File downloads
Some files are exposed outside the GraphQL API because their format (XML, ZIP) makes a binary HTTP response a better fit. These REST endpoints live on the same host as /graphql/ and use the same JWT.
- A valid JWT — see the Authentication guide.
- The right environment host — see API endpoints.
A successful request returns the file directly (application/xml for SEPA files, application/zip for archives). Errors are returned as a JSON body.
Example: download a SEPA file
curl -X GET "https://api.<client>.vasco.fund/security_operations/123/download-sepa/credit_transfer?moneyMovementIds[]=10" \
-H "Authorization: Bearer $TOKEN" \
-o sepa.xml
SEPA files
Credit transfer (Distribution, Transfer)
GET /security_operations/{securityOperationId}/download-sepa/credit_transfer — admin only.
all=truetriggers async generation for all movements (can be combined withsearchandfilter[bankAccountStatus]).- Otherwise, pass targeted IDs via
moneyMovementIds[]=.... - Examples:
GET /security_operations/123/download-sepa/credit_transfer?all=true&filter[bankAccountStatus]=verifiedGET /security_operations/123/download-sepa/credit_transfer?moneyMovementIds[]=10&moneyMovementIds[]=11
- Returns a
sepa.xmlfile, or a202 AcceptedJSON status payload when async generation is triggered.
→ Related concept: Transaction
Direct debit
GET /security_operations/download-sepa/direct_debit — admin only.
- Requires the array
transactions[transactionId]=securityOperationIdlisting the transactions to include. - Example:
GET /security_operations/download-sepa/direct_debit?transactions[42]=1337&transactions[43]=1337 - Returns a
sepa.xmlfile.
Retrocession invoices
GET /retrocessions-invoices/download-sepa — admin only.
- Parameter
invoices[]=<invoiceId>for each invoice to include. - Example:
GET /retrocessions-invoices/download-sepa?invoices[]=9811&invoices[]=9812 - Returns a
sepa.xmlfile.
→ Related concept: Intermediated placement — distributors and retrocessions.
Subscription packs
Three routes generate a subscription pack .zip for an investment. The route you call depends on the stage of the subscription flow:
| Route | When to use it |
|---|---|
GET /investments/{investmentId}/download-blank-subscription-pack-for-verification.zip | Preview the pack before investment terms are approved. Read-only — does not change the investment state. |
GET /investments/{investmentId}/download-blank-subscription-pack.zip | Available once investment terms are validated. Returns the pack to be signed and marks the investment as manually signed. |
GET /investments/{investmentId}/download-blank-subscription-pack-for-electronic-sign.zip | Same as above but for electronic signature — does not switch the investment to manual mode. |
→ See the Investment Management recipe for where these calls fit into the subscription flow.
Transaction document archives
Admin and distributor only. Each route returns a .zip archive containing the documents visible for the targeted transaction.
| Route | Transaction type |
|---|---|
GET /investments/{id}/subscription-pack-documents.zip | Investment |
GET /capital-call/{id}/documents.zip | CapitalCall |
GET /distributions/{id}/documents.zip | Distribution |
GET /cessions/{id}/documents.zip | Cession |
GET /transfers/{id}/documents.zip | Transfer |
→ Related concept: Transaction.
Related
- Authentication — how to obtain the JWT used by these routes
- API endpoints — environment hosts
- Uploads — the counterpart for sending files into the API