User:Simpcy/sandbox

This is a simple API documentation for Sterling Pro. Most of the documents have a maker-checker policy, which means that the create, update and delete operations all need approval from another user before they are stored in the database. The objects affected include:


 * Roles.
 * Users
 * Beneficiaries
 * Transfers
 * Workflows
 * Invoicing
 * Bills

Some rules that are the same for all the documents include:


 * All documents have an object_state attribute which states whether or not the document has a pending approval. This can have the value, created, updated, deleted, frozen, or stable.


 * An object with anything other than stable means it's awaiting approval


 * Search on any of these documents supports the query parameter fresh to restrict results based on their approval status


 * update and delete fail when a document is frozen


 * You can revert the state of any object in any state except frozen and stable


 * You can add extra changes to a created or updated object

Sterling Proxy
This is a proxy service to the Sterling Bank SOAP APIs. Its main job is better error handling and performance improvements Get account details either by NUBAN or by Customer ID.
 * GET Accounts (Service Api)

Request for OTP on a phone number Validate token from OTP request.
 * POST Request OTP (Service API)
 * POST Validate OTP (Service API)

Get the transaction history of a Sterling customer either by the account's NUBAN or by the customer's ID.
 * GET transactions by date (Service API)

Move money between bank accounts using IBS. Supports both interbank and intrabank transfers.
 * POST Transfer(Service API)

Get a list of all NIP Participating Banks
 * GET Banks

Enquire for a particular account name. This returns the account name with an encrypted token to be passed to whatever client that needs the account name.
 * POST Name Enquiry

Make enquiry for multiple accounts in one request. It creates and enquiry job that the user can track with Batch Enquiry Results endpoint. It takes an array of the type defined by Name Enquiry API
 * POST Batch Name Enquiry

Move money between bank accounts using IBS. Supports both interbank and intrabank transfers.
 * POST Transfer(Service API)

Workspaces
This is a service that shows information that is related to customer bank accounts. Gets a list of all workspaces by a customer
 * GET Workspaces

Gets a specific workspace by a customer by ID
 * GET Workspace

Creates a workspace with a comapany name, an onboarding account and an array of accounts
 * POST Create Workspace

Gets a specific workspace by a customer by ID
 * DEL Workspace

Users
This is a service that manages user invitation, user updates, signin, signout and password and security management.

Create a user for approval and attach to the company from which it is created
 * POST Invite a user

Set user password and 2nd-factor settings. If soft_token is true, it will return a secret that must be validated by Validate Authenticator endpoint, otherwise, it returns the user session.
 * POST Setup Security

Validates the OTP generated by the user's authenticator and returns the user session
 * PATCH Validate Authenticator

Gets a specific user by its ID
 * GET User

Gets a list of all users in a particular workspace
 * GET Users

Request for deletion of a user by its id. Needs to be approved by checker
 * DELETE User

Creates a request to update on user. The delete will freeze the user till an approval happens
 * PUT Update User

This changes the role of multiple users
 * PUT Batch updates

Get a batch update which status is still pending.
 * GET Batch update

Change a user's password.
 * PUT Change password

Send a user another invitation email. Note that this doesn't automatically invalidate the previous email
 * PATCH ReInvite User

Set a new password so a user can log in
 * PATCH Set new password(Forgot password flow)

Returns the workspace pair that has been encoded into the session token. It contains throttle information on the user.
 * POST Decode a session token

Returns the workspace pair that has been encoded into the session token. It contains throttle information on the user.
 * POST Decode a session token

Login using password. Client can save the user's workspace, to give them the ability to switch later on
 * POST Login

Delete a user's session
 * DEL Logout

Roles
This service handles the different roles or permissions assignable to a user, each workspace can create default and custom roles.

This requests for a new role. It will remain frozen until approval
 * POST Create new role

This creates a default role
 * POST Default Roles(Temp)

Get a list of roles. Users can filter roles by name or for default roles only.
 * GET Roles

Get a specific role by ID. Returns the approved version by default
 * GET Role

Request that user role be deleted by ID. This request can be processed only if there are no users attached to the role
 * DEL Role

Request for an update of role permissions
 * UPDATE Role

Beneficiaries
This is a service handles account entities to which a workspace can disburse money to

Add beneficiary to list of beneficiaries
 * POST Add Beneficiary

Get a list of created beneficiaries
 * GET Search Beneficiaries

Get a specific beneficiary by ID.
 * GET Beneficiary 

Change a beneficiary's category among customer, staff or vendor
 * PUT Change Category

Remove a beneficiary by ID
 * DEL Remove Beneficiary

Import a list of beneficiaries into a specific category. This endpoint only expects a list of tokens returned after making name enquiry calls either through Bulk Name Enquiry or multiple calls to Name Enquiry of the sterling service.
 * POST Batch Import

Accounts/Transactions
Proxy to Sterling Service. This is the preffered method for accesing any account details as it acts as the security gateway

Get account details either by NUBAN or by Customer ID. It defines what accounts to make available based on the workspace settings
 * GET Accounts

Filters transactions and returns transactions by date
 * GET transactions by date

Workflows
This service handles requirements for performing a transfer

Add a new rule for reviewing transactions that match the limits described, which includes number of reviews a workflow requires to mark an object
 * POST Add Workflow

Gets a list of all approved and unapproved workflows
 * GET Workflows 

Get an approved workflow that will be applied to an object.
 * GET Workflow

Update a specific workflow
 * PUT Update workflow

Remove a workflow by ID
 * DEL Update workflow

Authorisations
This service handles confirmation of ownership of account for onboarding

Request that an account linked to the given account_number should be added to sterling pro platform
 * POST Request Authorisation

Finish Multi-Signatory account request by submitting the authorisation letter
 * PATCH Submit Authorisation Letter 

Validate that a single signatory wants their account on Sterling Pro
 * PATCH Confirm Authorization Request

Gets all accounts related to the authorization's initiation account.
 * GET Accounts

Set permissions of all the accounts to be brought into sterling pro.
 * PATCH Set account permissions

Remove an authorization by ID
 * DEL Authorization

Transfers
This service handles intra-bank and inter-bank money transfer

Create a new transfer awaiting approval
 * POST Create Transfer

Get a list of all transfers made through Sterling Pro
 * GET Transfers

View a single transfer created on Sterling Pro
 * GET Transfer

Update an existing unapproved transfer. Refer to the Create Transfer endpoint for parameters. Note that in order to prevent unnecessary calls to name enquiry, it's suggested that clients make a call to Get Transfer and use the request_token returned for each transfer for an unedited beneficiary
 * PUT Update Transfer

Delete an existing unapproved transfer.
 * DEL Transfer

Create a set of transfers in parallel.
 * POST Create Bulk Transfer

List all bulk transfers
 * GET Bulk Transfers

Get a single bulk transfer set. Note that for frozen bulk transfers each transfer in `transfers` has a `request_token` attached so clients don't have to perform name enquiry again
 * GET Bulk Transfer

Update an unapproved bulk transfer. Uses the same parameters as Initiate Bulk Transfer. Note that in order to prevent unnecessary calls to name enquiry, it's suggested that clients make a call to Get Bulk Transfer and use the request_token returned for each transfer for unedited beneficiaries
 * PUT Update Bulk Transfer

Delete an unapproved bulk transfer
 * DEL Bulk Transfer

Review Requests
This service handles requests for review.

Returns review request based on `RequestQuery` and who's asking
 * GET review requests

Get all events related to a particular review requests
 * GET review request

This returns all events that have occurred on the request since it was initiated
 * GET review request events

This returns changes that have been made to the object since the review request was created
 * GET review request checks

Approve, reject or request a change on a review request
 * GET Finalise

Notifications
Create a subscription token for streaming notifications.
 * POST Subcribe to Notifications

Logs the notification stream, default amount of notifications to request is a 10 and it skips 0 notification by default
 * GET subscribed notifications

Connect to the server using SSE to receive live notifications by a user
 * GET live notifications

Connect to the server using SSE to receive live notifications by a ID
 * GET live notification

Mark a given notification by ID as read
 * PUT Mark Read

Mark all notifications belonging to the session as read
 * PUT Mark All Read

Audit Logs
This service keeps a log of all the activities of a user for reference

Get activity logs for all users on the platform.
 * GET Audit Logs