Skip to main content

Platform endpoints

How to call each route group — auth, request/response summary, and caller notes. The formal request/response schema is the OpenAPI contract; these pages link to it rather than restating it. State journeys are in lifecycle.

All routes sit under the global /v1 prefix and require a bearer token (a B2B JWT). Every call is scoped to the client/brand carried by that token — you only see and act on resources in your own tenant. Most resource routes also require an active party context; per-route requirements are noted on each page.

Customer-facing route groups

Route groupPage
Parties — provision, search, get/update/delete, relationshipsparties
Identity verification (KYX) — initiate, upload, statusparties
Accounts — list/open/read, alias, transactions, signatoriesaccounts
Cards — list/create/read, activate/lock/unlock/cancel, PIN, transaction settingscards
Payments — BPAY/BSB/PayID lookups, schemes, validate, initiatepayments
Payees — list/read/create/deletepayees
Scheduled payments — list, cancel (prefix /parties/scheduled)scheduled-payments
Statements — list, downloadstatements
Notifications — send, list, read, cancel, purgenotifications
Banking products — catalogue readbanking-products
Address — autocomplete, metadataaddress

Operator route groups (/v1/admin/*)

Operator-only; see admin for the auth modes and ordering rules.

Route groupPage
Clients & brandsClients
ProductsProducts
External applicationsExternal applications
Routing policiesRouting policies
Configuration (business rules)Configuration
Domain-object mappingMapping