Product Overview
The Account Notification Service (ANS) sends real-time notifications when changes occur on a payment account. You can configure triggers for specific credit or debit transactions.
Use cases for real-time transaction notifications include but are not limited to:
- Receive a notification for all debit and credit bookings.
- Receive a notification when a payment request has been paid.
- Receive a notification for direct debit refunds or reversals.
- Receive a notification when an invoice has been paid.
ANS also delivers CAMT.053 bank statements. Use these statements to integrate data into your Enterprise Resource Planning (ERP) or Treasury Management System (TMS).
To know more read the manual that connects to your use case:
Prerequisites
To ensure a smooth start with the Account Notification Service API, your business should meet the following conditions:
- High degree of automation.
- Professional IT environment and good infrastructure.
- Permanently available security expertise to use Accounts & Payments APIs and safeguarding its security.
- An EV SSL certificate for transport.
- An EV SSL signing certificate for signing messages.
- An active Rabobank business account.
How to connect with the Account Notification Service API
The API can be used in two ways, depending on your use case.
The options below explain each approach:
- If you execute API requests from your own account, then you are a Direct Connector (DC).
- If you execute API requests on behalf of your customers (Rabo account holders), then you are a Third Party (TP).
If you decide to use both options of this API (Direct Connector AND Third Party), you must create separate Apps. One app with a subscription on the DC product and the other app with a subscription on the TP product.
More information: Rabo Banking Link manual for third parties, Rabo Banking Link manual for direct connectors
Direct Connector
- Subscribe your application to: Account Notification Service
- Use the OAuth scope:
ans.subscription.read-writeand/orbai.accountinformation.read
Third Party
- Subscribe your application to: Account Notification Service
- Use the OAuth scope:
ans.subscription.read-writeand/orbai.accountinformation.read
Authentication & Authorization
The APIs use token-based authentication, which consists of 2 things:
- Consent granted by the account holder.
- Access token, with the integrated consent.
To set this up use the Authorization Services API.
With the /authorize endpoint the account holder is requested to give consent for a certain API (scope). After consent, an authorization code is returned. This authorization code should be used in the /token call to retrieve an access token. This access token is a Bearer token that you use in the Authorization header of each request.
Read more Oauth PSD2 and Premium.
Relevant scope(s) for oauth2 access code flow
| Scope name | Description |
|---|---|
| ans.subscription.read-write | Read and write subscriptions for Account Notification Service |
| bai.accountinformation.read | Read data from Business Account Insight Services |
Make sure that you use the Authorization and Token URL as provided by the Authorization Services.
The Delete subscriptions endpoint does NOT require an access token.
Rate Limiting
A default rate limit plan is set for all APIs. The rate limit can be shared or individual (defined per operation). The table below describes the rate limiting for this product.
| Operation | Type | Limit (API calls / s) | Counts towards shared limit |
|---|---|---|---|
GET /transactions/{notificationId} | Individual | 20 | No |
GET /subscriptions | Shared | 6 | Yes |
POST /subscriptions | Shared | 6 | Yes |
GET /subscriptions/{subscriptionId} | Shared | 6 | Yes |
PUT /subscriptions/{subscriptionId} | Shared | 6 | Yes |
DELETE /subscriptions/{subscriptionId} | Shared | 6 | Yes |
| All (premium) Oauth calls | Shared | 6 | Yes |
