Just so you know, further examples and descriptions apply only to CARD-PAYMENT operation imports without transaction monitoring.

This section provides information how to submit operation (transaction) details to our database and is focused to those operations which don’t require to perform transaction monitoring. It includes examples of API requests with mandatory and optional fields, a comprehensive list of all available fields, common responses and error descriptions.

HTTP Method: POST

Path: {{baseUrl}}/amlyze-ws-rest/operation

ContentType: application/json

Authorization: Bearer Token

API requests examples

Fields

communicationNumber
string
required

Unique number of communication. This field can store up to 256 characters.

Example: ComNr_01_TEST

requester
string
required

Name of the system requesting web service.

Example: Amlyze

businessUnit
string from classifier list

❗Mandatory field for clients utilizing a multi-organizational solution. Omit this parameter unless instructed about it.

It serves to specify the unique identifier for the business unit. Business units are logical groupings of users and data. Each business unit can have its own set of users, permissions, and data access rules.

Example: BUSINESS_UNIT_NAME

operationExtId
string
required

External identifier of operation.

Example: Op_01_CARD_TEST

operationType
string
required

Notifies about which kind of operation type was performed.

Value: CARD_PAYMENT

cardOperationSubType
string from classifier list
required

Card operation subtype code. These field values are configurable individually.

Common examples: [CARD_PURCHASE, CARD_ACCOUNT_FUNDING_TRANSACTION, CARD_PAYMENT_CREDIT CARD_REFUND]

Example: CARD_PURCHASE

riskManagementCategory
string from classifier list
required

Code of risk management category of the object. Value must be from a classifier list personalized to your company.

Example: OP_TRANSFER

sourceOfRiskLevel
string
required

The value IMPORT is to be used for migration purposes only – the transaction be imported without risk assessment.

Value: IMPORT

operationStatus
string from enum
required

Operation result either it was successfully executed, or the operation was rejected.

Enum class values: EXECUTED, REJECTED

Example: EXECUTED

riskLevel
string from enum

The risk level of imported operation.

Enum class values: NONE, LOW, MEDIUM, HIGH, EXTREME

Example: LOW

operationDateTime
date
required

The operation date and time show when the operation proceeded.

Example: 2024-08-16T13:00:00Z

sourceCountry
string from classifier list

Country rom where the operation was initiated.

Example: LT

destinationCountry
string from classifier list

Country of operation’s destination.

Example: LT

currency
string from classifier list
required

International currency code.

Value: EUR

amount
BigDecimal
required

Amount of money sent in an operation.

Example: 1499

euroExchangeRate
BigDecimal

❗Mandatory if currency is not EUR. Not Used when currency is EUR.

Euro exchange rate for other than Eur currency.

Example: 0.93

amountInEuro
BigDecimal

❗Mandatory if currency is not EUR. Not Used when currency is EUR.

Amount of money in euro currency.

Example: 1499

financialFlowDirection
string from enum
required

Refers to the movement of money between entities or accounts.

Enum class values: INCOMING, OUTGOING

Direction INCOMING, your customer is CREDITOR, direction OUTGOING, your customer is DEBTOR.

Example: INCOMING

initializeScreeningProcesses
list[]

Defines which lists to check during screening process. Strings of the list are noted in the dropdown below.

Example: PEP, ADVERSE_MEDIA

description
string
required

The purpose of payment is saved under description.

Example: Invoice '02'

ipAddress
string

The IP address of the operation.

Example: xxx.zzz.yyyy.www

ipAddressCountry
string from classifier list

Country of an IP address of the operation.

Example: LT

terminalExtId
string

External identifier of the terminal.

Example: t_extid_145

terminalCode
string

External code of terminal.

Example: 57455

merchantExtId
string

External identifier of the seller-mediator.

Example: External_0112

merchantCode
string

External identifier of the seller-mediator.

Example: 5541

merchantDescription
string

Seller-mediator description.

Example: Ecommerce merchants

merchantName
string

Name of the seller-mediator.

Example: Costco

merchantCountryCode
string from classifier list

Seller-mediator country code.

Example: ES

salesPointExtId
string

External identifier of the sales point.

Example: S_extid_0145

salesPointCode
string

External code of the sales point.

Example: 54574

listOperationParty
list[]
required

List of entities that belong to one operation. Fields of the list are described in the dropdown below.

cardNumber
string

Card number written on the card.

Example: 4720582145647937

cardValidTill
string

Card date of expiration written on the card.

Example: 2025-06-07

cardHolderName
string

Name written on the card.

Example: Eduardo Rodrigues

List of possible responses

This part lists common responses after the submission of the request.

200 OK
  "resultType": "REQUEST_ACCEPTED"


400 Bad Request
    "resultType": "REQUEST_REJECTED",
    "errorCode": "O001",
    "errorDescription": "CommunicationNumber already used in amlyze"


404 Not Found
    "timestamp": "2024-05-26T16:49:50.237+00:00",
    "status": 404,
    "error": "Not Found",
    "path": "/amlyze-ws-rest/opeation" --> mistake inside the endpoint


500 Internal Server Error
  "resultType": "REQUEST_REJECTED"
  "status": 500,
  "error": "Internal Server Error"

List of possible errors

This section lists the possible errors that can occur when making a bad operation request to the API. A bad request is a request that somehow does not follow the API specifications.

Error Description
DestinationCountry is mandatory, check country classifier codes for allowed values.
Amount is mandatory and must be greater than 0.
Despite currency = EUR, AmountInEur differs from Amount.
AmountInEur is mandatory and must be greater than 0.
EuroExchangeRate is mandatory and must be greater than 0.
For non-INTERNAL operation, financialFlowDirection value cannot be ‘NULL’.
Description is mandatory.
Invalid MerchantCountryCode.
RiskManagementCategory is mandatory.
RiskManagementCategory does not exist in Amlyze.
RiskManagementCategory does not support Operation.
Account registered to your institution; Account found in Amlyze, but customer not found in Amlyze.
entityType mismatch in operationParty[” + i + ”]: Amlyze customer has different entity type to operation one.
For INCOMING operation, your customer party role must be CREDITOR.
For OUTGOING operation, your customer party role must be DEBTOR.
operationType ” + operationType.getCode() + ” is not defined in Amlyze. Check Operation type classifier for available values.
Problem with operation party (index: ” + i + ”).
Invalid FinancialFlowDirection: Your institution DEBTOR found for INCOMING operation.
Invalid FinancialFlowDirection: Your institution CREDITOR found for OUTGOING operation.
OperationParties must contain CREDITOR.
OperationParties must contain DEBTOR.
Invalid operation party count. Range: min 1, max 4.
Invalid count of operation parties for ” + operationType.getCode() + ” operationType.
For ‘PIS’ operation, only creditor can be provided.
No operation party account related to your institution BIC, or Customer.
Invalid count of your institution operation parties for ” + operationType.getCode() + ” operationType.
Tenant header ’” + securityOwnerService.getHeaderTenantCode() + ”’ is mandatory.
Business unit is mandatory.
Tenant ’” + tenantCode + ”’ business unit ’”+ businessUnitCode +”’ does not exist.
CommunicationNumber is mandatory.
Requester is mandatory.
SourceOfRiskLevel is mandatory, allowed values: IMPORT / EVALUATE.
OperationExtId is mandatory.
OperationType is mandatory.
Problem with OperationType (INVALID): INVALID is not defined in Amlyze. Check Operation type classifier for available values.
Currency is mandatory, check Currency classifier codes for allowed values.
SourceCountry is mandatory, check country classifier codes for allowed values.
Problem with OperationType (SEPA): Problem with OperationParties. No operation party account related to your institution BIC or Customer.
Problem with OperationType (SEPA): Invalid count of your institution operation parties for SEPA operationType.
CARD operation import - with transaction monitoringCARD-PAYMENT operation import - with transaction monitoring