Skip to main content
POST
/
api
/
v2.1
/
fintrans
/
{accountId}
/
types
/
{operationType}
/
execute
Execute prepared operation
curl --request POST \
  --url https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute \
  --header 'Content-Type: application/json' \
  --data '
{
  "consentConfirmation": {
    "consentId": "f3822ff0-3986-4fef-84eb-7b517e657b6f",
    "channel": "WEB",
    "signature": "integration-test-signature",
    "confirmed": true
  },
  "preparedOrderId": "621d1386-f2fb-4655-88a8-997db0ec446a",
  "authenticationCode": "768807"
}
'
import requests

url = "https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute"

payload = {
    "consentConfirmation": {
        "consentId": "f3822ff0-3986-4fef-84eb-7b517e657b6f",
        "channel": "WEB",
        "signature": "integration-test-signature",
        "confirmed": True
    },
    "preparedOrderId": "621d1386-f2fb-4655-88a8-997db0ec446a",
    "authenticationCode": "768807"
}
headers = {"Content-Type": "application/json"}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
  method: 'POST',
  headers: {'Content-Type': 'application/json'},
  body: JSON.stringify({
    consentConfirmation: {
      consentId: 'f3822ff0-3986-4fef-84eb-7b517e657b6f',
      channel: 'WEB',
      signature: 'integration-test-signature',
      confirmed: true
    },
    preparedOrderId: '621d1386-f2fb-4655-88a8-997db0ec446a',
    authenticationCode: '768807'
  })
};

fetch('https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => json_encode([
    'consentConfirmation' => [
        'consentId' => 'f3822ff0-3986-4fef-84eb-7b517e657b6f',
        'channel' => 'WEB',
        'signature' => 'integration-test-signature',
        'confirmed' => true
    ],
    'preparedOrderId' => '621d1386-f2fb-4655-88a8-997db0ec446a',
    'authenticationCode' => '768807'
  ]),
  CURLOPT_HTTPHEADER => [
    "Content-Type: application/json"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io"
)

func main() {

	url := "https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute"

	payload := strings.NewReader("{\n  \"consentConfirmation\": {\n    \"consentId\": \"f3822ff0-3986-4fef-84eb-7b517e657b6f\",\n    \"channel\": \"WEB\",\n    \"signature\": \"integration-test-signature\",\n    \"confirmed\": true\n  },\n  \"preparedOrderId\": \"621d1386-f2fb-4655-88a8-997db0ec446a\",\n  \"authenticationCode\": \"768807\"\n}")

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute")
  .header("Content-Type", "application/json")
  .body("{\n  \"consentConfirmation\": {\n    \"consentId\": \"f3822ff0-3986-4fef-84eb-7b517e657b6f\",\n    \"channel\": \"WEB\",\n    \"signature\": \"integration-test-signature\",\n    \"confirmed\": true\n  },\n  \"preparedOrderId\": \"621d1386-f2fb-4655-88a8-997db0ec446a\",\n  \"authenticationCode\": \"768807\"\n}")
  .asString();
require 'uri'
require 'net/http'

url = URI("https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request.body = "{\n  \"consentConfirmation\": {\n    \"consentId\": \"f3822ff0-3986-4fef-84eb-7b517e657b6f\",\n    \"channel\": \"WEB\",\n    \"signature\": \"integration-test-signature\",\n    \"confirmed\": true\n  },\n  \"preparedOrderId\": \"621d1386-f2fb-4655-88a8-997db0ec446a\",\n  \"authenticationCode\": \"768807\"\n}"

response = http.request(request)
puts response.read_body
{
  "code": 200,
  "data": {
    "success": true,
    "executionId": "<string>",
    "preparedOrderId": "<string>",
    "sessionId": "<string>",
    "tenantId": "<string>",
    "status": "<string>",
    "executedAt": "<string>",
    "transactions": [
      "<unknown>"
    ],
    "balanceUpdates": [
      "<unknown>"
    ],
    "settlementInfo": "<unknown>",
    "executionSummary": "<unknown>"
  },
  "message": "Success"
}

Endpoint

POST /api/v2.1/fintrans/{accountId}/types/{operationType}/execute
This endpoint requires X-Forwarded-From and a device header. The backend accepts any of: deviceId, X-Device-Id, device-id.

Sample cURL

curl --request POST \
  --url 'https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute' \
  --header 'Authorization: Bearer <ACCESS_TOKEN>' \
  --header 'X-Tenant-Id: <TENANT_ID>' \
  --header 'Content-Type: application/json' \
  --header 'Accept: application/json' \
  --header 'User-Agent: <USER_AGENT>' \
  --header 'X-Forwarded-From: <FORWARDED_FROM>' \
  --header 'platform: Web' \
  --header 'deviceId: <DEVICE_ID>' \
  --data '{
    "consentConfirmation": {
      "consentId": "f3822ff0-3986-4fef-84eb-7b517e657b6f",
      "channel": "WEB",
      "signature": "integration-test-signature",
      "confirmed": true
    },
    "preparedOrderId": "621d1386-f2fb-4655-88a8-997db0ec446a",
    "authenticationCode": "768807"
  }'

Response Example

{
  "code": 200,
  "data": {
    "preparedOrderId": "621d1386-f2fb-4655-88a8-997db0ec446a",
    "status": "EXECUTING",
    "executedAt": "2026-03-31T11:50:16+03:00"
  },
  "message": "Success"
}
The authenticationCode is taken from the magicLinkToken returned when creating the payment consent (decode the JWT and extract the answer field).

Missing Headers Error Example

{
  "code": 500,
  "data": {
    "deviceId_accepted": [
      "deviceId",
      "X-Device-Id",
      "device-id"
    ],
    "missingHeaders": [
      "X-Forwarded-From",
      "deviceId"
    ]
  },
  "message": "Missing required header(s)"
}

Headers

X-Tenant-ID
string
Example:

"tenant-demo-001"

X-User-ID
string
X-Forwarded-For
string

Client IP address

Example:

"127.0.0.1"

X-Forwarded-From
string

Client source identifier

Example:

"client-app"

platform
string

Client platform

Example:

"mobile"

deviceId
string

Device identifier

Example:

"device-demo-001"

Authorization
string

Bearer JWT

Example:

"Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJkZW1vLXVzZXIifQ.demo-signature"

Path Parameters

accountId
string<uuid>
required
Example:

"00000000-0000-0000-0000-000000000000"

operationType
enum<string>
required

Operation kind (see prepare/execute and FinTransApiService.deriveAllowedOperationTypes)

Available options:
transfer
Example:

"transfer"

Body

application/json

Execute operation payload

preparedOrderId
string
required
Example:

"621d1386-f2fb-4655-88a8-997db0ec446a"

authenticationCode
string
required
Example:

"768807"

Response

Operation executed

Standard API response wrapper with executed order in data

code
integer<int32>

HTTP-style status code

Example:

200

data
object

Executed order

message
string

Result message

Example:

"Success"