AMEX

​

Links

• Developer Console

​

Scopes

• Account Information 🔒

• American Express requires manual registration for each application with Amex for Developers
• Production access requires Active eIDAS Certificates.

• Multiple consents are not supported
• Amex deem each main Card to be an Account and require separate consents; this means they must be consented under separate consent journeys.
• Additional/Supplemental Cards cannot be separately consented; they are consented by the main Account holder.
• You may only have one active consent per Account and Client ID.
• A consent is valid for a single Account only (holders with multiple Accounts should consent each Account separately).
• If a consent is lost the Account holder must login to Amex Online and remove the Partner link.
• The access privileges for consents are fixed as Accounts, Balances and Transactions (by Amex); any access scopes provided to Yapily will be ignored.

• By default, Amex returns the last 90 days transactions for an account.
• To obtain transactions made outside the last 90 days, a from and before date must be passed as parameters.
• If only a from date is passed, the before date will default to today’s date.
• If only a before date is passed, the Amex default of last 90 days transactions will be returned.

​

Live Environment

curl --location --request POST 'https://api.yapily.com/certificates/keys/' \
--header 'Authorization: Basic YOUR_APPLICATION_CREDENTIALS_AS_BASIC_AUTH' \
--header 'Content-Type: application/json' \
--data-raw '[{
   "pem": "$YOUR_PUBLIC_KEY_AS_PEM",
   "key": "$YOUR_PRIVATE_KEY",
   "kid" : "$CERT_KID",
   "name" : "$CERTIFICATE_NAME"
}]'

{
"id": "d16f87d3-4222-4173-b8b9-44aeccacae7d",
....
}

​

Step 2: Call the MANUAL registration endpoint

curl --location --request POST 'https://api.yapily.com/institutions/amex-ob_uk/manual/register' \
     --header 'Content-Type: application/json' \
     --header 'Authorization: Bearer YOUR_APPLICATION_CREDENTIALS_AS_BASIC_AUTH' \
     --data-raw '{
            "signingKeyID": "$SIGNING_KEY_UUID",
            "transportKeyID": "$TRANSPORT_KEY_UUID"
            "apiTypes": [ "AISP", "PISP" ],
            "clientId": "$CLIENT_ID_FROM_AMEX_ONBOARDING",
            "clientSecret": "$CLIENT_SECRET_FROM_AMEX_ONBOARDING"
     }'

{
   "id": "a0460a91-4b4c-422a-bbe6-bebe0b92e308"
}

​

Sandbox Environment

• Sign up for access at Create an Account; Group emails are not accepted.
• Make records of your signup details; these cannot be accessed or edited once entered (they can be modified by support ticket at a 7 - 14 day turnaround).
• Support is by web form Contact Us.
• Request access to Account Financials European Union (EU) for Open Banking; FCA registration details are required.
• Model and API are proprietary with sparse information.
• Sandbox and QA are granted immediately.
• Production access requires a further request fulfilled by email exchange and takes 14 days typically.
• Amex will email for Production Callback URL, Signing and Transport certificates; once again be careful to record this interaction as these cannot be accessed or edited other than by support request.
• Access Keys are provided in [Amex for Developers -> My Keys -> Credentials] (https://developer.americanexpress.com/apps/dashboard) once approved.
• The Sandbox environment is actually the American Express QA environment and has similar functionality to Production.

​

Support