> ## Documentation Index > Fetch the complete documentation index at: https://docs.chip-in.asia/llms.txt > Use this file to discover all available pages before exploring further. # Retrieve a bank account > Retrieve details of a recipient bank account that was previously created. ## OpenAPI ````yaml _openapi-chip-send GET /send/bank_accounts/{id} openapi: 3.1.0 info: description: > This is CHIP Send API which enables you to programatically send funds via REST API. It also enables you to register and validate recipient bank accounts. # Prerequisites You will need the credentials to proceeed with this integration, which your CHIP Send Account to be created by CHIP Admin before hand. Please contact your CHIP Account Manager to get the credentials, by providing the details below: 1. Main email 1. List of approvers (email). If you need 2 approvals, please provide both emails. # Basic integration flow 4 things to test the whole integration flow: 1. Call [Accounts API](#/Accounts) 1. Call [Increase Send Limit API](#/Send%20Limits/send_limits_create) 1. Call [Add Bank Account API](#/Bank%20Accounts/bank_accounts_create) 1. Call [Create Send Instruction API](#/Send%20Instructions/send_instructions_create) # Endpoints Make sure to use the correct endpoint depending on the environment you're on. 1. Staging: [https://staging-api.chip-in.asia/api/](https://staging-api.chip-in.asia/api/) 1. Production: [https://api.chip-in.asia/api/](https://api.chip-in.asia/api/) # Credentials You will need 2 details for integration with CHIP Send: 1. **API Key** (used to construct a signing string and Authorization Header) 1. **API Secret** (used to sign the signing string) *You will need your **API Key** that you can obtain in the CHIP Send Dashboard. Please use this key as a bearer token in the Authorization header included in every request:* `Authorization: Bearer `. *Since this API is meant for performing high risk task such as sending payments, extra security measure has to be in place. Hence, you also need **API Secret** to sign the request that you made. This keys will never leave your server and shall be stored securely. For every request, you will need to include **epoch** that contains Unix time and **checksum** that contains hash for epoch signed with API Secret in every request header.* # Epoch value Epoch is a current unix timestamp where it is in seconds and have 10 character length. Example of epoch value is 1689826456. In PHP, epoch value can be retrieved by calling time() function. # Checksum Calculation To generate a checksum, it requires current unix timestamp (`epoch`), `api_key` and `api_secret`. *Note: epoch time must be less than 30 seconds from the current request and at least greater than current time.* Provided an epoch value is `1689826456`, api_key is `e0645c9e-fcf2-4f29-a327-202f7ed3d969` and api_secret is `a118729e-4243-4145-83b3-0b8cb213fe8e`, both epoch and api_key must be concatenated and sign with HMAC SHA512. The string that must be prepared is: `1689826456e0645c9e-fcf2-4f29-a327-202f7ed3d969` The checksum generated is: `45bee62dba8087ab1e7e767d92f8d6e26f8bd19ee5fd2fef6386bb9425976498a86ffdbddb7a49919998e993c20626196ea652320f438a9528d2b8c9d19ec266` Example Postman Pre-Request Script: ```js var epoch = (new Date).getTime(); var epochSecs = Math.floor( epoch / 1000 ); pm.collectionVariables.set("epoch", epochSecs); var data = epochSecs.toString() + environment["api_key"]; var hmacDigest = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA512(data, environment["api_secret"])); pm.collectionVariables.set("checksum", hmacDigest); ``` *Note: JavaScript getTime() is in miliseconds while the unix timestamp is in seconds. Hence, it is required to divide it by 1000.* Example Ruby code: ```ruby epoch = Time.current.to_i application = Application.find_by(slug: "aaa") OpenSSL::HMAC.hexdigest OpenSSL::Digest.new('sha512'), application.api_secret, "#{epoch}#{application.api_key}" ``` Example PHP code: ```php - This is an API to get CHIP Send account information. Depending on your account agreement, you may only have one account. - name: Send Limits description: > Send Limit records incoming (coverted from collection - transaction_type: in) and outgoing (send to recipient - transaction_type: out) transactions in CHIP Send. To be able to send funds to third parties, you must have balance in your CHIP Send Account. Use Increase Chip Send Budget Allocation API to covert settlement (collection) amount to Send Limit. Please note in Staging / UAT environment, your convertible collection amount is set to MYR 1,000.00. In Production, it will reflect your actual upcoming settlement amount. - name: Bank Accounts description: This is an API to manage recipeint bank account details. - name: Send Instructions description: >- This is an API to perform a send instructions. This is the main API that you can benefit from CHIP Send. - name: Groups description: To manage grouping to group company bank account - name: Webhooks description: To manage webhook events for server-to-server notification paths: /send/bank_accounts/{id}: get: tags: - Bank Accounts summary: Retrieve a bank account description: > Retrieve details of a recipient bank account that was previously created. operationId: bank_accounts_get parameters: - name: epoch in: header description: Unix epoch timestamp required: true schema: allOf: - $ref: '#/components/schemas/UnixTimestamp' - name: checksum in: header description: Refer to checksum calculation required: true schema: type: string - name: id in: path required: true schema: type: integer format: int64 example: 1 responses: '200': description: Successful response content: application/json: schema: $ref: '#/components/schemas/BankAccount' example: id: 1 status: verified account_number: '111111111129' bank_code: CIBBMYKL group_id: null name: wan reference: null created_at: '2022-12-19T15:20:42.285Z' is_debiting_account: false is_crediting_account: false updated_at: '2022-12-19T15:20:42.285Z' deleted_at: null rejection_reason: null '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '403': $ref: '#/components/responses/UnauthorizedAction' '404': $ref: '#/components/responses/NotFound' security: - bearerAuth: [] components: schemas: UnixTimestamp: type: integer description: Unix timestamp (seconds) format: Unix timestamp (seconds) example: 1619740800 BankAccount: type: object description: This is bank account schema required: - account_number - bank_code - name properties: id: type: integer format: int64 example: 1 description: >- The ID given in the respone must be stored as it will be used for later process. readOnly: true status: example: verified readOnly: true allOf: - $ref: '#/components/schemas/BankAccountStatus' account_number: allOf: - $ref: '#/components/schemas/BankAccountNumber' bank_code: allOf: - $ref: '#/components/schemas/BankCode' group_id: type: integer format: int64 nullable: true example: null name: type: string minLength: 1 maxLength: 65535 example: Ahmad reference: type: string minLength: 1 maxLength: 65535 nullable: false example: abc description: Unique value to prevent multiple submission created_at: readOnly: true description: Object creation time in UTC type: string format: date-time is_debiting_account: type: boolean example: false readOnly: true is_crediting_account: type: boolean example: false readOnly: true updated_at: readOnly: true description: Object creation time in UTC type: string format: date-time deleted_at: readOnly: true description: Object creation time in UTC type: string format: date-time rejection_reason: type: string nullable: true maxLength: 65535 example: null readOnly: true BankAccountStatus: type: string enum: - pending - verified - rejected description: | - `pending`: The bank account is yet to be verified - `verified`: Valid bank account - `rejected`: Invalid bank account BankAccountNumber: type: string minimum: 10 maximum: 17 example: 157380112222 description: The length depends on recipient bank BankCode: type: string example: MBBEMYKL description: | - `ACDBMYK2`: AEON Bank (M) Berhad - `PHBMMYKL`: Affin Bank Berhad - `AGOBMYKL`: Agrobank - `RJHIMYKL`: Al-Rajhi - `MFBBMYKL`: Alliance Bank Malaysia Berhad - `ARBKMYKL`: Ambank Malaysia Berhad - `BIMBMYKL`: Bank Islam Malaysia Berhad - `BKRMMYKL`: Bank Kerjasama Rakyat Malaysia Berhad - `BMMBMYKL`: Bank Muamalat Malaysia Bhd - `BOFAMY2X`: Bank of America (M) Berhad - `BKCHMYKL`: Bank of China (M) Berhad - `BOTKMYKX`: Bank of Tokyo-Mitsubishi UFJ (M) Berhad - `BSNAMYK1`: Bank Simpanan Nasional Berhad - `BNPAMYKL`: BNP Paribas Malaysia Berhad - `PCBCMYKL`: China Construction Bank (M) Berhad - `CIBBMYKL`: CIMB Bank Berhad - `DEUTMYKL`: Deutsche Bank (Malaysia) Berhad - `FNXSMYNB`: Finexus Cards Sdn. Bhd. - `GXSPMYKL`: GX Bank Berhad - `HLBBMYKL`: Hong Leong Bank Berhad - `HBMBMYKL`: HSBC Bank Malaysia Berhad - `ICBKMYKL`: Industrial and Commercial Bank of China (M) Berhad - `CHASMYKX`: JP Morgan Chase Bank Berhad - `KFHOMYKL`: Kuwait Finance House - `MBBEMYKL`: Maybank Berhad - `AFBQMYKL`: MBSB BANK BERHAD - `MHCBMYKA`: Mizuho Bank (Malaysia) Berhad - `OCBCMYKL`: OCBC Bank Berhad - `PBBEMYKL`: Public Bank Berhad - `RHBBMYKL`: RHB Bank Berhad - `SCBLMYKX`: Standard Chartered Bank Malaysia Berhad - `SMBCMYKL`: Sumitomo Mitsui Banking Corporation (M) Berhad - `TNGDMYNB`: Touch `n Go eWallet - `UOVBMYKL`: United Overseas Bank Berhad (UOB) enum: - PHBMMYKL - AIBBMYKL - BPMBMYKL - MFBBMYKL - ALSRMYK1 - RJHIMYKL - ARBKMYKL - AISLMYKL - BIMBMYKL - BKRMMYKL - BMMBMYKL - BSNAMYK1 - CIBBMYKL - CTBBMYKL - HLBBMYKL - HLIBMYKL - HBMBMYKL - HMABMYKL - KFHOMYKL - MBBEMYKL - MBISMYKL - OCBCMYKL - OABBMYKL - PBBEMYKL - PIBEMYK1 - RHBBMYKL - RHBAMYKL - SCBLMYKX - UOVBMYKL - AFBQMYKL - CHASMYKX BadRequestResponse: type: object properties: message: type: string example: Bad request code: type: number example: 400 data: type: object example: {} UnauthorizedResponse: type: object properties: message: type: string example: Unauthorized code: type: number example: 401 data: type: object example: {} UnauthorizedActionResponse: type: object properties: message: type: string example: You are not authorized to perform this action code: type: number example: 403 data: type: object example: {} NotFoundResponse: type: object properties: message: type: string example: Record not found code: type: number example: 404 data: type: object example: {} responses: BadRequest: description: Bad request content: application/json: schema: $ref: '#/components/schemas/BadRequestResponse' Unauthorized: description: Unauthorized request content: application/json: schema: $ref: '#/components/schemas/UnauthorizedResponse' UnauthorizedAction: description: Unauthorized action request content: application/json: schema: $ref: '#/components/schemas/UnauthorizedActionResponse' NotFound: description: Record not found content: application/json: schema: $ref: '#/components/schemas/NotFoundResponse' securitySchemes: bearerAuth: type: http scheme: bearer ````