Account Opening L1

Security comes first. Perform transactions in a secure manner with the OAuth 2 protocol.

AccountOpeningL1

POST

Account Opening L1

 

 

Request Parameters

 

Name Description Parameter Type Sample Value

MerchantType

Merchant Type String 0088

TraceNo

Trace No Only numbers are allowed 211093

CompanyName

Company Name String XYZ

DateTime

Date Time YYYYMMddHHmmss 20210105201527

CNIC

CNIC String 4210114939091

CnicIssuanceDate

Cnic Issuance Date String 20140624

MobileNo

Mobile No String 03345838445

MobileNetwork

Mobile Network String UFONE

EmailId

Email Id String

[email protected]

 

 

Sample  Request

 

{"AccOpenL1Request":
{"processingCode" : "AccountOpening",
"merchantType" : "0088",
"traceNo" : "000123",
"companyName" : "NOVA",
"dateTime" : "20210105201527",
"cnic" : "3320255277566",
"fingerIndex":"1",
"fingerTemplate":"Rk1SACAyMAAAAAHsAAABQAHgAMUAxQEAAABkTYBQAD7uAECbAEdvAEBjAEttAEBFAExxAECRAFXtAEAwAGx6AECbAGxyAEDGAG1wAEBeAHN2AEDBAIrtAEBrAJF6AEDXAJVtAEBBAJqEAEBiAKv6AEB8AK98AEA7ALiIAEAFAMcQAECxAM52AEBwAND4AED6ANzpAEA/AOmTAEB+AOp+AEDLAOrqAECEAPiAAEAPAPoaAECvAPvrAECRAP3yAEDbAQVpAEBaAQqTAEA5AQqeAIBDAQoXAEC4AQxtAEBtAR+WAEEGAR/iAECBASqKAIDrAS5fAECmATfiAECdAUF0AEC5AUdiAEBgAVm4AECEAVu+AEDbAV5cAECOAWHVAIB6AWm8AECaAWrYAICkAWrZAEDrAXDhAEAWAXS6AEEqAXVwAECUAXfWAECjAXhYAEAiAXnCAEC1AXxaAED/AYFkAEB+AYNIAEC9AYPaAEChAYxXAEBcAZRCAIAiAZVGAEBhAZbTAECbAZrkAECRAaLeAED5AaVwAIEeAaaEAEC5AalkAEAsAarQAEDrAbF0AEBeAbLWAECEAbfeAIB0AbjpAIB/AbpnAEC5AbtpAEClAb9kAEDvAcb+AEBKAcdUAEDTAdCCAECVAdJhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"cnicIssuanceDate" : "20191028",
"mobileNo" : "03422142169",
"mobileNetwork" : "UFONE",
"emailId": "[email protected]"
}
}

Response Parameters

 

Name Description Parameter Type Sample Value

merchantType

merchant Type String  0088

traceNo

trace No Only numbers are allowed  211093

companyName

company Name String  XYZ

dateTime

date Time YYYYMMddHHmmss  20210105201527

MobileNetwork

MobileNetwork String

 UFONE

ResponseCode

ResponseCode String  211

ResponseDetails

ResponseDetails String

 incorrect issue date

 

 

Sample  Response

{

"AccountOpeningResponse":

{

"MerchantType": "0088",

"TraceNo": "211093",

"CompanyName": "XYZ",

"DateTime": "20210105201527",

"MobileNetwork": "UFONE",

"ResponseCode": "211",

"ResponseDetails": [ "incorrect issue date" ]

 } 

Resource URL

https://sandbox.jsbl.com/v2 /accountopeningl1-blb2

Try out yourself

Header Parameters


Name Values Description
Authorization
(required)

Auth2.0 verification. "Bearer" keyword followed by a space and generated Access Token from OAuth API. Like "Bearer xxxxxxx"

Content-Type
(required)

Content Type application/json is supported

Body Parameters


Name Values Description
Request Body
(required)

Request Body

HTTP Basic

OAuth 2.0

API Key

Clear Request

Make a request and see the response.

Make a request and see the response.

Make a request and see the response.

Code examples

  • var request = require('request'),
    oauth_token = "YOUR_ACCESS_TOKEN",
    url = "https://sandbox.jsbl.com/v2/accountopening-blb"
    auth = "Bearer " + oauth_token;
    request(
    {
    method: 'POST'
    url : url,
    headers : {
    "Authorization" : auth
    }, json : {
    "MerchantType" :"",
    "TraceNo" :"",
    "CompanyName" :"",
    "DateTime" :"",
    "CNIC" :"",
    "CnicIssuanceDate" :"",
    "MobileNo" :"",
    "MobileNetwork":"",
    "EmailId":"",
    } },
    function (error, response, body) {
    // TODO: Use the body object to extract the response
    console.log(body)
    } )
    
  • <?PHP $url = 'https://sandbox.jsbl.com/v2/accountopening-blb';
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_HTTPHEADER, 
    array('Content-Type:application/json','Authorization:Bearer 
    ACCESS_TOKEN')); //setting custom header
    $curl_post_data = array(
    //Fill in the request parameters with valid values
    'MerchantType' => ' ',
    'Cnic' => ' ',
    'TraceNo' => ' ',
    'CompanyName' => ' ',
    'DateTime' => ' ',
    'CNIC' => ' ',
    'CnicIssuanceDate' => ' ',
    'MobileNo' => '',
    'MobileNetwork' => '',
    'EmailId' => '',
    $data_string = json_encode($curl_post_data);
    
  • require 'net/http'
    require 'net/https'
    require 'uri'
    uri = URI('https://sandbox.jsbl.com/v2/accountopening-blb')
    http = Net::HTTP.new(uri.host, uri.port)
    http.use_ssl = true
    http.verify_mode = OpenSSL::SSL::VERIFY_NONE
    request = Net::HTTP::Get.new(uri)
    request["accept"] = 'application/json'
    request["content-type"] = 'application/json'
    request["authorization"] = 'Bearer '
    request.body = "{
    \"MerchantType\":\" \",
    \"TraceNo\":\" \",
    \"CompanyName\":\" \",
    \"DateTime\":\" \",
    \"CNIC\":\" \",
    \"CnicIssuanceDate\":\" \",
    \"MobileNo\":\" \",
    \"MobileNetwork\":\",
    \"EmailId\":\",
    response = http.request(request)
    puts response.read_body
    
  • curl -X POST --header "Authorization:
    Bearer " --header "Content-Type: 
    application/json" -d "{ \"MerchantType\":\" \",
    \"TraceNo\":\" \",
    \"CompanyName\":\" \",
    \"DateTime\":\" \",
    \"CNIC\":\" \",
    \"CnicIssuanceDate\":\" \",
    \"MobileNo\":\" \",
    \"MobileNetwork\":\",
    \"EmailId\":\",
    
    }" "https://sandbox.jsbl.com/v2/accountopening-blb"
    

  • OkHttpClient client = new OkHttpClient();
    MediaType mediaType = MediaType.parse("application/json");
    RequestBody body = RequestBody.create(mediaType, "{
    \"MerchantType\":\" \",
    \"TraceNo\":\" \",
    \"CompanyName\":\" \",
    \"DateTime\":\" \",
    \"CNIC\":\" \",
    \"CnicIssuanceDate\":\" \",
    \"MobileNo\":\" \",
    \"MobileNetwork\":\",
    \"EmailId\":\",
    }");
    Request request = new Request.Builder()
    .url("https://sandbox.jsbl.com/v2/accountopening-blb")
    .post(body)
    .addHeader("authorization", "Bearer YOUR_OAUTH_TOKEN")
    .addHeader("content-type", "application/json")
    .build();
    Response response = client.newCall(request).execute(); 
    

OTP Encryption

NOTE: To provide Unlimited Strength of encryption to your environment, Kindly download library, extract the zip file and replace these policy
file(local_policy &US_export_policy) on following location e-g: "java\jdk1.8.0_102\jre\lib\security"

Download Library
//import org.slf4j.Logger;
//import org.slf4j.LoggerFactory;

import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import java.util.HashMap;
import java.util.Iterator;

public class EncryptionUtil {
    //private static final Logger log = LoggerFactory.getLogger(com.test.security.EncryptionUtil.class);

//    private static final String KEY = ConfigReader.getInstance().getProperty("crypto.channel.key", "682ede816988e58fb6d057d9d85605e0");

	private static final String KEY = "682ede816988e58fb6d057d9d85605e0";
	
    public static String encrypt(String input) {
        return encryptWithAES(KEY, input);
    }

    public static String decrypt(String input) {
        return decryptWithAES(KEY, input);
    }

	public static String encryptWithAES(String key, String strToEncrypt) {
		Security.addProvider(new BouncyCastleProvider());
		byte[] keyBytes;
		keyBytes = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 };
		try {
			keyBytes = key.getBytes("UTF8");
			SecretKeySpec skey = new SecretKeySpec(keyBytes, "AES");
			byte[] input = strToEncrypt.trim().getBytes("UTF8");

			synchronized (Cipher.class) {
				Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
				cipher.init(Cipher.ENCRYPT_MODE, skey);

				byte[] cipherText = new byte[cipher.getOutputSize(input.length)];

				int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
				ctLength += cipher.doFinal(cipherText, ctLength);

				String encryptedString = new String(org.bouncycastle.util.encoders.Base64.encode(cipherText), "UTF8");
				return encryptedString.trim();
			}
		} catch (UnsupportedEncodingException uee) {
            //log.error("Crypto Exception:", uee);
			System.out.println("Crypto Exception1:"+ uee.getLocalizedMessage());
		} catch (IllegalBlockSizeException ibse) {
            //log.error("Crypto Exception:", ibse);
			System.out.println("Crypto Exception2:"+ ibse.getLocalizedMessage());
		} catch (BadPaddingException bpe) {
            //log.error("Crypto Exception:", bpe);
			System.out.println("Crypto Exception3:"+ bpe.getLocalizedMessage());
		} catch (InvalidKeyException ike) {
            //log.error("Crypto Exception:", ike);
			System.out.println("Crypto Exception4:"+ ike.getLocalizedMessage());
		} catch (NoSuchPaddingException nspe) {
            //log.error("Crypto Exception:", nspe);
			System.out.println("Crypto Exception5:"+ nspe.getLocalizedMessage());
		} catch (NoSuchAlgorithmException nsae) {
            //log.error("Crypto Exception:", nsae);
			System.out.println("Crypto Exception6:"+ nsae.getLocalizedMessage());
		} catch (ShortBufferException e) {
            //log.error("Crypto Exception:", e);
			System.out.println("Crypto Exception7:"+ e.getLocalizedMessage());
		}
		return null;
	}

	public static String decryptWithAES(String key, String strToDecrypt) {
		Security.addProvider(new BouncyCastleProvider());
		byte[] keyBytes = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13,
				0x14, 0x15, 0x16, 0x17 };
		try {
			keyBytes = key.getBytes("UTF8");
			SecretKeySpec skey = new SecretKeySpec(keyBytes, "AES");
			byte[] input = org.bouncycastle.util.encoders.Base64.decode(strToDecrypt.trim().getBytes("UTF8"));

			synchronized (Cipher.class) {
				Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
				cipher.init(Cipher.DECRYPT_MODE, skey);

				byte[] plainText = new byte[cipher.getOutputSize(input.length)];
				
				int ptLength = cipher.update(input, 0, input.length, plainText, 0);
				ptLength += cipher.doFinal(plainText, ptLength);
				String decryptedString = new String(plainText, "UTF8");
				return decryptedString.trim();
			}
        } catch (UnsupportedEncodingException uee) {
            //log.error("Crypto Exception:", uee);
        } catch (IllegalBlockSizeException ibse) {
            //log.error("Crypto Exception:", ibse);
        } catch (BadPaddingException bpe) {
            //log.error("Crypto Exception:", bpe);
        } catch (InvalidKeyException ike) {
            //log.error("Crypto Exception:", ike);
        } catch (NoSuchPaddingException nspe) {
            //log.error("Crypto Exception:", nspe);
        } catch (NoSuchAlgorithmException nsae) {
            //log.error("Crypto Exception:", nsae);
        } catch (ShortBufferException e) {
            //log.error("Crypto Exception:", e);
        }
		return null;
	}

	public static void main(String[] args) {

		String key = new String("682ede816988e58fb6d057d9d85605e0");
		String enc = encrypt("55880");
		System.out.println("Encrypted Pin is : "+enc);

		System.out.println("Decrypted Pin is : "+decrypt(enc));
	}
	
	
	
}

Response Code Details


{
    "requestId": "848624438861",
    "errorCode": "01",
    "errorMessage": "Invalid Authorization Header"
}


{ "requestId": "848624438861", "errorCode": "02", "errorMessage": "Bad Request - Invalid Cnic" }
{ "requestId": "3091624162362", "errorCode": "02", "errorMessage": "Bad Request - Invalid MobileNumber" }
{ "requestId": "3091626060511", "errorCode": "02", "errorMessage": "Bad Request - Invalid ConsumerName" }
{ "requestId": "3091726063961", "errorCode": "02", "errorMessage": "Bad Request - Invalid AccountTitle" }
{ "requestId": "848726338311", "errorCode": "02", "errorMessage": "Bad Request - Invalid BirthPlace" }
{ "requestId": "848726338312", "errorCode": "02", "errorMessage": "Bad Request - Invalid PresentAddress" }
{ "requestId": "848726341341", "errorCode": "02", "errorMessage": "Bad Request - Invalid CnicStatus" }
{ "requestId": "848726341342", "errorCode": "02", "errorMessage": "Bad Request - Invalid CnicExpiry" }
{ "requestId": "848626346341", "errorCode": "02", "errorMessage": "Bad Request - Invalid DOB" }
{ "requestId": "848626346342", "errorCode": "02", "errorMessage": "Bad Request - Invalid FatherHusbandName" }
{ "requestId": "848726349851", "errorCode": "02", "errorMessage": "Bad Request - Invalid MotherMaiden" }
{ "requestId": "848726349852", "errorCode": "02", "errorMessage": "Bad Request - Invalid Gender" }
{ "requestId": "3091726083901", "errorCode": "02", "errorMessage": "Bad Request - Invalid AccountType" }
{ "requestId": "3091726083901", "errorCode": "06", "errorMessage": "Bad Request - Invalid OTP" }
{ "requestId": "3091726083901", "errorCode": "03", "errorMessage": "Invalid Request Payload" }
{ "requestId": "3091726083901", "errorCode": "04", "errorMessage": "Resource not found" }
{ "requestId": "3091726083901", "errorCode": "05", "errorMessage": "Invalid Access Token" }
{
    "ResponseCode": "00",
    "ResponseDescription": "Successful",
    "Rrn": "3091723912433",
    "MobileNumber": "03354522607",
    "Cnic": "3578414402451"
    
}

FAQs

We take security very seriously. This API will make sure you execute your transactions in a safe and controlled environment. We are using the OAuth2 security mechanism.

This API can power your app with a robust set of permission-based consumer and business account and transactional data while adhering to bank-level security requirements. Effectively managing data is also key for regulatory reporting. You use the API to authenticate your users easily through your web/desktop and mobile applications. This will enable you to extend reach and attract additional customers.

In order to actually access the account and retrieve the requested data, account holders need to authorize your application and allow it to access their account. This is achieved using OAuth 2.

The Client Token, commonly referred to as access_token in code samples, is a credential that can be used by a client to access an API.

You can find all the validation rules under the API docs.



Prerequisite(s)

1. (1.1)Authentication Bear OAuth access token

1.2. Account Verification

Working...