Skip to main content

API Endpoints

Base URL

http://localhost:8080

Authentication

POST /auth/login

Authenticate user and get JWT token.

Request:

{
"username": "admin",
"password": "Admin123!"
}

Response (200):

{
"token": "eyJhbGciOiJIUzI1NiJ9...",
"username": "admin",
"role": "ADMIN"
}

Transactions

GET /transactions

List all transactions.

Headers: Authorization: Bearer <token>

Response (200):

{
"data": [
{
"id": "TXN-001",
"fromAccount": "ACC-001",
"toAccount": "ACC-002",
"amount": 5000.00,
"currency": "IDR",
"status": "COMPLETED",
"riskScore": 15,
"timestamp": "2026-07-06T10:30:00Z"
}
]
}

POST /transactions

Create a new transaction.

Headers: Authorization: Bearer <token>

Request:

{
"fromAccount": "ACC-001",
"toAccount": "ACC-002",
"amount": 5000.00,
"currency": "IDR",
"description": "Transfer to savings"
}

Response (201):

{
"id": "TXN-002",
"status": "COMPLETED",
"riskScore": 10,
"timestamp": "2026-07-06T10:35:00Z"
}

Audit

GET /audit/logs

Query audit logs.

Headers: Authorization: Bearer <token>

Query Params:

  • page - Page number (default: 0)
  • size - Page size (default: 20)
  • actor - Filter by actor
  • action - Filter by action

Response (200):

{
"content": [
{
"id": 1,
"actor": "admin",
"action": "LOGIN",
"target": "SYSTEM",
"result": "SUCCESS",
"ipAddress": "10.8.0.48",
"timestamp": "2026-07-06T10:00:00Z",
"currentHash": "abc123..."
}
],
"totalElements": 150,
"totalPages": 8,
"currentPage": 0
}

Compliance

GET /iso/compliance/status

Get ISO compliance status.

Headers: Authorization: Bearer <token>

Response (200):

{
"iso27001": {
"status": "COMPLIANT",
"lastAudit": "2026-06-15T00:00:00Z",
"findings": 0
},
"iso20022": {
"status": "COMPLIANT",
"messageFormat": "pacs.008",
"lastValidation": "2026-07-06T00:00:00Z"
},
"iso22301": {
"status": "COMPLIANT",
"rto": "4 hours",
"rpo": "1 hour",
"lastTest": "2026-06-01T00:00:00Z"
}
}

GET /iso/health

Health check endpoint.

Response (200):

{
"status": "UP",
"components": {
"database": { "status": "UP" },
"redis": { "status": "UP" },
"diskSpace": { "status": "UP" }
}
}

WebSocket

Connection

ws://localhost:8080/ws

STOMP Protocol

const socket = new SockJS('http://localhost:8080/ws');
const stompClient = Stomp.over(socket);

stompClient.connect({}, (frame) => {
// Subscribe to topics
stompClient.subscribe('/topic/transactions', (message) => {
console.log('Transaction:', JSON.parse(message.body));
});

stompClient.subscribe('/topic/alerts', (message) => {
console.log('Alert:', JSON.parse(message.body));
});

stompClient.subscribe('/topic/audit', (message) => {
console.log('Audit:', JSON.parse(message.body));
});

stompClient.subscribe('/topic/compliance', (message) => {
console.log('Compliance:', JSON.parse(message.body));
});
});

Message Formats

Transaction Event

{
"type": "TRANSACTION",
"data": {
"id": "TXN-001",
"fromAccount": "ACC-001",
"toAccount": "ACC-002",
"amount": 5000.00,
"status": "COMPLETED"
}
}

Security Alert

{
"type": "SECURITY_ALERT",
"severity": "HIGH",
"message": "Velocity threshold exceeded",
"accountId": "ACC-001",
"riskScore": 75,
"timestamp": "2026-07-06T10:30:00Z"
}

Error Responses

StatusMessageDescription
400Invalid requestRequest body tidak valid
401UnauthorizedToken tidak ada atau tidak valid
403ForbiddenTidak punya akses
404Not foundResource tidak ditemukan
500Internal server errorServer error

Next Steps