Barclays US API integration & OpenBanking data export

OpenData · OpenFinance · OpenBanking · Card protocol analysis

Connect Barclays US credit cards, savings and rewards data to your stack — safely

We deliver Barclays US protocol analysis covering Barclaycard transaction history, statement exports, FICO score retrieval, rewards/cashback ledgers, Barclays Online Savings and CD balances, and card-control events. Designs follow OpenBanking patterns and US personal financial data rights as the CFPB Section 1033 framework matures.

Card transaction & statement APIs — Pull merchant name, MCC, posted/pending state, FX rate and statement period for any Barclaycard US co-branded product (AAdvantage, JetBlue, Wyndham, Hawaiian, Carnival, Princess, Uber and more).

FICO score API — Retrieve the free FICO score the Barclays US app surfaces, including the score, model version and refresh date, for credit-monitoring dashboards and underwriting feedback loops.

Rewards & cashback ledger — Normalize miles, points and statement credits across Barclays co-brand programs so back-office systems and travel-tech stacks can reconcile earn/burn in a single feed.

Savings, CD & transfer rails — Surface Barclays Online Savings balances, CD maturity schedules and external transfer history; bind into treasury, FP&A or personal finance management products.

What we deliver for Barclays US integrations

Deliverables checklist

OpenAPI 3.1 specification for each surfaced endpoint
Protocol and auth-flow report (OAuth, token chain, device-binding)
Runnable Python and Node.js client for statements, balances, FICO and rewards
Postman collection plus an automated regression test pack
Compliance brief covering Section 1033, GLBA Safeguards, PCI DSS scope
Operational runbook for token rotation, throttling and incident response

How we run the engagement

Each Barclays US engagement starts with a short data discovery session: which co-brand products are in scope, whether the FICO score view is needed, and how rewards should be normalized. We then map the in-app calls against the public Barclays API Exchange surfaces and select either a first-party flow or an authorized aggregator pathway. The final delivery is a hardened client your team can run on Day 1 — not a research notebook.

Data available for integration

The Barclays US app exposes more structured data than most consumer banking apps in the US market, because it spans credit cards, deposit products and credit-score tooling. The table below summarizes what we typically surface for partners, with the source screen inside the Android app, the granularity, and a common downstream use.

Data type	Source (app screen / feature)	Granularity	Typical use
Card transaction history	Account > Activity, Spend Analyzer	Per transaction, posted & pending, MCC, merchant raw string	Reconciliation, expense management, fraud analytics
Statements (PDF + JSON)	Statements tab	Per billing cycle, line items, fees, interest, minimum due	Accounting sync, tax preparation, audit trail
Balance & available credit	Home dashboard	Real-time, with credit limit and cash advance limit	PFM dashboards, utilization-based credit decisioning
FICO score	FICO Credit Score widget	Score value, model version, refresh date, trend	Credit monitoring, lender pre-qualification flows
Rewards & cashback ledger	Rewards tab (co-brand specific)	Points/miles balance, accrual events, redemption history	Travel-tech stacks, loyalty consolidation, B2B reporting
Savings & CD accounts	Online Savings / CD dashboards	APY, balance, interest paid, maturity date	Treasury, deposit aggregation, yield comparison apps
External transfers & direct deposit	Transfers, Direct Deposit setup	ACH counterparties, scheduled and historical transfers	Cashflow forecasting, payroll integration
Card controls & events	Card control, Replace card	Lock state, replacement reason, shipping status	Customer-care automation, anti-fraud playbooks

Typical integration scenarios

1. Travel-tech rewards reconciliation

Many Barclays US cards are co-branded with airlines and hospitality brands (AAdvantage Aviator, JetBlue Plus, Hawaiian Airlines, Wyndham, Carnival, Princess). A travel-rewards aggregator typically needs a normalized feed of accrual and redemption events across these programs.

Data & APIs: rewards ledger endpoint, statement endpoint for verifying bonus categories, transaction MCC for spend-category bonus calculation. OpenFinance mapping: consumer-authorized data access under CFPB Section 1033, with consent records persisted for each refresh.

2. SMB expense management & reconciliation

Small business operators carrying Barclays co-brand cards push transactions into QuickBooks, Xero or Ramp-style platforms. The integration needs posted vs pending state, merchant cleanup and statement-period anchoring so journal entries line up with the printed statement.

Data & APIs: transaction stream with pagination, statement PDF retrieval, FX rate field for foreign purchases. OpenFinance mapping: OpenBanking AISP-style consent UX adapted for the US, plus a webhook for new-transaction notifications.

3. Credit-monitoring & underwriting feedback

Personal finance apps and lenders want a recurring snapshot of a borrower's FICO score and revolving utilization. The Barclays US app surfaces the free FICO score plus the credit limit and current balance — enough to drive utilization-based alerts.

Data & APIs: FICO score endpoint, balance + limit endpoint, statement endpoint for paid-on-time history. OpenFinance mapping: data minimization is enforced — only score, limit, balance and refresh timestamp leave the boundary.

4. Deposit aggregation for treasury tooling

Customers holding Barclays Online Savings accounts or CDs alongside other US banks often need a single treasury view. The integration captures APY, balance, accrued interest and CD maturity to power yield-laddering and cashflow tools.

Data & APIs: savings account info, CD schedule, external transfer history. OpenFinance mapping: aligned with the consumer's right to port deposit data, with audit logs retained per GLBA Safeguards Rule expectations.

5. Fraud & card-control automation

Card-issuer ops teams and fintech challengers want a clean event stream for card locks, unlocks, replacements and shipping milestones. The Barclays US Card Control surfaces are perfect candidates for webhookification.

Data & APIs: card-state events, replacement request endpoint, shipping status. OpenFinance mapping: events are signed and idempotent, so downstream fraud platforms (e.g. SIEM, case-management) can reason about them safely.

Technical implementation

Below are three representative request/response shapes from a typical Barclays US integration drop. Endpoints, headers and field names are illustrative — the production version is delivered as a generated OpenAPI 3.1 spec plus a runnable client.

Login & token refresh

POST /api/v1/barclays-us/auth/login
Content-Type: application/json

{
  "username": "user@example.com",
  "password": "<encrypted>",
  "device": {"id": "ios-9c2a", "biometric": true},
  "challenge": "otp:739204"
}

200 OK
{
  "access_token": "<JWT>",
  "refresh_token": "<opaque>",
  "expires_in": 1800,
  "scopes": ["accounts.read","cards.read","fico.read"]
}

Statement & transaction export

POST /api/v1/barclays-us/statement
Authorization: Bearer <ACCESS_TOKEN>

{
  "account_id": "cc_4147xxxx",
  "from_date": "2026-03-01",
  "to_date":   "2026-03-31",
  "include":   ["pending","posted","fees"]
}

200 OK
{
  "billing_cycle": "2026-03",
  "minimum_due": 47.00,
  "currency": "USD",
  "transactions": [
    {"posted":"2026-03-04","mcc":"3000","merchant":"American Airlines",
     "amount":-318.40,"fx":null,"state":"posted"}
  ]
}

FICO score & webhook

GET /api/v1/barclays-us/fico
Authorization: Bearer <ACCESS_TOKEN>

200 OK
{
  "score": 762,
  "model": "FICO 8 Bankcard",
  "refresh_date": "2026-05-02",
  "trend_30d": +6
}

# Outbound webhook (signed with HMAC-SHA256)
POST https://customer.example.com/hooks/barclays-us
X-OFL-Signature: t=1714680000,v1=...
{
  "event": "card.locked",
  "account_id": "cc_4147xxxx",
  "occurred_at": "2026-05-02T19:14:11Z"
}

Error handling & resilience

Clients are shipped with circuit breakers, exponential backoff and dead-letter queues for failed webhook deliveries. The Barclays US session can challenge any call with a step-up biometric prompt, so the SDK distinguishes 401 token_expired from 403 step_up_required and surfaces a re-auth callback the host app can present to the user.

Compliance & privacy

Barclays US sits inside a fast-moving US regulatory perimeter. We design every integration around the CFPB Personal Financial Data Rights (Section 1033) framework — even while the rule is under active reconsideration in 2025–2026 — plus the GLBA Safeguards Rule for customer information protection and PCI DSS for any pathway that touches PAN data.

We prefer documented public APIs (the Barclays API Exchange, Plaid for aggregation) over scraping, retain consent receipts for every refresh, and ship data-minimization defaults so a FICO-only consumer never sees their statement PDFs leave the boundary. For UK or EU dual-region products, we align card-rails endpoints with PSD2 SCA expectations as well.

Data flow / architecture

The pipeline is intentionally boring: Barclays US app / official API → OpenFinance Lab ingestion gateway → encrypted storage (KMS-managed keys) → normalized API + signed webhooks → customer system. Each hop emits structured audit logs, a per-tenant rate limiter, and a kill switch that revokes downstream tokens within seconds of a consent withdrawal.

Step 1 — Authorized data fetch from the Barclays US surface
Step 2 — Schema normalization + PII tokenization at ingest
Step 3 — Encrypted storage with field-level access policies
Step 4 — Outbound REST / webhook delivery to customer systems

Market positioning & user profile

Barclays US (operated by Barclays Bank Delaware) is one of the largest co-brand credit card issuers in the United States. Its mobile customer base skews toward frequent travelers and reward optimizers because Barclaycard powers AAdvantage Aviator, JetBlue Plus, Hawaiian Airlines, Wyndham Rewards, Carnival World Mastercard, Princess Cruises, Uber and many others. Alongside cards, Barclays Online Savings and CDs target rate-sensitive depositors in the US, while the brand keeps a separate UK retail bank. Integrations on this page are scoped to the US Barclays US Android/iOS app (package com.barclaycardus) — distinct from com.barclays.android.barclaysmobilebanking used by Barclays UK.

Screenshots

Each thumbnail below highlights a surface we typically map during a Barclays US integration. Click any image for a larger preview.

Similar apps & the wider US integration landscape

Teams that build against Barclays US almost always need to talk to other US issuers and aggregators. The apps below show up most often alongside Barclays US in real-world integration briefs — listed here purely as part of the surrounding ecosystem, not as competitors to be judged.

Chase Mobile

Holds card, deposit and Ultimate Rewards data for tens of millions of US households. Cross-issuer transaction exports across Barclays US and Chase Mobile are common in expense-management products.

Capital One Mobile

Spans credit cards, checking and auto loans. Following the Capital One / Discover merger, integrators are watching for a unified data surface — until then a multi-app exporter is the norm.

Discover Mobile

Cashback ledger and Cashback Match data is highly structured. Pairing Discover Cashback with Barclays US miles is a frequent travel-vs-cash optimization scenario.

American Express

Membership Rewards and transaction MCC tagging are a benchmark for premium card data. Integrators frequently sync Amex and Barclaycard co-brand transactions into a single travel dashboard.

Bank of America Mobile Banking

Holds checking, savings, BankAmericard and Merrill brokerage data. Common alongside Barclays Online Savings in deposit-aggregation workflows.

Citi Mobile

Carries ThankYou Points, AAdvantage Citi card data and FICO score widgets — directly analogous to Barclaycard's AAdvantage Aviator surface for travel-rewards aggregation.

Wells Fargo Mobile

Wide deposit and card footprint. Frequently paired with Barclays US in PFM apps that target US households consolidating multi-bank balances.

U.S. Bank Mobile

Co-brand portfolio includes airline and hotel cards similar to Barclays US. Reward-ecosystem dashboards typically support both as a baseline.

PNC Mobile Banking

Strong in deposits and small-business checking. Multi-bank treasury tooling often combines PNC, Barclays Online Savings and one large national bank.

Plaid (Barclaycard connector)

Acts as an authorized aggregator path into Barclaycard accounts. Useful when first-party developer access is not available and you need a documented consumer-consent flow.

About OpenFinance Lab

OpenFinance Lab is an independent technical studio focused on fintech protocol analysis and authorized API integration. Our engineers have shipped production stacks for card issuers, payment gateways and PFM products across the US, UK, EU and Asia, so we know the gap between a public developer portal and the actual call shapes a mobile app emits.

Credit cards, deposit banking, lending, rewards and brokerage
Section 1033, GLBA, PCI DSS and PSD2 dual-region scoping
Custom Python / Node.js / Go SDKs and replay-driven test harnesses
Source-code delivery from $300 — runnable client plus full documentation, paid after delivery upon satisfaction
Pay-per-call hosted API — usage-based pricing, no upfront commitment

Contact

To request a quote or share your target requirements (which Barclays US surfaces you need, regions, expected call volume), open our contact page.

Contact page

Engagement workflow

Scope confirmation — pick the Barclays US surfaces in scope (transactions, FICO, rewards, savings, card events).
Protocol analysis and API design (2–5 business days, complexity-dependent).
Implementation and internal replay-based validation (3–8 business days).
Documentation, sample data and test cases (1–2 business days).
Typical first delivery: 7–14 business days; sandbox approvals or co-brand specifics may extend timelines.

FAQ

What Barclays US data can I integrate via API?

Credit card transaction history, statement PDFs, available balance and credit limit, rewards/cashback ledgers, FICO score snapshots, savings and CD balances, scheduled payments and direct deposit metadata, and card-control events such as lock/unlock and card replacement triggers.

How long does a Barclays US API integration take to deliver?

A first runnable drop covering login, statement export and balance sync usually lands in 7 to 14 business days. Adding rewards aggregation, FICO score retrieval, or webhook-driven transaction streams typically extends timelines by another 5 to 10 days depending on sandbox availability.

Is the integration compliant with US data sharing rules?

We work under user authorization and prefer documented public APIs such as the Barclays API Exchange and Plaid-style aggregators. Designs align with CFPB Section 1033 Personal Financial Data Rights, FFIEC mobile guidance, GLBA Safeguards Rule and PCI DSS where card data is in scope.

📱 Original app overview (Barclays US — appendix)

Barclays US is the mobile companion for Barclaycard US credit cards and Barclays Online Savings/CD products. It lets customers access accounts anywhere with biometric login, customized notifications, mobile wallet support, easy direct deposits and online transfers — making credit card management and online banking faster and easier than the legacy web portal.

Existing Barclays credit card customers can log in with the same online credentials; customers who only hold a Barclays Savings or CD account can set up an online account directly through the app. The product roadmap has steadily shifted toward a unified mobile-first experience for both card and deposit customers.

Faster

Digital wallet — pay with just a tap by adding the card to Google Pay or Samsung Pay.
Biometric login — skip the password and log in with a fingerprint.
Rewards — all rewards programs surfaced in one place.
Online transfers to and from other banks.

Easier

Quick and easy payments.
All accounts visible in one consolidated dashboard.
Spend Analyzer — big-picture view of monthly spending.
Free online access to FICO® Credit Score.
Direct deposit setup for simple, automated saving.
No monthly maintenance fees on Barclays Online Savings.

Safer

Card control — lock the card instantly if it goes missing.
Personalized alerts and push notifications.
Replace a card in just a few steps from inside the app.
Secure 24/7 online access to funds.

FICO is a registered trademark of Fair Isaac Corporation in the United States and other countries. Barclays US (com.barclaycardus) is operated by Barclays Bank Delaware; this page describes technical integration positioning and is not affiliated with or endorsed by Barclays.