Account Aggregator V2 - Refresh Data

Endpoint Overview

POST /api/v1/account-aggregator-v2/refresh-data

Description

The Account Aggregator V2 Refresh Data API enables developers to trigger a refresh of financial data from connected accounts through the Account Aggregator framework. This endpoint initiates a data refresh process for a specific client, ensuring that the most up-to-date financial information is available for analysis and processing. The API is designed to work within the Account Aggregator ecosystem, providing seamless integration for fintech applications requiring real-time financial data updates.

Key Benefits

Real-time Data Updates: Ensures financial data is current and accurate for decision-making

Seamless Integration: Works within the established Account Aggregator framework

Asynchronous Processing: Returns a request ID for tracking the refresh process

Reliable Performance: Built for high-volume financial data operations

Use Cases

Fintech & Banking

Wealth Management

Insurance & Risk

Loan underwriting processes requiring the latest financial statements

Credit scoring updates when borrower financial status changes

Investment advisory services needing current portfolio data

Personal finance management apps syncing account balances

Technical Implementation

Authentication

All API requests require authentication using a JWT Bearer token. Authentication follows these steps:

Obtain API Credentials: Register with Surepass to receive your API key.

Generate JWT Token: Use your API key to generate a JWT token.

Include in Requests: Add the token to the Authorization header as Bearer TOKEN.

Different authentication tokens are used for sandbox and production environments:

Sandbox: https://sandbox.surepass.app

Production: https://kyc-api.surepass.app

Request Parameters

Request Headers

Header	Required	Description
Authorization	Yes	Bearer JWT token for API authentication
Content-Type	Yes	Must be set to `application/json`

Request Body

Parameter	Type	Required	Description
client_id	String	Yes	Unique identifier for the Account Aggregator V2 client session

Example Request

{
  "client_id": "account_aggregator_v2_oOxRfypvwDqMjti"
}

Process Response

Response Parameters

Parameter	Type	Description
data	Object	Contains the response data with request tracking information
data.request_id	String	Unique identifier for tracking the refresh data request
status_code	Number	HTTP status code indicating the result of the request
message_code	String	Internal status code for the operation
message	String	Human-readable message describing the operation result
success	Boolean	Indicates whether the request was processed successfully

Example Successful Response

{
  "data": {
    "request_id": "account_aggregator_v2_ojmzgkXAqwzTk"
  },
  "status_code": 200,
  "message_code": "success",
  "message": "Success",
  "success": true
}

Possible Error Responses

Invalid Client ID

Authentication Error

{
  "data": null,
  "status_code": 400,
  "message_code": "invalid_client_id",
  "message": "Invalid or expired client ID provided",
  "success": false
}

Client ID is either malformed, expired, or doesn't exist in the system.

Integration Best Practices

Security Recommendations

Store JWT tokens securely and implement proper token refresh mechanisms

Use HTTPS for all API communications to protect sensitive financial data

Implement request rate limiting to prevent API abuse

Log all API interactions for audit and compliance purposes

User Experience Guidelines

Implement proper loading states while data refresh is in progress

Provide clear feedback to users about the refresh process status

Handle network timeouts gracefully with appropriate retry mechanisms

Use the request_id to track and display refresh progress to end users

Code Samples

cURL

Python

Node.js

Related APIs

Account Aggregator V2 Status Check: Monitor the progress of data refresh requests using the returned request_id
Account Aggregator V2 Data Retrieval: Fetch the refreshed financial data once the refresh process is complete
Account Aggregator V2 Session Management: Manage client sessions and connection status

Compliance and Legal Considerations

This API operates within the Account Aggregator framework governed by RBI guidelines. Ensure proper user consent is obtained before initiating data refresh operations. All data handling must comply with applicable data protection regulations including GDPR and local privacy laws. Maintain audit trails for all data refresh activities for regulatory compliance.

Provide your bearer token in the

Authorization

header when making requests to protected resources.

Example:

Authorization: Bearer ********************

curl --location --request POST 'https://kyc-api.surepass.app/api/v1/account-aggregator-v2/refresh-data' \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data-raw '{ "client_id": "account_aggregator_v2_oOxRfypvwDqMjti" }'

Refresh Data

Account Aggregator V2 - Refresh Data#

Description#

Use Cases#

Technical Implementation#

Request Headers#

Request Body#

Example Request#

Response Parameters#

Example Successful Response#

Possible Error Responses#

Integration Best Practices#

Code Samples#

Request

Responses