Fileactive Real Time Notification API Fileactive Real Time Notification API
API docs by Redocly

Fileactive Real Time Notification API (1.1.3)

Download OpenAPI specification:Download

Fileactive Real Time Notification API.

It is important for customers using the Real Time Payment Notification service to verify the x-Notification-Signature prior to processing the Notification. JWS Algorithm is RS256.

It is important for customers using the Real Time Payment Notification service to check for duplicate notifications. Duplicate notifications can arise when there're system or network issues followed by automated or manual retries. ANZ recommends duplicate checking be based on the transaction identifier account_servicer_reference . Performing this check will ensure multiple instances of the same notification are not processed more than once.

Payment Notification

API publishes a notification when settled funds sent are credited to a customer's ANZ bank account.

Real Time Notification NPP

API publishes a notification when settled funds sent via NPP are credited to a customer's ANZ bank account.

RTN Additional Information
Authorizations:
apiKeyAuth
header Parameters
x-Message-Id
required
string <uuid>
Example: 2157f49a-01d7-4e1a-aa0e-422073a312b8

Duplicate check using point to point reference, as assigned by the instructing party, and sent to the next party in the chain to unambiguously identify the message

Refer to account_servicer_reference for transaction level duplicate checking

x-Notification-Signature
required
string
Example: chyG_yfwgiYigKenK3RF0mkB6-qQhYRECxF6ls-P6n4lpfgg8Q9naMuOcYu1-xW4MiaOWdB3uqmfck_KjFzYy3QF46TzFft2JqWvqOCB2_ZkNAZppRGFnjHd0vJ7STZt4dFA3GcU5gUpr3hLQfPDjqdofp0Z44_4Aat4DopEqRnNK9PdntkkbXgyKeDBx7NJV7dC1UstodLHG7nPZ3L0eVGXfw97lKEDcXAKgfrE-A-7_UbGixO7J2eX_PlfyEQt9h1L-2-Q5pRtyYpyY9XSp6kMl4bN9geuDsqtE5iFh68dV7Nl0ykdo68CYmEQpVY_6G3j79vPeeSyhs11eTlt6g

The webhook includes a singature of the payload. The consumer is required to verify the signature prior to processing the RTN.

To verify the signature

  1. Reconstruct the JWT
    1. BASE64 encode the JWT header i.e. {"alg":"RS256","typ":"JWT"}
    2. BASE64 encode the JWT payload i.e. Request Body
    3. Extract signature from header x-Notification-Signature
    4. Concatenate all 3 components separated by "." (period) i.e. header.payload.signature
  2. Call JWT function to verify the signature using the ANZ provided public key, algorithm RS256 and the reconstructed JWT
    1. If valid signature then process RTN
    2. If invalid signature then reject RTN with a HTTP 401 (unauthorised)
Request Body schema: application/json

Notification to customer of an NPP payment

message_identifier
required
string [ 1 .. 35 ] characters

Point to point reference, as assigned by the account servicing institution, and sent to the account owner or the party authorised to receive the message, to unambiguously identify the message.

creation_date_time
required
string^(?:[1-9]\d{3}-(?:(?:0[1-9]|1[0-2])-(?:0[1-9]...

UTC Date/Time the message was generated ISODateTime YYYY-MM-DDTHH:MM:SSZ

required
Array of objects non-empty

Only a single notification per message will be provided

Responses

Request samples

Content type
application/json
{
  • "message_identifier": "2157F49A01D74E1AAA0E422073A312B8",
  • "creation_date_time": "2022-10-13T22:46:26.8382745+00:00",
  • "notification": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "a27f873f-663e-49c2-a688-10fd1c5ffe11",
  • "status": "Notification Received"
}

Real Time Notification SG FAST

API publishes a notification when settled funds sent via SG FAST are credited to a customer's ANZ bank account.

RTN Additional Information
Authorizations:
apiKeyAuth
header Parameters
x-Message-Id
required
string <uuid>
Example: 2157f49a-01d7-4e1a-aa0e-422073a312b8

Duplicate check using point to point reference, as assigned by the instructing party, and sent to the next party in the chain to unambiguously identify the message

Refer to account_servicer_reference for transaction level duplicate checking

x-Notification-Signature
required
string
Example: chyG_yfwgiYigKenK3RF0mkB6-qQhYRECxF6ls-P6n4lpfgg8Q9naMuOcYu1-xW4MiaOWdB3uqmfck_KjFzYy3QF46TzFft2JqWvqOCB2_ZkNAZppRGFnjHd0vJ7STZt4dFA3GcU5gUpr3hLQfPDjqdofp0Z44_4Aat4DopEqRnNK9PdntkkbXgyKeDBx7NJV7dC1UstodLHG7nPZ3L0eVGXfw97lKEDcXAKgfrE-A-7_UbGixO7J2eX_PlfyEQt9h1L-2-Q5pRtyYpyY9XSp6kMl4bN9geuDsqtE5iFh68dV7Nl0ykdo68CYmEQpVY_6G3j79vPeeSyhs11eTlt6g

The webhook includes a singature of the payload. The consumer is required to verify the signature prior to processing the RTN.

To verify the signature

  1. Reconstruct the JWT
    1. BASE64 encode the JWT header i.e. {"alg":"RS256","typ":"JWT"}
    2. BASE64 encode the JWT payload i.e. Request Body
    3. Extract signature from header x-Notification-Signature
    4. Concatenate all 3 components separated by "." (period) i.e. header.payload.signature
  2. Call JWT function to verify the signature using the ANZ provided public key, algorithm RS256 and the reconstructed JWT
    1. If valid signature then process RTN
    2. If invalid signature then reject RTN with a HTTP 401 (unauthorised)
Request Body schema: application/json

Notification to customer of a SG FAST payment

message_identifier
required
string [ 1 .. 35 ] characters

Point to point reference, as assigned by the account servicing institution, and sent to the account owner or the party authorised to receive the message, to unambiguously identify the message.

creation_date_time
required
string^(?:[1-9]\d{3}-(?:(?:0[1-9]|1[0-2])-(?:0[1-9]...

UTC Date/Time the message was generated ISODateTime YYYY-MM-DDTHH:MM:SSZ

required
Array of objects non-empty

Only a single notification per message will be provided

Responses

Request samples

Content type
application/json
{
  • "message_identifier": "2157F49A01D74E1AAA0E422073A312B8",
  • "creation_date_time": "2022-10-13T22:46:26.8382745+00:00",
  • "notification": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "a27f873f-663e-49c2-a688-10fd1c5ffe11",
  • "status": "Notification Received"
}

BankToCustomerDebitCreditNotificationNPP

message_identifier
required
string [ 1 .. 35 ] characters

Point to point reference, as assigned by the account servicing institution, and sent to the account owner or the party authorised to receive the message, to unambiguously identify the message.

creation_date_time
required
string^(?:[1-9]\d{3}-(?:(?:0[1-9]|1[0-2])-(?:0[1-9]...

UTC Date/Time the message was generated ISODateTime YYYY-MM-DDTHH:MM:SSZ

required
Array of objects non-empty

Only a single notification per message will be provided

{
  • "message_identifier": "2157F49A01D74E1AAA0E422073A312B8",
  • "creation_date_time": "2022-10-13T22:46:26.8382745+00:00",
  • "notification": [
    ]
}

BankToCustomerDebitCreditNotificationSGFast

message_identifier
required
string [ 1 .. 35 ] characters

Point to point reference, as assigned by the account servicing institution, and sent to the account owner or the party authorised to receive the message, to unambiguously identify the message.

creation_date_time
required
string^(?:[1-9]\d{3}-(?:(?:0[1-9]|1[0-2])-(?:0[1-9]...

UTC Date/Time the message was generated ISODateTime YYYY-MM-DDTHH:MM:SSZ

required
Array of objects non-empty

Only a single notification per message will be provided

{
  • "message_identifier": "2157F49A01D74E1AAA0E422073A312B8",
  • "creation_date_time": "2022-10-13T22:46:26.8382745+00:00",
  • "notification": [
    ]
}