Guide to XS2A
  • What is XS2A?
  • Customer Cockpit
    • Overview
      • Track your Business
      • Permissions and Roles
      • Generating API-Keys
      • Creating Webhooks
      • Contact our Support
      • Successful transactions
      • Last Errors
  • Integration
    • How to go live
      • Technical Onboarding
      • KYC (Know Your Customer)
      • Video Ident
    • Getting started
      • Product specific recommendations
      • Registering your account
      • Required steps to start
      • Use case integration
      • API documentation
      • Integration variants
      • Upload eIDAS certificates
      • Choose a Platform
    • 💡UX - Integration Guide
    • Integration Variants
      • Javascript-Widget
        • Webview App Integration
      • Mobile SDK (iOS & Android)
      • Wizard-API
      • EasyOnboarding
    • Integration by Use Case
      • PFM (Personal Finance Management)
      • P2P (Purchase-to-pay)
      • Loan Origination (B2C)
      • Loan Origination (B2B)
      • Insurance
      • PSP (Payment Service Provider)
      • Leasing
      • Age verification check
      • Source of Funds/Wealth
    • Products & Platforms
      • Payment Platform (XS2A.pay)
      • Analytics Platform (XS2A.risk)
      • Open Banking Platform (XS2A.api)
      • OnlineÜberweisen
    • Product Features
      • Testbank 2.0
      • Reconciliation
      • Payouts & Refunds
      • Simple Pay
      • Credit cards
    • Additional Guides
      • Errorcodes
      • Categorization
        • The Categorization Taxonomy
        • The Categorization Engine
        • Quality Assurance
      • B2C & B2B Rating Checks
        • B2B Rating
        • B2C Rating
      • Reports
      • PayPlus
      • Reconciliation
        • Automatic Recon OnlineÜberweisen
        • Manual Recon OnlineÜberweisen
        • Recon Payment Platform (XS2A.pay)
      • Webhooks
  • FAQ
    • XS2A
      • Merchant admin
    • OnlineÜberweisen
      • For merchants
Powered by GitBook
On this page
  • Basic integration
  • Authentication (Documentation)
  • Create xs2a.risk object (Documentation)
  • Show the created payment session to the customer
  • Retrieve information after the process is finished (Documentation)

Was this helpful?

  1. Integration
  2. Products & Platforms

Analytics Platform (XS2A.risk)

PreviousPayment Platform (XS2A.pay)NextOpen Banking Platform (XS2A.api)

Last updated 2 years ago

Was this helpful?

The analysis platform grants one-time access to account data of a bank account, credit card, or Paypal account with the aim of obtaining an electronic account statement or to be able to call up specific analysis results (individual key figures such as risk characteristics or entire reports) via a selection of predefined analysis modules. For this purpose, the end customer gives Tink Germany a one-time use consensus.

Basic integration

View the full technical documentation of this product .

Authentication ()

All authentication in our API is done via HTTP basic authentication.

POST /v1/risks HTTP/1.1
Host: api.xs2a.com
Content-Type: application/json
Authorization: Basic base64("api:YOUR_API_KEY_GOES_HERE")
Cache-Control: no-cache

Create xs2a.risk object ()

The first step is to configure a risk object that defines what our API needs to do in the process afterward.

POST /v1/risks HTTP/1.1
Host: api.xs2a.com
Content-Type: application/json
Authorization: Basic base64("api:YOUR_API_KEY_GOES_HERE")
Cache-Control: no-cache

{
  "xs2a_account_snapshot": {
    "enabled": "1",
    "days": "30",
    "from": "",
    "to": "",
    "with_subcategory": 1,
    "all_tags": true,
    "all_accounts": true
  },
  "language": "de",
  "country_id": "DE",
  "metadata": {
      "myCustomData": "X92LAP3"
  }
}

As result, you will get a wizard_session_key and a transaction value. 

{
    "wizard_session_key": "m5A65Cy2lwI1rOXxuvwU4MM47b4tDaV0ME9By6It",
    "transaction": "10001-xv-LEz8-oct7"
}

Show the created payment session to the customer

This step depends on the integration variant you want to use. In all variants, the wizard_session_key and the transaction value is used later.

GET /v1/risks/{transaction-id} HTTP/1.1
Host: api.xs2a.com
Content-Type: application/json
Authorization: Basic base64("api:YOUR_API_KEY_GOES_HERE")
Cache-Control: no-cache

You will receive detailed information about the risk object.

{
  "id": "xr_hd84kg9zns53lvh1",
  "transaction": "10001-xr-abcd-abcd",
  "account_holder": "MUSTERMANN, HARTMUT",
  "iban": "DE62888888880012345678",
  "bic": "TESTDE88XXX",
  "bank_name": "Testbank",
  "country_id": "DE",
  "testmode": "1",
  "created_at": "2015-05-05 11:47:45",
  "metadata": { },
  "merchant_id": "",
  "object": "xs2a_risk",
  "xs2a_account_snapshot": {
    "object": "xs2a_account_snapshot",
    "days": 45,
    "from": "0000-12-27",
    "to": "0000-12-30",
    "filters": [],
    "all_tags": "1",
    "created_at": "2014-03-23 15:55:54"
  }
}

Retrieve information after the process is finished ()

We recommend in our application to get informed about specific events.

here
Documentation
Documentation
Javascript-Widget
Wizard-API
EasyOnboarding
Documentation
registering a webhook