Skip to main content
POST
/
api
/
v2.1
/
fintrans
/
{accountId}
/
types
/
{operationType}
/
execute
Execute prepared operation
curl --request POST \
  --url https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute \
  --header 'Content-Type: application/json' \
  --data '
{
  "consentConfirmation": {
    "consentId": "f3822ff0-3986-4fef-84eb-7b517e657b6f",
    "channel": "WEB",
    "signature": "integration-test-signature",
    "confirmed": true
  },
  "preparedOrderId": "621d1386-f2fb-4655-88a8-997db0ec446a",
  "authenticationCode": "768807"
}
'
{
  "code": 200,
  "data": {
    "success": true,
    "executionId": "<string>",
    "preparedOrderId": "<string>",
    "sessionId": "<string>",
    "tenantId": "<string>",
    "status": "<string>",
    "executedAt": "<string>",
    "transactions": [
      "<unknown>"
    ],
    "balanceUpdates": [
      "<unknown>"
    ],
    "settlementInfo": "<unknown>",
    "executionSummary": "<unknown>"
  },
  "message": "Success"
}

Endpoint

POST /api/v2.1/fintrans/{accountId}/types/{operationType}/execute
This endpoint requires X-Forwarded-From and a device header. The backend accepts any of: deviceId, X-Device-Id, device-id.

Sample cURL

curl --request POST \
  --url 'https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute' \
  --header 'Authorization: Bearer <ACCESS_TOKEN>' \
  --header 'X-Tenant-Id: <TENANT_ID>' \
  --header 'Content-Type: application/json' \
  --header 'Accept: application/json' \
  --header 'User-Agent: <USER_AGENT>' \
  --header 'X-Forwarded-From: <FORWARDED_FROM>' \
  --header 'platform: Web' \
  --header 'deviceId: <DEVICE_ID>' \
  --data '{
    "consentConfirmation": {
      "consentId": "f3822ff0-3986-4fef-84eb-7b517e657b6f",
      "channel": "WEB",
      "signature": "integration-test-signature",
      "confirmed": true
    },
    "preparedOrderId": "621d1386-f2fb-4655-88a8-997db0ec446a",
    "authenticationCode": "768807"
  }'

Response Example

{
  "code": 200,
  "data": {
    "preparedOrderId": "621d1386-f2fb-4655-88a8-997db0ec446a",
    "status": "EXECUTING",
    "executedAt": "2026-03-31T11:50:16+03:00"
  },
  "message": "Success"
}
The authenticationCode is taken from the magicLinkToken returned when creating the payment consent (decode the JWT and extract the answer field).

Missing Headers Error Example

{
  "code": 500,
  "data": {
    "deviceId_accepted": [
      "deviceId",
      "X-Device-Id",
      "device-id"
    ],
    "missingHeaders": [
      "X-Forwarded-From",
      "deviceId"
    ]
  },
  "message": "Missing required header(s)"
}

Headers

X-Tenant-ID
string
Example:

"tenant-demo-001"

X-User-ID
string
X-Forwarded-For
string

Client IP address

Example:

"127.0.0.1"

X-Forwarded-From
string

Client source identifier

Example:

"client-app"

platform
string

Client platform

Example:

"mobile"

deviceId
string

Device identifier

Example:

"device-demo-001"

Authorization
string

Bearer JWT

Example:

"Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJkZW1vLXVzZXIifQ.demo-signature"

Path Parameters

accountId
string<uuid>
required
Example:

"00000000-0000-0000-0000-000000000000"

operationType
enum<string>
required

Operation kind (see prepare/execute and FinTransApiService.deriveAllowedOperationTypes)

Available options:
transfer
Example:

"transfer"

Body

application/json

Execute operation payload

consentConfirmation
object
required
preparedOrderId
string
required
Example:

"621d1386-f2fb-4655-88a8-997db0ec446a"

authenticationCode
string
required
Example:

"768807"

Response

Operation executed

Standard API response wrapper with executed order in data

code
integer<int32>

HTTP-style status code

Example:

200

data
object

Executed order

message
string

Result message

Example:

"Success"