Version: 4.1.0

Spec

The Wych Data Recipient API allows you to connect customer-permissioned data from supported banks and data holders into your application.

This API is designed for Recipient and open banking use cases such as onboarding, account aggregation, transaction retrieval, analysis and customer-permissioned data sharing.

What you can do with this API

Using this API, you can:

• authenticate your application
• create or locate an application user
• launch and manage consent journeys
• retrieve customer connections and consent state
• access accounts, balances, transactions and related payment details
• work with supported data holders and provider configurations

How the API works

The Wych Recipient API typically follows this flow:

1. authenticate your application using your API key and client credentials
2. create or find the user in your application context
3. create or launch a consent journey
4. wait for the customer to complete consent with their institution
5. retrieve customer data using the active connection

Authentication

Protected API requests use:

• x-api-key
• Authorization: Bearer <token>

Depending on the endpoint, you may use either:

• an application-level token
• a user-context token for customer-specific data access

Main API sections

Core

Core endpoints support application authentication, user management, consent and connection management, and data holder discovery.

Customer Data

Customer Data endpoints provide access to account, balance, transaction and related financial data once consent is active.

Payment Details

Payment Details endpoints provide access to payees, scheduled payments and direct debit information where available.

Before you start

Before calling this API, make sure you have:

• a configured Partner profile
• a registered application
• valid client credentials
• a valid API key
• an appropriate consent flow configured for your use case

Getting started

For a typical integration, start with these endpoints:

• OpenID configuration
• Generate a client auth token
• Create or find a user
• Create a connection
• Authorize a connection
• Get all accounts
• Get account transactions

Related documentation

For portal setup, consent guidance and integration walkthroughs, refer to the Wych Recipient quick start and guides.

Authentication

API Key: apiKey

Wych gateway API key, this key can be found in the Wych customer portal.

Security Scheme Type:	apiKey
Header parameter name:	x-api-key

OAuth 2.0: clientToken

You retrieve this by using client credentials grant.

Security Scheme Type:	oauth2
OAuth Flow (clientCredentials):	Token URL: /realms/partner/protocol/openid-connect/token Scopes: READ:APP_USERS: Read all users associated with an app EXECUTE:TOKEN_EXCHANGE: Retrieve the user token

HTTP: Bearer Auth

You retrieve your user token as part of a token exchange, see Retrieve the user token for more information.

Security Scheme Type:	http
HTTP Authorization Scheme:	bearer
Bearer format:	JWT

Contact

Customer Support: support@wych.it

Terms of Service

https://www.wych.io/terms-conditions

License

Wych Holdings Limited, All rights reserved