This is a preview version of the API intended for early testing and integration. Preview versions are not stable and may include breaking changes before general availability.
Changelog
2026-04-01
User Management API
New endpoints for managing users and sessions:
- POST /users - Create a user with an
externalIdmapping to your system - GET /users - Find a user by
externalId - GET /users/{userUuid} - Get user by UUID (supports both API key and JWT)
- DELETE /users/{userUuid} - Anonymize a user (soft delete)
- POST /users/{userUuid}/sessions - Create a JWT session token scoped to the user
- GET /users/{id}/collections - Get all collections for a user
- GET /users/{id}/consents - Get all consents for a user
New schemas: UserResponse, CreateUserRequest, SessionResponse
New PSD2 Banking Data Support
This version introduces PSD2 Account Information Service (AIS) support for collecting banking data:
- Psd2SavingsAccount - Savings accounts accessible via PSD2
- Psd2CheckingAccount - Checking/current accounts via PSD2
- Psd2CreditCard - Credit card products via PSD2
Consent Management
New consent lifecycle for PSD2 data collection:
- Consent - Consent record with status tracking, expiration, and scope
- CreateConsentRequest - Create PSD2 AIS consents with company, login method, and parameters
- ConsentStatusResponse - Poll consent status with auth instructions (BankID QR code or autostart token) and recommended polling interval
- ConsentError / ConsentStatusError - Structured error handling for consent failures
- Consent status flow:
INITIATED→AWAITING_AUTHORIZATION→AUTHORIZED|REVOKED|EXPIRED|FAILED
New Parameters
- Psd2AisConsentParameter - Handle AIS consent when initiating PSD2 collections
- SwedishBankIdParameter - Swedish BankID authentication for consent authorization
- Support for stored consent handling for previously-authorized collections
Financial Products
- Typed
personalInformation— ThepersonalInformationfield on all financial product responses has changed from an untyped key-value map to a typed PersonalInformation object with named fields (personalInformation.personalNumberinstead ofpersonalInformation["PERSONAL_NUMBER"]). The object may benullwhen no personal data is available, and additional fields may be added in future versions.