Using Postman

Pre-requisites

Download Environment and Collection

We have created a Postman collection of a simple set of API calls to demonstrate the API. 

  • You can download the collection by clicking this link.  It will trigger a download of SISS REST API Starter.postman_collection.json

  • The environment is available by clicking this link. It will trigger a download of SISS REST API Basic Environment.postman_environment.json

Import these into Postman to begin.

In the Postman Environment make sure you provide the values given to you by SISS Data Services for:

  • clientId

  • clientSecret

You also need to fill in the following with the Primary or Secondary API Key from the Subscription area of your Profile

  • subscriptionKey

Also, when running any of the calls within the 3. Call these to add an account folder ensure you have provided values for the following in the Postmen Environment:

  • fintechClientId - this is a Unique ID representing the client within your system.

  • fintechClientName - ideally this is a name that represents the client within your system. If you have privacy concerns, you may obfuscate it, or repeat the fintechClientId.

The calls throw errors if the default values are detected.

Authorise

To make calls to the API, your application will first need to obtain an access token from the SISS Authorisation server. For the SISS REST API's, an OAuth 2.0 Client Credentials Grant flow is used.

To obtain the required authorisation token, you will need to call https://auth.sissdata.com.au/oauth/token and exchange your Client ID and Client Secret for a JWT token. 

In the provided Postman collection, this is shown in 1. Call this for Authorisation -> Obtain JWT Token

Picture

E.g. the call to the Authorisation API would be:

curl -X POST \ https://auth.sissdata.com.au/oauth/token \
 -H 'cache-control: no-cache' \
 -d 'grant_type=client_credentials
   &client_id=[your client id]
   &client_secret=[your client secret]
   &audience=https%3A%2F%2Fauth.sissdata.com.au'

The result of this call is a JWT access token.

{ "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJodHRwczovL3Npc3NkYXRhLmNvbS5hdS9iYWNrZW5kIjoic2FuZGJveCIsImlzcyI6Imh0dHBzOi8vYXV0aC5zaXNzZGF0YS5jb20uYXUvIiwic3ViIjoiMTlkYmM5NzQxNGE3NGIyZWE1OGFhYmZhOGExNWQ1MjdAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vYXV0aC5zaXNzZGF0YS5jb20uYXUiLCJpYXQiOjE1NTQwOTE4NzUsImV4cCI6MTU1NDA5NzYwOSwiYXpwIjoiMTlkYmM5NzQxNGE3NGIyZWE1OGFhYmZhOGExNWQ1MjciLCJndHkiOiJjbGllbnQtY3JlZGVudGlhbHMiLCJqdGkiOiJmZjU2ZGU0OC1jMmVlLTRkZWQtODU5Mi04YWUzYmM0M2E1NzUifQ.6Q5e0Ak6kC-MIHq4mDRC7kbbT8hujzFO2BQUrnt3_zY", "expires_in": 600, "token_type": "Bearer" }

Call SISS REST API end-points

Once you have obtained your JWT token, you can call any end-point which requires authorisation.

To make a call to the API, simply ensure that you provide the :

  • Authorization: bearer [JWT Token]

  • Ocp-Apim-Subscription-Key: [Ocp-Apim-Subscription-Key]

In the provided Postman collection, this is shown in 2. Test Authorisation is Working -> Get a List of SISS Institutions

Picture

E.g. the following call structure gets a list of SISS Institutions.

curl -X GET \ 'https://api.sissdata.com.au/cdr-au/v1/sds/institutions?page-size=3' \
 -H 'Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJodHRwczovL3Npc3NkYXRhLmNvbS5hdS9iYWNrZW5kIjoic2FuZGJveCIsImlzcyI6Imh0dHBzOi8vYXV0aC5zaXNzZGF0YS5jb20uYXUvIiwic3ViIjoiMTlkYmM5NzQxNGE3NGIyZWE1OGFhYmZhOGExNWQ1MjdAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vYXV0aC5zaXNzZGF0YS5jb20uYXUiLCJpYXQiOjE1NTQwOTE4NzUsImV4cCI6MTU1NDA5NzYwOSwiYXpwIjoiMTlkYmM5NzQxNGE3NGIyZWE1OGFhYmZhOGExNWQ1MjciLCJndHkiOiJjbGllbnQtY3JlZGVudGlhbHMiLCJqdGkiOiJmZjU2ZGU0OC1jMmVlLTRkZWQtODU5Mi04YWUzYmM0M2E1NzUifQ.6Q5e0Ak6kC-MIHq4mDRC7kbbT8hujzFO2BQUrnt3_zY' \
 -H 'Ocp-Apim-Subscription-Key: 8ddc3462ce724975868e9cadc42a5dee'

The above call would return a list of Institutions

{
    "data": {
        "institutions": [
            {
                "institutionId": "ANZ",
                "institutionType": "BNKA",
                "name": "Australia and New Zealand Bank",
                "email": "CustomerService@anz.com.au",
                "creationDateTime": "2011-08-31T11:30:08+10:00",
                "updateDateTime": "2020-02-20T17:13:13+11:00",
                "country": "AUS",
                "authorisationtypes": [
                    "CAF"
                ]
            },
            {
                "institutionId": "BEN",
                "institutionType": "BNKA",
                "name": "Bendigo Bank",
                "email": "sissdataforms@siss.com.au",
                "creationDateTime": "2017-08-10T16:43:48+10:00",
                "updateDateTime": "2020-02-20T17:17:47+11:00",
                "country": "AUS",
                "authorisationtypes": [
                    "CAF"
                ]
            },
            {
                "institutionId": "CBA",
                "institutionType": "BNKA",
                "name": "Commonwealth Bank Australia",
                "email": "info@cba.com.au",
                "creationDateTime": "2011-09-19T15:45:59+10:00",
                "updateDateTime": "2020-02-20T17:14:37+11:00",
                "country": "AUS",
                "authorisationtypes": [
                    "CAF"
                ]
            }
        ]
    },
    "links": {
        "self": "https://api.sissdata.com.au/cdr-au/v1/sds/institutions?page-size=3",
        "first": "https://api.sissdata.com.au/cdr-au/v1/sds/institutions?page-size=3&page=1",
        "next": "https://api.sissdata.com.au/cdr-au/v1/sds/institutions?page-size=3&page=2",
        "last": "https://api.sissdata.com.au/cdr-au/v1/sds/institutions?page-size=3&page=4"
    },
    "meta": {
        "totalRecords": 12,
        "currentPage": 1,
        "totalPages": 4
    }
}

Next Steps

Check our Tips, Tricks and Best Practices to optimise your usage.