Skip to main content

AIS transactions

After verification is complete for a session with purpose=account_data (AIS/PSD2), you can retrieve transaction history from the customer's connected banks.

GET/api/v1/verifications/{id}/transactionsComplete contract: filter parameters, transaction schema, pagination and error codes.Full contract in the API Reference

Endpoint

GET /api/v1/verifications/{id}/transactions

Requirements

  • The session must have purpose: account_data
  • The session must be in completed state
  • The provider must be ais_psd2

Query parameters

ParameterTypeDescription
bank_keystringFilter by bank key, for example pko_bp or mbank
account_iduuidFilter by a specific account ID
per_pageintegerResults per page, from 1 to 200; default 50

Example

curl "https://hub.dpay.pl/api/v1/verifications/a1b2c3d4-e5f6-7890-abcd-ef1234567890/transactions?per_page=50" \
-H "Authorization: Bearer deid_live_xxx"

Response (200 OK)

{
"data": [
{
"id": "tx-uuid-1",
"amount": "150.00",
"currency": "PLN",
"category": "DEBIT",
"description": "Transfer to Jan Kowalski",
"booking_date": "2026-04-05",
"trade_date": "2026-04-05",
"counterparty": "Jan Kowalski",
"account_id": "acc-uuid-1"
},
{
"id": "tx-uuid-2",
"amount": "5000.00",
"currency": "PLN",
"category": "CREDIT",
"description": "Salary",
"booking_date": "2026-04-01",
"trade_date": "2026-04-01",
"counterparty": "XYZ Ltd.",
"account_id": "acc-uuid-1"
}
],
"meta": {
"current_page": 1,
"total": 45,
"per_page": 50,
"last_page": 1
}
}

Transaction schema

FieldTypeDescription
iduuidUnique transaction ID in the HUB
amountstringTransaction amount as a string for decimal precision
currencystringISO 4217 currency code such as PLN or EUR
categorystringCREDIT for incoming funds or DEBIT for an expense
descriptionstring|nullTransaction description from the bank's system
booking_datedate|nullBooking date (YYYY-MM-DD)
trade_datedate|nullTransaction date (YYYY-MM-DD)
counterpartystring|nullCounterparty, either the sender or recipient
account_iduuidID of the bank account from which the transaction originated

Errors

CodeErrorDescription
403TRANSACTIONS_NOT_AVAILABLEThe session does not use account_data
404SESSION_NOT_COMPLETEDThe session is incomplete or does not exist

403 error example

{
"error": {
"code": "TRANSACTIONS_NOT_AVAILABLE",
"message": "Transaction data is only available for account_data sessions."
}
}

Filtering

Transactions from one bank

curl "https://hub.dpay.pl/api/v1/verifications/{id}/transactions?bank_key=mbank" \
-H "Authorization: Bearer deid_live_xxx"

Transactions from a specific account

curl "https://hub.dpay.pl/api/v1/verifications/{id}/transactions?account_id=acc-uuid-1" \
-H "Authorization: Bearer deid_live_xxx"

Pagination

The endpoint returns paginated data:

  • Default: 50 transactions per page
  • Maximum: 200 transactions per page (per_page=200)

Use the page parameter to retrieve subsequent pages:

curl "https://hub.dpay.pl/api/v1/verifications/{id}/transactions?per_page=100&page=2" \
-H "Authorization: Bearer deid_live_xxx"

Security and GDPR

Sensitive financial data

Transaction data is particularly sensitive under the GDPR. You must:

  • Store it encrypted with AES-256 or stronger encryption
  • Limit access to the minimum necessary through RBAC
  • Maintain an access audit log
  • Apply strict retention rules and delete the data as soon as it is no longer needed
  • Clearly explain in your privacy notice how long you retain financial data

See also PII for general GDPR guidance.