Payments
Authorisation statuses
The current stage of the authorisation lifecycle is represented in
scaStatus
field. The status of the authorisation can be one of the following:
Name | Description |
---|---|
accepted | An authorisation or cancellation-authorisation resource has been created successfully on Dedicated Interface's side and was sent to ASPSP. |
received | An authorisation or cancellation-authorisation resource has been created successfully on ASPSP's side. |
psuIdentified | The PSU related to the authorisation or cancellation-authorisation resource has been identified. |
psuAuthenticated | The PSU related to the authorisation or cancellation-authorisation resource has been identified and authenticated e.g. by a password or by an access token. |
scaMethodSelected | The PSU/TPP has selected the related SCA routine. If the SCA method is chosen implicitly since only one SCA method is available, then this is the first status to be reported instead of "received". |
started | The addressed SCA routine has been started. |
unconfirmed | SCA is technically successfully finalised by the PSU, but the authorisation resource needs a confirmation command by the TPP yet. |
finalised | The SCA routine has been finalised successfully (including a potential confirmation command). This is a final status of the authorisation resource. |
failed | The SCA routine failed. This is a final status of the authorisation resource. |
exempted | SCA was exempted for the related transaction, the related authorisation is successful. This is a final status of the authorisation resource. |
Payment Order statuses
The current stage of a payment order lifecycle is represented in
transactionStatus
field. The status of a payment order can be one of the following:
Code | Name | Description |
---|---|---|
ACCC | AcceptedSettlementCompleted | Settlement on the creditor's account has been completed. |
ACCP | AcceptedCustomerProfile | Preceding check of technical validation was successful. Customer profile check was also successful. |
ACSC | AcceptedSettlementCompleted | Settlement on the debtor’s account has been completed. |
ACSP | AcceptedSettlementInProcess | All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution. |
ACTC | AcceptedTechnicalValidation | Authentication and syntactical and semantical validation are successful. |
ACWC | AcceptedWithChange | Instruction is accepted but a change will be made, such as date or remittance not sent. |
ACWP | AcceptedWithoutPosting | Payment instruction included in the credit transfer is accepted without being posted to the creditor customer’s account. |
RCVD | Received | Payment initiation has been received by the receiving agent. |
PDNG | Pending | Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed. |
RJCT | Rejected | Payment initiation or individual transaction included in the payment initiation has been rejected. |
CANC | Cancelled |
Payment initiation has been cancelled before execution.
Remark: This code is accepted as new code by ISO20022. |
ACFC | AcceptedFundsChecked |
Pre-ceeding check of technical validation and customer profile was successful and an automatic funds check was positive.
Remark: This code is accepted as new code by ISO20022. |
PATC | PartiallyAcceptedTechnicalCorrect |
The payment initiation needs multiple authentications, where some but not yet all have been performed. Syntactical and semantical validations are successful.
Remark: This code is accepted as new code by ISO20022. |
PART | PartiallyAccepted | A number of transactions have been accepted, whereas another number of transactions have not yet achieved 'accepted' status. Remark: This code may be used only in case of bulk payments. It is only used in a situation where all mandated authorisations have been applied, but some payments have been rejected. |
Create
This method is used to instruct Dedicated Interface to initialize the payment creation.
CURL
curl -i \
-H "TPP-Redirect-URI: https://redirect-my-psu-here.please" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2029 11:25:59 GMT" \
-H "Psu-ID: 531" \
-H "Psu-Corporate-ID: 511" \
-H "Psu-IP-Address: 255.255.255.255" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-H "Content-Type: application/json" \
-H "TPP-Redirect-Preferred: true" \
-d '{
"creditorName": "John Smith",
"instructedAmount": {
"amount": "145.3",
"currency": "EUR"
},
"remittanceInformationUnstructured": "Payment description",
"endToEndIdentification": "cc5a8022-5e71-460e-82fa-ab0be1997a5",
"creditorAccount": {
"iban": "FK54RAND61068421435452",
"bic": "BARCGB22XXX"
},
"debtorAccount": {
"iban": "FK53RAND61068421435422",
"bic": "BARCGB22XXX"
},
"creditorAddress": {
"streetName": "str. First of May",
"buildingNumber": "43c",
"townName": "Budapest",
"postCode": "445511",
"country": "HU"
},
"creditorAgentName": "Smith John"
}' \
-X POST "/:provider_code/api/berlingroup/v1/payments/:payment_product"
Example of parameters
Example of response
Request
POST
/:provider_code/api/berlingroup/v1/payments/:payment_product
Headers
Header | Type | Description |
---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
TPP-Redirect-Preferred
|
boolean, optional | If it equals "true", the TPP prefers a redirect over an embedded SCA approach. If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU. If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU. Default value: true Can raise: BadRequest |
TPP-Redirect-URI
|
url, optional | URI of the TPP, where the transaction flow shall be redirected to after a Redirect. Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true". It is strongly recommended to add a unique identifier for validation purposes on TPP side. |
Psu-IP-Address
|
string, required | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Explicit-Authorisation-Preferred
|
boolean, optional | If it equals "true", the TPP prefers to start the authorisation process separately, e.g. because of the usage of a signing basket. This preference might be ignored by the ASPSP, if a signing basket is not supported as functionality. If it equals "false" or if the parameter is not used, there is no preference of the TPP. This especially indicates that the TPP assumes a direct authorisation of the transaction in the next step, without using a signing basket. Default value: false |
Request parameters
Response headers
Header | Type | Description |
---|---|---|
ASPSP-SCA-Approach
|
string, optional | Selected by ASPSP SCA Approach Allowed values: REDIRECT, EMBEDDED, DECOUPLED |
Response
This method is used to instruct Dedicated Interface to initialize the payment creation.
Related Errors
Class | Code | Description |
---|---|---|
FormatError | 400 | Invalid input. More info in error_message |
ServiceInvalid | 400 | Something went wrong on Provider(ASPSP) side. |
CountryNameInvalid | 400 | Country doesn't exist or is invalid. Expected alpha 2 ISO3166 format. |
BadRequest | 400 | Given value is invalid. |
CertificateMissing | 401 | This request cannot be performed without Certificate header. |
CertificateInvalid | 401 | Given certificate is invalid. |
SignatureInvalid | 401 | Given signature is invalid. |
SignatureMissing | 401 | This request cannot be performed without Signature header. |
SignatureMalformed | 401 | Given signature is malformed. |
ProductInvalid | 403 | The payment product is not supported by the addressed service/resource. |
ProductUnknown | 404 | The payment product wasn't found. |
ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
Show
This method returns payment data.
CURL
curl -i \
-H "Content-Type: application/json" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 531" \
-H "Psu-Corporate-ID: 511" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id"
Example of response
Request
GET
/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id
Headers
Header | Type | Description |
---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Request parameters
Response
This method returns payment data.
Related Errors
Class | Code | Description |
---|---|---|
CertificateMissing | 401 | This request cannot be performed without Certificate header. |
CertificateInvalid | 401 | Given certificate is invalid. |
SignatureInvalid | 401 | Given signature is invalid. |
SignatureMissing | 401 | This request cannot be performed without Signature header. |
SignatureMalformed | 401 | Given signature is malformed. |
ProductInvalid | 403 | The payment product is not supported by the addressed service/resource. |
ProductUnknown | 404 | The payment product wasn't found. |
ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
Authorisation
This method returns the SCA status of a consent initiation's authorisation subresource.
CURL
curl -i \
-H "Content-Type: application/json" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 414" \
-H "Psu-Corporate-ID: 4142" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id/authorisations/:authorisation_id"
Example of response
Request
GET
/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id/authorisations/:authorisation_id
Headers
Header | Type | Description |
---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Request parameters
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
CertificateMissing | 401 | This request cannot be performed without Certificate header. |
CertificateInvalid | 401 | Given certificate is invalid. |
SignatureInvalid | 401 | Given signature is invalid. |
SignatureMissing | 401 | This request cannot be performed without Signature header. |
SignatureMalformed | 401 | Given signature is malformed. |
ProductInvalid | 403 | The payment product is not supported by the addressed service/resource. |
ProductUnknown | 404 | The payment product wasn't found. |
ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
Status
This method returns payment status.
CURL
curl -i \
-H "Content-Type: application/json" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 531" \
-H "Psu-Corporate-ID: 511" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id/status"
Example of response
Request
GET
/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id/status
Headers
Header | Type | Description |
---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Request parameters
Response
This method returns payment status.
Related Errors
Class | Code | Description |
---|---|---|
CertificateMissing | 401 | This request cannot be performed without Certificate header. |
CertificateInvalid | 401 | Given certificate is invalid. |
SignatureInvalid | 401 | Given signature is invalid. |
SignatureMissing | 401 | This request cannot be performed without Signature header. |
SignatureMalformed | 401 | Given signature is malformed. |
ProductInvalid | 403 | The payment product is not supported by the addressed service/resource. |
ProductUnknown | 404 | The payment product wasn't found. |
ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
Revoke
It initiates the cancellation of a payment order. Depending on the payment-product and the ASPSP's implementation, this TPP call might be sufficient to cancel a payment.
CURL
curl -i \
-H "TPP-Redirect-URI: https://redirect-my-psu-here.please" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 531" \
-H "Psu-Corporate-ID: 511" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-H "Content-Type: application/json" \
-H "TPP-Redirect-Preferred: true" \
-d '{}' \
-X DELETE "/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id"
Example of response
Request
DELETE
/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id
Headers
Header | Type | Description |
---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
TPP-Redirect-Preferred
|
boolean, optional | If it equals "true", the TPP prefers a redirect over an embedded SCA approach. If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU. If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU. Default value: true |
TPP-Redirect-URI
|
url, required | URI of the TPP, where the transaction flow shall be redirected to after a Redirect. Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true". It is strongly recommended to add a unique identifier for validation purposes on TPP side. |
Request parameters
Response headers
Header | Type | Description |
---|---|---|
ASPSP-SCA-Approach
|
string, required | Selected by ASPSP SCA Approach Allowed values: REDIRECT, EMBEDDED, DECOUPLED |
Response
It initiates the cancellation of a payment order. Depending on the payment-product and the ASPSP's implementation, this TPP call might be sufficient to cancel a payment.
Related Errors
Class | Code | Description |
---|---|---|
CertificateMissing | 401 | This request cannot be performed without Certificate header. |
CertificateInvalid | 401 | Given certificate is invalid. |
SignatureInvalid | 401 | Given signature is invalid. |
SignatureMissing | 401 | This request cannot be performed without Signature header. |
SignatureMalformed | 401 | Given signature is malformed. |
ProductInvalid | 403 | The payment product is not supported by the addressed service/resource. |
ProductUnknown | 404 | The payment product wasn't found. |
ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
CancellationInvalid | 405 | The addressed payment is not cancellable e.g. due to cut off time passed or legal constraints. |
Cancellation Authorisations of Payment
Will deliver an array of resource identifications to all generated cancellation authorisation subresources.
CURL
curl -i \
-H "Content-Type: application/json" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 414" \
-H "Psu-Corporate-ID: 4142" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id/cancellation-authorisations"
Example of response
Request
GET
/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id/cancellation-authorisations
Headers
Header | Type | Description |
---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Request parameters
Response
Will deliver an array of resource identifications to all generated cancellation authorisation subresources.
Related Errors
Class | Code | Description |
---|---|---|
CertificateMissing | 401 | This request cannot be performed without Certificate header. |
CertificateInvalid | 401 | Given certificate is invalid. |
SignatureInvalid | 401 | Given signature is invalid. |
SignatureMissing | 401 | This request cannot be performed without Signature header. |
SignatureMalformed | 401 | Given signature is malformed. |
ProductInvalid | 403 | The payment product is not supported by the addressed service/resource. |
ProductUnknown | 404 | The payment product wasn't found. |
ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
Cancellation Authorisation of Payment
This method returns the SCA status of a payment cancellation's authorisation subresource.
CURL
curl -i \
-H "Content-Type: application/json" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 414" \
-H "Psu-Corporate-ID: 4142" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id/cancellation-authorisations/:authorisation_id"
Example of response
Request
GET
/:provider_code/api/berlingroup/v1/payments/:payment_product/:payment_id/cancellation-authorisations/:authorisation_id
Headers
Header | Type | Description |
---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Request parameters
Response
This method returns the SCA status of a payment cancellation's authorisation subresource.
Related Errors
Class | Code | Description |
---|---|---|
CertificateMissing | 401 | This request cannot be performed without Certificate header. |
CertificateInvalid | 401 | Given certificate is invalid. |
SignatureInvalid | 401 | Given signature is invalid. |
SignatureMissing | 401 | This request cannot be performed without Signature header. |
SignatureMalformed | 401 | Given signature is malformed. |
ProductInvalid | 403 | The payment product is not supported by the addressed service/resource. |
ProductUnknown | 404 | The payment product wasn't found. |
ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |