Introduction
The AmpliFi API is designed to support Banking as a Service (BaaS) by providing a clear and consistent interface to back end banking services. It provides a layer of abstraction in front of popular banking-as-a-service APIs. The API provides direct server-side access to the AmpliFi back end functionality. This provides a single, unified, simplified, enriched, streamlined API for your front-end applications.
Key Features
Some key features of the API include the following:
-
Multi-backoffice routing -- A single user may get products from two different back-end systems. The API can orchestrate transactions in different back-offices into a single transaction in the front-end.
-
Multi-everything -- supports multiple customer segments, multiple users per customers, multiple languages, multiple authentication methods, and multiple back-offices across multiple banks, countries and currencies.
-
Data caching -- all the data passing through the middleware is stored in the database and is accessible as a stand-in for the front-end. In case of sudden communication failure AmpliFi can keep serving the front end for read-only transactions and can queue some active transactions until the back-office comes back online.
-
Two-way data synchronization -- AmpliFi pushes all the customer data into the front-end applications in real time in the background.
API Concepts
The API provides a collection of methods in the form of microservices available through a set of REST endpoints. These methods can be accessed directly from your program code.
All requests are made using the http verbs GET, PUT, POST and DELETE. The endpoints available through the Amplifi API are listed below.
The format for calling each API is given in the individual descriptions. For example, the call to the ping endpoint is given as
GET /ping/heartbeat
Using the cURL command line package this could be called as
where {url} is the URL for the AmpliFi server.
| Endpoint | Usage |
|---|---|
| ping | Check that the server is alive |
| token | Get or deactivate authorization token |
| user | Get and modify user details |
| devices | get all user's devices |
| authenticateddevices | get authenticated devices |
| account, accounts | get info for one or all accounts, make changes to an account |
| card, cards | get info for one or all of user's cards, make changes to a card |
| transfer | transfer funds between accounts |
| remittances | pay to external accounts |
| beneficiary, beneficiaries | list, create and modify beneficiaries or payees |
| externalaccount, externalaccounts | work with external accounts |
| prospect | work with prospective new users |
| bill, bills | manage bills paid by a user |
| cheques, checqueimage | manage checks |
| messages | manage messages for a user |
| invite, invites | manage invitations to possible new users |
| iou | manage IOUs |
| alerts | manage alerts |
| geocode, pois | access geographic location data |
| rates | get FX rates |
| at | show how an app was installed |
| undo | undo a previous action |
Details for each endpoint are described in the individual sections.
Common Elements
This section describes some elements that are common to most, if not all, of the AmpliFi API calls. These elements are not discussed in the individual descriptions unless necessary.
Each method is invoked by an http request to an API endpoint using one of the verbs GET, PUT, POST or DELETE. Path parameters may be encoded in the URL. Query parameters are not used.
All requests except login require the authorization token that is returned by a login call. This token must be copied to a header parameter named "token".
POST and PUT requests provide a request body, in JSON format. The Content-Type header should be application/json. For GET requests the body is empty.
Date-time strings are given in ISO 8601 format. Their names are prefixed with "dts".
Each request returns a status code, along with a set of standard http headers which may be ignored.
In some cases a response body is also returned in JSON format.
If the call succeeds, the response body includes the element
"success": true
and the status code is 200 or 201. If the call fails, the status code is 300 or greater, and the response body gives an appropriate message.