Consents
Create
The API allows the TPP to ask an ASPSP to create a new funds-confirmation-consent resource.
CURL
![]()
curl -i \
-H "Authorization: Bearer authorization" \
-H "Content-Type: application/json" \
-H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \
-d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.eyJEYXRhIjp7IkV4cGlyYXRpb25EYXRlVGltZSI6IjIwMTctMDYtMDVUMTU6MTU6MTMrMDA6MDAiLCJEZWJ0b3JBY2NvdW50Ijp7IlNjaGVtZU5hbWUiOiJVSy5PQklFLlNvcnRDb2RlQWNjb3VudE51bWJlciIsIklkZW50aWZpY2F0aW9uIjoiMTEyODAwMDEyMzQ1NjciLCJOYW1lIjoiQW5kcmVhIFNtaXRoIiwiU2Vjb25kYXJ5SWRlbnRpZmljYXRpb24iOiIwMDAyIn19fQ.hHP5tgeyOezaOolu5JLdlrL5ZlBF2b0EYMaacIicOqx-4GTYFpSZoi8gVUf2zxu0Zsm4ieAMBwCmyQHepwjm2h-gypiV_sGmIRoR08IKZx0GNP-ejLFS7WjpQniIOwifFKwKIU1nNsPb_eLglU2KGQYPwxtcvPj-Qw3RPSCjSkLPtH8zcgpx88YllLU6aCVqLm_kbjRzlm1lZDPD-PHZMXBjv2YuHusv4pkRQHnT_KwMn6v4VnA2O5iajCNitUTj2mLj9Thc2q9o1-orV6220CpSKUHBlRfuW8v2n72EtPWc7ZdeTah6UVBNnAWs31IwnZt8NfVRPNj-8mxtpFY8lQ' \
-X POST "/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents"
Example of request
![]()
{"Data":{"ExpirationDateTime":"2017-06-05T15:15:13+00:00","DebtorAccount":{"SchemeName":"UK.OBIE.SortCodeAccountNumber","Identification":"11280001234567","Name":"Andrea Smith","SecondaryIdentification":"0002"}}}
Example of response
![]()
{"Data":{"ConsentId":"18463","CreationDateTime":"2017-06-05T15:15:13+00:00","Status":"AwaitingAuthorisation","StatusUpdateDateTime":"2017-06-05T15:15:13+00:00","ExpirationDateTime":"2017-06-05T15:15:13+00:00","DebtorAccount":{"SchemeName":"UK.OBIE.SortCodeAccountNumber","Identification":"11280001234567","Name":"Andrea Smith","SecondaryIdentification":"0002"}},"Links":{"Self":"/open-banking/v3.1/cbpii/funds-confirmation-consents/18463"},"Meta":{}}
Request
POST
/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents
Headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, optional | The media type of the body of the request. Default value: application/json |
x-fapi-interaction-id
|
string, optional | An RFC4122 UID used as a correlation Id. |
Authorization
|
string, required | Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden |
Idempotency-Key
|
string, optional | Unique uuid used to recognize subsequent retries of the same request valid for 24 hours. Allowed length: max: 40 characters |
Request parameters
Response headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, required | The media type of the body of the request. |
x-fapi-interaction-id
|
string, required | An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header. |
Retry-After
|
integer, optional | Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request. |
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
ResourceNotFound | 400 | Specified resource doesn't exist. |
FieldInvalidDate | 400 | An invalid date is supplied. |
FieldInvalid | 400 | An invalid value is supplied in the field. More details in error_message . |
HeaderMissing | 400 | A required HTTP header has not been provided. |
HeaderInvalid | 400 | An invalid value is supplied in the HTTP header. |
Forbidden | 403 | Action is forbidden. More details in error_message . |
Show
The API allows the TPP to ask an ASPSP to show a funds-confirmation-consent resource.
CURL
![]()
curl -i \
-H "Authorization: Bearer authorization" \
-H "Content-Type: application/json" \
-H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \
-d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.e30.G_hab2NlEsXtR33VTCtQV8fzDvTpCxWZbHELT_bZoqIZvdHaYfrjbG4OBD-VSd-u3iOxOf5PDfuGoeZap5X5HhgZbgvH8cckGaQh3ZZxNLEePs7k_9YJm0pzDnq1UUg5xmc2_Cq0kHymKzL61MwY9Em84Xuykog87h8zZlZGCaYFsKEWNDWm1BPToUrChFDSZgd9K2DiyD8huATT6jU98w4q2zfO5uwPkZazjuqsH56iZGbxmlREq-V_lVeKVANZKv1vLlJ_m0fHdaRCp-E3W19tNrRcGK0ezB41gUnFbOOTxARuz9BNllxks5Z9U4NkhFmAjJ-xbyZOWi_HHeIeVA' \
-X GET "/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents/:consent_id"
Example of response
![]()
{"Data":{"ConsentId":"18463","CreationDateTime":"2017-06-05T15:15:13+00:00","Status":"AwaitingAuthorisation","StatusUpdateDateTime":"2017-06-05T15:15:13+00:00","ExpirationDateTime":"2017-06-05T15:15:13+00:00","DebtorAccount":{"SchemeName":"UK.OBIE.SortCodeAccountNumber","Identification":"11280001234567","Name":"Andrea Smith","SecondaryIdentification":"0002"}},"Links":{"Self":"/open-banking/v3.1/cbpii/funds-confirmation-consents/18463"},"Meta":{}}
Request
GET
/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents/:consent_id
Headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, optional | The media type of the body of the request. Default value: application/json |
x-fapi-interaction-id
|
string, optional | An RFC4122 UID used as a correlation Id. |
Authorization
|
string, required | Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden |
Request parameters
Response headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, required | The media type of the body of the request. |
x-fapi-interaction-id
|
string, required | An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header. |
Retry-After
|
integer, optional | Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request. |
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
ResourceNotFound | 400 | Specified resource doesn't exist. |
FieldInvalid | 400 | An invalid value is supplied in the field. More details in error_message . |
HeaderMissing | 400 | A required HTTP header has not been provided. |
HeaderInvalid | 400 | An invalid value is supplied in the HTTP header. |
Forbidden | 403 | Action is forbidden. More details in error_message . |
Destroy
If the PSU revokes consent to confirm funds with the TPP, the TPP must delete the funds-confirmation-consent resource.
CURL
![]()
curl -i \
-H "Authorization: Bearer authorization" \
-H "Content-Type: application/json" \
-H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \
-d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.e30.IqIHNGtaOyxX5jW5lf3qZ8n2fIRX086lUYRX3ACBJrpNOkOlXZt5XlMIlB3MrwM4FTkjuvr8oPiOpnaxAGUt3K9xaSSaaoXToij3CD7XK4EjRzdtKVTHbuQZ2rZAzK-LBDfR6Erx0AWE72qWCIE3ozD9z2UWgZaZDBunEfFhVc453ydX6fL-0k8Cn5ngm6MXxn0H6mEC6oCb98O3Sq-K3oP3F7fkJCdBw4zx-YsyqhirQ4R3pBFdESJGnDFbkrSsfqIX-uz-oJVlrAufs9A0rrQbVlZ1oN6zGe-7lt-SUf7zioJ6LhvKFH8YN03YJatO4v4rhHSqYl7ndHhcnEwLWg' \
-X DELETE "/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents/:consent_id"
Request
DELETE
/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents/:consent_id
Headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, optional | The media type of the body of the request. Default value: application/json |
x-fapi-interaction-id
|
string, optional | An RFC4122 UID used as a correlation Id. |
Authorization
|
string, required | Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden |
Request parameters
Response headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, required | The media type of the body of the request. |
x-fapi-interaction-id
|
string, required | An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header. |
Retry-After
|
integer, optional | Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request. |
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
ResourceNotFound | 400 | Specified resource doesn't exist. |
FieldInvalid | 400 | An invalid value is supplied in the field. More details in error_message . |
ResourceInvalidConsentStatus | 400 | The action can't be performed with current status of consent. |
HeaderMissing | 400 | A required HTTP header has not been provided. |
HeaderInvalid | 400 | An invalid value is supplied in the HTTP header. |
Unauthorized | 401 | Unauthorized access. |
Forbidden | 403 | Action is forbidden. More details in error_message . |
Funds Confirmation
Create
If the TPP would like to confirm funds with the ASPSP, it should create a new funds-confirmation resource, and check the funds available flag in the response.
CURL
![]()
curl -i \
-H "Authorization: Bearer authorization" \
-H "Content-Type: application/json" \
-H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \
-d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.eyJEYXRhIjp7IkNvbnNlbnRJZCI6IjEyMyIsIlJlZmVyZW5jZSI6IlNvbWUgcmVmIiwiSW5zdHJ1Y3RlZEFtb3VudCI6eyJBbW91bnQiOiIxMTUuMyIsIkN1cnJlbmN5IjoiR0JQIn19fQ.UaiftUq09L6YKzdiDhqHwIAr_MoNNoEb_5zHTr7r0DVUtUjtYxPdAkgRBY0-yIu0KUkpWxdfeyvM6DlX5fI2uT2dqigJEztP03I1m5eJuztbMhM0LNGqfsxf-NIl2KU-DxTQ57CDTC6v6NbZzmH_8cSlshyrXnIwuu886w9zzJPrHEiUd0bTbu39aQ36X9FztHClLvOCvK3E__EM-MwAc-V8bC5lz8DHJh3rGu64-KxFtLmkrnQwoOvnhZBh4UV_zTRbyaSbmHkQxvDcSxbQRcmb85Zyniy7lk79gv6mpk536kJg0vFXW6ooYitYv3k5gGUFJtfsJt5adk3TLp5oZw' \
-X POST "/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmations"
Example of request
![]()
{"Data":{"ConsentId":"123","Reference":"Some ref","InstructedAmount":{"Amount":"115.3","Currency":"GBP"}}}
Example of response
![]()
{"Data":{"FundsConfirmationId":"1321","ConsentId":"22123","CreationDateTime":"2017-06-05T15:15:13+00:00","FundsAvailable":true,"Reference":"Some ref","InstructedAmount":{"Amount":"115.3","Currency":"GBP"}},"Links":{"Self":"/open-banking/v3.1/cbpii/funds-confirmations/1321"},"Meta":{}}
Request
POST
/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmations
Headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, optional | The media type of the body of the request. Default value: application/json |
x-fapi-interaction-id
|
string, optional | An RFC4122 UID used as a correlation Id. |
Authorization
|
string, required | Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden |
Idempotency-Key
|
string, optional | Unique uuid used to recognize subsequent retries of the same request valid for 24 hours. Allowed length: max: 40 characters |
Request parameters
Response headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, required | The media type of the body of the request. |
x-fapi-interaction-id
|
string, required | An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header. |
Retry-After
|
integer, optional | Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request. |
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
ResourceNotFound | 400 | Specified resource doesn't exist. |
FieldInvalid | 400 | An invalid value is supplied in the field. More details in error_message . |
UnsupportedCurrency | 400 | The currency is not supported. |
HeaderMissing | 400 | A required HTTP header has not been provided. |
HeaderInvalid | 400 | An invalid value is supplied in the HTTP header. |
Forbidden | 403 | Action is forbidden. More details in error_message . |