# Analytics Platform (XS2A.risk) The analysis platform grants one-time access to account data of a bank account, credit card, or Paypal account with the aim of obtaining an electronic account statement or to be able to call up specific analysis results (individual key figures such as risk characteristics or entire reports) via a selection of predefined analysis modules. For this purpose, the end customer gives Tink Germany a one-time use consensus. ## Basic integration {% hint style="info" %} View the full technical documentation of this product [here](https://guide.xs2a.com/xs2a/integration-cs/getting-started/api-documentation). {% endhint %} ### Authentication ([*Documentation*](https://docs.fintecsystems.com/swagger/#section/Authentication)) All authentication in our API is done via HTTP basic authentication. {% tabs %} {% tab title="HTTP" %} ```http POST /v1/risks HTTP/1.1 Host: api.xs2a.com Content-Type: application/json Authorization: Basic base64("api:YOUR_API_KEY_GOES_HERE") Cache-Control: no-cache ``` {% endtab %} {% endtabs %} ### Create xs2a.risk object *(*[*Documentation*](https://docs.fintecsystems.com/swagger/#tag/XS2A.risk/paths/~1risks/post)*)* The first step is to configure a risk object that defines what our API needs to do in the process afterward. {% tabs %} {% tab title="HTTP" %} ```http POST /v1/risks HTTP/1.1 Host: api.xs2a.com Content-Type: application/json Authorization: Basic base64("api:YOUR_API_KEY_GOES_HERE") Cache-Control: no-cache { "xs2a_account_snapshot": { "enabled": "1", "days": "30", "from": "", "to": "", "with_subcategory": 1, "all_tags": true, "all_accounts": true }, "language": "de", "country_id": "DE", "metadata": { "myCustomData": "X92LAP3" } } ``` {% endtab %} {% endtabs %} As result, you will get a `wizard_session_key` and a `transaction` value. {% tabs %} {% tab title="JSON" %} ``` { "wizard_session_key": "m5A65Cy2lwI1rOXxuvwU4MM47b4tDaV0ME9By6It", "transaction": "10001-xv-LEz8-oct7" } ``` {% endtab %} {% endtabs %} ### Show the created payment session to the customer This step depends on the integration variant you want to use. In all variants, the `wizard_session_key` and the `transaction` value is used later. {% content-ref url="../integration-variants/javascript-widget" %} [javascript-widget](https://guide.xs2a.com/xs2a/integration-cs/integration-variants/javascript-widget) {% endcontent-ref %} {% content-ref url="../integration-variants/wizard-api" %} [wizard-api](https://guide.xs2a.com/xs2a/integration-cs/integration-variants/wizard-api) {% endcontent-ref %} {% content-ref url="../integration-variants/easyonboarding" %} [easyonboarding](https://guide.xs2a.com/xs2a/integration-cs/integration-variants/easyonboarding) {% endcontent-ref %} ### Retrieve information after the process is finished ([*Documentation*](https://docs.fintecsystems.com/swagger/#tag/XS2A.risk/paths/~1risks~1{transaction-id}/get)) {% hint style="info" %} We recommend [registering a webhook](https://guide.xs2a.com/xs2a/integration-cs/additional-guides/webhooks) in our application to get informed about specific events. {% endhint %} {% tabs %} {% tab title="HTTP" %} ```http GET /v1/risks/{transaction-id} HTTP/1.1 Host: api.xs2a.com Content-Type: application/json Authorization: Basic base64("api:YOUR_API_KEY_GOES_HERE") Cache-Control: no-cache ``` {% endtab %} {% tab title="cURL" %} ``` ``` {% endtab %} {% endtabs %} You will receive detailed information about the risk object. {% tabs %} {% tab title="JSON" %} ``` { "id": "xr_hd84kg9zns53lvh1", "transaction": "10001-xr-abcd-abcd", "account_holder": "MUSTERMANN, HARTMUT", "iban": "DE62888888880012345678", "bic": "TESTDE88XXX", "bank_name": "Testbank", "country_id": "DE", "testmode": "1", "created_at": "2015-05-05 11:47:45", "metadata": { }, "merchant_id": "", "object": "xs2a_risk", "xs2a_account_snapshot": { "object": "xs2a_account_snapshot", "days": 45, "from": "0000-12-27", "to": "0000-12-30", "filters": [], "all_tags": "1", "created_at": "2014-03-23 15:55:54" } } ``` {% endtab %} {% endtabs %}