> ## Documentation Index
> Fetch the complete documentation index at: https://docs.finhub.cloud/llms.txt
> Use this file to discover all available pages before exploring further.
# Execute prepared operation
> Execute a previously prepared operation using preparedOrderId and authenticationCode.
## Endpoint
`POST /api/v2.1/fintrans/{accountId}/types/{operationType}/execute`
This endpoint requires `X-Forwarded-From` and a device header. The backend accepts any of:
`deviceId`, `X-Device-Id`, `device-id`.
## Sample cURL
```bash theme={null}
curl --request POST \
--url 'https://sandbox.finhub.cloud/api/v2.1/fintrans/{accountId}/types/{operationType}/execute' \
--header 'Authorization: Bearer ' \
--header 'X-Tenant-Id: ' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'User-Agent: ' \
--header 'X-Forwarded-From: ' \
--header 'platform: Web' \
--header 'deviceId: ' \
--data '{
"consentConfirmation": {
"consentId": "f3822ff0-3986-4fef-84eb-7b517e657b6f",
"channel": "WEB",
"signature": "integration-test-signature",
"confirmed": true
},
"preparedOrderId": "621d1386-f2fb-4655-88a8-997db0ec446a",
"authenticationCode": "768807"
}'
```
## Response Example
```json theme={null}
{
"code": 200,
"data": {
"preparedOrderId": "621d1386-f2fb-4655-88a8-997db0ec446a",
"status": "EXECUTING",
"executedAt": "2026-03-31T11:50:16+03:00"
},
"message": "Success"
}
```
The `authenticationCode` is taken from the `magicLinkToken` returned when creating the payment consent (decode the JWT and extract the `answer` field).
## Missing Headers Error Example
```json theme={null}
{
"code": 500,
"data": {
"deviceId_accepted": [
"deviceId",
"X-Device-Id",
"device-id"
],
"missingHeaders": [
"X-Forwarded-From",
"deviceId"
]
},
"message": "Missing required header(s)"
}
```
## OpenAPI
````yaml openapi.yaml POST /api/v2.1/fintrans/{accountId}/types/{operationType}/execute
openapi: 3.1.0
info:
title: Business BFF API
version: 1.0.0
description: Backend for Frontend - Business Panels Orchestration Layer
servers:
- url: https://sandbox.finhub.cloud
description: Sandbox Environment
security: []
tags:
- name: AML
description: Anti-Money Laundering checks and transaction monitoring
- name: Admin - Consent Management
description: Operations for managing consent templates and definitions
- name: B2B Customer - Organization
description: B2B organization registration and management
- name: B2C Customer - Individual
description: Individual customer registration and lifecycle management
- name: BFF Admin - Tenant Initialization
description: Lazy tenant initialization for fast startup
- name: Catalog Hierarchy
description: Hierarchical catalog management APIs
- name: Catalog-Process Mapping
description: APIs for catalog-process relationship management
- name: Consent
description: Payment consent creation and approval
- name: Draft Management
- name: External Events
description: Kafka-to-HTTP bridge event ingestion and query
- name: FinCard Virtual - Webhooks
description: FinCard Virtual Card Webhook receiver
- name: FinCard Virtual Account
description: FinCard Virtual Card Account API proxy
- name: FinCard Virtual Card Holder
description: FinCard Virtual Card Holder API proxy
- name: FinCard Virtual Cards
description: FinCard Virtual Card API proxy
- name: FinCard Virtual Common
description: FinCard Virtual Card Common API proxy
- name: FinCard Virtual Wallet
description: FinCard Virtual Card Wallet API v2 proxy
- name: FinTrans - Operations
description: Financial transaction operations
- name: Internal Webhooks
description: Internal service-to-service webhook trigger (HMAC-secured)
- name: MFE Preload
description: MFE preload endpoints for SSR optimization
- name: MFE Registry
description: MFE Registry management endpoints
- name: Payment Consent Management
description: Operations for managing payment consents and validation
- name: Person
description: Person details for process context
- name: Products
description: Product Catalog Management API
- name: Reference Data
description: Shared reference data (countries, etc.)
- name: Tenant Lifecycle
description: Tenant mode transitions and lifecycle management
- name: Tenant Registration
description: Self-registration and tenant onboarding
- name: Transfers
description: Transfer prepare/execute aliases for muse-proxy compatibility
- name: Verification
description: Customer verification (KYC/KYB/AML) management
- name: Wallet
description: Wallet operations and balance management
- name: Webhooks
description: Webhook subscription and delivery management
paths:
/api/v2.1/fintrans/{accountId}/types/{operationType}/execute:
post:
tags:
- FinTrans - Operations
summary: Execute prepared operation
description: >-
Execute a previously prepared financial operation and may return
wallet/IBAN data for follow-up wallet retrieval.
parameters:
- name: accountId
schema:
type: string
format: uuid
examples:
- 00000000-0000-0000-0000-000000000000
in: path
required: true
- description: >-
Operation kind (see prepare/execute and
FinTransApiService.deriveAllowedOperationTypes)
name: operationType
schema:
type: string
enum:
- transfer
example: transfer
in: path
required: true
- name: X-Tenant-ID
in: header
schema:
type: string
example: tenant-demo-001
- name: X-User-ID
in: header
required: false
schema:
type: string
- name: X-Forwarded-For
in: header
description: Client IP address
schema:
type: string
example: 127.0.0.1
- name: X-Forwarded-From
in: header
description: Client source identifier
schema:
type: string
example: client-app
- name: platform
in: header
description: Client platform
schema:
type: string
example: mobile
- name: deviceId
in: header
description: Device identifier
schema:
type: string
example: device-demo-001
- name: Authorization
in: header
description: Bearer JWT
schema:
type: string
example: >-
Bearer
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJkZW1vLXVzZXIifQ.demo-signature
requestBody:
description: Execute operation payload
content:
application/json:
schema:
type: object
additionalProperties: false
required:
- consentConfirmation
- preparedOrderId
- authenticationCode
properties:
consentConfirmation:
type: object
additionalProperties: false
required:
- consentId
- channel
- signature
- confirmed
properties:
consentId:
type: string
example: f3822ff0-3986-4fef-84eb-7b517e657b6f
channel:
type: string
example: WEB
signature:
type: string
example: integration-test-signature
confirmed:
type: boolean
example: true
preparedOrderId:
type: string
example: 621d1386-f2fb-4655-88a8-997db0ec446a
authenticationCode:
type: string
example: '768807'
example:
consentConfirmation:
consentId: f3822ff0-3986-4fef-84eb-7b517e657b6f
channel: WEB
signature: integration-test-signature
confirmed: true
preparedOrderId: 621d1386-f2fb-4655-88a8-997db0ec446a
authenticationCode: '768807'
required: true
responses:
'200':
description: Operation executed
content:
application/json:
schema:
$ref: '#/components/schemas/BaseResponseExecutedOrderResponse'
'400':
description: Bad request
'401':
description: Unauthorized
'404':
description: Prepared order not found
'500':
description: Internal server error
components:
schemas:
BaseResponseExecutedOrderResponse:
type: object
description: Standard API response wrapper with executed order in data
properties:
code:
type: integer
format: int32
examples:
- 200
description: HTTP-style status code
example: 200
data:
$ref: '#/components/schemas/ExecutedOrderResponse'
type: object
description: Executed order
message:
type: string
examples:
- Success
description: Result message
example: Success
ExecutedOrderResponse:
type: object
description: Executed order response payload
properties:
success:
type: boolean
executionId:
type: string
preparedOrderId:
type: string
sessionId:
type: string
tenantId:
type: string
status:
type: string
executedAt:
type: string
transactions:
type: array
items: {}
balanceUpdates:
type: array
items: {}
settlementInfo: {}
executionSummary: {}
````