Instructions for TheBank.com API

This is a fake API for training purposes and TheBank.com doesn't exist. It is based on a real API, but we're not telling you which one ;-). See the blog post here for details.

We have a REST API for recording, recalling and editing transactions.

Requests are sent over HTTPs (this is recommended but not mandatory) via a get request to:

https://api.thebank.com/endpoint.shtml

Query parameters:

  1. UserId - your ID number
  2. API Key - a key assigned to your account
  3. method - the API method to invoke (see below)

You will also supply any additional parameters that the method requires.

Additionally, your API key and password, separated by a colon, must be hashed and sent in a HTTP Header, X-Secret-Key-Hash. The hashing is performed using SHA256.

Return code:

Every request will result in a HTTP 200, the body of the resonse will contain a string contains the details of any errors, or a "OK" string for success.

Eg: "Transaction failed, insufficient priviledge"

Or: "Transaction Suceeded"

Method reference

The API supports a series of methods:

MethodDetailParams
record record a transactionmethod=record
date=format mm/dd/yyyy
amount=value of sales
.... then a long series of methods (omitted), each with different parameters.

Example:

https://api.thebank.com/endpoint.shtml?userId=98763&apikey=Ajfn374AjMNs&method=record&date=01/31/2016&amount=14.99

X-Secret-Key-Hash: 86c6635240863643e02d533b0dea0d3dc94a420f02d0ca5517a7bd6ec7fe893f