Changelog
Last updated
Was this helpful?
Last updated
Was this helpful?
Stay up-to-date with the bunq API updates! !
Due to internal backend changes, all active installations created before April 9, 2019, will stop being validated (previously announced dates: January 15, 2020; April 8, 2020). To communicate with the bunq API again, .
The ShareInviteBankInquiry object is changing its name to ShareInviteMonetaryAccountInquiry on November 4th, 2020. Please plan on changing the ShareInviteBankResponse field to ShareInviteMonetaryAccountResponse in your integration on that date.
We are removing the following ShareDraftInquiry endpoints on November 4, 2020 (previously announced date: August 26, 2020)
/user/{userID}/draft-share-invite-bank/
/user/{userID}/draft-share-invite-bank/{itemId}
/user/{userID}/draft-share-invite-bank/{draft-share-invite-bankID}/qr-code-content
If your application is using Connect as an authentication method, please switch to OAuth by November 4, 2020.
We removed the /sandbox-user endpoint. You can use the following endpoints instead:
/sandbox-user-company
/sandbox-user-person
It is now possible to get a tracking link for the ordered card via the card_shipment_tracking_url field.
You can read how much money the card saved the user via the amount_saved_zero_fx field.
You can provide a more accurate card tracking experience via the updated list of possible card order statuses:
NEW_CARD_REQUEST_RECEIVED
CARD_REQUEST_PENDING
SENT_FOR_PRODUCTION
ACCEPTED_FOR_PRODUCTION
DELIVERED_TO_CUSTOMER
CARD_UPDATE_REQUESTED
CARD_UPDATE_PENDING
CARD_UPDATE_SENT
CARD_UPDATE_ACCEPTED
VIRTUAL_DELIVERY
NEW_CARD_REQUEST_PENDING_USER_APPROVAL
SENT_FOR_DELIVERY
NEW_CARD_REQUEST_CANCELLED
Requests with full request signatures stopped being validated on May 27, 2020 (previously announced date: April 28, 2020).
We introduced an OAUTH callback category. Use it to receive notifications on revoked OAuth connections.
We added the following resources for Slice group management:
We deprecated the ShareDraftInquiry object. The following endpoints will be removed on June 10, 2020:
/user/{userID}/draft-share-invite-bank/
/user/{userID}/draft-share-invite-bank/{itemId}
/user/{userID}/draft-share-invite-bank/{draft-share-invite-bankID}/qr-code-content
/sandbox-user-company
/sandbox-user-person
/user/{userID}/transferwise-currency
/user/{userID}/transferwise-quote-temporary
/user/{userID}/transferwise-quote-temporary/{transferwise-quote-temporaryID}
/user/{userID}/transferwise-user
/user/{userID}/transferwise-quote
/user/{userID}/transferwise-quote/(transferwise-quoteID)
/user/{userID}/transferwise-quote/{transferwise-quoteID}/transferwise-recipient
/user/{userID}/transferwise-quote/{transferwise-quoteID}/transferwise-recipient-requirement
/user/{userID}/transferwise-quote/{transferwise-quoteID}/transferwise-transfer-requirement
/user/{userID}/monetary-account/{monetary-accountID}/transferwise-quote/{transferwise-quoteID}/transferwise-transfer
Request signing became mandatory only for creating a session and creating a payment. The use of signing for other API requests is optional.
The following headers are now optional:
X-Bunq-Geolocation;
X-Bunq-Language (en_US is the default language setting for responses and error descriptions);
X-Bunq-Region (en_US is the default region for currency formatting);
X-Bunq-Request-Id.
create payment requests using the request-inquiry API resource;
create monetary accounts (bank, savings, and joint ones);
order cards;
manage cards.
We have deprecated additional encryption.
We removed the limit_card_debit_replacement field from /v1/user/{user_id}/limit and replaced it with limit_card_replacement.
We have removed creating push notifications through updating notification_filters in the User and MonetaryAccount objects.
Instead, we introduced separate endpoints for the callbacks and notifications.
/v1/user/{userID}/notification-filter-push
/v1/user/{userID}/notification-filter-url
/v1/user/{userID}/monetary-account/{monetary-accountID}/notification-filter-push
/v1/user/{userID}/monetary-account/{monetary-accountID}/notification-filter-url
NOTE: When used via OAuth, the created push notifications expire in 90 days.
We have removed the following share-invite-bank endpoints:
/user/{userID}/monetary-account/{monetary-accountID}/share-invite-bank-inquiry
/user/{userID}/monetary-account/{monetary-accountID}/share-invite-bank-inquiry/{itemId}
/user/{userID}/monetary-account/{monetary-accountID}/share-invite-bank-inquiry/{share-invite-bank-inquiryID}/amount-used/{itemId}
/user/{userID}/share-invite-bank-response
/user/{userID}/share-invite-bank-response/{itemId}
You can use the following endpoints instead:
/user/{userID}/monetary-account/{monetary-accountID}/share-invite-monetary-account-inquiry
/user/{userID}/monetary-account/{monetary-accountID}/share-invite-monetary-account-inquiry/{itemId}
/user/{userID}/monetary-account/{monetary-accountID}/share-invite-monetary-account-inquiry/{share-invite-monetary-account-inquiryID}/amount-used/{itemId}
/user/{userID}/share-invite-monetary-account-response
/user/{userID}/share-invite-monetary-account-response/{itemId}
If you are still signing full requests, please switch to .
We switched to .
We have deprecated the endpoint and will remove it on June 10, 2020. You can use the following endpoints instead:
We have added the following endpoints for creating international payments in :
to make your first non-euro payment.
We introduced . URL and headers do not need to be signed. Body signing completely replaced entire request signing on May 27, 2020 (previously announced date: April 28, 2020).
We extended the with the following permissions:
We have deprecated the signing of the entire API request (the URL, headers and body). Requests with full request signatures will stop being validated on April 28, 2020. Please switch to by that date.
We are switching to on April 28, 2020.
It’s now possible to retrieve the tree planting progress of the user via the endpoint.
It’s now possible to order Green and Travel cards via the endpoint.
We have added an option to .
We have changed the default SMS verification code for the from 123456 to 992266.
We have replaced primary_account_numbers_virtual and primary_account_number_four_digit from the resource with primary_account_numbers. The field returns the same string for primary_account_numbers and the same field + canceled cards for primary_account_numbers_virtual.
We have added the support of to OAuth.
The type field has become mandatory for .
We have deprecated the applied_limit field from the responses.
We have removed the activation_code field from . Instead of using the field, set the status ACTIVE when the card has been ACCEPTED_FOR_PRODUCTION.
The old card limit fields in the and objects have been deprecated and replaced with new ones. The default limit of €1,000 is now applied to all new cards.
