Mock sample for your project: Business Registries API
Integrate with "Business Registries API" from ato.gov.au in no time with Mockoon's ready to use mock sample
Business Registries
ato.gov.au
Version: 0.0.6
Start working with "Business Registries API" right away by using this ready-to-use mock sample. API mocking can greatly speed up your application development by removing all the tedious tasks or issues: API key provisioning, account creation, unplanned downtime, etc.
It also helps reduce your dependency on third-party APIs and improves your integration tests' quality and reliability by accounting for random failures, slow response time, etc.
Description
Introduction
The Business Registries API is built on HTTP. The API is RESTful. It has predictable resource URIs.
The API is documented in OpenAPI format.
In addition to the standard OpenAPI syntax we use a few
vendor extensions.
Overview
The following sections describe the resources that make up the Business Registries REST API.
Current Version
By default, all requests to https://api.abr.ato.gov.au receive the v1 version of the REST API. We encourage you to explicitly request this version via the Accept header.
Accept: application/vnd.abr-ato.v1+json
Schema
All API access is over HTTPS, and accessed from https://api.abr.ato.gov.au. All data is sent and received as JSON. Blank fields are included.
All dates use the ISO 8601 format:
YYYY-MM-DD
For example: 2017-07-01 (the 1st of July 2017)
All timestamps use the ISO 8601 format:
YYYY-MM-DDTHH:MM:SSZ
For example: 2017-07-01T11:05:06+10:00
Timezones
Some requests allow for specifying timestamps or generate timestamps with time zone information. We apply the following rules, in order of priority, to determine timezone information for API calls.
Explicitly provide an ISO 8601 timestamp with timezone information
For API calls that allow for a timestamp to be specified, we use that exact timestamp.
For example: 2017-07-01T11:05:06+10:00
Pagination
Information about pagination is provided in the Link header.
For example:
Link:; rel="next",; rel="last"
rel="next" states that the next page is page=2. This makes sense, since by default, all paginated queries start at page 1. rel="last" provides some more information, stating that the last page of results is on page 34. Accordingly, we have 33 more pages of information that we can consume.
Parameters
Many API methods take optional parameters:
GET /individuals/1234/addresses/?addressType='Mailing'
In this example, the '1234' value is provided for the :partyId parameter in the path while :addressType is passed in the query string.
For POST, PATCH, PUT, and DELETE requests, parameters not included in the URL should be encoded as JSON with a Content-Type of 'application/json'.
Metadata
The API provides metadata services that you can use to discover information about the classifcation schemes and values used by the Registry.
For example:
GET /classifications/roles
Sample response:
[
{
"id": "123e4567-e89b-12d3-a456-426655440001",
"role": "Director",
"roleDescription": "An individual responsible for managing a company's ...",
"relationship": "Directorship",
"reciprocalRole": "Company",
"reciprocalRoleDescription": "An incorporated legal entity."
},
{
...
}
]
Root Endpoint
You can issue a GET request to the root endpoint (also known as the service root) to get all the endpoint categories that the REST API supports:
curl https://api.abr.ato.gov.au
Authentication
The Business Registries API supports API Key authentication.
When you sign up for an account, you are given your first API key. You can generate additional API keys, and delete
API keys (as you may need to rotate your keys in the future). You authenticate to the Business Registries API by
providing your secret key in the request header.
Note: Some requests will return 404 Not Found, instead of 403 Permission Denied. This is to prevent the
accidental leakage of information to unauthorised users.
Other APIs in the same category
OpenFinTech.io
OpenFinTech.io is an open database that comprises of standardized primary data for FinTech industry.
It contains such information as geolocation data (countries, cities, regions), organizations, currencies (national, digital, virtual, crypto), banks, digital exchangers, payment providers (PSP), payment methods, etc.
It is created for communication of cross-integrated micro-services on "one language". This is achieved through standardization of entity identifiers that are used to exchange information among different services.
UML
UML Domain Model diagram you can find here.
Persistence
Entities are updated not more than 1 time per day.
Terms and Conditions
This OpenFinTech.io is made available under the Open Database License.
Any rights in individual contents of the database are licensed under the Database Contents License.
Contacts
For any questions, please email - [email protected]
Or you can contact us at Gitter
Powered by Paymaxi
Get Started
If you use POSTMAN or similar program which can operate with swagger`s files - just download our spec and import it. Also you can try live API demo.
Overview
The OpenFinTech API is organized around REST. Our API has predictable, resource-oriented URLs, and uses HTTP response codes to indicate API errors.
API is based on JSON API standard. JSON is returned by all API responses, including errors, although our API libraries convert responses to appropriate language-specific objects.
JSON API requires use of the JSON API media type (application/vnd.api+json) for exchanging data.
Additional Request Headers
ACCEPT HEADER
Your requests should always include the header:
If argument height or width is missing API returns original image with real sizes.
Errors
API uses conventional HTTP response codes to indicate the success or failure of an API request. In general, codes in the 2xx range indicate success, codes in the 4xx range indicate an error that failed given the information provided (e.g., a required parameter was omitted, etc.), and codes in the 5xx range indicate an error with OpenFinTech's servers (these are rare).
| Code | Description |
|------|-------------|
| 200 - OK | Everything worked as expected. |
| 400 - Bad Request | The request was unacceptable, often due to missing a required parameter. |
| 401 - Unauthorized | No valid API key provided. |
| 402 - Request Failed | The parameters were valid but the request failed. |
| 404 - Not Found | The requested resource doesn't exist. |
| 409 - Conflict | The request conflicts with another request (perhaps due to using the same idempotent key). |
| 429 - Too Many Requests | Too many requests hit the API too quickly. We recommend an exponential backoff of your requests. |
| 500, 502, 503, 504 - Server Errors | Something went wrong on OpenFinTech's end. (These are rare.) |
Event Notification API Specification - TPP Endpoints
The Consumer Financial Protection Bureau
ExchangeRate-API
Payment Initiation API
Frankie Financial API
This API allows developers to integrate the Frankie Financial Compliance Utility into their applications. The API allows:
Checking name, address, date of birth against national databases
Validating Australian driver's licences, passports, medicare, visas and other Australian national ID documents
Validating Australian electricity bills
Validating NZ driver's licences
Validating Chinese bank cards and national ID card
Validating International passports and national ID documents
PEP, Sanctions, Watchlist and adverse media checking
Australian visa checks
Fraud list and fraud background checks
ID validation and selfie check comparisons.
Industry specific services
Comparing Australian electricity retailers for a better deal.
KYB specific services
Query organisation ownership
Perform KYC & AML checks on shareholders, beneficial owners and office bearers.
Query credit score and credit reports
International company searches
International company profiles
The full version of this documentation along with supplemental articles can be found here:
https://apidocs.frankiefinancial.com/
The traditional Swagger view of this documentation can be found here:
https://app.swaggerhub.com/apis-docs/FrankieFinancial/kycutility
Sandbox base URL is:
https://api.demo.frankiefinancial.io/compliance/v1.2
We do have an old sandbox at https://sandbox.frankiefinancial.com/compliance/v1.2 but this has been retired.
All calls are the same as production, only with canned data.
Full Swagger definition, along with test data for playing in the sandbox can be obtained once initial commercial discussions have commenced.
Production and optional UAT access will be opened up only to those with a signed commercial contract.
Contact us at [email protected] to speak with a sales rep about issuing a Customer ID and Sandbox api key.
Business Registries
The Business Registries API is built on HTTP. The API is RESTful. It has predictable resource URIs.
The API is documented in OpenAPI format.
In addition to the standard OpenAPI syntax we use a few
vendor extensions.
Overview
The following sections describe the resources that make up the Business Registries REST API.
Current Version
By default, all requests to https://api.abr.ato.gov.au receive the v1 version of the REST API. We encourage you to explicitly request this version via the Accept header.
Accept: application/vnd.abr-ato.v1+json
Schema
All API access is over HTTPS, and accessed from https://api.abr.ato.gov.au. All data is sent and received as JSON. Blank fields are included.
All dates use the ISO 8601 format:
YYYY-MM-DD
For example: 2017-07-01 (the 1st of July 2017)
All timestamps use the ISO 8601 format:
YYYY-MM-DDTHH:MM:SSZ
For example: 2017-07-01T11:05:06+10:00
Timezones
Some requests allow for specifying timestamps or generate timestamps with time zone information. We apply the following rules, in order of priority, to determine timezone information for API calls.
Explicitly provide an ISO 8601 timestamp with timezone information
For API calls that allow for a timestamp to be specified, we use that exact timestamp.
For example: 2017-07-01T11:05:06+10:00
Pagination
Information about pagination is provided in the Link header.
For example:
Link:; rel="next",; rel="last"
rel="next" states that the next page is page=2. This makes sense, since by default, all paginated queries start at page 1. rel="last" provides some more information, stating that the last page of results is on page 34. Accordingly, we have 33 more pages of information that we can consume.
Parameters
Many API methods take optional parameters:
GET /individuals/1234/addresses/?addressType='Mailing'
In this example, the '1234' value is provided for the :partyId parameter in the path while :addressType is passed in the query string.
For POST, PATCH, PUT, and DELETE requests, parameters not included in the URL should be encoded as JSON with a Content-Type of 'application/json'.
Metadata
The API provides metadata services that you can use to discover information about the classifcation schemes and values used by the Registry.
For example:
GET /classifications/roles
Sample response:
[
{
"id": "123e4567-e89b-12d3-a456-426655440001",
"role": "Director",
"roleDescription": "An individual responsible for managing a company's ...",
"relationship": "Directorship",
"reciprocalRole": "Company",
"reciprocalRoleDescription": "An incorporated legal entity."
},
{
...
}
]
Root Endpoint
You can issue a GET request to the root endpoint (also known as the service root) to get all the endpoint categories that the REST API supports:
curl https://api.abr.ato.gov.au
Authentication
The Business Registries API supports API Key authentication.
When you sign up for an account, you are given your first API key. You can generate additional API keys, and delete
API keys (as you may need to rotate your keys in the future). You authenticate to the Business Registries API by
providing your secret key in the request header.
Note: Some requests will return 404 Not Found, instead of 403 Permission Denied. This is to prevent the
accidental leakage of information to unauthorised users.
Confirmation of Funds API Specification
Swiss NextGen Banking API-Framework
The Swiss NextGen API is based on the NextGenPSD2 Framework Version 1.3.4 of the Berlin Group which offers a modern, open, harmonised and interoperable set of
Application Programming Interfaces (APIs) as the safest and most efficient way to provide data securely.
The NextGen Framework reduces XS2A complexity and costs, addresses the problem of multiple competing standards
in Europe and, aligned with the goals of the Euro Retail Payments Board,
enables European banking customers to benefit from innovative products and services ('Banking as a Service')
by granting TPPs safe and secure (authenticated and authorised) access to their bank accounts and financial data.
The Swiss edtion refines the message formats specific to Switzerland and defines some matching examples.
The possible Approaches are:
Redirect SCA Approach
(Not recommended by obp.ch community) OAuth SCA Approach
(Not recommended by obp.ch community) Decoupled SCA Approach
(Not recommended by obp.ch community) Embedded SCA Approach without SCA method
(Not recommended by obp.ch community) Embedded SCA Approach with only one SCA method available
(Not recommended by obp.ch community) Embedded SCA Approach with Selection of a SCA method
Not every message defined in this API definition is necessary for all approaches.
Furthermore this API definition does not differ between methods which are mandatory, conditional, or optional
Therefore for a particular implementation of a compliant API it is only necessary to support
a certain subset of the methods defined in this API definition.
**Please have a look at the implementation guidelines if you are not sure
which message has to be used for the approach you are going to use.**
Some General Remarks Related to this version of the OpenAPI Specification:
This API definition is based on the Implementation Guidelines of the Berlin Group API.
It is not a replacement in any sense.
The main specification is (at the moment) always the Implementation Guidelines of the Berlin Group API.
This API definition contains the REST-API for requests from the PISP to the ASPSP.
This API definition contains the messages for all different approaches defined in the Implementation Guidelines.
According to the OpenAPI-Specification [https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.1.md]
"If in is "header" and the name field is "Accept", "Content-Type" or "Authorization", the parameter definition SHALL be ignored."
The element "Accept" will not be defined in this file at any place.
The elements "Content-Type" and "Authorization" are implicitly defined by the OpenApi tags "content" and "security".
There are several predefined types which might occur in payment initiation messages,
but are not used in the standard JSON messages in the Implementation Guidelines.
Therefore they are not used in the corresponding messages in this file either.
We added them for the convenience of the user.
If there is a payment product, which needs these fields, one can easily use the predefined types.
But the ASPSP need not to accept them in general.
**We omit the definition of all standard HTTP header elements (mandatory/optional/conditional)
except they are mentioned in the Implementation Guidelines.**
Therefore the implementer might add these in his own realisation of a comlient API in addition to the elements defined in this file.
General Remarks on Data Types
The Berlin Group definition of UTF-8 strings in context of the API have to support at least the following characters
a b c d e f g h i j k l m n o p q r s t u v w x y z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
0 1 2 3 4 5 6 7 8 9
/ - ? : ( ) . , ' +
Space