NAV
HyperJar Sandbox

AISP

Consents

Authorisation

CURL

curl -i  \ 
 -H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 414" \ 
 -H "Psu-Corporate-ID: 4142" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -d '{
  "provider_code": "demobank",
  "consent_id": 445,
  "authorisation_id": 32
}' \ 
-X GET "http://priora.saltedge.com/:provider_code/api/berlingroup/v1/consents/:consent_id/authorisations/:authorisation_id"

Example of parameters

{"provider_code":"demobank","consent_id":445,"authorisation_id":32}

Example of response

{"scaStatus":"started"}

This method returns the SCA status of a consent initiation's authorisation sub-resource.

Request

GET http://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/consents/:consent_id/authorisations/:authorisation_id

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Parameters
Parameter Type Description
authorisation_id (path) string, required Unique resource identification of the created authorization sub-resource. Can raise: ResourceUnknown
consent_id (path) string, required The consent identifier assigned to the created resource. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied
provider_code (path) string, required Human readable Provider identifier. Can raise: ResourceUnknown, AccessDenied
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response
Response Type Description
scaStatus string, required The link to retrieve the scaStatus of the corresponding authorization subresource. Allowed values: accepted, received, psuIdentified, psuAuthenticated, scaMethodSelected, started, finalised, failed, exempted
Related Errors
Class Code Description
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentExpired 401 The consent was created by this TPP but has expired and needs to be renewed.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.

Status

CURL

curl -i  \ 
 -H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 531" \ 
 -H "Psu-Corporate-ID: 511" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -d '{
  "provider_code": "demobank",
  "consent_id": 32
}' \ 
-X GET "https://priora.saltedge.com/:provider_code/api/berlingroup/v1/consents/:consent_id/status"

Example of parameters

{"provider_code":"demobank","consent_id":32}

Example of response

{"consentStatus":"valid"}

Read the status of an account information consent resource.

Request

GET https://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/consents/:consent_id/status

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Parameters
Parameter Type Description
consent_id (path) string, required The consent identifier assigned to the created resource. Can raise: ConsentUnknown
provider_code (path) string, required Human readable Provider identifier. Can raise: ResourceUnknown, AccessDenied
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response
Response Type Description
consentStatus string, required This is the overall lifecycle status of the consent. Allowed values: accepted, received, fetchingAccountInformation, valid, partiallyAuthorised, rejected, revokedByPsu, expired, terminatedByTpp, fetchingFinished
Related Errors
Class Code Description
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.

Show

CURL

curl -i  \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 421" \ 
 -H "Psu-Corporate-ID: 653" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -d '{
  "provider_code": "demobank",
  "consent_id": 32
}' \ 
-X GET "https://priora.saltedge.com/:provider_code/api/berlingroup/v1/consents/:consent_id"

Example of parameters

{"provider_code":"demobank","consent_id":32}

Example of response

Returns the content of an account information consent object. This is returning the data for the TPP especially in cases, where the consent was directly managed between ASPSP and PSU e.g. in a re-direct SCA Approach.

Request

GET https://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/consents/:consent_id

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Parameters
Parameter Type Description
consent_id (path) string, required The consent identifier assigned to the created resource. Can raise: ConsentUnknown
provider_code (path) string, required Human readable Provider identifier. Can raise: ResourceUnknown, AccessDenied
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response
Related Errors
Class Code Description
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.

Create

CURL

curl -i  \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 535" \ 
 -H "Psu-Corporate-ID: 4111" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -H "TPP-Redirect-Preferred: false" \ 
 -H "TPP-Redirect-URI: https://www.link.to/tpp/redirect/uri" \ 
 -d '{
  "provider_code": "demobank",
  "recurringIndicator": true,
  "frequencyPerDay": 2,
  "validUntil": "2019-12-27",
  "access": {
    "allPsd2": "allAccounts"
  }
}' \ 
-X POST "https://priora.saltedge.com/:provider_code/api/berlingroup/v1/consents"

Example of parameters

Example of response

{"consentId":"32","consentStatus":"valid","_links":{"status":{"href":"/demobank/api/berlingroup/v1/consents/911/status"},"scaRedirect":{"href":"https://user.will.be/redirected/here"},"scaStatus":{"href":"/demobank/api/berlingroup/v1/consents/911/authorisations/1020"}}}

This method create a consent resource, defining access rights to dedicated accounts of a given PSU-ID. These accounts are addressed explicitly in the method as parameters as a core function.

Request

POST https://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/consents

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
TPP-Redirect-Preferred boolean, required If it equals "true", the TPP prefers a redirect over an embedded SCA approach. If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU. If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU.
TPP-Redirect-URI string, required URI of the TPP, where the transaction flow shall be redirected to after a Redirect. Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true". It is recommended to always use this header field.
Parameters
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response
Response Type Description
_links hash, required A list of hyperlinks to be recognized by the TPP.
_links.scaRedirect.href string, required The link to specified by wrapper resource.
_links.scaStatus.href string, required The link to specified by wrapper resource.
_links.status.href string, required The link to specified by wrapper resource.
consentId string, required The consent identifier assigned to the created resource.
consentStatus string, required This is the overall lifecycle status of the consent.
_links.scaRedirect hash, optional In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browser.
_links.scaStatus hash, optional The link to retrieve the scaStatus of the corresponding authorization subresource. This link is only contained if an authorization sub-resource has been already created.
_links.status hash, optional The link to retrieve the transaction status of the payment initiation.
Related Errors
Class Code Description
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.

Destroy

CURL

curl -i  \ 
 -H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 531" \ 
 -H "Psu-Corporate-ID: 511" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -d '{
  "provider_code": "demobank",
  "consent_id": 32
}' \ 
-X DELETE "https://priora.saltedge.com/:provider_code/api/berlingroup/v1/consents/:consent_id"

Example of parameters

{"provider_code":"demobank","consent_id":32}

This method deletes a consent.

Request

DELETE https://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/consents/:consent_id

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Parameters
Parameter Type Description
consent_id (path) string, required The consent identifier assigned to the created resource. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied
provider_code (path) string, required Human readable Provider identifier. Can raise: ResourceUnknown, AccessDenied
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other posibilities.

Related Errors
Class Code Description
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentExpired 401 The consent was created by this TPP but has expired and needs to be renewed.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.

Card Accounts

Transactions

CURL

curl -i  \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 53" \ 
 -H "Psu-Corporate-ID: 432" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -H "Consent-Id: 42" \ 
 -d '{
  "provider_code": "demobank",
  "account_id": "223",
  "dateFrom": "2018-09-11",
  "dateTo": "2020-02-14",
  "bookingStatus": "both"
}' \ 
-X GET "https://priora.saltedge.com/:provider_code/api/berlingroup/v1/card-accounts/:account_id/transactions"

Example of parameters

{"provider_code":"demobank","account_id":"223","dateFrom":"2018-09-11","dateTo":"2020-02-14","bookingStatus":"both"}

Example of response

{"cardAccount":{"maskedPan":"525412******3241"},"cardTransactions":{"booked":[{"cardTransactionId":"string","terminalId":"string","transactionDate":"2020-02-12","bookingDate":"2020-02-12","status":"booked","transactionAmount":{"currency":"EUR","amount":"123"},"currencyExchange":[{"sourceCurrency":"EUR","exchangeRate":"string","unitCurrency":"string","targetCurrency":"EUR","quotationDate":"2020-02-12","contractIdentification":"string"}],"originalAmount":{"currency":"EUR","amount":"123"},"markupFee":{"currency":"EUR","amount":"123"},"markupFeePercentage":"0.3","cardAcceptorId":"string","cardAcceptorAddress":{"street":"rue blue","buildingnNumber":"89","city":"Paris","postalCode":"75000","country":"FR"},"merchantCategoryCode":"string","maskedPAN":"123456xxxxxx1234","transactionDetails":"string","invoiced":true,"proprietaryBankTransactionCode":"string"}],"pending":[{"cardTransactionId":"938","terminalId":"string","transactionDate":"2020-02-12","transactionAmount":{"currency":"EUR","amount":"123"},"currencyExchange":[{"sourceCurrency":"EUR","exchangeRate":"string","unitCurrency":"string","targetCurrency":"EUR","quotationDate":"2020-02-12","contractIdentification":"string"}],"originalAmount":{"currency":"EUR","amount":"123"},"markupFee":{"currency":"EUR","amount":"123"},"markupFeePercentage":"0.3","cardAcceptorId":"string","cardAcceptorAddress":{"street":"rue blue","buildingnNumber":"89","city":"Paris","postalCode":"75000","country":"FR"},"merchantCategoryCode":"string","maskedPAN":"123456xxxxxx1234","transactionDetails":"string","invoiced":true,"proprietaryBankTransactionCode":"string"}],"_links":{"cardAccount":{"href":"/demobank/api/berlingroup/v1/card-accounts/938"}}},"balances":[{"balanceAmount":{"currency":"EUR","amount":"123"},"balanceType":"closingBooked","creditLimitIncluded":false,"lastChangeDateTime":"2020-02-12T09:45:10.068Z","referenceDate":"2020-02-12","lastCommittedTransaction":"string"}]}

Read transaction reports or transaction lists of a given card account addressed by account-id.

Request

GET https://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/card-accounts/:account_id/transactions

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Consent-Id string, required ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied
Parameters
Parameter Type Description
account_id (path) string, required Account ID. Can raise: ResourceUnknown
bookingStatus string, required Permitted codes are booked, pending and both. booked shall be supported by the ASPSP. Allowed values: booked, pending, both
provider_code (path) string, required Human readable Provider identifier. Can raise: ResourceUnknown, AccessDenied
dateFrom date, optional Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required.
dateTo date, optional End date (inclusive the data dateTo) of the transaction list, default is "now" if not given. Default value: Today.
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response
Response Type Description
balances array, required The specific card account balances associated to this card accounts.
balances.balanceAmount hash, required Account balance and amount information.
balances.balanceAmount.amount string, required Account amount.
balances.balanceAmount.currency string, required Account currency code from ISO 4217.
balances.balanceType string, required ExternalCashAccountType1Code from ISO 20022. Allowed values: closingBooked, expected, openingBooked, interimAvailable, forwardAvailable, interimBooked, openingAvailable, previouslyClosedBooked, closingAvailable, information
cardAccount hash, required Wrapper of card account information.
cardAccount.maskedPan string, required Primary Account Number (PAN) of the main card in masked form.
cardTransactions._links hash, required A list of hyperlinks to be recognized by the TPP.
cardTransactions._links.cardAccount hash, required Wrapper of card account information.
cardTransactions._links.cardAccount.href string, required Attached href link to account information.
cardTransactions.booked array, required List of booked transactions.
cardTransactions.booked.cardTransactionId string, required Card Transaction identifier.
cardTransactions.booked.status string, required Conveys current status of the operation. Allowed values: booked, pending
cardTransactions.booked.transactionAmount hash, required The amount of the transaction as billed to the account.
cardTransactions.booked.transactionAmount.amount string, required Transaction amount.
cardTransactions.booked.transactionAmount.currency string, required Account currency code from ISO 4217.
cardTransactions.booked.transactionDate date, required Date of the actual card transaction
cardTransactions.booked.transactionDetails string, required Transaction details.
cardTransactions.pending array, required List of pending transactions.
cardTransactions.pending.cardTransactionId string, required Card Transaction identifier.
cardTransactions.pending.status string, required Conveys current status of the operation. Allowed values: booked, pending
cardTransactions.pending.transactionAmount hash, required The amount of the transaction as billed to the account.
cardTransactions.pending.transactionAmount.amount string, required Transaction amount.
cardTransactions.pending.transactionAmount.currency string, required Account currency code from ISO 4217.
cardTransactions.pending.transactionDate date, required Date of the actual card transaction
cardTransactions.pending.transactionDetails string, required Transaction details.
cardTransactions hash, optional List of card transactions.
cardTransactions.booked.bookingDate date, optional The Date when an entry is posted to an account on the ASPSPs books.
cardTransactions.booked.cardAcceptorAddress hash, optional Address of the Card Acceptor as given in the related card transaction.
cardTransactions.booked.cardAcceptorAddress.buildingNumber string, optional Building number of card acceptor.
cardTransactions.booked.cardAcceptorAddress.city string, optional City of card acceptor.
cardTransactions.booked.cardAcceptorAddress.country string, optional Country of card acceptor.
cardTransactions.booked.cardAcceptorAddress.postalCode string, optional Postal code of card acceptor.
cardTransactions.booked.cardAcceptorAddress.street string, optional Street of card acceptor.
cardTransactions.booked.cardAcceptorId string, optional Identification of the Card Acceptor (e.g. merchant) as given in the related card transaction.
cardTransactions.booked.currencyExchange array, optional For card accounts, this often is restricted by the ASPSP to use only one exchange rate.
cardTransactions.booked.currencyExchange.contractIdentification string, optional Date at which an exchange rate is quoted.
cardTransactions.booked.currencyExchange.exchangeRate string, optional Factor used to convert an amount from one currency into another. This reflects the price at which one currency was bought with another currency.
cardTransactions.booked.currencyExchange.quotationDate date, optional Date at which an exchange rate is quoted.
cardTransactions.booked.currencyExchange.sourceCurrency string, optional Currency from which an amount is to be converted in a currency conversion.
cardTransactions.booked.currencyExchange.targetCurrency string, optional Currency into which an amount is to be converted in a currency conversion.
cardTransactions.booked.currencyExchange.unitCurrency string, optional Currency in which the rate of exchange is expressed in a currency exchange. In the example 1EUR = xxxCUR, the unit currency is EUR.
cardTransactions.booked.invoiced boolean, optional Flag indicating whether the underlying card transaction is already invoiced. Allowed values: true, false
cardTransactions.booked.markupFee hash, optional Any fee related to the transaction in billing currency.
cardTransactions.booked.markupFee.amount string, optional Any fee related to the transaction in billing currency.
cardTransactions.booked.markupFee.currency string, optional Account currency code from ISO 4217.
cardTransactions.booked.markupFeePercentage string, optional Percentage of the involved transaction fee in relation to the billing amount, e.g. "0.3" for 0,3%.
cardTransactions.booked.maskedPan string, optional Primary Account Number (PAN) of the main card in masked form.
cardTransactions.booked.merchantCategoryCode string, optional Merchant Category Code of the Card Acceptor as given in the related card transaction.
cardTransactions.booked.originalAmount hash, optional Original amount of the transaction at the Point of Interaction in orginal currency.
cardTransactions.booked.originalAmount.amount string, optional Original amount of the transaction at the Point of Interaction in orginal currency.
cardTransactions.booked.originalAmount.currency string, optional Account currency code from ISO 4217.
cardTransactions.booked.proprietaryBankTransactionCode string, optional Proprietary bank transaction code as used within a community or within an ASPSP e.g. for MT94x based transaction reports.
cardTransactions.booked.terminalId string, optional Identification of the Terminal, where the card has been used.
cardTransactions.pending.bookingDate date, optional The Date when an entry is posted to an account on the ASPSPs books.
cardTransactions.pending.cardAcceptorAddress hash, optional Address of the Card Acceptor as given in the related card transaction.
cardTransactions.pending.cardAcceptorAddress.buildingNumber string, optional Building number of card acceptor.
cardTransactions.pending.cardAcceptorAddress.city string, optional City of card acceptor.
cardTransactions.pending.cardAcceptorAddress.country string, optional Country of card acceptor.
cardTransactions.pending.cardAcceptorAddress.postalCode string, optional Postal code of card acceptor.
cardTransactions.pending.cardAcceptorAddress.street string, optional Street of card acceptor.
cardTransactions.pending.cardAcceptorId string, optional Identification of the Card Acceptor (e.g. merchant) as given in the related card transaction.
cardTransactions.pending.currencyExchange array, optional For card accounts, this often is restricted by the ASPSP to use only one exchange rate.
cardTransactions.pending.currencyExchange.contractIdentification string, optional Date at which an exchange rate is quoted.
cardTransactions.pending.currencyExchange.exchangeRate string, optional Factor used to convert an amount from one currency into another. This reflects the price at which one currency was bought with another currency.
cardTransactions.pending.currencyExchange.quotationDate date, optional Date at which an exchange rate is quoted.
cardTransactions.pending.currencyExchange.sourceCurrency string, optional Currency from which an amount is to be converted in a currency conversion.
cardTransactions.pending.currencyExchange.targetCurrency string, optional Currency into which an amount is to be converted in a currency conversion.
cardTransactions.pending.currencyExchange.unitCurrency string, optional Currency in which the rate of exchange is expressed in a currency exchange. In the example 1EUR = xxxCUR, the unit currency is EUR.
cardTransactions.pending.invoiced boolean, optional Flag indicating whether the underlying card transaction is already invoiced. Allowed values: true, false
cardTransactions.pending.markupFee hash, optional Any fee related to the transaction in billing currency.
cardTransactions.pending.markupFee.amount string, optional Any fee related to the transaction in billing currency.
cardTransactions.pending.markupFee.currency string, optional Account currency code from ISO 4217.
cardTransactions.pending.markupFeePercentage string, optional Percentage of the involved transaction fee in relation to the billing amount, e.g. "0.3" for 0,3%.
cardTransactions.pending.maskedPan string, optional Primary Account Number (PAN) of the main card in masked form.
cardTransactions.pending.merchantCategoryCode string, optional Merchant Category Code of the Card Acceptor as given in the related card transaction.
cardTransactions.pending.originalAmount hash, optional Original amount of the transaction at the Point of Interaction in orginal currency.
cardTransactions.pending.originalAmount.amount string, optional Original amount of the transaction at the Point of Interaction in orginal currency.
cardTransactions.pending.originalAmount.currency string, optional Account currency code from ISO 4217.
cardTransactions.pending.proprietaryBankTransactionCode string, optional Proprietary bank transaction code as used within a community or within an ASPSP e.g. for MT94x based transaction reports.
cardTransactions.pending.terminalId string, optional Identification of the Terminal, where the card has been used.
Related Errors
Class Code Description
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentExpired 401 The consent was created by this TPP but has expired and needs to be renewed.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.

Show

CURL

curl -i  \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 53" \ 
 -H "Psu-Corporate-ID: 432" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -H "Consent-Id: 42" \ 
 -d '{
  "provider_code": "demobank",
  "account_id": "123"
}' \ 
-X GET "https://priora.saltedge.com/:provider_code/api/berlingroup/v1/card-accounts/:account_id"

Example of parameters

{"provider_code":"demobank","account_id":"123"}

Example of response

{"cardAccount":{"resourceId":"3d9a81b3-a47d-4130-8765-a9c0ff861b99","maskedPan":"525412******3241","currency":"EUR","name":"Main","product":"Basic Credit","status":"enabled","creditLimit":{"currency":"EUR","amount":"15000"},"balances":[{"balanceType":"interimBooked","balanceAmount":{"currency":"EUR","amount":"14355.78"}},{"balanceType":"nonInvoiced","balanceAmount":{"currency":"EUR","amount":"4175.86"}}],"_links":{"transactions":{"href":"/demobank/api/berlingroup/v1/card-accounts/3d9a81b3-a47d-4130-8765-a9c0ff861b99/transactions"}}}}

Reads details about a card account. It is assumed that a consent of the PSU to this access is already given and stored on the Salt Edge Compliance system. The addressed details of this account depends then on the stored consent addressed by consentId.

Request

GET https://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/card-accounts/:account_id

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Consent-Id string, required ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied
Parameters
Parameter Type Description
account_id (path) string, required Account ID. Can raise: ResourceUnknown
provider_code (path) string, required Human readable Provider identifier. Can raise: ResourceUnknown, AccessDenied
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response
Response Type Description
cardAccount hash, required Wrapper of card account information.
cardAccount._links hash, required A list of hyperlinks to be recognized by the TPP.
cardAccount._links.transactions.href string, required Attached href link to transactions information.
cardAccount.balances.balanceAmount hash, required Account balance and amount information.
cardAccount.balances.balanceAmount.amount string, required Account amount.
cardAccount.balances.balanceAmount.currency string, required Account currency code from ISO 4217.
cardAccount.balances.balanceType string, required ExternalCashAccountType1Code from ISO 20022. Allowed values: closingBooked, expected, openingBooked, interimAvailable, forwardAvailable, interimBooked, openingAvailable, previouslyClosedBooked, closingAvailable, information
cardAccount.creditLimit hash, required Defines the credit limit of the PSU aggregated for all cards related to this card account in total.
cardAccount.creditLimit.amount string, required Credit limit amount.
cardAccount.creditLimit.currency string, required Account currency code from ISO 4217.
cardAccount.currency string, required Account currency code from ISO 4217.
cardAccount.maskedPan string, required Primary Account Number (PAN) of the main card in masked form.
cardAccount.name string, required Name of the card account given by the bank or the PSU in Online-Banking.
cardAccount.product string, required Product Name of the Bank for this account, proprietary definition.
cardAccount.resourceId string, required This is the data element to be used in the path when retrieving data from a dedicated account.
cardAccount.status string, required Conveys current status of the operation. Allowed values: enabled, deleted, blocked
cardAccount._links.transactions hash, optional Attached links to transaction information.
cardAccount.balances array, optional The specific card account balances associated to this card accounts.
Related Errors
Class Code Description
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentExpired 401 The consent was created by this TPP but has expired and needs to be renewed.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.

Index

CURL

curl -i  \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 53" \ 
 -H "Psu-Corporate-ID: 432" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -H "Consent-Id: 42" \ 
 -d '{
  "provider_code": "demobank"
}' \ 
-X GET "https://priora.saltedge.com/:provider_code/api/berlingroup/v1/card-accounts"

Example of parameters

{"provider_code":"demobank"}

Example of response

{"cardAccounts":[{"resourceId":"3d9a81b3-a47d-4130-8765-a9c0ff861b99","maskedPan":"525412******3241","currency":"EUR","name":"Main","product":"Basic Credit","status":"blocked","creditLimit":{"currency":"EUR","amount":"15000"},"balances":[{"balanceType":"interimBooked","balanceAmount":{"currency":"EUR","amount":"14355.78"}},{"balanceType":"nonInvoiced","balanceAmount":{"currency":"EUR","amount":"4175.86"}}],"_links":{"transactions":{"href":"/demobank/api/berlingroup/v1/card-accounts/3d9a81b3-a47d-4130-8765-a9c0ff861b99/transactions"}}}]}

Reads a list of card accounts with additional information, e.g. balance information. It is assumed that a consent of the PSU to this access is already given and stored on Salt Edge Compliance system. The addressed list of card accounts depends then on the PSU ID and the stored consent addressed by consentId.

Request

GET https://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/card-accounts

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Consent-Id string, required ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied
Parameters
Parameter Type Description
provider_code (path) string, required Human readable Provider identifier. Can raise: ResourceUnknown, AccessDenied
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response
Response Type Description
cardAccounts array, required Wrapper of card account information.
cardAccounts._links hash, required A list of hyperlinks to be recognized by the TPP.
cardAccounts._links.transactions.href string, required Attached href link to transactions information.
cardAccounts.balances.balanceAmount hash, required Account balance and amount information.
cardAccounts.balances.balanceAmount.amount string, required Account amount.
cardAccounts.balances.balanceAmount.currency string, required Account currency code from ISO 4217.
cardAccounts.balances.balanceType string, required ExternalCashAccountType1Code from ISO 20022. Allowed values: closingBooked, expected, openingBooked, interimAvailable, forwardAvailable, interimBooked, openingAvailable, previouslyClosedBooked, closingAvailable, information
cardAccounts.creditLimit hash, required Defines the credit limit of the PSU aggregated for all cards related to this card account in total.
cardAccounts.currency string, required Account currency code from ISO 4217.
cardAccounts.maskedPan string, required Primary Account Number (PAN) of the main card in masked form.
cardAccounts.name string, required Name of the card account given by the bank or the PSU in Online-Banking.
cardAccounts.product string, required Product Name of the Bank for this account, proprietary definition.
cardAccounts.resourceId string, required This is the data element to be used in the path when retrieving data from a dedicated account.
cardAccounts.status string, required Conveys current status of the operation. Allowed values: enabled, deleted, blocked
cardAccounts._links.transactions hash, optional Attached links to transaction information.
cardAccounts.balances array, optional The specific card account balances associated to this card accounts.
cardAccounts.creditLimit.amount string, optional Credit limit amount.
cardAccounts.creditLimit.currency string, optional Account currency code from ISO 4217.
Related Errors
Class Code Description
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentExpired 401 The consent was created by this TPP but has expired and needs to be renewed.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.

Balances

CURL

curl -i  \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 53" \ 
 -H "Psu-Corporate-ID: 432" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -H "Consent-Id: 42" \ 
 -d '{
  "provider_code": "demobank",
  "account_id": "123"
}' \ 
-X GET "https://priora.saltedge.com/:provider_code/api/berlingroup/v1/card-accounts/:account_id/balances"

Example of parameters

{"provider_code":"demobank","account_id":"123"}

Example of response

{"cardAccount":{"maskedPan":"525412******3241"},"balances":[{"balanceType":"interimBooked","balanceAmount":{"currency":"EUR","amount":"14355.78"}},{"balanceType":"nonInvoiced","balanceAmount":{"currency":"EUR","amount":"4175.86"}}]}

Reads balance data from a given card account addressed by account-id.

Request

GET https://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/card-accounts/:account_id/balances

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Consent-Id string, required ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied
Parameters
Parameter Type Description
account_id (path) string, required Account ID. Can raise: ResourceUnknown
provider_code (path) string, required Human readable Provider identifier. Can raise: ResourceUnknown, AccessDenied
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response
Response Type Description
balances.balanceAmount hash, required Account balance and amount information.
balances.balanceAmount.amount string, required Account amount.
balances.balanceAmount.currency string, required Account currency code from ISO 4217.
balances.balanceType string, required ExternalCashAccountType1Code from ISO 20022. Allowed values: closingBooked, expected, openingBooked, interimAvailable, forwardAvailable, interimBooked, openingAvailable, previouslyClosedBooked, closingAvailable, information
cardAccount hash, required Wrapper of card account information.
cardAccount.maskedPan string, required Primary Account Number (PAN) of the main card in masked form.
balances array, optional The specific card account balances associated to this card accounts.
Related Errors
Class Code Description
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentExpired 401 The consent was created by this TPP but has expired and needs to be renewed.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.

Refresh AISP Data

Refresh

CURL

curl -i  \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 41" \ 
 -H "Psu-Corporate-ID: 412" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -H "Consent-Id: 34" \ 
 -d '{
  "provider_code": "demobank",
  "initiated_by_customer": false
}' \ 
-X POST "https://priora.saltedge.com/:provider_code/api/berlingroup/v1/accounts/refresh"

Example of parameters

{"provider_code":"demobank","initiated_by_customer":false}

Example of response

{"status":"processing","_links":{"refreshStatus":{"href":"/demobank/api/berlingroup/v1/accounts/refresh/status"}}}

This endpoint is responsible for starting the process of refreshing account information data on SaltEdge PSD2 Compliance Solution side. Due to asynchronous nature of this action, TPP has to poll the status of this process using Accounts RefreshStatus endpoint.

Request

POST https://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/accounts/refresh

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Consent-Id string, required ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied
Parameters
Parameter Type Description
provider_code (path) string, required Human readable Provider identifier. Can raise: ResourceUnknown, AccessDenied
initiated_by_customer boolean, optional Defines whether request was initiated by customer or automatically. Default value: false Can raise: AccessExceeded
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response
Response Type Description
_links hash, required A list of hyperlinks to be recognized by the TPP.
_links.refreshStatus hash, required
_links.refreshStatus.href string, required The link to specified by wrapper resource.
status string, required Conveys current status of the operation. Allowed values: processing
Related Errors
Class Code Description
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentExpired 401 The consent was created by this TPP but has expired and needs to be renewed.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.
AccessExceeded 429 Exceeded the number of requests for this action.

Refresh Status

CURL

curl -i  \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 41" \ 
 -H "Psu-Corporate-ID: 412" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -H "Consent-Id: 34" \ 
 -d '{
  "provider_code": "demobank"
}' \ 
-X GET "https://priora.saltedge.com/:provider_code/api/berlingroup/v1/accounts/refresh/status"

Example of parameters

{"provider_code":"demobank"}

Example of response

{"status":"fetchingFinished"}

This endpoint is responsible for returning the current status of fetching account information process.

Request

GET https://priora.saltedge.com/hyper_jar_bg_xf/api/berlingroup/v1/accounts/refresh/status

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. Can raise: CertificateMissing, CertificateInvalid
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Consent-Id string, required ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied
Parameters
Parameter Type Description
provider_code (path) string, required Human readable Provider identifier. Can raise: ResourceUnknown, AccessDenied
Response headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Response
Response Type Description
status string, required Conveys current status of the operation. Allowed values: fetchingFinished, processing
Related Errors
Class Code Description
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentExpired 401 The consent was created by this TPP but has expired and needs to be renewed.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
AccessDenied 403 Action you want to perform is not allowed. More in error_message
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.
Go to previous page
Go to next page