Platform Integration
/
Consent Refresh
Last updated

Get the latest data from a connected user's account information by fetching the most up-to-date data for the consent. This feature is only available for Stored Data customers.

Atto APIs and Atto Dashboard allow data refreshes of consents to update stored account, balance, and transaction data.

Starting refresh flow

To refresh a consent via our APIs:

  1. Get an access token for Stored Data API using the Authorization API (scope should be api:stored_data).

  2. Send a POST request using the refresh endpoint along with the consent ID at:

    https://uk.api.atto.co/stored-data/v1/consents/{consentId}/refresh

Example Responses

{
  "statusCode": 200,
  "message": "Successfully completed data refresh"
}
{
  "statusCode": 403,
  "message": "The consent or account access has been revoked"
}
{
  "statusCode": 409,
  "message": "A refresh is already in progress for this consent"
}

To refresh a consent via Atto Dashboard:

  1. Navigate to the user whose data you would like to refresh.

  2. Click on the button under customer's name with the consent status information.

Consent Refresh flow step 1

  1. Click on Refresh Data button in the pop-up consent information dialogue.

Consent Refresh flow step 2

  1. The consent refresh request is now triggered and the consent status should change to Refreshing consent... while an up-to-date copy of data is retrieved and saved. Once successful, the consent status should revert back to display the consent expiry information.

Consent Refresh flow step 3

Consent Refresh flow step 4

Consent Refresh flow step 5

Note: If the customer has enabled multi-factor authentication (MFA), we may be unable to get up-to-date information for the user.

API Flow

Consent Refresh API flow diagram

Staggering Requests

Since refresh requests are quite data-intensive and may take several seconds to complete, it is recommended to stagger batch refresh requests according to our api rate limits.

We advise sending no more than 30 refresh requests over a 60 second period for smooth processing.

Refresh Rules

To keep it consistent across banks, only certain data is refreshed.

  • Account details with the exception of party data is always refreshed.
  • Balances are always refreshed.
  • Transactions are aggregated i.e. new data is merged with old data based on transactionId if that is present otherwise it is done using date of the transaction.
  • Any other data is not refreshed and will be kept from the initial connection.

Please note that only 4 refreshes per consent are allowed in a 24 hour period.

Previous page
Next page
API Support
Contact Us
Terms
All Rights Reserved © The IDCO. Ltd | Company registered in Scotland SC400459 | AISP registration number 798579 | Data Protection ICO number ZA384596