Description

Get a Loan API allows your customer to know, at purchase, if he/she is eligible for a preapproved financing.

This information is useful for the customer to know if he/she will have access to financing. That can help your business, reinforcing the customer buying decision. Also, it is possible for you, as a merchant, to take specific actions. Use that info on your Check Out process to suggest the customer to finance their purchases with Santander. Please keep in mind that we will request customer's consent to share this information with you.

Requirements

Before initiating this process, you need to fulfil the following requirements:

1. Your application must be registered in our Developer Hub. You will so obtain a Client ID and Client Secret.

2. A valid redirect URI previously registered in the application to receive the answer to the authorization calls.

3. The application must be subscribed to the API "Get a Loan".

Data

You will obtain the following information about your customer:

Field Description
Have Loan This flag allows you to know if customers are eligible or not for a pre-approved financing with their Santander bank.
Type of Loan Pre-Approved Loan Type ID. Santander might have more than one type of financing to offer, with different terms and repayment options. List of diferents types of financing:
1000 Loans
1001 Loans
1002 Short Loans
2000 Credit Cards
3000 Credit Accounts.
Type of Loan Description Santander might have more than one type of financing to offer, with different terms and repayment options.
Loan periods Minimum and Maximum term accepted for pre-approved financing, expressed as Months or Years.
Loan amounts Min and max pre-approved loan amount for a given financing type, expressed in customer's currency.
Loan request (optional) A personalized URL to redirect your customer to their SAN bank and start the financing origination process.
How to

Our Get a Loan API is protected under the Oauth2 protocol and requires to obtain authorization from the customer.

The authorization occurs in two steps:

1) Retrieve an authorization code. Get an authorization code associated to customer's authentication and consent so you can get an access token to call the Get a Loan API.

2) Get access token. That access token authorizes the subsequent API calls to access customer pre-approved financing.

Once you have obtained a valid access token, you can use it to call the API and retrieve customer data. Below you can see an overview of the process.

1. Retrieve Authorization Code
To obtain the authorization code that allows you to request the access token, it is necessary to make a call to the OAuth authorization server.
Once customer authentication and consent process completes successfully, Santander will return the control of the flow to your application as a 302 redirection to the Redirect URI indicated by you in the configuration of the application associated with the Client ID used in the call.
Your application will receive the answer to the request at the indicated URL authorization, which includes the authorization code.
Parameters
End Point oauth/authorize Mandatory
Parameters

QueryString

client_id

Client identifier assigned in the API portal. yes

QueryString

scope

loan.read yes

QueryString

user (Combo box)

User of the test case no

QueryString

country

Identification code associated with the country to which the client belongs.
Codes available in Sandbox: ESP, UK, MEX, POL
yes

QueryString

redirect_uri

URL to redirect the response. yes

QueryString

response_type

Type of grant. It must be filled with code yes

QueryString

state (optional)

It is used to maintain correlation between this request and the authorization server's response recomended
Response

https://partnerURL.com/?code=839a3d23-c3d5-4fc5-b6f9-3427b40ebc09&redirect_uri=https://www.partnerRedirectURI.es/

Error Handling
Errors can occur for several reasons.
2. Get access token
Once the request for access token is authorized, a call must be made to obtain it.
Parameters
End Point oauth/token Mandatory
Parameters

Header

Authorization

Basic Base64(ClientID:Secret) yes

Body

country

Country to use.
Codes available in Sandbox: ESP,UK, MEX, POL
yes

Body

scope

loan.read yes

Body

grant_type

authorization_code yes

Body

code

The code obtained in the authorization endpoint yes

QueryString

redirect_uri

URL to redirect the response. yes
Response

{

'access_token': '9b678b10-cc8e-42ef-a479-1ceadbc2e176',

'token_type': 'bearer',

'expires_in': 43199,

'scope': 'loan.read'

}

Error Handling
Errors can occur for several reasons.
3. Calling the API
From now on, calls to the API with access_token will be authorized during the effective time of the access token.

To see more details, go to API Explorer.