Skip to main content

Troubleshooting

If you are stuck, start by identifying where the failure is happening: authentication, consent, or data retrieval. Then use the resources below to confirm expected behaviour and capture enough detail for support.

Data RecipientCompliance ValidationData Holder

Before you contact support

Collect the following (where available):

  • Environment: non-production or production
  • Product area: Data Recipient, Compliance Validation, or Data Holder
  • Timestamp and timezone
  • Request URL and HTTP method
  • Response status code and error payload
  • Correlation / request ID headers (if returned)
  • Your application or client identifier (if applicable)
  • Steps to reproduce (what you did, what you expected, what happened)
warning

Do not include secrets, private keys, or customer/end user details in tickets.

info

All dates and times used by the Wych system are presented in UTC unless explicitly stated otherwise.

API reference

Use these when you need request/response schemas, headers, error codes, and parameter rules.

Postman collections

Use our Postman for fast validation of credentials, endpoints, and payload structure.

  • Data Recipient Postman collection (recommended)
  • Compliance Validation Postman collection
  • Data Holder Postman collection

Terminology and concepts

Use these when you are unsure what a term means or how objects relate.

Common issues

1) I cannot authenticate

Symptoms:

  • 401 Unauthorized
  • 403 Forbidden
  • token request fails
  • API key missing or rejected

What to check:

  • You are using the correct environment base URL (non-production vs production).
  • Your request includes the required authentication headers (API key and authorisation token as applicable).
  • The token has not expired and is intended for the target environment.
  • Your clock is correct (JWT validation can fail if system time is wrong).

Next steps:

Symptoms:

  • customer cannot complete consent
  • redirect URL mismatch
  • returned error after provider login
  • customer ends on an error page

What to check:

  • Redirect/callback URL is registered exactly (scheme, hostname, path, trailing slash).
  • You are using the correct application-specific consent entry link.
  • Your application is configured for hosted vs embedded consent appropriately.
  • If using hosted consent: branding and consent copy are configured and published for the application.

Next steps:

3) Connection created but data is missing

Symptoms:

  • connection shows active but accounts/balances/transactions empty
  • transactions return zero results unexpectedly
  • some accounts appear but not others

What to check:

  • The customer authorised the scopes required for the data you are requesting.
  • You are calling the correct endpoints in the correct order.
  • You are using the correct connection or customer context token.
  • Date ranges and pagination parameters are correct.

Next steps:

4) Tests fail in Compliance Validation

Symptoms:

  • a suite fails unexpectedly
  • repeated failures across endpoints
  • evidence shows schema mismatch

What to check:

  • Target base URL and version are correct.
  • Required authorisation and certificates are configured for the target.
  • Your Data Holder implementation supports the required mandatory fields and behaviours.

Next steps:

5) Errors only happen in production

Symptoms:

  • works in non-production but fails in production
  • permissions or scopes appear different
  • intermittent authentication failures

What to check:

  • Production credentials and API keys are distinct from non-production.
  • Redirect URLs are registered for production domains.
  • Certificates and trust configuration are production-ready.
  • Rate limits and operational controls may differ from non-production.

Next steps:

  • Confirm environment setup and readiness with your Wych contact.
  • Capture correlation IDs and timestamps for affected calls before raising a ticket.

Raise a support request

If you still cannot resolve the issue:

  • Include the “Before you contact support” details above
  • Include Postman steps if you can reproduce via a collection
  • Provide the affected endpoint path(s) and response payload(s)

Contact support