Get FI Data XML
Data Management
Get FI Data XML
Retrieve comprehensive transaction details and account information for a specific linked account in XML format, designed for systems requiring structured XML data processing.
POST
Get FI Data XML
Overview
The Get FI Data XML API retrieves detailed transaction history and account information for a single financial account that has been linked through an approved consent, delivering the response in XML format. This endpoint is functionally identical to the Get FI Data API but provides XML-formatted output instead of JSON, making it suitable for integrations with legacy systems, XML-based ETL pipelines, or applications that have native XML processing capabilities.This API returns the same data as the Get FI Data endpoint but formatted as XML. If your application can process JSON, we recommend using the JSON endpoint for better performance and easier parsing. Choose this XML endpoint only when XML format is a specific requirement of your integration architecture.
Use Cases
This API is particularly useful for:- Legacy system integrations: Enterprise applications built on older technology stacks that have established XML processing infrastructure and cannot easily adopt JSON parsing.
- XML-based ETL pipelines: Data warehouse and analytics systems that use XML as a standard interchange format for ingesting financial data from multiple sources.
- SOAP web service integrations: Applications that operate within SOAP-based architectures where XML is the native data format for all service communications.
- Regulatory reporting systems: Compliance and reporting platforms that require XML-formatted financial data to meet specific regulatory filing requirements.
- Financial data transformation workflows: Systems that apply XSLT transformations or XML schema validation as part of their data processing pipelines.
Authentication
All requests to this endpoint must include the following authentication headers:| Header | Type | Required | Description |
|---|---|---|---|
client_id | string | Yes | The unique client identifier assigned to your organization during onboarding. This value is available in the FinPro admin portal. |
client_secret | string | Yes | The confidential client secret key paired with your client_id. Store this securely and never expose it in client-side code. |
organisationId | string | Yes | Your organization’s unique identifier in the FinPro system, used to scope all API requests to your tenant. |
appIdentifier | string | Yes | The application identifier that distinguishes different applications within your organization, useful for multi-product setups. |
Content-Type | string | Yes | Must be set to application/json for the request body. Note that while the request uses JSON, the response will be in XML format. |
HTTP Request
Request Parameters
| Parameter | Type | Required | Validation | Description |
|---|---|---|---|---|
consentID | string | Yes | Must be a valid GUID (Globally Unique Identifier) provided by the Account Aggregator after consent approval. | The unique identifier for the consent record under which this account is linked. The consent must be in ACTIVE status to retrieve data. |
linkReferenceNumber | string | Yes | Must be a valid UUID that exists in the system and is associated with the specified consent ID. | The unique identifier for the specific financial account you want to retrieve data for. This value is obtained from webhook notifications or previous API responses when accounts are linked. |
Request Body Example
Response Format
Success Response
A successful response returns an XML-formatted document containing comprehensive account information and transaction details for the requested account. The response structure mirrors the JSON format but uses XML elements and attributes.Response Parameters
| Parameter | Type | Required | Description | Supported Values |
|---|---|---|---|---|
status | string | Yes | Indicates whether the request was processed successfully. | success, failure |
ver | string | Yes | The version number of the API specification being used in this response. | e.g., “1.21.0” |
data | object | Yes | The main data container holding all account and transaction information. | Data object |
data.linkReferenceNumber | string | Yes | The unique identifier for this linked account, matching the value provided in the request. | UUID format |
data.maskedAccountNumber | string | Yes | The account number with most digits masked for security and privacy purposes, typically showing only the last 4 digits. | e.g., “XXXXXXXX3900” |
data.balance | string | Yes | The current account balance as of the most recent data fetch, represented as a string to preserve decimal precision. | Numeric string (e.g., “101666.33”) |
data.fipName | string | Yes | The name of the Financial Information Provider (FIP), which is typically the bank or financial institution holding the account. | Institution name string |
data.fipId | string | Yes | The unique identifier for the Financial Information Provider in the Account Aggregator ecosystem. | FIP identifier (e.g., “finsharebank”) |
data.fiType | string | Yes | Categorizes the type of financial information being shared from this account. | DEPOSIT, TERM_DEPOSIT, TERM-DEPOSIT, RECURRING_DEPOSIT |
data.fiData | array | Yes | A collection of transaction elements, each representing a single financial transaction on the account. | Array of transaction objects |
data.fiData.transactionTimestamp | string | Yes | The exact date and time when the transaction was processed by the financial institution. | ISO 8601 timestamp format |
data.fiData.txnId | string | Yes | The unique transaction identifier assigned by the financial institution, useful for transaction tracking and reconciliation. | Transaction ID string |
data.fiData.type | string | Yes | Indicates whether money was added to or removed from the account. | CREDIT, DEBIT |
data.fiData.amount | string | Yes | The transaction amount in the account’s base currency, represented as a string to maintain precision. | Numeric string (e.g., “5000.00”) |
data.fiData.balance | string | Yes | The account balance immediately after this transaction was processed, essential for balance reconciliation and verification. | Numeric string |
data.fiData.mode | string | Yes | The payment method or channel through which the transaction was executed. | CASH, UPI, IMPS, NEFT, RTGS, CARD, ATM, CHEQUE, DEMAND_DRAFT, AUTO_DEBIT, INTEREST_CREDIT, NACH, ECS, REMITTANCE, OTHERS |
data.fiData.narration | string | Yes | A descriptive text provided by the financial institution explaining the transaction purpose or source/destination details. | Free-form text string |
data.fiData.reference | string | Yes | Additional reference information such as cheque numbers, UPI transaction IDs, or other institution-specific identifiers. | Reference string |
data.fiData.valueDate | string | Yes | The effective date when the transaction amount was actually credited or debited for interest calculation purposes, which may differ from the transaction timestamp. | Date string (YYYY-MM-DD format) |
Response Example
Error Handling
Error Response Format
When an error occurs during request processing, the API returns an XML-formatted error response containing diagnostic information to help identify and resolve the issue.| Field | Type | Required | Description |
|---|---|---|---|
ver | string | Optional | The API version number, included when the error occurs after version validation. |
timestamp | string | Optional | The exact time when the error was encountered, useful for log correlation and debugging. |
errorCode | string | Optional | A machine-readable error identifier that categorizes the type of failure encountered. |
errorMsg | string | Optional | A human-readable description of the error, providing context about what went wrong and potentially how to fix it. |
status | string | Optional | Set to “failure” to indicate the request did not complete successfully. |
Common Error Codes
| Error Code | Error Message | Description | Resolution |
|---|---|---|---|
InvalidRequest | ”consentID is required” or “linkReferenceNumber is required” | One or both mandatory parameters are missing from the request body. | Ensure both consentID and linkReferenceNumber are included in the request body. |
InvalidConsentId | ”Consent ID does not exist” | The provided consent ID is not found in the system or belongs to a different organization. | Verify the consent ID is correct and was successfully created for your organization. |
InvalidLinkReference | ”Link Reference Number does not exist” or “Link Reference Number not associated with this consent” | The linkReferenceNumber is invalid or doesn’t belong to the specified consent. | Check that the linkReferenceNumber was obtained from a webhook notification or API response for this specific consent. |
ConsentNotActive | ”Consent is not in active state” | The consent has been paused, revoked, or expired, preventing data access. | Check the consent status and obtain a new consent approval if needed. |
DataNotAvailable | ”Financial data not available” | The FIP has not yet provided data for this account, or data fetch is still in progress. | Wait for the DATA_READY webhook notification before attempting to retrieve data. |
Unauthorized | ”Invalid credentials” | The authentication headers are incorrect, missing, or the credentials have expired. | Verify your client_id, client_secret, organisationId, and appIdentifier are correct and active. |
RateLimitExceeded | ”Too many requests” | The API rate limit has been exceeded for your organization. | Implement exponential backoff and reduce request frequency. Check rate limit headers in the response. |
Error Response Example
Supported Account Types
This API supports data retrieval for the following account types:- Current Account (DEPOSIT): Business or high-transaction-volume checking accounts with no balance restrictions.
- Savings Account (DEPOSIT): Personal deposit accounts that typically earn interest and have transaction limits.
- Fixed Deposit (TERM_DEPOSIT or TERM-DEPOSIT): Time-bound deposits with fixed interest rates and maturity dates.
- Recurring Deposit (RECURRING_DEPOSIT): Regular installment-based deposits that build savings over time with predefined contributions.
TERM_DEPOSIT and others using TERM-DEPOSIT (hyphenated). Your XML parsing logic should handle both variations.
Usage Notes and Best Practices
XML Processing Considerations
- The response is a well-formed XML document that can be parsed using standard XML parsing libraries (DOM, SAX, or StAX parsers depending on your technology stack).
- Implement robust XML parsing with proper error handling for malformed XML, unexpected elements, or missing required fields.
- Consider using XML schema validation (XSD) if you need strict validation of the response structure against expected format specifications.
- For large transaction datasets, consider using streaming XML parsers (SAX or StAX) rather than loading the entire document into memory (DOM) to improve performance and reduce memory consumption.
Character Encoding and Special Characters
- The XML response uses UTF-8 encoding to support international characters in narration fields, account holder names, and other text content.
- Ensure your XML parser is configured to handle UTF-8 encoding correctly to prevent character corruption issues.
- Transaction narration fields may contain special characters (ampersands, quotes, angle brackets) that will be properly XML-escaped in the response; your parser should handle these automatically.
Consent and Account Linking Prerequisites
- Before calling this API, ensure that you have received a DATA_READY webhook notification for the specific linkReferenceNumber you want to query.
- The linkReferenceNumber is generated and provided by the Account Aggregator when a user successfully links an account during the consent approval flow.
- Store linkReferenceNumber values from webhook notifications in your database, indexed by consent ID, to enable efficient data retrieval.
Data Freshness and Timing
- The data returned reflects the information available at the time of the last successful data fetch from the Financial Information Provider (FIP).
- For PERIODIC consents, data is refreshed according to the fetch frequency configured in your consent template (e.g., daily, weekly).
- For ONETIME consents, data represents a snapshot at the time of consent approval and will not update automatically.
- Transaction timestamps indicate when transactions were processed by the FIP, which may be different from when the data was fetched and made available through this API.
Transaction Data Characteristics
- Transactions within the
<fiData>element are typically ordered reverse chronologically (most recent transactions first), though ordering should be verified by examining transactionTimestamp values. - The
<balance>field within each transaction element shows the running balance after that specific transaction, enabling you to verify transaction sequences and detect any missing transactions. - The
<mode>field provides standardized payment method codes, but the specific codes available depend on what the FIP includes in their data; not all modes may be present for all transactions. - The
<narration>field contains unstructured text that varies significantly in format and content across different banks; implement pattern matching or natural language processing to extract meaningful information like merchant names or transaction purposes.
XML Response Size and Performance
- XML format typically produces larger payloads compared to equivalent JSON data due to verbose tag naming and closing tags, resulting in higher bandwidth usage and potentially slower network transfer times.
- Consider implementing response compression (gzip) at the HTTP layer to reduce bandwidth consumption, especially for accounts with extensive transaction histories.
- For very large transaction sets, consider implementing pagination logic at the application level by making multiple API calls with date ranges, though this may require coordination with FinPro support to configure date-filtered queries.
XML to Database Mapping
- Design your database schema to accommodate the hierarchical structure of XML data, particularly the repeating
<transaction>elements within<fiData>. - Implement transformation logic to flatten XML hierarchy into relational database tables, maintaining foreign key relationships between account-level data and transaction records.
- Consider storing the raw XML response in addition to parsed data to preserve the original format for auditing, compliance, or reprocessing needs.
Error Handling and Validation
- Implement XML schema validation against the expected response structure to catch format changes or unexpected data anomalies early in your processing pipeline.
- Parse error responses separately from success responses, checking the
<status>element value before attempting to extract data elements. - Log both successful and failed API responses with full XML content (sanitizing sensitive data) to facilitate debugging and support escalation.
Comparison with JSON Endpoint
- Performance: JSON endpoints typically have slightly better performance due to smaller payload sizes and more efficient parsing in modern programming languages.
- Compatibility: XML endpoints provide better compatibility with legacy systems and enterprise integration platforms that have mature XML processing capabilities.
- Development effort: JSON is generally easier to work with in modern application development, with simpler parsing and better integration with contemporary frameworks.
- Choose XML when: Your integration architecture specifically requires XML format, you have existing XML processing infrastructure, or regulatory requirements mandate XML data formats.
- Choose JSON when: You’re building new integrations, performance is critical, or your development stack has strong JSON support.
Compliance and Data Security
- Financial transaction data contains sensitive personal information; ensure compliance with data protection regulations (GDPR, DPDPA, etc.) in how you store and process XML responses.
- Implement data retention policies aligned with regulatory requirements and securely delete XML files when they are no longer needed or consent is revoked.
- Use encrypted storage for cached XML data and ensure secure transmission (TLS 1.2+) for all API communications.
- Sanitize XML content before logging to prevent exposure of sensitive account numbers, transaction details, or personal information in log files.
Related Endpoints
- Get FI Data: Provides the same transaction data in JSON format, recommended for most modern integrations due to better performance and easier parsing.
- Get All FI Data: Retrieves transaction data for all accounts linked to a consent in a single API call, available in JSON format.
- Get All Latest Data: Fetches only incremental updates for PERIODIC consents, optimizing bandwidth and processing for regularly updated data (JSON format).
- Get FI Balance: Retrieves only the current balance for an account without transaction details, ideal for dashboard displays and quick balance checks (JSON format).