Introduction
API services for growing Business and Corporates
Singleview B2B APIs provide a secure connection medium to corporate and business users to access the following services using our modern and secure APIs:
- Payouts: Make instant account-to-account fund transfers
- Post-payment enquiry: Track payment processing and status in real-time
- Account information services
- Balance enquiry: Fetch account balances
- Account statement: Get custom account transaction statements
Security overview
Singleview B2B API services employs multi-layers authentication of requests to define authorized access to the platform and maintain better security, and privacy. The following is the basic flow representation of B2B partner identification through Singleview B2B Services APIs.
Security flow - Authentication of partner to access Singleview B2B Services API
Onboarding Requirements
The users interested in accessing SingleView B2B API services need to share the following information and meet the mentioned prerequisites:
- User needs to share the details of their Public IPs and Certificates (Self-signed or Authorized) for
Whitelistingpurpose- Share the service required documents
- Get registered by the bank and get the company code
Upon successful registration and completion of prerequisite formalities, the user will be provided with Client ID and Client Secret to access SingleView B2B API Services.
Service Validations
Every request is goes through a series of validations based on the type of the Service API being hit. The following are the various validation required to access the concerned Singleview B2B Services API:
| B2B API Service | Service Validations |
|---|---|
| Account statement | - Signature verification - IPs Whitelisting - Token Validation - Valid/Active B2B company code - Authorized account - Statement date should not be current/future date - While requesting the statement date should not be more than 1 day - Statement Date should not be prior to 30 days. |
| Balance enquiry | - Signature verification - IPs Whitelisting - Token validation - Valid/Active B2B company code - Valid SABB Account Number/IBAN number |
| Payouts | - Signature verification - IPs Whitelisting - Token Validation - Valid/Active B2B company code - Ensure a valid Debit Account number is captured - Availability of sufficient fund in Debit account - Back value date transaction will not be accepted - Future value date payment should not exceed 14 days from the date of payment initiation - Transactions amount should not exceed per transaction limit/per day limit - No Duplicate transactions allowed (i.e.) Transaction will be rejected if the same sequence number has been used in the past (or) the payment initiated to the same beneficiary with same day, same amount and same value date Account-to-Account Validations (With Bank) - Must be a valid account (BBAN/IBAN) SARIE Validations - Beneficiary BIC code must be valid - Beneficiary information should have a valid IBAN with its corresponding BIC ID - Transactions received after cut-off will be processed on next business day - Transactions received during holidays/weekends will be processed on next business day - Any local payment (LP) should have a valid purpose of remittance information captured International Transfers Validation - Beneficiary BIC code must be valid - Transactions received after cut-off should be processed on next business day - Transactions received during holidays/weekends shall be processed on next business day - Any overseas payment (TT) should have a valid purpose of remittance information captured - IBAN mandated/listed countries should capture only βIBAN numberβ for processing the payments - Any NonβIBAN mandated/listed countries should capture only βAccount Numberβ with the local clearing code (whichever country is applicable) for processing the payments |
| Post-payment enquiry | - Signature verification - IPs Whitelisting - Token Validation - Valid/Active B2B company code |
Parts of the request
Message
This part carries the information that is required to authenticate a request. This includes Client ID, Client Secret and Access Token.
Body
This part includes the information about the request created on the backend of the client application.
Signature
Encrypted string obtained by processing request body with Private Key/Certificate through SHA-256 with RSA Algorithm (Crypto : JCE Sign).
Updated 2 months ago