Introduction
Access to Environments
Cairo Amman Bank
Status | Live |
Certificate | Production |
URL | https://priora.saltedge.com |
Provider code | cab_sandbox |
Launch date | 03 February 2023 |
Definitions
Term | Definition |
API | Application Programming interface. A set of definitions, protocols, and tools that can be used to create applications, interact with other applications, and exchange data. |
Provider | Represents the ASPSP. A bank or financial institution that offers payment accounts with online access. |
ASPSP | Account Servicing Payment Service Provider. Provides and maintains a payment account for a payer as defined by the and, with customer consent, payments initiated by third party providers and/or make their customers’ account transaction data available to third party providers via their API endpoints. |
TPP | Organisations or natural persons that use APIs developed to Standards to access customer’s accounts, in order to provide account information services and/or to initiate payments. Third Party Providers are either/both Payment Initiation Service Providers (PISPs) and/or Account Information Service Providers (AISPs). |
PSU | Payment Service User. Natural or legal person making use of a payment service as a payee, payer or both. |
AISP | Account Information Service Provider. Provides account information services as an online service with consolidated information on one or more payment accounts held by a payment service user with one or more payment service provider(s). |
PISP | Payment Initiation Service Provider. Provides an online service to initiate a payment order at the request of the payment service user with respect to a payment account held at another payment service provider. |
CBPII | Card Based Instrument Issuer. A Card Based Payment Instrument Issuer is a payment services provider that issues card-based payment instruments that can be used to initiate a payment transaction from a payment account held with another payment service provider. |
SCA | Strong Customer Authentication. Authentication based on the use of two or more elements designed in such a way as to protect the confidentiality of the authentication data. |
PSR | Payment Services Regulations 2017. The UK's implementation of PSD2, as amended or updated from time to time and including the associated Regulatory Technical Standards as developed by the EBA. |
Session | Any activity that is forwarded by Salt Edge PSD2 Compliance on behalf of a Customer. |
Consent | A range of rules on security, providing access to accounts, and enabling traceability and the mitigation of fraud risks. |
Scopes | A set of permissions granted to a TPP application. |
Authorization | The API will allow an ASPSP to implement OAuth2 as a support for the authorisation of the PSU towards the TPP for the payment initiation and/or account information service. In this case, the TPP will be the client, the PSU the resource owner and the ASPSP will be the resource server in the abstract OAuth2 model. |
eIDAS | Electronic Identification, Authentication and trust Services. A set of standards for electronic identification and trust services for electronic transactions in the European Single Market. |
OBSEAL | OBIE issued Electronic Seal Certificate. |
Registration
The process of TPP registration is made via an API request to TPP Register endpoint. In order to access Provider Sandbox you need to use OBSEAL test certificate.
After adding a certificate, the registered TPP will have assigned a set of scopes based on the provided certificate.
The available scopes can be seen when creating an TPP Application.
Scopes Definition
Type | Description |
---|---|
accounts | grants TPP access to Customer's accounts data |
payments | grants TPP right to initiate payment orders on behalf of Customer |
fundsconfirmations | grants TPP right to check availability of funds under specific account which belongs to Customer |
×