Enterprise API
Enterprise API refers to additional secured APIs outside the scope of PSD2. The API basically divides between fetching loan information for existing SBAB customers and sending pre-approval, loan applications and other support services around these flows.
Features:
- Individual mortgage rates
- Loan information
- Loan calculation
- Pre approval
- Morgage application (including support services)
For details about required authentication and applicable restrictions, read the authorization section.
And for clarity in this section, companies whose utilize this API will be referred as "partner", systems of the partner that interact with this API will be referred as "clients" and end-users of the partner systems will be referred as "applicants".
Test the API
Available flows
There are three available flows in the Enterprise API:
These flows are an integral to the communication with SBAB when using the Enterprise API. Please take your time to read through each one before proceeding.
Sandbox
Since digital signing of applications with BankID is a feature that is being currently rolled out to our partners, the Sandbox environment is still capable of simulating the old flow, where no signature is required.
For that, a header named SigningType is available for Loan Application requests, with a default value of NO_SIGNING.
Such value is backwards compatible, but new partners will be required to work with the flow described above, which is
used when the value is set to MAIN_APPLICANT_SIGNING. Please note that this header is not available in the production
system, and is present temporarily in the Sandbox for testing purposes.
Also, since the Sandbox environment does not include real BankID integration, there is an endpoint to simulate the action of the user signing the application in their BankID app. To further facilitate testing, the expiration date of applications is set to 15 minutes in this environment. Please check the Sandbox environment for further details.
In the production system, the change between the two modes can not be controlled by the client through the API, and is instead controlled server-side by SBAB, and for existing partners that currently use the flow without signatures a transition date will be negotiated.
At some point in the future, the old flow without digital signatures is going to be completely removed.
Future developments
By force of legal regulations, at some point in the future it will be mandatory that all applicants sign a Loan Application, not only the main one. The flow described above will continue to work as described, except that multiple signatures will be required for the application to proceed, one from every applicant (main and potential co-applicants).
In order to prepare for it, the SigningType header described above also supports a value of ALL_APPLICANTS_SIGNING,
which implements this behavior. The observed difference is that the status responses will include multiple applicants,
and all of them will require a successful signing before the loan application can proceed. All descriptions above
apply without further modifications for this flow.
Such modification will be in due time notified to all our partners, so they can have the time to adapt their integrations to our API.