Questions
General
Do you have a callback for changes to the consent?
Yes, we do. We can call back your webhook when a consent is created and when it is approved by the Payment Service User. See here for the details.
Why do /balances and /transactions requests fail for some banks?
Failures on these endpoints typically occur when a bank has not implemented the bulk version of the resource.
Under the Open Banking standard, root-level bulk endpoints (e.g., /transactions) are optional; many banks require a specific account context to return data.
Resolution:
Specify the ?accountId as a query parameter. This instructs the Monolay API to route the request via the mandatory account-specific path rather than the bulk path.
Example Request:
GET https://api.monolay.io/ais/v1/.../balances?accountId=12345
Why is /transactions failing, when it worked yesterday?
While some institutions allow a one-time "deep history" (no date range specified) pull during the initial SCA-authorized session, they often restrict subsequent background refreshes. Attempting to fetch an unbounded range after the initial session may result in a 400 Bad Request error.
Resolution:
Use the ?fromBookingDateTime query string to explicitly define a window. This ensures compatibility with the bank's background sync policies.
Why does calling /accounts result in a 403 Forbidden error?
Some banks treat account discovery as a "one-time" event tied specifically to the initial Strong Customer Authentication (SCA) session.
- Initial Token (SCA): The access token generated immediately after the user authorizes the connection is permitted to access
/accounts. - Refreshed Tokens: Any token generated via a
refresh_tokenfor background synchronization is restricted to accessing the/transactionsand/balancesendpoints.
Resolution Developers must call /accounts immediately following the initial SCA.
Cynergy Bank Integration Guide
Cynergy Bank utilizes a unique implementation for bulk data and session management that requires specialized handling.
Why does ?accountId not work?
Cynergy does not support filtering via the ?accountId query string on /transactions and /balances endpoints.
Resolution: Call the base bulk request (e.g., /transactions) without ?accountId query string.
Why does calling /accounts result in a 403 Forbidden error?
Cynergy treats account discovery as a "one-time" event tied specifically to the initial Strong Customer Authentication (SCA) session.
- Initial Token (SCA): The access token generated immediately after the user authorizes the connection is permitted to access
/accounts. - Refreshed Tokens: Any token generated via a
refresh_tokenfor background synchronization is restricted to accessing the/transactionsand/balancesendpoints.
Best Practice: Developers must call /accounts immediately following the initial SCA.
Cynergy Implementation Summary
| Feature | Behavior | Recommendation |
|---|---|---|
| Account Discovery | /accounts | Fetch and store IDs only during the initial SCA session. |
| Data Retrieval | Bulk Endpoints | Use root-level endpoints (e.g., /transactions) for background refreshes. |
| Filtering | ?accountId | Not Supported. Implement local array filtering in your application logic. |
HSBC Bank Integration Guide
How are transactions handled by HSBC?
HSBC follows a strict implementation that includes mandatory request signing and specific limitations on data retrieval.
- Pagination: HSBC strictly enforces pagination. Your integration logic must iterate through the
first,next, andlastlinks provided in the metadata to capture all records. - Data Limits: HSBC typically enforces narrower limits on the number of transactions returned per page compared to other Tier 1 banks.