expansion:
Property | Type | Description |
---|---|---|
| Connector object | The connector associated with this connection. |
| Array of BankAccount objects | The list of activated bank accounts associated with the connection (disabled accounts are omitted). |
| Array of BankAccount objects | The list of all bank accounts associated with the connection, including disabled ones. |
| Array of Subscription objects | The list of activated subscriptions associated with the connection (disabled subscriptions are omitted). |
| Array of Subscription objects | The list of all subscriptions associated with the connection, including disabled ones. |
| Array of ConnectionSource objects | The details of the sources configured for the connection. |
ConnectionState values
Instructions for presenting and processing the various error states are available in our dedicated integration guide.
Value | Description |
---|---|
| An SCA process must be performed to resume the synchronization process. |
| A web-based authentication process is required using the /webauth endpoint. |
| Additional information is needed to resume synchronization, such as an OTP. Connections in this state have a |
| User validation is required on a third-party app or device (ex: digital key). |
| User validation is being processed on our side. This state is temporary. |
| An action is needed on the website by the user, synchronization is blocked. |
| The password has expired and needs to be changed by the user before the synchronization can be retried. |
| The authentication on website has failed and new credentials must be obtained from the user. Connections in this state have a |
| The target website or API is temporarily blocking synchronizations due to rate limiting. |
| The connector website or API is unavailable. |
| An internal error has occurred during the synchronization. |
| The source is not supported on the connector. |
Forward compatibility requirement: additional states may be added in the future. When implementing state handling, always fallback to a non-resolvable generic case for unknown values.
ConnectionUpdateRequest object
Property | Type | Required | Description |
---|---|---|---|
| String | No | The specific source (designated by its |
| Boolean | No | Whether the connection synchronization is active. |
| DateTime | No | Set expiration of the connection to this date. |
| Boolean | No | Resume a connection in the |
| Boolean | No | For PSD2 connections, renew the PSU's authorization before its automatic expiration. This process will trigger an SCA. This flag is only effective for the |
To edit a connection source using the credentials
AuthMechanism, you can also include in the request new values from the connector fields
.
ConnectionSourcesList object
Property | Type | Description |
---|---|---|
| Array of ConnectionSource objects | Sources of the connection. |
ConnectionSource object
Property | Type | Description |
---|---|---|
| Integer | ID of the connection source. |
| Integer | ID of the related connection. |
| Integer | ID of the related connector source. |
| String | Name of the connection source. |
| DateTime or null | Last successful update of the source. |
| DateTime or null | If set, this source is ignored on synchronizing the connection. |
| DateTime | Creation date of the connection source. |
| ConnectionState string or null | If the last update has failed, the state code. The null value indicates a successful sync. |
| DateTime or null | Expiration date of the access, if known. |
| DateTime or null | Expiration of the connection source. Used to purge the connection in case completion was not finished. |
| DateTime or null | Scheduled date of next synchronization. |
ConnectionSourceUpdateRequest object
Property | Type | Required | Description |
---|---|---|---|
| Boolean | No | Whether the source should be disabled or not. |
WebauthURL object
Property | Type | Description |
---|---|---|
| String | The URL to display. |
Last updated