Consents
Create
The API allows the TPP to ask an ASPSP to create a new funds-confirmation-consent resource.
CURL
![]()
curl -i \
-H "Authorization: Bearer authorization" \
-H "Content-Type: application/json" \
-H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \
-d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.eyJEYXRhIjp7IkV4cGlyYXRpb25EYXRlVGltZSI6IjIwMTctMDYtMDVUMTU6MTU6MTMrMDA6MDAiLCJEZWJ0b3JBY2NvdW50Ijp7IlNjaGVtZU5hbWUiOiJVSy5PQklFLlNvcnRDb2RlQWNjb3VudE51bWJlciIsIklkZW50aWZpY2F0aW9uIjoiMTEyODAwMDEyMzQ1NjciLCJOYW1lIjoiQW5kcmVhIFNtaXRoIiwiU2Vjb25kYXJ5SWRlbnRpZmljYXRpb24iOiIwMDAyIn19fQ.IT5rzVtvLUBau4UtraJVVq9kC2gy0rNRVfnxxcam2NmaO4gROl0jzGd7tK4yiaxpXa5QyzH9DpQZ0q-Vvl0P709dlhIM85q1X2GR7rwaJKGDzds8mI8PkxRhrPKshAE3j9bnlXmvsz4GUHMcxulGY1ebP03IQGt5lv1jGY9t2bCVFsfvEdY2dZaLuj6Cn7hGmekglF3wN0-Px_JkuZm1D3g0iD3TwWlWrBmXKDhv14aU2tVx0whIAuN6-OmBLvk3wecjuF2tKSuVACE4DSUHDuF1byD40KDTL_2tpg4nE9sO-IVsTfdh6n1djdgXyDSa1i1S-BUzRJggZ4Z75evKOw' \
-X POST "/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents"
Example of request
![]()
{ "Data": { "ExpirationDateTime": "2017-06-05T15:15:13+00:00", "DebtorAccount": { "SchemeName": "UK.OBIE.SortCodeAccountNumber", "Identification": "11280001234567", "Name": "Andrea Smith", "SecondaryIdentification": "0002" } } }
Example of response
![]()
{ "Data": { "ConsentId": "18463", "CreationDateTime": "2017-06-05T15:15:13+00:00", "Status": "AwaitingAuthorisation", "StatusUpdateDateTime": "2017-06-05T15:15:13+00:00", "ExpirationDateTime": "2017-06-05T15:15:13+00:00", "DebtorAccount": { "SchemeName": "UK.OBIE.SortCodeAccountNumber", "Identification": "11280001234567", "Name": "Andrea Smith", "SecondaryIdentification": "0002" } }, "Links": { "Self": "/open-banking/v3.1/cbpii/funds-confirmation-consents/18463" }, "Meta": {} }
Request
POST
/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents
Headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, optional | The media type of the body of the request. Default value: application/json |
x-fapi-interaction-id
|
string, optional | An RFC4122 UID used as a correlation Id. |
Authorization
|
string, required | Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden |
Idempotency-Key
|
string, optional | Unique uuid used to recognize subsequent retries of the same request valid for 24 hours. Allowed length: max: 40 characters |
Request parameters
Response headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, required | The media type of the body of the request. |
x-fapi-interaction-id
|
string, required | An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header. |
Retry-After
|
integer, optional | Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request. |
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
ResourceNotFound | 400 | Specified resource doesn't exist. |
FieldInvalidDate | 400 | An invalid date is supplied. |
FieldInvalid | 400 | An invalid value is supplied in the field. More details in error_message . |
HeaderMissing | 400 | A required HTTP header has not been provided. |
HeaderInvalid | 400 | An invalid value is supplied in the HTTP header. |
Forbidden | 403 | Action is forbidden. More details in error_message . |
Show
The API allows the TPP to ask an ASPSP to show a funds-confirmation-consent resource.
CURL
![]()
curl -i \
-H "Authorization: Bearer authorization" \
-H "Content-Type: application/json" \
-H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \
-d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.e30.lMsgTlRwc7ypFUhJjx3ZGhgIPVEw9jii71sCMZa3RfK8It50mMmi8-Nnkt7tOdEaj88agEiYUeK33ug88qGQ7Hwn67x6ONAc5xs62AjJv1t94Ye8WTbQ-Hk8kvsqL1W8yL1NvK4qEzO7q3e2TSarGH7TBKIBM3iuc3cGckz94Ul1D9YvPFlhNvqD6wpFUUyh2U9e3mWEXvSz1NNsfxzdwfFCwP4RlBu133llbopobyK-FazDp2I2elZt2Zj72q27CVjO4P6r09M9ws4MgvZpG7XlHHYZzAZ-4nTC8GrCciTFP0oVORGzwyViW-QPRqAhaj4rcFPFM8Kz5g_Gdw2KhQ' \
-X GET "/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents/:consent_id"
Example of response
![]()
{ "Data": { "ConsentId": "18463", "CreationDateTime": "2017-06-05T15:15:13+00:00", "Status": "AwaitingAuthorisation", "StatusUpdateDateTime": "2017-06-05T15:15:13+00:00", "ExpirationDateTime": "2017-06-05T15:15:13+00:00", "DebtorAccount": { "SchemeName": "UK.OBIE.SortCodeAccountNumber", "Identification": "11280001234567", "Name": "Andrea Smith", "SecondaryIdentification": "0002" } }, "Links": { "Self": "/open-banking/v3.1/cbpii/funds-confirmation-consents/18463" }, "Meta": {} }
Request
GET
/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents/:consent_id
Headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, optional | The media type of the body of the request. Default value: application/json |
x-fapi-interaction-id
|
string, optional | An RFC4122 UID used as a correlation Id. |
Authorization
|
string, required | Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden |
Request parameters
Response headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, required | The media type of the body of the request. |
x-fapi-interaction-id
|
string, required | An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header. |
Retry-After
|
integer, optional | Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request. |
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
ResourceNotFound | 400 | Specified resource doesn't exist. |
FieldInvalid | 400 | An invalid value is supplied in the field. More details in error_message . |
HeaderMissing | 400 | A required HTTP header has not been provided. |
HeaderInvalid | 400 | An invalid value is supplied in the HTTP header. |
Forbidden | 403 | Action is forbidden. More details in error_message . |
Destroy
If the PSU revokes consent to confirm funds with the TPP, the TPP must delete the funds-confirmation-consent resource.
CURL
![]()
curl -i \
-H "Authorization: Bearer authorization" \
-H "Content-Type: application/json" \
-H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \
-d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.e30.uzxcvfk06g8bV5kdx7iVEhRl7fWD7_p3DoW5qL_MxhgQ6cjpCquDUmGxbzPKCK2H96eC2xgE5J5K1tvk0uEAGj8toWURO5EH0CxTHV2s9dSqmLbJMb5tnBBxm2LD7IMkZ6x5ZVwkbhb9o8WLwtvfL47PZctN_-6aYgA7ezkcxeYnnqiZerHjWkQmMfWN2QcrGPDMoCdpsUBsCZVlVPRkRcJSa9NB4hug1LHacuyQto04RzoDw-XSGB-wOvF3hl9f2Lm_he9zpqptv2QUWBYAGwuyi2siVPmDnb9_G6PIDekPIwsVQFfGZ7H3TbeGWi369rP1_uBSF2YPEpWhCq80aw' \
-X DELETE "/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents/:consent_id"
Request
DELETE
/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmation-consents/:consent_id
Headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, optional | The media type of the body of the request. Default value: application/json |
x-fapi-interaction-id
|
string, optional | An RFC4122 UID used as a correlation Id. |
Authorization
|
string, required | Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden |
Request parameters
Response headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, required | The media type of the body of the request. |
x-fapi-interaction-id
|
string, required | An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header. |
Retry-After
|
integer, optional | Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request. |
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
ResourceNotFound | 400 | Specified resource doesn't exist. |
FieldInvalid | 400 | An invalid value is supplied in the field. More details in error_message . |
ResourceInvalidConsentStatus | 400 | The action can't be performed with current status of consent. |
HeaderMissing | 400 | A required HTTP header has not been provided. |
HeaderInvalid | 400 | An invalid value is supplied in the HTTP header. |
Unauthorized | 401 | Unauthorized access. |
Forbidden | 403 | Action is forbidden. More details in error_message . |
Funds Confirmation
Create
If the TPP would like to confirm funds with the ASPSP, it should create a new funds-confirmation resource, and check the funds available flag in the response.
CURL
![]()
curl -i \
-H "Authorization: Bearer authorization" \
-H "Content-Type: application/json" \
-H "x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d" \
-d 'eyJhbGciOiJQUzI1NiIsImtpZCI6InRlc3QifQ.eyJEYXRhIjp7IkNvbnNlbnRJZCI6IjEyMyIsIlJlZmVyZW5jZSI6IlNvbWUgcmVmIiwiSW5zdHJ1Y3RlZEFtb3VudCI6eyJBbW91bnQiOiIxMTUuMyIsIkN1cnJlbmN5IjoiR0JQIn19fQ.e7V2_ZkngsTw5Fw2AYPdSZ7DWi28fTit1Vit_uopsf5x-ofErqq-QnvVJY8NlY9pwZstIsL9ijg2vceoGRwZ_B3SbWs131fcSBqND_Y1P7ti_QjusEtlaQG9mdvCvbsdQ-2Phye-QMO-VrMO2XwmaEcSoPituNDKXc_x2rZTmnm_-gdgoaVYT7K6kQU8q-fHxG_jnFfJOPBTGi528ZLjAKRCnXDDCIYtZxSSWRCDpVY_9QSY-uE2XbgRAlJYE-L4vLaNHYenO3x1l72r_2qkcHcsbEphcp7P4l9NRchfDpucucRIZneDNa-WXBQ9AozvIeMR1fqzTMQsm_3a0h677A' \
-X POST "/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmations"
Example of request
![]()
{ "Data": { "ConsentId": "123", "Reference": "Some ref", "InstructedAmount": { "Amount": "115.3", "Currency": "GBP" } } }
Example of response
![]()
{ "Data": { "FundsConfirmationId": "1321", "ConsentId": "22123", "CreationDateTime": "2017-06-05T15:15:13+00:00", "FundsAvailable": true, "Reference": "Some ref", "InstructedAmount": { "Amount": "115.3", "Currency": "GBP" } }, "Links": { "Self": "/open-banking/v3.1/cbpii/funds-confirmations/1321" }, "Meta": {} }
Request
POST
/api/:provider_code/open-banking/v3.1/cbpii/funds-confirmations
Headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, optional | The media type of the body of the request. Default value: application/json |
x-fapi-interaction-id
|
string, optional | An RFC4122 UID used as a correlation Id. |
Authorization
|
string, required | Standard HTTP Header; Allows Credentials to be provided to the Authorisation / Resource Server depending on the type of resource being requested. For OAuth 2.0 / OIDC, this comprises of either the Basic / Bearer Authentication Schemes. Can raise: HeaderMissing, HeaderInvalid, ResourceNotFound, Forbidden |
Idempotency-Key
|
string, optional | Unique uuid used to recognize subsequent retries of the same request valid for 24 hours. Allowed length: max: 40 characters |
Request parameters
Response headers
Header | Type | Description |
---|---|---|
Content-Type
|
string, required | The media type of the body of the request. |
x-fapi-interaction-id
|
string, required | An RFC4122 UID used as a correlation Id. If provided, the ASPSP must "play back" this value in the x-fapi-interaction-id response header. |
Retry-After
|
integer, optional | Amount of time in seconds after which Salt Edge PSD2 Compliance Solution resends the previously failed request. |
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
Class | Code | Description |
---|---|---|
ResourceNotFound | 400 | Specified resource doesn't exist. |
FieldInvalid | 400 | An invalid value is supplied in the field. More details in error_message . |
UnsupportedCurrency | 400 | The currency is not supported. |
HeaderMissing | 400 | A required HTTP header has not been provided. |
HeaderInvalid | 400 | An invalid value is supplied in the HTTP header. |
Forbidden | 403 | Action is forbidden. More details in error_message . |