Sample code for 30+ languages & platforms
Delphi DLL

Ibanity XS2A List Financial Institutions

See more Ibanity Examples

Demonstrates how to send a request to get a list of financial institutions.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Http, CkDateTime, Rsa, StringBuilder, JsonObject, PrivateKey, Cert, Crypt2;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
cert: HCkCert;
dtNow: HCkDateTime;
created: PWideChar;
crypt2: HCkCrypt2;
sbDigestHdrValue: HCkStringBuilder;
request_target: PWideChar;
sbSigningString: HCkStringBuilder;
signed_headers_list: PWideChar;
privKey: HCkPrivateKey;
rsa: HCkRsa;
sigBase64: PWideChar;
sbSigHeaderValue: HCkStringBuilder;
http: HCkHttp;
sbResponseBody: HCkStringBuilder;
jResp: HCkJsonObject;
respStatusCode: Integer;
attributesBic: PWideChar;
attributesBulkPaymentsEnabled: Boolean;
attributesCountry: PWideChar;
attributesFinancialInstitutionCustomerReferenceRequired: Boolean;
attributesFutureDatedPaymentsAllowed: Boolean;
attributesLogoUrl: PWideChar;
attributesMaintenanceFrom: PWideChar;
attributesMaintenanceTo: PWideChar;
attributesMaintenanceType: PWideChar;
attributesMaxRequestedAccountReferences: PWideChar;
attributesMinRequestedAccountReferences: Integer;
attributesName: PWideChar;
attributesPaymentsEnabled: Boolean;
attributesPeriodicPaymentsEnabled: Boolean;
attributesPrimaryColor: PWideChar;
attributesRequiresCredentialStorage: Boolean;
attributesRequiresCustomerIpAddress: Boolean;
attributesSandbox: Boolean;
attributesSecondaryColor: PWideChar;
attributesSharedBrandName: PWideChar;
attributesSharedBrandReference: PWideChar;
attributesStatus: PWideChar;
id: PWideChar;
linksSelf: PWideChar;
v_type: PWideChar;
j: Integer;
count_j: Integer;
strVal: PWideChar;
linksFirst: PWideChar;
metaPagingLimit: Integer;
i: Integer;
count_i: Integer;

begin
success := False;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

//  Send the following request:

// $ curl -X GET https://api.ibanity.com/xs2a/financial-institutions \
// --cert certificate.pem \
// --key private_key.pem \
// -H 'Signature: keyId="75b5d796-de5c-400a-81ce-e72371b01cbc",created=1599659223,algorithm="hs2019",headers="(request-target) digest (created) host",signature="BASE64(RSA-SHA256(SIGNING_STRING))"' \
// -H 'Digest: SHA-512=beDaRguyEb8fhh5wnl37bOTDtvhuYZyZNkTZ9LiC9Wc='

// Ibanity provides the certificate + private key in PFX format.  This example will use the .pfx instead of the pair of PEM files.
// (It is also possible to implement using Chilkat with the PEM files, but PFX is easier.)
cert := CkCert_Create();
success := CkCert_LoadPfxFile(cert,'qa_data/pfx/my_ibanity_certificate.pfx','my_pfx_password');
if (success = False) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;

// We need to calculate the Digest and Signature header fields.
// For a detailed explanation, see Calculate Ibanity HTTP Signature Example

// We'll just write the code here as briefly as possible.

dtNow := CkDateTime_Create();
CkDateTime_SetFromCurrentSystemTime(dtNow);
created := CkDateTime__getAsUnixTimeStr(dtNow,False);

crypt2 := CkCrypt2_Create();
CkCrypt2_putHashAlgorithm(crypt2,'sha512');
CkCrypt2_putEncodingMode(crypt2,'base64');

sbDigestHdrValue := CkStringBuilder_Create();
CkStringBuilder_Append(sbDigestHdrValue,'SHA-512=');
// GET requests have empty payloads.  The SHA-512 hash of the empty string is the same for all GET requests.
// Therefore all GET requests will use "z4PhNX7vuL3xVChQ1m2AB9Yg5AULVxXcg/SpIdNs6c5H0NE8XYXysP+DGNKHfuwvY7kxvUdBeoGlODJ6+SfaPg=="
// You can eliminate the explicit hash computation (for GET requests) and simply use the above literal string.
CkStringBuilder_Append(sbDigestHdrValue,CkCrypt2__hashStringENC(crypt2,''));

Memo1.Lines.Add('Generated Digest');
Memo1.Lines.Add(CkStringBuilder__getAsString(sbDigestHdrValue));

request_target := 'get /xs2a/financial-institutions';

sbSigningString := CkStringBuilder_Create();
CkStringBuilder_Append(sbSigningString,'(request-target): ');
CkStringBuilder_AppendLine(sbSigningString,request_target,False);
CkStringBuilder_Append(sbSigningString,'host: ');
CkStringBuilder_AppendLine(sbSigningString,'api.ibanity.com',False);
CkStringBuilder_Append(sbSigningString,'digest: ');
CkStringBuilder_AppendLine(sbSigningString,CkStringBuilder__getAsString(sbDigestHdrValue),False);
CkStringBuilder_Append(sbSigningString,'(created): ');
CkStringBuilder_Append(sbSigningString,created);
// ibanity-idempotency-key is not used with GET requests.

Memo1.Lines.Add('Signing String:');
Memo1.Lines.Add(CkStringBuilder__getAsString(sbSigningString));

signed_headers_list := '(request-target) host digest (created)';

privKey := CkPrivateKey_Create();
success := CkPrivateKey_LoadEncryptedPemFile(privKey,'my_ibanity_signature_private_key.pem','pem_password');
if (success = False) then
  begin
    Memo1.Lines.Add(CkPrivateKey__lastErrorText(privKey));
    Exit;
  end;

rsa := CkRsa_Create();
CkRsa_putPssSaltLen(rsa,32);
CkRsa_putEncodingMode(rsa,'base64');
// Use the RSASSA-PSS signature algorithm
CkRsa_putPkcsPadding(rsa,False);

success := CkRsa_UsePrivateKey(rsa,privKey);
if (success = False) then
  begin
    Memo1.Lines.Add(CkRsa__lastErrorText(rsa));
    Exit;
  end;

// Sign the signing string.
sigBase64 := CkRsa__signStringENC(rsa,CkStringBuilder__getAsString(sbSigningString),'sha-256');
if (CkRsa_getLastMethodSuccess(rsa) = False) then
  begin
    Memo1.Lines.Add(CkRsa__lastErrorText(rsa));
    Exit;
  end;

Memo1.Lines.Add('Signature:');
Memo1.Lines.Add(sigBase64);

// Build the signature header value.
sbSigHeaderValue := CkStringBuilder_Create();
CkStringBuilder_Append(sbSigHeaderValue,'keyId="');
// Use your identifier for the application's signature certificate, obtained from the Developer Portal
CkStringBuilder_Append(sbSigHeaderValue,'a0ce296d-84c8-4bd5-8eb4-de0339950cfa');
CkStringBuilder_Append(sbSigHeaderValue,'",created=');
CkStringBuilder_Append(sbSigHeaderValue,created);
CkStringBuilder_Append(sbSigHeaderValue,',algorithm="hs2019",headers="');
CkStringBuilder_Append(sbSigHeaderValue,signed_headers_list);
CkStringBuilder_Append(sbSigHeaderValue,'",signature="');
CkStringBuilder_Append(sbSigHeaderValue,sigBase64);
CkStringBuilder_Append(sbSigHeaderValue,'"');

// Send the GET request..
http := CkHttp_Create();

success := CkHttp_SetSslClientCert(http,cert);
if (success = False) then
  begin
    Memo1.Lines.Add(CkHttp__lastErrorText(http));
    Exit;
  end;

CkHttp_SetRequestHeader(http,'Signature',CkStringBuilder__getAsString(sbSigHeaderValue));
CkHttp_SetRequestHeader(http,'Digest',CkStringBuilder__getAsString(sbDigestHdrValue));

sbResponseBody := CkStringBuilder_Create();
success := CkHttp_QuickGetSb(http,'https://api.ibanity.com/xs2a/financial-institutions',sbResponseBody);
if (success = False) then
  begin
    Memo1.Lines.Add(CkHttp__lastErrorText(http));
    Exit;
  end;

jResp := CkJsonObject_Create();
CkJsonObject_LoadSb(jResp,sbResponseBody);
CkJsonObject_putEmitCompact(jResp,False);

Memo1.Lines.Add('Response Body:');
Memo1.Lines.Add(CkJsonObject__emit(jResp));

respStatusCode := CkHttp_getLastStatus(http);
Memo1.Lines.Add('Response Status Code = ' + IntToStr(respStatusCode));
if (respStatusCode >= 400) then
  begin
    Memo1.Lines.Add('Response Header:');
    Memo1.Lines.Add(CkHttp__lastHeader(http));
    Memo1.Lines.Add('Failed.');
    Exit;
  end;

// Sample output:
// (Sample code for parsing the JSON response is shown below)

// {
//   "data": [
//     {
//       "attributes": {
//         "authorizationModels": [
//           "detailed",
//           "financialInstitutionOffered"
//         ],
//         "bic": "NBBEBEBB203",
//         "bulkPaymentsEnabled": true,
//         "bulkPaymentsProductTypes": [
//           "sepaCreditTransfer"
//         ],
//         "country": null,
//         "financialInstitutionCustomerReferenceRequired": false,
//         "futureDatedPaymentsAllowed": true,
//         "logoUrl": "https://s3.eu-central-1.amazonaws.com/ibanity-production-financial-institution-assets/sandbox.png",
//         "maintenanceFrom": null,
//         "maintenanceTo": null,
//         "maintenanceType": null,
//         "maxRequestedAccountReferences": null,
//         "minRequestedAccountReferences": 0,
//         "name": "Bogus Financial",
//         "paymentsEnabled": true,
//         "paymentsProductTypes": [
//           "sepaCreditTransfer"
//         ],
//         "periodicPaymentsEnabled": true,
//         "periodicPaymentsProductTypes": [
//           "sepaCreditTransfer"
//         ],
//         "primaryColor": "#7d39ff",
//         "requiresCredentialStorage": false,
//         "requiresCustomerIpAddress": false,
//         "sandbox": true,
//         "secondaryColor": "#3DF2C2",
//         "sharedBrandName": null,
//         "sharedBrandReference": null,
//         "status": "beta"
//       },
//       "id": "2d3d70a4-cb3c-477c-97e1-cbe495b82841",
//       "links": {
//         "self": "https://api.ibanity.com/xs2a/financial-institutions/2d3d70a4-cb3c-477c-97e1-cbe495b82841"
//       },
//       "type": "financialInstitution"
//     },
//     {
//       "attributes": {
//         "authorizationModels": [
//           "detailed",
//           "financialInstitutionOffered"
//         ],
//         "bic": "NBBEBEBB203",
//         "bulkPaymentsEnabled": true,
//         "bulkPaymentsProductTypes": [
//           "sepaCreditTransfer"
//         ],
//         "country": null,
//         "financialInstitutionCustomerReferenceRequired": false,
//         "futureDatedPaymentsAllowed": true,
//         "logoUrl": "https://s3.eu-central-1.amazonaws.com/ibanity-production-financial-institution-assets/sandbox.png",
//         "maintenanceFrom": null,
//         "maintenanceTo": null,
//         "maintenanceType": null,
//         "maxRequestedAccountReferences": null,
//         "minRequestedAccountReferences": 0,
//         "name": "XYZ Trust",
//         "paymentsEnabled": true,
//         "paymentsProductTypes": [
//           "sepaCreditTransfer"
//         ],
//         "periodicPaymentsEnabled": true,
//         "periodicPaymentsProductTypes": [
//           "sepaCreditTransfer"
//         ],
//         "primaryColor": "#7d39ff",
//         "requiresCredentialStorage": false,
//         "requiresCustomerIpAddress": false,
//         "sandbox": true,
//         "secondaryColor": "#3DF2C2",
//         "sharedBrandName": null,
//         "sharedBrandReference": null,
//         "status": "beta"
//       },
//       "id": "d4100f28-936b-4379-a3f8-86314a2014fb",
//       "links": {
//         "self": "https://api.ibanity.com/xs2a/financial-institutions/d4100f28-936b-4379-a3f8-86314a2014fb"
//       },
//       "type": "financialInstitution"
//     }
//   ],
//   "links": {
//     "first": "https://api.ibanity.com/xs2a/financial-institutions"
//   },
//   "meta": {
//     "paging": {
//       "limit": 10
//     }
//   }
// }

// Sample code for parsing the JSON response...
// Use the following online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON

linksFirst := CkJsonObject__stringOf(jResp,'links.first');
metaPagingLimit := CkJsonObject_IntOf(jResp,'meta.paging.limit');
i := 0;
count_i := CkJsonObject_SizeOfArray(jResp,'data');
while i < count_i do
  begin
    CkJsonObject_putI(jResp,i);
    attributesBic := CkJsonObject__stringOf(jResp,'data[i].attributes.bic');
    attributesBulkPaymentsEnabled := CkJsonObject_BoolOf(jResp,'data[i].attributes.bulkPaymentsEnabled');
    attributesCountry := CkJsonObject__stringOf(jResp,'data[i].attributes.country');
    attributesFinancialInstitutionCustomerReferenceRequired := CkJsonObject_BoolOf(jResp,'data[i].attributes.financialInstitutionCustomerReferenceRequired');
    attributesFutureDatedPaymentsAllowed := CkJsonObject_BoolOf(jResp,'data[i].attributes.futureDatedPaymentsAllowed');
    attributesLogoUrl := CkJsonObject__stringOf(jResp,'data[i].attributes.logoUrl');
    attributesMaintenanceFrom := CkJsonObject__stringOf(jResp,'data[i].attributes.maintenanceFrom');
    attributesMaintenanceTo := CkJsonObject__stringOf(jResp,'data[i].attributes.maintenanceTo');
    attributesMaintenanceType := CkJsonObject__stringOf(jResp,'data[i].attributes.maintenanceType');
    attributesMaxRequestedAccountReferences := CkJsonObject__stringOf(jResp,'data[i].attributes.maxRequestedAccountReferences');
    attributesMinRequestedAccountReferences := CkJsonObject_IntOf(jResp,'data[i].attributes.minRequestedAccountReferences');
    attributesName := CkJsonObject__stringOf(jResp,'data[i].attributes.name');
    attributesPaymentsEnabled := CkJsonObject_BoolOf(jResp,'data[i].attributes.paymentsEnabled');
    attributesPeriodicPaymentsEnabled := CkJsonObject_BoolOf(jResp,'data[i].attributes.periodicPaymentsEnabled');
    attributesPrimaryColor := CkJsonObject__stringOf(jResp,'data[i].attributes.primaryColor');
    attributesRequiresCredentialStorage := CkJsonObject_BoolOf(jResp,'data[i].attributes.requiresCredentialStorage');
    attributesRequiresCustomerIpAddress := CkJsonObject_BoolOf(jResp,'data[i].attributes.requiresCustomerIpAddress');
    attributesSandbox := CkJsonObject_BoolOf(jResp,'data[i].attributes.sandbox');
    attributesSecondaryColor := CkJsonObject__stringOf(jResp,'data[i].attributes.secondaryColor');
    attributesSharedBrandName := CkJsonObject__stringOf(jResp,'data[i].attributes.sharedBrandName');
    attributesSharedBrandReference := CkJsonObject__stringOf(jResp,'data[i].attributes.sharedBrandReference');
    attributesStatus := CkJsonObject__stringOf(jResp,'data[i].attributes.status');
    id := CkJsonObject__stringOf(jResp,'data[i].id');
    linksSelf := CkJsonObject__stringOf(jResp,'data[i].links.self');
    v_type := CkJsonObject__stringOf(jResp,'data[i].type');
    j := 0;
    count_j := CkJsonObject_SizeOfArray(jResp,'data[i].attributes.authorizationModels');
    while j < count_j do
      begin
        CkJsonObject_putJ(jResp,j);
        strVal := CkJsonObject__stringOf(jResp,'data[i].attributes.authorizationModels[j]');
        j := j + 1;
      end;

    j := 0;
    count_j := CkJsonObject_SizeOfArray(jResp,'data[i].attributes.bulkPaymentsProductTypes');
    while j < count_j do
      begin
        CkJsonObject_putJ(jResp,j);
        strVal := CkJsonObject__stringOf(jResp,'data[i].attributes.bulkPaymentsProductTypes[j]');
        j := j + 1;
      end;

    j := 0;
    count_j := CkJsonObject_SizeOfArray(jResp,'data[i].attributes.paymentsProductTypes');
    while j < count_j do
      begin
        CkJsonObject_putJ(jResp,j);
        strVal := CkJsonObject__stringOf(jResp,'data[i].attributes.paymentsProductTypes[j]');
        j := j + 1;
      end;

    j := 0;
    count_j := CkJsonObject_SizeOfArray(jResp,'data[i].attributes.periodicPaymentsProductTypes');
    while j < count_j do
      begin
        CkJsonObject_putJ(jResp,j);
        strVal := CkJsonObject__stringOf(jResp,'data[i].attributes.periodicPaymentsProductTypes[j]');
        j := j + 1;
      end;

    i := i + 1;
  end;

CkCert_Dispose(cert);
CkDateTime_Dispose(dtNow);
CkCrypt2_Dispose(crypt2);
CkStringBuilder_Dispose(sbDigestHdrValue);
CkStringBuilder_Dispose(sbSigningString);
CkPrivateKey_Dispose(privKey);
CkRsa_Dispose(rsa);
CkStringBuilder_Dispose(sbSigHeaderValue);
CkHttp_Dispose(http);
CkStringBuilder_Dispose(sbResponseBody);
CkJsonObject_Dispose(jResp);

end;