cboj-loans-prc-api
home
Loans Process API
Base URLs
Description
This document covers the business logics of Loan Interface. Loan interface deals with the services :
- Get loan details
- Get loan schedule Dates
- Get loan Past Dues
- Get New Loan Simulation
- Create and Update Loan Simulation
- Create Loan Disbursement
- Get Existing Liabilities
- Get Existing Collateral
- Get Schedule Projection
- Create Collateral Right or Amendment
- Get Eligible Loan Products
- Get Guarantor Details
- Get Active Lending Products
- Get Insurance Company Details
- Get Global Child Limits
- Get Effective Interest Rate
- Get Car Types
- LOS Get Floating Rates
- LOS Get Periodic Rates
- Get CustomerAcct interest Details
- LOS Create PD Loan
Technical Specifications
Headers
Below are the headers that are set with every HTTP Request
| Header Name | Sample Value | Optional? |
|---|---|---|
| client_id | 9712801dbaaffg90d43a0b09c59fdaf21e65524235436 | Mandatory |
| client_secret | 234d8AeC33e34bE1b3eiud31b2887cD4 | Mandatory |
| Authorization | Bearer afdca88b-9ed0-344b-8af0-b2195e382574 | Optional |
| x-channel-id | DEVCHL | Mandatory |
| x-correlation-id | 13243564564 | Mandatory |
| x-bank-id | CBOJ | Mandatory |
| x-debug-flag | 0 | Optional (enum - 0 or 1) |
| x-customer-id | 2100122 | Optional (mandatory for customer facing channels) |
| x-user-id | 1234 | Optional |
| x-sub-channel-id | devchannel | Optional |
Error handling
HTTP Status:
The HTTP error codes are:
- 400 - Bad Request: An error in the client request (Mostly due to validations)
- 401 - Unauthorized: User can't be authenticated
- 403 - Forbidden: The server cannot give access to the resource
- 404 - Not Found: The resource defined in the URL doesn't exist
- 405 - Method Not Allowed
- 406 - Not Acceptable
- 415 - Unsupported Media Type
- 500 - Internal Server Error: The server encountered an unexpected condition
- 501 - Not Implemented
Error Response
A REST API should reply with an error code and a message to be shown to the consumer.
{
"status": {
"success": false,
"code": "400",
"reasonCode": "BadRequest",
"arabicMessage": "لم يتم العثور على سجلات تطابق Ù…Øددات البØØ«",
"englishMessage": "No records were found that matched the selection criteria",
"backendError": "No records were found that matched the selection criteria",
"backendCode": "T24003790"
}
}Api Security
Below polices are applied.
| Name | Description | Example |
|---|---|---|
| Client ID Enforcement | It restricts access to a protected resource | client_id: 9d41a8940c5e4181aace6fc5e6cfffc3 client_secret: aB9D5Bd7450d49F584F23250D96872fD |
| IP Allowlist | allows a list or range of IP addresses to access and interacts with a configured API endpoint. | 192.168.61.1 192.168.61.2 192.168.62.1 |
Config Information
- If there is new endpoint comes in which needs to access t24 version which is not already available in config, then add the version name,field and operator in config properties under tag t24 and access it in code.