Introduction
Changelog
Usage
Authentication
Headers
Errors
Rate Limiting
Webhooks
OAuth 2.0
User
Devices
Aggregation
Bills
Budgets
Challenges
CDR
Configuration
Contacts
Events
Goals
Messages
Pay Day
Payments
Reports
Surveys
Calculators
Images
Financial Passport
Users
Accounts
Transactions

Request Headers

Header Example Description
Authorization Bearer <Access Token>/<Refresh Token>/<OTP> The Authorisation header must contain either the Access Token or the Refresh Token or the One Time Passowrd (depending on the API method) to authorise the user.
Content-Type application/json The content type of post requests must be JSON
Accept application/json The content type of responses will always be JSON
Accept-Encoding gzip, deflate The host support gzip compress of the responses if the accept-encoding header is set in the request
X-Bundle-Id us.frollo.Frollo The X-Bundle-Id header is used to describe the bundle ID of the client device
X-Software-Version V1.00-B1 The X-Software-Version header is used to describe the version of the Frollo app on the client device
X-Device-Version IOS10.0.0 The X-Device-Version header is used to specify the version of the client device
X-Api-Version 2.0 The X-Api-Version header is used to specify which version of the API the client wants to use
X-Background true The X-Background boolean header should be includued if the API requests are being generated by a “user not present” background task. This ensures that the requests are not registered as user activity.
X-User-Otp 123456 The X-User-Otp header is used to allow users to retry requests that return HTTP status code 401 and error F0120 - OTP Required with a valid OTP they have received to complete the additional security check