4.5 KiB
API Documentation
Authentication
All API endpoints (except /api/auth/login) require authentication via JWT token in the Authorization header:
Authorization: Bearer <token>
Endpoints
Authentication
POST /api/auth/login
Operator login.
Request Body:
{
"operatorId": "string",
"password": "string",
"terminalId": "string" (optional)
}
Response:
{
"token": "string",
"operator": {
"id": "string",
"operatorId": "string",
"name": "string",
"role": "MAKER" | "CHECKER" | "ADMIN"
}
}
POST /api/auth/logout
Operator logout.
Headers: Authorization: Bearer <token>
Response:
{
"message": "Logged out successfully"
}
GET /api/auth/me
Get current operator information.
Headers: Authorization: Bearer <token>
Response:
{
"id": "string",
"operatorId": "string",
"name": "string",
"role": "MAKER" | "CHECKER" | "ADMIN"
}
Payments
POST /api/payments
Initiate payment (Maker role required).
Headers: Authorization: Bearer <token>
Request Body:
{
"type": "CUSTOMER_CREDIT_TRANSFER" | "FI_TO_FI",
"amount": 1234.56,
"currency": "USD" | "EUR" | "GBP" | "JPY",
"senderAccount": "string",
"senderBIC": "string",
"receiverAccount": "string",
"receiverBIC": "string",
"beneficiaryName": "string",
"purpose": "string" (optional),
"remittanceInfo": "string" (optional)
}
Response:
{
"paymentId": "string",
"status": "PENDING_APPROVAL",
"message": "Payment initiated, pending approval"
}
POST /api/payments/:id/approve
Approve payment (Checker role required).
Headers: Authorization: Bearer <token>
Response:
{
"message": "Payment approved and processing",
"paymentId": "string"
}
POST /api/payments/:id/reject
Reject payment (Checker role required).
Headers: Authorization: Bearer <token>
Request Body:
{
"reason": "string" (optional)
}
Response:
{
"message": "Payment rejected",
"paymentId": "string"
}
GET /api/payments/:id
Get payment status.
Headers: Authorization: Bearer <token>
Response:
{
"paymentId": "string",
"status": "string",
"amount": 1234.56,
"currency": "USD",
"uetr": "string" | null,
"ackReceived": false,
"settlementConfirmed": false,
"createdAt": "2024-01-01T00:00:00Z"
}
GET /api/payments
List payments.
Headers: Authorization: Bearer <token>
Query Parameters:
limit(optional, default: 50)offset(optional, default: 0)
Response:
{
"payments": [
{
"id": "string",
"payment_id": "string",
"type": "string",
"amount": 1234.56,
"currency": "USD",
"status": "string",
"created_at": "2024-01-01T00:00:00Z"
}
],
"total": 10
}
Reconciliation
GET /api/reconciliation/daily
Generate daily reconciliation report (Checker role required).
Headers: Authorization: Bearer <token>
Query Parameters:
date(optional, ISO date string, default: today)
Response:
{
"report": "string (formatted text report)",
"date": "2024-01-01"
}
GET /api/reconciliation/aging
Get aging items (Checker role required).
Headers: Authorization: Bearer <token>
Query Parameters:
days(optional, default: 1)
Response:
{
"items": [
{
"id": "string",
"payment_id": "string",
"amount": 1234.56,
"currency": "USD",
"status": "string",
"created_at": "2024-01-01T00:00:00Z",
"aging_reason": "string"
}
],
"count": 5
}
Health Check
GET /health
Health check endpoint.
Response:
{
"status": "ok",
"timestamp": "2024-01-01T00:00:00Z"
}
Error Responses
All endpoints may return error responses:
{
"error": "Error message"
}
Status codes:
400- Bad Request401- Unauthorized403- Forbidden404- Not Found500- Internal Server Error
Payment Status Flow
INITIATED- Payment created by MakerPENDING_APPROVAL- Awaiting Checker approvalAPPROVED- Approved by CheckerCOMPLIANCE_CHECKING- Under compliance screeningCOMPLIANCE_PASSED- Screening passedLEDGER_POSTED- Funds reserved in ledgerMESSAGE_GENERATED- ISO 20022 message createdTRANSMITTED- Message sent via TLSACK_RECEIVED- Acknowledgment receivedSETTLED- Settlement confirmedFAILED- Processing failedCANCELLED- Rejected/cancelled