openapi: 3.0.3 info: description: | # Credit App offers a suite of APIs that allow developers to extend the platform’s built-in features. These APIs allow app developers to read and write data, interoperate with other systems and platforms, and add new functionality to Credit App. When you make a request to the REST API, you will specify an HTTP method and a path. Additionally, you might also specify request headers and path, query, or body parameters. The API will return the response status code, response headers, and potentially a response body. The REST API reference documentation describes the HTTP method, path, and parameters for every operation. It also displays example requests and responses for each operation. # Guides We **strongly** recommend you check out the [guides](/guides/intro) section before you start using the Credit App REST API. The guides provide detailed information on how to use the REST API, including examples and best practices. # Requirements for using the Credit App REST API - All APIs require developers to request access and be granted an API key. - All APIs require developers to [authenticate](/guides/Authentication). # Deprecated APIs Deprecated APIs remain available but are unsupported and can stop working at any time. Developers should migrate to supported alternatives as soon as possible. # Authentication All incoming requests to the Credit App API must be authenticated. Bearer authentication is used to authenticate requests. HMAC signatures are added to all outgoing webhook requests. Please see the guide on [authentication](/guides/Authentication) for more information. # Webhooks Webhooks allow apps to stay in sync with Credit App data or perform an action after a specific event occurs. Webhooks are a performant alternative to continuously polling for changes to data. For example, a webhook can notify your app when a decision has been made on an application by a creditor. Your app can then perform an action when the change occurs. This [guide](/guides/Webhooks/Webhook%20Intro) introduces how webhooks work, including how to configure a webhook for your app and manage webhooks. version: 1.0.0 title: Getting started with the Credit App REST API - Creditor Schema contact: name: API Support email: support@creditapp.ca servers: - url: /v1 security: - apiKey: [] paths: '/applications/{applicationId}/creditors/{creditorId}/decision': get: summary: Get the latest decision for a creditor on an application tags: - applications parameters: - name: applicationId in: path required: true schema: type: string - name: creditorId in: path required: true schema: type: string responses: '200': description: Gets the latest decision for a creditor content: application/json: schema: type: object properties: applicationId: type: string description: | The application ID. creditorId: type: string description: | The creditor ID. decision: description: The decision for the creditor example: APPROVED type: string enum: - BOOKED - DOCUMENTS_INCOMPLETE - APPROVED - CONDITIONALLY_APPROVED - DECLINED - WITHDRAWN - INCOMPLETE - AWAITING_DECISION - PENDING_BANK_CONNECTION - DRAFT firstPaymentDate: description: The date of the first payment example: '2020-01-01' type: string format: date paymentFrequency: description: The frequency of the payments example: MONTHLY type: string enum: - MONTHLY - SEMI_MONTHLY - WEEKLY - BI_WEEKLY interestRate: description: The interest rate for the loan example: 12.99 type: number paymentAmount: description: The payment amount example: 100 type: number conditions: description: The conditions for the loan example: Please provide a void cheque type: string post: summary: Create a creditor decision for an application tags: - applications parameters: - name: applicationId in: path required: true schema: type: string - name: creditorId in: path required: true schema: type: string requestBody: description: The creditor decision request content: application/json: schema: type: object properties: decision: description: The decision for the creditor example: APPROVED type: string enum: - BOOKED - DOCUMENTS_INCOMPLETE - APPROVED - CONDITIONALLY_APPROVED - WITHDRAWN - DECLINED - INCOMPLETE - PENDING_BANK_CONNECTION firstPaymentDate: description: The date of the first payment example: '2020-01-01' type: string format: date paymentFrequency: description: The frequency of the payments example: MONTHLY type: string enum: - MONTHLY - SEMI_MONTHLY - WEEKLY - BI_WEEKLY interestRate: description: The interest rate for the loan example: 12.99 type: number paymentAmount: description: The payment amount example: 100 type: number conditions: description: The conditions for the loan example: Please provide a void cheque type: string program: description: The program name for the loan example: Program 1 type: string tier: description: The tier name for the loan example: Tier 2 type: string salePrice: description: The purchase price for the vehicle example: 10000 type: number downPayment: description: The down payment for the vehicle example: 1000 type: number rebate: description: The rebate for the vehicle example: 500 type: number dealerAdminFee: description: The dealer admin fee for the vehicle example: 500 type: number gapInsurance: description: The gap insurance for the vehicle example: 400 type: number extendedWarranty: description: The extended warranty for the vehicle example: 300 type: number deliveryDate: description: The delivery date for the vehicle example: '2020-01-01' type: string format: date term: description: The term for the loan in months example: 60 type: integer gpsFee: description: The gps fee for the vehicle example: 100 type: number licenseFee: description: The license fee for the vehicle example: 600 type: number lenderAdminFee: description: The lender admin fee for the vehicle example: 400 type: number ppsaFee: description: The ppsa fee for the vehicle example: 400 type: number installationDeliveryFee: description: The installation delivery fee for the vehicle example: 200 type: number lifeInsuranceFee: description: The life insurance fee example: 100 type: number ahInsuranceFee: description: The accident and health insurance fee example: 100 type: number otherNonTaxable: type: number description: | Other Non-Taxable amounts otherTaxable: type: number description: | Other Taxable amounts taxProvince: type: string enum: - AB - BC - MB - NB - NL - NS - NT - NU - 'ON' - PE - QC - SK - YT required: - applicationId - decision responses: '200': description: Gets the decision for a creditor '400': description: Bad Request content: application/json: schema: type: object properties: status: type: integer default: 400 message: type: string '/applications/{applicationId}/creditors/{creditorId}/comment': post: summary: Create a creditor comment for an application tags: - applications parameters: - name: applicationId in: path required: true schema: type: string - name: creditorId in: path required: true schema: type: string requestBody: description: The creditor decision request content: application/json: schema: type: object properties: userName: description: The user name for the comment example: John Doe type: string comment: description: The comment for the creditor example: This is a comment type: string required: - userName - comment responses: '200': description: Success '400': description: Bad Request content: application/json: schema: type: object properties: status: type: integer default: 400 message: type: string '/applications/{applicationId}/creditors/{creditorId}/income-status': post: summary: Set the income status of a creditor application tags: - applications parameters: - name: applicationId in: path required: true schema: type: string - name: creditorId in: path required: true schema: type: string requestBody: description: The desired income status content: application/json: schema: type: object properties: incomeStatus: description: The income status for the application example: VERIFIED type: string enum: - REQUIRED - VERIFIED - WAIVED required: - incomeStatus responses: '200': description: Success '400': description: Bad Request content: application/json: schema: type: object properties: status: type: integer default: 400 message: type: string /creditors/enable-integration: post: security: - apiKey: [] summary: Enable integration for a creditor description: >- Enable integration for a creditor, this endpoint is used for interactive login flow. The API key needs to be passed in the Authorization header. tags: - creditors requestBody: content: application/json: schema: type: object properties: creditorId: type: string format: uuid required: - creditorId responses: '200': description: The integration was enabled successfully '400': description: Bad Request content: application/json: schema: type: object properties: status: type: integer default: 400 message: type: string '401': description: Unauthorized '409': description: Conflict - the integration is not in requested status to be enabled content: application/json: schema: type: object properties: status: type: integer default: 400 message: type: string /creditors/disable-integration: post: security: - apiKey: [] summary: Disable integration for a creditor description: Disable integration for a creditor. tags: - creditors requestBody: content: application/json: schema: type: object properties: creditorId: type: string format: uuid reason: type: string description: The reason integration is being disabled example: >- Third party is rejecting authentication, re-authentication is required required: - creditorId responses: '200': description: The integration was disabled successfully '400': description: Bad Request content: application/json: schema: type: object properties: status: type: integer default: 400 message: type: string '401': description: Unauthorized /creditors/integration-status: post: security: - apiKey: [] summary: Set the status of an integration for a creditor description: >- Set the status of an integration. Integrations can use this endpoint to set the integration enablement status. The API key needs to be passed in the Authorization header. tags: - creditors requestBody: content: application/json: schema: type: object properties: creditorId: type: string format: uuid status: type: string enum: - REQUESTED - WAITING_FOR_SECOND_ACTIVATION_STEP - FAILED_TO_ENABLE required: - creditorId - status responses: '200': description: The status for the integration was set successfully '400': description: Bad Request content: application/json: schema: type: object properties: status: type: integer default: 400 message: type: string '401': description: Unauthorized '422': description: Unprocessable Entity content: application/json: schema: type: object properties: status: type: integer default: 400 message: type: string components: securitySchemes: apiKey: type: apiKey in: header name: Authorization