Skip to content
API Reference
/
Accounts
/
List User Accounts

Bermuda Commercial Bank RESTful Open Banking API Implementation (v1)

The Bermuda Commercial Bank (BCB) RESTful Open Banking API provides secure, programmatic access to BCB's banking services, enabling developers to integrate financial services into their applications.

Key Features

  • Account details retrieval
  • Internal transfers
  • Payments (Swift)
  • Transaction information access
  • Robust security and compliance
  • Comprehensive documentation

Available Environments

UAT Environment

URL: https://api-uat.bcb.bm

Purpose: Testing and integration

Production Environment

URL: https://api.bcb.bm

Purpose: Live production use

Download OpenAPI description
open-banking-api.json
open-banking-api.yaml
Overview
URL

https://www.bcb.bm

Bermuda Commercial Bank Limited, 34 Bermudiana Road, Hamilton HM 11, Bermuda

enquiries@bcb.bm

Languages
Servers
Mock server

https://developers.bcb.bm/_mock/apis/open-banking-api/open-banking-api/

UAT Environment - Used for testing and integration purposes

https://api-uat.bcb.bm/

Production Environment - Live environment for production use

https://api.bcb.bm/

Accounts

Operations

Account Details

Request

Retrieves the account details and balance. This endpoint requires authentication and returns comprehensive information for the specified account. The returned data includes:

  • Number: The human-readable account number assigned by the bank.
  • Label: A label provided by the account owner.
  • Owners: The list of users who own this account.
  • Type: The type of account.
  • Balance: The account's balance including currency and amount.
  • Account Attributes: Additional account information specific to Bermuda Commercial Bank.

Content Negotiation

Clients must use the HTTP Accept header to indicate the desired response format:

  • Set Accept: application/json for JSON responses (default).
  • Set Accept: text/csv for CSV responses. If the Accept header is omitted, application/json is assumed.

Base URL:

All API requests use the versioned base URL:

https://api.bcb.bm/v1/accounts

Sample Request in JavaScript:

async function getAccountDetails(accountNumber) {
  try {
    const response = await fetch(`https://api.bcb.bm/v1/accounts/${accountNumber}`, {
      method: 'GET',
      headers: {
        'Authorization': 'Bearer YOUR_ACCESS_TOKEN',
        'Content-Type': 'application/json',
        'Accept': 'application/json'
      }
    });

    if (!response.ok) {
      const errorData = await response.json();
      throw new Error(`Error: ${errorData.message || 'Unknown error'}`);
    }

    const data = await response.json();
    console.log('Account details:', data);

    // Example processing of the returned object
    const accountId = data.id;
    const accountNumber = data.number;
    const accountBalance = data.balance.amount;
    const accountCurrency = data.balance.currency;
    const accountStatus = data.accountAttributes.find(attr => attr.name === 'STATUS')?.value;
            
    console.log('Account ID:', accountId);
    console.log('Account Number:', accountNumber);
    console.log('Account Balance:', accountBalance);
    console.log('Account Currency:', accountCurrency);
    console.log('Account Status:', accountStatus);
            
    // Process all account attributes
    console.log('Account Attributes:');
    data.accountAttributes.forEach(attribute => {
      console.log(`${attribute.name}: ${attribute.value}`);
    });

    // Additional processing based on account status
    if (accountStatus === 'ACTIVE') {
      console.log('The account is active.');
    } else {
      console.log('The account is not active.');
    }
  } catch (error) {
    console.error('There was a problem with the fetch operation:', error.message);
  }
}

// Example usage:
getAccountDetails('YOUR_ACCOUNT_NUMBER');

Required Permission: get-account

This endpoint requires the permission claim get-account to be present in the JWT token. These permissions are embedded in the token during the authentication process and cannot be modified afterward. The token must be obtained with the appropriate permissions to access this endpoint.

Security
Authorization or Feature Permissions
Path
accountNumberstringrequired

The human-readable account number assigned by the bank.

curl -i -X GET \
  'https://developers.bcb.bm/_mock/apis/open-banking-api/open-banking-api/v1/accounts/{accountNumber}' \
  -H 'Authorization: Bearer <YOUR_jwt_HERE>'

Responses

OK - The request was successful.

Bodyapplication/json
accountIdstring

A unique ID of the account, composed of account number and CIF

cifstring

11-digit ID of the account holder

currencystring

Identification of the currency in which the account is held

accountSubTypestring

Specifies the sub type of account (product)

accountNumberstring

Account number

statusstring

Specifies the status of the account

availableBalanceCurrencyAmount (object)

Account balance

CurrencyAmount (object)

Account balance

ownersArray of objects(AccountOwner)

Ownership details of an account object

accountAttributesArray of objects(AccountAttribute)

Additional details or characteristics associated with an account object

accountTypestring

Specifies the type of account (personal/business)

nicknamestring

The nickname of the account, assigned by the account owner

openingDatestring

Date when the account was opened

balanceEffectiveDatestring

Date when the balance was last updated

accountRoutingsArray of objects(BankRouting)

Routing details for the account

Response
application/json
{
  "accountId": "1000078766-3000032",
  "cif": 3000032,
  "accountNumber": 1000078766,
  "status": "Active",
  "currency": "USD",
  "availableBalance": {
    "currency": "USD",
    "amount": 1000
  },
  "accountSubType": "BCB.CURRENT.ACCOUNT.C",
  "accountType": "Personal",
  "nickname": "CURRENT.ACCOUNTS",
  "openingDate": "2023-01-01T00:00:00.0000000Z",
  "balanceEffectiveDate": "2023-12-31T00:00:00.0000000Z",
  "accountRoutings": [
    {}
  ],
  "owners": [
    {},
    {}
  ],
  "accountAttributes": [
    {},
    {},
    {},
    {},
    {},
    {},
    {}
  ]
}

List User Accounts

Request

Retrieves a list of all accounts associated with the authenticated user's profile. This endpoint:

  • Uses the customer account number from the authenticated user's session to fetch all associated accounts.
  • Requires valid authentication.
  • Supports both JSON and CSV response formats based on the Accept header.
  • Returns a summary version of account information (AccountSummary) containing only essential fields
  • Supports cursor-based pagination for efficient handling of large account lists.

Pagination

This endpoint uses cursor-based pagination with server-side result-set management:

  • First Request: Optionally specify page_size (default: 100, max: 1000). The server creates a cursor and returns a page_token.
  • Subsequent Requests: Use the page_token from previous responses with page_start to navigate pages.
  • Page Token: Contains encoded pagination context including page_size, so don't specify page_size in subsequent requests.
  • Total Pages: Calculate using Math.ceil(total_size / page_size) from the response metadata.

Content Negotiation

Clients must use the HTTP Accept header to indicate the desired response format:

  • Set Accept: application/json for JSON responses (default).
  • Set Accept: text/csv for CSV responses. If the Accept header is omitted, application/json is assumed.

Base URL

All API requests use the versioned base URL:

https://api.bcb.bm/v1/accounts

Sample Request in JavaScript

async function getAllAccountsPaginated() {
  try {
    let allAccounts = [];
    let pageStart = 1;
    let pageToken = null;
    let totalPages = 0;

    do {
      // Build URL with pagination parameters
      let url = 'https://api.bcb.bm/v1/accounts';
      const params = new URLSearchParams();
      
      if (pageStart === 1) {
        // First request: specify page_size
        params.append('page_size', '100');
      } else {
        // Subsequent requests: use page_token and page_start
        params.append('page_token', pageToken);
        params.append('page_start', pageStart.toString());
      }
      
      if (params.toString()) {
        url += '?' + params.toString();
      }

      const response = await fetch(url, {
        method: 'GET',
        headers: {
          'Authorization': 'Bearer YOUR_ACCESS_TOKEN',
          'Content-Type': 'application/json',
          'Accept': 'application/json'
        }
      });

      if (!response.ok) {
        const errorData = await response.json();
        throw new Error(`Error: ${errorData.message || 'Unknown error'}`);
      }

      const data = await response.json();
      console.log(`Page ${pageStart} data:`, data);

      // Store pagination info from first request
      if (pageStart === 1 && data.meta && data.meta.pagination) {
        pageToken = data.meta.pagination.page_token;
        totalPages = Math.ceil(data.meta.pagination.total_size / data.meta.pagination.page_size);
        console.log(`Total pages: ${totalPages}, Page token: ${pageToken}`);
      }

      // Collect accounts from this page
      if (data.data && data.data.length > 0) {
        allAccounts.push(...data.data);
        console.log(`Collected ${data.data.length} accounts from page ${pageStart}`);
      }

      pageStart++;
    } while (pageStart <= totalPages);

    console.log(`Total accounts collected: ${allAccounts.length}`);

    // Process all collected accounts
    allAccounts.forEach((account, index) => {
      console.log(`Account ${index + 1}: ${account.number}`);
      console.log(`Balance: ${account.balance.amount} ${account.balance.currency}`);
    });

    return allAccounts;
  } catch (error) {
    console.error('There was a problem with the fetch operation:', error.message);
    throw error;
  }
}

// Alternative: Get single page of accounts
async function getAccountsPage(pageStart = 1, pageToken = null) {
  try {
    let url = 'https://api.bcb.bm/v1/accounts';
    const params = new URLSearchParams();
    
    if (pageStart === 1 && !pageToken) {
      params.append('page_size', '50'); // Custom page size
    } else {
      params.append('page_token', pageToken);
      params.append('page_start', pageStart.toString());
    }
    
    if (params.toString()) {
      url += '?' + params.toString();
    }

    const response = await fetch(url, {
      method: 'GET',
      headers: {
        'Authorization': 'Bearer YOUR_ACCESS_TOKEN',
        'Content-Type': 'application/json',
        'Accept': 'application/json'
      }
    });

    if (!response.ok) {
      const errorData = await response.json();
      throw new Error(`Error: ${errorData.message || 'Unknown error'}`);
    }

    const data = await response.json();
    console.log('Accounts page:', data);
    return data;
  } catch (error) {
    console.error('There was a problem with the fetch operation:', error.message);
    throw error;
  }
}

// Example usage:
getAllAccountsPaginated(); // Retrieves all accounts across multiple pages
// OR
getAccountsPage(1).then(firstPage => {
  console.log('First page:', firstPage);
  // Use firstPage.meta.pagination.page_token for subsequent requests
});

Required Permission: get-all-accounts

This endpoint requires the permission claim get-all-accounts to be present in the JWT token. These permissions are embedded in the token during the authentication process and cannot be modified afterward. The token must be obtained with the appropriate permissions to access this endpoint.

Security
Authorization or Feature Permissions
Query
pageStartinteger or null(int32)

Optional. The record from which the response should be displayed (default: 1). Use with page_token for subsequent requests.

pageSizeinteger or null(int32)

Optional. The total number of records per page (default: 100, max: 1000). Only specify in the first request - subsequent requests use the page_size embedded in the page_token.

pageTokenstring or null

Optional. Unique cursor ID received from previous response for subsequent requests. Contains encoded pagination context including page_size.

curl -i -X GET \
  'https://developers.bcb.bm/_mock/apis/open-banking-api/open-banking-api/v1/accounts?pageStart=0&pageSize=0&pageToken=string' \
  -H 'Authorization: Bearer <YOUR_jwt_HERE>'

Responses

OK – The request was successful.

Bodyapplication/json
meta(Meta (object or null))

Response metadata

(Meta (object or null))

Response metadata

dataArray of objects or null(Account)

Response data

Response
application/json
{
  "meta": {
    "pagination": {}
  },
  "data": [
    {},
    {}
  ]
}

List payment statuses for an account

Request

Retrieves status information for all payments associated with a specific account. This endpoint:

  • Provides comprehensive payment status details including type, status, transaction ID, external reference, remittance information, amounts, value date, and exchange rate.
  • Supports both JSON and CSV response formats based on the Accept header.
  • Supports cursor-based pagination for efficient handling of large payment status datasets.

Pagination

This endpoint uses cursor-based pagination with server-side result-set management:

  • First Request: Optionally specify pageSize (default: 100, max: 1000). The server creates a cursor and returns a pageToken.
  • Subsequent Requests: Use the pageToken from previous responses with pageStart to navigate pages.
  • Page Token: Contains encoded pagination context including pageSize, so don't specify pageSize in subsequent requests.
  • Total Pages: Calculate using Math.ceil(total_size / page_size) from the response metadata.

Content Negotiation

Clients must use the HTTP Accept header to indicate the desired response format:

  • Set Accept: application/json for JSON responses (default)
  • Set Accept: text/csv for CSV responses If the Accept header is omitted, application/json is assumed.

Base URL

All API requests use the versioned base URL:

https://api.bcb.bm/v1/accounts/{accountNumber}/payments

Sample Request in JavaScript

async function getAllPaymentStatusesPaginated(accountNumber) {
  try {
    let allPaymentStatuses = [];
    let pageStart = 1;
    let pageToken = null;
    let totalPages = 0;

    do {
      // Build URL with pagination parameters
      let url = `https://api.bcb.bm/v1/accounts/${accountNumber}/payments`;
      const params = new URLSearchParams();
      
      if (pageStart === 1) {
        // First request: specify pageSize
        params.append('pageSize', '100');
      } else {
        // Subsequent requests: use pageToken and pageStart
        params.append('pageToken', pageToken);
        params.append('pageStart', pageStart.toString());
      }
      
      if (params.toString()) {
        url += '?' + params.toString();
      }

      const response = await fetch(url, {
        method: 'GET',
        headers: {
          'Authorization': 'Bearer YOUR_ACCESS_TOKEN',
          'Content-Type': 'application/json',
          'Accept': 'application/json'
        }
      });

      if (!response.ok) {
        const errorData = await response.json();
        throw new Error(`Error: ${errorData.message || 'Unknown error'}`);
      }

      const data = await response.json();
      console.log(`Page ${pageStart} data:`, data);

      // Store pagination info from first request
      if (pageStart === 1 && data.meta && data.meta.pagination) {
        pageToken = data.meta.pagination.page_token;
        totalPages = Math.ceil(data.meta.pagination.total_size / data.meta.pagination.page_size);
        console.log(`Total pages: ${totalPages}, Page token: ${pageToken}`);
      }

      // Collect payment statuses from this page
      if (data.data && data.data.length > 0) {
        allPaymentStatuses.push(...data.data);
        console.log(`Collected ${data.data.length} payment statuses from page ${pageStart}`);
      }

      pageStart++;
    } while (pageStart <= totalPages);

    console.log(`Total payment statuses collected: ${allPaymentStatuses.length}`);

    // Process all collected payment statuses
    allPaymentStatuses.forEach((payment, index) => {
      console.log(`Payment ${index + 1}:`, payment.transactionId);
      console.log('Type:', payment.type);
      console.log('Status:', payment.status);
      console.log('External Reference:', payment.externalReference);
      console.log('Remittance Information:', payment.remittanceInformation);
      console.log('Value Date:', payment.valueDate);
      console.log('Debit Amount:', `${payment.debitAmount.amount} ${payment.debitAmount.currency}`);
      if (payment.creditAmount && payment.creditAmount.amount) {
        console.log('Credit Amount:', `${payment.creditAmount.amount} ${payment.creditAmount.currency}`);
      }
      console.log('-------------------');
    });

    return allPaymentStatuses;
  } catch (error) {
    console.error('There was a problem with the fetch operation:', error.message);
    throw error;
  }
}

// Alternative: Get single page of payment statuses
async function getPaymentStatusesPage(accountNumber, pageStart = 1, pageToken = null) {
  try {
    let url = `https://api.bcb.bm/v1/accounts/${accountNumber}/payments`;
    const params = new URLSearchParams();
    
    if (pageStart === 1 && !pageToken) {
      params.append('pageSize', '50'); // Custom page size
    } else {
      params.append('pageToken', pageToken);
      params.append('pageStart', pageStart.toString());
    }
    
    if (params.toString()) {
      url += '?' + params.toString();
    }

    const response = await fetch(url, {
      method: 'GET',
      headers: {
        'Authorization': 'Bearer YOUR_ACCESS_TOKEN',
        'Content-Type': 'application/json',
        'Accept': 'application/json'
      }
    });

    if (!response.ok) {
      const errorData = await response.json();
      throw new Error(`Error: ${errorData.message || 'Unknown error'}`);
    }

    const data = await response.json();
    console.log('Payment statuses page:', data);
    return data;
  } catch (error) {
    console.error('There was a problem with the fetch operation:', error.message);
    throw error;
  }
}

// Example usage:
getAllPaymentStatusesPaginated('123456789'); // Retrieves all payment statuses across multiple pages
// OR
getPaymentStatusesPage('123456789', 1).then(firstPage => {
  console.log('First page:', firstPage);
  // Use firstPage.meta.pagination.page_token for subsequent requests
});

Required Permission: get-payment-status

This endpoint requires the permission claim get-payment-status to be present in the JWT token. These permissions are embedded in the token during the authentication process and cannot be modified afterward. The token must be obtained with the appropriate permissions to access this endpoint.

Security
Authorization or Feature Permissions
Path
accountNumberstringrequired

The account number to retrieve payment statuses for.

Query
pageStartinteger or null(int32)

Optional. The record from which the response should be displayed (default: 1). Use with pageToken for subsequent requests.

pageSizeinteger or null(int32)

Optional. The total number of records per page (default: 100, max: 1000). Only specify in the first request - subsequent requests use the pageSize embedded in the pageToken.

pageTokenstring or null

Optional. Unique cursor ID received from previous response for subsequent requests. Contains encoded pagination context including pageSize.

curl -i -X GET \
  'https://developers.bcb.bm/_mock/apis/open-banking-api/open-banking-api/v1/accounts/{accountNumber}/payments?pageStart=0&pageSize=0&pageToken=string' \
  -H 'Authorization: Bearer <YOUR_jwt_HERE>'

Responses

OK - The request was successful.

Bodyapplication/json
meta(Meta (object or null))

Response metadata

(Meta (object or null))

Response metadata

dataArray of objects or null(TransactionStatus)

Response data

Response
application/json
{
  "meta": {
    "pagination": {}
  },
  "data": [
    {},
    {},
    {}
  ]
}

Credentials

Operations

FxQuotes

Operations

InternalTransfers

Operations

Payments

Operations

Token

Operations

Transactions

Operations

System

Operations