Unified Money Movement Services for Financial Institutions (1.0)

Contact/customers: support@billerpayments.com License: © Alacriti Inc

Introduction

Unified Money Movement Services offers connectivity to various payment rails like TCH RTP, Visa Direct, NACHA and Fedwire. It includes a set of API and Webhooks that can be used to deliver payment and related capabilities.

This document details the various API involved in the Unified Money Movement Services and how they can be used.

Authentication

Overview

The requests are authenticated using the api_key which is shared with the client at the time of client on-boarding. The client can only invoke those APIs based on the permissions assigned to the api_key

OPAY1-HMAC-SHA256

The HTTP Authorization request header is used to provide authentication information. This header looks like the following.

Authorization : OPAY1-HMAC-SHA256 Credential=...,Signature=...

The constituents of the authorization header are explained in the table below.

Item Description
OPAY1-HMAC-SHA256 The algorithm that is used to calculate the signature.
Credential The API key
Signature The Base 64 encoded value of the signature bytes. Calculating the signature bytes is explained below.

Signature Calculation

Signature is calculated as follows.

Base64(HMAC-SHA256(secret,input))

The calculation is explained in detail below.

Item Description
Base64() The encoding of the signature bytes.
HMAC-SHA256() The cryptographic function that computes the HMAC by using the SHA256 algorithm with the client secret provided.
secret The secret key specific to the client that is shared with the client during onboarding.
input The string value of the canonicalized transform of request data that includes the HTTP method, URL, headers, query parameters and body. The details of computing the input is explained below.

The string input is computed as follows.

input = method():path():queryString():headers():payload()

Each of the substrings is explained below.

Item Description
method() The HTTP method for the given request and evaluates to one of GET, PUT, POST or DELETE.
path() The absolute path component of the URI—everything starting with the "/" that follows the domain name and up to the end of the string or to the question mark character ("?") if the given URL has query string parameters.
queryString() A string in the format param1=value1&param2=value2&…, where the query parameters are sorted in alphabetical order of the parameter names. In case multiple values are present for a parameter, the query parameters are sorted in alphabetical order of the parameter names and subsequently by the parameter values for each such paramter. Both the parameter names and their values should be trimmed for leading and trailing whitespaces, should be in their normal pre-encoded format. Only parameters with non-empty values, after trimming the leading and trailing whitespaces, should be included. If there are no query parameters at all, the queryString() should evaluate to an empty string (“”).
headers() A string in the format header1=value1&header2=value2&.......&headerN=valueN. The headers are to be sorted alphabetically. Both the header names and their values must be trimmed for leading and trailing white-space, and in their normal pre-encoded format . Only the headers listed by the application and those that are non-empty, after trimming the leading and trailing whitespaces, are to be included.
payload() The raw HTTP body

OPAY2-HMAC-SHA256

The HTTP Authorization request header is used to provide authentication information. This header looks like the following.

Authorization : OPAY2-HMAC-SHA256 Credential=...,Signature=...

The constituents of the authorization header are explained in the table below.

Item Description
OPAY2-HMAC-SHA256 The algorithm that is used to calculate the signature.
Credential The api_key
Signature The Base 64 encoded value of the signature bytes. Calculating the signature bytes is explained below.

Signature Calculation

Signature is calculated as follows.

Base64(HMAC-SHA256(secret,input))

The calculation is explained in detail below.

Item Description
Base64() The encoding of the signature bytes.
HMAC-SHA256() The cryptographic function that computes the HMAC by using the SHA256 algorithm with the client secret provided.
secret The secret key specific to the client that is shared with the client during onboarding.
input The string value of the canonicalized transform of client_key, api_key, secret_ket,timestamp. The details of computing the input is explained below.

The string input is computed as follows.

input = client_key:api_key:secret_key:timestamp

OPAY3-HMAC-SHA256

The HTTP Authorization request header is used to provide authentication information. This header looks like the following.

Authorization : OPAY3-HMAC-SHA256 Credential=...

The constituents of the authorization header are explained in the table below.

Item Description
OPAY3-HMAC-SHA256 The algorithm that is used to calculate the signature.
Credential The api_key

HTTP BASIC

The HTTP Authorization request header is used to provide authentication information. This header looks like the following.

Authorization : Basic YWxhY2hsdGNoazpUTnI5S0VvZlFnOEc1U0s=

The constituents of the authorization header requires user name and password.

Error Handling

HTTP Response Codes

The Unified Money Movement Services API uses the standard HTTP response codes to return the status of an API call. An HTTP response code of 2xx indicates success. An HTTP response code of 4xx indicates a client error and 5xx indicates a processing error. In these cases, the API returns a list of errors.

Error Codes

Each error in the list has a code, message, and specifics on which field the error pertains to (if applicable). In addition to these details, it can also have a list of inner errors that caused this error, on the lines of an Exception Stack trace.

Below table specifies the Error category and Error code.

Error Category Code
Validation Error MM-10-XXXXXX.
Business Error MM-20-XXXXXX.
System Error MM-50-XXXXXX.
          // format
      {
         "error": [
             {
                 "code": "MM-10-XXXXXX",
                 "message": "Error message"
             }
         ]
     }

Duplicate Requests and Retries

The Unified Money Movement Services API supports idempotency for the HTTP methods POST, PUT, DELETE and PATCH using the header parameter, namely, idempotent_request_key. In other words, any POST, PUT, DELETE and PATCH request will be considered as a duplicate request or retry and not reprocessed by the API if all the request parameters, including the path and query parameters, the request headers and the request body, match with an earlier request. In case of duplicate requests or retries, the API response will be that of the original request. The idempotent_request_key is valid only for a duration of one hour from the time of the original request. Any duplicate request or retries after a gap of one hour from the original request will be considered as a fresh request.

Transfer

Create Simple Transfer

Create Simple Transfer API is used to transfer funds from a customer's bank account to another bank account or debit card without explicitly adding a beneficiary or beneficiary account. This is useful when the customer wants to make a one-off payment to an account.

query Parameters
name_match
string

Indicates card account name match strategy to be followed.
Possible Values :
strict complete name match only.
lenient complete or partial name match, name match not supported for card.
ignore name match not required. default

header Parameters
client_key
required
any

The unique identifier assigned to the client.
Example:CLIAAADDD0910

product
required
any

The product identifier corresponding to the API.
Possible values:retail_transfers,business_transfers

payment_channel
required
any

The FI channel vide which the API is invoked.
Possible values:retail_banking, business_banking, smb_banking, bank_bos, atm, kiosk, pos, mobile_banking, csm, online

access_channel
any

This is internal channel through which the API is invoked.
Example:web_portal, agent

requestor_type
required
any

Identifies the requestor type for the API request.
Possible values:party

client_requestor_reference
any

The identifier for the requestor of the API, in the client system. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

requestor
any

The identifier for the requestor of the API issued by Orbipay. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

context_variant
any

To be used if there's a need to provide additional contextual information. For future use.
Possible values:IS_GATEWAY_TRANSFER

idempotent_request_key
required
any

The unique token that clients can generate and maintain in order to identify an API request. This is used to identify duplicate requests and retrials.
Example:6bc5f0f49ee2412a93b0596d6a3c4eca

timestamp
required
any

The UTC datetime when the API is invoked, in the ISO 8601 format
Example:2020-09-18T17:31:34.000-05:30

X-PAAS-Headers
any

For additional context information such as end user IP address, session information and so on. The content is a list of key-value pairs separated by semicolon (;) where key and value are separated by equals sign(=).
Example:session=SADKAS2131312;ip_address=10.112.25.45

Request Body Schema: application/json
source
required
object

The JSON that contains all the attributes of customer to be created.

source_account
required
bank_account (object) or card_account (object)

Indicates source account

destination
object

The recipient of funds if the recipient is different from the customer.This is required only if destination is not the customer.

destination_account
required
bank_account (object) or card_account (object)

Indicates the recipient account of the payment.

amount
required
object

The amount being transfered from the source account to the destination account.

fee
object

The fee being charged for the transfer being made.

payment_reference
required
string [ 1 .. 36 ] characters [0-9a-zA-Z_-]{1,36}

The unique identifier that the bank might want to assign for the payment.

end_to_end_reference
required
string [ 1 .. 35 ] characters

The reference for the payment that is passed on from the initiator to the recipient. This is the reference that traces the entire flow of the payment. However, please note that certain payment rails do not support an end to end reference. The maximum length for the end_to_end_reference varies across different payment rails and is outlined below

Payment Method Max Length Sent to Network
RTP 35 Yes
FEDNOW 35 Yes
FEDWIRE 16 Yes
ACH 15 Yes
CARD_VISA 16 No
fulfilment_type
string
Enum: "instant" "regular" "instant.TCH_RTP" "instant.FEDNOW" "instant.CARD_VISA" "urgent.SAMEDAY_ACH" "urgent.FEDWIRE" "regular.ACH"
payment_date
string 10 characters YYYY-MM-DD
purpose
object

Indicates purpose of the payemnt.

intermediary_agent
Array of objects

Intermediary Agent

businessfunction_entryclass
VISA (string) or NACHA (string)

The payment network specific code corresponding to the business application or function for the transaction. This corresponds to the Business Application Identifier (BAI) in the case of Visa transactions, the Standard Entry Class (SEC) code in the case of ACH transactions and so on.

remittance_info
object

Information supplied to enable the matching/reconciliation of an entry with the item(s) that the payment is intended to settle, such as bills or RFPs received.

Responses

201

The Payment object with id and confirmation mumber issued by Unified Money Movement Services.

400

Bad Request

401

Unauthorized

403

Forbidden

404

The requested resource doesn't exist.

422

The parameters were valid but the request failed.

500

Something went wrong and the request could not be processed.

502

Server Error.

Error Codes

The following table lists the business errors that need to be handled by the client.
click here

Events

Following events are triggered in the context of this APIs
moneymovementservices.payment.status_updated
post/fasterpayments/v1/retailbanking/simplepayment
https://API.orbipay.com/fasterpayments/v1/retailbanking/simplepayment

Please click on a language icon above to try out the API

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Account Funding

Fund the new account being opened, charge account opening fees and more using the Collect Fund and Settle Fund API.

Collect Fund

Collect Fund API is used to collect the fund for newly opened account.

query Parameters
name_match
string

Indicates card account name match strategy to be followed.
Possible Values :
strict complete name match only.
lenient complete or partial name match, name match not supported for card.
ignore name match not required. default

header Parameters
client_key
required
any

The unique identifier assigned to the client.
Example:CLIAAADDD0910

product
required
any

The product identifier corresponding to the API.
Possible values:account_opening

payment_channel
required
any

The FI channel vide which the API is invoked.
Possible values:retail_banking, business_banking, smb_banking, bank_bos, atm, kiosk, pos, mobile_banking, csm, online

access_channel
any

This is internal channel through which the API is invoked.
Example:web_portal, agent

requestor_type
required
any

Identifies the requestor type for the API request.
Possible values:party

client_requestor_reference
any

The identifier for the requestor of the API, in the client system. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

requestor
any

The identifier for the requestor of the API issued by Orbipay. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

context_variant
any

To be used if there's a need to provide additional contextual information. For future use.

idempotent_request_key
required
any

The unique token that clients can generate and maintain in order to identify an API request. This is used to identify duplicate requests and retrials.
Example:6bc5f0f49ee2412a93b0596d6a3c4eca

timestamp
required
any

The UTC datetime when the API is invoked, in the ISO 8601 format
Example:2020-09-18T17:31:34.000-05:30

X-PAAS-Headers
any

For additional context information such as end user IP address, session information and so on. The content is a list of key-value pairs separated by semicolon (;) where key and value are separated by equals sign(=).
Example:session=SADKAS2131312;ip_address=10.112.25.45

Request Body Schema: application/json
source
required
object

The JSON that contains all the attributes of party opening the account.

source_account
required
card_account (object)

The account used to fund the newly opened account.

destination
required
object

The party who is opening the account.

amount
required
object

Initial deposits to the account being opened.

fee
object

The total charges levied to the customer for account opening.

payment_reference
required
string [ 1 .. 36 ] characters [0-9a-zA-Z_-]{1,36}

The unique identifier that the bank might want to assign for the payment.

end_to_end_reference
required
string [ 1 .. 35 ] characters

The reference for the payment that is passed on from the initiator to the recipient. This is the reference that traces the entire flow of the payment. However, please note that certain payment rails do not support an end to end reference. The maximum length for the end_to_end_reference varies across different payment rails and is outlined below

Payment Method Max Length Sent to Network
RTP 35 Yes
FEDNOW 35 Yes
FEDWIRE 16 Yes
ACH 15 Yes
CARD_VISA 16 No
fulfilment_type
string
Value: "instant"
remittance_info
object

Information supplied to enable the matching/reconciliation of the payment.

Responses

201

The Payment object with id and confirmation mumber issued by Unified Money Movement Services.

400

Bad Request

401

Unauthorized

403

Forbidden

404

The requested resource doesn't exist.

422

The parameters were valid but the request failed.

500

Something went wrong and the request could not be processed.

502

Server Error.

Error Codes

The following table lists the business errors that need to be handled by the client.
click here

Events

Following events are triggered in the context of this API
moneymovementservices.payment.status_updated
post/fasterpayments/v1/retailbanking/collectfund
https://API.orbipay.com/fasterpayments/v1/retailbanking/collectfund

Please click on a language icon above to try out the API

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Settle Fund

Settle Fund API is used to settle the fund collected using the Collect Fund API to the respective DDAs being opened or the associated fee and other charges accounts.

header Parameters
client_key
required
any

The unique identifier assigned to the client.
Example:CLIAAADDD0910

product
required
any

The product identifier corresponding to the API.
Possible values:account_opening

payment_channel
required
any

The FI channel vide which the API is invoked.
Possible values:retail_banking, business_banking, smb_banking, bank_bos, atm, kiosk, pos, mobile_banking, csm, online

access_channel
any

This is internal channel through which the API is invoked.
Example:web_portal, agent

requestor_type
required
any

Identifies the requestor type for the API request.
Possible values:party

client_requestor_reference
any

The identifier for the requestor of the API, in the client system. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

requestor
any

The identifier for the requestor of the API issued by Orbipay. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

context_variant
any

To be used if there's a need to provide additional contextual information. For future use.

idempotent_request_key
required
any

The unique token that clients can generate and maintain in order to identify an API request. This is used to identify duplicate requests and retrials.
Example:6bc5f0f49ee2412a93b0596d6a3c4eca

timestamp
required
any

The UTC datetime when the API is invoked, in the ISO 8601 format
Example:2020-09-18T17:31:34.000-05:30

X-PAAS-Headers
any

For additional context information such as end user IP address, session information and so on. The content is a list of key-value pairs separated by semicolon (;) where key and value are separated by equals sign(=).
Example:session=SADKAS2131312;ip_address=10.112.25.45

Request Body Schema: application/json
source
required
object

The JSON that contains all the attributes of party opening the account.

destination
required
object

The recipient of funds.

destination_account
required
bank_account (object)

Indicates the recipient account of the payment.

amount
required
object

Amount being settled.

payment_reference
required
string [ 1 .. 36 ] characters [0-9a-zA-Z_-]{1,36}

The unique identifier that the bank might want to assign for the payment.

end_to_end_reference
required
string [ 1 .. 35 ] characters

The reference for the payment that is passed on from the initiator to the recipient. This is the reference that traces the entire flow of the payment. However, please note that certain payment rails do not support an end to end reference. The maximum length for the end_to_end_reference varies across different payment rails and is outlined below

Payment Method Max Length Sent to Network
RTP 35 Yes
FEDNOW 35 Yes
FEDWIRE 16 Yes
ACH 15 Yes
CARD_VISA 16 No
fulfilment_type
string
Enum: "instant" "instant.BOOK_TRANSFER" "instant.TCH_RTP" "instant.FEDNOW" "urgent.FEDWIRE"
remittance_info
object

Information supplied to enable the matching/reconciliation of the payment.

Responses

201

The Payment object with id and confirmation mumber issued by Unified Money Movement Services.

400

Bad Request

401

Unauthorized

403

Forbidden

404

The requested resource doesn't exist.

422

The parameters were valid but the request failed.

500

Something went wrong and the request could not be processed.

502

Server Error.

Error Codes

The following table lists the business errors that need to be handled by the client.
click here

Events


moneymovementservices.payment.status_updated
post/fasterpayments/v1/retailbanking/settlefund
https://API.orbipay.com/fasterpayments/v1/retailbanking/settlefund

Please click on a language icon above to try out the API

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Request

Send RFP

header Parameters
client_key
required
string

The unique identifier assigned to the client.
Example:CLIAAADDD0910

product
required
string

The product identifier corresponding to the API.
Possible values:collections

payment_channel
required
string

The FI channel vide which the API is invoked.
Possible values:retail_banking, business_banking, smb_banking, bank_bos, atm, kiosk, pos, mobile_banking, csm, online

access_channel
string

This is internal channel through which the API is invoked.
Example:web_portal, agent

requestor_type
required
string

Identifies the requestor type for the API request.
Possible values:party

client_requestor_reference
string

The identifier for the requestor of the API, in the client system. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

requestor
string

The identifier for the requestor of the API issued by Orbipay. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

context_variant
string

To be used if there's a need to provide additional contextual information. For future use.

idempotent_request_key
required
string

The unique token that clients can generate and maintain in order to identify an API request. This is used to identify duplicate requests and retrials.
Example:6bc5f0f49ee2412a93b0596d6a3c4eca

timestamp
required
string

The UTC datetime when the API is invoked, in the ISO 8601 format
Example:2020-09-18T17:31:34.000-05:30

processing_mode
string

Indicates whether the transaction will be processed synchronously or asynchronously, in a non-blocking fashion.

Possible Values :
synchronous The transaction will be processed in a blocking fashion. default
asynchronous The transaction will be processed in a non-blocking fashion.

X-PAAS-Headers
string

For additional context information such as end user IP address, session information and so on. The content is a list of key-value pairs separated by semicolon (;) where key and value are separated by equals sign(=).
Example:session=SADKAS2131312;ip_address=10.112.25.45

Request Body Schema: application/json
destination
object
destination_account
required
object

Indicates the recipient account of the payout.

amount
required
Array of objects

amount

amount_modification_allowed
boolean
Enum: true false

Indicates if the person is allowed to pay a different amount then the requested amount.

requested_execution_date
required
string
expiry_date
string
early_payment_allowed
boolean
Enum: true false

Indicates if the person is allowed to pay before the requested execution date.

additional_info
Array of objects

Information supplied to enable the matching/reconciliation of an entry with the item(s) that the payout is intended to settle, such as bills or RFPs received.

Responses

200

Success

400

Bad Request

500

System Error.

502

Server Error.

post/request/sendrfp
https://API.orbipay.com/request/sendrfp

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Cancel RFP

header Parameters
client_key
required
string

The unique identifier assigned to the client.
Example:CLIAAADDD0910

product
required
string

The product identifier corresponding to the API.
Possible values:collections

payment_channel
required
string

The FI channel vide which the API is invoked.
Possible values:retail_banking, business_banking, smb_banking, bank_bos, atm, kiosk, pos, mobile_banking, csm, online

access_channel
string

This is internal channel through which the API is invoked.
Example:web_portal, agent

requestor_type
required
string

Identifies the requestor type for the API request.
Possible values:party

client_requestor_reference
string

The identifier for the requestor of the API, in the client system. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

requestor
string

The identifier for the requestor of the API issued by Orbipay. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

context_variant
string

To be used if there's a need to provide additional contextual information. For future use.

idempotent_request_key
required
string

The unique token that clients can generate and maintain in order to identify an API request. This is used to identify duplicate requests and retrials.
Example:6bc5f0f49ee2412a93b0596d6a3c4eca

timestamp
required
string

The UTC datetime when the API is invoked, in the ISO 8601 format
Example:2020-09-18T17:31:34.000-05:30

X-PAAS-Headers
string

For additional context information such as end user IP address, session information and so on. The content is a list of key-value pairs separated by semicolon (;) where key and value are separated by equals sign(=).
Example:session=SADKAS2131312;ip_address=10.112.25.45

Request Body Schema: application/json
id
required
string [ 0 .. 20 ] characters [0-9]{1,20}

The unique identifier assigned to rfp.

external_reference
string [ 0 .. 50 ] characters [0-9a-zA-Z._-]{0,50}

The unique identifier that the client might want to assign for the rfp.

cancellation_reason
string [ 1 .. 100 ] characters [0-9a-zA-Z._-]{0,50}

The Cancellaton reason.

reject_payment
boolean
Enum: true false

Indicates if the cancellation is not possible the if payment should be rejected or not.

Responses

200

Success

400

Bad Request

500

System Error.

502

Server Error.

post/request/cancelrfp
https://API.orbipay.com/request/cancelrfp

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Accept / Reject RFP

The API is used to accept or reject an RFP received earlier. This is, in turn, communicated to the sender of the RFP (creditor). Accepting an RFP does not automatically originate a credit transfer against the RFP. This will have to be initiated explicitly per the terms of the RFP that have been accepted.

path Parameters
rfp_id
required
string

The reference of the RFP received that is being accepted or rejected.

header Parameters
client_key
required
string

The unique identifier assigned to the client.
Example:CLIAAADDD0910

product
required
string

The product identifier corresponding to the API.
Possible values:collections

payment_channel
required
string

The FI channel vide which the API is invoked.
Possible values:retail_banking, business_banking, smb_banking, bank_bos, atm, kiosk, pos, mobile_banking, csm, online

access_channel
string

This is internal channel through which the API is invoked.
Example:web_portal, agent

requestor_type
required
string

Identifies the requestor type for the API request.
Possible values:party

client_requestor_reference
string

The identifier for the requestor of the API, in the client system. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

requestor
string

The identifier for the requestor of the API issued by Orbipay. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

context_variant
string

To be used if there's a need to provide additional contextual information. For future use.

idempotent_request_key
required
string

The unique token that clients can generate and maintain in order to identify an API request. This is used to identify duplicate requests and retrials.
Example:6bc5f0f49ee2412a93b0596d6a3c4eca

timestamp
required
string

The UTC datetime when the API is invoked, in the ISO 8601 format
Example:2020-09-18T17:31:34.000-05:30

X-PAAS-Headers
string

For additional context information such as end user IP address, session information and so on. The content is a list of key-value pairs separated by semicolon (;) where key and value are separated by equals sign(=).
Example:session=SADKAS2131312;ip_address=10.112.25.45

Request Body Schema: application/json
action
required
string
Enum: "accepted" "rejected"

Indicates if the RFP is being accepted or rejected.

comment
string [ 1 .. 100 ] characters [0-9a-zA-Z._-]{0,100}

Customer’s comments or memo on the RFP being accepted or rejected.

Responses

200

Success

400

Bad Request

401

Unauthorized

403

Forbidden

404

The requested resource doesn't exist.

422

The parameters were valid but the request failed.

500

Something went wrong and the request could not be processed.

502

Server Error.

post/request/{rfp_id}/review
https://API.orbipay.com/request/{rfp_id}/review

Please click on a language icon above to try out the API

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Common

Get Payment Status

Get Payment Status API returns the current status of payment.

header Parameters
client_key
required
any

The unique identifier assigned to the client.
Example:CLIAAADDD0910

product
required
any

The product identifier corresponding to the API.
Possible values:retail_transfers,business_transfers,account_opening

payment_channel
required
any

The FI channel vide which the API is invoked.
Possible values:retail_banking, business_banking, smb_banking, bank_bos, atm, kiosk, pos, mobile_banking, csm, online

access_channel
any

This is internal channel through which the API is invoked.
Example:web_portal, agent

requestor_type
required
any

Identifies the requestor type for the API request.
Possible values:party, client_agent, external_agent

client_requestor_reference
any

The identifier for the requestor of the API, in the client system. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

requestor
any

The identifier for the requestor of the API issued by Orbipay. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

context_variant
any

To be used if there's a need to provide additional contextual information. For future use.

idempotent_request_key
required
any

The unique token that clients can generate and maintain in order to identify an API request. This is used to identify duplicate requests and retrials.
Example:6bc5f0f49ee2412a93b0596d6a3c4eca

timestamp
required
any

The UTC datetime when the API is invoked, in the ISO 8601 format
Example:2020-09-18T17:31:34.000-05:30

X-PAAS-Headers
any

For additional context information such as end user IP address, session information and so on. The content is a list of key-value pairs separated by semicolon (;) where key and value are separated by equals sign(=).
Example:session=SADKAS2131312;ip_address=10.112.25.45

Request Body Schema: application/json
payment_reference
string [ 1 .. 36 ] characters [0-9a-zA-Z_-]{1,36}

The unique identifier that the bank might want to assign for the payment.

id
string

The unique identifier assigned by Unified Money Movement Services to payment.

Constraints: CMM11

Responses

200

The Payment object with id and confirmation mumber issued by Unified Money Movement Services.

400

Bad Request

401

Unauthorized

403

Forbidden

404

The requested resource doesn't exist.

422

The parameters were valid but the request failed.

500

Something went wrong and the request could not be processed.

502

Server Error.

post/fasterpayments/v1/status/getpaymentstatus
https://API.orbipay.com/fasterpayments/v1/status/getpaymentstatus

Please click on a language icon above to try out the API

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Ancillary

Get Routing Details

The API is used to get information on the Routing and Transit Number. It returns the details of the corresponding Participant in the RTP Network, the RTP messages that it supports and the current status of the participant.

path Parameters
routing_number
required
string

The Routing Number for which the real-time capabilities need to be checked.

header Parameters
client_key
required
any

The unique identifier assigned to the client.
Example:CLIAAADDD0910

product
required
any

The product identifier corresponding to the API.
Possible values:retail_transfers,business_transfers,account_opening

payment_channel
required
any

The FI channel vide which the API is invoked.
Possible values:retail_banking, business_banking, smb_banking, bank_bos, atm, kiosk, pos, mobile_banking, csm, online

access_channel
any

This is internal channel through which the API is invoked.
Example:web_portal, agent

requestor_type
required
any

Identifies the requestor type for the API request.
Possible values:party

client_requestor_reference
any

The identifier for the requestor of the API, in the client system. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

requestor
any

The identifier for the requestor of the API issued by Orbipay. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

context_variant
any

To be used if there's a need to provide additional contextual information. For future use.

idempotent_request_key
required
any

The unique token that clients can generate and maintain in order to identify an API request. This is used to identify duplicate requests and retrials.
Example:6bc5f0f49ee2412a93b0596d6a3c4eca

timestamp
required
any

The UTC datetime when the API is invoked, in the ISO 8601 format
Example:2020-09-18T17:31:34.000-05:30

X-PAAS-Headers
any

For additional context information such as end user IP address, session information and so on. The content is a list of key-value pairs separated by semicolon (;) where key and value are separated by equals sign(=).
Example:session=SADKAS2131312;ip_address=10.112.25.45

Responses

200

Success

400

Bad Request

401

Unauthorized

403

Forbidden

404

The requested resource doesn't exist.

422

The parameters were valid but the request failed.

500

Something went wrong and the request could not be processed.

502

Server Error.

get/fasterpayments/v1/rtp/rtn/{routing_number}
https://API.orbipay.com/fasterpayments/v1/rtp/rtn/{routing_number}

Please click on a language icon above to try out the API

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Verify Card Details

The API is used to validate a card for payment.

query Parameters
name_match
string

Indicates card account name match strategy to be followed.
Possible Values :
strict complete name match only.
lenient complete or partial name match, name match not supported for card.
ignore name match not required. default

header Parameters
client_key
required
any

The unique identifier assigned to the client.
Example:CLIAAADDD0910

product
required
any

The product identifier corresponding to the API.
Possible values:retail_transfers,business_transfers,account_opening

payment_channel
required
any

The FI channel vide which the API is invoked.
Possible values:retail_banking, business_banking, smb_banking, bank_bos, atm, kiosk, pos, mobile_banking, csm, online

access_channel
any

This is internal channel through which the API is invoked.
Example:web_portal, agent

requestor_type
required
any

Identifies the requestor type for the API request.
Possible values:party

client_requestor_reference
any

The identifier for the requestor of the API, in the client system. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

requestor
any

The identifier for the requestor of the API issued by Orbipay. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

context_variant
any

To be used if there's a need to provide additional contextual information. For future use.

idempotent_request_key
required
any

The unique token that clients can generate and maintain in order to identify an API request. This is used to identify duplicate requests and retrials.
Example:6bc5f0f49ee2412a93b0596d6a3c4eca

timestamp
required
any

The UTC datetime when the API is invoked, in the ISO 8601 format
Example:2020-09-18T17:31:34.000-05:30

X-PAAS-Headers
any

For additional context information such as end user IP address, session information and so on. The content is a list of key-value pairs separated by semicolon (;) where key and value are separated by equals sign(=).
Example:session=SADKAS2131312;ip_address=10.112.25.45

Request Body Schema: application/json
businessfunction_entryclass
VISA (string)

The payment network specific code corresponding to the business application or function for the transaction. This corresponds to the Business Application Identifier (BAI) in the case of Visa transactions.

card_account
object

Responses

200

Success

400

Bad Request

401

Unauthorized

403

Forbidden

404

The requested resource doesn't exist.

422

The parameters were valid but the request failed.

500

Something went wrong and the request could not be processed.

502

Server Error.

post/fasterpayments/v1/card/verify
https://API.orbipay.com/fasterpayments/v1/card/verify

Please click on a language icon above to try out the API

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Calculate Fee

The API is used to evaluate the fee for a transaction.

header Parameters
client_key
required
any

The unique identifier assigned to the client.
Example:CLIAAADDD0910

product
required
any

The product identifier corresponding to the API.
Possible values:retail_transfers,business_transfers,account_opening

payment_channel
required
any

The FI channel vide which the API is invoked.
Possible values:retail_banking, business_banking, smb_banking, bank_bos, atm, kiosk, pos, mobile_banking, csm, online

access_channel
any

This is internal channel through which the API is invoked.
Example:web_portal, agent

requestor_type
required
any

Identifies the requestor type for the API request.
Possible values:party

client_requestor_reference
any

The identifier for the requestor of the API, in the client system. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

requestor
any

The identifier for the requestor of the API issued by Orbipay. Either the client_requestor_reference or the requestor has to be available in every API request for audit purposes.

context_variant
any

To be used if there's a need to provide additional contextual information. For future use.

idempotent_request_key
required
any

The unique token that clients can generate and maintain in order to identify an API request. This is used to identify duplicate requests and retrials.
Example:6bc5f0f49ee2412a93b0596d6a3c4eca

timestamp
required
any

The UTC datetime when the API is invoked, in the ISO 8601 format
Example:2020-09-18T17:31:34.000-05:30

X-PAAS-Headers
any

For additional context information such as end user IP address, session information and so on. The content is a list of key-value pairs separated by semicolon (;) where key and value are separated by equals sign(=).
Example:session=SADKAS2131312;ip_address=10.112.25.45

Request Body Schema: application/json
source
required
object

The JSON that contains all the attributes of customer to be created.

source_account
required
bank_account (object) or card_account (object)

Indicates source account

destination
required
object

The recipient of funds if the recipient is different from the customer.This is required only if destination is not the customer.

destination_account
required
bank_account (object) or card_account (object)

Indicates the recipient account of the payment.

amount
required
object

The amount being transfered from the source account to the destination account.

businessfunction_entryclass
required
VISA (string) or NACHA (string)

The payment network specific code corresponding to the business application or function for the transaction. This corresponds to the Business Application Identifier (BAI) in the case of Visa transactions, the Standard Entry Class (SEC) code in the case of ACH transactions and so on.

fulfilment_type
required
string
Enum: "instant" "instant.TCH_RTP" "instant.FEDNOW" "urgent.FEDWIRE" "xb.fedwire" "xb.fedwire.convera"

Responses

200

Success

400

Bad Request

401

Unauthorized

403

Forbidden

404

The requested resource doesn't exist.

422

The parameters were valid but the request failed.

500

Something went wrong and the request could not be processed.

502

Server Error.

post/fasterpayments/v1/calculatefee
https://API.orbipay.com/fasterpayments/v1/calculatefee

Please click on a language icon above to try out the API

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
}

Health Monitoring

Health Monitoring

API returns the status of application, it is up or down.It will be accessible with HTTP BASIC Authentication.

Responses

200

The Json file with the current status of application.

400

Bad Request

401

Unauthorized

403

Forbidden

404

The requested resource doesn't exist.

422

The parameters were valid but the request failed.

500

Something went wrong and the request could not be processed.

502

Server Error.

get/appstatus/api/v1/status
https://API.orbipay.com/appstatus/api/v1/status

Please click on a language icon above to try out the API

Response samples

Content type
application/json
Copy
Expand all Collapse all
[
]