Tokens

These endpoints retrieve all tokens, a filtered list of tokens, or a specific token, as well as allowing you to cancel an existing token.

Get tokens

The GET /tokens endpoint retrieves a list of all tokens for the authenticated member.

SecurityBearer or BasicAuth
Request
query Parameters
type
string
Default: "INVALID"

Specifies the type of token returned.

Enum: "INVALID" "ACCESS" "TRANSFER"
Example: type=ACCESS
page.offset
string

The offset for the current page. If the offset has been provided in the request, this offset will be equal to the provided one. But if no offset was provided in the request (i.e. this is the first page) and the page is not empty, this field will be populated with a non-empty string. This may be helpful for loading the same page again, which might not always be possible with an empty offset due to a dynamic nature of the data.
The offset is not visible to a user and should not be parsed and/or understood in any way.

Example: page.offset=LerV6Jmex
page.limit
required
integer <int32>
Default: 1

The maximum number of records to return. This must be less than 200.

Example: page.limit=175
filter.sourceAccountId
string

Identifies the payer's account.

Example: filter.sourceAccountId=a:J72REftaRoiaDYRDU7M9FDgf8jeh3eqek9DvKeyBWbuA:3VMczyq7r7b6HwC
filter.destinationAccountId
string

Identifies the payee/beneficiary's account.

Example: filter.destinationAccountId=a:f34VSeqwfWGTGH23vsa2cDgecew209jdvcd5vdfv4vds:5VSWVRqicm4Csa2
filter.startTimeMs
string <string>

The filtered list start timestamp in milliseconds, 1 day (24 hours) = 8640000000, 1 hour = 36000000, and 1 minute = 60000.

Example: filter.startTimeMs=67505
filter.endTimeMs
string <string>

The filtered list end timestamp in milliseconds, 1 day (24 hours) = 8640000000, 1 hour = 36000000, and 1 minute = 60000.

Example: filter.endTimeMs=365650
filter.role
string
Default: "ANY"

Filters by accountHolder role.

Enum: "ANY" "FROM" "TO" "ISSUER"
Example: filter.role=ISSUER
filter.actingAsRefId
string

Filters the list by the sub-TPP identifier generated by Token.io once a TPP has been onboarded.

Example: filter.actingAsRefId=4kwl35c9sp3fwp4xq
Responses
200

Successful response

400

The client specified an invalid argument

401

The authorization information is missing or invalid

403

Permission to access this endpoint is denied

404

The requested entity, such as a payment, was not found

429

Too many requests

500

An unexpected or internal server error

501

The operation was not implemented

503

Service is unavailable

504

Gateway has timed out

get/tokens
Request samples 
Response samples 
application/json
{
  • "offset": "LerV6Jmex",
  • "tokens": [
    ]
}
Get a token
The GET /tokens/{tokenId} endpoint retrieves information about a specific token for the authenticated member.


SecurityBearer or BasicAuth 
Request 
path Parameters
tokenId
required
string
Identifies a unique authorization token for a transfer, standing order, or account information access.


 
 Example:  tt:8zK1dic95omjWb72gvc3z3ELKbTNfnGd89MbDnM73er4:ZhBVAJSH8DeU1
Responses 
200
Successful response


400
The client specified an invalid argument


401
The authorization information is missing or invalid


403
Permission to access this endpoint is denied


404
The requested entity, such as a payment, was not found


429
Too many requests


500
An unexpected or internal server error


501
The operation was not implemented


503
Service is unavailable


504
Gateway has timed out


get/tokens/{tokenId}
Request samples 
Response samples 
application/json
{
  • "token": {
    }
}
Cancel a token
The PUT /tokens/{tokenId}/cancel endpoint cancels a given token.


SecurityBearer or BasicAuth 
Request 
path Parameters
tokenId
required
string
Identifies a unique authorization token for a transfer, standing order, or account information access.


 
 Example:  ta:3eYPU1BEKKunfmYgQuSKXFCeo851C5Y3XiZW3XA465TU:5zKtXEAq
header Parameters
token-customer-ip-address
string <ipv4> 
The user's IP address if the user is currently logged in with the TPP. If the customer  IP address is supplied (recommended), it is inferred that the user is present during the session (i.e., the request is user-initiated; adding a customer-initiated = true header makes this explicit). For AIS calls, if the customer's IP address is not provided in the request, the bank assumes it is a TPP-initiated request and may limit the TPP to 4 TPP-initiated access attempts within a given 24-hour period.


 
 Example:  172.16.254.1
customer-initiated
boolean
Informs the bank that the API call was explicitly initiated by the user. This is useful in circumnavigating bank restrictions that impose a 4-times-a-day (i.e., within the same 24-hour period) access limit on the same AISP, in accordance with RTS regulations.


 
 Example:  true
token-customer-device-id
string
Obtained by the TPP from details in the user agent information of the user.


 
 Example:  00000000-00000000-01234567-89ABCDEF
Responses 
200
Successful response


400
The client specified an invalid argument


401
The authorization information is missing or invalid


403
Permission to access this endpoint is denied


404
The requested entity, such as a payment, was not found


429
Too many requests


500
An unexpected or internal server error


501
The operation was not implemented


503
Service is unavailable


504
Gateway has timed out


put/tokens/{tokenId}/cancel
Request samples 
Response samples 
application/json
{
  • "result": {
    }
}
➔ Next to Banks v1