Nordigen API uses token-based authentication. You'll need the
client_secret assigned to your organisation. These credentials can be found in the Nordigen API Dashboard. The token MUST BE CACHED due to the terms of service. To get the token, send the request to https://api.nordigen.com/oauth/token with POST HTTP request body:
|client_ID||Your client ID|
|client_secret||Your client secret|
|Security Scheme Type||HTTP|
|HTTP Authorization Scheme||bearer|
We periodically release new versions. Current version is v2. You can provide specific version in the request URL; e.g.
All error HTTP codes are going to be 4xx or 5xx, so we recommend using success http codes for the control flow and the error codes for informative purposes. If an error has occurred, it will be displayed in the following form:
Possible error codes
|Error code||Description||HTTP status|
|API_REQUIRED_PARAMS_MISSING||One or more params required missing, check source for which elements need to be filled||400|
|TIMEOUT_PROCESSING||Processing timed out||400|
|ANALYSIS_ALREADY_REQUESTED||Analysis operations were already requested for this record||400|
|PDF_PARSE_FAILURE||Unsupported pdf file was uploaded||400|
|RATE_LIMIT||Too many requests in a short period of time||429|
|EXCEEDED_LIMIT||Processing record limit has been exceeded||400|
|NO_SUITABLE_PARSERS||Unsupported file was uploaded but with valid file format||400|
|UNKNOWN_ERROR||Unexpected error occurred whilst processing the file||500|
|NOT_FOUND||Could not find specified request_id in database||404|
|GONE||Stored file associated with the request_id can not be fetched||410|
|UNSUPPORTED_COUNTRY_REQUESTED||Given country code not in supported country list, see Supported Statement Formats||400|
|SERVICE_UNAVAILABLE||Downtime/misconfiguration on Nordigen part||503|
|FORBIDDEN||No access for the resource||403|
|FEATURE_EXTRACT_FAILURE||Failed process feature extraction, most likely because of the lack of data||400|
|CREDIT_SCORING_FAILURE||Failed process credit scoring calculation, most likely because of the lack of data||400|
Set up webhooks to send a request with the status of the processing record to your server once analysing statement is finished.
To set up webhooks see Webhooks under Endpoints section. To apply the webhook, pass
"use_webhook": true when requesting which operations to use.
Webhook request body
To the specified URL POST, the request will be sent with body as follows:
We support OAuth 2.0 and Basic Auth flows. If Oauth 2.0 is set, a token POST request will be sent with body as follows:
The expected response:
If a webhook request responds with 401, a new token will be requested once.
For HTTP codes 413, 429, 500, 502, 503, 504 the webhook request will be retried up to 10 times with exponential backoff of
0.5 * (2^n-1), where n is a retry count.
The system accepts statements in these file formats: JSON, XML, PDF (see the list below for more details). Images (including scanned documents, etc.) are not supported. If our engine is not calibrated for the country you are willing to process, please contact us.
Only UTF-8 character encoding supported. Characters not fitting the standard will be replaced as unrepresentable.
|AU||json||Credit Sense, Proviso|
|DE||json||Arva, Fintech Systems|
|EE||Coop Pank, Danske, LHV, Luminor, Nordea, SEB, Swedbank|
|FI||Aktia, Danske, Nordea, Pohjola|
|LT||DNB, Luminor, SEB, Swedbank|
|LV||Citadele, DNB, Luminor, Nordea, Norvik, PNB, PrivatBank, SEB, Swedbank, VSAA|