NextGenPSD2 XS2A Framework for Croatia

NextGenPSD2 XS2A Framework for Croatia (ASP.NET Core 2.0)
More information: https://www.berlin-group.org/
Contact Info: info@berlin-group.org
Version: 1.3.2 Feb 18th 2019 - HR Country Specific
BasePath:/Comtrade.Banking.OpenAPI.PSD2
All rights reserved
http://apache.org/licenses/LICENSE-2.0.html

Access

  1. APIKey KeyParamName:Authorization KeyInQuery:false KeyInHeader:true

Methods

[ Jump to Models ]

Table of Contents

AccountInformationServiceAISApi

ConfirmationOfFundsServicePIISApi

PaymentInitiationServicePISApi

SigningBasketsSBSApi

AccountInformationServiceAISApi

Up
post /psd2/v1/consents
Create consent (createConsent)
This method create a consent resource, defining access rights to dedicated accounts of a given PSU-ID. These accounts are addressed explicitly in the method as parameters as a core function.

Side Effects

When this Consent Request is a request where the "recurringIndicator" equals "true", and if it exists already a former consent for recurring access on account information for the addressed PSU, then the former consent automatically expires as soon as the new consent request is authorised by the PSU.

Optional Extensions

As an option, an ASPSP might optionally accept a specific access right on the access on all psd2 related services for all available accounts.

As another option an ASPSP might optionally also accept a command, where only access rights are inserted without mentioning the addressed account. The relation to accounts is then handled afterwards between PSU and ASPSP. This option is not supported for the Embedded SCA Approach.

As a last option, an ASPSP might in addition accept a command with access rights * to see the list of available payment accounts or * to see the list of available payment accounts with balances.

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body Consents (optional)
Body Parameter — Requestbody for a consents request

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface.

Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.

It is mandatory in case the PSU-ID is supplied by the TPP.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.

In case PSU-Corporate-ID is provided this field is mandatory.
TPP-Redirect-Preferred (optional)
Header Parameter — If it equals "true", the TPP prefers a redirect over an embedded SCA approach.

If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU.

If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU.
TPP-Redirect-URI (optional)
Header Parameter — URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true".
It is recommended to always use this header field.

Remark for Future:
This field might be changed to mandatory in the next version of the specification.
TPP-Nok-Redirect-URI (optional)
Header Parameter — If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

This might be ignored by the ASPSP.
TPP-Explicit-Authorisation-Preferred: (optional)
Header Parameter — If it equals "true", the TPP prefers to start the authorisation process separately, e.g. because of the usage of a signing basket. This preference might be ignored by the ASPSP, if a signing basket is not supported as functionality.

If it equals "false" or if the parameter is not used, there is no preference of the TPP. This especially indicates that the TPP assumes a direct authorisation of the transaction in the next step, without using a signing basket.
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

ConsentsResponse201

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

201

Created ConsentsResponse201

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
delete /psd2/v1/consents/{consentId}
Delete Consent (deleteConsent)
The TPP can delete an account information consent object if needed.

Path parameters

consentId (required)
Path Parameter — ID of the corresponding consent object as returned by an Account Information Consent Request.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

204

No Content

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/accounts
Read Account List (getAccountList)
Read the identifiers of the available payment account together with booking balance information, depending on the consent granted.

It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.

The addressed list of accounts depends then on the PSU ID and the stored consent addressed by consentId, respectively the OAuth2 access token.

Returns all identifiers of the accounts, to which an account access has been granted to through the /consents endpoint by the PSU. In addition, relevant information about the accounts and hyperlinks to corresponding account information resources are provided if a related consent has been already granted.

Remark:
Note that the /consents endpoint optionally offers to grant an access on all available payment accounts of a PSU. In this case, this endpoint will deliver the information about all available payment accounts of the PSU at this ASPSP.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (required)
Header Parameter — This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Query parameters

withBalance (optional)
Query Parameter — If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP.

This parameter might be ignored by the ASPSP.

Return type

AccountList

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK AccountList

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/accounts/{accountId}/balances
Read Balance (getBalances)
Reads account data from a given account addressed by "account-id".

Remark:
This account-id can be a tokenised identification due to data protection reason since the path information might be logged on intermediary servers within the ASPSP sphere. This account-id then can be retrieved by the "GET Account List" call.
The account-id is constant at least throughout the lifecycle of a given consent.

Path parameters

accountId (required)
Path Parameter — This identification is denoting the addressed account.

The account-id is retrieved by using a "Read Account List" call.

The account-id is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (required)
Header Parameter — This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level. This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Return type

ReadAccountBalanceResponse200

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ReadAccountBalanceResponse200

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/card-accounts
Reads a list of card accounts (getCardAccount)
Reads a list of card accounts with additional information, e.g. balance information.

It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.

The addressed list of card accounts depends then on the PSU ID and the stored consent addressed by consentId, respectively the OAuth2 access token.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (required)
Header Parameter — This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Return type

CardAccountList

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK CardAccountList

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/card-accounts/{accountId}/balances
Read card account balances (getCardAccountBalances)
Reads balance data from a given card account addressed by "account-id".

Remark:
This account-id can be a tokenised identification due to data protection reason since the path information might be logged on intermediary servers within the ASPSP sphere. This account-id then can be retrieved by the "GET Card Account List" call

Path parameters

accountId (required)
Path Parameter — This identification is denoting the addressed account.

The account-id is retrieved by using a "Read Account List" call.

The account-id is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (required)
Header Parameter — This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter
PSU-Corporate-ID (optional)
Header Parameter

Return type

ReadCardAccountBalanceResponse200

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ReadCardAccountBalanceResponse200

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/card-accounts/{accountId}/transactions/{resourceId}
Read Card Transaction Details (getCardAccountTransactionDetails)
Reads card account transaction details from a given card transaction addressed by "resourceId" on a given account addressed by "account-id".

This call is only available on transactions as reported in a JSON format.

Remark:
Please note that the PATH might be already given in detail by the corresponding entry of the response of the "Read Transaction List" call within the _links subfield.

Path parameters

accountId (required)
Path Parameter — This identification is denoting the addressed account.

The account-id is retrieved by using a "Read Account List" call.

The account-id is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.
resourceId (required)
Path Parameter — This identification is given by the attribute resourceId of the corresponding entry of a transaction list.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (required)
Header Parameter — This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Return type

CardTransaction

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou
  aeiou
  aeiou
  aeiou
  aeiou
  aeiou
  true

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK CardTransaction

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/card-accounts/{accountId}/transactions
Read transaction list of an account (getCardAccountTransactionList)
Reads account data from a given card account addressed by "account-id".

Path parameters

accountId (required)
Path Parameter — This identification is denoting the addressed account.

The account-id is retrieved by using a "Read Account List" call.

The account-id is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (required)
Header Parameter — This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Query parameters

bookingStatus (required)
Query Parameter — Permitted codes are:
  • "booked",
  • "pending"
  • "both"
"booked" shall be supported by the ASPSP.

To support the "pending" and "both" feature is optional for the ASPSP, Error code if not supported in the online banking frontend
dateFrom (optional)
Query ParameterConditional

Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required.

For booked transactions, the relevant date is the booking date.

For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP. format: date-time
dateTo (optional)
Query Parameter — End date (inclusive the data dateTo) of the transaction list, default is "now" if not given.

Might be ignored if a delta function is used.

For booked transactions, the relevant date is the booking date.

For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP. format: date-time
entryReferenceFrom (optional)
Query Parameter — This data attribute is indicating that the AISP is in favour to get all transactions after the transaction with identification entryReferenceFrom alternatively to the above defined period.

This is a implementation of a delta access.

If this data element is contained, the entries "dateFrom" and "dateTo" might be ignored by the ASPSP if a delta report is supported.

Optional if supported by API provider.
deltaList (optional)
Query Parameter — This data attribute is indicating that the AISP is in favour to get all transactions after the last report access for this PSU on the addressed account.

This is another implementation of a delta access-report.

This delta indicator might be rejected by the ASPSP if this function is not supported.

Optional if supported by API provider
withBalance (optional)
Query Parameter — If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP.

This parameter might be ignored by the ASPSP.

Return type

CardAccountsTransactionsResponse200

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK CardAccountsTransactionsResponse200

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/consents/{consentId}/authorisations
Get Consent Authorisation Sub-Resources Request (getConsentAuthorisation)
Return a list of all authorisation subresources IDs which have been created.

This function returns an array of hyperlinks to all generated authorisation sub-resources.

Path parameters

consentId (required)
Path Parameter — ID of the corresponding consent object as returned by an Account Information Consent Request.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

Authorisations

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK Authorisations

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/consents/{consentId}
Get Consent Request (getConsentInformation)
Returns the content of an account information consent object.

This is returning the data for the TPP especially in cases, where the consent was directly managed between ASPSP and PSU e.g. in a re-direct SCA Approach.

Path parameters

consentId (required)
Path Parameter — ID of the corresponding consent object as returned by an Account Information Consent Request.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

ConsentInformationResponse200Json

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou
  aeiou
  aeiou
  aeiou
  aeiou
  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ConsentInformationResponse200Json

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/consents/{consentId}/authorisations/{authorisationId}
Read the SCA status of the consent authorisation. (getConsentScaStatus)
This method returns the SCA status of a consent initiation's authorisation sub-resource.

Path parameters

consentId (required)
Path Parameter — ID of the corresponding consent object as returned by an Account Information Consent Request.
authorisationId (required)
Path Parameter — Resource identification of the related SCA.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

ScaStatusResponse

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ScaStatusResponse

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/consents/{consentId}/status
Consent status request (getConsentStatus)
Read the status of an account information consent resource.

Path parameters

consentId (required)
Path Parameter — ID of the corresponding consent object as returned by an Account Information Consent Request.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

ConsentStatusResponse200

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ConsentStatusResponse200

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/accounts/{accountId}/transactions/{resourceId}
Read Transaction Details (getTransactionDetails)
Reads transaction details from a given transaction addressed by "resourceId" on a given account addressed by "account-id".

This call is only available on transactions as reported in a JSON format.

Remark:
Please note that the PATH might be already given in detail by the corresponding entry of the response of the "Read Transaction List" call within the _links subfield.

Path parameters

accountId (required)
Path Parameter — This identification is denoting the addressed account.

The account-id is retrieved by using a "Read Account List" call.

The account-id is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.
resourceId (required)
Path Parameter — This identification is given by the attribute resourceId of the corresponding entry of a transaction list.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (required)
Header Parameter — This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Return type

TransactionDetails

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK TransactionDetails

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/accounts/{accountId}/transactions
Read transaction list of an account (getTransactionList)
Read transaction reports or transaction lists of a given account ddressed by "account-id", depending on the steering parameter "bookingStatus" together with balances.

For a given account, additional parameters are e.g. the attributes "dateFrom" and "dateTo".

The ASPSP might add balance information, if transaction lists without balances are not supported.

Path parameters

accountId (required)
Path Parameter — This identification is denoting the addressed account.

The account-id is retrieved by using a "Read Account List" call.

The account-id is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (required)
Header Parameter — This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Query parameters

bookingStatus (required)
Query Parameter — Permitted codes are:
  • "booked",
  • "pending"
  • "both"
"booked" shall be supported by the ASPSP.

To support the "pending" and "both" feature is optional for the ASPSP, Error code if not supported in the online banking frontend
dateFrom (optional)
Query ParameterConditional

Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required.

For booked transactions, the relevant date is the booking date.

For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP. format: date-time
dateTo (optional)
Query Parameter — End date (inclusive the data dateTo) of the transaction list, default is "now" if not given.

Might be ignored if a delta function is used.

For booked transactions, the relevant date is the booking date.

For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP. format: date-time
entryReferenceFrom (optional)
Query Parameter — This data attribute is indicating that the AISP is in favour to get all transactions after the transaction with identification entryReferenceFrom alternatively to the above defined period.

This is a implementation of a delta access.

If this data element is contained, the entries "dateFrom" and "dateTo" might be ignored by the ASPSP if a delta report is supported.

Optional if supported by API provider.
deltaList (optional)
Query Parameter — This data attribute is indicating that the AISP is in favour to get all transactions after the last report access for this PSU on the addressed account.

This is another implementation of a delta access-report.

This delta indicator might be rejected by the ASPSP if this function is not supported.

Optional if supported by API provider
withBalance (optional)
Query Parameter — If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP.

This parameter might be ignored by the ASPSP.

Return type

TransactionsResponse200Json

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK TransactionsResponse200Json

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/accounts/{accountId}
Read Account Details (readAccountDetails)
Reads details about an account, with balances where required.

It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.

The addressed details of this account depends then on the stored consent addressed by consentId, respectively the OAuth2 access token.

Remark:
The account-id can represent a multicurrency account. In this case the currency code is set to "XXX".

Give detailed information about the addressed account.

Give detailed information about the addressed account together with balance information

Path parameters

accountId (required)
Path Parameter — This identification is denoting the addressed account.

The account-id is retrieved by using a "Read Account List" call.

The account-id is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (required)
Header Parameter — This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Query parameters

withBalance (optional)
Query Parameter — If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP.

This parameter might be ignored by the ASPSP.

Return type

AccountDetails

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK AccountDetails

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/card-accounts/{accountId}
Reads details about a card account (readCardAccount)
Reads details about a card account.

It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.

The addressed details of this account depends then on the stored consent addressed by consentId, respectively the OAuth2 access token.

Path parameters

accountId (required)
Path Parameter — This identification is denoting the addressed account.

The account-id is retrieved by using a "Read Account List" call.

The account-id is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (required)
Header Parameter — This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Return type

CardAccountDetails

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK CardAccountDetails

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
post /psd2/v1/consents/{consentId}/authorisations
Start the authorisation process for a consent (startConsentAuthorisation)
Create an authorisation sub-resource and start the authorisation process of a consent. The message might in addition transmit authentication and authorisation related data. This method is iterated n times for a n times SCA authorisation in a corporate context, each creating an own authorisation sub-endpoint for the corresponding PSU authorising the consent.

The ASPSP might make the usage of this access method unnecessary, since the related authorisation resource will be automatically created by the ASPSP after the submission of the consent data with the first POST consents call.

The start authorisation process is a process which is needed for creating a new authorisation or cancellation sub-resource.
This applies in the following scenarios:

Path parameters

consentId (required)
Path Parameter — ID of the corresponding consent object as returned by an Account Information Consent Request.

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body string (optional)
Body Parameter

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface.

Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.

It is mandatory in case the PSU-ID is supplied by the TPP.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.

In case PSU-Corporate-ID is provided this field is mandatory.
TPP-Redirect-Preferred (optional)
Header Parameter — If it equals "true", the TPP prefers a redirect over an embedded SCA approach.

If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU.

If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU.
TPP-Redirect-URI (optional)
Header Parameter — URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true". It is recommended to always use this header field.

Remark for Future:
This field might be changed to mandatory in the next version of the specification.
TPP-Nok-Redirect-URI (optional)
Header Parameter — If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

This might be ignored by the ASPSP.
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

StartScaprocessResponse

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

201

Created StartScaprocessResponse

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
put /psd2/v1/consents/{consentId}/authorisations/{authorisationId}
Update PSU Data for consents (updateConsentsPsuData)

This method update PSU data on the consents resource if needed. It may authorise a consent within the Embedded SCA Approach where needed. Independently from the SCA Approach it supports e.g. the selection of the authentication method and a non-SCA PSU authentication. This methods updates PSU data on the cancellation authorisation resource if needed.

There are several possible Update PSU Data requests in the context of a consent request if needed, which depends on the SCA approach:

The SCA Approach might depend on the chosen SCA method. For that reason, the following possible Update PSU Data request can apply to all SCA approaches:

Path parameters

consentId (required)
Path Parameter — ID of the corresponding consent object as returned by an Account Information Consent Request.
authorisationId (required)
Path Parameter — Resource identification of the related SCA.

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body object (optional)
Body Parameter

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface.

Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.

It is mandatory in case the PSU-ID is supplied by the TPP.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.

In case PSU-Corporate-ID is provided this field is mandatory.
PSU-IP-Adress (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

ConfirmationOfFundsServicePIISApi

Up
post /psd2/v1/funds-confirmations
Confirmation of Funds Request (checkAvailabilityOfFunds)
Creates a confirmation of funds request at the ASPSP.

Checks whether a specific amount is available at point of time of the request on an account linked to a given tuple card issuer(TPP)/card number, or addressed by IBAN and TPP respectively

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body ConfirmationOfFunds (optional)
Body Parameter — Request body for a confirmation of funds request.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
Consent-ID (optional)
Header Parameter — This data element may be contained, if the payment initiation transaction is part of a session, i.e. combined AIS/PIS service. This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte

Return type

InlineResponse200

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  true

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK InlineResponse200

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGPIIS

403

Forbidden Error403NGPIIS

404

Not found Error404NGPIIS

405

Method Not Allowed Error405NGPIIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
post /psd2/v1/consents/confirmation-of-funds
Create consent (createConsentConfirmationOfFunds)
This method creates a confirmation of funds consent resource at the ASPSP regarding confirmation of funds access to an account specified in this request.

Side Effects

In difference to the Establish Account Information Consent as defined in [XS2A-IG], there is no side effect by the Establish Confirmation of Funds Consent Request

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body Consents (optional)
Body Parameter — Requestbody for a consent confirmation of funds request.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface. Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
TPP-Redirect-Preferred (optional)
Header Parameter — If it equals "true", the TPP prefers a redirect over an embedded SCA approach.

If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU.

If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU.
TPP-Redirect-URI (optional)
Header Parameter — URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true". It is recommended to always use this header field.

Remark for Future:
This field might be changed to mandatory in the next version of the specification.
TPP-Nok-Redirect-URI (optional)
Header Parameter — If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

This might be ignored by the ASPSP.
TPP-Explicit-Authorisation-Preferred: (optional)
Header Parameter — If it equals "true", the TPP prefers to start the authorisation process separately, e.g. because of the usage of a signing basket.

This preference might be ignored by the ASPSP, if a signing basket is not supported as functionality.

If it equals "false" or if the parameter is not used, there is no preference of the TPP. This especially indicates that the TPP assumes a direct authorisation of the transaction in the next step, without using a signing basket.
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

ConsentsResponse201

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

201

Created ConsentsResponse201

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
delete /psd2/v1/consents/confirmation-of-funds/{consentId}
Delete Consent Content (deleteConsentConfirmationOfFunds)
Deletes a given consent.

Path parameters

consentId (required)
Path Parameter — ID of the corresponding consent object as returned by an Account Information Consent Request.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

204

Deletes a given consent.

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/consents/confirmation-of-funds/{consentId}
Get Consent Content (getConsentConfirmationOfFunds)
Returns the content of an account information consent object.

This is returning the data for the TPP especially in cases, where the consent was directly managed between ASPSP and PSU e.g. in a re-direct SCA Approach.

Path parameters

consentId (required)
Path Parameter — ID of the corresponding consent object as returned by an Account Information Consent Request.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

ConsentInformationResponse200Json

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou
  aeiou
  aeiou
  aeiou
  aeiou
  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

Get consent status ConsentInformationResponse200Json

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/consents/confirmation-of-funds/{consentId}/status
Get Consent Status (getConsentConfirmationOfFundsStatus)
Can check the status of an account information consent resource.

Path parameters

consentId (required)
Path Parameter — ID of the corresponding consent object as returned by an Account Information Consent Request.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

It shall be contained if and only if this request was actively initiated by the PSU.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

ConsentStatusResponse200

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

Get consent status ConsentStatusResponse200

400

Bad Request Error400NGAIS

401

Unauthorized Error401NGAIS

403

Forbidden Error403NGAIS

404

Not found Error404NGAIS

405

Method Not Allowed Error405NGAIS

406

Not Acceptable Error406NGAIS

408

Request Timeout

409

Conflict Error409NGAIS

415

Unsupported Media Type

429

Too Many Requests Error429NGAIS

500

Internal Server Error

503

Service Unavailable

PaymentInitiationServicePISApi

Up
delete /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}
Payment Cancellation Request (cancelPayment)
This method initiates the cancellation of a payment.

Depending on the payment-service, the payment-product and the ASPSP's implementation, this TPP call might be sufficient to cancel a payment.

If an authorisation of the payment cancellation is mandated by the ASPSP, a corresponding hyperlink will be contained in the response message.

Cancels the addressed payment with resource identification paymentId if applicable to the payment-service, payment-product and received in product related timelines (e.g. before end of business day for scheduled payments of the last business day before the scheduled execution day).

The response to this DELETE command will tell the TPP whether the

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Return type

PaymentInitiationCancelResponse202

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

202

Received PaymentInitiationCancelResponse202

204

No Content

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPISCANC

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}/cancellation-authorisations/{cancellationId}
Read the SCA status of the payment cancellation's authorisation. (getPaymentCancellationScaStatus)
This method returns the SCA status of a payment initiation's authorisation sub-resource.

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.
cancellationId (required)
Path Parameter — Identification for cancellation resource.

Request headers

x-Request-ID (optional)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

ScaStatusResponse

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ScaStatusResponse

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}
Get Payment Information (getPaymentInformation)
Returns the content of a payment object

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}/authorisations
Get Payment Initiation Authorisation Sub-Resources Request (getPaymentInitiationAuthorisation)
Read a list of all authorisation subresources IDs which have been created.

This function returns an array of hyperlinks to all generated authorisation sub-resources.

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

Authorisations

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK Authorisations

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}/cancellation-authorisations
Will deliver an array of resource identifications to all generated cancellation authorisation sub-resources. (getPaymentInitiationCancellationAuthorisationInformation)
Retrieve a list of all created cancellation authorisation sub-resources.

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

array[CancellationId]

Example data

Content-Type: application/json
{}

Example data

Content-Type: application/xml

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}/authorisations/{authorisationId}
Read the SCA Status of the payment authorisation (getPaymentInitiationScaStatus)
This method returns the SCA status of a payment initiation's authorisation sub-resource.

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.
authorisationId (required)
Path Parameter — Resource identification of the related SCA.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

ScaStatusResponse

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ScaStatusResponse

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}/status
Payment initiation status request (getPaymentInitiationStatus)
Check the transaction status of a payment initiation.

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.

Return type

PaymentInitiationStatusResponse200Json

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK PaymentInitiationStatusResponse200Json

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
post /psd2/v1/{paymentService}/{paymentProduct}
Payment initiation request (initiatePayment)

This method is used to initiate a payment at the ASPSP.

Variants of Payment Initiation Requests

This method to initiate a payment initiation at the ASPSP can be sent with either a JSON body or an pain.001 body depending on the payment product in the path.

There are the following payment products:

It is important to note that the support for pain.001 XML format is only supported for the bulk payments using the Croatian specific pain.001-credit-transfers! Furthermore the request body depends on the payment-service

Single and mulitilevel SCA Processes

The Payment Initiation Requests are independent from the need of one ore multilevel SCA processing, i.e. independent from the number of authorisations needed for the execution of payments. But the response messages are specific to either one SCA processing or multilevel SCA processing.

For payment initiation with multilevel SCA, this specification requires an explicit start of the authorisation, i.e. links directly associated with SCA processing like 'scaRedirect' or 'scaOAuth' cannot be contained in the response message of a Payment Initation Request for a payment, where multiple authorisations are needed. Also if any data is needed for the next action, like selecting an SCA method is not supported in the response, since all starts of the multiple authorisations are fully equal. In these cases, first an authorisation sub-resource has to be generated following the 'startAuthorisation' link.

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body object (optional)
Body Parameter

JSON request body for a payment inition request message

There are the following payment-products supported:

  • "sepa-credit-transfers" with JSON-Body
  • "target-2-payments" with JSON-Body
  • "cross-border-credit-transfers" with JSON-Body

Only country specific schemes are currently available

  • "pain.001-credit-transfers" with pain.001 body.

Only country specific schemes are currently available

There are the following payment-services supported:

  • "payments"
  • "periodic-payments"
  • "bulk-payments"

All optional, conditional and predefined but not yet used fields are defined.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
PSU-IP-Address (required)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level. This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter
PSU-ID-Type (optional)
Header Parameter — ”CORPORATE” for corporate payments.
PSU-Corporate-ID (optional)
Header Parameter — CompanyId if payments is corporte payment.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.

In case PSU-Corporate-ID is provided this field is mandatory.
Consent-ID (optional)
Header Parameter — This data element may be contained, if the payment initiation transaction is part of a session, i.e. combined AIS/PIS service. This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
TPP-Redirect-Preferred (optional)
Header Parameter — If it equals "true", the TPP prefers a redirect over an embedded SCA approach.

If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU.

If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU.
TPP-Redirect-URI (optional)
Header Parameter — URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true".
It is recommended to always use this header field.

Remark for Future:
This field might be changed to mandatory in the next version of the specification.
TPP-Nok-Redirect-URI (optional)
Header Parameter — If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

This might be ignored by the ASPSP.
TPP-Explicit-Authorisation-Preferred: (optional)
Header Parameter — If it equals "true", the TPP prefers to start the authorisation process separately, e.g. because of the usage of a signing basket. This preference might be ignored by the ASPSP, if a signing basket is not supported as functionality.

If it equals "false" or if the parameter is not used, there is no preference of the TPP. This especially indicates that the TPP assumes a direct authorisation of the transaction in the next step, without using a signing basket.
TPP-Rejection-NoFunds-Preferred (optional)
Header Parameter — If it equals "true" then the TPP prefers a rejection of the payment initiation in case the ASPSP is providing an integrated confirmation of funds request an the result of this is that not sufficient funds are available.

If it equals "false" then the TPP prefers that the ASPSP is dealing with the payment initiation like in the ASPSPs online channel, potentially waiting for a certain time period for funds to arrive to initiate the payment.

This parameter might be ignored by the ASPSP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

201

CREATED

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
post /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}/authorisations
Start the authorisation process for a payment initiation (startPaymentAuthorisation)
Create an authorisation sub-resource and start the authorisation process. The message might in addition transmit authentication and authorisation related data.

This method is iterated n times for a n times SCA authorisation in a corporate context, each creating an own authorisation sub-endpoint for the corresponding PSU authorising the transaction.

The ASPSP might make the usage of this access method unnecessary in case of only one SCA process needed, since the related authorisation resource might be automatically created by the ASPSP after the submission of the payment data with the first POST payments/{payment-product} call.

The start authorisation process is a process which is needed for creating a new authorisation or cancellation sub-resource. This applies in the following scenarios:

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body object (optional)
Body Parameter

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface.

Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.

It is mandatory in case the PSU-ID is supplied by the TPP.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context. In case PSU-Corporate-ID is provided this field is mandatory.
TPP-Redirect-Preferred (optional)
Header Parameter — If it equals "true", the TPP prefers a redirect over an embedded SCA approach.

If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU.

If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU.
TPP-Redirect-URI (optional)
Header Parameter — URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true".
It is recommended to always use this header field.

Remark for Future:
This field might be changed to mandatory in the next version of the specification.
TPP-Nok-Redirect-URI (optional)
Header Parameter — If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

This might be ignored by the ASPSP.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

StartScaprocessResponse

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

201

Created StartScaprocessResponse

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
post /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}/cancellation-authorisations
Start the authorisation process for the cancellation of the addressed payment (startPaymentInitiationCancellationAuthorisation)
Creates an authorisation sub-resource and start the authorisation process of the cancellation of the addressed payment. The message might in addition transmit authentication and authorisation related data.

This method is iterated n times for a n times SCA authorisation in a corporate context, each creating an own authorisation sub-endpoint for the corresponding PSU authorising the cancellation-authorisation.

The ASPSP might make the usage of this access method unnecessary in case of only one SCA process needed, since the related authorisation resource might be automatically created by the ASPSP after the submission of the payment data with the first POST payments/{payment-product} call.

The start authorisation process is a process which is needed for creating a new authorisation or cancellation sub-resource. This applies in the following scenarios:

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface.

Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.

It is mandatory in case the PSU-ID is supplied by the TPP.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.

In case PSU-Corporate-ID is provided this field is mandatory.
TPP-Redirect-Preferred (optional)
Header Parameter — If it equals "true", the TPP prefers a redirect over an embedded SCA approach.

If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU.

If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU.
TPP-Redirect-URI (optional)
Header Parameter — URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true".
It is recommended to always use this header field.

Remark for Future:
This field might be changed to mandatory in the next version of the specification.
TPP-Nok-Redirect-URI (optional)
Header Parameter — If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

This might be ignored by the ASPSP.
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

StartScaprocessResponse

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

201

Created StartScaprocessResponse

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
put /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}/cancellation-authorisations/{cancellationId}
Update PSU Data for payment initiation cancellation (updatePaymentCancellationPsuData)

This method updates PSU data on the cancellation authorisation resource if needed.

It may authorise a cancellation of the payment within the Embedded SCA Approach where needed.

Independently from the SCA Approach it supports e.g. the selection of the authentication method and a non-SCA PSU authentication. This methods updates PSU data on the cancellation authorisation resource if needed.

There are several possible Update PSU Data requests in the context of a cancellation authorisation within the payment initiation services needed, which depends on the SCA approach:

The SCA Approach might depend on the chosen SCA method. For that reason, the following possible Update PSU Data request can apply to all SCA approaches:

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.
cancellationId (required)
Path Parameter — Identification for cancellation resource.

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body object (optional)
Body Parameter

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface.

Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.

It is mandatory in case the PSU-ID is supplied by the TPP.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.

In case PSU-Corporate-ID is provided this field is mandatory.
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
put /psd2/v1/{paymentService}/{paymentProduct}/{paymentId}/authorisations/{authorisationId}
Update PSU data for payment initiation (updatePaymentPsuData)

This methods updates PSU data on the authorisation resource if needed.

It may authorise a payment within the Embedded SCA Approach where needed.

Independently from the SCA Approach it supports e.g. the selection of the authentication method and a non-SCA PSU authentication. This methods updates PSU data on the cancellation authorisation resource if needed.

There are several possible Update PSU Data requests in the context of a cancellation authorisation within the payment initiation services needed, which depends on the SCA approach:

The SCA Approach might depend on the chosen SCA method. For that reason, the following possible Update PSU Data request can apply to all SCA approaches:

Path parameters

paymentService (required)
Path Parameter — Payment service: Possible values are:
  • payments
  • bulk-payments
  • periodic-payments
paymentProduct (required)
Path Parameter — The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The Croatian version of the standard deviates slightly, as described in the country specific appendix to the implementation guidelines.

The following payment products are supported for single payments:
  • sepa-credit-transfers (mandatory support)
  • target-2-payments (optional support, decided by the ASPSP)
  • cross-border-credit-transfers (mandatory support)
  • domestic-credit-transfers-hr (mandatory support)
  • instant-domestic-credit-transfers-hr (optional support, decided by the ASPSP)
  • hr-rtgs-payments (optional support, decided by the ASPSP)
The following payment products are supported for bulk payments:
  • pain.001-credit-transfers (mandatory support)
    Remark:
    This payment product is specific to the Croatian standard!
The following payment products are supported for periodic payments:
  • domestic-credit-transfers-hr (optional support, decided by the ASPSP)
Remark:
For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
paymentId (required)
Path Parameter — Resource identification of the generated payment initiation resource.
authorisationId (required)
Path Parameter — Resource identification of the related SCA.

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body object (optional)
Body Parameter

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface. Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.

It is mandatory in case the PSU-ID is supplied by the TPP.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context. In case PSU-Corporate-ID is provided this field is mandatory.
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK

400

Bad Request Error400NGPIS

401

Unauthorized Error401NGPIS

403

Forbidden Error403NGPIS

404

Not found Error404NGPIS

405

Method Not Allowed Error405NGPIS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGPIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

SigningBasketsSBSApi

Up
post /psd2/v1/signing-baskets
Create a signing basket resource (createSigningBasket)
Create a signing basket resource for authorising several transactions with one SCA method. The resource identifications of these transactions are contained in the payload of this access method

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body SigningBasket (optional)
Body Parameter — Request body for a confirmation of an establishing signing basket request

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface. Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
Consent-ID (optional)
Header Parameter — This data element may be contained, if the payment initiation transaction is part of a session, i.e. combined AIS/PIS service. This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
TPP-Redirect-Preferred (optional)
Header Parameter — If it equals "true", the TPP prefers a redirect over an embedded SCA approach.

If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU.

If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU.
TPP-Redirect-URI (optional)
Header Parameter — URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true".
It is recommended to always use this header field.

Remark for Future:
This field might be changed to mandatory in the next version of the specification.
TPP-Nok-Redirect-URI (optional)
Header Parameter — If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

This might be ignored by the ASPSP.
TPP-Explicit-Authorisation-Preferred: (optional)
Header Parameter — If it equals "true", the TPP prefers to start the authorisation process separately, e.g. because of the usage of a signing basket. This preference might be ignored by the ASPSP, if a signing basket is not supported as functionality.

If it equals "false" or if the parameter is not used, there is no preference of the TPP. This especially indicates that the TPP assumes a direct authorisation of the transaction in the next step, without using a signing basket.
PSU-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

SigningBasketResponse201

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou
  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

201

Created SigningBasketResponse201

400

Bad Request Error400NGSBS

401

Unauthorized Error401NGSBS

403

Forbidden Error403NGSBS

404

Not found Error404NGSBS

405

Method Not Allowed Error405NGSBS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGSBS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
delete /psd2/v1/signing-baskets/{basketId}
Delete the signing basket (deleteSigningBasket)
Delete the signing basket structure as long as no (partial) authorisation has yet been applied. The undlerying transactions are not affected by this deletion.

Remark:
The signing basket as such is not deletable after a first (partial) authorisation has been applied. Nevertheless, single transactions might be cancelled on an individual basis on the XS2A interface.

Path parameters

basketId (required)
Path Parameter — This identification of the corresponding signing basket object.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Adress (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

204

No Content

400

Bad Request Error400NGSBS

401

Unauthorized Error401NGSBS

403

Forbidden Error403NGSBS

404

Not found Error404NGSBS

405

Method Not Allowed Error405NGSBS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGSBS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/signing-baskets/{basketId}
Returns the content of an signing basket object. (getSigningBasket)
Returns the content of an signing basket object.

Path parameters

basketId (required)
Path Parameter — This identification of the corresponding signing basket object.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

SigningBasketResponse200

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou
  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SigningBasketResponse200

400

Bad Request Error400NGSBS

401

Unauthorized Error401NGSBS

403

Forbidden Error403NGSBS

404

Not found Error404NGSBS

405

Method Not Allowed Error405NGSBS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGSBS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/signing-baskets/{basketId}/authorisations
Get Signing Basket Authorisation Sub-Resources Request (getSigningBasketAuthorisation)
Read a list of all authorisation subresources IDs which have been created. This function returns an array of hyperlinks to all generated authorisation sub-resources.

Path parameters

basketId (required)
Path Parameter — This identification of the corresponding signing basket object.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

Authorisations

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK Authorisations

400

Bad Request Error400NGSBS

401

Unauthorized Error401NGSBS

403

Forbidden Error403NGSBS

404

Not found Error404NGSBS

405

Method Not Allowed Error405NGSBS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGSBS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/signing-baskets/{basketId}/authorisations/{authorisationId}
Read the SCA status of the signing basket authorisation (getSigningBasketScaStatus)
This method returns the SCA status of a signing basket's authorisation sub-resource.

Path parameters

basketId (required)
Path Parameter — This identification of the corresponding signing basket object.
authorisationId (required)
Path Parameter — Resource identification of the related SCA.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

ScaStatusResponse

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK ScaStatusResponse

400

Bad Request Error400NGSBS

401

Unauthorized Error401NGSBS

403

Forbidden Error403NGSBS

404

Not found Error404NGSBS

405

Method Not Allowed Error405NGSBS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGSBS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
get /psd2/v1/signing-baskets/{basketId}/status
Read the status of the signing basket (getSigningBasketStatus)
Returns the status of a signing basket object.

Path parameters

basketId (required)
Path Parameter — This identification of the corresponding signing basket object.

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface.

Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

SigningBasketStatusResponse200

Example data

Content-Type: application/json
{"empty": false}

Example data

Content-Type: application/xml

  aeiou

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK SigningBasketStatusResponse200

400

Bad Request Error400NGSBS

401

Unauthorized Error401NGSBS

403

Forbidden Error403NGSBS

404

Not found Error404NGSBS

405

Method Not Allowed Error405NGSBS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGSBS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
post /psd2/v1/signing-baskets/{basketId}/authorisations
Start the authorisation process for a signing basket (startSigningBasketAuthorisation)
Create an authorisation sub-resource and start the authorisation process of a signing basket. The message might in addition transmit authentication and authorisation related data.

This method is iterated n times for a n times SCA authorisation in a corporate context, each creating an own authorisation sub-endpoint for the corresponding PSU authorising the signing-baskets.

The ASPSP might make the usage of this access method unnecessary in case of only one SCA process needed, since the related authorisation resource might be automatically created by the ASPSP after the submission of the payment data with the first POST signing basket call.

The start authorisation process is a process which is needed for creating a new authorisation or cancellation sub-resource. This applies in the following scenarios:

Path parameters

basketId (required)
Path Parameter — This identification of the corresponding signing basket object.

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body object (optional)
Body Parameter

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface.

Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
TPP-Redirect-Preferred (optional)
Header Parameter — If it equals "true", the TPP prefers a redirect over an embedded SCA approach.

If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU.

If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU.
TPP-Redirect-URI (optional)
Header Parameter — URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true".
It is recommended to always use this header field.

Remark for Future:
This field might be changed to mandatory in the next version of the specification.
TPP-Nok-Redirect-URI (optional)
Header Parameter — If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

This might be ignored by the ASPSP.
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Return type

StartScaprocessResponse

Example data

Content-Type: application/json
{"empty": false}

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

201

Created StartScaprocessResponse

400

Bad Request Error400NGSBS

401

Unauthorized Error401NGSBS

403

Forbidden Error403NGSBS

404

Not found Error404NGSBS

405

Method Not Allowed Error405NGSBS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGSBS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Up
put /psd2/v1/signing-baskets/{basketId}/authorisations/{authorisationId}
Update PSU Data for signing basket (updateSigningBasketPsuData)

This method updates PSU data on the signing basket resource if needed.

It may authorise a signing basket within the Embedded SCA Approach where needed.

Independently from the SCA Approach it supports e.g. the selection of the authentication method and a non-SCA PSU authentication. This methods updates PSU data on the cancellation authorisation resource if needed.

There are several possible Update PSU Data requests in the context of a consent request if needed, which depends on the SCA approach:

The SCA Approach might depend on the chosen SCA method. For that reason, the following possible Update PSU Data request can apply to all SCA approaches:

Path parameters

basketId (required)
Path Parameter — This identification of the corresponding signing basket object.
authorisationId (required)
Path Parameter — Resource identification of the related SCA.

Consumes

This API call consumes the following media types via the Content-Type request header:

Request body

body object (optional)
Body Parameter

Request headers

x-Request-ID (required)
Header Parameter — ID of the request, unique to the call, as determined by the initiating party. format: uuid
digest (optional)
Header Parameter — Is contained if and only if the "Signature" element is contained in the header of the request.
signature (optional)
Header Parameter — A signature of the request by the TPP on application level.

This might be mandated by ASPSP.
TPP-Signature-Certificate (optional)
Header Parameter — The certificate used for signing the request, in base64 encoding.

Must be contained if a signature is contained. format: byte
PSU-ID (optional)
Header Parameter — Client ID of the PSU in the ASPSP client interface.

Might be mandated in the ASPSP's documentation.

Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.
PSU-ID-Type (optional)
Header Parameter — Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
PSU-Corporate-ID (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-Corporate-ID-Type (optional)
Header Parameter — Might be mandated in the ASPSP's documentation.

Only used in a corporate context.
PSU-IP-Address (optional)
Header Parameter — The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
PSU-IP-Port (optional)
Header Parameter — The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
PSU-Accept (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Charset (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Encoding (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-Accept-Language (optional)
Header Parameter — The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
PSU-User-Agent (optional)
Header Parameter — The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Http-Method (optional)
Header Parameter — HTTP method used at the PSU ? TPP interface, if available.

Valid values are:
  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID (optional)
Header Parameter — UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. format: uuid
PSU-Geo-Location (optional)
Header Parameter — The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Produces

This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.

Responses

200

OK

400

Bad Request Error400NGSBS

401

Unauthorized Error401NGSBS

403

Forbidden Error403NGSBS

404

Not found Error404NGSBS

405

Method Not Allowed Error405NGSBS

406

Not Acceptable

408

Request Timeout

409

Conflict Error409NGSBS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Models

[ Jump to Methods ]

Table of Contents

  1. AccountAccess -
  2. AccountDetails -
  3. AccountList -
  4. AccountReference -
  5. AccountReport -
  6. Address -
  7. Amount -
  8. AuthenticationMethodId -
  9. AuthenticationObject -
  10. Authorisations -
  11. Balance -
  12. BankTransactionCode -
  13. CancellationId -
  14. CardAccountDetails -
  15. CardAccountList -
  16. CardAccountReport -
  17. CardAccountsTransactionsResponse200 -
  18. CardTransaction -
  19. ChallengeData -
  20. ChosenScaMethod -
  21. ConfirmationOfFunds -
  22. ConsentId -
  23. ConsentInformationResponse200Json -
  24. ConsentStatusResponse200 -
  25. Consents -
  26. ConsentsResponse201 -
  27. CurrencyCode -
  28. Error400NGAIS -
  29. Error400NGPIS -
  30. Error400NGSBS -
  31. Error401NGAIS -
  32. Error401NGPIIS -
  33. Error401NGPIS -
  34. Error401NGSBS -
  35. Error403NGAIS -
  36. Error403NGPIIS -
  37. Error403NGPIS -
  38. Error403NGSBS -
  39. Error404NGAIS -
  40. Error404NGPIIS -
  41. Error404NGPIS -
  42. Error404NGSBS -
  43. Error405NGAIS -
  44. Error405NGPIIS -
  45. Error405NGPIS -
  46. Error405NGPISCANC -
  47. Error405NGSBS -
  48. Error406NGAIS -
  49. Error409NGAIS -
  50. Error409NGPIIS -
  51. Error409NGPIS -
  52. Error409NGSBS -
  53. Error429NGAIS -
  54. HrefType -
  55. InlineResponse200 -
  56. LinksSigningBasket -
  57. MaskedPan -
  58. MerchantCategoryCode -
  59. PaymentInitiationCancelResponse202 -
  60. PaymentInitiationStatusResponse200Json -
  61. ProprietaryBankTransactionCode -
  62. PsuMessageText -
  63. ReadAccountBalanceResponse200 -
  64. ReadCardAccountBalanceResponse200 -
  65. ReportExchangeRate -
  66. ScaStatusResponse -
  67. SigningBasket -
  68. SigningBasketResponse200 -
  69. SigningBasketResponse201 -
  70. SigningBasketStatusResponse200 -
  71. StartScaprocessResponse -
  72. TerminalId -
  73. TppMessage2XX -
  74. TppMessage400AIS -
  75. TppMessage400PIS -
  76. TppMessage400SBS -
  77. TppMessage401AIS -
  78. TppMessage401PIIS -
  79. TppMessage401PIS -
  80. TppMessage401SBS -
  81. TppMessage403AIS -
  82. TppMessage403PIIS -
  83. TppMessage403PIS -
  84. TppMessage403SBS -
  85. TppMessage404AIS -
  86. TppMessage404PIIS -
  87. TppMessage404PIS -
  88. TppMessage404SBS -
  89. TppMessage405AIS -
  90. TppMessage405PIIS -
  91. TppMessage405PIS -
  92. TppMessage405PISCANC -
  93. TppMessage405SBS -
  94. TppMessage406AIS -
  95. TppMessage409AIS -
  96. TppMessage409PIIS -
  97. TppMessage409PIS -
  98. TppMessage409SBS -
  99. TppMessage429AIS -
  100. TppMessageText -
  101. TransactionDetails -
  102. TransactionsResponse200Json -
  103. UltimateCreditor -
  104. UltimateDebtor -

AccountAccess - Up

accounts (optional)
balances (optional)
transactions (optional)
availableAccounts (optional)
Enum:
allAccounts
allAccountsWithBalances
allPsd2 (optional)
Enum:
allAccounts

AccountDetails - Up

resourceId (optional)
iban (optional)
bban (optional)
msisdn (optional)
currency
name (optional)
product (optional)
cashAccountType (optional)
status (optional)
Enum:
enabled
deleted
blocked
bic (optional)
linkedAccounts (optional)
usage (optional)
Enum:
PRIV
ORGA
details (optional)
balances (optional)
_links (optional)
ownerName (optional)

AccountList - Up

accounts

AccountReference - Up

iban (optional)
bban (optional)
pan (optional)
maskedPan (optional)
msisdn (optional)
currency (optional)

AccountReport - Up

booked (optional)
pending (optional)
_links

Address - Up

street (optional)
buildingNumber (optional)
city (optional)
postalCode (optional)
country

Amount - Up

currency
amount

AuthenticationMethodId - Up

AuthenticationObject - Up

authenticationType
Enum:
SMS_OTP
CHIP_OTP
PHOTO_OTP
PUSH_OTP
authenticationVersion (optional)
authenticationMethodId
name (optional)
explanation (optional)

Authorisations - Up

authorisationIds

Balance - Up

balanceAmount
balanceType
Enum:
closingBooked
expected
authorised
openingBooked
interimAvailable
interimBooked
forwardAvailable
nonInvoiced
lastChangeDateTime (optional)
Date format: date-time
referenceDate (optional)
Date format: date-time
lastCommittedTransaction (optional)

BankTransactionCode - Up

CancellationId - Up

CardAccountDetails - Up

resourceId (optional)
maskedPan
currency
name (optional)
product (optional)
status (optional)
Enum:
enabled
deleted
blocked
usage (optional)
Enum:
PRIV
ORGA
details (optional)
creditLimit (optional)
balances (optional)
_links (optional)

CardAccountList - Up

cardAccounts

CardAccountReport - Up

booked
pending (optional)
_links

CardAccountsTransactionsResponse200 - Up

cardAccount (optional)
cardTransactions (optional)
balances (optional)
_links (optional)

CardTransaction - Up

cardTransactionId (optional)
terminalId (optional)
transactionDate (optional)
bookingDate (optional)
transactionAmount
currencyExchange (optional)
originalAmount (optional)
markupFee (optional)
markupFeePercentage (optional)
cardAcceptorId (optional)
cardAcceptorAddress (optional)
merchantCategoryCode (optional)
maskedPAN (optional)
transactionDetails (optional)
invoiced (optional)
proprietaryBankTransactionCode (optional)

ChallengeData - Up

image (optional)
byte[] format: byte
data (optional)
imageLink (optional)
otpMaxLength (optional)
Integer format: int32
otpFormat (optional)
Enum:
characters
integer
additionalInformation (optional)

ChosenScaMethod - Up

ConfirmationOfFunds - Up

cardNumber (optional)
account
payee (optional)
instructedAmount

ConsentId - Up

ConsentInformationResponse200Json - Up

access
recurringIndicator
validUntil
frequencyPerDay
lastActionDate
consentStatus
Enum:
received
rejected
valid
revokedByPsu
expired
terminatedByTpp
combinedServiceIndicator (optional)

ConsentStatusResponse200 - Up

consentStatus
Enum:
received
rejected
valid
revokedByPsu
expired
terminatedByTpp

Consents - Up

access
recurringIndicator
validUntil
frequencyPerDay
combinedServiceIndicator
consentStatus (optional)

ConsentsResponse201 - Up

consentStatus
Enum:
received
rejected
valid
revokedByPsu
expired
terminatedByTpp
consentId
scaMethods (optional)
chosenScaMethod (optional)
challengeData (optional)
_links
message (optional)

CurrencyCode - Up

Error400NGAIS - Up

tppMessages (optional)
_links (optional)

Error400NGPIS - Up

tppMessages (optional)
_links (optional)

Error400NGSBS - Up

tppMessages (optional)
_links (optional)

Error401NGAIS - Up

tppMessages (optional)
_links (optional)

Error401NGPIIS - Up

tppMessages (optional)
_links (optional)

Error401NGPIS - Up

tppMessages (optional)
_links (optional)

Error401NGSBS - Up

tppMessages (optional)
_links (optional)

Error403NGAIS - Up

tppMessages (optional)
_links (optional)

Error403NGPIIS - Up

tppMessages (optional)
_links (optional)

Error403NGPIS - Up

tppMessages (optional)
_links (optional)

Error403NGSBS - Up

tppMessages (optional)
_links (optional)

Error404NGAIS - Up

tppMessages (optional)
_links (optional)

Error404NGPIIS - Up

tppMessages (optional)
_links (optional)

Error404NGPIS - Up

tppMessages (optional)
_links (optional)

Error404NGSBS - Up

tppMessages (optional)
_links (optional)

Error405NGAIS - Up

tppMessages (optional)
_links (optional)

Error405NGPIIS - Up

tppMessages (optional)
_links (optional)

Error405NGPIS - Up

tppMessages (optional)
_links (optional)

Error405NGPISCANC - Up

tppMessages (optional)
_links (optional)

Error405NGSBS - Up

tppMessages (optional)
_links (optional)

Error406NGAIS - Up

tppMessages (optional)
_links (optional)

Error409NGAIS - Up

tppMessages (optional)
_links (optional)

Error409NGPIIS - Up

tppMessages (optional)
_links (optional)

Error409NGPIS - Up

tppMessages (optional)
_links (optional)

Error409NGSBS - Up

tppMessages (optional)
_links (optional)

Error429NGAIS - Up

tppMessages (optional)
_links (optional)

HrefType - Up

href (optional)

InlineResponse200 - Up

fundsAvailable (optional)

LinksSigningBasket - Up

scaRedirect (optional)
scaOAuth (optional)
startAuthorisation (optional)
startAuthorisationWithPsuIdentification (optional)
startAuthorisationWithPsuAuthentication (optional)
startAuthorisationWithEncryptedPsuAuthentication (optional)
startAuthorisationWithAuthenticationMethodSelection (optional)
startAuthorisationWithTransactionAuthorisation (optional)
self (optional)
status (optional)
scaStatus (optional)

MaskedPan - Up

MerchantCategoryCode - Up

PaymentInitiationCancelResponse202 - Up

transactionStatus
Enum:
ACCC
ACCP
ACSC
ACSP
ACTC
ACWC
ACWP
RCVD
PDNG
RJCT
CANC
ACFC
PATC
PART
scaMethods (optional)
chosenScaMethod (optional)
challengeData (optional)
_links (optional)

PaymentInitiationStatusResponse200Json - Up

transactionStatus
Enum:
ACCC
ACCP
ACSC
ACSP
ACTC
ACWC
ACWP
RCVD
PDNG
RJCT
CANC
ACFC
PATC
PART

ProprietaryBankTransactionCode - Up

PsuMessageText - Up

ReadAccountBalanceResponse200 - Up

account (optional)
balances

ReadCardAccountBalanceResponse200 - Up

cardAccount (optional)
balances

ReportExchangeRate - Up

sourceCurrency
exchangeRate
unitCurrency
targetCurrency
quotationDate
Date format: date-time
contractIdentification (optional)

ScaStatusResponse - Up

scaStatus (optional)
Enum:
received
psuIdentified
psuAuthenticated
scaMethodSelected
started
finalised
failed
exempted

SigningBasket - Up

paymentIds (optional)
consentIds (optional)

SigningBasketResponse200 - Up

payments (optional)
consents (optional)
transactionStatus
Enum:
ACSC
ACTC
ACWC
RCVD
RJCT
_links (optional)

SigningBasketResponse201 - Up

transactionStatus
Enum:
ACSC
ACTC
ACWC
RCVD
RJCT
basketId
scaMethods (optional)
chosenScaMethod (optional)
challengeData (optional)
_links
psuMessage (optional)
tppMessages (optional)

SigningBasketStatusResponse200 - Up

transactionStatus
Enum:
ACSC
ACTC
ACWC
RCVD
RJCT

StartScaprocessResponse - Up

scaStatus
Enum:
received
psuIdentified
psuAuthenticated
scaMethodSelected
started
finalised
failed
exempted
authorisationId
scaMethods (optional)
chosenScaMethod (optional)
challengeData (optional)
_links
psuMessage (optional)

TerminalId - Up

TppMessage2XX - Up

category
Enum:
ERROR
WARNING
code
Enum:
WARNING
path (optional)
text (optional)

TppMessage400AIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
FORMAT_ERROR
PARAMETER_NOT_CONSISTENT
PARAMETER_NOT_SUPPORTED
SERVICE_INVALID
RESOURCE_UNKNOWN
RESOURCE_EXPIRED
RESOURCE_BLOCKED
TIMESTAMP_INVALID
PERIOD_INVALID
SCA_METHOD_UNKNOWN
CONSENT_UNKNOWN
SESSIONS_NOT_SUPPORTED
path (optional)
text (optional)

TppMessage400PIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
FORMAT_ERROR
PARAMETER_NOT_CONSISTENT
PARAMETER_NOT_SUPPORTED
SERVICE_INVALID
RESOURCE_UNKNOWN
RESOURCE_EXPIRED
RESOURCE_BLOCKED
TIMESTAMP_INVALID
PERIOD_INVALID
SCA_METHOD_UNKNOWN
CONSENT_UNKNOWN
PAYMENT_FAILED
EXECUTION_DATE_INVALID
path (optional)
text (optional)

TppMessage400SBS - Up

category
Enum:
ERROR
WARNING
code
Enum:
FORMAT_ERROR
PARAMETER_NOT_CONSISTENT
PARAMETER_NOT_SUPPORTED
SERVICE_INVALID
RESOURCE_UNKNOWN
RESOURCE_EXPIRED
RESOURCE_BLOCKED
TIMESTAMP_INVALID
PERIOD_INVALID
SCA_METHOD_UNKNOWN
CONSENT_UNKNOWN
REFERENCE_MIX_INVALID
path (optional)
text (optional)

TppMessage401AIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
CERTIFICATE_INVALID
CERTIFICATE_EXPIRED
CERTIFICATE_BLOCKED
CERTIFICATE_REVOKE
CERTIFICATE_MISSING
SIGNATURE_INVALID
SIGNATURE_MISSING
CORPORATE_ID_INVALID
PSU_CREDENTIALS_INVALID
CONSENT_INVALID
CONSENT_EXPIRED
TOKEN_UNKNOWN
TOKEN_INVALID
TOKEN_EXPIRED
path (optional)
text (optional)

TppMessage401PIIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
CERTIFICATE_INVALID
CERTIFICATE_EXPIRED
CERTIFICATE_BLOCKED
CERTIFICATE_REVOKE
CERTIFICATE_MISSING
SIGNATURE_INVALID
SIGNATURE_MISSING
CORPORATE_ID_INVALID
PSU_CREDENTIALS_INVALID
CONSENT_INVALID
CONSENT_EXPIRED
TOKEN_UNKNOWN
TOKEN_INVALID
TOKEN_EXPIRED
path (optional)
text (optional)

TppMessage401PIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
CERTIFICATE_INVALID
CERTIFICATE_EXPIRED
CERTIFICATE_BLOCKED
CERTIFICATE_REVOKE
CERTIFICATE_MISSING
SIGNATURE_INVALID
SIGNATURE_MISSING
CORPORATE_ID_INVALID
PSU_CREDENTIALS_INVALID
CONSENT_INVALID
CONSENT_EXPIRED
TOKEN_UNKNOWN
TOKEN_INVALID
TOKEN_EXPIRED
REQUIRED_KID_MISSING
path (optional)
text (optional)

TppMessage401SBS - Up

category
Enum:
ERROR
WARNING
code
Enum:
CERTIFICATE_INVALID
CERTIFICATE_EXPIRED
CERTIFICATE_BLOCKED
CERTIFICATE_REVOKE
CERTIFICATE_MISSING
SIGNATURE_INVALID
SIGNATURE_MISSING
CORPORATE_ID_INVALID
PSU_CREDENTIALS_INVALID
CONSENT_INVALID
CONSENT_EXPIRED
TOKEN_UNKNOWN
TOKEN_INVALID
TOKEN_EXPIRED
path (optional)
text (optional)

TppMessage403AIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
CONSENT_UNKNOWN
SERVICE_BLOCKED
RESOURCE_UNKNOWN
RESOURCE_EXPIRED
path (optional)
text (optional)

TppMessage403PIIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
CONSENT_UNKNOWN
SERVICE_BLOCKED
RESOURCE_UNKNOWN
RESOURCE_EXPIRED
path (optional)
text (optional)

TppMessage403PIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
CONSENT_UNKNOWN
SERVICE_BLOCKED
RESOURCE_UNKNOWN
RESOURCE_EXPIRED
PRODUCT_INVALID
path (optional)
text (optional)

TppMessage403SBS - Up

category
Enum:
ERROR
WARNING
code
Enum:
CONSENT_UNKNOWN
SERVICE_BLOCKED
RESOURCE_UNKNOWN
RESOURCE_EXPIRED
path (optional)
text (optional)

TppMessage404AIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
RESOURCE_UNKNOWN
path (optional)
text (optional)

TppMessage404PIIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
RESOURCE_UNKNOWN
path (optional)
text (optional)

TppMessage404PIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
RESOURCE_UNKNOWN
PRODUCT_UNKNOWN
path (optional)
text (optional)

TppMessage404SBS - Up

category
Enum:
ERROR
WARNING
code
Enum:
RESOURCE_UNKNOWN
path (optional)
text (optional)

TppMessage405AIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
SERVICE_INVALID
path (optional)
text (optional)

TppMessage405PIIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
SERVICE_INVALID
path (optional)
text (optional)

TppMessage405PIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
SERVICE_INVALID
path (optional)
text (optional)

TppMessage405PISCANC - Up

category
Enum:
ERROR
WARNING
code
Enum:
CANCELLATION_INVALID
SERVICE_INVALID
path (optional)
text (optional)

TppMessage405SBS - Up

category
Enum:
ERROR
WARNING
code
Enum:
SERVICE_INVALID
path (optional)
text (optional)

TppMessage406AIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
REQUESTED_FORMATS_INVALID
path (optional)
text (optional)

TppMessage409AIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
STATUS_INVALID
path (optional)
text (optional)

TppMessage409PIIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
STATUS_INVALID
path (optional)
text (optional)

TppMessage409PIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
STATUS_INVALID
path (optional)
text (optional)

TppMessage409SBS - Up

category
Enum:
ERROR
WARNING
code
Enum:
REFERENCE_STATUS_INVALID
STATUS_INVALID
path (optional)
text (optional)

TppMessage429AIS - Up

category
Enum:
ERROR
WARNING
code
Enum:
ACCESS_EXCEEDED
path (optional)
text (optional)

TppMessageText - Up

TransactionDetails - Up

transactionId (optional)
entryReference (optional)
endToEndId (optional)
mandateId (optional)
checkId (optional)
creditorId (optional)
bookingDate (optional)
valueDate (optional)
transactionAmount
currencyExchange (optional)
creditorName (optional)
creditorAccount (optional)
ultimateCreditor (optional)
debtorName (optional)
debtorAccount (optional)
ultimateDebtor (optional)
remittanceInformationUnstructured (optional)
remittanceInformationStructured (optional)
additionalInformation (optional)
purposeCode (optional)
bankTransactionCode (optional)
proprietaryBankTransactionCode (optional)
_links (optional)

TransactionsResponse200Json - Up

account (optional)
transactions (optional)
balances (optional)
_links (optional)

UltimateCreditor - Up

UltimateDebtor - Up