For any question, we are one click away

Contact us

Banking API v.2

The BPC Sandbox (further "Sandbox") is a sandbox test environment that allows you to try API and evaluate payment functionality.

Please take into consideration that Sandbox doesn't affect your banking networks, i.e. payments with virtual cards issued with Sandbox and other transactions related to live data (real money) do not take place in the Sandbox environment.

A productive environment must be used to interact with live data.

Start working with the API Sandbox by creating an account or logging in.

 

Get Started

Use Sandbox to try basic card management functions, such as: registering cardholders, issuing cards, setting card limits, transferring funds, etc.

Before you start using Sandbox, you need to create a Sandbox account and obtain an API security Token.

An API security Token gives authorization access to Sandbox API.

Sandbox "Main" page contains account information for Sandbox API, such as:

Add a custom HTTP header field "X-API-KEY" with API security Token to your HTTP requests, for example:

X-API-KEY: YWdyYWRvYm9pbm92Omh6bG1lTTg

API Reference

You can find a full technical API Reference here.

Postman collection example

You can download Postman collection of API requests to test some basic card management functions of Sandbox.

Download Postman collection

Postman collection API settings:

Sandbox specifics and restrictions

Sandbox is a test environment, there are some features and limitations that may not be present in a production environment.

Sandbox returns a Request-id header in the Response (contains unique identifier of your request, may help with technical support).

Limitations:

Banking API v.2 Use Cases

Using the Sandbox API, you can perform various use cases: issuing and working with virtual cards, receiving detailed information on transactions and etc., as well as financial services (issuing, managing and distribution of payment cards) too.

To test Sandbox API functionality, we suggest the following use case:

  1. Create two cardholders (this function automatically creates accounts for these cardholders).
  2. Issue a virtual card for the cardholders;
  3. Set the spending limits of the card;
  4. Top-up one of the issued cards;
  5. Check the account balance of the card;
  6. Perform transfer(s) between cards of different cardholders;
  7. Get a list of transfers, filtered by debited card, then by credited card;
  8. Block a card.

Create a cardholder

Cardholder is main entity (individual or business) that cards can be issued to. Create a new Cardholder resource with POST /cardholders request.

Cardholder is a top-level resource, so this must be the first step in the business use case. When creating a Cardholder, corresponding Primary (default) card account being created for this cardholder. Required parameters for creating a Cardholder: billingAddress (country, postalCode), firstName, lastName, phoneNumber. You may specify additional optional fields for a Cardholder, or you can try to update Cardholder resource with new data later. See documentation for detailed Cardholder resource schema (you will need "for updating" option).

Request

curl --location --request POST 'https://dev.bpcbt.com/v2/cardholders' \
--header 'X-API-KEY: YOUR_TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
"billingAddress": {
    "city": "Budapest",
    "country": "HU",
    "line1": "Szabadsag ter",
    "line2": "9",
    "postalCode": "1850",
    "state": "Budapest"
},
  "email": "d@harrxample.com",
  "phoneNumber": "123123123",
  "firstName": "Harry",
  "lastName": "Waters",
  "dateOfBirth": "1998-03-24",
  "verification": {
    "idType": "passport",
    "documentId": "1111111111"
  },
  "status": "active"
}'
POST

{ "billingAddress": { "city": "Budapest", "country": "HU", "line1": "Szabadsag ter", "line2": "9", "postalCode": "1850", "state": "Budapest" }, "email": "d@harrxample.com", "phoneNumber": "123123123", "firstName": "Harry", "lastName": "Waters", "dateOfBirth": "1998-03-24", "verification": { "idType": "passport", "documentId": "1111111111" }, "status": "active" }

Response

{
    "id": "3269_1640686122656",
     "billingAddress": {
        "city": "Budapest",
        "country": "HU",
        "line1":"Szabadsag ter",
        "line2":"9",
        "postalCode": "1850",
        "state":"Budapest"
    },
    "email": "harry@example.com",
    "phoneNumber": "123123123",
    "firstName": "Harry",
    "lastName": "Waters",
    "dateOfBirth": "1998-03-24",
    "verification": {
        "idType": "passport",
        "documentId": "1111111111"
    },
    "status": "active"
}

You also may fetch created resource using GET cardholders/{id} API request. Repeat this step to register another cardholder. When perform P2P transfers, both card accounts will be involved.

Issue virtual cards

When you are done with cardholders, you may start issuing virtual cards for the Cardholders. Create new virtual card and assign it to a Cardholder. Virtual cards are issued in "active" state, there is no need in special activation procedure.

Required parameters for issuing virtual cards:

Field Description
productName Card product name (The request must include:"Visa"). At the moment, Sandbox is configured to issue only "Visa Classic" virtual cards. In the future, the list of card products can be expanded.
cardholder Unique identifier of the cardholder object. Take the value from first step, when you create a cardholder.

Request

curl --location --request POST 'https://dev.bpcbt.com/v2/cards' \
--header 'X-API-KEY: YOUR_TOKEN' \
--header 'content-type: application/json' \
  --data-raw '{
    "productName": "VISA Classic",
    "cardholder": "3269_1640686122656"
}'
POST

{ "productName": "VISA Classic", "cardholder": "{id from /cardholders response}" }

Response

{
    "id": "100000007847",
    "status": "active",
    "productName": "Visa Classic",
    "cardholder": "3269_1640686122656",
    "account": {
        "accountNumber": "3556978700000000037", 
        "balance": 0,
        "currency": "EUR"
    },
    "embossedName": "",
    "expiryDate": "202512",
    "numberMask": "414364******8601",
    "creationDate": "2022-02-02T12:32:07",
    "blockingDate": "",
    "pinDenialCounter": "0",
    "spendingLimits": [
        {
            "amount": 1234,
            "interval": "daily"
        },{
            "amount": 123450,
            "interval": "monthly"
        }
    ]
}

Sandbox returns new virtual Card resource in the response body.

Repeat API request to create virtual card for another Cardholder. You need at least 2 card accounts to make transfers between them.

Spending limits

Virtual cards are issued with spending limits (day limit: 1,000.00 EUR and card purchase month limit: 10,000.00 EUR). You can change a spending limit on the cards. Spending limits define limits amount of spending over interval of time. Setting spending limits is a card resource updating request.

The following card parameters can be updated:

For card updating, only one card parameter can be updated with one request. Updating spending limits with only one request, the other field will not be updated, see the API Reference for details.

Please note that pin and reissueCard are not Card resource fields. They are only available in update request and you will never see them in Card resource itself.

Also, there is some specificity when you change card status. These are described in Card blocking use case. To set card spending limits, specify spendingLimits parameter in your update request. You can set or change as many different limits in one request as you want. Some limits may be already set upon card creating - it depends on Sandbox settings.

Request

curl --location --request PATCH 'https://dev.bpcbt.com/v2/cards/{cardId}' \
--header 'X-API-KEY: YOUR_TOKEN' \
--header 'content-type: application/json' \
--data-raw '{
  "spendingLimits": [
    {
      "amount": 123035,
      "interval": "monthly"
    },{
      "amount": 12130,
      "interval": "daily"
    }
  ]
}'
PATCH

{ "spendingLimits": [ { "amount": 123035, "interval": "monthly" },{ "amount": 12130, "interval": "daily" } ] }

Response

{
    "id": "100000007847",
    "status": "active",
    "productName": " Classic",
    "cardholder": "3269_1640686122656",
    "account": {
        "accountNumber": "3556978700000000037", 
        "balance": 0,
        "currency": "EUR"
    },
    "embossedName": "",
    "expiryDate": "202512",
    "numberMask": "414364******8601",
    "creationDate": "2022-02-02T12:32:07",
    "blockingDate": "",
    "pinDenialCounter": "0",
    "spendingLimits": [
        {
            "amount": 12130,
            "interval": "daily"
        },{
            "amount": 123035,
            "interval": "monthly"
        }
    ]
}

Top-up the card

To perform card-to-card transfers, you need to add funds to the card account. Card top-up is Sandbox-only operation which allows you add funds. You will need to specify destinationCard destination card number, amount amount (in smallest currency units) and currency currency. Remember that full card number is only available via GET /cards/{id} method, and the only currency available in Sandbox is EUR.

The following request will add 125 EUR to a card account:

Request

curl --location --request POST 'https://dev.bpcbt.com/v2/topups' \
--header 'X-API-KEY: YOUR_TOKEN' \
--header 'content-type: application/json' \
  --data amount=12500 \
  --data currency=EUR \
  --data destinationCard=array \
  --data cardNumber=4143640071118601
POST

{ "amount": 12500, "currency": "EUR", "destinationCard": { "cardNumber": "{number from GET /cards/{id} response}" } }

Response

{
    "id": "662691",
    "amount": 12500,
    "currency": "EUR",
    "destinationCard": {
        "cardNumber": "4143640071118601"
    },
    "creationDate": "2022-02-04T13:14:27",
    "status": "approved",
    "statusMessage": "",
    "rrn": "000000348182"
}

The response contains newly created Top-up, which represents financial transaction information.

Check card account balance

After successful top-up request you may check that card account balance has changed. Use GET /cards/{id} request to get card account balance.

Request

curl --location --request GET 'https://dev.bpcbt.com/v2/cards/100000000012' \
--header 'X-API-KEY: YOUR_TOKEN'
GET

Response

{
  "id": "100000007847",
  "status": "blocked",
  "productName": " Classic",
  "cardholder": "3269_1640686122656",
  "account": {
    "accountNumber": "3556978700000000037",
    "balance": 143800,
    "currency": "EUR"
  },
  "embossedName": "",
  "expiryDate": "202512",
  "numberMask": "414364******8601",
  "number": "4143640071118601",
  "cvc": "245",
  "creationDate": "2022-02-02T12:32:07",
  "blockingDate": "2019-08-24T14:15:22",
  "pinDenialCounter": "2",
  "spendingLimits": [
    {
      "amount": 1234,
      "interval": "daily"
    },
    {
      "amount": 123450,
      "interval": "monthly"
    }
  ]
}

Issuing transactions (transfer between cards)

You can try card-to-card (P2P) funds transfer. Basically, all you need is to specify source card, destination card, and amount. To make a P2P transfer, you will need virtual card number (PAN). This information on previously issued virtual cards can be obtained using the GET cards/{id} request.

The next example will transfer 12 EUR to another cardholder (we assume that source card is the one you replenished in previous step, and destination card is the card of second cardholder).

Request

curl --location --request POST 'https://dev.bpcbt.com/v2/transfers' \
--header 'X-API-KEY: YOUR_TOKEN' \
--header 'content-type: application/json' \
--data-raw '{
  "amount": 1200,
  "currency": "EUR",
  "sourceCard": {
    "cardNumber": "4143640071118601",
    "expiryDate": "202502"
  },
  "destinationCard": {
    "cardNumber": "4143640037674631"
  }
}'
POST

{ "amount": 1200, "currency": "EUR", "sourceCard": { "cardNumber": "{number from GET /cards/{id} response}", "expiryDate": "{expiryDate from GET /cards/{id} response}" }, "destinationCard": { "cardNumber": "{number from GET /cards/{id} response}" } }

Response

{
    "id": "407930",
    "amount": 1200,
    "currency": "EUR",
    "sourceCard": {
        "cardNumber": "4143640071118601",
        "expiryDate": "202502"
    },
    "destinationCard": {
        "cardNumber": "4143640037674631"
    },
    "creationDate": "2022-03-17T12:07:04",
    "status": "approved",
    "statusMessage": "",
    "rrn": "000000407928"
}

The response contains newly created P2P transfer object, which represents financial transaction information. It is much like Top-up resource, except that source card parameter is added. Repeat this step few times, transferring funds from one account to another and vice versa. Try to transfer amount greater that source account balance to see operation status.

Get list of transfers

After you perform some P2P transfers between accounts, you can request the list of transfers by source or destination card. When requesting Transfer resource collection, you should use cardNumberFltr query parameter, which is required. Also you may include in query parameters another optional filters:

Request

curl --location --request GET 'https://dev.bpcbt.com/v2/transfers?periodStartFltr=2024-12-12&periodEndFltr=2024-12-13&cardNumberFltr=4143640071118601' \
--header 'X-API-KEY: YOUR_TOKEN' \
GET

Response

{
    "transfers": [
        {
            "id": "407930",
            "amount": 1200,
            "currency": "EUR",
            "sourceCard": {
                "cardNumber": "4143640071118601",
                "expiryDate": "202512"
            },
            "destinationCard": {
                "cardNumber": "4143640037674631"
            },
             "creationDate": "2022-03-17T12:07:04",
            "status": "approved",
            "statusMessage": "",
            "rrn": "000000407928"
        }, {
            "id": "407975",
            "amount": 15600,
            "currency": "EUR",
             "sourceCard": {
                "cardNumber": "4143640071118601",
                "expiryDate": "202512"
            },
            "destinationCard": {
                "cardNumber": "4143640037674631"
            },
            "creationDate": "2022-02-17T13:32:41",
            "status": "declined",
            "statusMessage": "Insufficient Funds ...",
            "rrn": "000000403548"
         }
    ]
}

When retrieving the list of transfers, each resource object is equal the one you saw when performed transfers.

Block card

Blocking a card is a Card resource update request.

Only one card parameter per request should be changed.

As for card status updating, there are some restrictions. When you change card status, not all combinations of current status and new status are possible:

Request

curl --location --request PATCH 'https://dev.bpcbt.com/v2/cards/100000007847' \
--header 'X-API-KEY: YOUR_TOKEN' \
--header 'content-type: application/json' \
--data-raw '{
  "status": "blocked"
}'
PATCH

{ "status": "blocked" }

Response

{
    "id": "100000007847",
    "status": "blocked",
    "productName": " Classic",
    "cardholder": "3269_1640686122656",
    "account": {
        "accountNumber": "3556978700000000037", 
        "balance": 12100,
        "currency": " EUR"
    },
    "embossedName": "",
    "expiryDate": "202512",
    "numberMask": "414364******8601",
    "creationDate": "2022-02-02T12:32:07",
    "blockingDate": "2022-03-08T15:04:22",
    "pinDenialCounter": "0",
    "spendingLimits": [
        {
            "amount": 12130,
            "interval": "daily"
        },{
            "amount": 123035,
            "interval": "monthly"
        }
    ]
}

After updating a Card resource you get a modified resource in the response. Now, when the card is blocked, try to make some transfers using this card and check the operation status.

Categories:
Banking API V2
Categories
Search results