# Revolur Card API ## Base address https://app.revolut.com/api/revolut-secure/retail ## Headers ``` { "authority": "app.revolut.com", "accept": "application/json", "content-type": "application/jso", "origin": "chrome-extension://hdlehfdjcalidklijenibmpcdgjfmafn", "sec-fetch-dest": "empty", "sec-fetch-mode": "cors", "sec-fetch-site": "cross-site", "user-agent": "", "x-browser-application": "BROWSER_EXTENSION", "x-client-version": "100.0", "x-device-id": "", "x-device-model": "" } ``` ## Authentication ### POST /signin #### Description Login with phone number and passcode and get a token. #### Request ``` { "phone":"<+XX phone>", "password":"", "channel":"APP" } ``` #### Response ``` { "tokenId":"" } ``` ### POST /token (issue) #### Description Once a token is obtained through the login request, the signin request has to be confirmed on the app. This request is used for polling for that authorization and then getting actual credentials. #### Request ``` { "phone":"<+XX phone>", "password":"", "tokenId":"" } ``` #### Response ##### Case 1 - Authorization Pending ``` { "message": "One should obtain consent from the user before continuing", "code": 9035 } ``` ##### Case 2 - Authorization Granted ``` { "tokenExpiryDate": , "refreshCode": "", "ownerId": ", "accessToken": "", "user": { "id": " (should be same as )", "state": "ACTIVE" } } ``` ### POST /token (refresh) #### Description The token has to be periodically refreshed. #### Request ``` { "userId":"" "refreshCode":"" } ``` #### Response ``` { "tokenExpiryDate": , "refreshCode": "", "ownerId": "", "accessToken": "" } ``` ### GET /user/current/picture #### Description Get user profile picture. #### Headers ``` { "Authorization": : } ``` #### Response Profile picture raw bytes. ### GET /user/current #### Description Get user details, including email, phone, full address, username, id, code. #### Headers ``` { "Authorization": : } ``` ### Response ``` { "user": { "id": "", "individualId": "", "createdDate": , "address": { "city": "", "country": "", "postcode": "", "region": "", "streetLine1": "
", "streetLine2": "
" }, "birthDate": [ , , ], "firstName": "", "lastName": "", "phone": "<+XX phone>", "email": "", "emailVerified": true, "state": "ACTIVE", "referralCode": "", "code": "", "kyc": "PASSED", "underReview": false, "locale": "en-GB", "riskAssessed": false, "username": "", "identityDetails": { "accountPurpose": "DAILY_SPENDING", "taxResidencies": [], "identificationNumbers": [ { "country": "", "name": "genericTin", "value": "" } ] }, "hasProfilePicture": true, "appMode": "FULL" }, "wallet": { "baseCurrency": "EUR" } } ``` ### GET /my-card/all #### Description Get an array of all the available cards in the account, without secret details. In a personal account, cards can be either virtual or physical. Virtual cards can also be tagged as single use (disposable). It is also known whether a card is for professional use (`PRO`) or for personal use (`RETAIL`). #### Headers ``` { "Authorization": : } ``` #### Response ``` [ { "id": "", "walletId": "", "label": "