OBSEAL Register
The API allows the TPP to request the Salt Edge PSD2 Compliance Solution to register a new client. The TPP submits a JWS payload that describes the characteristics of the client to be created. If client creation is successful, the ASPSP responds with a JSON payload that describes the client that was created.
CURL
curl -i \
-d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.eyJyZXF1ZXN0X29iamVjdF9zaWduaW5nX2FsZyI6IlBTMjU2IiwiaXNzIjoiYmVLdXhDMVJuaVZzVGVMWXdmcGdOUCIsImlhdCI6MTYwNjI5Nzg1MywiZXhwIjoxNjA2Mjk4MTY5LCJhdWQiOiIwZHcyM2RzYTEzMTIzIiwidG9rZW5fZW5kcG9pbnRfYXV0aF9tZXRob2QiOiJjbGllbnRfc2VjcmV0X2Jhc2ljIiwidG9rZW5fZW5kcG9pbnRfYXV0aF9zaWduaW5nX2FsZyI6IlBTMjU2IiwiZ3JhbnRfdHlwZXMiOlsiY2xpZW50X2NyZWRlbnRpYWxzIiwiYXV0aG9yaXphdGlvbl9jb2RlIiwicmVmcmVzaF90b2tlbiJdLCJyZXNwb25zZV90eXBlcyI6WyJjb2RlIGlkX3Rva2VuIl0sInNvZnR3YXJlX3N0YXRlbWVudCI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW10cFpDSTZJa0ZDUTBReE1qTTBJbjAuZXlKcGMzTWlPaUpQY0dWdVFtRnVhMmx1WnlCTWRHUWlMQ0pwWVhRaU9qRTBPVEkzTlRZek16RXNJbXAwYVNJNkltbGtNVEl6TkRVMk9EVTBNemswT0RjMk56Z2lMQ0p6YjJaMGQyRnlaVjlsYm5acGNtOXViV1Z1ZENJNkluQnliMlIxWTNScGIyNGlMQ0p6YjJaMGQyRnlaVjl0YjJSbElqb2liR2wyWlNJc0luTnZablIzWVhKbFgybGtJam9pTmpWa01XWXlOMk10TkdGbFlTMDBOVFE1TFRsak1qRXROakJsTkRrMVlUZGhPRFptSWl3aWMyOW1kSGRoY21WZlkyeHBaVzUwWDJsa0lqb2lUM0JsYmtKaGJtdHBibWNnVkZCUUlFTnNhV1Z1ZENCVmJtbHhkV1VnU1VRaUxDSnpiMlowZDJGeVpWOWpiR2xsYm5SZmJtRnRaU0k2SWtGdFlYcHZiaUJRY21sdFpTQk5iM1pwWlhNaUxDSnpiMlowZDJGeVpWOWpiR2xsYm5SZlpHVnpZM0pwY0hScGIyNGlPaUpCYldGNmIyNGdVSEpwYldVZ1RXOTJhV1Z6SUdseklHRWdiVzkyYVc1bklITjBjbVZoYldsdVp5QnpaWEoyYVdObElpd2ljMjltZEhkaGNtVmZkbVZ5YzJsdmJpSTZJakl1TWlJc0luTnZablIzWVhKbFgyTnNhV1Z1ZEY5MWNta2lPaUpvZEhSd2N6b3ZMM0J5YVcxbExtRnRZWHB2Ymk1amIyMGlMQ0p6YjJaMGQyRnlaVjl5WldScGNtVmpkRjkxY21seklqcGJJbWgwZEhCek9pOHZjSEpwYldVdVlXMWhlbTl1TG1OdmJTOWpZaUlzSW1oMGRIQnpPaTh2Y0hKcGJXVXVZVzFoZW05dUxtTnZMblZyTDJOaUlsMHNJbk52Wm5SM1lYSmxYM0p2YkdWeklqcGJJbEJKVTFBaUxDSkJTVk5RSWwwc0ltOXlaMkZ1YVhOaGRHbHZibDlqYjIxd1pYUmxiblJmWVhWMGFHOXlhWFI1WDJOc1lXbHRjeUk2VzNzaVlYVjBhRzl5YVhSNVgybGtJam9pUmsxQklpd2ljbVZuYVhOMGNtRjBhVzl1WDJsa0lqb2lNVEV4TVRFeElpd2ljM1JoZEhWeklqb2lRV04wYVhabElpd2lZWFYwYUc5eWFYTmhkR2x2Ym5NaU9sdDdJbTFsYldKbGNsOXpkR0YwWlNJNklrZENVaUlzSW5KdmJHVnpJanBiSWxCSlUxQWlMQ0pCU1ZOUUlsMTlMSHNpYldWdFltVnlYM04wWVhSbElqb2lVazlKSWl3aWNtOXNaWE1pT2xzaVVFbFRVQ0pkZlYxOVhTd2ljMjltZEhkaGNtVmZiRzluYjE5MWNta2lPaUpvZEhSd2N6b3ZMM0J5YVcxbExtRnRZWHB2Ymk1amIyMHZiRzluYnk1d2JtY2lMQ0p2Y21kZmMzUmhkSFZ6SWpvaVFXTjBhWFpsSWl3aWIzSm5YMmxrSWpvaVFXMWhlbTl1SUZSUVVFbEVJaXdpYjNKblgyNWhiV1VpT2lKUGNHVnVRbUZ1YTJsdVp5QlVVRkFnVW1WbmFYTjBaWEpsWkNCT1lXMWxJaXdpYjNKblgyTnZiblJoWTNSeklqcGJleUp1WVcxbElqb2lZMjl1ZEdGamRDQnVZVzFsSWl3aVpXMWhhV3dpT2lKamIyNTBZV04wUUdOdmJuUmhZM1F1WTI5dElpd2ljR2h2Ym1VaU9pSXJORFEzT0Rrd01UTXdOVFU0SWl3aWRIbHdaU0k2SW1KMWMybHVaWE56SW4wc2V5SnVZVzFsSWpvaVkyOXVkR0ZqZENCdVlXMWxJaXdpWlcxaGFXd2lPaUpqYjI1MFlXTjBRR052Ym5SaFkzUXVZMjl0SWl3aWNHaHZibVVpT2lJck5EUTNPRGt3TVRNd05UVTRJaXdpZEhsd1pTSTZJblJsWTJodWFXTmhiQ0o5WFN3aWIzSm5YMnAzYTNOZlpXNWtjRzlwYm5RaU9pSm9kSFJ3Y3pvdkwycDNhM011YjNCbGJtSmhibXRwYm1jdWIzSm5MblZyTDI5eVoxOXBaQzl2Y21kZmFXUXVhbXQzY3lJc0ltOXlaMTlxZDJ0elgzSmxkbTlyWldSZlpXNWtjRzlwYm5RaU9pSm9kSFJ3Y3pvdkwycDNhM011YjNCbGJtSmhibXRwYm1jdWIzSm5MblZyTDI5eVoxOXBaQzl5WlhadmEyVmtMMjl5WjE5cFpDNXFhM2R6SWl3aWMyOW1kSGRoY21WZmFuZHJjMTlsYm1Sd2IybHVkQ0k2SW1oMGRIQnpPaTh2YW5kcmN5NXZjR1Z1WW1GdWEybHVaeTV2Y21jdWRXc3ZiM0puWDJsa0wzTnZablIzWVhKbFgybGtMbXByZDNNaUxDSnpiMlowZDJGeVpWOXFkMnR6WDNKbGRtOXJaV1JmWlc1a2NHOXBiblFpT2lKb2RIUndjem92TDJwM2EzTXViM0JsYm1KaGJtdHBibWN1YjNKbkxuVnJMMjl5WjE5cFpDOXlaWFp2YTJWa0wzTnZablIzWVhKbFgybGtMbXByZDNNaUxDSnpiMlowZDJGeVpWOXdiMnhwWTNsZmRYSnBJam9pYUhSMGNITTZMeTkwY0hBdVkyOXRMM0J2YkdsamVTNW9kRzFzSWl3aWMyOW1kSGRoY21WZmRHOXpYM1Z5YVNJNkltaDBkSEJ6T2k4dmRIQndMbU52YlM5MGIzTXVhSFJ0YkNJc0luTnZablIzWVhKbFgyOXVYMkpsYUdGc1psOXZabDl2Y21jaU9pSm9kSFJ3Y3pvdkwyRndhUzV2Y0dWdVltRnVhMmx1Wnk1dmNtY3VkV3N2YzJOcGJUSXZUMEpVY25WemRHVmtVR0Y1YldWdWRGQmhjblI1THpFeU16UTFOamMzT0RraUxDSnZZbDl5WldkcGMzUnllVjkwYjNNaU9pSm9kSFJ3Y3pvdkwzSmxaMmx6ZEhKNUxtOXdaVzVpWVc1cmFXNW5MbTl5Wnk1MWF5OTBiM011YUhSdGJDSjkub0hscTdOeEVvajB2ZFhlVFI1Y1V6N29JcTdWdDlkQjM0cGJ3eHREaFdUcyIsInNvZnR3YXJlX2lkIjoiYmVLdXhDMVJuaVZzVGVMWXdmcGdOUCIsInJlZGlyZWN0X3VyaXMiOlsiaHR0cHM6Ly9yZWRpcmVjdC5oZXJlIiwiaHR0cDovL2FuZC5oZXJlIl0sInNjb3BlIjoibWFrZXBheW1lbnQiLCJhcHBsaWNhdGlvbl90eXBlIjoid2ViIiwiaWRfdG9rZW5fc2lnbmVkX3Jlc3BvbnNlX2FsZyI6IlBTMjU2In0.vIdQRLEbAgLrTaW00pyj_4dLXdch7kYvdg_QTSjg3i-2EOS45bXqPcD0Js4REwbZ2OyuOqM810GRcjE-ZgyVQKs13KzX6TWWaOR9wl_G0hluD_yo2xle_SvgdXDqMs6S6ACMt9bcdXNG_d2MgEv31is92TtPbiNzPnGRjpjV4iu-JcMh3e-mfeabqA5i6xccffdqg6SQrol3exeE3e3iu-yiKCKREMsQWl0LXDFQWloQ3CSyWlZqhpZ5nfulJFXGu8RcTrFTDEGI8S7tpUh4FtX0cC7RCmsYqe1n0SD5nKmHB1upHJEGCKpMbKqm-3vVQmNI0PVeUpvXiyuJnLWtcA' \
-X POST "/api/open-banking/v3.1/tpp/register"
curl -i \
-d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.eyJyZXF1ZXN0X29iamVjdF9zaWduaW5nX2FsZyI6IlBTMjU2IiwiaXNzIjoiYmVLdXhDMVJuaVZzVGVMWXdmcGdOUCIsImlhdCI6MTYwNjI5Nzg1MywiZXhwIjoxNjA2Mjk4MTY5LCJhdWQiOiIwZHcyM2RzYTEzMTIzIiwidG9rZW5fZW5kcG9pbnRfYXV0aF9tZXRob2QiOiJjbGllbnRfc2VjcmV0X2Jhc2ljIiwidG9rZW5fZW5kcG9pbnRfYXV0aF9zaWduaW5nX2FsZyI6IlBTMjU2IiwiZ3JhbnRfdHlwZXMiOlsiY2xpZW50X2NyZWRlbnRpYWxzIiwiYXV0aG9yaXphdGlvbl9jb2RlIiwicmVmcmVzaF90b2tlbiJdLCJyZXNwb25zZV90eXBlcyI6WyJjb2RlIGlkX3Rva2VuIl0sInNvZnR3YXJlX3N0YXRlbWVudCI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW10cFpDSTZJa0ZDUTBReE1qTTBJbjAuZXlKcGMzTWlPaUpQY0dWdVFtRnVhMmx1WnlCTWRHUWlMQ0pwWVhRaU9qRTBPVEkzTlRZek16RXNJbXAwYVNJNkltbGtNVEl6TkRVMk9EVTBNemswT0RjMk56Z2lMQ0p6YjJaMGQyRnlaVjlsYm5acGNtOXViV1Z1ZENJNkluQnliMlIxWTNScGIyNGlMQ0p6YjJaMGQyRnlaVjl0YjJSbElqb2liR2wyWlNJc0luTnZablIzWVhKbFgybGtJam9pTmpWa01XWXlOMk10TkdGbFlTMDBOVFE1TFRsak1qRXROakJsTkRrMVlUZGhPRFptSWl3aWMyOW1kSGRoY21WZlkyeHBaVzUwWDJsa0lqb2lUM0JsYmtKaGJtdHBibWNnVkZCUUlFTnNhV1Z1ZENCVmJtbHhkV1VnU1VRaUxDSnpiMlowZDJGeVpWOWpiR2xsYm5SZmJtRnRaU0k2SWtGdFlYcHZiaUJRY21sdFpTQk5iM1pwWlhNaUxDSnpiMlowZDJGeVpWOWpiR2xsYm5SZlpHVnpZM0pwY0hScGIyNGlPaUpCYldGNmIyNGdVSEpwYldVZ1RXOTJhV1Z6SUdseklHRWdiVzkyYVc1bklITjBjbVZoYldsdVp5QnpaWEoyYVdObElpd2ljMjltZEhkaGNtVmZkbVZ5YzJsdmJpSTZJakl1TWlJc0luTnZablIzWVhKbFgyTnNhV1Z1ZEY5MWNta2lPaUpvZEhSd2N6b3ZMM0J5YVcxbExtRnRZWHB2Ymk1amIyMGlMQ0p6YjJaMGQyRnlaVjl5WldScGNtVmpkRjkxY21seklqcGJJbWgwZEhCek9pOHZjSEpwYldVdVlXMWhlbTl1TG1OdmJTOWpZaUlzSW1oMGRIQnpPaTh2Y0hKcGJXVXVZVzFoZW05dUxtTnZMblZyTDJOaUlsMHNJbk52Wm5SM1lYSmxYM0p2YkdWeklqcGJJbEJKVTFBaUxDSkJTVk5RSWwwc0ltOXlaMkZ1YVhOaGRHbHZibDlqYjIxd1pYUmxiblJmWVhWMGFHOXlhWFI1WDJOc1lXbHRjeUk2VzNzaVlYVjBhRzl5YVhSNVgybGtJam9pUmsxQklpd2ljbVZuYVhOMGNtRjBhVzl1WDJsa0lqb2lNVEV4TVRFeElpd2ljM1JoZEhWeklqb2lRV04wYVhabElpd2lZWFYwYUc5eWFYTmhkR2x2Ym5NaU9sdDdJbTFsYldKbGNsOXpkR0YwWlNJNklrZENVaUlzSW5KdmJHVnpJanBiSWxCSlUxQWlMQ0pCU1ZOUUlsMTlMSHNpYldWdFltVnlYM04wWVhSbElqb2lVazlKSWl3aWNtOXNaWE1pT2xzaVVFbFRVQ0pkZlYxOVhTd2ljMjltZEhkaGNtVmZiRzluYjE5MWNta2lPaUpvZEhSd2N6b3ZMM0J5YVcxbExtRnRZWHB2Ymk1amIyMHZiRzluYnk1d2JtY2lMQ0p2Y21kZmMzUmhkSFZ6SWpvaVFXTjBhWFpsSWl3aWIzSm5YMmxrSWpvaVFXMWhlbTl1SUZSUVVFbEVJaXdpYjNKblgyNWhiV1VpT2lKUGNHVnVRbUZ1YTJsdVp5QlVVRkFnVW1WbmFYTjBaWEpsWkNCT1lXMWxJaXdpYjNKblgyTnZiblJoWTNSeklqcGJleUp1WVcxbElqb2lZMjl1ZEdGamRDQnVZVzFsSWl3aVpXMWhhV3dpT2lKamIyNTBZV04wUUdOdmJuUmhZM1F1WTI5dElpd2ljR2h2Ym1VaU9pSXJORFEzT0Rrd01UTXdOVFU0SWl3aWRIbHdaU0k2SW1KMWMybHVaWE56SW4wc2V5SnVZVzFsSWpvaVkyOXVkR0ZqZENCdVlXMWxJaXdpWlcxaGFXd2lPaUpqYjI1MFlXTjBRR052Ym5SaFkzUXVZMjl0SWl3aWNHaHZibVVpT2lJck5EUTNPRGt3TVRNd05UVTRJaXdpZEhsd1pTSTZJblJsWTJodWFXTmhiQ0o5WFN3aWIzSm5YMnAzYTNOZlpXNWtjRzlwYm5RaU9pSm9kSFJ3Y3pvdkwycDNhM011YjNCbGJtSmhibXRwYm1jdWIzSm5MblZyTDI5eVoxOXBaQzl2Y21kZmFXUXVhbXQzY3lJc0ltOXlaMTlxZDJ0elgzSmxkbTlyWldSZlpXNWtjRzlwYm5RaU9pSm9kSFJ3Y3pvdkwycDNhM011YjNCbGJtSmhibXRwYm1jdWIzSm5MblZyTDI5eVoxOXBaQzl5WlhadmEyVmtMMjl5WjE5cFpDNXFhM2R6SWl3aWMyOW1kSGRoY21WZmFuZHJjMTlsYm1Sd2IybHVkQ0k2SW1oMGRIQnpPaTh2YW5kcmN5NXZjR1Z1WW1GdWEybHVaeTV2Y21jdWRXc3ZiM0puWDJsa0wzTnZablIzWVhKbFgybGtMbXByZDNNaUxDSnpiMlowZDJGeVpWOXFkMnR6WDNKbGRtOXJaV1JmWlc1a2NHOXBiblFpT2lKb2RIUndjem92TDJwM2EzTXViM0JsYm1KaGJtdHBibWN1YjNKbkxuVnJMMjl5WjE5cFpDOXlaWFp2YTJWa0wzTnZablIzWVhKbFgybGtMbXByZDNNaUxDSnpiMlowZDJGeVpWOXdiMnhwWTNsZmRYSnBJam9pYUhSMGNITTZMeTkwY0hBdVkyOXRMM0J2YkdsamVTNW9kRzFzSWl3aWMyOW1kSGRoY21WZmRHOXpYM1Z5YVNJNkltaDBkSEJ6T2k4dmRIQndMbU52YlM5MGIzTXVhSFJ0YkNJc0luTnZablIzWVhKbFgyOXVYMkpsYUdGc1psOXZabDl2Y21jaU9pSm9kSFJ3Y3pvdkwyRndhUzV2Y0dWdVltRnVhMmx1Wnk1dmNtY3VkV3N2YzJOcGJUSXZUMEpVY25WemRHVmtVR0Y1YldWdWRGQmhjblI1THpFeU16UTFOamMzT0RraUxDSnZZbDl5WldkcGMzUnllVjkwYjNNaU9pSm9kSFJ3Y3pvdkwzSmxaMmx6ZEhKNUxtOXdaVzVpWVc1cmFXNW5MbTl5Wnk1MWF5OTBiM011YUhSdGJDSjkub0hscTdOeEVvajB2ZFhlVFI1Y1V6N29JcTdWdDlkQjM0cGJ3eHREaFdUcyIsInNvZnR3YXJlX2lkIjoiYmVLdXhDMVJuaVZzVGVMWXdmcGdOUCIsInJlZGlyZWN0X3VyaXMiOlsiaHR0cHM6Ly9yZWRpcmVjdC5oZXJlIiwiaHR0cDovL2FuZC5oZXJlIl0sInNjb3BlIjoibWFrZXBheW1lbnQiLCJhcHBsaWNhdGlvbl90eXBlIjoid2ViIiwiaWRfdG9rZW5fc2lnbmVkX3Jlc3BvbnNlX2FsZyI6IlBTMjU2In0.vIdQRLEbAgLrTaW00pyj_4dLXdch7kYvdg_QTSjg3i-2EOS45bXqPcD0Js4REwbZ2OyuOqM810GRcjE-ZgyVQKs13KzX6TWWaOR9wl_G0hluD_yo2xle_SvgdXDqMs6S6ACMt9bcdXNG_d2MgEv31is92TtPbiNzPnGRjpjV4iu-JcMh3e-mfeabqA5i6xccffdqg6SQrol3exeE3e3iu-yiKCKREMsQWl0LXDFQWloQ3CSyWlZqhpZ5nfulJFXGu8RcTrFTDEGI8S7tpUh4FtX0cC7RCmsYqe1n0SD5nKmHB1upHJEGCKpMbKqm-3vVQmNI0PVeUpvXiyuJnLWtcA' \
-X POST "/api/open-banking/v3.1/tpp/register"
Example of parameters
{"request_object_signing_alg":"PS256","iss":"beKuxC1RniVsTeLYwfpgNP","iat":1606297853,"exp":1606298169,"aud":"0dw23dsa13123","token_endpoint_auth_method":"client_secret_basic","token_endpoint_auth_signing_alg":"PS256","grant_types":["client_credentials","authorization_code","refresh_token"],"response_types":["code id_token"],"software_statement":"eyJhbGciOiJIUzI1NiIsImtpZCI6IkFCQ0QxMjM0In0.eyJpc3MiOiJPcGVuQmFua2luZyBMdGQiLCJpYXQiOjE0OTI3NTYzMzEsImp0aSI6ImlkMTIzNDU2ODU0Mzk0ODc2NzgiLCJzb2Z0d2FyZV9lbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJzb2Z0d2FyZV9tb2RlIjoibGl2ZSIsInNvZnR3YXJlX2lkIjoiNjVkMWYyN2MtNGFlYS00NTQ5LTljMjEtNjBlNDk1YTdhODZmIiwic29mdHdhcmVfY2xpZW50X2lkIjoiT3BlbkJhbmtpbmcgVFBQIENsaWVudCBVbmlxdWUgSUQiLCJzb2Z0d2FyZV9jbGllbnRfbmFtZSI6IkFtYXpvbiBQcmltZSBNb3ZpZXMiLCJzb2Z0d2FyZV9jbGllbnRfZGVzY3JpcHRpb24iOiJBbWF6b24gUHJpbWUgTW92aWVzIGlzIGEgbW92aW5nIHN0cmVhbWluZyBzZXJ2aWNlIiwic29mdHdhcmVfdmVyc2lvbiI6IjIuMiIsInNvZnR3YXJlX2NsaWVudF91cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20iLCJzb2Z0d2FyZV9yZWRpcmVjdF91cmlzIjpbImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvbS9jYiIsImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvLnVrL2NiIl0sInNvZnR3YXJlX3JvbGVzIjpbIlBJU1AiLCJBSVNQIl0sIm9yZ2FuaXNhdGlvbl9jb21wZXRlbnRfYXV0aG9yaXR5X2NsYWltcyI6W3siYXV0aG9yaXR5X2lkIjoiRk1BIiwicmVnaXN0cmF0aW9uX2lkIjoiMTExMTExIiwic3RhdHVzIjoiQWN0aXZlIiwiYXV0aG9yaXNhdGlvbnMiOlt7Im1lbWJlcl9zdGF0ZSI6IkdCUiIsInJvbGVzIjpbIlBJU1AiLCJBSVNQIl19LHsibWVtYmVyX3N0YXRlIjoiUk9JIiwicm9sZXMiOlsiUElTUCJdfV19XSwic29mdHdhcmVfbG9nb191cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20vbG9nby5wbmciLCJvcmdfc3RhdHVzIjoiQWN0aXZlIiwib3JnX2lkIjoiQW1hem9uIFRQUElEIiwib3JnX25hbWUiOiJPcGVuQmFua2luZyBUUFAgUmVnaXN0ZXJlZCBOYW1lIiwib3JnX2NvbnRhY3RzIjpbeyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6ImJ1c2luZXNzIn0seyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6InRlY2huaWNhbCJ9XSwib3JnX2p3a3NfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9vcmdfaWQuamt3cyIsIm9yZ19qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL29yZ19pZC5qa3dzIiwic29mdHdhcmVfandrc19lbmRwb2ludCI6Imh0dHBzOi8vandrcy5vcGVuYmFua2luZy5vcmcudWsvb3JnX2lkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9wb2xpY3lfdXJpIjoiaHR0cHM6Ly90cHAuY29tL3BvbGljeS5odG1sIiwic29mdHdhcmVfdG9zX3VyaSI6Imh0dHBzOi8vdHBwLmNvbS90b3MuaHRtbCIsInNvZnR3YXJlX29uX2JlaGFsZl9vZl9vcmciOiJodHRwczovL2FwaS5vcGVuYmFua2luZy5vcmcudWsvc2NpbTIvT0JUcnVzdGVkUGF5bWVudFBhcnR5LzEyMzQ1Njc3ODkiLCJvYl9yZWdpc3RyeV90b3MiOiJodHRwczovL3JlZ2lzdHJ5Lm9wZW5iYW5raW5nLm9yZy51ay90b3MuaHRtbCJ9.oHlq7NxEoj0vdXeTR5cUz7oIq7Vt9dB34pbwxtDhWTs","software_id":"beKuxC1RniVsTeLYwfpgNP","redirect_uris":["https://redirect.here","http://and.here"],"scope":"makepayment","application_type":"web","id_token_signed_response_alg":"PS256"}
{"request_object_signing_alg":"PS256","iss":"beKuxC1RniVsTeLYwfpgNP","iat":1606297853,"exp":1606298169,"aud":"0dw23dsa13123","token_endpoint_auth_method":"client_secret_basic","token_endpoint_auth_signing_alg":"PS256","grant_types":["client_credentials","authorization_code","refresh_token"],"response_types":["code id_token"],"software_statement":"eyJhbGciOiJIUzI1NiIsImtpZCI6IkFCQ0QxMjM0In0.eyJpc3MiOiJPcGVuQmFua2luZyBMdGQiLCJpYXQiOjE0OTI3NTYzMzEsImp0aSI6ImlkMTIzNDU2ODU0Mzk0ODc2NzgiLCJzb2Z0d2FyZV9lbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJzb2Z0d2FyZV9tb2RlIjoibGl2ZSIsInNvZnR3YXJlX2lkIjoiNjVkMWYyN2MtNGFlYS00NTQ5LTljMjEtNjBlNDk1YTdhODZmIiwic29mdHdhcmVfY2xpZW50X2lkIjoiT3BlbkJhbmtpbmcgVFBQIENsaWVudCBVbmlxdWUgSUQiLCJzb2Z0d2FyZV9jbGllbnRfbmFtZSI6IkFtYXpvbiBQcmltZSBNb3ZpZXMiLCJzb2Z0d2FyZV9jbGllbnRfZGVzY3JpcHRpb24iOiJBbWF6b24gUHJpbWUgTW92aWVzIGlzIGEgbW92aW5nIHN0cmVhbWluZyBzZXJ2aWNlIiwic29mdHdhcmVfdmVyc2lvbiI6IjIuMiIsInNvZnR3YXJlX2NsaWVudF91cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20iLCJzb2Z0d2FyZV9yZWRpcmVjdF91cmlzIjpbImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvbS9jYiIsImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvLnVrL2NiIl0sInNvZnR3YXJlX3JvbGVzIjpbIlBJU1AiLCJBSVNQIl0sIm9yZ2FuaXNhdGlvbl9jb21wZXRlbnRfYXV0aG9yaXR5X2NsYWltcyI6W3siYXV0aG9yaXR5X2lkIjoiRk1BIiwicmVnaXN0cmF0aW9uX2lkIjoiMTExMTExIiwic3RhdHVzIjoiQWN0aXZlIiwiYXV0aG9yaXNhdGlvbnMiOlt7Im1lbWJlcl9zdGF0ZSI6IkdCUiIsInJvbGVzIjpbIlBJU1AiLCJBSVNQIl19LHsibWVtYmVyX3N0YXRlIjoiUk9JIiwicm9sZXMiOlsiUElTUCJdfV19XSwic29mdHdhcmVfbG9nb191cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20vbG9nby5wbmciLCJvcmdfc3RhdHVzIjoiQWN0aXZlIiwib3JnX2lkIjoiQW1hem9uIFRQUElEIiwib3JnX25hbWUiOiJPcGVuQmFua2luZyBUUFAgUmVnaXN0ZXJlZCBOYW1lIiwib3JnX2NvbnRhY3RzIjpbeyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6ImJ1c2luZXNzIn0seyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6InRlY2huaWNhbCJ9XSwib3JnX2p3a3NfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9vcmdfaWQuamt3cyIsIm9yZ19qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL29yZ19pZC5qa3dzIiwic29mdHdhcmVfandrc19lbmRwb2ludCI6Imh0dHBzOi8vandrcy5vcGVuYmFua2luZy5vcmcudWsvb3JnX2lkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9wb2xpY3lfdXJpIjoiaHR0cHM6Ly90cHAuY29tL3BvbGljeS5odG1sIiwic29mdHdhcmVfdG9zX3VyaSI6Imh0dHBzOi8vdHBwLmNvbS90b3MuaHRtbCIsInNvZnR3YXJlX29uX2JlaGFsZl9vZl9vcmciOiJodHRwczovL2FwaS5vcGVuYmFua2luZy5vcmcudWsvc2NpbTIvT0JUcnVzdGVkUGF5bWVudFBhcnR5LzEyMzQ1Njc3ODkiLCJvYl9yZWdpc3RyeV90b3MiOiJodHRwczovL3JlZ2lzdHJ5Lm9wZW5iYW5raW5nLm9yZy51ay90b3MuaHRtbCJ9.oHlq7NxEoj0vdXeTR5cUz7oIq7Vt9dB34pbwxtDhWTs","software_id":"beKuxC1RniVsTeLYwfpgNP","redirect_uris":["https://redirect.here","http://and.here"],"scope":"makepayment","application_type":"web","id_token_signed_response_alg":"PS256"}
Example of response
{"tls_client_auth_subject_dn":"N/A","client_id":"ABCD1234","client_secret":"N/A","client_id_issued_at":1606297853,"client_secret_expires_at":0,"redirect_uris":["https://redirect.here","http://and.here"],"token_endpoint_auth_method":"client_secret_basic","token_endpoint_auth_signing_alg":"PS256","grant_types":["client_credentials","authorization_code","refresh_token"],"response_types":["code id_token"],"software_id":"beKuxC1RniVsTeLYwfpgNP","scope":"makepayment","application_type":"web","id_token_signed_response_alg":"PS256","request_object_signing_alg":"PS256"}
{"tls_client_auth_subject_dn":"N/A","client_id":"ABCD1234","client_secret":"N/A","client_id_issued_at":1606297853,"client_secret_expires_at":0,"redirect_uris":["https://redirect.here","http://and.here"],"token_endpoint_auth_method":"client_secret_basic","token_endpoint_auth_signing_alg":"PS256","grant_types":["client_credentials","authorization_code","refresh_token"],"response_types":["code id_token"],"software_id":"beKuxC1RniVsTeLYwfpgNP","scope":"makepayment","application_type":"web","id_token_signed_response_alg":"PS256","request_object_signing_alg":"PS256"}
Request
POST
/api/open-banking/v3.1/tpp/register
Unpacked Authorization
string, required
TPP identifier: software_id from SSA.
Can raise:
ActionNotAllowed
integer, required
The time at which the request was issued by the TPP expressed as "seconds since the epoch"
integer, required
The time at which the request expires expressed as seconds since the epoch.
Values greater than:
1614284495
string, required
The audience for the request. This should be the unique identifier for the ASPSP issued by the issuer of the software statement.
token_endpoint_auth_method
string, optional
Specifies which Token endpoint authentication method the TPP wants to use. It should be noted that only tls_client_auth
and client_secret_basic
are FAPI compliant.
Default value:
client_secret_basic
Allowed values:
client_secret_basic
token_endpoint_auth_signing_alg
string, optional
Algorithm which the TPP uses to authenticate with the token endpoint.
Default value:
PS256
Allowed values:
RS256, PS256
array, required
A JSON array specifying what the TPP can request to be supplied to the token endpoint as exchange for an access token.
Allowed values:
client_credentials, authorization_code, refresh_token
array, optional
A JSON array specifying what the TPP can request to be returned from the ASPSP authorisation endpoint.
Default value:
["code id_token"]
Allowed values:
code, id_token, code id_token
string, required
Software statement assertion issued by the issuer. The data model for the software statements issued by the Open Banking directory are documented as part of the Directory Specification.
Can raise:
NotFound, Invalid
string, optional
If specified, the software_id in the request MUST match the software_id specified in the SSA.
array, required
Registered URIs the TPP will use to interact with the ASPSP AS. If the software statement defines a master set of redirect URIs, this must match or be a subset of the redirect URIs in the SSA.
string, optional
Scopes the client is asking for (if not specified, default scopes are assigned by the AS). This consists of a list scopes separated by spaces.
Allowed values:
openid, accounts
string, optional
Please specify whether TPP software is a mobile or a web app.
Allowed values:
web, mobile
id_token_signed_response_alg
string, optional
Algorithm which the TPP expects to sign the id_token, if an id_token is returned.
Allowed values:
RS256, PS256
request_object_signing_alg
string, optional
Algorithm which the TPP expects to sign the request object if a request object will be part of the authorization request sent to the ASPSP.
Allowed values:
RS256, PS256
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other posibilities.
string, required
Client application identifier.
string, optional
A shared secret that goes in pair with client_id
. Currently not supported.
integer, required
Time at which the client identifier was issued expressed as "seconds since the epoch".
integer, optional
Time at which the client secret will expire expressed as "seconds since the epoch". The value must be populated if a client_secret is returned.
Default value:
0
array, required
Registered URIs the TPP will use to interact with the ASPSP AS. If the software statement defines a master set of redirect URIs, this must match or be a subset of the redirect URIs in the SSA.
token_endpoint_auth_method
string, required
Specifies which Token endpoint authentication method the TPP wants to use. It should be noted that only tls_client_auth
and client_secret_basic
are FAPI compliant.
Default value:
client_secret_basic
Allowed values:
client_secret_basic
token_endpoint_auth_signing_alg
string, optional
Algorithm which the TPP uses to authenticate with the token endpoint.
Default value:
PS256
Allowed values:
RS256, PS256
array, required
A JSON array specifying what the TPP can request to be supplied to the token endpoint as exchange for an access token.
Allowed values:
client_credentials, authorization_code, refresh_token
array, optional
A JSON array specifying what the TPP can request to be returned from the ASPSP authorisation endpoint.
Default value:
["code id_token"]
Allowed values:
code, id_token, code id_token
string, optional
If specified, the software_id in the request MUST match the software_id specified in the SSA.
string, required
Scopes the client is asking for (if not specified, default scopes are assigned by the AS). This consists of a list scopes separated by spaces.
Allowed values:
openid, accounts
string, required
Please specify whether TPP software is a mobile or a web app.
Allowed values:
web, mobile
id_token_signed_response_alg
string, optional
Algorithm which the TPP expects to sign the id_token, if an id_token is returned.
Allowed values:
RS256, PS256
request_object_signing_alg
string, optional
Algorithm which the TPP expects to sign the request object if a request object will be part of the authorization request sent to the ASPSP.
Allowed values:
RS256, PS256
tls_client_auth_subject_dn
string, optional
The tls_client_auth_subject_dn claim MUST contain the DN of the certificate that the TPP will present to the ASPSP token endpoint. Currently not supported.
Related Errors
Class |
Code |
Description |
NotFound
|
404 |
A resource could not be found. More in error_message . |
ActionNotAllowed
|
406 |
You're not allowed to perform this action. This might be a configuration problem or parameters incompatibility. |
Invalid
|
406 |
Given data is invalid. More in error_message . |
Add OBSEAL Certificate
Used for adding an OBSEAL certificate. On successful response (200 status code), the UK TPPs’ existing eIDAS certificate will be switched with the OBSEAL certificate obtained from the OpenBanking Directory. The body of the request has to contain the JWT built from the parameters below and signed with the OBSEAL Certificate.
CURL
curl -i \
-H "Content-Type: application/jwt" \
-H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{
"requestObjectSigningAlg": "PS256",
"iss": "beKuxC1RniVsTeLYwfpgNP",
"iat": 1606297853,
"exp": 1606298169,
"aud": "0dw23dsa13123",
"tokenEndpointAuthMethod": "client_secret_basic",
"tokenEndpointAuthSigningAlg": "PS256",
"grantTypes": [
"client_credentials",
"authorization_code",
"refresh_token"
],
"responseTypes": [
"code id_token"
],
"softwareStatement": "eyJhbGciOiJIUzI1NiIsImtpZCI6IkFCQ0QxMjM0In0.eyJpc3MiOiJPcGVuQmFua2luZyBMdGQiLCJpYXQiOjE0OTI3NTYzMzEsImp0aSI6ImlkMTIzNDU2ODU0Mzk0ODc2NzgiLCJzb2Z0d2FyZV9lbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJzb2Z0d2FyZV9tb2RlIjoibGl2ZSIsInNvZnR3YXJlX2lkIjoiNjVkMWYyN2MtNGFlYS00NTQ5LTljMjEtNjBlNDk1YTdhODZmIiwic29mdHdhcmVfY2xpZW50X2lkIjoiT3BlbkJhbmtpbmcgVFBQIENsaWVudCBVbmlxdWUgSUQiLCJzb2Z0d2FyZV9jbGllbnRfbmFtZSI6IkFtYXpvbiBQcmltZSBNb3ZpZXMiLCJzb2Z0d2FyZV9jbGllbnRfZGVzY3JpcHRpb24iOiJBbWF6b24gUHJpbWUgTW92aWVzIGlzIGEgbW92aW5nIHN0cmVhbWluZyBzZXJ2aWNlIiwic29mdHdhcmVfdmVyc2lvbiI6IjIuMiIsInNvZnR3YXJlX2NsaWVudF91cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20iLCJzb2Z0d2FyZV9yZWRpcmVjdF91cmlzIjpbImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvbS9jYiIsImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvLnVrL2NiIl0sInNvZnR3YXJlX3JvbGVzIjpbIlBJU1AiLCJBSVNQIl0sIm9yZ2FuaXNhdGlvbl9jb21wZXRlbnRfYXV0aG9yaXR5X2NsYWltcyI6W3siYXV0aG9yaXR5X2lkIjoiRk1BIiwicmVnaXN0cmF0aW9uX2lkIjoiMTExMTExIiwic3RhdHVzIjoiQWN0aXZlIiwiYXV0aG9yaXNhdGlvbnMiOlt7Im1lbWJlcl9zdGF0ZSI6IkdCUiIsInJvbGVzIjpbIlBJU1AiLCJBSVNQIl19LHsibWVtYmVyX3N0YXRlIjoiUk9JIiwicm9sZXMiOlsiUElTUCJdfV19XSwic29mdHdhcmVfbG9nb191cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20vbG9nby5wbmciLCJvcmdfc3RhdHVzIjoiQWN0aXZlIiwib3JnX2lkIjoiQW1hem9uIFRQUElEIiwib3JnX25hbWUiOiJPcGVuQmFua2luZyBUUFAgUmVnaXN0ZXJlZCBOYW1lIiwib3JnX2NvbnRhY3RzIjpbeyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6ImJ1c2luZXNzIn0seyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6InRlY2huaWNhbCJ9XSwib3JnX2p3a3NfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9vcmdfaWQuamt3cyIsIm9yZ19qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL29yZ19pZC5qa3dzIiwic29mdHdhcmVfandrc19lbmRwb2ludCI6Imh0dHBzOi8vandrcy5vcGVuYmFua2luZy5vcmcudWsvb3JnX2lkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9wb2xpY3lfdXJpIjoiaHR0cHM6Ly90cHAuY29tL3BvbGljeS5odG1sIiwic29mdHdhcmVfdG9zX3VyaSI6Imh0dHBzOi8vdHBwLmNvbS90b3MuaHRtbCIsInNvZnR3YXJlX29uX2JlaGFsZl9vZl9vcmciOiJodHRwczovL2FwaS5vcGVuYmFua2luZy5vcmcudWsvc2NpbTIvT0JUcnVzdGVkUGF5bWVudFBhcnR5LzEyMzQ1Njc3ODkiLCJvYl9yZWdpc3RyeV90b3MiOiJodHRwczovL3JlZ2lzdHJ5Lm9wZW5iYW5raW5nLm9yZy51ay90b3MuaHRtbCJ9.oHlq7NxEoj0vdXeTR5cUz7oIq7Vt9dB34pbwxtDhWTs",
"softwareId": "beKuxC1RniVsTeLYwfpgNP",
"redirectUris": [
"https://redirect.here",
"http://and.here"
],
"scope": "makepayment",
"applicationType": "web",
"idTokenSignedResponseAlg": "PS256"
}' \
-X POST "/api/berlingroup/v1/tpp/certificates"
curl -i \
-H "Content-Type: application/jwt" \
-H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{
"requestObjectSigningAlg": "PS256",
"iss": "beKuxC1RniVsTeLYwfpgNP",
"iat": 1606297853,
"exp": 1606298169,
"aud": "0dw23dsa13123",
"tokenEndpointAuthMethod": "client_secret_basic",
"tokenEndpointAuthSigningAlg": "PS256",
"grantTypes": [
"client_credentials",
"authorization_code",
"refresh_token"
],
"responseTypes": [
"code id_token"
],
"softwareStatement": "eyJhbGciOiJIUzI1NiIsImtpZCI6IkFCQ0QxMjM0In0.eyJpc3MiOiJPcGVuQmFua2luZyBMdGQiLCJpYXQiOjE0OTI3NTYzMzEsImp0aSI6ImlkMTIzNDU2ODU0Mzk0ODc2NzgiLCJzb2Z0d2FyZV9lbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJzb2Z0d2FyZV9tb2RlIjoibGl2ZSIsInNvZnR3YXJlX2lkIjoiNjVkMWYyN2MtNGFlYS00NTQ5LTljMjEtNjBlNDk1YTdhODZmIiwic29mdHdhcmVfY2xpZW50X2lkIjoiT3BlbkJhbmtpbmcgVFBQIENsaWVudCBVbmlxdWUgSUQiLCJzb2Z0d2FyZV9jbGllbnRfbmFtZSI6IkFtYXpvbiBQcmltZSBNb3ZpZXMiLCJzb2Z0d2FyZV9jbGllbnRfZGVzY3JpcHRpb24iOiJBbWF6b24gUHJpbWUgTW92aWVzIGlzIGEgbW92aW5nIHN0cmVhbWluZyBzZXJ2aWNlIiwic29mdHdhcmVfdmVyc2lvbiI6IjIuMiIsInNvZnR3YXJlX2NsaWVudF91cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20iLCJzb2Z0d2FyZV9yZWRpcmVjdF91cmlzIjpbImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvbS9jYiIsImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvLnVrL2NiIl0sInNvZnR3YXJlX3JvbGVzIjpbIlBJU1AiLCJBSVNQIl0sIm9yZ2FuaXNhdGlvbl9jb21wZXRlbnRfYXV0aG9yaXR5X2NsYWltcyI6W3siYXV0aG9yaXR5X2lkIjoiRk1BIiwicmVnaXN0cmF0aW9uX2lkIjoiMTExMTExIiwic3RhdHVzIjoiQWN0aXZlIiwiYXV0aG9yaXNhdGlvbnMiOlt7Im1lbWJlcl9zdGF0ZSI6IkdCUiIsInJvbGVzIjpbIlBJU1AiLCJBSVNQIl19LHsibWVtYmVyX3N0YXRlIjoiUk9JIiwicm9sZXMiOlsiUElTUCJdfV19XSwic29mdHdhcmVfbG9nb191cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20vbG9nby5wbmciLCJvcmdfc3RhdHVzIjoiQWN0aXZlIiwib3JnX2lkIjoiQW1hem9uIFRQUElEIiwib3JnX25hbWUiOiJPcGVuQmFua2luZyBUUFAgUmVnaXN0ZXJlZCBOYW1lIiwib3JnX2NvbnRhY3RzIjpbeyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6ImJ1c2luZXNzIn0seyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6InRlY2huaWNhbCJ9XSwib3JnX2p3a3NfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9vcmdfaWQuamt3cyIsIm9yZ19qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL29yZ19pZC5qa3dzIiwic29mdHdhcmVfandrc19lbmRwb2ludCI6Imh0dHBzOi8vandrcy5vcGVuYmFua2luZy5vcmcudWsvb3JnX2lkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9wb2xpY3lfdXJpIjoiaHR0cHM6Ly90cHAuY29tL3BvbGljeS5odG1sIiwic29mdHdhcmVfdG9zX3VyaSI6Imh0dHBzOi8vdHBwLmNvbS90b3MuaHRtbCIsInNvZnR3YXJlX29uX2JlaGFsZl9vZl9vcmciOiJodHRwczovL2FwaS5vcGVuYmFua2luZy5vcmcudWsvc2NpbTIvT0JUcnVzdGVkUGF5bWVudFBhcnR5LzEyMzQ1Njc3ODkiLCJvYl9yZWdpc3RyeV90b3MiOiJodHRwczovL3JlZ2lzdHJ5Lm9wZW5iYW5raW5nLm9yZy51ay90b3MuaHRtbCJ9.oHlq7NxEoj0vdXeTR5cUz7oIq7Vt9dB34pbwxtDhWTs",
"softwareId": "beKuxC1RniVsTeLYwfpgNP",
"redirectUris": [
"https://redirect.here",
"http://and.here"
],
"scope": "makepayment",
"applicationType": "web",
"idTokenSignedResponseAlg": "PS256"
}' \
-X POST "/api/berlingroup/v1/tpp/certificates"
Example of parameters
{"requestObjectSigningAlg":"PS256","iss":"beKuxC1RniVsTeLYwfpgNP","iat":1606297853,"exp":1606298169,"aud":"0dw23dsa13123","tokenEndpointAuthMethod":"client_secret_basic","tokenEndpointAuthSigningAlg":"PS256","grantTypes":["client_credentials","authorization_code","refresh_token"],"responseTypes":["code id_token"],"softwareStatement":"eyJhbGciOiJIUzI1NiIsImtpZCI6IkFCQ0QxMjM0In0.eyJpc3MiOiJPcGVuQmFua2luZyBMdGQiLCJpYXQiOjE0OTI3NTYzMzEsImp0aSI6ImlkMTIzNDU2ODU0Mzk0ODc2NzgiLCJzb2Z0d2FyZV9lbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJzb2Z0d2FyZV9tb2RlIjoibGl2ZSIsInNvZnR3YXJlX2lkIjoiNjVkMWYyN2MtNGFlYS00NTQ5LTljMjEtNjBlNDk1YTdhODZmIiwic29mdHdhcmVfY2xpZW50X2lkIjoiT3BlbkJhbmtpbmcgVFBQIENsaWVudCBVbmlxdWUgSUQiLCJzb2Z0d2FyZV9jbGllbnRfbmFtZSI6IkFtYXpvbiBQcmltZSBNb3ZpZXMiLCJzb2Z0d2FyZV9jbGllbnRfZGVzY3JpcHRpb24iOiJBbWF6b24gUHJpbWUgTW92aWVzIGlzIGEgbW92aW5nIHN0cmVhbWluZyBzZXJ2aWNlIiwic29mdHdhcmVfdmVyc2lvbiI6IjIuMiIsInNvZnR3YXJlX2NsaWVudF91cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20iLCJzb2Z0d2FyZV9yZWRpcmVjdF91cmlzIjpbImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvbS9jYiIsImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvLnVrL2NiIl0sInNvZnR3YXJlX3JvbGVzIjpbIlBJU1AiLCJBSVNQIl0sIm9yZ2FuaXNhdGlvbl9jb21wZXRlbnRfYXV0aG9yaXR5X2NsYWltcyI6W3siYXV0aG9yaXR5X2lkIjoiRk1BIiwicmVnaXN0cmF0aW9uX2lkIjoiMTExMTExIiwic3RhdHVzIjoiQWN0aXZlIiwiYXV0aG9yaXNhdGlvbnMiOlt7Im1lbWJlcl9zdGF0ZSI6IkdCUiIsInJvbGVzIjpbIlBJU1AiLCJBSVNQIl19LHsibWVtYmVyX3N0YXRlIjoiUk9JIiwicm9sZXMiOlsiUElTUCJdfV19XSwic29mdHdhcmVfbG9nb191cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20vbG9nby5wbmciLCJvcmdfc3RhdHVzIjoiQWN0aXZlIiwib3JnX2lkIjoiQW1hem9uIFRQUElEIiwib3JnX25hbWUiOiJPcGVuQmFua2luZyBUUFAgUmVnaXN0ZXJlZCBOYW1lIiwib3JnX2NvbnRhY3RzIjpbeyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6ImJ1c2luZXNzIn0seyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6InRlY2huaWNhbCJ9XSwib3JnX2p3a3NfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9vcmdfaWQuamt3cyIsIm9yZ19qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL29yZ19pZC5qa3dzIiwic29mdHdhcmVfandrc19lbmRwb2ludCI6Imh0dHBzOi8vandrcy5vcGVuYmFua2luZy5vcmcudWsvb3JnX2lkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9wb2xpY3lfdXJpIjoiaHR0cHM6Ly90cHAuY29tL3BvbGljeS5odG1sIiwic29mdHdhcmVfdG9zX3VyaSI6Imh0dHBzOi8vdHBwLmNvbS90b3MuaHRtbCIsInNvZnR3YXJlX29uX2JlaGFsZl9vZl9vcmciOiJodHRwczovL2FwaS5vcGVuYmFua2luZy5vcmcudWsvc2NpbTIvT0JUcnVzdGVkUGF5bWVudFBhcnR5LzEyMzQ1Njc3ODkiLCJvYl9yZWdpc3RyeV90b3MiOiJodHRwczovL3JlZ2lzdHJ5Lm9wZW5iYW5raW5nLm9yZy51ay90b3MuaHRtbCJ9.oHlq7NxEoj0vdXeTR5cUz7oIq7Vt9dB34pbwxtDhWTs","softwareId":"beKuxC1RniVsTeLYwfpgNP","redirectUris":["https://redirect.here","http://and.here"],"scope":"makepayment","applicationType":"web","idTokenSignedResponseAlg":"PS256"}
{"requestObjectSigningAlg":"PS256","iss":"beKuxC1RniVsTeLYwfpgNP","iat":1606297853,"exp":1606298169,"aud":"0dw23dsa13123","tokenEndpointAuthMethod":"client_secret_basic","tokenEndpointAuthSigningAlg":"PS256","grantTypes":["client_credentials","authorization_code","refresh_token"],"responseTypes":["code id_token"],"softwareStatement":"eyJhbGciOiJIUzI1NiIsImtpZCI6IkFCQ0QxMjM0In0.eyJpc3MiOiJPcGVuQmFua2luZyBMdGQiLCJpYXQiOjE0OTI3NTYzMzEsImp0aSI6ImlkMTIzNDU2ODU0Mzk0ODc2NzgiLCJzb2Z0d2FyZV9lbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJzb2Z0d2FyZV9tb2RlIjoibGl2ZSIsInNvZnR3YXJlX2lkIjoiNjVkMWYyN2MtNGFlYS00NTQ5LTljMjEtNjBlNDk1YTdhODZmIiwic29mdHdhcmVfY2xpZW50X2lkIjoiT3BlbkJhbmtpbmcgVFBQIENsaWVudCBVbmlxdWUgSUQiLCJzb2Z0d2FyZV9jbGllbnRfbmFtZSI6IkFtYXpvbiBQcmltZSBNb3ZpZXMiLCJzb2Z0d2FyZV9jbGllbnRfZGVzY3JpcHRpb24iOiJBbWF6b24gUHJpbWUgTW92aWVzIGlzIGEgbW92aW5nIHN0cmVhbWluZyBzZXJ2aWNlIiwic29mdHdhcmVfdmVyc2lvbiI6IjIuMiIsInNvZnR3YXJlX2NsaWVudF91cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20iLCJzb2Z0d2FyZV9yZWRpcmVjdF91cmlzIjpbImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvbS9jYiIsImh0dHBzOi8vcHJpbWUuYW1hem9uLmNvLnVrL2NiIl0sInNvZnR3YXJlX3JvbGVzIjpbIlBJU1AiLCJBSVNQIl0sIm9yZ2FuaXNhdGlvbl9jb21wZXRlbnRfYXV0aG9yaXR5X2NsYWltcyI6W3siYXV0aG9yaXR5X2lkIjoiRk1BIiwicmVnaXN0cmF0aW9uX2lkIjoiMTExMTExIiwic3RhdHVzIjoiQWN0aXZlIiwiYXV0aG9yaXNhdGlvbnMiOlt7Im1lbWJlcl9zdGF0ZSI6IkdCUiIsInJvbGVzIjpbIlBJU1AiLCJBSVNQIl19LHsibWVtYmVyX3N0YXRlIjoiUk9JIiwicm9sZXMiOlsiUElTUCJdfV19XSwic29mdHdhcmVfbG9nb191cmkiOiJodHRwczovL3ByaW1lLmFtYXpvbi5jb20vbG9nby5wbmciLCJvcmdfc3RhdHVzIjoiQWN0aXZlIiwib3JnX2lkIjoiQW1hem9uIFRQUElEIiwib3JnX25hbWUiOiJPcGVuQmFua2luZyBUUFAgUmVnaXN0ZXJlZCBOYW1lIiwib3JnX2NvbnRhY3RzIjpbeyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6ImJ1c2luZXNzIn0seyJuYW1lIjoiY29udGFjdCBuYW1lIiwiZW1haWwiOiJjb250YWN0QGNvbnRhY3QuY29tIiwicGhvbmUiOiIrNDQ3ODkwMTMwNTU4IiwidHlwZSI6InRlY2huaWNhbCJ9XSwib3JnX2p3a3NfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9vcmdfaWQuamt3cyIsIm9yZ19qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL29yZ19pZC5qa3dzIiwic29mdHdhcmVfandrc19lbmRwb2ludCI6Imh0dHBzOi8vandrcy5vcGVuYmFua2luZy5vcmcudWsvb3JnX2lkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9qd2tzX3Jldm9rZWRfZW5kcG9pbnQiOiJodHRwczovL2p3a3Mub3BlbmJhbmtpbmcub3JnLnVrL29yZ19pZC9yZXZva2VkL3NvZnR3YXJlX2lkLmprd3MiLCJzb2Z0d2FyZV9wb2xpY3lfdXJpIjoiaHR0cHM6Ly90cHAuY29tL3BvbGljeS5odG1sIiwic29mdHdhcmVfdG9zX3VyaSI6Imh0dHBzOi8vdHBwLmNvbS90b3MuaHRtbCIsInNvZnR3YXJlX29uX2JlaGFsZl9vZl9vcmciOiJodHRwczovL2FwaS5vcGVuYmFua2luZy5vcmcudWsvc2NpbTIvT0JUcnVzdGVkUGF5bWVudFBhcnR5LzEyMzQ1Njc3ODkiLCJvYl9yZWdpc3RyeV90b3MiOiJodHRwczovL3JlZ2lzdHJ5Lm9wZW5iYW5raW5nLm9yZy51ay90b3MuaHRtbCJ9.oHlq7NxEoj0vdXeTR5cUz7oIq7Vt9dB34pbwxtDhWTs","softwareId":"beKuxC1RniVsTeLYwfpgNP","redirectUris":["https://redirect.here","http://and.here"],"scope":"makepayment","applicationType":"web","idTokenSignedResponseAlg":"PS256"}
Example of response
{"tlsClientAuthSubjectDn":"N/A","clientId":"ABCD1234","clientSecret":"N/A","clientIdIssuedAt":1606297853,"clientSecretExpiresAt":0,"redirectUris":["https://redirect.here","http://and.here"],"tokenEndpointAuthMethod":"client_secret_basic","tokenEndpointAuthSigningAlg":"PS256","grantTypes":["client_credentials","authorization_code","refresh_token"],"responseTypes":["code id_token"],"softwareId":"beKuxC1RniVsTeLYwfpgNP","scope":"makepayment","applicationType":"web","idTokenSignedResponseAlg":"PS256","requestObjectSigningAlg":"PS256"}
{"tlsClientAuthSubjectDn":"N/A","clientId":"ABCD1234","clientSecret":"N/A","clientIdIssuedAt":1606297853,"clientSecretExpiresAt":0,"redirectUris":["https://redirect.here","http://and.here"],"tokenEndpointAuthMethod":"client_secret_basic","tokenEndpointAuthSigningAlg":"PS256","grantTypes":["client_credentials","authorization_code","refresh_token"],"responseTypes":["code id_token"],"softwareId":"beKuxC1RniVsTeLYwfpgNP","scope":"makepayment","applicationType":"web","idTokenSignedResponseAlg":"PS256","requestObjectSigningAlg":"PS256"}
Request
POST
/api/berlingroup/v1/tpp/certificates
Headers
Parameters
string, required
TPP identifier: software_id from SSA.
Can raise:
ActionNotAllowed
integer, required
The time at which the request was issued by the TPP expressed as "seconds since the epoch"
integer, required
The time at which the request expires expressed as seconds since the epoch.
Values greater than:
1614284495
string, required
The audience for the request. This should be the unique identifier for the ASPSP issued by the issuer of the software statement.
string, optional
Specifies which Token endpoint authentication method the TPP wants to use. It should be noted that only tls_client_auth
and client_secret_basic
are FAPI compliant.
Default value:
client_secret_basic
Allowed values:
client_secret_basic
tokenEndpointAuthSigningAlg
string, optional
Algorithm which the TPP uses to authenticate with the token endpoint.
Default value:
PS256
Allowed values:
PS256
array, required
A JSON array specifying what the TPP can request to be supplied to the token endpoint as exchange for an access token.
Allowed values:
client_credentials, authorization_code, refresh_token
array, optional
A JSON array specifying what the TPP can request to be returned from the ASPSP authorisation endpoint.
Default value:
["code id_token"]
Allowed values:
code, code id_token
string, required
Software statement assertion issued by the issuer. The data model for the software statements issued by the Open Banking directory are documented as part of the Directory Specification.
Can raise:
Forbidden
string, optional
If specified, the software_id in the request MUST match the software_id specified in the SSA.
array, required
Registered URIs the TPP will use to interact with the ASPSP AS. If the software statement defines a master set of redirect URIs, this must match or be a subset of the redirect URIs in the SSA.
string, optional
Scopes the client is asking for (if not specified, default scopes are assigned by the AS). This consists of a list scopes separated by spaces.
Allowed values:
openid, makepayment, accounts, payments
string, optional
Please specify whether TPP software is a mobile or a web app.
Allowed values:
web, mobile
string, optional
Algorithm which the TPP expects to sign the id_token, if an id_token is returned.
Allowed values:
PS256
string, optional
Algorithm which the TPP expects to sign the request object if a request object will be part of the authorization request sent to the ASPSP.
Allowed values:
PS256
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other posibilities.
string, required
Returned after successful registration client identifier. Will be used afterwards for TPP identification.
string, optional
A shared secret that goes in pair with client_id
. Currently not supported.
integer, required
Time at which the client identifier was issued expressed as "seconds since the epoch".
integer, optional
Time at which the client secret will expire expressed as "seconds since the epoch". The value must be populated if a client_secret is returned.
Default value:
0
array, required
Registered URIs the TPP will use to interact with the ASPSP AS. If the software statement defines a master set of redirect URIs, this must match or be a subset of the redirect URIs in the SSA.
string, required
Specifies which Token endpoint authentication method the TPP wants to use. It should be noted that only tls_client_auth
and client_secret_basic
are FAPI compliant.
Default value:
client_secret_basic
Allowed values:
client_secret_basic
tokenEndpointAuthSigningAlg
string, optional
Algorithm which the TPP uses to authenticate with the token endpoint.
Default value:
PS256
Allowed values:
PS256
array, required
A JSON array specifying what the TPP can request to be supplied to the token endpoint as exchange for an access token.
Allowed values:
client_credentials, authorization_code, refresh_token
array, optional
A JSON array specifying what the TPP can request to be returned from the ASPSP authorisation endpoint.
Default value:
["code id_token"]
Allowed values:
code, code id_token
string, optional
If specified, the software_id in the request MUST match the software_id specified in the SSA.
string, required
Scopes the client is asking for (if not specified, default scopes are assigned by the AS). This consists of a list scopes separated by spaces.
Allowed values:
openid, makepayment, accounts, payments
string, required
Please specify whether TPP software is a mobile or a web app.
Allowed values:
web, mobile
string, optional
Algorithm which the TPP expects to sign the id_token, if an id_token is returned.
Allowed values:
PS256
string, optional
Algorithm which the TPP expects to sign the request object if a request object will be part of the authorization request sent to the ASPSP.
Allowed values:
PS256
string, optional
The tls_client_auth_subject_dn claim MUST contain the DN of the certificate that the TPP will present to the ASPSP token endpoint. Currently not supported.
Related Errors
Class |
Code |
Description |
CertificateMissing
|
401 |
This request cannot be performed without Certificate header. |
CertificateInvalid
|
401 |
Given certificate is invalid. |
SignatureInvalid
|
401 |
Given signature is invalid. |
SignatureMissing
|
401 |
This request cannot be performed without Signature header. |
SignatureMalformed
|
401 |
Given signature is malformed. |
Forbidden
|
403 |
Action is forbidden. More details in error_message . |
ActionNotAllowed
|
406 |
You're not allowed to perform this action. This might be a rate limit, configuration problem or parameters incompatibility. |