API Endpoints
Base URL
http://localhost:8080
Authentication
POST /auth/login
Authenticate user and get JWT token.
Request:
{
"username": "admin",
"password": "Admin123!"
}
Response (200):
{
"token": "eyJhbGciOiJIUzI1NiJ9...",
"username": "admin",
"role": "ADMIN"
}
Transactions
GET /transactions
List all transactions.
Headers: Authorization: Bearer <token>
Response (200):
{
"data": [
{
"id": "TXN-001",
"fromAccount": "ACC-001",
"toAccount": "ACC-002",
"amount": 5000.00,
"currency": "IDR",
"status": "COMPLETED",
"riskScore": 15,
"timestamp": "2026-07-06T10:30:00Z"
}
]
}
POST /transactions
Create a new transaction.
Headers: Authorization: Bearer <token>
Request:
{
"fromAccount": "ACC-001",
"toAccount": "ACC-002",
"amount": 5000.00,
"currency": "IDR",
"description": "Transfer to savings"
}
Response (201):
{
"id": "TXN-002",
"status": "COMPLETED",
"riskScore": 10,
"timestamp": "2026-07-06T10:35:00Z"
}
Audit
GET /audit/logs
Query audit logs.
Headers: Authorization: Bearer <token>
Query Params:
page- Page number (default: 0)size- Page size (default: 20)actor- Filter by actoraction- Filter by action
Response (200):
{
"content": [
{
"id": 1,
"actor": "admin",
"action": "LOGIN",
"target": "SYSTEM",
"result": "SUCCESS",
"ipAddress": "10.8.0.48",
"timestamp": "2026-07-06T10:00:00Z",
"currentHash": "abc123..."
}
],
"totalElements": 150,
"totalPages": 8,
"currentPage": 0
}
Compliance
GET /iso/compliance/status
Get ISO compliance status.
Headers: Authorization: Bearer <token>
Response (200):
{
"iso27001": {
"status": "COMPLIANT",
"lastAudit": "2026-06-15T00:00:00Z",
"findings": 0
},
"iso20022": {
"status": "COMPLIANT",
"messageFormat": "pacs.008",
"lastValidation": "2026-07-06T00:00:00Z"
},
"iso22301": {
"status": "COMPLIANT",
"rto": "4 hours",
"rpo": "1 hour",
"lastTest": "2026-06-01T00:00:00Z"
}
}
GET /iso/health
Health check endpoint.
Response (200):
{
"status": "UP",
"components": {
"database": { "status": "UP" },
"redis": { "status": "UP" },
"diskSpace": { "status": "UP" }
}
}
WebSocket
Connection
ws://localhost:8080/ws
STOMP Protocol
const socket = new SockJS('http://localhost:8080/ws');
const stompClient = Stomp.over(socket);
stompClient.connect({}, (frame) => {
// Subscribe to topics
stompClient.subscribe('/topic/transactions', (message) => {
console.log('Transaction:', JSON.parse(message.body));
});
stompClient.subscribe('/topic/alerts', (message) => {
console.log('Alert:', JSON.parse(message.body));
});
stompClient.subscribe('/topic/audit', (message) => {
console.log('Audit:', JSON.parse(message.body));
});
stompClient.subscribe('/topic/compliance', (message) => {
console.log('Compliance:', JSON.parse(message.body));
});
});
Message Formats
Transaction Event
{
"type": "TRANSACTION",
"data": {
"id": "TXN-001",
"fromAccount": "ACC-001",
"toAccount": "ACC-002",
"amount": 5000.00,
"status": "COMPLETED"
}
}
Security Alert
{
"type": "SECURITY_ALERT",
"severity": "HIGH",
"message": "Velocity threshold exceeded",
"accountId": "ACC-001",
"riskScore": 75,
"timestamp": "2026-07-06T10:30:00Z"
}
Error Responses
| Status | Message | Description |
|---|---|---|
| 400 | Invalid request | Request body tidak valid |
| 401 | Unauthorized | Token tidak ada atau tidak valid |
| 403 | Forbidden | Tidak punya akses |
| 404 | Not found | Resource tidak ditemukan |
| 500 | Internal server error | Server error |
Next Steps
- Features - Detailed features
- ISO Compliance - ISO implementation details