Confirmations

Checks whether a specific amount is available at point of time of the request on an account addressed by IBAN or other available identifiers.

CURL

curl -i  \ 
 -H "Consent-Id: 2" \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -d '{
  "account": {
    "bic": "BARCGB22XXX",
    "currency": "USD",
    "maskedPan": "************3241",
    "iban": "DE23100120020123456789",
    "bban": "539007547034",
    "bankAccountIdentifier": "123412341234"
  },
  "instructedAmount": {
    "amount": "123",
    "currency": "USD"
  },
  "cardNumber": "1234123412341234"
}' \ 
-X POST "/:provider_code/api/berlingroup/v1/funds-confirmations"

Example of parameters

{"account":{"bic":"BARCGB22XXX","currency":"USD","maskedPan":"************3241","iban":"DE23100120020123456789","bban":"539007547034","bankAccountIdentifier":"123412341234"},"instructedAmount":{"amount":"123","currency":"USD"},"cardNumber":"1234123412341234"}

Example of response

Request

POST /:provider_code/api/berlingroup/v1/funds-confirmations

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
PSU-Device-ID string, optional UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.
PSU-User-Agent string, optional The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Geo-Location string, optional The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available.
Psu-IP-Address string, optional The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid
TPP-IP-Address string, optional IP Address of request between TPP and Compliance Solution.
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Consent-Id string, required ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentInvalid
Request parameters
provider_code (path)
string, required
Human readable Provider identifier.
cardNumber
string, optional
Card number of the card issued by PIISP. Should be delivered if available. Can raise: ConsentInvalid
Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.


Related Errors
Class Code Description
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.

Authorisation statuses

The current stage of the authorisation lifecycle is represented in scaStatus field. The status of the authorisation can be one of the following:

Name Description
accepted An authorisation or cancellation-authorisation resource has been created successfully on Salt Edge PSD2 Compliance's side and was sent to ASPSP.
received An authorisation or cancellation-authorisation resource has been created successfully on ASPSP's side.
psuIdentified The PSU related to the authorisation or cancellation-authorisation resource has been identified.
psuAuthenticated The PSU related to the authorisation or cancellation-authorisation resource has been identified and authenticated e.g. by a password or by an access token.
scaMethodSelected The PSU/TPP has selected the related SCA routine. If the SCA method is chosen implicitly since only one SCA method is available, then this is the first status to be reported instead of "received".
started The addressed SCA routine has been started.
unconfirmed SCA is technically successfully finalised by the PSU, but the authorisation resource needs a confirmation command by the TPP yet.
finalised The SCA routine has been finalised successfully (including a potential confirmation command). This is a final status of the authorisation resource.
failed The SCA routine failed. This is a final status of the authorisation resource.
exempted SCA was exempted for the related transaction, the related authorisation is successful. This is a final status of the authorisation resource.

Consent statuses

The current stage of a consent lifecycle is represented in consentStatus field. The status of a consent can be one of the following:

Name Description
accepted The consent data has been received on Salt Edge PSD2 Compliance's side. The data is not received on ASPSP's side yet.
received The consent data has been received on ASPSP's side and are technically correct. The data is not authorised yet.
valid The consent is accepted and valid for GET account data calls and others as specified in the consent object.
partiallyAuthorised The consent is due to a multi-level authorisation, some but not all mandated authorisations have been performed yet.
rejected The consent data has been rejected e.g. since no successful authorisation has taken place.
revokedByPsu The consent has been revoked by the PSU towards the ASPSP.
expired The consent has expired.
terminatedByTpp The corresponding TPP has terminated the consent by applying the DELETE method to the consent resource.

Show

Returns the content of an account information consent object.

CURL

curl -i  \ 
 -H "Content-Type: application/json" \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 421" \ 
 -H "Psu-Corporate-ID: 653" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -d '{
  "consent_id": 1
}' \ 
-X GET "/:provider_code/api/berlingroup/v2/consents/confirmation-of-funds/:consent_id"

Example of parameters

{"consent_id":1}

Example of response

Request

GET /:provider_code/api/berlingroup/v2/consents/confirmation-of-funds/:consent_id

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context. If provided, specific corporate accounts will be returned.
PSU-Device-ID string, optional UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.
PSU-User-Agent string, optional The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Geo-Location string, optional The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available.
Psu-IP-Address string, optional The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid
TPP-IP-Address string, optional IP Address of request between TPP and Compliance Solution.
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Request parameters
provider_code (path)
string, required
Human readable Provider identifier.
consent_id
string, required
The consent identifier assigned to the created resource. Can raise: ConsentUnknown, ConsentInvalid
Response

Returns the content of an account information consent object.


Related Errors
Class Code Description
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.

Status

Read the status of an account information consent resource.

CURL

curl -i  \ 
 -H "Content-Type: application/json" \ 
 -H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 531" \ 
 -H "Psu-Corporate-ID: 511" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -d '{
  "consent_id": 1
}' \ 
-X GET "/:provider_code/api/berlingroup/v2/consents/confirmation-of-funds/:consent_id/status"

Example of parameters

{"consent_id":1}

Example of response

Request

GET /:provider_code/api/berlingroup/v2/consents/confirmation-of-funds/:consent_id/status

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context. If provided, specific corporate accounts will be returned.
PSU-Device-ID string, optional UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.
PSU-User-Agent string, optional The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Geo-Location string, optional The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available.
Psu-IP-Address string, optional The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid
TPP-IP-Address string, optional IP Address of request between TPP and Compliance Solution.
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Request parameters
provider_code (path)
string, required
Human readable Provider identifier.
consent_id
string, required
The consent identifier assigned to the created resource. Can raise: ConsentUnknown, ConsentInvalid
Response

Read the status of an account information consent resource.


Related Errors
Class Code Description
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.

Create

This method creates a consent resource, defining access rights to dedicated accounts of a given PSU-ID. These accounts are addressed explicitly in the method as parameters as a core function.

CURL

curl -i  \ 
 -H "TPP-Redirect-URI: https://www.link.to/tpp/redirect/uri" \ 
 -H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 535" \ 
 -H "Psu-Corporate-ID: 4111" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -H "Content-Type: application/json" \ 
 -H "TPP-Redirect-Preferred: false" \ 
 -d '{
  "account": {
    "iban": "DE2310010010123456789",
    "bban": "5390 0754 7034",
    "pan": "1234123412341234",
    "maskedPan": "123456xxxxxx1234",
    "msisdn": "447912345678",
    "currency": "EUR",
    "bankAccountIdentifier": "123412341234"
  },
  "cardNumber": "1234123412341234",
  "cardExpiryDate": " 2019-08-21",
  "cardInformation": "card information",
  "registrationInformation": "registration information"
}' \ 
-X POST "/:provider_code/api/berlingroup/v2/consents/confirmation-of-funds"

Example of parameters

{"account":{"iban":"DE2310010010123456789","bban":"5390 0754 7034","pan":"1234123412341234","maskedPan":"123456xxxxxx1234","msisdn":"447912345678","currency":"EUR","bankAccountIdentifier":"123412341234"},"cardNumber":"1234123412341234","cardExpiryDate":" 2019-08-21","cardInformation":"card information","registrationInformation":"registration information"}

Example of response

Request

POST /:provider_code/api/berlingroup/v2/consents/confirmation-of-funds

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context. If provided, specific corporate accounts will be returned.
PSU-Device-ID string, optional UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.
PSU-User-Agent string, optional The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Geo-Location string, optional The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available.
Psu-IP-Address string, optional The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid
TPP-IP-Address string, optional IP Address of request between TPP and Compliance Solution.
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
TPP-Redirect-Preferred boolean, required If it equals "true", the TPP prefers a redirect over an embedded SCA approach. If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU. If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU. Can raise: BadRequest
TPP-Redirect-URI url, optional URI of the TPP, where the transaction flow shall be redirected to after a Redirect. Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true". It is strongly recommended to add a unique identifier for validation purposes on TPP side.
Request parameters
provider_code (path)
string, required
Human readable Provider identifier.
cardNumber
string, optional
Card number of the card issued by PIISP. Should be delivered if available.
cardExpiryDate
date, optional
Expiry date of the card issued by PIISP. Values greater than: 2024-12-24
cardInformation
string, optional
Additional explanation for the card product.
registrationInformation
string, optional
Additional information about the registration process for the PSU, e.g. a reference to the TPP/PSU contract.
Response

This method creates a consent resource, defining access rights to dedicated accounts of a given PSU-ID. These accounts are addressed explicitly in the method as parameters as a core function.


Related Errors
Class Code Description
BadRequest 400 Given value is invalid.
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.

Destroy

This method deletes a consent.

CURL

curl -i  \ 
 -H "Content-Type: application/json" \ 
 -H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 531" \ 
 -H "Psu-Corporate-ID: 511" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -d '{}' \ 
-X DELETE "/:provider_code/api/berlingroup/v2/consents/confirmation-of-funds/:consent_id"

Example of response

Request

DELETE /:provider_code/api/berlingroup/v2/consents/confirmation-of-funds/:consent_id

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context. If provided, specific corporate accounts will be returned.
PSU-Device-ID string, optional UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.
PSU-User-Agent string, optional The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Geo-Location string, optional The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available.
Psu-IP-Address string, optional The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid
TPP-IP-Address string, optional IP Address of request between TPP and Compliance Solution.
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Request parameters
provider_code (path)
string, required
Human readable Provider identifier.
consent_id (path)
string, required
The consent identifier assigned to the created resource. Can raise: ConsentUnknown, ConsentInvalid
Response

This method deletes a consent.


Related Errors
Class Code Description
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.

Authorisation

This method returns the SCA status of a consent initiation's authorisation subresource.

CURL

curl -i  \ 
 -H "Content-Type: application/json" \ 
 -H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \ 
 -H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \ 
 -H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \ 
 -H "Psu-ID: 414" \ 
 -H "Psu-Corporate-ID: 4142" \ 
 -H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \ 
 -H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \ 
 -d '{}' \ 
-X GET "/:provider_code/api/berlingroup/v2/consents/confirmation-of-funds/:consent_id/authorisations/:authorisation_id"

Example of response

Request

GET /:provider_code/api/berlingroup/v2/consents/confirmation-of-funds/:consent_id/authorisations/:authorisation_id

Headers
Header Type Description
X-Request-ID string, required ID of the request, unique to the call, as determined by the initiating party.
Digest string, required Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing, SignatureMalformed
Date datetime, required Endpoint request execution date.
Psu-ID string, optional Client ID of the PSU in the ASPSP client interface.
Psu-Corporate-ID string, optional Only used in a corporate context. If provided, specific corporate accounts will be returned.
PSU-Device-ID string, optional UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.
PSU-User-Agent string, optional The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
PSU-Geo-Location string, optional The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available.
Psu-IP-Address string, optional The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request.
TPP-Signature-Certificate string, required The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid
TPP-IP-Address string, optional IP Address of request between TPP and Compliance Solution.
Signature string, required A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid, SignatureMalformed
Content-Type string, required The media type of the body of the request. Allowed values: application/json
Request parameters
provider_code (path)
string, required
Human readable Provider identifier.
consent_id (path)
string, required
The consent identifier assigned to the created resource. Can raise: ConsentUnknown, ConsentInvalid
authorisation_id (path)
string, required
Id of the requested authorisation Can raise: ResourceUnknown
Response

This method returns the SCA status of a consent initiation's authorisation subresource.


Related Errors
Class Code Description
ConsentUnknown 401 The Consent-ID cannot be matched by the ASPSP relative to the TPP.
ConsentInvalid 401 The consent was created by this TPP but is not valid for the addressed service/resource.
CertificateMissing 401 This request cannot be performed without Certificate header.
CertificateInvalid 401 Given certificate is invalid.
SignatureInvalid 401 Given signature is invalid.
SignatureMissing 401 This request cannot be performed without Signature header.
SignatureMalformed 401 Given signature is malformed.
ResourceUnknown 404 The addressed resource is unknown relative to the TPP.