NAV
SaltEdge PSD2 Compliance Logo

Other

Tokens

Reconnect Deprecated

Initiate a linking process for a provider. The client application has to handle all the authentication UI in this flow (see Provider authorization_types). During the lifecycle, events will be added to the session which will send Callbacks to your application.

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNvbnNlbnRfYXBwcm92ZWQiOnRydWV9LCJleHAiOjE1OTQwNzg3Njh9.j-4t5QX0E2CCP9sJsn_h0ptuFF1vKmrQiN7sJsXGWs9CIQ6gWcn30VvnoBhRMssPJee-AJ5oCs0zkUSEt9Q0fI0O8RnqVQaa0Iqa6v_ODrOv81je2-9SNcVIm_ii8Q37LSK4TvI3y3i4TmKnbgT2duQnJrRS5InkmgoT5R7Jyo3JNaXxL77ch8ClTFTvQyaNQhZxrFG688sDyMIYlsIBeYCAZC6B-gJSmKUZJU-PyRNvpU2uMoVM8RTlB-qr1V3QximKAPj-B-2vDr-rEwiyrumUYs2dTWX5qiI0tN4IpUADaVW42JJ_eELjAh7l5kMnb6nbGFdkh8xfaDemJDhqmg" \ 
 -H "App-Id: tUZHZ05b5klLnOH5ZgRp_Q" \ 
 -H "App-Secret: hfie0Uy_ZnvVIzh3OeA4XA" \ 
 -H "Access-Token: 81a3dac147e5bf8d31f5ef3d16d7423b80c00e66b60eb232a9c98b75af17386e15ed71e5edcf82992a0b3b0c1db58ebf222738dbbc6cf3cc5ec988d798d80fe3" \ 
 -H "Client-Request-Id: 17" \ 
 -X POST "https://priora.saltedge.com/api/v2/tokens/reconnect"

Example of unpacked Authorization header

{"data":{"consent_approved":true}}

Example of response

{"data":{"session_secret":"4VxpgSvnYrLd_LL5tarN"}}

This endpoint allows TPP to refresh current Access-Token. The behavior can be the following: ASPSP can just return a new token, ask for MFA or ask for reconnection. In any of the cases above TPP will receive a session callback and the following behavior will be stored in the session object.

Request

POST https://priora.saltedge.com/api/v2/tokens/reconnect

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Access-Token string, required Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
data hash, required Wrapper for the data.
data.consent_approved boolean, required A flag which determines whether a PSU approved reconnection process or not. Allowed values: true
Response
Response Type Description
data hash, required Wrapper for the data.
data.session_secret string, required Session identifier in Salt Edge PSD2 Compliance.
Related Errors
Class Code Description
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
TokenMissing 400 This request cannot be performed without Access_Token header.
TokenNotFound 401 Token specified in request does not exist or cannot be retrieved.
TokenRevoked 401 Token specified in request is revoked and cannot be used anymore.
TokenExpired 401 Token specified in request is expired and cannot be used.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.

Remote

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InByb3ZpZGVyX2NvZGUiOiJkZW1vYmFuayIsInNjb3BlcyI6WyJhY2NvdW50cyIsInRyYW5zYWN0aW9ucyIsImt5YyIsInBheW1lbnRzIiwiZnVuZHNfYXZhaWxhYmlsaXR5IiwidHJ1c3RlZF9iZW5lZmljaWFyaWVzIl0sImNvbnNlbnRfcGVyaW9kX2RheXMiOjkwLCJjcmVkZW50aWFscyI6eyJhdXRob3JpemF0aW9uX3R5cGUiOiJQU0RfQUlTUCJ9fSwiZXhwIjoxNTk0MDc4NzY4fQ.qoDngbQQCGgMPOOhgfYhB3CeCbUnQSGjoW8IftK0Gx4Noc0_GUFwvDbKMxhICYJETkjMDJ0itzkKLGStMRsL-Qa0XJnQBAtAOhyFPVobSkwc5maLTEWnOJP-Ukg7LV_BGPZcQ257Q8zcE9o0gEBEBy4eLtBbKgITciP3kP9SJfUOf-PWaj1Y8gKmsb2xyB45OCk4ufjL2SA8STMmjUzyRws0WxF9QebHkJ2mtkosHOfJH8ujVToDLCOkp4Eko6ITNwcQgosAhUTpjzX_G18oiQfQzhL1iIMy1Pdy8waAs3aMqsnDkBGcVLIlKUn8cWKTM8hme36k7Nqk5AxlUqF-LQ" \ 
 -H "App-Id: 8PmTDEfMengvyK1SNFkQ4A" \ 
 -H "App-Secret: n4eSP_GK0CLYoeoT8mOQLg" \ 
 -H "Client-Request-Id: 17" \ 
 -X POST "https://priora.saltedge.com/api/v2/tokens/remote"

Example of unpacked Authorization header

Example of response

{"data":{"session_secret":"i8wJ74uDGEMjmzjULLWB"}}

Initiate the process of authentication on behalf of PSU. Prior to this, TPP is required to ask PSU for consent. During this process, TPP will receive callbacks with instructions and current status of session.

Request

POST https://priora.saltedge.com/api/v2/tokens/remote

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Response
Response Type Description
data hash, required Wrapper for the data.
data.session_secret string, required Session identifier in Salt Edge PSD2 Compliance. Can raise: SessionNotFound
Related Errors
Class Code Description
ScopesInvalid 400 Specified scopes don't match with the ones specified in Provider or OAuthApp. More info in error_message
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
AccessDenied 401 Action you want to perform is not allowed. More in error_message
ProviderNotFound 404 Provider specified in request does not exist or cannot be retrieved.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.

Revoke

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNTk0MDc4NzY4fQ.eacPBwHRcz_w590f_iS0sdA8AUWIir12WKrbhqOoBAczVdyViepg5hVRXfClpLK5IWkKElr8OTuLXVjlP2umFcRNAxIE261WPRfW0Ey5tVCrE0XDW1Z9ORH5M_agJtm3x5QdP9zYgrRfSYtfV-NVLLluvqgwgh-g9M-y0vRczQc7YY6MRi1VsOgxMfTNe9zwogXB0spw3kuPFY7TvrY8jRzVr6ETuf1NvRdxAel5ZlS-J1VisZ_rVh-ytuU6ZGNUOurCaS9Z2n2EQv4p31O72gX-O1m7giHBZju0pycS-8MrNBPl-zsO-zAD6AHTPjSHHBZVZNN9ioMnJJEu1JwDfQ" \ 
 -H "App-Id: iiniPo3zkfpOgmHrmk0Osg" \ 
 -H "App-Secret: gNebmvKyKAVTxY_fSVe-kQ" \ 
 -H "Access-Token: 874bcafd85e1332e8657cfb68016ed33f52b055adeead1d97fdfd96fc4cb847b957ee63f407d459b80eef76951e967501ca6c0282e4a4e7f838906856720a0bf" \ 
 -H "Client-Request-Id: 17" \ 
 -X DELETE "https://priora.saltedge.com/api/v2/tokens"

Example of unpacked Authorization header

{"data":{},"exp":1574093211}

Example of response

{"data":{"revoked":true,"access_token":"yVJ-2246zz-1yRutZstm"}}

Revoke an already existing and active access token.

Request

DELETE https://priora.saltedge.com/api/v2/tokens

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Access-Token string, required Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
data hash, required Wrapper for the data.
exp integer, required The lifetime of the request in timestamp UTC format. Values greater than: Current time.
Response
Response Type Description
data hash, required Wrapper for the data.
data.access_token string, required Token which was revoked or not.
data.revoked boolean, required Whether token was revoked or not. Allowed values: true, false
Related Errors
Class Code Description
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
TokenMissing 400 This request cannot be performed without Access_Token header.
TokenNotFound 401 Token specified in request does not exist or cannot be retrieved.
TokenRevoked 401 Token specified in request is revoked and cannot be used anymore.
TokenExpired 401 Token specified in request is expired and cannot be used.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.

Show

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNTk0MDc4NzY4fQ.eacPBwHRcz_w590f_iS0sdA8AUWIir12WKrbhqOoBAczVdyViepg5hVRXfClpLK5IWkKElr8OTuLXVjlP2umFcRNAxIE261WPRfW0Ey5tVCrE0XDW1Z9ORH5M_agJtm3x5QdP9zYgrRfSYtfV-NVLLluvqgwgh-g9M-y0vRczQc7YY6MRi1VsOgxMfTNe9zwogXB0spw3kuPFY7TvrY8jRzVr6ETuf1NvRdxAel5ZlS-J1VisZ_rVh-ytuU6ZGNUOurCaS9Z2n2EQv4p31O72gX-O1m7giHBZju0pycS-8MrNBPl-zsO-zAD6AHTPjSHHBZVZNN9ioMnJJEu1JwDfQ" \ 
 -H "App-Id: 6mWl9hbxoN3rg_nX4804tw" \ 
 -H "App-Secret: 6FdCub2C2AMQbyaI6KSv4Q" \ 
 -H "Access-Token: 7eb89bd116268f02b5ab5ab6f46a89a65a8476d8c287a84fdceae03724d5511ae445b0342c73fc02681b3fcbbfeb12cf78e9292956b67ea76d20dfff0a1ba7a2" \ 
 -H "Client-Request-Id: 54" \ 
 -X GET "https://priora.saltedge.com/api/v2/tokens"

Example of unpacked Authorization header

{"data":{},"exp":1574093211}

Example of response

{"data":{"scopes":["accounts","transactions","kyc","payments","funds_availability","trusted_beneficiaries"],"access_token_expires_at":"2019-11-18T16:04:51.638Z"}}

Return current state of a token.

Request

GET https://priora.saltedge.com/api/v2/tokens

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Access-Token string, required Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
data hash, required Wrapper for the data.
exp integer, required The lifetime of the request in timestamp UTC format. Values greater than: Current time.
Response
Response Type Description
data hash, required Wrapper for the data.
data.access_token_expires_at datetime, required When does access token expire.0
data.scopes array, required Set of permissions for access token. Allowed values: accounts, transactions, kyc, payments, funds_availability, trusted_beneficiaries
Related Errors
Class Code Description
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
TokenMissing 400 This request cannot be performed without Access_Token header.
TokenNotFound 401 Token specified in request does not exist or cannot be retrieved.
TokenRevoked 401 Token specified in request is revoked and cannot be used anymore.
TokenExpired 401 Token specified in request is expired and cannot be used.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.

Sessions

Confirm

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNyZWRlbnRpYWxzIjp7InNtc19waW5jb2RlIjoiNDU2OCJ9fSwiZXhwIjoxNTk0MDc4NzY4fQ.udY-QBDrv01rWxd0lsj6xqhW6NpST3mCO1j37iKv9KfRmEYg8tBGDPHwUd8_5KiuBjfRws_5DUR5hG_1kCserEn3YtyFcQo_lhbYSuFF6ffb0TRh--weWg7-DWL9JXyuMINgP3xGL7ycCgchQoi22bsJtIFVef_o_ckiMstMtx62X-hX9t8SjkmVbhrtzge7QbxmDq1lIHnQXg8d-wTg1U83O53-QAHdqc_6yh4og8YzZBfg9XjTlWbs8Cyf_DSf1LnbHS0HYwhScuGbcwAIPUk-qbQYbePkzzMApdOm5c2s0tiM6Q2WaEA3iO-r_oxH5gvHLyrxiB2OayFYtoH5iA" \ 
 -H "App-Id: RC37EiVDTH72Dy66RiWfRA" \ 
 -H "App-Secret: X-iIITSQB7qTeTYH_99H5A" \ 
 -H "Client-Request-Id: 17" \ 
 -X PUT "https://priora.saltedge.com/api/v2/sessions/:secret"

Example of unpacked Authorization header

{"data":{"credentials":{"sms_pincode":"4568"}},"exp":1574093210,"secret":"xkeTNwR3GHH3cHcq3UCt"}

Example of response

{"data":{"id":625,"secret":"xkeTNwR3GHH3cHcq3UCt","status":"waiting_confirmation_code","extra":{"scopes":["accounts","transactions","kyc","payments","funds_availability","trusted_beneficiaries"]},"token":{"access_token":"BVGU4xsgFdZRDx2BDoG1","expires_at":"2019-11-18T16:04:50.787Z"},"fail_at":"2019-11-18T16:04:50.787Z","success_at":"2019-11-18T16:04:50.787Z","created_at":"2019-11-18T16:04:50.787Z","updated_at":"2019-11-18T16:04:50.787Z","events":[{}],"authorization_details":{},"customer_id":469,"provider_code":"demobank"}}

This endpoint is used for processing additional interactive steps in the process of access token creation or account's refresh.

Request

PUT https://priora.saltedge.com/api/v2/sessions/:secret

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
data hash, required Wrapper for the data.
data.credentials hash, required Wrapper for interactive step credentials.
exp integer, required The lifetime of the request in timestamp UTC format. Values greater than: Current time.
secret (path) string, required Another session identifier that can be used for session lookup and confirmation. Can raise: SessionNotFound, SessionClosed, SessionExpired, ActionNotAllowed
Response
Response Type Description
data hash, required Wrapper for the data.
data.created_at datetime, required Datetime of session creation.
data.events array, required Session progress events.
data.extra hash, required Extra details that should be persisted into session.
data.id integer, required Session id.
data.provider_code string, required Human readable Provider identifier.
data.secret string, required Another session identifier that can be used for session lookup and confirmation.
data.status string, required Conveys current status of the operation. Allowed values: processing, redirect, waiting_confirmation, waiting_confirmation_code, executing, closed, fetched_kyc, fetched_accounts, fetched_transactions, fetched_trusted_beneficiaries
data.token.access_token string, required A unique string which grants access to TPP to perform actions on behalf of PSU.
data.token.expires_at datetime, required Datetime of token expiration.
data.updated_at datetime, required Datetime of last session updation.
data.authorization_details hash, optional Data which was used for authorization.
data.customer_id integer, optional PSU identifier on Salt Edge PSD2 Compliance side.
data.extra.scopes array, optional Set of permissions for access token. Allowed values: accounts, transactions, kyc, payments, funds_availability, trusted_beneficiaries
data.fail_at datetime, optional Datetime of session failure.
data.success_at datetime, optional Datetime of session successful closure.
data.token hash, optional Access token that will be used to access ASPSP data.
Related Errors
Class Code Description
SessionClosed 400 Session specified in request has been already closed and cannot be modified.
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
SessionExpired 401 Found session has been expired and cannot be processed anymore.
SessionNotFound 404 Session specified in request does not exist or cannot be retrieved.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.
ActionNotAllowed 406 You're not allowed to perform this action. This might be a configuration problem or parameters incompatibility.

Destroy

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNTk0MDc4NzY4fQ.eacPBwHRcz_w590f_iS0sdA8AUWIir12WKrbhqOoBAczVdyViepg5hVRXfClpLK5IWkKElr8OTuLXVjlP2umFcRNAxIE261WPRfW0Ey5tVCrE0XDW1Z9ORH5M_agJtm3x5QdP9zYgrRfSYtfV-NVLLluvqgwgh-g9M-y0vRczQc7YY6MRi1VsOgxMfTNe9zwogXB0spw3kuPFY7TvrY8jRzVr6ETuf1NvRdxAel5ZlS-J1VisZ_rVh-ytuU6ZGNUOurCaS9Z2n2EQv4p31O72gX-O1m7giHBZju0pycS-8MrNBPl-zsO-zAD6AHTPjSHHBZVZNN9ioMnJJEu1JwDfQ" \ 
 -H "App-Id: TnzE5rqosgx9vrox4mU5EA" \ 
 -H "App-Secret: ngYWj5vwwkf-fT1MkB6DBQ" \ 
 -H "Client-Request-Id: 17" \ 
 -X DELETE "https://priora.saltedge.com/api/v2/sessions/:secret"

Example of unpacked Authorization header

{"data":{},"exp":1574093210,"secret":"VyZY7T4T_VjPNtzMWReH"}

Example of response

{"data":{"session_secret":"_PkwuzoztNR3vz2-MzrJ"}}

Cancel session.

Request

DELETE https://priora.saltedge.com/api/v2/sessions/:secret

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
data hash, required Wrapper for the data.
exp integer, required The lifetime of the request in timestamp UTC format. Values greater than: Current time.
secret (path) string, required Session secret. Can raise: SessionNotFound, SessionClosed, SessionExpired, ActionNotAllowed
Response
Response Type Description
data hash, required Wrapper for the data.
data.session_secret string, required Session identifier in Salt Edge PSD2 Compliance.
Related Errors
Class Code Description
SessionClosed 400 Session specified in request has been already closed and cannot be modified.
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
SessionExpired 401 Found session has been expired and cannot be processed anymore.
SessionNotFound 404 Session specified in request does not exist or cannot be retrieved.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.
ActionNotAllowed 406 You're not allowed to perform this action. This might be a configuration problem or parameters incompatibility.

Show

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNTk0MDc4NzY4fQ.eacPBwHRcz_w590f_iS0sdA8AUWIir12WKrbhqOoBAczVdyViepg5hVRXfClpLK5IWkKElr8OTuLXVjlP2umFcRNAxIE261WPRfW0Ey5tVCrE0XDW1Z9ORH5M_agJtm3x5QdP9zYgrRfSYtfV-NVLLluvqgwgh-g9M-y0vRczQc7YY6MRi1VsOgxMfTNe9zwogXB0spw3kuPFY7TvrY8jRzVr6ETuf1NvRdxAel5ZlS-J1VisZ_rVh-ytuU6ZGNUOurCaS9Z2n2EQv4p31O72gX-O1m7giHBZju0pycS-8MrNBPl-zsO-zAD6AHTPjSHHBZVZNN9ioMnJJEu1JwDfQ" \ 
 -H "App-Id: lYbM35hScWwT52d6Zxz-Lg" \ 
 -H "App-Secret: ssZn53PTzxSv6kI1nJzlUQ" \ 
 -H "Client-Request-Id: 4565" \ 
 -X GET "https://priora.saltedge.com/api/v2/sessions/:secret"

Example of unpacked Authorization header

{"data":{},"exp":1574093210,"secret":"TAVKeTF3FAJbbrg8nMf5"}

Example of response

{"data":{"id":302,"secret":"BVuveSLQCrA5jBYUyxXe","status":"fetched_kyc","extra":{"scopes":["accounts","transactions","kyc","payments","funds_availability","trusted_beneficiaries"]},"token":{"access_token":"5kHijxm_DEWoP5ncHWcF","expires_at":"2019-11-18T16:04:50.915Z"},"fail_at":"2019-11-18T16:04:50.915Z","success_at":"2019-11-18T16:04:50.915Z","created_at":"2019-11-18T16:04:50.915Z","updated_at":"2019-11-18T16:04:50.915Z","events":[{}],"authorization_details":{"instruction":"Use PIN code from just received SMS. ","mfa_fields":[{"code":"sms_pincode","display_name":"SMS-PIN","optional":true,"type":"embedded","nature":"text"}]},"customer_id":983,"provider_code":"demobank"}}

Due to the asynchronus nature of requests, most of responses represent a session_secret. This endpoint could be used to verify the currrent state of newly created sessions.

Request

GET https://priora.saltedge.com/api/v2/sessions/:secret

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
data hash, required Wrapper for the data.
exp integer, required The lifetime of the request in timestamp UTC format. Values greater than: Current time.
secret (path) string, required Another session identifier that can be used for session lookup and confirmation. Can raise: SessionNotFound
Response
Response Type Description
data hash, required Wrapper for the data.
data.authorization_details.instruction string, required Authorization type description.
data.authorization_details.mfa_fields array, required Multi-Factor Authentication fields wrapper.
data.authorization_details.mfa_fields.code string, required MFA Field identifier.
data.authorization_details.mfa_fields.display_name string, required MFA Field label.
data.authorization_details.mfa_fields.optional string, required Whether this MFA field is required to fill. Allowed values: true, false
data.authorization_details.mfa_fields.type string, required Type of MFA Field value. Allowed values: oauth, embedded
data.created_at datetime, required Datetime of session creation.
data.events array, required Session progress events.
data.extra hash, required Extra details that should be persisted into session.
data.id integer, required Session identifier in Salt Edge PSD2 Compliance.
data.provider_code string, required Human readable Provider identifier.
data.secret string, required Another session identifier that can be used for session lookup and confirmation.
data.status string, required Conveys current status of the operation. Allowed values: processing, redirect, waiting_confirmation, waiting_confirmation_code, executing, closed, fetched_kyc, fetched_accounts, fetched_transactions, fetched_trusted_beneficiaries
data.token.access_token string, required A unique string which grants access to TPP to perform actions on behalf of PSU.
data.token.expires_at datetime, required Datetime of token expiration.
data.updated_at datetime, required Datetime of last session updation.
data.authorization_details hash, optional Data which was used for authorization.
data.customer_id integer, optional PSU identifier on Salt Edge PSD2 Compliance side.
data.extra.scopes array, optional Set of permissions for access token. Allowed values: accounts, transactions, kyc, payments, funds_availability, trusted_beneficiaries
data.fail_at datetime, optional Datetime of session failure.
data.success_at datetime, optional Datetime of session successful closure.
data.token hash, optional Access token that will be used to access ASPSP data.
Related Errors
Class Code Description
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
SessionNotFound 404 Session specified in request does not exist or cannot be retrieved.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.

Trusted Beneficiary

Confirm

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNyZWRlbnRpYWxzIjp7InNtc19waW5jb2RlIjoiMTIzNDU2In19LCJleHAiOjE1OTQwNzg3Njl9.wwMjn4e2gcblsNIy3QgzY9WWh-51D09DhBremeiXcw28ilYXgEAHnQu_NxbGL47JwiBLV0tG8zJpq74hiVobLoXkYZbLbl-ZsPwlI3Dy69eBGnslxfRNNaENy7aKKjOuWldW2wkbyEKn4O26Wkz_8dVuzJ6jDkXX3bl_cmzrzM9MTK5Ej_C_nwvcTzObE1q-d0Yqd8BBjXTmeI5XyFBLLw1lc2htM1MMnP-7nXc5iPMr8mgUDDydvHf76mRDXN9BMfy8GCeMaexcOV8k1r2wLQfpMQcOFjYfRm6SjMDiyQbGtD8ufCBNQm0zCT5Rcnp4sNOtEwU8TqYyFB3LNU5tSg" \ 
 -H "App-Id: uNwDiUgp12XhONz1E_rV6g" \ 
 -H "App-Secret: QsSGnN7sJHqUCyRnP6IHsQ" \ 
 -H "Access-Token: bf0d0bb0c89896811579dbe456507cb7cf2f5bb9b0b06291670339a22e55eb484f81de6b286235c71c0f27adb1229a717c4b7f089dadaa51cc24145128ad65ab" \ 
 -H "Client-Request-Id: 13" \ 
 -X PUT "https://priora.saltedge.com/api/v2/trusted_beneficiaries/:id"

Example of unpacked Authorization header

{"data":{"credentials":{"sms_pincode":"123456"}},"exp":1574173799,"id":412}

Example of response

{"data":{"beneficiary_id":815,"session_secret":"Jx7YoAFH-t1UR4yyWHMs","status":"processing"}}

This endpoint is used for processing additional interactive steps in the process of trusted beneficiary creation.

Request

PUT https://priora.saltedge.com/api/v2/trusted_beneficiaries/:id

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Access-Token string, required Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
data hash, required Wrapper for the data.
data.credentials hash, required Wrapper for interactive step credentials.
exp integer, required The lifetime of the request in timestamp UTC format. Values greater than: Current time.
id integer, required Trusted Beneficiary identifier on Salt Edge PSD2 Compliance side. Can raise: TrustedBeneficiaryNotFound, SessionNotFound, SessionExpired, SessionClosed
Response
Response Type Description
data hash, required Wrapper for the data.
data.beneficiary_id integer, required Trusted Beneficiary identifier.
data.session_secret string, required Session identifier in Salt Edge PSD2 Compliance.
data.status string, required Conveys current status of the operation. Allowed values: processing
Related Errors
Class Code Description
SessionClosed 400 Session specified in request has been already closed and cannot be modified.
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
TokenMissing 400 This request cannot be performed without Access_Token header.
SessionExpired 401 Found session has been expired and cannot be processed anymore.
TokenNotFound 401 Token specified in request does not exist or cannot be retrieved.
TokenRevoked 401 Token specified in request is revoked and cannot be used anymore.
TokenExpired 401 Token specified in request is expired and cannot be used.
TrustedBeneficiaryNotFound 404 Trusted Beneficiary specified in request does not exist or cannot be retrieved.
SessionNotFound 404 Session specified in request does not exist or cannot be retrieved.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.

Create

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImlkZW50aWZpZXJzIjp7ImFtb3VudCI6IjIyNy4xMyIsInRvX2FjY291bnQiOiIxMzEzNjEzIiwiZGVzY3JpcHRpb24iOiJUZXN0IHBheW1lbnQuIiwiZnJvbV9hY2NvdW50IjoiMTMxMzYzNCJ9LCJhbGlhc19uYW1lIjoiTXkgYmVuZWZpY2lhcnkiLCJyZWRpcmVjdF91cmwiOiJodHRwczovL3VzZXIud2lsbC5iZS9yZWRpcmVjdGVkL2hlcmUiLCJ0ZW1wbGF0ZV9pZCI6NjgzLCJwYXltZW50X2lkIjo0MzI0LCJleHRyYSI6e319LCJleHAiOjE1OTQwNzg3Njl9.CYd9KvMBLL5wlG3fllZ0wR_BQlxZpDP_IXB-BMUTIXsj-fW6tRrOm5vE9wS7GqwHfkaO9PNtmrjgWDt2ko2spJej_ys-1ndSSOMuNtlDp3zpJC04NDyxnfcfTTJn-GNpJ-FmNYUHU6jvV239VauwA7o2vaHMr298Up8rVaHWEi_NVg4c1Tb6UUtfUr5FFM-Plfi_FDVMmZMwvx-xX-5KROncH8lllzTggbnArhhOp1Ba3M6eknuFs8EMI7ywKC6sv7at7gMaKeBBVIYW0hqm39NshwlF81-FwmHim6NFy9PX04_sOnlxIgjpRT2XOdZ_EeQn-z0BtZ6TyPlpIW7epw" \ 
 -H "App-Id: e9IAjakAOBKtWsjZZlcTtg" \ 
 -H "App-Secret: MD4qCPou6U5yKEF-EVZycw" \ 
 -H "Access-Token: 3a0ef521152c974680cc9901be8d7dc365b67e5d48991e5b026734e4ead15b79e09757460dd94c5096c54f7a76d9c78fc90cae22297ba5e51c39b388ab3709f7" \ 
 -H "Client-Request-Id: 17" \ 
 -X POST "https://priora.saltedge.com/api/v2/trusted_beneficiaries"

Example of unpacked Authorization header

{"data":{"identifiers":{"amount":"227.13","to_account":"1313613","description":"Test payment.","from_account":"1313634"},"alias_name":"My beneficiary","redirect_url":"https://user.will.be/redirected/here","template_id":683,"payment_id":4324,"extra":{}},"exp":1574093211}

Example of response

{"data":{"beneficiary_id":995,"session_secret":"sn_Fnxn3dExQmJxTCARL","status":"processing"}}

Create a trusted beneficiary on behalf of PSU.

Request

POST https://priora.saltedge.com/api/v2/trusted_beneficiaries

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Access-Token string, required Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
data hash, required Wrapper for the data.
data.alias_name string, required Any human-readable description that is used to identify the trusted beneficiary on TPP side.
data.identifiers hash, required Payment attributes.
data.template_id integer, required Payment template identifier on Salt Edge PSD2 Compliance side. Can raise: TemplateNotFound
exp integer, required The lifetime of the request in timestamp UTC format. Values greater than: Current time.
data.extra hash, optional Extra details that should be persisted into session. Default value: {}
data.payment_id integer, optional Payment order identifier on Connector side. Used to map Salt Edge PSD2 Compliance payments to Connector ones. Can raise: PaymentNotFound, ActionNotAllowed
data.redirect_url string, optional The URL that the PSU will be redirected to proceed with trusted beneficiary. Used for oauth flow.
Response
Response Type Description
data hash, required Wrapper for the data.
data.beneficiary_id integer, required Trusted Beneficiary identifier on Salt Edge PSD2 Compliance side.
data.session_secret string, required Session identifier in Salt Edge PSD2 Compliance.
data.status string, required Conveys current status of the operation. Allowed values: processing
Related Errors
Class Code Description
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
TokenMissing 400 This request cannot be performed without Access_Token header.
TokenNotFound 401 Token specified in request does not exist or cannot be retrieved.
TokenRevoked 401 Token specified in request is revoked and cannot be used anymore.
TokenExpired 401 Token specified in request is expired and cannot be used.
TemplateNotFound 404 Template specified in request does not exist or cannot be retrieved.
PaymentNotFound 404 Payment specified in request does not exist or cannot be retrieved.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.
ActionNotAllowed 406 You're not allowed to perform this action. This might be a configuration problem or parameters incompatibility.

Index

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InByb3ZpZGVyX2NvZGUiOiJkZW1vYmFuayJ9LCJleHAiOjE1OTQwNzg3Njl9.A2zPkCFcAd_GC5r2jZsuwXxYeXVNugjaAQd18bIDzZ-ypIQYXAkrIqD25CGLATBYI4AcrZnYZaSmkE-YmI_uxjG4GjmV_B6jnVmiqJ-msmzxEPXwkQ2IpFt0LCTjqOS7NDaMaLkffMHrN6xskRk75lVdPNHTNo9rAGJNsrBrSxJnXlQGefFD-8F4PemN1iMyZ6HIXxVCNy_3RFJOpKvhdIDrlfRcs1en1o0kKelvfc96soF6MIZnX43m9dTb-2gGMn8T0dAnPA4g0mIHtT3Qskn4jCOeHd7snUZIBlQLhAlQJR41cveoyiKsi7NyFg2taYjpaHxm9Mh-EHlhvzVqpg" \ 
 -H "App-Id: IsiyTiKCOZDsV6mbafDzgg" \ 
 -H "App-Secret: fzST4gs0xQHOJA9bToRqeQ" \ 
 -H "Access-Token: 2bae74fd42f750e7401e0aa3cc9d5644ac815f5b9d2c16627af18cc76b2f507bc2dac1a10ab77c1b90b7e16423e2a0396d786959f09db9dc02128d820609d8df" \ 
 -H "Client-Request-Id: 17" \ 
 -X GET "https://priora.saltedge.com/api/v2/trusted_beneficiaries"

Example of unpacked Authorization header

{"data":{"provider_code":"demobank"},"exp":1574093211}

Example of response

{"data":[{"id":752,"alias_name":"Example Name","status":"approved","template_id":"75","identifiers":{"amount":"227.13","to_account":"1313613","description":"Test payment.","from_account":"1313634"},"provider_code":"demobank"}]}

Endpoint used to fetch all data relevant to trusted beneficiaries.

Request

GET https://priora.saltedge.com/api/v2/trusted_beneficiaries

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Access-Token string, required Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
data hash, required Wrapper for the data.
data.provider_code string, required Human readable Provider identifier. Can raise: ProviderNotFound, AccessDenied
exp integer, required The lifetime of the request in timestamp UTC format. Values greater than: Current time.
Response
Response Type Description
data array, required Wrapper for the data.
data.alias_name string, required Any human-readable description that is used to identify the trusted beneficiary on TPP side.
data.id integer, required Trusted Beneficiary identifier on Salt Edge PSD2 Compliance side.
data.identifiers hash, required Object which maps the field of related payment template with its masked value. The value can be also empty.
data.provider_code string, required Human readable Provider identifier.
data.session_secret string, required Session identifier in Salt Edge PSD2 Compliance.
data.status string, required Conveys current status of the operation. Allowed values: approved
data.template_id string, required Payment template identifier on Salt Edge PSD2 Compliance side.
Related Errors
Class Code Description
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
TokenMissing 400 This request cannot be performed without Access_Token header.
AccessDenied 401 Action you want to perform is not allowed. More in error_message
TokenNotFound 401 Token specified in request does not exist or cannot be retrieved.
TokenRevoked 401 Token specified in request is revoked and cannot be used anymore.
TokenExpired 401 Token specified in request is expired and cannot be used.
ProviderNotFound 404 Provider specified in request does not exist or cannot be retrieved.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.

Show

CURL

curl -i  \ 
 -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNTk0MDc4NzY5fQ.jdCwa2c8z3laSmO48gbumOcGuPPgwN-USIg6_z-nhcSnOmj2geWMzHRGeXFp_t7GQzaKupbQ0ua7eqC0sSgPqBfEq5AJMSvhuxUuMywjxTOUsAEG0bzH8-CzQSyI_u35hAToyHiNy-gw1UMEVN2SnjE-zvHKK1cIowbAqRDrlhsGLUeRomiutrpQbUBKCQyIxGzfy2mis7-l0HgbX1vEdxBYdq7l1LmZ6UgBKAjqvPjVE35kTDYeGaIXuM3Kn7Hf4HcoSXYjGepkkGgTpOpfl0Yzzo7QcFe46guTWKOS5-dYaSVWUEzw4PT-I6KET0u6OML5hkR2yeDGQmr97P3FJA" \ 
 -H "App-Id: uNwDiUgp12XhONz1E_rV6g" \ 
 -H "App-Secret: QsSGnN7sJHqUCyRnP6IHsQ" \ 
 -H "Access-Token: bf0d0bb0c89896811579dbe456507cb7cf2f5bb9b0b06291670339a22e55eb484f81de6b286235c71c0f27adb1229a717c4b7f089dadaa51cc24145128ad65ab" \ 
 -H "Client-Request-Id: 13" \ 
 -X GET "https://priora.saltedge.com/api/v2/trusted_beneficiaries/:id"

Example of unpacked Authorization header

{"data":{},"exp":1574173799,"id":414}

Example of response

{"data":{"id":719,"alias_name":"John Smith UK","status":"approved","template_id":"516","identifiers":{"iban":"FK35****81**45****5635","currency_code":"GBP"},"session_secret":"P5rrqb4hWZ_ghjTj4cBj","provider_code":"demobank"}}

Endpoint used to fetch all data relevant to a trusted beneficiary including alias_name, identifiers, status and other.

Request

GET https://priora.saltedge.com/api/v2/trusted_beneficiaries/:id

Headers
Header Type Description
Authorization string, required JSON Web Token containing payload, signed using RSA256 and application.private_key. Can raise: AuthorizationMissing
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Access-Token string, required Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
data hash, required Wrapper for the data.
exp integer, required The lifetime of the request in timestamp UTC format. Values greater than: Current time.
id integer, required Trusted Beneficiary identifier on Salt Edge PSD2 Compliance side. Can raise: TrustedBeneficiaryNotFound
Response
Response Type Description
data hash, required Wrapper for the data.
data.alias_name string, required Any human-readable description that is used to identify the trusted beneficiary on TPP side.
data.id integer, required Trusted Beneficiary identifier on Salt Edge PSD2 Compliance side.
data.identifiers hash, required Object which maps the field of related payment template with its masked value. The value can be also empty.
data.provider_code string, required Human readable Provider identifier.
data.session_secret string, required Session identifier in Salt Edge PSD2 Compliance.
data.status string, required Conveys current status of the operation. Allowed values: approved
data.template_id string, required Payment template identifier on Salt Edge PSD2 Compliance side.
Related Errors
Class Code Description
AuthorizationMissing 400 Authorization header is missing.
ConfigurationError 400 Missing configurations in dashboard.
TokenMissing 400 This request cannot be performed without Access_Token header.
TokenNotFound 401 Token specified in request does not exist or cannot be retrieved.
TokenRevoked 401 Token specified in request is revoked and cannot be used anymore.
TokenExpired 401 Token specified in request is expired and cannot be used.
TrustedBeneficiaryNotFound 404 Trusted Beneficiary specified in request does not exist or cannot be retrieved.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.

Providers

Index

CURL

curl -i  \ 
 -H "App-Id: 5L1UlLqFeEjlFlJ4dzJFDw" \ 
 -H "App-Secret: ym7AeWUYxHp0KG4MghAo-g" \ 
 -H "Client-Request-Id: 17" \ 
 -d '{
  "per_page": 50,
  "from_id": 1
}' \ 
-X GET "https://priora.saltedge.com/api/v2/providers"

Example of unpacked Authorization header

{"per_page":50,"from_id":1}

Example of response

{"data":[{"id":846,"name":"Example Name","code":"demobank","connector_url":"https://user.will.be/redirected/here","status":"live","scopes":["accounts","transactions","kyc","payments","funds_availability","trusted_beneficiaries"],"created_at":"2019-11-18T16:04:50.725Z","updated_at":"2019-11-18T16:04:50.725Z","authorization_types":[{"code":"sms_pin","display_name":"SMS-PIN","scopes":["accounts","transactions"],"instruction":"Use PIN code from SMS to authorize.","required_fields":[{}],"mfa_fields":[{}]}]}],"meta":{"time":"2019-11-18T16:04:50.725Z","next_id":2}}

Returns all ASPSPs which have approved access for your TPP. More information could be found at #requesting-provider-access compartment.

Request

GET https://priora.saltedge.com/api/v2/providers

Headers
Header Type Description
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
from_id integer, optional Return providers starting with a specific id. Default value: 0 Values greater than: 0
per_page integer, optional Number of providers that should be returned per request or less. Values in range between: 1 and 1000 Default value: 20
Response
Response Type Description
data array, required Wrapper for the data.
data.authorization_types array, required Available authorization types.
data.code string, required ASPSP code in Priora.
data.connector_url string, required URL to Connector API layer implemented by ASPSP.
data.created_at datetime, required Datetime ASPSP registered in Priora.
data.id integer, required ASPSP identifier in Priora.
data.name string, required ASPSP name.
data.scopes array, required Scopes supported by ASPSP. Allowed values: accounts, transactions, kyc, payments, funds_availability, trusted_beneficiaries
data.status string, required Current status of ASPSP. Allowed values: pending, disabled, test, live, sandbox
data.updated_at datetime, required Datetime ASPSP updated itself.
meta hash, required Wrapper for the response metadata.
meta.time datetime, required Time when the request was processed.
data.authorization_types.code string, optional Serves to identify any authorization type within the scope of a Provider on Priora.
data.authorization_types.display_name string, optional Human readable name of given authorization type.
data.authorization_types.instruction string, optional Short instruction for the PSU.
data.authorization_types.mfa_fields array, optional List of all MFA(second+ step) authorization fields and their description.
data.authorization_types.required_fields array, optional List of all required(first step) authorization fields and their description.
data.authorization_types.scopes array, optional List of scopes(permissions) that can be obtained through specific authorization type.
meta.next_id integer, optional Id of the next entity used in paginated responses.
Related Errors
Class Code Description
ConfigurationError 400 Missing configurations in dashboard.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.

Templates

CURL

curl -i  \ 
 -H "App-Id: X3R1wYzjbqdHUnePBINH8A" \ 
 -H "App-Secret: K6gV3EPYH9ZYT7KOrjCuZg" \ 
 -H "Client-Request-Id: 17" \ 
 -d '{
  "provider_code": "demobank"
}' \ 
-X GET "https://priora.saltedge.com/api/v2/providers/:provider_code/templates"

Example of unpacked Authorization header

{"provider_code":"demobank"}

Example of response

{"data":[{"id":757,"description":"Internal transfer","provider_id":251,"payment_type":"internal_transfer","default":false,"extra":{},"created_at":"2019-11-18T16:04:50.658Z","updated_at":"2019-11-18T16:04:50.658Z","payment_attributes":[{"attribute_name":"amount","attribute_type":"number","label":"Amount","optional":false,"position":1,"values":[]},{"attribute_name":"to_account","attribute_type":"text","label":"To account","optional":false,"position":2,"values":[]},{"attribute_name":"currency","attribute_type":"dropdown","label":"Currency","optional":false,"position":3,"values":["EUR","USD"]}]}]}

Returns all available payment templates which belong to a specific Provider.

Request

GET https://priora.saltedge.com/api/v2/providers/:provider_code/templates

Headers
Header Type Description
App-Id string, required Application’s app_id from connection details tab. Can raise: OauthAppNotFound, ConfigurationError
App-Secret string, required Application’s app_secret from connection details tab.
Client-Request-Id string, optional Request identifier. If present, it will be returned within meta field in response.
Unpacked Authorization
Parameter Type Description
provider_code (path) string, required Human readable Provider identifier. Can raise: ProviderNotFound, AccessDenied
Response
Response Type Description
data array, required Wrapper for the data.
data.created_at datetime, required Datetime of template creation on Priora side.
data.default boolean, required States whether given template is default or not. Allowed values: true, false
data.description string, required Short description of payment template.
data.extra hash, required Extra details that should be persisted into session.
data.id integer, required Template identifier.
data.payment_attributes array, required Contains a list of payment attributes with their characteristics.
data.payment_attributes.attribute_name string, required Name of the attribute, should be used by application as input field name.
data.payment_attributes.attribute_type string, required Type of the input field that should be used. Allowed values: text, number, dropdown
data.payment_attributes.label string, required Human readable label for presentation of the payment attribute.
data.payment_attributes.optional boolean, required Flag that shows whether the attribute is optional or not. Allowed values: true, false
data.payment_attributes.position integer, required Position index of the attribute within payment template, should be considered when rendering the template.
data.payment_type string, required Specifies the type of payment associated with a preregistered template.
data.provider_id integer, required Identifies Provider under which template was defined.
data.updated_at datetime, required Datetime of last template updation on Priora side.
data.payment_attributes.values array, optional List of possible values for a given payment attribute.
Related Errors
Class Code Description
ConfigurationError 400 Missing configurations in dashboard.
AccessDenied 401 Action you want to perform is not allowed. More in error_message
ProviderNotFound 404 Provider specified in request does not exist or cannot be retrieved.
OauthAppNotFound 404 OAuth Application specified in request does not exist or cannot be retrieved.
Go to previous page
Go to next page