A Python wrapper for Revolut API, Python 3.x compatible.
Release 0.10.1, a working beta.
- dropped top-level classes in favor of
businessandmerchantsubmodules MerchantClientthrows exceptions on failures- dropped
MerchantClient.update_order
- added
revolut.merchantandMerchantClientwithin, which supports very basic Merchant API functionality (creating and retrieving simple orders) - the
revolut.Clientclass has been renamed torevolut.business.BusinessClient; the old import will remain valid in0.9.x, however it will issue warning and the resulting object will fail on type checks, likeisinstance - moved other classes like
Client,Transaction, etc. to therevolut.businesssubmodule; top level import is deprecated, like above.
The module supports most of Business API features and some basic elements of the Merchant API.
As listed in Revolut Business API docs:
| Accounts | |
| Get Accounts | yes |
| Get Account | yes |
| Get Account Details | yes |
| Counterparties | |
| Add Revolut Counterparty | yes |
| Add non-Revolut Counterparty | yes |
| Delete Counterparty | yes |
| Get Counterparty | yes |
| Get Counterparties | yes |
| Payments | |
| Transfer | yes |
| Create Payment | yes |
| Schedule Payment | no |
| Check Payment Status | yes |
| Cancel Payment | no |
| Get Transactions | yes |
As described in Revolut Merchant API docs:
| Orders | |
| Create an order | yes, with capture_mode = AUTOMATIC only |
| Retrieve an order list | yes |
| Retrieve an order | yes |
| Update an order | partially |
| Capture an order | no |
| Cancel an order | no |
| Refund an order | no |
| Confirm an order | no |
| Customers | no |
| Webhooks | |
| Retrieve all webhooks | no |
| Set a webhook URL | yes |
| Retrieve webhook details | no |
| Update webhook details | no |
| Delete a webhook | no |
| Other | no |
In September 2019 Revolut introduced much more complex authorization system based on OAuth2. Since version 0.6 this module supports only the new authorization model and old access keys become obsolete.
This description should help you get through the auth mess. It assumes you want to run the module in a non-interactive way (e.g. as a backend for a web service). Mobile applications will require some additional research on your side.
- Make sure you have OpenSSL installed.
- Run
$ revolut_genkey.shto generate key pair. Answer questions about your organization. - Two files will be generated:
prvkey.pemandpubkey.pem. Store them in a safe place. The script will also print the contents ofpubkey.pemto the console. This is your X509 public key. - In Revolut panel go to Settings / API and click Set up API access.
- Paste the public key into the form field.
- If you don't know what OAuth redirect URI means and why you need it, enter some bullshit URL there. It'd be better, however, if it pointed to your domain. Submit the form.
- You'll land back in API settings, this time you will be presented with
client_idandissvalues needed in further steps. - Click Enable API access to your account, continue with Authorize.
- Confirm with SMS code.
- After a couple of seconds you'll be redirected to the URL you have provided as OAuth
redirect. Check the address bar. It will contain a code parameter. This is your
auth_code. - Run
$ revolut_getjwt.py prvkey.pem <iss> <client_id>. The output will be yourjwt. - Run
$ revolut_gettokens.py <auth_code> <client_id> <jwt>. The script will returnaccess_token(with expiration time) andrefresh_token. (If you do it too slowly, the auth code expires and you get "unauthorized_client" error. Return to step 8.)
Now you're almost done, with some pieces of data on your hand. There are two ways to continue:
- Create
revolut.session.TemporarySessionwith theaccess_tokenand use it until the token expires. - Create
revolut.session.RenewableSessionwithrefresh_token,client_idandjwt. It will be more durable, creating freshaccess_tokeneach time.
However, it seems that after 90 days your API access expires anyway and you'd have to click Refresh access in the panel and restart the above process from point 8. Or whatever the EU shitheads invented in PSD2.
Released under the BSD 3-Clause License. See LICENSE.txt.
Copyright (c) 2018-2022:
- Michał Sałaban <[email protected]>
- Rafał Fuchs <[email protected]>
- Nikita Grygoriev <[email protected]>