API Documentation

Introduction

This document explains how to integrate with Nordigen API. Nordigen API is a set of endpoints that allows you to integrate our categorisation engine and insight products in your system. All responses will be shown in JSON format. All endpoints require Authorization token.
Before you start, make sure you have acquired an API Client ID and Client Secret from the Nordigen Api Dashboard. If you are not a Dashboard user, please contact our support team.
There are two options for using this API: (1) if you already have collected the data that must be processed, then jump straight to the Quickstart Guide; (2) if you need to obtain the data, then you should first start by implementing the Aggregation Widget, and then carry on with the respective guide.

Glossary

  • Operations: an analysis product to be applied on a processing record;
  • Operation keyword: a keyword that needs to be passed when requesting to apply product(s) to a processing record;
  • Request ID: identification for a processing record;
  • Processing record: uploaded statement(s) in either uploaded, processing, or finished state, identified by its request_id;
  • Category tree: a data structure for holding categories, identified by ID, containing relationship between parent and child categories;
  • Optionality: for each key, it is stated whether this key is optional or not. In this context, optional stands for the possibility to return a null value.

Authentication

Nordigen API uses token-based authentication. You'll need the client_ID and client_secret assigned to your organisation. These credentials can be found in the Nordigen API Dashboard. The token MUST BE CACHED due to the terms of service. To get the token, send the request to https://api.nordigen.com/oauth/token with POST HTTP request body:

KEYVALUEOPTIONAL
client_IDYour client ID
client_secretYour client secret
audiencehttps://nordigen/api
grant_typeclient_credentials

bearerAuth

Security Scheme TypeHTTP
HTTP Authorization Schemebearer
Bearer format"JWT"

Versioning

We periodically release new versions. Current version is v2. You can provide specific version in the request URL; e.g. https://api.nordigen.com/v2/report/process/:request-id.


Error Handling

All error HTTP codes are going to be 4xx or 5xx, so we recommend using success http codes for the control flow and the error codes for informative purposes. If an error has occurred, it will be displayed in the following form:

Possible error codes

Error codeDescriptionHTTP status
API_REQUIRED_PARAMS_MISSINGOne or more params required missing, check source for which elements need to be filled400
TIMEOUT_PROCESSINGProcessing timed out400
ANALYSIS_ALREADY_REQUESTEDAnalysis operations were already requested for this record400
PDF_PARSE_FAILUREUnsupported pdf file was uploaded400
RATE_LIMITToo many requests in a short period of time429
EXCEEDED_LIMITProcessing record limit has been exceeded400
NO_SUITABLE_PARSERSUnsupported file was uploaded but with valid file format400
UNKNOWN_ERRORUnexpected error occurred whilst processing the file500
NOT_FOUNDCould not find specified request_id in database404
GONEStored file associated with the request_id can not be fetched410
UNSUPPORTED_COUNTRY_REQUESTEDGiven country code not in supported country list, see Supported Statement Formats400
SERVICE_UNAVAILABLEDowntime/misconfiguration on Nordigen part503
FORBIDDENNo access for the resource403
FEATURE_EXTRACT_FAILUREFailed process feature extraction, most likely because of the lack of data400
CREDIT_SCORING_FAILUREFailed process credit scoring calculation, most likely because of the lack of data400

Webhooks

Set up webhooks to send a request with the status of the processing record to your server once analysing statement is finished.

Setup

To set up webhooks see Webhooks under Endpoints section. To apply the webhook, pass "use_webhook": true when requesting which operations to use.

Webhook request body

To the specified URL POST, the request will be sent with body as follows:

Authentication

We support OAuth 2.0 and Basic Auth flows. If Oauth 2.0 is set, a token POST request will be sent with body as follows:

The expected response:

If a webhook request responds with 401, a new token will be requested once.

Retries

For HTTP codes 413, 429, 500, 502, 503, 504 the webhook request will be retried up to 10 times with exponential backoff of 0.5 * (2^n-1), where n is a retry count.


Supported File Formats

The system accepts statements in these file formats: JSON, XML, PDF (see the list below for more details). Images (including scanned documents, etc.) are not supported. If our engine is not calibrated for the country you are willing to process, please contact us.
Only UTF-8 character encoding supported. Characters not fitting the standard will be replaced as unrepresentable.

CountryFormatProvider
*asice*
*bdoc*
*jsonNordigen, Kevin
AUjsonCredit Sense, Proviso
AUxmlYodlee
CZxmlKontomatik
DEjsonArva, Fintech Systems
DKxmlInstantor
EExmlKontomatik
EEpdfCoop Pank, Danske, LHV, Luminor, Nordea, SEB, Swedbank
ESjsonInstantor
ESxmlInstantor, Kontomatik
FIjsonInstantor, Tink
FIxmlInstantor
FIpdfAktia, Danske, Nordea, Pohjola
GBjsonTink
IDjsonInstantor
LTpdfDNB, Luminor, SEB, Swedbank
LVjsonInstantor
LVxmlKontomatik
LVpdfCitadele, DNB, Luminor, Nordea, Norvik, PNB, PrivatBank, SEB, Swedbank, VSAA
NZjsonProviso
PLxmlKontomatik
SEjsonInstantor, Tink
SExmlInstantor