Compliance features (1.0)

Download OpenAPI specification:Download

AML follow-up

(Sandbox only) Update person's AML follow-up date

Updates the AML follow-up date for a person. Only available on Sandbox for testing purposes.

Request
Security:
path Parameters
id
required
string
Request Body schema: application/json

The content of the request

aml_follow_up_date
string

A new AML follow-up date for the person.

Responses
200

Successful result of the operation

400

Invalid request.

403

You are not authorized to perform this action.

404

The resource could not be found.

500

Internal server error.

default

Unexpected error

patch/v1/persons/{id}/update_for_development
Request samples
application/json
{
  • "aml_follow_up_date": "2021-09-27T00:00:00.000Z"
}
Response samples
application/json
{
  • "id": "dc1a6812a14f6cc338cd084208535bcdcper",
  • "salutation": "MR",
  • "title": "DR",
  • "first_name": "Peter",
  • "last_name": "Mustermann",
  • "address": {
    },
  • "contact_address": {
    },
  • "email": "person@example.com",
  • "mobile_number": "49301234567",
  • "birth_name": "Doe",
  • "birth_date": "1972-12-24",
  • "birth_city": "Berlin",
  • "birth_country": "DE",
  • "nationality": "DE",
  • "employment_status": "FREELANCER",
  • "job_title": "Head of everything",
  • "tax_information": {
    },
  • "fatca_relevant": true,
  • "fatca_crs_confirmed_at": "2017-01-01T00:00:00.000Z",
  • "business_purpose": "helping people to find themselves",
  • "industry": "OTHER_SERVICES",
  • "industry_key": "EDUCATION",
  • "terms_conditions_signed_at": "2017-01-01T00:00:00.000Z",
  • "own_economic_interest_signed_at": "2017-01-01T00:00:00.000Z",
  • "flagged_by_compliance": false,
  • "expected_monthly_revenue_cents": 20000,
  • "vat_number": "DE999999999",
  • "website_social_media": "http://social-network.com/my-company",
  • "business_trading_name": "My Business",
  • "nace_code": "I 56.30",
  • "business_address_line_1": "StreetStrasse, 42",
  • "business_address_line_2": "4th floor",
  • "business_postal_code": "12345",
  • "business_city": "Berlin",
  • "business_country": "DE",
  • "screening_progress": "SCREENED_ACCEPTED",
  • "data_terms_signed_at": "2017-01-01T00:00:00.000Z",
  • "aml_follow_up_date": "2017-01-15",
  • "aml_confirmed_on": "2017-01-30",
  • "annual_income_range": "RANGE_1",
  • "branch": "DE",
  • "work_country": "DE",
  • "work_province": "",
  • "self_declared_as_pep": false,
  • "international_operativity_expectation": [
    ],
  • "risk_classification_status": "NORMAL_RISK",
  • "customer_vetting_status": "NO_MATCH",
  • "registration_number": "1234567890",
  • "legitimation_valid_until": "2025-12-31"
}

Testing endpoints for Postbox API

Create a Postbox item for a person

Creates a Postbox item for the person specified in the request URL. Note that you can only use this endpoint for testing purposes on the testing, staging, and sandbox environments.

Request
Security:
path Parameters
person_id
required
string

Person Id.

Request Body schema: application/json
name
string

The name to apply to the Postbox item.

description
string

A description for the Postbox item.

customer_notification
boolean

Boolean value to indicate whether or not customers should receive a notification when the Postbox item is created.

customer_confirmation
boolean

Boolean value to indicate whether or not customers must confirm the Postbox item.

document_id
string

ID of a document to associate with the Postbox item. Use the POST /v1/postbox_documents endpoint to upload test documents.

idempotency_key
string

Optional property you may supply to prevent the execution of duplicate requests. If the API receives a request with a previously used idempotency key, then it will return the previously created entity.

Responses
200

The Postbox item was created successfully.

400

Invalid request.

403

You are not authorized to perform this action.

404

The partner was not found for provided person/business.

500

Internal server error.

post/v1/persons/{person_id}/postbox/items
Request samples
application/json
{
  • "name": "string",
  • "description": "string",
  • "customer_notification": true,
  • "customer_confirmation": true,
  • "document_id": "string",
  • "idempotency_key": "string"
}
Response samples
application/json
{
  • "id": "c072c6e43f4d486cb553e9cd9fc1bae7pbxi",
  • "belongs_to": "12345",
  • "created_at": "2021-10-22T05:23:30Z",
  • "document_date": "2021-06-30",
  • "document_type": "BALANCE_CONFIRMATION",
  • "name": "Balance confirmation for June 2021",
  • "description": "Balance confirmation",
  • "customer_notification": false,
  • "customer_confirmation": false,
  • "document_size": 66092,
  • "document_content_type": "image/jpeg",
  • "document_id": "e953cbf8af064839b3e3bf2568d1130fpbxd"
}

Create a Postbox item for a business

Creates a Postbox item for the business specified in the request URL. Note that you can only use this endpoint for testing purposes on the testing, staging, and sandbox environments.

Request
Security:
path Parameters
business_id
required
string

ID of the business.

Request Body schema: application/json
name
string

The name to apply to the Postbox item.

description
string

A description for the Postbox item.

customer_notification
boolean

Boolean value to indicate whether or not customers should receive a notification when the Postbox item is created.

customer_confirmation
boolean

Boolean value to indicate whether or not customers must confirm the Postbox item.

document_id
string

ID of a document to associate with the Postbox item. Use the POST /v1/postbox_documents endpoint to upload test documents.

idempotency_key
string

Optional property you may supply to prevent the execution of duplicate requests. If the API receives a request with a previously used idempotency key, then it will return the previously created entity.

Responses
200

The Postbox item was created successfully.

400

Invalid request.

403

You are not authorized to perform this action.

404

The provided business could not be found.

500

Internal server error.

post/v1/businesses/{business_id}/postbox/items
Request samples
application/json
{
  • "name": "string",
  • "description": "string",
  • "customer_notification": true,
  • "customer_confirmation": true,
  • "document_id": "string",
  • "idempotency_key": "string"
}
Response samples
application/json
{
  • "id": "c072c6e43f4d486cb553e9cd9fc1bae7pbxi",
  • "belongs_to": "12345",
  • "created_at": "2021-10-22T05:23:30Z",
  • "document_date": "2021-06-30",
  • "document_type": "BALANCE_CONFIRMATION",
  • "name": "Balance confirmation for June 2021",
  • "description": "Balance confirmation",
  • "customer_notification": false,
  • "customer_confirmation": false,
  • "document_size": 66092,
  • "document_content_type": "image/jpeg",
  • "document_id": "e953cbf8af064839b3e3bf2568d1130fpbxd"
}

Generate a PDF document

Generates an empty PDF document on Solaris' servers for use as a Postbox item. Please note the following:

  • The Content-Type header for this request must be application/json.
  • This endpoint can only be used for testing purposes on the testing, staging, and sandbox environments.

Request
Security:
Request Body schema: application/json
document_type
required
string

The type of document.

Enum: "ACCOUNT_STATEMENT" "BALANCE_CONFIRMATION" "CUSTOMER_INFORMATION" "DUNNING_INFORMATION" "LOAN_SCHEDULE" "SECURITIES_INVOICE" "SECURITIES_EVENT" "SECURITIES_EVENT_NOTIFICATION" "DEPOT_STATEMENT_MIFID" "EX_POST_COST_INFORMATION" "DEPOT_STATEMENT" "ASSETS_ACQUISITION" "ASSETS_ACQUISITION_COSTS" "PROFIT_TAX_STATEMENT" "YEARLY_TAX_STATEMENT" "TAX_SETTLEMENT_CALCULATION" "CREDIT_CARD_STATEMENT" "RELATIONSHIP_TERMINATION" "CREDIT_CARD_SECCCI" "CREDIT_CARD_CONTRACT" "CREDIT_CARD_CONTRACT_SIGNED"
document_date
required
string

The date of the document.

sign_document
boolean

(Optional) If set to true, then the document will be signed.

Responses
200

The document was created successfully.

400

The request was invalid due to one of the following cases:

  • the provided content type is not supported,
  • the request lacks the required properties, or
  • the file size exceeds the maximum upload size.

403

You are not authorized to perform this action.

500

Internal server error.

post/v1/postbox/documents
Request samples
application/json
{
  • "document_type": "ACCOUNT_STATEMENT",
  • "document_date": "string",
  • "sign_document": true
}
Response samples
application/json
{
  • "id": "cd5b907fd34e21044f0421a430c9b640psbd"
}

Postbox Items

Index Postbox items for a person

Returns an array containing all Postbox items associated with the person specified in the request URL.
Note that you can filter the results by created_at (min or max) and document_type—see the descriptions below.

Request
Security:
path Parameters
person_id
required
string

ID of the person.

query Parameters
array

Filters the response by the Postbox item type. You can supply multiple document_type values separated by commas.

filter[created_at][min]
string <date-time>

Filters the response by Postbox items created from a certain date (i.e., the minimum date in the past when the document was created).

filter[created_at][max]
string <date-time>

Filters the response by Postbox items created up until a certain date (i.e., the maximum date in the past when the document was created).

page[number]
integer
Default: 0

The number of pages of results to load.

page[size]
integer
Default: 10

Amount of entries to return in a single page.

Responses
200

The Postbox items were fetched successfully.

400

Incorrect date parameter was provided.

get/v1/persons/{person_id}/postbox/items
Request samples
curl -i -X GET \
  'https://api.solaris-sandbox.de/v1/persons/{person_id}/postbox/items?filter%5Bdocument_type%5D=ACCOUNT_STATEMENT&filter%5Bcreated_at%5D%5Bmin%5D=2019-08-24T14%3A15%3A22Z&filter%5Bcreated_at%5D%5Bmax%5D=2019-08-24T14%3A15%3A22Z&page%5Bnumber%5D=0&page%5Bsize%5D=10'
Response samples
application/json
[
  • {
    },
  • {
    }
]

Index Postbox items for a business

Returns an array containing all Postbox items associated with the business specified in the request URL.
Note that you can filter the results by created_at (min or max) and document_type—see the descriptions below.

Request
Security:
path Parameters
business_id
required
string

ID of the business.

query Parameters
array

Filters the response by the Postbox item type. You can supply multiple document_type values separated by commas.

filter[created_at][min]
string <date-time>

Filters the response by Postbox items created from a certain date (i.e., the minimum date in the past when the document was created).

filter[created_at][max]
string <date-time>

Filters the response by Postbox items created up until a certain date (i.e., the maximum date in the past when the document was created).

page[number]
integer
Default: 0

The number of pages of results to load.

page[size]
integer
Default: 10

Amount of entries to return in a single page.

Responses
200

The Postbox items were fetched successfully.

400

An invalid request parameter was provided.

403

You are not authorized to perform this action.

404

The resource could not be found.

500

Internal server error.

get/v1/businesses/{business_id}/postbox/items
Request samples
curl -i -X GET \
  'https://api.solaris-sandbox.de/v1/businesses/{business_id}/postbox/items?filter%5Bdocument_type%5D=ACCOUNT_STATEMENT&filter%5Bcreated_at%5D%5Bmin%5D=2019-08-24T14%3A15%3A22Z&filter%5Bcreated_at%5D%5Bmax%5D=2019-08-24T14%3A15%3A22Z&page%5Bnumber%5D=0&page%5Bsize%5D=10'
Response samples
application/json
[
  • {
    },
  • {
    }
]

Retrieve a Postbox item

Returns the Postbox item specified in the request URL.

Request
Security:
path Parameters
item_id
required
string

ID of the Postbox item.

Responses
200

The Postbox item was fetched successfully.

400

Invalid request.

403

You are not authorized to perform this action.

404

The Postbox item specified in the request could not be found.

500

Internal server error.

get/v1/postbox/items/{item_id}
Request samples
curl -i -X GET \
  'https://api.solaris-sandbox.de/v1/postbox/items/{item_id}'
Response samples
application/json
{
  • "id": "c072c6e43f4d486cb553e9cd9fc1bae7pbxi",
  • "belongs_to": "12345",
  • "owner_type": "Person",
  • "created_at": "2021-10-22T05:23:30Z",
  • "document_date": "2021-06-30",
  • "document_type": "BALANCE_CONFIRMATION",
  • "name": "Balance confirmation for June 2021",
  • "description": "Balance confirmation",
  • "customer_notification": false,
  • "customer_confirmation": false,
  • "document_size": 66092,
  • "document_content_type": "image/jpeg",
  • "document_id": "e953cbf8af064839b3e3bf2568d1130fpbxd"
}

Download document for a Postbox item

Downloads the document associated with the Postbox item specified in the request URL. The only supported media type is application/pdf.

Request
Security:
path Parameters
item_id
required
string

ID of the Postbox item.

Responses
200

The document was downloaded successfully.

400

Invalid request.

403

You are not authorized to perform this action.

404

The Postbox item with the provided ID could not be found.

500

Internal server error.

get/v1/postbox/items/{item_id}/document
Request samples
curl -i -X GET \
  'https://api.solaris-sandbox.de/v1/postbox/items/{item_id}/document'
Response samples
application/json
{
  • "id": "a95f2aaf-4e0c-4d49-8021-8a16a884ed86",
  • "status": "400",
  • "code": "build_pagination_headers_failure",
  • "title": "Failed to build pagination headers.",
  • "details": "Cannot connect to database."
}

Postbox Confirmations

Create a confirmation for a Postbox item

Creates a confirmation for the Postbox item specified in the request URL.

Request
Security:
path Parameters
item_id
required
string

ID of the Postbox item.

Request Body schema: application/json
person_id
string

ID of the person who is confirming the Postbox item.

idempotency_key
string

Optional property you may supply to prevent the execution of duplicate requests. If the API receives a request with a previously used idempotency key, then it will return the previously created confirmation.

Responses
200

The confirmation was created successfully.

400

Invalid request.

403

You are not authorized to perform this action.

404

The Postbox item with the provided ID could not be found.

500

Internal server error.

post/v1/postbox/items/{item_id}/confirmations
Request samples
application/json
{
  • "person_id": "28a2197ff6e04a05b6316f83a38ccper",
  • "idempotency_key": "string"
}
Response samples
application/json
{
  • "id": "c072c6e43f4d486cb553e9cd9fc1bae7pbxc",
  • "person_id": "cd5b907fd34e21044f0421a430c9b640cper"
}

Index confirmations associated with a Postbox item

Returns an array containing all confirmations associated with the Postbox item specified in the request URL.
Note that you can filter the results by created_at (min or max) and document_type—see the descriptions below.

Request
Security:
path Parameters
item_id
required
string

ID of the item whose confirmations should be returned.

query Parameters
filter[created_at][min]
string <date-time>

Filters the response by Postbox items created from a certain date (i.e., the minimum date in the past when the document was created).

filter[created_at][max]
string <date-time>

Filters the response by Postbox items created up until a certain date (i.e., the maximum date in the past when the document was created).

page[number]
integer
Default: 0

The number of pages of results to return.

page[size]
integer
Default: 10

The amount of entries to return on a single page.

Responses
200

The confirmations were fetched successfully.

400

An incorrect request parameter was provided.

403

You are not authorized to perform this action.

404

The resource could not be found.

500

Internal server error.

get/v1/postbox/items/{item_id}/confirmations
Request samples
curl -i -X GET \
  'https://api.solaris-sandbox.de/v1/postbox/items/{item_id}/confirmations?filter%5Bcreated_at%5D%5Bmin%5D=2019-08-24T14%3A15%3A22Z&filter%5Bcreated_at%5D%5Bmax%5D=2019-08-24T14%3A15%3A22Z&page%5Bnumber%5D=0&page%5Bsize%5D=10'
Response samples
application/json
[
  • {
    },
  • {
    }
]

Retrieve a confirmation

Returns the confirmation specified in the request URL.

Request
Security:
path Parameters
item_id
required
string

ID of the Postbox item with which the confirmation is associated.

confirmation_id
required
string

ID of the confirmation.

Responses
200

The confirmation was fetched successfully.

403

You do not have permission to access the requested confirmation.

404

The item/confirmation specified in the request URL could not be found.

500

Internal server error.

get/v1/postbox/items/{item_id}/confirmations/{confirmation_id}
Request samples
curl -i -X GET \
  'https://api.solaris-sandbox.de/v1/postbox/items/{item_id}/confirmations/{confirmation_id}'
Response samples
application/json
{
  • "id": "c072c6e43f4d486cb553e9cd9fc1bae7pbxc",
  • "person_id": "cd5b907fd34e21044f0421a430c9b640cper",
  • "confirmed_at": "2021-10-23T00:00:00Z"
}

Update challenge ID

This endpoint updates the status of a psd2_challenge_id. After a customer enters their credentials on your login screen, use this endpoint to update the status of the psd2_challenge_id and include the person_id in the payload.
If successful, the API returns a redirect_URL for the second-factor authentication (done by Solaris). You have to redirect the customer to this URL to perform the 2FA.
Expected error messages:

  1. 401 - Unauthorized: The ChallengeID is expired.
  2. 404 - Not found: The ChallengeID doesn't exist.
  3. 400 - General Bad Request: The IBAN requested by the TPP does not belong to the specified person.

Request
Security:
path Parameters
psd2_challenge_id
required
string
Request Body schema: application/json
person_id
required
string <string>

The Solaris person ID associated with the PSD2 challenge.

Responses
200

The operation was successful.

400

Invalid request.

401

The challenge expired.

403

You are not authorized to perform this action.

404

The requested resource could not be found.

500

Internal server error.

patch/v1/psd2/challenges/{psd2_challenge_id}
Request samples
application/json
{
  • "person_id": "dc1a6812a14f6cc338cd084208535bcdcper"
}
Response samples
application/json
{}

Verify PSD2 challenge ID

This endpoint validates the psd2_challenge_id for a customer. Before allowing the customer to log in, you can use this endpoint to verify that the customer is coming from Solaris and that the session is still valid.
If the request fails, the customer should see an error message and must restart the process from the TTP's application.
Expected error messages:

  1. 401 - Unauthorized: The Challenge ID is expired.
  2. 404 - Not found: The Challenge ID doesn't exist.

Request
Security:
path Parameters
psd2_challenge_id
required
string
Responses
200

The operation was successful.

400

Invalid request.

401

The challenge expired.

403

You are not authorized to perform this action.

404

The requested resource could not be found.

500

Internal server error.

get/v1/psd2/challenges/{psd2_challenge_id}
Request samples
curl -i -X GET \
  'https://api.solaris-sandbox.de/v1/psd2/challenges/{psd2_challenge_id}'
Response samples
application/json
{
  • "person_id": "null",
  • "redirect_url": "null"
}

Terms and Conditions events

Index Terms and Conditions events

Returns an array containing all instances of customer agreements to the Solaris Terms and Conditions.

Request
Security:
query Parameters
filter[id]
string

Filter the results by id.

filter[document_id]
string

Filter the results by the specific document that was agreed to (document_id).

filter[signed_by]
string

Filter the results by the customer who agreed to the Terms & Conditions (using their person_id).

filter[signed_on_behalf_of]
string

Filter the results by the business on whose behalf the authorized person or legal representative agreed to the Terms & Conditions (using its business_id).

filter[product_name]
string (ProductName)

Filter the results by the product whose Terms & Conditions were agreed to.

Enum: "DIGITAL_BANKING" "OVERDRAFT" "VIACASH" "SECURITIES_BROKERAGE" "IDENTIFICATION_FOURTHLINE"
Example: filter[product_name]=DIGITAL_BANKING
filter[event_type]
string

Filter the results by the type of Terms & Conditions event.

Enum: "APPROVED" "REJECTED"
filter[event_timestamp][min]
string

Filter the results by the date and time when the Terms & Conditions event occurred. The [min] parameter specifies the minimum date in the past when the event should have occurred (i.e., the oldest possible date to return).

filter[event_timestamp][max]
string

Filter the results by the date and time when the Terms & Conditions event occurred. The [max] parameter specifies the maximum date in the past when the event should have occurred (i.e., the latest possible date to return).

page[number]
string

Specifies the number of pages of results to return.

page[size]
string

Specifies the size of each page of results.

Responses
200

Successful result of the operation

400

An error occurred on the client side.

403

You are not authorized to perform this action.

500

Internal server error.

get/v1/terms_and_conditions_events
Request samples
curl -i -X GET \
  'https://api.solaris-sandbox.de/v1/terms_and_conditions_events?filter%5Bid%5D=string&filter%5Bdocument_id%5D=string&filter%5Bsigned_by%5D=string&filter%5Bsigned_on_behalf_of%5D=string&filter%5Bproduct_name%5D=DIGITAL_BANKING&filter%5Bevent_type%5D=APPROVED&filter%5Bevent_timestamp%5D%5Bmin%5D=string&filter%5Bevent_timestamp%5D%5Bmax%5D=string&page%5Bnumber%5D=string&page%5Bsize%5D=string'
Response samples
application/json
[
  • {
    }
]

Create Terms and Conditions event

Records an instance of a customer (i.e., a person or a person on behalf of a business) accepting or rejecting a Solaris Terms and Conditions document.

Request
Security:
Request Body schema:
document_id
required
string

A 36-character hex encoded UID that corresponds with the relevant document. Solaris will provide these IDs.

event_timestamp
required
string <date-time>

UTC timestamp of when the customer approved/rejected the document. Format: YYYY-MM-DDTHH:MM:SSS

event_type
required
string

The type of action that the customer took on the Terms & Conditions document.

Enum: "APPROVED" "REJECTED"
signed_by
required
string

ID of the person who signed the Terms & Conditions document.

signed_on_behalf_of
string

(For business customers) ID of the business on whose behalf the authorized person or legal representative is approving/rejecting the Terms & Conditions.

product_name
required
string (ProductName)

The name of the relevant product to which the Terms & Conditions document applies.

Enum: "DIGITAL_BANKING" "OVERDRAFT" "VIACASH" "SECURITIES_BROKERAGE" "IDENTIFICATION_FOURTHLINE"
Responses
201

Successful operation

400

An error occurred on the client side.

403

You are not authorized to perform this action.

409

The customer has already approved the Terms & Conditions document (i.e., idempotency conflict).

500

Internal server error.

post/v1/terms_and_conditions_events
Request samples
{
  • "document_id": "3f31dd950cb6e2b28ac4b31d1b4bb321tcdc",
  • "event_timestamp": "2020-02-12T17:28:53Z",
  • "event_type": "APPROVED",
  • "signed_by": "52054909a5d149b2a7430eee4ba6cc22",
  • "signed_on_behalf_of": "ebf7d72aec7ab75006aa164b3e0af893cbiz",
  • "product_name": "DIGITAL_BANKING"
}
Response samples
application/json
{
  • "id": "2b5423a061514901a5a8791f2cb18266",
  • "document_id": "3f31dd950cb6e2b28ac4b31d1b4bb321tcdc",
  • "event_timestamp": "2020-02-12T17:28:53Z",
  • "created_at": "2020-02-12T17:28:53Z",
  • "event_type": "APPROVED",
  • "signed_by": "52054909a5d149b2a7430eee4ba6cc22",
  • "signed_on_behalf_of": "52054909a5d149b2a7430eee4ba6cc22",
  • "product_name": "DIGITAL_BANKING"
}