Skip to content

Upvest Investment API (1.75.0)

Upvest Investment API.

Download OpenAPI description
Overview
URL

https://docs.upvest.co

Upvest API Support

api@upvest.co

License

Apache 2.0

Languages
Servers
Sandbox environment

https://sandbox.upvest.co/

Live environment

https://api.upvest.co/

Access Tokens

All authentication related paths.

Operations
OperationsWebhooks

User Identifiers

All user identifiers related paths.

Operations

User Checks

All user checks related paths.

OperationsWebhooks

Accounts

All accounts related paths

OperationsWebhooks

Account Groups

All account groups related paths

OperationsWebhooks

Tax Residencies

All tax residencies related paths.

Operations

Corporate Actions

All Corporate Action related paths.

Webhooks

Tax Exemptions

All tax exemptions related paths

OperationsWebhooks

Tax Collections

All tax collections related paths

Webhooks

Tax Wrappers

All tax wrappers related paths

OperationsWebhooks

Instruments

All instrument related paths.

OperationsWebhooks

Price Data

All price data related paths.

Operations
OperationsWebhooks

Portfolios

All portfolios related paths.

Operations

Portfolios Rebalancing

All portfolios rebalancing related paths.

OperationsWebhooks

Savings Plans

All savings plans related paths.

OperationsWebhooks

Liquidations

All accounts liquidations related paths.

OperationsWebhooks

Direct Debits

All direct debits related paths

OperationsWebhooks
OperationsWebhooks

Withdrawals

All withdrawals related paths

OperationsWebhooks

Reference Accounts

All reference account related paths

Operations

Mandates

All direct debit mandates related paths

Operations

Request

Create a mandate

Security
oauth-client-credentials
Headers
upvest-client-idstring(uuid)required

Tenant Client ID

Example: ebabcf4d-61c3-4942-875c-e265a7c2d062
authorizationstring^Bearer [a-zA-Z0-9\-\._~+/]*=*required

Bearer (access) token from the OAuth flow with correct scopes. https://datatracker.ietf.org/doc/html/rfc6750

Example: Bearer c2VjcmV0Cg==
signaturestringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-http-header

signature-inputstringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-input-http-he

idempotency-keystring(uuid)^[0-9a-fA-F]{8}-?[0-9a-fA-F]{4}-?[0-5][0-9a-f...required

A UUID to be used as an idempotency key. This prevents a duplicate request from being replayed. https://docs.upvest.co/documentation/concepts/api_concepts/idempotency

Example: ccb07f42-4104-44ad-8e1f-c660bb7b269c
upvest-api-versionstring

Upvest API version (Note: Do not include quotation marks)

Default 1
Value"1"
Example: 1
Bodyapplication/json
ibanstring^[A-Z]{2}[0-9]{2}[A-Z0-9]{11,26}$required

International Bank Account Number IBAN.

bicstring^[A-Z]{6}[A-Z0-9]{2}([A-Z0-9]{3})?$required

Business Identifier Code (also known as SWIFT-BIC, BIC, SWIFT ID or SWIFT code) ISO 9362.

confirmed_atstring(date-time)required

Timestamp of when user validated the mandate

user_idstring(uuid)

User unique identifier.

curl -i -X POST \
  https://sandbox.upvest.co/payments/mandates \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'authorization: Bearer c2VjcmV0Cg==' \
  -H 'idempotency-key: ccb07f42-4104-44ad-8e1f-c660bb7b269c' \
  -H 'signature: string' \
  -H 'signature-input: string' \
  -H 'upvest-api-version: 1' \
  -H 'upvest-client-id: ebabcf4d-61c3-4942-875c-e265a7c2d062' \
  -d '{
    "user_id": "83d83ec2-d2ca-49ff-bbea-b92b5c3be202",
    "iban": "DE89000000000000000000",
    "bic": "ABCDEXXX",
    "confirmed_at": "2021-12-08T08:38:48.021Z"
  }'

Responses

Mandate

Headers
upvest-request-idstring(uuid)required
Example: "169ae4c7-ebd7-4041-94da-25369653eba7"
Bodyapplication/json
idstring(uuid)required

Direct Debit Mandate unique identifier.

created_atstring(date-time)required

Date and time when the resource was created. RFC 3339-5, ISO8601 UTC

user_idstring(uuid)required

User unique identifier.

ibanstring^[A-Z]{2}[0-9]{2}[A-Z0-9]{2}\*{10}[A-Z0-9]{4}...required

Obfuscated International Bank Account Number IBAN.

bicstring^[A-Z]{6}[A-Z0-9]{2}([A-Z0-9]{3})?$required

Business Identifier Code (also known as SWIFT-BIC, BIC, SWIFT ID or SWIFT code) ISO 9362.

creditor_namestring<= 100 charactersrequired

Name of the creditor on the mandate.

creditor_idstring<= 20 charactersrequired

Banking identifier of the creditor.

creditor_addressobjectrequired

Address. Must not be a P.O. box or c/o address.

address_line1string<= 100 charactersrequired

First address line of the address.

postcodestring^[a-zA-Z0-9][a-zA-Z0-9\s\-]{0,8}[a-zA-Z0-9]?$...required

Postal code (postcode, PIN or ZIP code)

countrystringrequired

Accepted country code. ISO 3166-1 alpha-2 codes.

Enum"AD""AE""AF""AG""AI""AL""AM""AO""AQ""AR"
citystring[ 1 .. 85 ] charactersrequired
address_line2string<= 100 characters

Second address line of the address.

statestring<= 50 characters

State, province, county. ISO 3166 alpha-2 Codes.

typestring<= 10 charactersrequired

Type of mandate.

  • RECURRENT -
Default "RECURRENT"
Value"RECURRENT"
confirmed_atstring(date-time)required

Timestamp of when user validated the mandate

Response
application/json
{ "id": "9c5a7dea-46f2-4502-b6b5-9902a53860e4", "created_at": "2020-08-24T14:15:22Z", "user_id": "83d83ec2-d2ca-49ff-bbea-b92b5c3be202", "iban": "DE8900**********0000", "bic": "ABCDEXXX", "creditor_name": "Creditor Company", "creditor_id": "DE98ZZZ09999999999", "creditor_address": { "address_line1": "Strasse 1", "address_line2": "Company GmbH", "postcode": "12345", "city": "Berlin", "state": "BE", "country": "DE" }, "type": "RECURRENT", "confirmed_at": "2021-12-08T08:38:48.021Z" }

Request

Retrieve a direct debit mandate

Security
oauth-client-credentials
Path
mandate_idstring(uuid)required

Direct Debit Mandate unique identifier.

Headers
upvest-client-idstring(uuid)required

Tenant Client ID

Example: ebabcf4d-61c3-4942-875c-e265a7c2d062
authorizationstring^Bearer [a-zA-Z0-9\-\._~+/]*=*required

Bearer (access) token from the OAuth flow with correct scopes. https://datatracker.ietf.org/doc/html/rfc6750

Example: Bearer c2VjcmV0Cg==
signaturestringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-http-header

signature-inputstringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-input-http-he

upvest-api-versionstring

Upvest API version (Note: Do not include quotation marks)

Default 1
Value"1"
Example: 1
curl -i -X GET \
  'https://sandbox.upvest.co/payments/mandates/{mandate_id}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'authorization: Bearer c2VjcmV0Cg==' \
  -H 'signature: string' \
  -H 'signature-input: string' \
  -H 'upvest-api-version: 1' \
  -H 'upvest-client-id: ebabcf4d-61c3-4942-875c-e265a7c2d062'

Responses

Mandate

Headers
upvest-request-idstring(uuid)required
Example: "169ae4c7-ebd7-4041-94da-25369653eba7"
Bodyapplication/json
idstring(uuid)required

Direct Debit Mandate unique identifier.

created_atstring(date-time)required

Date and time when the resource was created. RFC 3339-5, ISO8601 UTC

user_idstring(uuid)required

User unique identifier.

ibanstring^[A-Z]{2}[0-9]{2}[A-Z0-9]{2}\*{10}[A-Z0-9]{4}...required

Obfuscated International Bank Account Number IBAN.

bicstring^[A-Z]{6}[A-Z0-9]{2}([A-Z0-9]{3})?$required

Business Identifier Code (also known as SWIFT-BIC, BIC, SWIFT ID or SWIFT code) ISO 9362.

creditor_namestring<= 100 charactersrequired

Name of the creditor on the mandate.

creditor_idstring<= 20 charactersrequired

Banking identifier of the creditor.

creditor_addressobjectrequired

Address. Must not be a P.O. box or c/o address.

address_line1string<= 100 charactersrequired

First address line of the address.

postcodestring^[a-zA-Z0-9][a-zA-Z0-9\s\-]{0,8}[a-zA-Z0-9]?$...required

Postal code (postcode, PIN or ZIP code)

countrystringrequired

Accepted country code. ISO 3166-1 alpha-2 codes.

Enum"AD""AE""AF""AG""AI""AL""AM""AO""AQ""AR"
citystring[ 1 .. 85 ] charactersrequired
address_line2string<= 100 characters

Second address line of the address.

statestring<= 50 characters

State, province, county. ISO 3166 alpha-2 Codes.

typestring<= 10 charactersrequired

Type of mandate.

  • RECURRENT -
Default "RECURRENT"
Value"RECURRENT"
confirmed_atstring(date-time)required

Timestamp of when user validated the mandate

Response
application/json
{ "id": "9c5a7dea-46f2-4502-b6b5-9902a53860e4", "created_at": "2020-08-24T14:15:22Z", "user_id": "83d83ec2-d2ca-49ff-bbea-b92b5c3be202", "iban": "DE8900**********0000", "bic": "ABCDEXXX", "creditor_name": "Creditor Company", "creditor_id": "DE98ZZZ09999999999", "creditor_address": { "address_line1": "Strasse 1", "address_line2": "Company GmbH", "postcode": "12345", "city": "Berlin", "state": "BE", "country": "DE" }, "type": "RECURRENT", "confirmed_at": "2021-12-08T08:38:48.021Z" }

Request

Delete mandate

Security
oauth-client-credentials
Path
mandate_idstring(uuid)required

Direct Debit Mandate unique identifier.

Headers
upvest-client-idstring(uuid)required

Tenant Client ID

Example: ebabcf4d-61c3-4942-875c-e265a7c2d062
authorizationstring^Bearer [a-zA-Z0-9\-\._~+/]*=*required

Bearer (access) token from the OAuth flow with correct scopes. https://datatracker.ietf.org/doc/html/rfc6750

Example: Bearer c2VjcmV0Cg==
signaturestringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-http-header

signature-inputstringrequired

https://tools.ietf.org/id/draft-ietf-httpbis-message-signatures-01.html#name-the-signature-input-http-he

upvest-api-versionstring

Upvest API version (Note: Do not include quotation marks)

Default 1
Value"1"
Example: 1
curl -i -X DELETE \
  'https://sandbox.upvest.co/payments/mandates/{mandate_id}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'authorization: Bearer c2VjcmV0Cg==' \
  -H 'signature: string' \
  -H 'signature-input: string' \
  -H 'upvest-api-version: 1' \
  -H 'upvest-client-id: ebabcf4d-61c3-4942-875c-e265a7c2d062'

Responses

Request has been processed successfully.

Headers
upvest-request-idstring(uuid)required
Example: "169ae4c7-ebd7-4041-94da-25369653eba7"
Response
No content

Cash Balances

All cash balance related paths

OperationsWebhooks

Positions

All positions related paths.

OperationsWebhooks

Valuations

All valuations related paths.

OperationsWebhooks

Returns

All accounts returns related paths.

OperationsWebhooks

Virtual Cash Balances

All virtual cash balances related paths

OperationsWebhooks
OperationsWebhooks

Fees Configurations

All fees configurations related paths.

Operations
OperationsWebhooks

Treasury Reports

All treasury reports related paths.

Webhooks

Transactions

All transactions related paths.

OperationsWebhooks
Operations

Webhook Subscriptions

All webhook subscriptions related paths.

Operations

Virtual Bank Accounts

All virtual bank accounts related paths

OperationsWebhooks
Operations