Dedicated API for TPP Developers

fire.com provide an Open Banking v3.1 dedicated API for TPPs to access fire.com personal and business accounts.

fire.com Directory Information

While fire.com are using the Open Banking specification to provide its API, it is not a member the Open Banking Directory as an ASPSP.

All the required directory information is outlined below.

We recommend the use of the Forgerock test facility.

Open Banking API Version
v3.1

Auto-Registration Supported
Yes – https://dia-api.fire.com/tpp/register

Base API DNS URI
https://dia-api.fire.com

x-fapi-financial-id 
CPAY

Logo URI
https://www.fire.com/wp-content/uploads/2019/08/fire_logo.png

Developer Portal URL
https://www.fire.com/developers/tpp-api

OpenID Config Endpoint
https://dia.fire.com/.well-known/openid-configuration

Payload Signing Cert Location
https://dia.fire.com/.well-known/jwks.json

Discovery and Application Registration

The Open Banking specification for registering with Account Servicing Payment Service Providers (ASPSPs) is available on the Open Banking Confluence.

fire.com supports dynamic client registration (DCR), and uses tls_client_auth for registration endpoint authentication. The certificate used must match the certificate specified in your registration request (specified in the tls_client_auth_dn field), and must be present in your JWKS file.

Please use RFC1779 format when specifying Distinguished Names (DNs) of your certificates. e.g. CN=dia-api.fire.com, O=Fire Financial Services Limited, OID.2.5.4.97=PSDIE-CBI-C58301, L=Dublin, ST=Dublin, C=IE, OID.2.5.4.5=464819, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=IE. This is generally available as an option in most programming languages – e.g. for Java:

transportCert.getSubjectX500Principal().getName(X500Principal.RFC1779);

The OpenID Configuration at https://dia.fire.com/.well-known/openid-configuration specifies the various endpoints and algorithms supported by fire.com.

Register applications at https://dia.fire.com/tpp/register.

fire.com accepts SSAs signed by Open Banking or self-signed. If you are providing a self-signed SSA, create it as follows and sign it using your eIDAS QSealC key. All fields are required.

{
"iss": "Must match the organizationIdentifier (OID.2.5.4.97) from your eIDAS QSealC - e.g. PSDIE-CBI-C58301",
"org_jwks_endpoint": "A HTTPS URI pointing to your eIDAS QSealC public key in JWKS format",
"software_client_name": "Provide a name for the client. Will be visible to PSUs.",
"software_logo_uri": "A HTTPS URI to a PNG/JPG formatted logo for this client/company",
"org_id": "Must match the iss field above - e.g. PSDIE-CBI-C58301",
"org_name": "Must match the Organization Name (O) field in the eIDAS QSealC - e.g. Fire Financial Services Limited",
"jti": "Unique JWT ID"
}

Token Exchange

fire.com use tls_client_auth for token endpoint authentication. The certificate used must match the certificate specified in your Application registration request (specified in the tls_client_auth_dn field), and must be present in your JWKS file.

The token endpoint at https://dia.fire.com/oauth/token is used to retrieve access tokens.

Access Token for consent request.

Use a client_credentials grant with tls_client_auth to retrieve the access token.

fire.com access tokens are in JWT format, and expire in 600 seconds.

Account Information 

fire.com’s Account Information APIs enable you to access accountholder details, account information, balances and transaction history for fire.com business and personal PSUs.

The list of the PSU’s payees/beneficiaries and direct debit mandates is also available.

See the Open Banking Confluence page for Account Information API specifications.

The /accounts endpoint is paginated and will return a max of 25 accounts per page.

The /balances endpoint is paginated and will return a max of 25 accounts per page.

The /transactions and /accounts/{accountId}/transactions endpoints are paginated and will return a max of 25 transactions per page.

The /beneficiaries endpoints are paginated and will return a max of 25 beneficiaries per page.

The /accounts/{accountId}/beneficiaries endpoint will return only beneficiaries of the same currency as the account specified. For example, if {accountId} is a sterling account, only sterling beneficiaries will be returned.

fire.com beneficiaries are not tied to an account, so every account of the same currency will return the same list of beneficiaries.

The /direct-debits and /accounts/{accountId}/direct-debits endpoints are paginated and will return a max of 25 mandates per page.

The /party endpoint will return the details of the user who has signed into fire.com and provided the consent.

The /accounts/{accountId}/party endpoint provides the details of the account name for the specified fire.com account.

fire.com do not provide these endpoints.

Payment Initiation

fire.com’s Payment Initiation APIs enable you to initiate payments from a business or personal PSU account.

See the Open Banking Confluence page for Payment Initiation API specifications.

All fire.com payments – either in Sterling or Euro – are domestic payments. It is only possible to initiate sterling payments from fire.com sterling accounts, and euro payments from fire.com euro accounts.

fire.com do not currently support standing orders or scheduled payments.

fire.com treats the references and identifiers in the payment request as follows:

  • Initiation/EndToEndIdentification – at present it is not possible for the EndToEndIdentification to be passed in the payment. We are working on a fix for this.
  • Initiation/InstructionIdentification – ignored.
  • Initiation/RemittanceInformation/Unstructured – ignored.
  • Initiation/RemittanceInformation/Reference – this will appear on the payer and payee’s statement.
  • Initiation/CreditorAccount/Name – will be displayed on the fire.com PSU’s statement as the payee name.

Confirmation of Funds

fire.com’s Confirmation of Funds API enables you to obtain a Yes/No response indicating whether or not funds are available for a particular payment.

See the Open Banking Confluence page for Confirmation of Funds API specifications.

Event Notification

fire.com currently do not provide the event notification API.

Queries

If you have any queries regarding the fire.com Dedicated API, please get in touch by email at tpp@fire.com.