# Get refunds The GET /refunds endpoint retrieves a complete or filtered list of refunds. Endpoint: GET /refunds Security: Bearer, BasicAuth ## Query parameters: - `limit` (integer, required) The maximum number of records to return. Example: 10 - `offset` (string) The offset from the previous page. Example: "LerV6Jmex" - `startDate` (string) Lower bound for a refund creation date in the format 'YYYY-MM-DD' (UTC time zone). If specified, only refunds created at or after the given date will be returned. Example: "2010-01-01" - `endDate` (string) Upper bound for a refund creation date in the format 'YYYY-MM-DD' (UTC time zone). If specified, only refunds created at or before the given date will be returned. Example: "2010-01-01" - `ids` (array) Filters refunds by their ids - returns only refunds with ids listed in this parameter. Example: ["rf:4QExXrhKTxfShBdcTeqFabqJJhUF:2gFUX1NDgpN","rf:N5cJDFsQzVca3Qvr8kQocgEnjgX:2gFUX1NEdYA"] - `invertIds` (boolean) Invert ids query - returns only refunds with ids not listed in the ids parameter. - `statuses` (array) Filters refunds by their statuses - returns only refunds with statuses listed in this parameter. Example: ["INITIATION_COMPLETED","INITIATION_REJECTED"] - `invertStatuses` (boolean) Invert statuses query - returns only refunds with statuses not listed in the statuses parameter. Example: true - `refIds` (array) Filters refunds by their refId values - returns only refunds with refIds listed in this parameter. Example: ["ShBdcTeqFabqJJhUF","N5cJDFsQzVca3Q"] - `partial` (boolean) Returns refunds in a partial format - with only id and status fields populated. Example: true - `onBehalfOfIds` (array) Filters payouts by their onBehalfOfId values - returns only payouts with the onBehalfOfId values specified in this parameter. This field is mandatory for unregulated TPPs. Example: ["c5a863bc-86f2-4418-a26f-25b24c7983c7","6f34h397-b29h-23b0-s30g-hkd0d2dk4k1s"] ## Response 200 fields (application/json): - `refunds` (array) - `refunds.id` (string, required) Token.io-generated refund id. Example: "rf:12345abcd:abcd" - `refunds.bankTransactionId` (string) The transaction id from the bank side. This can be empty if it is not available from the bank. Example: "2UhwCZ3BMaEcAUK8bZdukor7NL4tH6TBuu6aJMp5KKfX:5zKcENpV" - `refunds.memberId` (string, required) The Token.io-assigned member id of the TPP. Example: "m:123456abcd:abcd" - `refunds.createdDateTime` (string, required) The date and time this refund object was created (in ISO 8601 format). Example: "2017-04-05T10:43:07.000+00:00" - `refunds.updatedDateTime` (string, required) The date and time the current status, sub status, status reason information and authentication were last updated (in ISO 8601 format). Example: "2017-04-05T10:45:07.000+00:00" - `refunds.status` (string, required) The Token.io Refund Initiation Status. INITIATION_PENDING - Token.io has received the refund initiation and the initiation has passed Token.io's validation.INITIATION_PROCESSING - the refund is processing on the bank side. The status can be updated to one of INITIATION_COMPLETED, INITIATION_REJECTED or INITIATION_FAILED. If the status is not updated by the bank within a certain period of time, the status will remain as INITIATION_PROCESSING and the corresponding status reason information field will reflect this.INITIATION_COMPLETED - the refund initiation is successful. This does not guarantee the refund is settled.INITIATION_REJECTED - the refund is rejected by the bank. More details are shared in the corresponding status reason information.INITIATION_FAILED - Token.io failed to create the initiation as a result of failures on the bank side, e.g. the bank is not available at the moment.INITIATION_NO_FINAL_STATUS_AVAILABLE - The payment status has not been updated for some time and Token.io has stopped polling it. The recommended maximum polling time is 30 days. The status will change to INITIATION_NO_FINAL_STATUS_AVAILABLE after 30 days if the bank doesn't update the status. This is a final status, but it doesn't indicate success or failure. Please contact the bank to check the actual status of the payment. Enum: "INITIATION_PENDING", "INITIATION_PROCESSING", "INITIATION_COMPLETED", "INITIATION_REJECTED", "INITIATION_FAILED", "INITIATION_NO_FINAL_STATUS_AVAILABLE" - `refunds.bankPaymentStatus` (string) The raw bank status. This can be the ISO 20022 payment status code. See ISO 20022 payment status codes for more information. This field can be empty if no payment status is available on bank side. Example: "ACCP" - `refunds.statusReasonInformation` (string) A human-readable description of the reason for the reported status, which may include a message from the bank. This value should not exceed 256 characters in length. Example: "The payment is settled on debtor side." - `refunds.initiation` (object) The Initiation payload for the refund. - `refunds.initiation.description` (string) The description for the refund. Example: "refund for some reason" - `refunds.initiation.refId` (string, required) The TPP-generated reference identifier for the token. This is not to be confused with the requestId. The refId maps to the tppRefId in the bank's consentRequest. This is needed to match/verify the originating token request with the bank's consent request. We recommend that the refId should not contain special characters (the allowed characters are the 26-letter Latin alphabet, the numerical digits from 0-9 and the hyphen '-'). This field should not exceed 18 characters in length. Example: "9htio4a1sp2akdr1aa" - `refunds.initiation.amount` (object, required) The transaction amount and currency. - `refunds.initiation.amount.value` (string, required) The transaction amount with up to four digits after the decimal point. Example: "10.23" - `refunds.initiation.amount.currency` (string, required) The ISO 4217 three letter currency code. Example: "EUR" - `refunds.initiation.originalPaymentId` (string, required) The original payment id from Token.io payments/transfers. This is required to initiate a refund. Token.io will check the original payment for the refund validation. Example: "t:sdsds:sdsd" - `refunds.initiation.registrationId` (string) The registraion id. Example: "regId" - `refunds.initiation.localInstrument` (string, required) The bank's payment service to be used for making a payment. Enum: "SEPA", "SEPA_INSTANT", "FASTER_PAYMENTS" - `refunds.initiation.debtor` (any, required) The debtor information. Account information (one of) is required. - `refunds.initiation.creditor` (any, required) The creditor information. The account information (one of) is required. - `paging` (object) - `paging.limit` (integer) The limit (maximum number of records to return) that was sent in the request. If the actual number of returned records is less then the limit, there are no more records left to fetch. The maximum allowed limit is 200. If the passed limit is bigger than this, it will be set to 200. - `paging.offset` (string) Offset for the next page. Example: "LerV6Jmex" ## Response 400 fields (application/json): - `error` (object) The request does not have valid authentication credentials needed to perform the operation. - `error.message` (string) A description of the error. Example: "This is a description of the error." - `error.tokenTraceId` (string) The trace identifier for the given call. Example: "5678912345" ## Response 401 fields (application/json): - `error` (object) The request does not have valid authentication credentials needed to perform the operation. - `error.message` (string) A description of the error. Example: "This is a description of the error." - `error.tokenTraceId` (string) The trace identifier for the given call. Example: "5678912345" ## Response 403 fields (application/json): - `error` (object, required) The error returned when the member is not authorized to perform the given operation: PermissionDenied. This error message will be accompanied by the reason from the bank. Typically this means the access token has expired and the user must re-authenticate with the bank. - `error.errorCode` (string, required) A textual error code categorising the error. Example: "InternalServerError" - `error.message` (string, required) A description of the error that occurred and a possible way to fix it. Example: "This is a description of the error." - `error.tokenTraceId` (string) The trace identifier for the given call. Example: "5678912345" ## Response 404 fields (application/json): - `error` (object, required) The error object returned when given payment cannot be found: ResourceNotFound. - `error.errorCode` (string, required) A textual error code categorising the error. Example: "InternalServerError" - `error.paymentId` (string, required) The requested entity, the paymentID, was not found. Example: "pm2:12345abcd:abcde" - `error.message` (string, required) A description of the error that occurred and a possible way to fix it. Example: "This is a description of the error." - `error.tokenTraceId` (string) The trace identifier for the given call. Example: "5678912345" ## Response 429 fields (application/json): - `error` (object, required) Resource exhausted. Too many requests. - `error.errorCode` (string, required) A textual error code categorising the error. Example: "InternalServerError" - `error.paymentId` (string, required) The maximum number of requests has been reached. Example: "Resource exhausted. Check quota." - `error.message` (string, required) A description of the error that occurred and a possible way to fix it. Example: "This is a description of the error." - `error.tokenTraceId` (string) The trace identifier for the given call. Example: "5678912345" ## Response 500 fields (application/json): - `error` (object) This could refer to either an error by the payment service provider or the bank. When the bank reports a 5xx error, "token-external-error": "true" is set as a header in the HTTP response, indicating that the "internal" error originates from the bank. When one of the payment service providers internal services fails or when the bank reports a 4xx error, this header is not populated. The absence of this response header should be interpreted as "token-external-error": "false". - `error.errorCode` (string, required) This is a textual error code categorising the error. Example: "InternalServerError" - `error.message` (string, required) A description of the error. Example: "This is a description of the error." - `error.tokenTraceId` (string) The trace identifier for the given call. Example: "5678912345" ## Response 501 fields (application/json): - `error` (object, required) The operation was not implemented, supported or enabled by the bank. - `error.errorCode` (string, required) A textual error code categorising the error. Example: "InternalServerError" - `error.paymentId` (string, required) The operation was not implemented,supported or enabled by the bank. Example: "Not implemented." - `error.message` (string, required) A description of the error that occurred and a possible way to fix it. Example: "This is a description of the error." - `error.tokenTraceId` (string) The trace identifier for the given call. Example: "5678912345" ## Response 503 fields (application/json): - `error` (object, required) Service is unavailable, likely due to a transient condition; this is usually corrected with a retry. - `error.errorCode` (string, required) A textual error code categorising the error. Example: "InternalServerError" - `error.paymentId` (string, required) The service is unavailable, likely due to a transient condition; this is usually corrected with a retry. Example: "Unavailable" - `error.message` (string, required) A description of the error that occurred and a possible way to fix it. Example: "This is a description of the error." - `error.tokenTraceId` (string) The trace identifier for the given call. Example: "5678912345" ## Response 504 fields (application/json): - `error` (object, required) The deadline expired before the operation could complete. - `error.errorCode` (string, required) A textual error code categorising the error. Example: "InternalServerError" - `error.paymentId` (string, required) The deadline expired before the operation could complete. Example: "Deadline exceeded." - `error.message` (string, required) A description of the error that occurred and a possible way to fix it. Example: "This is a description of the error." - `error.tokenTraceId` (string) The trace identifier for the given call. Example: "5678912345"