Connector Endpoints

Funds Check

This endpoints are responsible for creating payment orders on behalf of PSU via TPP interface. Process of payment creation starts once PSU fills a payment template form and submits the request. You can find below sequence diagrams represeting oauth payment creation, oauth payment creation using SCA and funds availability flows.

Funds Availability Flow

Check

This endpoint is used to check availability of funds for a specific account. As a result, Connector should send a success or fail callback to Salt Edge PSD2 Compliance with result of the operation.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImN1cnJlbmN5X2NvZGUiOiJFVVIiLCJhY2NvdW50IjoiODQ1NzI0ODYiLCJzZXNzaW9uX3NlY3JldCI6ImVTU1c1ZEFWYWdib3o4S1h2NGc3IiwicHJvdmlkZXJfY29kZSI6ImRlbW9iYW5rIiwiYW1vdW50IjoiNDAuNzcifSwiZXhwIjoxNzMyNDM0MjM3LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.pijwzIdwj2TOpDYHzyTcSOONuWecFW9f0ziAMAHQ-t9Zij0gayAgdjyGad6WBEeoJP_BRfBLp3gtz_8GFkoSIQZoYavSX23bcMuT6OMiJCT_BHfQ9rq7GVxLayM_PZwpe8RcdFG-hjPScSbuM_x3I2_nAcemnCYckG_XPnKmwzGXzYqqkydl7qLO1fSdYcNYZGAxyVnjnc5Tz9r5H_XYpR-IPbJR04NNuKZ7FzqFoJqvHXOPYwywer9YLKckq8r0KBc_vtzEYyT9WZ7k4GWGQysnqOFQIbzV8mgyNfOwzllNmOQ2606t1C7trTLUJwT5H2ksF28WOzHX094X2kb4Bg" \ -H "Access-Token: e41d6d72e68723224cb6e25c2c99ddee95376d1b33e6522f2e36d4e8194fc84f71655993eabf6f020afa10fdbddd54f7d1a60ffbda7b90961045f977f7c450de" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "Client-Id: 216" \ -X POST "https://your.connector.url/api/priora/v1/payments/check_funds"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImN1cnJlbmN5X2NvZGUiOiJFVVIiLCJhY2NvdW50IjoiODQ1NzI0ODYiLCJzZXNzaW9uX3NlY3JldCI6ImVTU1c1ZEFWYWdib3o4S1h2NGc3IiwicHJvdmlkZXJfY29kZSI6ImRlbW9iYW5rIiwiYW1vdW50IjoiNDAuNzcifSwiZXhwIjoxNzMyNDM0MjM3LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.pijwzIdwj2TOpDYHzyTcSOONuWecFW9f0ziAMAHQ-t9Zij0gayAgdjyGad6WBEeoJP_BRfBLp3gtz_8GFkoSIQZoYavSX23bcMuT6OMiJCT_BHfQ9rq7GVxLayM_PZwpe8RcdFG-hjPScSbuM_x3I2_nAcemnCYckG_XPnKmwzGXzYqqkydl7qLO1fSdYcNYZGAxyVnjnc5Tz9r5H_XYpR-IPbJR04NNuKZ7FzqFoJqvHXOPYwywer9YLKckq8r0KBc_vtzEYyT9WZ7k4GWGQysnqOFQIbzV8mgyNfOwzllNmOQ2606t1C7trTLUJwT5H2ksF28WOzHX094X2kb4Bg" \ 
 -H "Access-Token: e41d6d72e68723224cb6e25c2c99ddee95376d1b33e6522f2e36d4e8194fc84f71655993eabf6f020afa10fdbddd54f7d1a60ffbda7b90961045f977f7c450de" \ 
 -H "Accept: application/json" \ 
 -H "Content-Type: application/json" \ 
 -H "Client-Id: 216" \ 
 -X POST "https://your.connector.url/api/priora/v1/payments/check_funds"

Example of request parameters

{"data":{"currency_code":"EUR","account":"84572486","session_secret":"eSSW5dAVagboz8KXv4g7","provider_code":"demobank","amount":"40.77"},"exp":1574093209}

Request

POST https://your.connector.url/api/priora/v1/payments/check_funds

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`.
`Access-Token`	string, required	The token which is created by a connector as a result of successful authentication.
`Accept`	string, required	Media type that is acceptable for the response. Allowed values: application/json
`Content-Type`	string, required	The media type of the body of the request. Allowed values: application/json
`Client-Id`	integer, required	Client application identifier in Salt Edge PSD2 Compliance. Should be used to get public key for Authorization header validation.
`Consent-Id`	integer, optional	ID of the corresponding consent object as returned by an Account Information Consent Request.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

amount

string, required

Amount of prospective payment.

currency_code

string, required

Currency of prospective payment. Can raise: UnknownCurrency

account

string, required

Account identifier, can be number, IBAN etc.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance.

provider_code

string, required

Human readable Provider identifier.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response headers

Header	Type	Description
`Retry-After`	integer, optional	Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request.

Response

Upon successful request, 200 status code should be returned.

Related Errors

Class	Code	Description
UnknownCurrency	404	Unknown Currency code

Errors

Additional endpoints to be implemented on connector side to improve communication between Salt Edge PSD2 Compliance Solution and Connector.

Notify

This endpoint is responsible for receiving validation errors of responses which Connector sends to Salt Edge PSD2 Compliance Solution

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InJlcXVlc3QiOnsibWV0aG9kIjoiZGVsZXRlIiwidXJsIjoiaHR0cHM6Ly91c2VyLndpbGwuYmUvcmVkaXJlY3RlZC9oZXJlIiwiaGVhZGVycyI6e319LCJlcnJvciI6eyJlcnJvcl9tZXNzYWdlIjoic29tZXRoaW5nIHdlbnQgd3JvbmciLCJlcnJvcl9jbGFzcyI6IkludGVybmFsUHJvdmlkZXJFcnJvciJ9fSwiZXhwIjoxNzMyNDM0MjM4LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.HaKpeC2HSsqGGF0vtoxRlMb3YItMQce_AgG9t_AsOqNP_p0zT43JGajW3JBCwT4cdQ2mgOBUwpCPxyvIcjwf2fdWaiZ0JB_sKNxYzaLBG1apSZkoxvNuGcxaYaNEXO3onkDHWkWsN2sdjf2vDhFsNKB4q3eq1UfMx5YL57lMtfBdL-UvC8g79l9IjpIETtVnf64_VouRrjHOTAEUfSIS_7QLYSDYoBJuXomjnEcssClikGIbhQ-fDLlr5YOkHmoeUcagFLevOyYaYdb0wR-0jtU9m3bXVuAFrgQTwmpy-PKKwWamLtrLliCTOk1UsmEGQ7XEjOoQip8JUmgFv_71AA" \ -H "Access-Token: b2077c5c020a5e262767aac63fdbc75fd64461afc660784fbc3451766f586bb4836e3405007c2caf497a1125ba58fb49be65b3c352285dea68328aded84e2f91" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "Client-Id: 685" \ -X POST "https://your.connector.url/api/priora/v1/errors"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InJlcXVlc3QiOnsibWV0aG9kIjoiZGVsZXRlIiwidXJsIjoiaHR0cHM6Ly91c2VyLndpbGwuYmUvcmVkaXJlY3RlZC9oZXJlIiwiaGVhZGVycyI6e319LCJlcnJvciI6eyJlcnJvcl9tZXNzYWdlIjoic29tZXRoaW5nIHdlbnQgd3JvbmciLCJlcnJvcl9jbGFzcyI6IkludGVybmFsUHJvdmlkZXJFcnJvciJ9fSwiZXhwIjoxNzMyNDM0MjM4LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.HaKpeC2HSsqGGF0vtoxRlMb3YItMQce_AgG9t_AsOqNP_p0zT43JGajW3JBCwT4cdQ2mgOBUwpCPxyvIcjwf2fdWaiZ0JB_sKNxYzaLBG1apSZkoxvNuGcxaYaNEXO3onkDHWkWsN2sdjf2vDhFsNKB4q3eq1UfMx5YL57lMtfBdL-UvC8g79l9IjpIETtVnf64_VouRrjHOTAEUfSIS_7QLYSDYoBJuXomjnEcssClikGIbhQ-fDLlr5YOkHmoeUcagFLevOyYaYdb0wR-0jtU9m3bXVuAFrgQTwmpy-PKKwWamLtrLliCTOk1UsmEGQ7XEjOoQip8JUmgFv_71AA" \ 
 -H "Access-Token: b2077c5c020a5e262767aac63fdbc75fd64461afc660784fbc3451766f586bb4836e3405007c2caf497a1125ba58fb49be65b3c352285dea68328aded84e2f91" \ 
 -H "Accept: application/json" \ 
 -H "Content-Type: application/json" \ 
 -H "Client-Id: 685" \ 
 -X POST "https://your.connector.url/api/priora/v1/errors"

Example of request parameters

{"data":{"request":{"method":"delete","url":"https://user.will.be/redirected/here","headers":{}},"error":{"error_message":"something went wrong","error_class":"InternalProviderError"}},"exp":1574093209}

Request

POST https://your.connector.url/api/priora/v1/errors

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`.
`Access-Token`	string, required	The token which is created by a connector as a result of successful authentication.
`Accept`	string, required	Media type that is acceptable for the response. Allowed values: application/json
`Content-Type`	string, required	The media type of the body of the request. Allowed values: application/json
`Client-Id`	integer, required	Client application identifier in Salt Edge PSD2 Compliance. Should be used to get public key for Authorization header validation.
`Consent-Id`	integer, optional	ID of the corresponding consent object as returned by an Account Information Consent Request.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

request

hash, required

Wrapper for the following data: url, method, headers.

method

string, required

Original method of the request. Allowed values: get, post, put, delete

url

url, required

Original url of the request.

headers

hash, required

Original headers of the request including Authorization header.

error

hash, required

Wrapper for the following data error_class, error_message.

error_class

string, required

Class of failure.

error_message

string, required

Conveys the reason of failure in human readable text.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response headers

Header	Type	Description
`Retry-After`	integer, optional	Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request.

Response

Upon successful request, 200 status code should be returned.

Salt Edge Endpoints

Funds Availability

Success

Success callback should be used when all verification procedures have passed and connector can tell wether funds are available or not for indicated account.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb25fc2VjcmV0IjoiUnBBb0hQbUg3RHdSTExMeWNqREwiLCJmdW5kc19hdmFpbGFibGUiOnRydWV9LCJleHAiOjE3MzI0MzQyMzksImlzcyI6InByaW9yYS5zYWx0ZWRnZS5jb20ifQ.BqWep8mJ_cpqacHAY7TT6pXlLUQSQBetWiGo_C6d5IMgVuhajiSy0RG_R4GJ4DGCUq-Jz2Y2v3ANWd4Wl80t7mKLn8IiYL9dMsp1oXP5zeNdxTYsshQVEQ51a_X7Px0kbM6T911uAdLvaJyz164UW4Wc-429P83C_WNOQmAtKSkSgidkBFZT9bQknG182EOUvqJbiZWhhYLDYm-7TpiDnciJDV46tE-NsEoA45_qndTl-_RTYJGxxJaFpnzJx1WE-3lS0ZwA7B6p4iQ3OVkHOsWw_xnjJ4mRRcsl5jbO8-NNaJiTIJ8zTMnmSQ5DzkSoMF5fJyvZp1kI21fc81_I3w" \ -H "App-Id: tmseeTcEhV-x1t2ZSIOQ4Q" \ -H "App-Secret: wARHNQnMuIhcv3Z21ot-1g" \ -X POST "/api/connectors/v1/funds_availability/success"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb25fc2VjcmV0IjoiUnBBb0hQbUg3RHdSTExMeWNqREwiLCJmdW5kc19hdmFpbGFibGUiOnRydWV9LCJleHAiOjE3MzI0MzQyMzksImlzcyI6InByaW9yYS5zYWx0ZWRnZS5jb20ifQ.BqWep8mJ_cpqacHAY7TT6pXlLUQSQBetWiGo_C6d5IMgVuhajiSy0RG_R4GJ4DGCUq-Jz2Y2v3ANWd4Wl80t7mKLn8IiYL9dMsp1oXP5zeNdxTYsshQVEQ51a_X7Px0kbM6T911uAdLvaJyz164UW4Wc-429P83C_WNOQmAtKSkSgidkBFZT9bQknG182EOUvqJbiZWhhYLDYm-7TpiDnciJDV46tE-NsEoA45_qndTl-_RTYJGxxJaFpnzJx1WE-3lS0ZwA7B6p4iQ3OVkHOsWw_xnjJ4mRRcsl5jbO8-NNaJiTIJ8zTMnmSQ5DzkSoMF5fJyvZp1kI21fc81_I3w" \ 
 -H "App-Id: tmseeTcEhV-x1t2ZSIOQ4Q" \ 
 -H "App-Secret: wARHNQnMuIhcv3Z21ot-1g" \ 
 -X POST "/api/connectors/v1/funds_availability/success"

Example of request parameters

{"data":{"session_secret":"RpAoHPmH7DwRLLLycjDL","funds_available":true},"exp":1574093208}

Example of response

{"data":{},"meta":{"time":"2019-11-18T16:04:48.634Z"}}

Request

POST /api/connectors/v1/funds_availability/success

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Provider's `app_id` from connection details tab. Can raise: ProviderNotFound, ProviderDisabled, ConfigurationError
`App-Secret`	string, required	Provider's `app_secret` from connection details tab.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance. Can raise: SessionNotFound

funds_available

boolean, required

Response whether account has sufficient funds of not.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

hash, optional

Wrapper for the data.

Related Errors

Class	Code	Description
ConfigurationError	400	Missing configurations in dashboard.
AuthorizationMissing	401	Authorization header is missing.
SessionNotFound	404	Session specified in request does not exist or cannot be retrieved.
ProviderNotFound	404	Provider specified in request does not exist or cannot be retrieved.
ProviderDisabled	406	Cooperation with specified Provider is impossible.

Fail

Fail callback should be used when account could not be found or currency_code is not supported.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb25fc2VjcmV0IjoieXl6YnlMaFpTYU05RFpBWF9zVG8iLCJlcnJvcl9jbGFzcyI6IkludGVybmFsUHJvdmlkZXJFcnJvciIsImVycm9yX21lc3NhZ2UiOiJJbnRlcm5hbCBlcnJvciIsImV4dHJhIjp7fX0sImV4cCI6MTczMjQzNDIzOSwiaXNzIjoicHJpb3JhLnNhbHRlZGdlLmNvbSJ9.gUBsCltjEewhkP2423bm0bbZKA6wvvIhfWAap5Fomzq_J0L-RaJxTKpY6V_vcqYyf_HRmwOBKjYeFFHanRS0KF-c3_6600bCBnlbJJE-SlLSWO3mdZZTIbrPjWwL3tnqtmdpXFvOJEceUx4CJ8cSaZsMqfHtEc5Azyc04e7lM2yLpCygeiYmcq4yRu-V4Rv_OXIh61iRT85BCSPtcAVJ6U2K-Oozw8aNHsEkQc3TNV0nIa7qTiw2j8QIHGZmRXZTkNlPyJe_IVr6T88pIr4hirN4uX7oGzE3fuPQLKTkzwtD8mv7CLym0qhrQigdgT_57KJOUzIiiwBkpzLXPrk-rA" \ -H "App-Id: 7K6q6MmnPgOlJbkuFk1Cgg" \ -H "App-Secret: hET3DChd1v0WVZHTbrS7xw" \ -X POST "/api/connectors/v1/funds_availability/fail"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb25fc2VjcmV0IjoieXl6YnlMaFpTYU05RFpBWF9zVG8iLCJlcnJvcl9jbGFzcyI6IkludGVybmFsUHJvdmlkZXJFcnJvciIsImVycm9yX21lc3NhZ2UiOiJJbnRlcm5hbCBlcnJvciIsImV4dHJhIjp7fX0sImV4cCI6MTczMjQzNDIzOSwiaXNzIjoicHJpb3JhLnNhbHRlZGdlLmNvbSJ9.gUBsCltjEewhkP2423bm0bbZKA6wvvIhfWAap5Fomzq_J0L-RaJxTKpY6V_vcqYyf_HRmwOBKjYeFFHanRS0KF-c3_6600bCBnlbJJE-SlLSWO3mdZZTIbrPjWwL3tnqtmdpXFvOJEceUx4CJ8cSaZsMqfHtEc5Azyc04e7lM2yLpCygeiYmcq4yRu-V4Rv_OXIh61iRT85BCSPtcAVJ6U2K-Oozw8aNHsEkQc3TNV0nIa7qTiw2j8QIHGZmRXZTkNlPyJe_IVr6T88pIr4hirN4uX7oGzE3fuPQLKTkzwtD8mv7CLym0qhrQigdgT_57KJOUzIiiwBkpzLXPrk-rA" \ 
 -H "App-Id: 7K6q6MmnPgOlJbkuFk1Cgg" \ 
 -H "App-Secret: hET3DChd1v0WVZHTbrS7xw" \ 
 -X POST "/api/connectors/v1/funds_availability/fail"

Example of request parameters

{"data":{"session_secret":"yyzbyLhZSaM9DZAX_sTo","error_class":"InternalProviderError","error_message":"Internal error","extra":{}},"exp":1574093208}

Example of response

{"data":{},"meta":{"time":"2019-11-18T16:04:48.567Z"}}

Request

POST /api/connectors/v1/funds_availability/fail

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Provider's `app_id` from connection details tab. Can raise: ProviderNotFound, ProviderDisabled, ConfigurationError
`App-Secret`	string, required	Provider's `app_secret` from connection details tab.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance. Can raise: SessionNotFound

error_class

string, optional

Class of failure. Default value: InternalProviderError

error_message

string, optional

Conveys the reason of failure in human readable text. Default value: Internal error

extra

hash, optional

Extra details that should persist in the session. Default value: {}

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

hash, optional

Wrapper for the data.

Related Errors

Class	Code	Description
ConfigurationError	400	Missing configurations in dashboard.
AuthorizationMissing	401	Authorization header is missing.
SessionNotFound	404	Session specified in request does not exist or cannot be retrieved.
ProviderNotFound	404	Provider specified in request does not exist or cannot be retrieved.
ProviderDisabled	406	Cooperation with specified Provider is impossible.