Connector Endpoints

Funds Confirmations

Tokens

Create an access token for confirmation of funds consent. As a result, Connector should send a success, update or fail callback to Salt Edge PSD2 Compliance with result of the operation, be it success, fail or request for additional steps.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InByb3ZpZGVyX2NvZGUiOjIxLCJjbGllbnRfaWQiOjEsInJlZGlyZWN0X3VybCI6Imh0dHBzOi8vcHJpb3JhLWRlbW8uc2FsdGVkZ2UuY29tL2Jlcmxpbmdyb3VwL3BpaXMvNSIsImFwcF9uYW1lIjoiUHJpb3JhIERlbW8gUFJPRFVDVElPTiIsImF1dGhvcml6YXRpb25fdHlwZSI6Im9hdXRoIiwiYWNjb3VudCI6eyJjdXJyZW5jeSI6IkVVUiIsImliYW4iOiJERTIzMTAwMTAwMTAxMjM0NTY3ODkiLCJiYmFuIjoiNTM5MCAwNzU0IDcwMzQiLCJwYW4iOiIxMjM0MTIzNDEyMzQxMjM0IiwibWFza2VkX3BhbiI6IjEyMzQ1Nnh4eHh4eDEyMzQiLCJtc2lzZG4iOiI0NDc5MTIzNDU2NzgiLCJiYW5rX2FjY291bnRfaWRlbnRpZmllciI6IjEyMzQxMjM0MTIzNCJ9LCJjYXJkX251bWJlciI6IjEyMzQxMjM0MTIzNDEyMzQiLCJjYXJkX2V4cGlyeV9kYXRlIjoiIDIwMTktMDgtMjEiLCJjYXJkX2luZm9ybWF0aW9uIjoiY2FyZCBpbmZvcm1hdGlvbiIsInJlZ2lzdHJhdGlvbl9pbmZvcm1hdGlvbiI6InJlZ2lzdHJhdGlvbiBpbmZvcm1hdGlvbiIsInNlc3Npb25fc2VjcmV0IjoiYTA3MmY3NzYtOGFiNi02ZjYxLWIwZmQtZmJjOWJiM2ZhMDY3In0sImV4cCI6MTc0NjQxMzcyOCwiaXNzIjoicHJpb3JhLnNhbHRlZGdlLmNvbSJ9.bVqZfKPab47akMbMOX0Fb45iopUq-Syqbr0J1w2QiW5eRmBb8gB6WqXovhYpKzEQ87iYV8ipi1SzY0vgpfXFbXpwuDHxYhyLUwGo0YDNeoQfJe0fi2XXvgHX0EeJ43AxW_9xIxtFC5ldQQd01AYKdeOxCxvJP59XibnISMWt_6rfrlQoG9GVR6gVfKkzWhKmXjwN1SBigoMYl3eVZJ72u1iDfHD2JgiCLO5Bk-VHYdCqha-wC7xEdLHZKUm_UIWlRgZ-pRMm1Urq8iY1UYbjkAnMbamxpH6S91KCIMbPi7TS9zminyPtcq1-Oeiyv6S_5-bupAcH5vzCJS8f0CaPBQ" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "Client-Id: 552" \ -X POST "https://your.connector.url/api/priora/v2/funds_confirmations/tokens"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InByb3ZpZGVyX2NvZGUiOjIxLCJjbGllbnRfaWQiOjEsInJlZGlyZWN0X3VybCI6Imh0dHBzOi8vcHJpb3JhLWRlbW8uc2FsdGVkZ2UuY29tL2Jlcmxpbmdyb3VwL3BpaXMvNSIsImFwcF9uYW1lIjoiUHJpb3JhIERlbW8gUFJPRFVDVElPTiIsImF1dGhvcml6YXRpb25fdHlwZSI6Im9hdXRoIiwiYWNjb3VudCI6eyJjdXJyZW5jeSI6IkVVUiIsImliYW4iOiJERTIzMTAwMTAwMTAxMjM0NTY3ODkiLCJiYmFuIjoiNTM5MCAwNzU0IDcwMzQiLCJwYW4iOiIxMjM0MTIzNDEyMzQxMjM0IiwibWFza2VkX3BhbiI6IjEyMzQ1Nnh4eHh4eDEyMzQiLCJtc2lzZG4iOiI0NDc5MTIzNDU2NzgiLCJiYW5rX2FjY291bnRfaWRlbnRpZmllciI6IjEyMzQxMjM0MTIzNCJ9LCJjYXJkX251bWJlciI6IjEyMzQxMjM0MTIzNDEyMzQiLCJjYXJkX2V4cGlyeV9kYXRlIjoiIDIwMTktMDgtMjEiLCJjYXJkX2luZm9ybWF0aW9uIjoiY2FyZCBpbmZvcm1hdGlvbiIsInJlZ2lzdHJhdGlvbl9pbmZvcm1hdGlvbiI6InJlZ2lzdHJhdGlvbiBpbmZvcm1hdGlvbiIsInNlc3Npb25fc2VjcmV0IjoiYTA3MmY3NzYtOGFiNi02ZjYxLWIwZmQtZmJjOWJiM2ZhMDY3In0sImV4cCI6MTc0NjQxMzcyOCwiaXNzIjoicHJpb3JhLnNhbHRlZGdlLmNvbSJ9.bVqZfKPab47akMbMOX0Fb45iopUq-Syqbr0J1w2QiW5eRmBb8gB6WqXovhYpKzEQ87iYV8ipi1SzY0vgpfXFbXpwuDHxYhyLUwGo0YDNeoQfJe0fi2XXvgHX0EeJ43AxW_9xIxtFC5ldQQd01AYKdeOxCxvJP59XibnISMWt_6rfrlQoG9GVR6gVfKkzWhKmXjwN1SBigoMYl3eVZJ72u1iDfHD2JgiCLO5Bk-VHYdCqha-wC7xEdLHZKUm_UIWlRgZ-pRMm1Urq8iY1UYbjkAnMbamxpH6S91KCIMbPi7TS9zminyPtcq1-Oeiyv6S_5-bupAcH5vzCJS8f0CaPBQ" \ 
 -H "Accept: application/json" \ 
 -H "Content-Type: application/json" \ 
 -H "Client-Id: 552" \ 
 -X POST "https://your.connector.url/api/priora/v2/funds_confirmations/tokens"

Example of request parameters

{"data":{"provider_code":21,"client_id":1,"redirect_url":"https://priora-demo.saltedge.com/berlingroup/piis/5","app_name":"Priora Demo PRODUCTION","authorization_type":"oauth","account":{"currency":"EUR","iban":"DE2310010010123456789","bban":"5390 0754 7034","pan":"1234123412341234","masked_pan":"123456xxxxxx1234","msisdn":"447912345678","bank_account_identifier":"123412341234"},"card_number":"1234123412341234","card_expiry_date":" 2019-08-21","card_information":"card information","registration_information":"registration information","session_secret":"a072f776-8ab6-6f61-b0fd-fbc9bb3fa067"},"exp":1574093209}

Request

POST https://your.connector.url/api/priora/v2/funds_confirmations/tokens

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`.
`Accept`	string, required	Media type that is acceptable for the response. Allowed values: application/json
`Content-Type`	string, required	The media type of the body of the request. Allowed values: application/json
`Client-Id`	integer, required	TPP application identifier in Salt Edge PSD2 Compliance.
`Consent-Id`	integer, optional	ID of the corresponding consent object.
`Psu-Device-ID`	string, optional	UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.
`Psu-User-Agent`	string, optional	The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
`Psu-Geo-Location`	string, optional	The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available.
`Psu-IP-Address`	string, optional	IP address of PSU. If not available, the TPP shall use the own address.

Unpacked Request Authorization

data

object, required

Wrapper for the data.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance.

provider_code

string, required

Human readable Provider identifier.

client_id

integer, required

Client application identifier.

redirect_url

string, required

The URL that the PSU will be redirected to after he finishes the authentication process on provider’s side.

app_name

string, required

TPP application name.

authorization_type

string, required

Specifies authorization type that was used for token creation.

account

object, required

Account identifier, can be IBAN, BBAN etc.

iban

string, optional

International Bank Account Number

bban

string, optional

Basic Bank Account Number

pan

string, optional

Primary Account Number (PAN) of a card, can be tokenized by the ASPSP due to PCI DSS requirements.

masked_pan

string, optional

Primary Account Number (PAN) of a card in a masked form.

msisdn

string, optional

A number uniquely identifying a subscription in a Global System for Mobile communications or a Universal Mobile Telecommunications System mobile network.

currency

string, optional

Account currency code from ISO 4217.

bank_account_identifier

string, optional

Internal bank account identifier.

card_number

string, optional

Credit card number

card_expiry_date

date, optional

Credit card expiration date

card_information

string, optional

Card extra details

registration_information

string, optional

Extra registration details

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response headers

Header	Type	Description
`Retry-After`	integer, optional	Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request.

Response

Upon successful request, 200 status code should be returned.

data

object, optional

Wrapper for the data.

session_expires_at

datetime, optional

Session expiry time. Default value: 5 minutes from now

redirect_url

string, required

The URL on which PSU should be redirected by TPP in order to perform authentication.

extra

object, optional

Any additional information relevant to a payment. Default value: {}

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance. Can raise: SessionNotFound, SessionClosed, SessionExpired, SessionFinalised

status

string, optional

Conveys current status of the operation. Allowed values: accepted, received, valid, partiallyAuthorised, rejected, revokedByPsu, expired, terminatedByTpp

Delete

Revoke an already existing and active access token.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InByb3ZpZGVyX2NvZGUiOiJkZW1vYmFuayIsInNlc3Npb25fc2VjcmV0IjoiaDI5Yzk0MVBRNF9rNl82UG4tbzUifSwiZXhwIjoxNzQ2NDEzNzI4LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.LyO32JfI8WGgtNtsLYO4EO_agTfSwL4nSNnpmScq3wtypf-eH2bhgEXDtgWhnLwflFUN8ai55dkgS2gndhDoRbF6l1bhIdJVdfcb7u-qJkDE4wU2JMSP6sFI7ZBaug7Cd6vGQCCJ1zVrcM3_hhF8FQVSPq2v3evxz-iOOvF9ZXLZL02RqcHzskbPciqnDfcsFz1vDBD4Jxsd7R4SeFG59umu2jSiO4kEYwf-rSBkLmQMq0EPDk2plXScj3vX6lpXsiN75TDWyqQqNW-7nE1KDg9G4mzIRyYToVosfYZJs91ZL1BwS-HCmlO0hO8ID0GMpN-c-z2OGUOikYmJ0ls1Vw" \ -H "Access-Token: 65adc909f5676f3902787ecb6f379c1c48bfc18a222157713808274b100b9e255f7b4b59a3ecd7689cb2abe26f8705dfd89b7a0cc9e9a07a587dc64a7c4572ad" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "Client-Id: 843" \ -X DELETE "https://your.connector.url/api/priora/v2/funds_confirmations/tokens"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InByb3ZpZGVyX2NvZGUiOiJkZW1vYmFuayIsInNlc3Npb25fc2VjcmV0IjoiaDI5Yzk0MVBRNF9rNl82UG4tbzUifSwiZXhwIjoxNzQ2NDEzNzI4LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.LyO32JfI8WGgtNtsLYO4EO_agTfSwL4nSNnpmScq3wtypf-eH2bhgEXDtgWhnLwflFUN8ai55dkgS2gndhDoRbF6l1bhIdJVdfcb7u-qJkDE4wU2JMSP6sFI7ZBaug7Cd6vGQCCJ1zVrcM3_hhF8FQVSPq2v3evxz-iOOvF9ZXLZL02RqcHzskbPciqnDfcsFz1vDBD4Jxsd7R4SeFG59umu2jSiO4kEYwf-rSBkLmQMq0EPDk2plXScj3vX6lpXsiN75TDWyqQqNW-7nE1KDg9G4mzIRyYToVosfYZJs91ZL1BwS-HCmlO0hO8ID0GMpN-c-z2OGUOikYmJ0ls1Vw" \ 
 -H "Access-Token: 65adc909f5676f3902787ecb6f379c1c48bfc18a222157713808274b100b9e255f7b4b59a3ecd7689cb2abe26f8705dfd89b7a0cc9e9a07a587dc64a7c4572ad" \ 
 -H "Accept: application/json" \ 
 -H "Content-Type: application/json" \ 
 -H "Client-Id: 843" \ 
 -X DELETE "https://your.connector.url/api/priora/v2/funds_confirmations/tokens"

Example of request parameters

{"data":{"provider_code":"demobank","session_secret":"h29c941PQ4_k6_6Pn-o5"},"exp":1574093209}

Request

DELETE https://your.connector.url/api/priora/v2/funds_confirmations/tokens

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`.
`Access-Token`	string, required	The token which is created by a connector as a result of successful authentication.
`Accept`	string, required	Media type that is acceptable for the response. Allowed values: application/json
`Content-Type`	string, required	The media type of the body of the request. Allowed values: application/json
`Client-Id`	integer, required	TPP application identifier in Salt Edge PSD2 Compliance.
`Consent-Id`	integer, optional	ID of the corresponding consent object.
`Psu-Device-ID`	string, optional	UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.
`Psu-User-Agent`	string, optional	The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
`Psu-Geo-Location`	string, optional	The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available.
`Psu-IP-Address`	string, optional	IP address of PSU. If not available, the TPP shall use the own address.

Unpacked Request Authorization

data

object, required

Wrapper for the data.

provider_code

string, required

Human readable Provider identifier.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response headers

Header	Type	Description
`Retry-After`	integer, optional	Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request.

Response

Upon successful request, 200 status code with an empty JSON "{}" should be returned.

Check Funds

Checks whether a specific amount is available at point of time of the request on an account addressed by IBAN or other available identifiers.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNsaWVudF9pZCI6Miwic2Vzc2lvbl9zZWNyZXQiOiJhWE1nWm1GcGJIVnlaU0IwYnlCamIyMXRkVzVwWTJGMFpRMEsiLCJhY2NvdW50Ijp7ImN1cnJlbmN5IjoiVVNEIiwibWFza2VkX3BhbiI6IioqKioqKioqKioqKjMyNDEiLCJpYmFuIjoiREUyMzEwMDEyMDAyMDEyMzQ1Njc4OSIsImJiYW4iOiI1MzkwMDc1NDcwMzQiLCJiaWMiOiJCQVJDR0IyMlhYWCIsImJhbmtfYWNjb3VudF9pZGVudGlmaWVyIjoiMTIzNDEyMzQxMjM0In0sImluc3RydWN0ZWRfYW1vdW50Ijp7ImFtb3VudCI6Ijg3IiwiY3VycmVuY3kiOiJVU0QifSwiY2FyZF9udW1iZXIiOiIxMjM0MTIzNDEyMzQxMjM0IiwicHJvdmlkZXJfY29kZSI6MjF9LCJleHAiOjE3NDY0MTM3MjgsImlzcyI6InByaW9yYS5zYWx0ZWRnZS5jb20ifQ.A-1PV4DHjrhAMSLlpIGsWjFw8eLAAfzFZUhHdirKGcrmISHgIWzjUHxyfQiqJagWBqSs9A6hcpeGACJCPm8mGKe5nFlpsBseVBndUE5tN6vIzcedkSkYlC9ENWHaj1Y-vCfujdOtEqQ6YshbWhNVG_sFDXW5bJF4eVTsjmKUFxtjoOZVo8zD9-gMQpxQN9uv2QEYK4mCZyta2uotTafNQpBMkarC6q28EJLHVpCICQ1_t6DhLEe-k5rau1qSjjB_eWka6_s2Txl0yA8H5q9yoE35_DuPjJaCCv5CeDKkAA6NbYFo53fW3ajlvhDAfc51FmiC06jFdVyzl-j1jmFeTg" \ -H "Access-Token: aXMgZmFpbHVyZSB0byBjb21tdW5pY2F0ZQ0K" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "Client-Id: 843" \ -X POST "https://your.connector.url/api/priora/v2/funds_confirmations"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNsaWVudF9pZCI6Miwic2Vzc2lvbl9zZWNyZXQiOiJhWE1nWm1GcGJIVnlaU0IwYnlCamIyMXRkVzVwWTJGMFpRMEsiLCJhY2NvdW50Ijp7ImN1cnJlbmN5IjoiVVNEIiwibWFza2VkX3BhbiI6IioqKioqKioqKioqKjMyNDEiLCJpYmFuIjoiREUyMzEwMDEyMDAyMDEyMzQ1Njc4OSIsImJiYW4iOiI1MzkwMDc1NDcwMzQiLCJiaWMiOiJCQVJDR0IyMlhYWCIsImJhbmtfYWNjb3VudF9pZGVudGlmaWVyIjoiMTIzNDEyMzQxMjM0In0sImluc3RydWN0ZWRfYW1vdW50Ijp7ImFtb3VudCI6Ijg3IiwiY3VycmVuY3kiOiJVU0QifSwiY2FyZF9udW1iZXIiOiIxMjM0MTIzNDEyMzQxMjM0IiwicHJvdmlkZXJfY29kZSI6MjF9LCJleHAiOjE3NDY0MTM3MjgsImlzcyI6InByaW9yYS5zYWx0ZWRnZS5jb20ifQ.A-1PV4DHjrhAMSLlpIGsWjFw8eLAAfzFZUhHdirKGcrmISHgIWzjUHxyfQiqJagWBqSs9A6hcpeGACJCPm8mGKe5nFlpsBseVBndUE5tN6vIzcedkSkYlC9ENWHaj1Y-vCfujdOtEqQ6YshbWhNVG_sFDXW5bJF4eVTsjmKUFxtjoOZVo8zD9-gMQpxQN9uv2QEYK4mCZyta2uotTafNQpBMkarC6q28EJLHVpCICQ1_t6DhLEe-k5rau1qSjjB_eWka6_s2Txl0yA8H5q9yoE35_DuPjJaCCv5CeDKkAA6NbYFo53fW3ajlvhDAfc51FmiC06jFdVyzl-j1jmFeTg" \ 
 -H "Access-Token: aXMgZmFpbHVyZSB0byBjb21tdW5pY2F0ZQ0K" \ 
 -H "Accept: application/json" \ 
 -H "Content-Type: application/json" \ 
 -H "Client-Id: 843" \ 
 -X POST "https://your.connector.url/api/priora/v2/funds_confirmations"

Example of request parameters

{"data":{"client_id":2,"session_secret":"aXMgZmFpbHVyZSB0byBjb21tdW5pY2F0ZQ0K","account":{"currency":"USD","masked_pan":"************3241","iban":"DE23100120020123456789","bban":"539007547034","bic":"BARCGB22XXX","bank_account_identifier":"123412341234"},"instructed_amount":{"amount":"87","currency":"USD"},"card_number":"1234123412341234","provider_code":21},"exp":1571232332}

Example of response

Request

POST https://your.connector.url/api/priora/v2/funds_confirmations

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`.
`Access-Token`	string, required	The token which is created by a connector as a result of successful authentication.
`Accept`	string, required	Media type that is acceptable for the response. Allowed values: application/json
`Content-Type`	string, required	The media type of the body of the request. Allowed values: application/json
`Client-Id`	integer, required	TPP application identifier in Salt Edge PSD2 Compliance.
`Consent-Id`	integer, optional	ID of the corresponding consent object.
`Psu-Device-ID`	string, optional	UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.
`Psu-User-Agent`	string, optional	The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
`Psu-Geo-Location`	string, optional	The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available.
`Psu-IP-Address`	string, optional	IP address of PSU. If not available, the TPP shall use the own address.

Unpacked Request Authorization

data

object, required

Wrapper for the data.

provider_code

string, required

Human readable Provider identifier.

client_id

integer, required

Client application identifier.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance.

account

object, required

Account identifier, can be IBAN, BBAN etc.

iban

string, optional

International Bank Account Number

bban

string, optional

Basic Bank Account Number

bic

string, optional

Bank Identifier Code

currency

string, optional

Account currency code from ISO 4217. Can raise: ResourceUnknown

masked_pan

string, optional

Primary Account Number (PAN) of a card in a masked form.

bank_account_identifier

string, optional

Internal bank account identifier.

instructed_amount

object, required

Wrapper for amount and currency.

currency

string, required

Account currency code from ISO 4217. Can raise: ResourceUnknown

amount

string, required

Instructed amount.

card_number

string, optional

Credit card number

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response headers

Header	Type	Description
`Retry-After`	integer, optional	Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request.

Response

Upon successful request, 200 status code should be returned.

Related Errors

Class	Code	Description
ResourceUnknown	404	The addressed resource is unknown relative to the TPP

Salt Edge Endpoints

Sessions

Session Callback Endpoints are responsible for assuring communication between ASPSP and TPP, where ASPSP notifies about its Redirect SCA authorisation page and if the authorisation process is successful or failed.

Success

Success callback should be sent to Salt Edge PSD2 Compliance when all required verification steps have been passed, and therefore access is granted.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImV4dHJhIjp7fSwic2Vzc2lvbl9zZWNyZXQiOiJCVnV2ZVNMUUNyQTVqQllVeXhYZSIsInVzZXJfaWQiOiIxIn0sImV4cCI6MTc0NjQxMzcyOCwiaXNzIjoicHJpb3JhLnNhbHRlZGdlLmNvbSJ9.wWjwG-3VnyFndsTUJCyM7l4LSaIhzrfgVOcoOTSxi1_bgBNNQOnabdSXhj4xCKdLhQrv8oPdRQTFpO8PoYlQlf3Bs4gGeI9KKUTTrN9Y7Xp-kgozFZmCi2rjIrWruiXIXICcoYfLiKF5dHVP4F6Yl8nyvOL0ZxHxrZ8DyPK7rswN3wymBSbW8ZIdMuAwARjZ7eDmBqgB13PiZYSAwKXsp2ecGwHR5ppWZLvE2H6enkJGKmsoAwR9WkLzbiTfGaZFWto1QG8iYBZRAeOdutM2C_3MIfxKAMrOa8DpyHYfzLKGRsveafQ72H77z2yXSfhV-gJikhqWJM-0JQ81a4MvkA" \ -H "App-Id: qjQYP-jCx-8FBsZSgNVzIw" \ -H "App-Secret: -XeeN2UhtdphUGtI-FZpzg" \ -X PATCH "/api/connectors/v2/sessions/:session_secret/success"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImV4dHJhIjp7fSwic2Vzc2lvbl9zZWNyZXQiOiJCVnV2ZVNMUUNyQTVqQllVeXhYZSIsInVzZXJfaWQiOiIxIn0sImV4cCI6MTc0NjQxMzcyOCwiaXNzIjoicHJpb3JhLnNhbHRlZGdlLmNvbSJ9.wWjwG-3VnyFndsTUJCyM7l4LSaIhzrfgVOcoOTSxi1_bgBNNQOnabdSXhj4xCKdLhQrv8oPdRQTFpO8PoYlQlf3Bs4gGeI9KKUTTrN9Y7Xp-kgozFZmCi2rjIrWruiXIXICcoYfLiKF5dHVP4F6Yl8nyvOL0ZxHxrZ8DyPK7rswN3wymBSbW8ZIdMuAwARjZ7eDmBqgB13PiZYSAwKXsp2ecGwHR5ppWZLvE2H6enkJGKmsoAwR9WkLzbiTfGaZFWto1QG8iYBZRAeOdutM2C_3MIfxKAMrOa8DpyHYfzLKGRsveafQ72H77z2yXSfhV-gJikhqWJM-0JQ81a4MvkA" \ 
 -H "App-Id: qjQYP-jCx-8FBsZSgNVzIw" \ 
 -H "App-Secret: -XeeN2UhtdphUGtI-FZpzg" \ 
 -X PATCH "/api/connectors/v2/sessions/:session_secret/success"

Example of request parameters

Example of response

{"data":{},"meta":{"time":"2019-11-18T16:04:48.773Z"}}

Request

PATCH /api/connectors/v2/sessions/:session_secret/success

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Provider's `app_id` from connection details tab. Can raise: ProviderNotFound, ProviderDisabled, ConfigurationError
`App-Secret`	string, required	Provider's `app_secret` from connection details tab.

Unpacked Request Authorization

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

object, optional

Wrapper for the data.

meta

object, optional

Wrapper for the response metadata.

time

datetime, required

Time when the request was processed.

Related Errors

Class	Code	Description
SessionClosed	400	Session specified in request is already closed and cannot be modified.
ConfigurationError	400	Missing configurations in dashboard.
SessionExpired	401	Found session is expired and cannot be processed anymore.
AuthorizationMissing	401	Authorization header is missing.
SessionFinalised	403	Session specified in request is already finalised and cannot be processed.
SessionNotFound	404	Session specified in request does not exist or cannot be retrieved.
ProviderNotFound	404	Provider specified in request does not exist or cannot be retrieved.
ProviderDisabled	406	Cooperation with specified Provider is impossible.

Update

Update callback may be accessed multiple times in order to request multiple steps of authorization or to send other updates to Salt Edge PSD2 Compliance session.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb25fZXhwaXJlc19hdCI6IjIwMjAtMDMtMTBUMTI6MzM6NTAuMjE1WiIsInN0YXR1cyI6InJlY2VpdmVkIiwic2NhX3N0YXR1cyI6InJlY2VpdmVkIiwicmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9yZWRpcmVjdC11cmwuY29tIiwiZXh0cmEiOnt9LCJzZXNzaW9uX3NlY3JldCI6IkJWdXZlU0xRQ3JBNWpCWVV5eFhlIn0sImV4cCI6MTc0NjQxMzcyOSwiaXNzIjoicHJpb3JhLnNhbHRlZGdlLmNvbSJ9.s3Z7McXa9VDcXHBb6rIe6jXmbvX2FRe2DZrqf7_9VD8EELdLVJpeL5P74jzB8F6lMgpg30g3RUv77nzq4z4pD0fvB0qqMa097h4-8lPPXpDx-fVaOlAS3N3VXdLaxW0g4XRoMMtGwyxZx7l3V8UHOIs3CNMd84JRwd6bKKZuhczbb1VwUUrHnbVpHnSKnlcXRgvEu2gJS7mteQMFlZXU0mwqvK_aXUrjagNDvedzZ1LHOYYQdM5X0Kj-tQ5ZJ28LHDOeNJeTEBq08vMfggck5CDgTQ8cq69M_Ve6Q5_to9bIlz97Hsja9hwfCEM-rEexb908_RL62LH6cTXG-O77Hg" \ -H "App-Id: q5QE7Dqlpm1d5weLS5pn7w" \ -H "App-Secret: y8imt1cgG8x2zmBMrF-oxw" \ -X PATCH "/api/connectors/v2/sessions/:session_secret/update"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb25fZXhwaXJlc19hdCI6IjIwMjAtMDMtMTBUMTI6MzM6NTAuMjE1WiIsInN0YXR1cyI6InJlY2VpdmVkIiwic2NhX3N0YXR1cyI6InJlY2VpdmVkIiwicmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9yZWRpcmVjdC11cmwuY29tIiwiZXh0cmEiOnt9LCJzZXNzaW9uX3NlY3JldCI6IkJWdXZlU0xRQ3JBNWpCWVV5eFhlIn0sImV4cCI6MTc0NjQxMzcyOSwiaXNzIjoicHJpb3JhLnNhbHRlZGdlLmNvbSJ9.s3Z7McXa9VDcXHBb6rIe6jXmbvX2FRe2DZrqf7_9VD8EELdLVJpeL5P74jzB8F6lMgpg30g3RUv77nzq4z4pD0fvB0qqMa097h4-8lPPXpDx-fVaOlAS3N3VXdLaxW0g4XRoMMtGwyxZx7l3V8UHOIs3CNMd84JRwd6bKKZuhczbb1VwUUrHnbVpHnSKnlcXRgvEu2gJS7mteQMFlZXU0mwqvK_aXUrjagNDvedzZ1LHOYYQdM5X0Kj-tQ5ZJ28LHDOeNJeTEBq08vMfggck5CDgTQ8cq69M_Ve6Q5_to9bIlz97Hsja9hwfCEM-rEexb908_RL62LH6cTXG-O77Hg" \ 
 -H "App-Id: q5QE7Dqlpm1d5weLS5pn7w" \ 
 -H "App-Secret: y8imt1cgG8x2zmBMrF-oxw" \ 
 -X PATCH "/api/connectors/v2/sessions/:session_secret/update"

Example of request parameters

Example of response

{"data":{},"meta":{"time":"2019-11-18T16:04:48.853Z"}}

Request

PATCH /api/connectors/v2/sessions/:session_secret/update

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Provider's `app_id` from connection details tab. Can raise: ProviderNotFound, ProviderDisabled, ConfigurationError
`App-Secret`	string, required	Provider's `app_secret` from connection details tab.

Unpacked Request Authorization

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

object, optional

Wrapper for the data.

meta

object, optional

Wrapper for the response metadata.

time

datetime, required

Time when the request was processed.

Related Errors

Class	Code	Description
SessionClosed	400	Session specified in request is already closed and cannot be modified.
ConfigurationError	400	Missing configurations in dashboard.
SessionExpired	401	Found session is expired and cannot be processed anymore.
AuthorizationMissing	401	Authorization header is missing.
SessionFinalised	403	Session specified in request is already finalised and cannot be processed.
SessionNotFound	404	Session specified in request does not exist or cannot be retrieved.
ProviderNotFound	404	Provider specified in request does not exist or cannot be retrieved.
ProviderDisabled	406	Cooperation with specified Provider is impossible.

Fail

Fail callback should be used when authorization process has been compromised for any reason: broken request, invalid credentials, etc.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb25fc2VjcmV0IjoiM1BRaXB1RFBvV3BhMTFGY1ZFVjYiLCJlcnJvcl9jbGFzcyI6IkludGVybmFsUHJvdmlkZXJFcnJvciIsImVycm9yX21lc3NhZ2UiOiJJbnRlcm5hbCBlcnJvciIsImV4dHJhIjp7fX0sImV4cCI6MTc0NjQxMzcyOSwiaXNzIjoicHJpb3JhLnNhbHRlZGdlLmNvbSJ9.o9eSpiPh_MI0FeUWcYxjtbYrEn3aCe3MSjvGVz9tjJQV5lAZX0ut6agEWEPH01E-L_T0ekKtRtswYG6lyvUpxvjjNY3N5Ul3bLWfNGC6j0KEDJquSm6uYSXRWWAq2Bi3ASIa77angXdD2UsbApuTh6i4gsHRrtPJ6AtY_QKgSVZSZZegFYkZqBqL6Vw6hDmqB4ryl6S07B-CY4fRkW1aIutzwEQrtK8n61vbEdnWWpMYeh7zwAeYT7CpvIOI-dljUwCGFPZZIBomqvTcYtazbOOfDvTrgM5hzBZfZyhSWNHvSOHttyqtac3brStRaV7SKqUB_DyMPuxH4yFycktk4g" \ -H "App-Id: xU7SyhPrd95GAPSMNo_XMQ" \ -H "App-Secret: BVSkESo7zpRdzk_hWUUwCQ" \ -X PATCH "/api/connectors/v2/sessions/:session_secret/fail"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb25fc2VjcmV0IjoiM1BRaXB1RFBvV3BhMTFGY1ZFVjYiLCJlcnJvcl9jbGFzcyI6IkludGVybmFsUHJvdmlkZXJFcnJvciIsImVycm9yX21lc3NhZ2UiOiJJbnRlcm5hbCBlcnJvciIsImV4dHJhIjp7fX0sImV4cCI6MTc0NjQxMzcyOSwiaXNzIjoicHJpb3JhLnNhbHRlZGdlLmNvbSJ9.o9eSpiPh_MI0FeUWcYxjtbYrEn3aCe3MSjvGVz9tjJQV5lAZX0ut6agEWEPH01E-L_T0ekKtRtswYG6lyvUpxvjjNY3N5Ul3bLWfNGC6j0KEDJquSm6uYSXRWWAq2Bi3ASIa77angXdD2UsbApuTh6i4gsHRrtPJ6AtY_QKgSVZSZZegFYkZqBqL6Vw6hDmqB4ryl6S07B-CY4fRkW1aIutzwEQrtK8n61vbEdnWWpMYeh7zwAeYT7CpvIOI-dljUwCGFPZZIBomqvTcYtazbOOfDvTrgM5hzBZfZyhSWNHvSOHttyqtac3brStRaV7SKqUB_DyMPuxH4yFycktk4g" \ 
 -H "App-Id: xU7SyhPrd95GAPSMNo_XMQ" \ 
 -H "App-Secret: BVSkESo7zpRdzk_hWUUwCQ" \ 
 -X PATCH "/api/connectors/v2/sessions/:session_secret/fail"

Example of request parameters

{"data":{"session_secret":"3PQipuDPoWpa11FcVEV6","error_class":"InternalProviderError","error_message":"Internal error","extra":{}},"exp":1574093208}

Example of response

{"data":{},"meta":{"time":"2019-11-18T16:04:48.710Z"}}

Request

PATCH /api/connectors/v2/sessions/:session_secret/fail

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Provider's `app_id` from connection details tab. Can raise: ProviderNotFound, ProviderDisabled, ConfigurationError
`App-Secret`	string, required	Provider's `app_secret` from connection details tab.

Unpacked Request Authorization

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

object, optional

Wrapper for the data.

meta

object, optional

Wrapper for the response metadata.

time

datetime, required

Time when the request was processed.

Related Errors

Class	Code	Description
SessionClosed	400	Session specified in request is already closed and cannot be modified.
ConfigurationError	400	Missing configurations in dashboard.
SessionExpired	401	Found session is expired and cannot be processed anymore.
AuthorizationMissing	401	Authorization header is missing.
SessionFinalised	403	Session specified in request is already finalised and cannot be processed.
SessionNotFound	404	Session specified in request does not exist or cannot be retrieved.
ProviderNotFound	404	Provider specified in request does not exist or cannot be retrieved.
ProviderDisabled	406	Cooperation with specified Provider is impossible.

Tokens

Revoke

Revoke callback needs to be called any time a token is revoked on the Provider Connector side.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzQ2NDEzNzI5LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.wIaWQZ0aTwxSKN3XdKa4CWONFzCE1vwr7TJnLugUwxVZPJ6m5txY7jN1lkhYCRcDdFwX1DJQti4e6r_RSRjtrCrtevqUjl8zYAYq9IrPHhRtOWByxaFNtN8m0YiuoP0MOvMUxCpkNuziDz8F6EDAGfLDtvSu1Un4A20Uhl7Nd7r1pdFnasbQG8U_r5cGQ1TK8MMuUpo2kcl3zUPT8AT_787iaKxAnPkmRoc0Gqw9Mm5W0hv9n7qfhqGy3f2-mlkz2Ys80BZTlWKpHXoYWax3X1N2fNFDtJuILFD0w4KeHkAegaPibpV3VO7HopPJDPhkx6Q2Lqf2AeKmfDF-57f8NQ" \ -H "App-Id: cfOK5P9RVooLksNv8il3rw" \ -H "App-Secret: rwkTbW41SPT55uo1I_-UGQ" \ -H "Token: example_Token" \ -X PATCH "/api/connectors/v2/funds_confirmations/tokens/revoke"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzQ2NDEzNzI5LCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.wIaWQZ0aTwxSKN3XdKa4CWONFzCE1vwr7TJnLugUwxVZPJ6m5txY7jN1lkhYCRcDdFwX1DJQti4e6r_RSRjtrCrtevqUjl8zYAYq9IrPHhRtOWByxaFNtN8m0YiuoP0MOvMUxCpkNuziDz8F6EDAGfLDtvSu1Un4A20Uhl7Nd7r1pdFnasbQG8U_r5cGQ1TK8MMuUpo2kcl3zUPT8AT_787iaKxAnPkmRoc0Gqw9Mm5W0hv9n7qfhqGy3f2-mlkz2Ys80BZTlWKpHXoYWax3X1N2fNFDtJuILFD0w4KeHkAegaPibpV3VO7HopPJDPhkx6Q2Lqf2AeKmfDF-57f8NQ" \ 
 -H "App-Id: cfOK5P9RVooLksNv8il3rw" \ 
 -H "App-Secret: rwkTbW41SPT55uo1I_-UGQ" \ 
 -H "Token: example_Token" \ 
 -X PATCH "/api/connectors/v2/funds_confirmations/tokens/revoke"

Example of request parameters

{"data":{},"exp":1574093208}

Example of response

{"data":{"revoked":true},"meta":{"time":"2019-11-18T16:04:48.928Z"}}

Request

PATCH /api/connectors/v2/funds_confirmations/tokens/revoke

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Provider's `app_id` from connection details tab. Can raise: ProviderNotFound, ProviderDisabled, ConfigurationError
`App-Secret`	string, required	Provider's `app_secret` from connection details tab.
`Token`	string, required	Token for which we are requesting info. Can raise: TokenNotFound, TokenMissing

Unpacked Request Authorization

data

object, required

Wrapper for the data.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response

Revoke callback needs to be called any time a token is revoked on the Provider Connector side.

data

object, optional

Wrapper for the data.

revoked

boolean, required

Result of operation which tells whether the token was revoked or not.

meta

object, optional

Wrapper for the response metadata.

time

datetime, required

Time when the request was processed.

Related Errors

Class	Code	Description
ConfigurationError	400	Missing configurations in dashboard.
TokenMissing	400	This request cannot be performed without `Access_Token` header.
AuthorizationMissing	401	Authorization header is missing.
ProviderNotFound	404	Provider specified in request does not exist or cannot be retrieved.
TokenNotFound	404	Token specified in request does not exist or cannot be retrieved.
ProviderDisabled	406	Cooperation with specified Provider is impossible.