Create

The API allows the TPP to ask an ASPSP to create a new payment-access-consent resource.

CURL

curl -i  \ 
 -H "Authorization: Bearer authorization" \ 
 -H "Content-Type: application/json" \ 
 -H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \ 
 -H "Accept: application/json" \ 
 -H "x-jws-signature: V2hhdCB3ZSBnb3QgaGVyZQ0K..aXMgZmFpbHVyZSB0byBjb21tdW5pY2F0ZQ0K" \ 
 -H "Idempotency-Key: da7c525d-9ec0-4b28-aae5-e97f6f39dfbd" \ 
 -H "x-fapi-auth-date: Sun, 10 Sep 2017 19:43:31 GMT" \ 
 -H "x-fapi-customer-ip-address: 104.25.212.99" \ 
 -d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.eyJEYXRhIjp7IlBlcm1pc3Npb24iOiJDcmVhdGUiLCJBdXRob3Jpc2F0aW9uIjp7IkF1dGhvcmlzYXRpb25UeXBlIjoiQXV0aCIsIkNvbXBsZXRpb25EYXRlVGltZSI6IjIwMTctMDYtMDVUMTU6MTU6MTMrMDA6MDAifSwiU0NBU3VwcG9ydERhdGEiOnsiQXBwbGllZEF1dGhlbnRpY2F0aW9uQXBwcm9hY2giOiJBcHBsaWVkQXV0aGVudGljYXRpb25BcHByb2FjaCIsIlJlZmVyZW5jZVBheW1lbnRPcmRlcklkIjoiMTU2NDUyIiwiUmVxdWVzdGVkU0NBRXhlbXB0aW9uVHlwZSI6IlJlcXVlc3RlZFNDQUV4ZW1wdGlvblR5cGUifSwiSW5pdGlhdGlvbiI6eyJJbnN0cnVjdGlvbklkZW50aWZpY2F0aW9uIjoiQU5TTTAyMyIsIkVuZFRvRW5kSWRlbnRpZmljYXRpb24iOiJGUkVTQ08uMjEzMDIuR0ZYLjM3IiwiUmVxdWVzdGVkRXhlY3V0aW9uRGF0ZVRpbWUiOiIyMDMzLTA4LTA2VDAwOjAwOjAwKzAwOjAwIiwiTG9jYWxJbnN0cnVtZW50IjoiVUsuT0JJRS5GUFMiLCJJbnN0cnVjdGVkQW1vdW50Ijp7IkFtb3VudCI6IjIwLjAwIiwiQ3VycmVuY3kiOiJHQlAifSwiRGVidG9yQWNjb3VudCI6eyJTY2hlbWVOYW1lIjoiVUsuT0JJRS5Tb3J0Q29kZUFjY291bnROdW1iZXIiLCJJZGVudGlmaWNhdGlvbiI6IjExMjgwMDAxMjM0NTY3IiwiTmFtZSI6IkFuZHJlYSBTbWl0aCIsIlNlY29uZGFyeUlkZW50aWZpY2F0aW9uIjoiMDAwMiJ9LCJDcmVkaXRvckFjY291bnQiOnsiU2NoZW1lTmFtZSI6IlVLLk9CSUUuU29ydENvZGVBY2NvdW50TnVtYmVyIiwiSWRlbnRpZmljYXRpb24iOiIwODA4MDAyMTMyNTY5OCIsIk5hbWUiOiJCb2IgQ2xlbWVudHMiLCJTZWNvbmRhcnlJZGVudGlmaWNhdGlvbiI6IjAwMDMifSwiQ3JlZGl0b3JQb3N0YWxBZGRyZXNzIjp7IkFkZHJlc3NMaW5lIjpbIjEwIERvd25pbmcgU3QsIFdlc3RtaW5zdGVyLCBMb25kb24gU1cxQSAyQUEsIFVuaXRlZCBLaW5nZG9tIl0sIkFkZHJlc3NUeXBlIjoiQWRkcmVzcyB3aXRoIGhvdXNlIG51bWJlciBhbmQgc3RyZWV0IiwiRGVwYXJ0bWVudCI6IlByaW1lIE1pbmlzdGVyJ3MgT2ZmaWNlIiwiU3ViRGVwYXJ0bWVudCI6IkNhYmluZXQgT2ZmaWNlIiwiU3RyZWV0TmFtZSI6IlNpciBHZW9yZ2UgRG93bmluZyIsIkJ1aWxkaW5nTnVtYmVyIjoiMTAiLCJQb3N0Q29kZSI6IlNXMUEgMkFBIiwiVG93bk5hbWUiOiJDaXR5IG9mIFdlc3RtaW5zdGVyIExvbmRvbiwiLCJDb3VudHJ5U3ViRGl2aXNpb24iOiJMb25kb24iLCJDb3VudHJ5IjoiR0IifSwiUmVtaXR0YW5jZUluZm9ybWF0aW9uIjp7IlJlZmVyZW5jZSI6IkZSRVNDTy0wMzciLCJVbnN0cnVjdHVyZWQiOiJJbnRlcm5hbCBvcHMgY29kZSA1MTIwMTAzIn0sIlN1cHBsZW1lbnRhcnlEYXRhIjp7fX19LCJSaXNrIjp7IlBheW1lbnRDb250ZXh0Q29kZSI6IkVjb21tZXJjZUdvb2RzIiwiTWVyY2hhbnRDYXRlZ29yeUNvZGUiOiI1OTY3IiwiTWVyY2hhbnRDdXN0b21lcklkZW50aWZpY2F0aW9uIjoiMDUzNTk4NjUzMjU0IiwiRGVsaXZlcnlBZGRyZXNzIjp7IkFkZHJlc3NMaW5lIjpbIkZsYXQgNyIsIkFjYWNpYSBMb2RnZSJdLCJTdHJlZXROYW1lIjoiQWNhY2lhIEF2ZW51ZSIsIkJ1aWxkaW5nTnVtYmVyIjoiMjciLCJQb3N0Q29kZSI6IkdVMzEgMlpaIiwiVG93bk5hbWUiOiJTcGFyc2hvbHQiLCJDb3VudHJ5U3ViRGl2aXNpb24iOiJXZXNzZXgiLCJDb3VudHJ5IjoiR0IifX19.VU-uqaYur8uRpexkG3cb0JwFbDJD79i1xpOVHxJcL0x1o_-YlEnHteevrvkKMX0RqzBHVk2hx9geb_n_73aa5mU596NtyBM-pZtmfZus7HL93KfrVmJUwefMAJf5ZAFQKfmINUh2r2FdCp4Ez0h8J7QJDq5u-IWp2x0p-KBwx5gbFGiESZupwxiumJqjnZAX99-S5jUFR2wJXNZrl8yr4SPfdT5Ud2AlyuyJuHbMme1E2bjtUULpn0ZInlmQVUQb2j-7I0-20_jTGGwn0J8x_sBq6C7Nz-P3SNDxBpD5Z6e_62pl0Qzc09ehOHQJXUl4uHZWH6UBDm0G64ZM4J2JwQ' \ 
-X POST "/api/:provider_code/open-banking/v3.1/pisp/:consent_payment_product"

Example of request

Example of response

Request

POST /api/:provider_code/open-banking/v3.1/pisp/:consent_payment_product

Headers
Header Type Description
Content-Type string, required The media type of the body of the request. Default value: application/json Can raise: FieldInvalid
x-fapi-interaction-id string, optional An RFC4122 UID used as a correlation Id. Can raise: FieldInvalid
Accept string, optional Media type that is acceptable for the response. Can raise: FieldInvalid
x-fapi-auth-date string, optional The time when the PSU last logged in with the TPP. Can raise: FieldInvalid
x-fapi-customer-ip-address string, optional The PSU's IP address if the PSU is currently logged in with the TPP. Can raise: FieldInvalid
Authorization string, required Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden
x-jws-signature string, optional A detached JWS signature of the body of the payload.
Idempotency-Key string, optional Unique uuid used to recognize subsequent retries of the same request valid for 24 hours. Allowed length: max: 40 characters
Request parameters
Response headers
Header Type Description
Content-Type string, required The media type of the body of the request.
x-fapi-interaction-id string, required An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header.
Retry-After integer, optional Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request.
Response

Upon successful request, 201 status code will be returned. See ‘Related Errors’ table for other possibilities.


Related Errors
Class Code Description
FieldInvalid 400 An invalid value is supplied in the field. More details in error_message.
UnsupportedCurrency 400 The currency is not supported.
CountryNameInvalid 400 Country doesn't exist or is invalid. Expected alpha 2 ISO3166 format.
ResourceNotFound 400 Specified resource doesn't exist.
UnsupportedFrequency 400 Specified frequency is unsupported.
HeaderMissing 400 A required HTTP header has not been provided.
HeaderInvalid 400 An invalid value is supplied in the HTTP header.
Forbidden 403 Action is forbidden. More details in error_message.

Show

The API allows the TPP to ask an ASPSP to show a payment-access-consent resource.

CURL

curl -i  \ 
 -H "Authorization: Bearer authorization" \ 
 -H "Content-Type: application/json" \ 
 -H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \ 
 -H "Accept: application/json" \ 
 -H "x-jws-signature: V2hhdCB3ZSBnb3QgaGVyZQ0K..aXMgZmFpbHVyZSB0byBjb21tdW5pY2F0ZQ0K" \ 
 -H "x-fapi-auth-date: Sun, 10 Sep 2017 19:43:31 GMT" \ 
 -H "x-fapi-customer-ip-address: 104.25.212.99" \ 
 -d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.e30.D_A5xDz8hSA6PgQmRGnJ1OXG-N9HgVHFLTvvHfL8V6mlczC1eWsJ6tRIuObjxHbLRZcLopq3i8Uf0pruwmcRJeUePREnvpCY_XLczj7MTeoo2seStxFtMCQp3NMLOZeh8NxvSgV9V00ZPeXt3mbrgbb9T5GjLGRFg0f9XC2zql440ZS-O5gFC5vdNxmidWLdzJ-fls_vvT7A5Tn2VEfz6K8vWeWIrjHxj7uM82rQI6bNWuosp-zWgIJJQmGntxHGH5ddhkd_llFlQRwb9hUZFTGaIFGWBRLyJ3WxawletnBHXKWQ9Gh58b0CKPACpvwNu-Gt5S1CPJEkvs_RI4erdw' \ 
-X GET "/api/:provider_code/open-banking/v3.1/pisp/:consent_payment_product/:consent_id"

Example of response

Request

GET /api/:provider_code/open-banking/v3.1/pisp/:consent_payment_product/:consent_id

Headers
Header Type Description
Content-Type string, required The media type of the body of the request. Default value: application/json Can raise: FieldInvalid
x-fapi-interaction-id string, optional An RFC4122 UID used as a correlation Id. Can raise: FieldInvalid
Accept string, optional Media type that is acceptable for the response. Can raise: FieldInvalid
x-fapi-auth-date string, optional The time when the PSU last logged in with the TPP. Can raise: FieldInvalid
x-fapi-customer-ip-address string, optional The PSU's IP address if the PSU is currently logged in with the TPP. Can raise: FieldInvalid
Authorization string, required Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden
Request parameters
provider_code (path)
string, required
Human readable Provider identifier. Can raise: FieldInvalid, ResourceNotFound
consent_payment_product (path)
string, required
The addressed consent payment resource. Allowed values: domestic-payment-consents, international-payment-consents Can raise: FieldInvalid, ResourceNotFound
consent_id (path)
string, required
The consent identifier assigned to the created resource. Can raise: FieldInvalid, ResourceNotFound
Response headers
Header Type Description
Content-Type string, required The media type of the body of the request.
x-fapi-interaction-id string, required An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header.
Retry-After integer, optional Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request.
Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.


Related Errors
Class Code Description
FieldInvalid 400 An invalid value is supplied in the field. More details in error_message.
ResourceNotFound 400 Specified resource doesn't exist.
HeaderMissing 400 A required HTTP header has not been provided.
HeaderInvalid 400 An invalid value is supplied in the HTTP header.
Forbidden 403 Action is forbidden. More details in error_message.

Funds Confirmation

The API allows the TPP to ask an ASPSP to check funds on a payment-access-consent resource.

CURL

curl -i  \ 
 -H "Authorization: Bearer authorization" \ 
 -H "Content-Type: application/json" \ 
 -H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \ 
 -H "Accept: application/json" \ 
 -H "x-jws-signature: V2hhdCB3ZSBnb3QgaGVyZQ0K..aXMgZmFpbHVyZSB0byBjb21tdW5pY2F0ZQ0K" \ 
 -H "Idempotency-Key: da7c525d-9ec0-4b28-aae5-e97f6f39dfbd" \ 
 -H "x-fapi-auth-date: Sun, 10 Sep 2017 19:43:31 GMT" \ 
 -H "x-fapi-customer-ip-address: 104.25.212.99" \ 
 -d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.e30.iiPZ4QeCEL84PVHrOopoFRXi3DCv8u-ZhLidDtBSSeVJAUQMBZhPmwlvk0NKYtxleTDs3912Jgoe1eBvlBiFNe36sbb0drZCAbA9HHEAoBqvKi_HPxa4nZi3gCTyswI12QxzZsM-J83dL_Q4YpIjiDwywSHy06RXNO6gTjXZ-R00m8AT7hOldbUt975AkXBbMczWkcVYHgrM7v2iOw3IN7y3Qb5jhvFUi1SRABUzJLNaBAQnKDD6fYHU_0IzhxZe30rd8UqOWdBpBaC9vaMoWZXwrbXy9eo6dd7ixMXtU3kog8PlgxEnJUcTcuv7mOhfqUxCLvfKFjlUQ98BX05row' \ 
-X GET "/api/:provider_code/open-banking/v3.1/pisp/:consent_payment_product/:consent_id/funds-confirmation"

Example of response

{"Data":{"FundsAvailableResult":{"FundsAvailable":"true","FundsAvailableDateTime":"2017-06-05T15:15:13+00:00"},"SupplementaryData":{}}}
Request

GET /api/:provider_code/open-banking/v3.1/pisp/:consent_payment_product/:consent_id/funds-confirmation

Headers
Header Type Description
Content-Type string, required The media type of the body of the request. Default value: application/json Can raise: FieldInvalid
x-fapi-interaction-id string, optional An RFC4122 UID used as a correlation Id. Can raise: FieldInvalid
Accept string, optional Media type that is acceptable for the response. Can raise: FieldInvalid
x-fapi-auth-date string, optional The time when the PSU last logged in with the TPP. Can raise: FieldInvalid
x-fapi-customer-ip-address string, optional The PSU's IP address if the PSU is currently logged in with the TPP. Can raise: FieldInvalid
Authorization string, required Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden
Request parameters
provider_code (path)
string, required
Human readable Provider identifier. Can raise: FieldInvalid, ResourceNotFound
consent_payment_product (path)
string, required
The addressed consent payment resource. Allowed values: domestic-payment-consents, international-payment-consents Can raise: FieldInvalid, ResourceNotFound
consent_id (path)
string, required
The consent identifier assigned to the created resource. Can raise: FieldInvalid, ResourceNotFound, Unauthorized, ResourceInvalidConsentStatus
Response headers
Header Type Description
Content-Type string, required The media type of the body of the request.
x-fapi-interaction-id string, required An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header.
Retry-After integer, optional Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request.
Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.


Related Errors
Class Code Description
FieldInvalid 400 An invalid value is supplied in the field. More details in error_message.
ResourceNotFound 400 Specified resource doesn't exist.
ResourceInvalidConsentStatus 400 The action can't be performed with current status of consent.
HeaderMissing 400 A required HTTP header has not been provided.
HeaderInvalid 400 An invalid value is supplied in the HTTP header.
Unauthorized 401 Unauthorized access.
Forbidden 403 Action is forbidden. More details in error_message.

Create

The API allows the TPP to ask an ASPSP to create a new payment.

CURL

curl -i  \ 
 -H "Authorization: Bearer authorization" \ 
 -H "Content-Type: application/json" \ 
 -H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \ 
 -H "Accept: application/json" \ 
 -H "x-jws-signature: V2hhdCB3ZSBnb3QgaGVyZQ0K..aXMgZmFpbHVyZSB0byBjb21tdW5pY2F0ZQ0K" \ 
 -H "Idempotency-Key: da7c525d-9ec0-4b28-aae5-e97f6f39dfbd" \ 
 -H "x-fapi-auth-date: Sun, 10 Sep 2017 19:43:31 GMT" \ 
 -H "x-fapi-customer-ip-address: 104.25.212.99" \ 
 -d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.eyJEYXRhIjp7IkNvbnNlbnRJZCI6InN0cmluZyIsIkluaXRpYXRpb24iOnsiSW5zdHJ1Y3Rpb25JZGVudGlmaWNhdGlvbiI6IkFOU00wMjMiLCJFbmRUb0VuZElkZW50aWZpY2F0aW9uIjoiRlJFU0NPLjIxMzAyLkdGWC4zNyIsIkxvY2FsSW5zdHJ1bWVudCI6IlVLLk9CSUUuRlBTIiwiSW5zdHJ1Y3RlZEFtb3VudCI6eyJBbW91bnQiOiIyMC4wMCIsIkN1cnJlbmN5IjoiR0JQIn0sIkRlYnRvckFjY291bnQiOnsiU2NoZW1lTmFtZSI6IlVLLk9CSUUuU29ydENvZGVBY2NvdW50TnVtYmVyIiwiSWRlbnRpZmljYXRpb24iOiIxMTI4MDAwMTIzNDU2NyIsIk5hbWUiOiJBbmRyZWEgU21pdGgiLCJTZWNvbmRhcnlJZGVudGlmaWNhdGlvbiI6IjAwMDIifSwiQ3JlZGl0b3JBY2NvdW50Ijp7IlNjaGVtZU5hbWUiOiJVSy5PQklFLlNvcnRDb2RlQWNjb3VudE51bWJlciIsIklkZW50aWZpY2F0aW9uIjoiMDgwODAwMjEzMjU2OTgiLCJOYW1lIjoiQm9iIENsZW1lbnRzIiwiU2Vjb25kYXJ5SWRlbnRpZmljYXRpb24iOiIwMDAzIn0sIkNyZWRpdG9yUG9zdGFsQWRkcmVzcyI6eyJBZGRyZXNzTGluZSI6WyIxMCBEb3duaW5nIFN0LCBXZXN0bWluc3RlciwgTG9uZG9uIFNXMUEgMkFBLCBVbml0ZWQgS2luZ2RvbSJdLCJBZGRyZXNzVHlwZSI6IkFkZHJlc3Mgd2l0aCBob3VzZSBudW1iZXIgYW5kIHN0cmVldCIsIkRlcGFydG1lbnQiOiJQcmltZSBNaW5pc3RlcidzIE9mZmljZSIsIlN1YkRlcGFydG1lbnQiOiJDYWJpbmV0IE9mZmljZSIsIlN0cmVldE5hbWUiOiJTaXIgR2VvcmdlIERvd25pbmciLCJCdWlsZGluZ051bWJlciI6IjEwIiwiUG9zdENvZGUiOiJTVzFBIDJBQSIsIlRvd25OYW1lIjoiQ2l0eSBvZiBXZXN0bWluc3RlciBMb25kb24sIiwiQ291bnRyeVN1YkRpdmlzaW9uIjoiTG9uZG9uIiwiQ291bnRyeSI6IkdCIn0sIlJlbWl0dGFuY2VJbmZvcm1hdGlvbiI6eyJSZWZlcmVuY2UiOiJGUkVTQ08tMDM3IiwiVW5zdHJ1Y3R1cmVkIjoiSW50ZXJuYWwgb3BzIGNvZGUgNTEyMDEwMyJ9LCJTdXBwbGVtZW50YXJ5RGF0YSI6e319fSwiUmlzayI6eyJQYXltZW50Q29udGV4dENvZGUiOiJzdHJpbmciLCJNZXJjaGFudENhdGVnb3J5Q29kZSI6InN0cmluZyIsIk1lcmNoYW50Q3VzdG9tZXJJZGVudGlmaWNhdGlvbiI6InN0cmluZyIsIkRlbGl2ZXJ5QWRkcmVzcyI6eyJBZGRyZXNzTGluZSI6InN0cmluZyIsIlN0cmVldE5hbWUiOiJzdHJpbmciLCJCdWlsZGluZ051bWJlciI6InN0cmluZyIsIlBvc3RDb2RlIjoic3RyaW5nIiwiVG93bk5hbWUiOiJzdHJpbmciLCJDb3VudHJ5U3ViRGl2aXNpb24iOiJzdHJpbmciLCJDb3VudHJ5IjoiR0IifX19.r4JcrT_txkzjBCnhvSp3D5DiS8JUUCQ-wK08j7a3-YFFIYHyJCM9CngiU2IRXj7wcD-PJOQX_EsFux1A2fIGq6QK4_P46AJyKazcvNa1Yu6V9eDnNqOTuGjFsqg5jcsSsD4v2DPr1mbwNZNPT1nG_mYzt85fvh4OU3ICT91sAKipN412o-fs06Cvhy9dd7gk8Ti3Q3DEUb5oGnWbcw-XbtXh8NLp00i_ntinqWLUTfSb78fD9z_kAHQwTwL66v8--w8cOTq64z6Rk-03gbD-ZM07_3chYfT4RKscD5zOpUYjtI5XUPGJSHZemkBQoJU6s8vz6EdbBSDkaJAY9OsaLw' \ 
-X POST "/api/:provider_code/open-banking/v3.1/pisp/:payment_product"

Example of request

Example of response

Request

POST /api/:provider_code/open-banking/v3.1/pisp/:payment_product

Headers
Header Type Description
Content-Type string, required The media type of the body of the request. Default value: application/json Can raise: FieldInvalid
x-fapi-interaction-id string, optional An RFC4122 UID used as a correlation Id.
Accept string, optional Media type that is acceptable for the response.
x-fapi-auth-date string, optional The time when the PSU last logged in with the TPP.
x-fapi-customer-ip-address string, optional The PSU's IP address if the PSU is currently logged in with the TPP.
Authorization string, required Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden
x-jws-signature string, optional A detached JWS signature of the body of the payload.
Idempotency-Key string, optional Unique uuid used to recognize subsequent retries of the same request valid for 24 hours. Allowed length: max: 40 characters
Request parameters