Tokens

Initiate a linking process for a provider. The client application has to handle all the authentication UI in this flow (see <a href="/docs/tpp#tpp-configuration-and-api-keys">Provider authorization_types</a>). During the lifecycle, events will be added to the session which will send <a href="/docs/tpp#callbacks">Callbacks</a> to your application.

OAuth Authentication Flow

Embedded Authentication Flow

Show

Return current state of a token.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzMyMjIxNTkwLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.WNe7RYyGvBX2gC-1xNswBrDyu9zJcBzp2j6NH1Ju76RKrsWOhXbOgGVWDVueLL3wpIGcV3euKmBF_WsHWjucTmwbgoRIo8RCHq9AaRBM5XCZpIJtH0R5yaWb1pl-0TOSlIS_mbK-kWm9WLRJ9G8G5-0Z8rTfr3UTEZAVZZMps2wr_fkAN0P10Bf-V7NksjQC1QgK79MIakGPOX4ORGMi0CgTL3uzYIxg9rOo9fsuo-TVSQEfjTzGU0kfnRKBMOAfUB3CjG7MhP6KDCQQsBJ7MqrIecj0jBLhLZv6y7khIpCiwYXH4p3Qv4JzVfOlX8tKZwH7gZIuHUvOXYd9hA0jcg" \ -H "App-Id: 6mWl9hbxoN3rg_nX4804tw" \ -H "App-Secret: 6FdCub2C2AMQbyaI6KSv4Q" \ -H "Access-Token: 7eb89bd116268f02b5ab5ab6f46a89a65a8476d8c287a84fdceae03724d5511ae445b0342c73fc02681b3fcbbfeb12cf78e9292956b67ea76d20dfff0a1ba7a2" \ -H "Client-Request-Id: 54" \ -X GET "/api/v2/tokens"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzMyMjIxNTkwLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.WNe7RYyGvBX2gC-1xNswBrDyu9zJcBzp2j6NH1Ju76RKrsWOhXbOgGVWDVueLL3wpIGcV3euKmBF_WsHWjucTmwbgoRIo8RCHq9AaRBM5XCZpIJtH0R5yaWb1pl-0TOSlIS_mbK-kWm9WLRJ9G8G5-0Z8rTfr3UTEZAVZZMps2wr_fkAN0P10Bf-V7NksjQC1QgK79MIakGPOX4ORGMi0CgTL3uzYIxg9rOo9fsuo-TVSQEfjTzGU0kfnRKBMOAfUB3CjG7MhP6KDCQQsBJ7MqrIecj0jBLhLZv6y7khIpCiwYXH4p3Qv4JzVfOlX8tKZwH7gZIuHUvOXYd9hA0jcg" \ 
 -H "App-Id: 6mWl9hbxoN3rg_nX4804tw" \ 
 -H "App-Secret: 6FdCub2C2AMQbyaI6KSv4Q" \ 
 -H "Access-Token: 7eb89bd116268f02b5ab5ab6f46a89a65a8476d8c287a84fdceae03724d5511ae445b0342c73fc02681b3fcbbfeb12cf78e9292956b67ea76d20dfff0a1ba7a2" \ 
 -H "Client-Request-Id: 54" \ 
 -X GET "/api/v2/tokens"

Example of request parameters

{"data":{},"exp":1574093211}

Example of response

{"data":{"scopes":["accounts","transactions","kyc","payments","funds_availability","trusted_beneficiaries"],"access_token_expires_at":"2019-11-18T16:04:51.638Z"}}

Request

GET /api/v2/tokens

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Access-Token`	string, required	Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

hash, required

Wrapper for the data.

scopes

array, required

Set of permissions for access token. Allowed values: accounts, transactions, kyc, payments, funds_availability, trusted_beneficiaries

access_token_expires_at

datetime, required

When does access token expire.

Related Errors

Class	Code	Description
TokenMissing	400	This request cannot be performed without `Access_Token` header.
AuthorizationMissing	401	Authorization header is missing.
TokenNotFound	401	Token specified in request does not exist or cannot be retrieved.
TokenRevoked	401	Token specified in request is revoked and cannot be used anymore.
TokenExpired	401	Token specified in request is expired and cannot be used.
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.

Remote

Initiate the process of authentication on behalf of PSU. During this process, TPP will receive callbacks with instructions and current status of session. Prior to this, TPP is required to ask PSU for consent. TPP can also set up a custom expiration period for the consent in the field `consent_period_days`, which cannot be greater than 90 days.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNvbnNlbnRfcGVyaW9kX2RheXMiOjkwLCJjcmVkZW50aWFscyI6eyJhdXRob3JpemF0aW9uX3R5cGUiOiJQU0RfQUlTUCJ9LCJwcm92aWRlcl9jb2RlIjoiZGVtb2JhbmsiLCJzY29wZXMiOlsiYWNjb3VudHMiLCJ0cmFuc2FjdGlvbnMiLCJreWMiLCJwYXltZW50cyIsImZ1bmRzX2F2YWlsYWJpbGl0eSIsInRydXN0ZWRfYmVuZWZpY2lhcmllcyJdfSwiZXhwIjoxNzMyMjIxNTkxLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.TZVlD7qeo1Yng7RxBhkuJYrZTpE8ooxzkLihHYRCMM5PCaGyCmXNLNnCi0Y2Nm3KAbDUPbzWjPASynwUvrlpJIEc2ey5U4dOxSjX4amIXAt3tpmp4BYD6oPkchYmipdRpyz4TpFtYqBbfSCwBh-bBWLZLOzUNFBkm0e8L_xc2NawlxXlo2HnhHkDSg-kXxypVVZ5F8gZNW9Jt74LGov10CJtP-lG3dEjRzfHrZNXAQBHQWeFSgUdaKzumzOSRIk5_AxqvVJm2MvKwNLJHGy4AX5K4Js-iB4qWV_pTmJ3fazoSr_yZqbXBymH7xQ7GpDg0rpSCZy-YOcVXuJBcGX7Aw" \ -H "App-Id: 8PmTDEfMengvyK1SNFkQ4A" \ -H "App-Secret: n4eSP_GK0CLYoeoT8mOQLg" \ -H "Client-Request-Id: 17" \ -X POST "/api/v2/tokens/remote"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNvbnNlbnRfcGVyaW9kX2RheXMiOjkwLCJjcmVkZW50aWFscyI6eyJhdXRob3JpemF0aW9uX3R5cGUiOiJQU0RfQUlTUCJ9LCJwcm92aWRlcl9jb2RlIjoiZGVtb2JhbmsiLCJzY29wZXMiOlsiYWNjb3VudHMiLCJ0cmFuc2FjdGlvbnMiLCJreWMiLCJwYXltZW50cyIsImZ1bmRzX2F2YWlsYWJpbGl0eSIsInRydXN0ZWRfYmVuZWZpY2lhcmllcyJdfSwiZXhwIjoxNzMyMjIxNTkxLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.TZVlD7qeo1Yng7RxBhkuJYrZTpE8ooxzkLihHYRCMM5PCaGyCmXNLNnCi0Y2Nm3KAbDUPbzWjPASynwUvrlpJIEc2ey5U4dOxSjX4amIXAt3tpmp4BYD6oPkchYmipdRpyz4TpFtYqBbfSCwBh-bBWLZLOzUNFBkm0e8L_xc2NawlxXlo2HnhHkDSg-kXxypVVZ5F8gZNW9Jt74LGov10CJtP-lG3dEjRzfHrZNXAQBHQWeFSgUdaKzumzOSRIk5_AxqvVJm2MvKwNLJHGy4AX5K4Js-iB4qWV_pTmJ3fazoSr_yZqbXBymH7xQ7GpDg0rpSCZy-YOcVXuJBcGX7Aw" \ 
 -H "App-Id: 8PmTDEfMengvyK1SNFkQ4A" \ 
 -H "App-Secret: n4eSP_GK0CLYoeoT8mOQLg" \ 
 -H "Client-Request-Id: 17" \ 
 -X POST "/api/v2/tokens/remote"

Example of request parameters

Example of response

{"data":{"session_secret":"i8wJ74uDGEMjmzjULLWB"}}

Request

POST /api/v2/tokens/remote

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

hash, required

Wrapper for the data.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance.

Related Errors

Class	Code	Description
ScopesInvalid	400	Specified scopes don't match with the ones specified in Provider or OAuthApp. More info in `error_message`
AccessDenied	401	Action you want to perform is not allowed. More in `error_message`
AuthorizationMissing	401	Authorization header is missing.
ProviderNotFound	404	Provider specified in request does not exist or cannot be retrieved.
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.

Reconnect Deprecated

This endpoint allows TPP to refresh current Access-Token. The behavior can be the following: ASPSP can just return a new token, ask for MFA or ask for reconnection. In any of the cases above TPP will receive a session callback and the following behavior will be stored in the session object.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNvbnNlbnRfYXBwcm92ZWQiOnRydWV9LCJleHAiOjE3MzIyMjE1OTEsImlzcyI6InByaW9yYS5zYWx0ZWRnZS5jb20ifQ.q1eznRSgOaHVmCRdAh9TniRNsaNc9GnXnQzpJNMmAM4oc8JDFqI29gSj7FIshQcWMq1MzPaPin_PS6-g1Yab9ym4R8F-VGNFasbmdSlnj569MR8basLKpbDiKWv6ansdE1uU8njIT-Rwc-ZxK5I2P5XZRK7q3tXfGOuKnx0r3q16DFn5hhrKJyNrulcuxIAccRcZAyIIX7MSYu494uAh99P9_N9bEY-a8hbJCAh1hD_Q5Lf7zwfLkjWaIAO2q9_vzuWsFjwZX9Pgu_pHDWjSqhE4TWJN4Ad8SntUTo1gcuKmoDWmfyaAVMHurLaqRkvFdRso8Bo0afp39VRE10kuzQ" \ -H "App-Id: tUZHZ05b5klLnOH5ZgRp_Q" \ -H "App-Secret: hfie0Uy_ZnvVIzh3OeA4XA" \ -H "Access-Token: 81a3dac147e5bf8d31f5ef3d16d7423b80c00e66b60eb232a9c98b75af17386e15ed71e5edcf82992a0b3b0c1db58ebf222738dbbc6cf3cc5ec988d798d80fe3" \ -H "Client-Request-Id: 17" \ -X POST "/api/v2/tokens/reconnect"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNvbnNlbnRfYXBwcm92ZWQiOnRydWV9LCJleHAiOjE3MzIyMjE1OTEsImlzcyI6InByaW9yYS5zYWx0ZWRnZS5jb20ifQ.q1eznRSgOaHVmCRdAh9TniRNsaNc9GnXnQzpJNMmAM4oc8JDFqI29gSj7FIshQcWMq1MzPaPin_PS6-g1Yab9ym4R8F-VGNFasbmdSlnj569MR8basLKpbDiKWv6ansdE1uU8njIT-Rwc-ZxK5I2P5XZRK7q3tXfGOuKnx0r3q16DFn5hhrKJyNrulcuxIAccRcZAyIIX7MSYu494uAh99P9_N9bEY-a8hbJCAh1hD_Q5Lf7zwfLkjWaIAO2q9_vzuWsFjwZX9Pgu_pHDWjSqhE4TWJN4Ad8SntUTo1gcuKmoDWmfyaAVMHurLaqRkvFdRso8Bo0afp39VRE10kuzQ" \ 
 -H "App-Id: tUZHZ05b5klLnOH5ZgRp_Q" \ 
 -H "App-Secret: hfie0Uy_ZnvVIzh3OeA4XA" \ 
 -H "Access-Token: 81a3dac147e5bf8d31f5ef3d16d7423b80c00e66b60eb232a9c98b75af17386e15ed71e5edcf82992a0b3b0c1db58ebf222738dbbc6cf3cc5ec988d798d80fe3" \ 
 -H "Client-Request-Id: 17" \ 
 -X POST "/api/v2/tokens/reconnect"

Example of request parameters

{"data":{"consent_approved":true}}

Example of response

{"data":{"session_secret":"4VxpgSvnYrLd_LL5tarN"}}

Request

POST /api/v2/tokens/reconnect

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Access-Token`	string, required	Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

consent_approved

boolean, required

A flag which determines whether a PSU approved reconnection process or not. Allowed values: true

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

hash, required

Wrapper for the data.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance.

Related Errors

Class	Code	Description
TokenMissing	400	This request cannot be performed without `Access_Token` header.
AuthorizationMissing	401	Authorization header is missing.
TokenNotFound	401	Token specified in request does not exist or cannot be retrieved.
TokenRevoked	401	Token specified in request is revoked and cannot be used anymore.
TokenExpired	401	Token specified in request is expired and cannot be used.
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.

Revoke

Revoke an already existing and active access token.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzMyMjIxNTkxLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.C_G_u7pkGfnqgJESqikSJwy2Fdi9nJ3bX_y-wjmCuwHzNRl3DkAkRMB4HFFrgXT7p-Ofbnnu2uQiKG7SImWaVY6ajCdMqiSk0cCszcWxIf1mj0pAEAbQHdJI-CfL-3gRwNFVw9PrfhwPuv8sx_yxsR98eBFH3cbUjbeGVrmxaVf4U3fYYx8UXMtD_E1nL26BRWNHAZsYGtp0FwYll4qI3uWCGTEAR-CVlgtcoUUk2xMy3aA-dgLa2XGsliJ0iJqjLumH9vGUXLC-EPNLThJGxXsGRm5zde8xra-TlHcKV2jJj71c_QfZFfQoieFsjEqKSyGoQeMP__rj0p04WgKyUA" \ -H "App-Id: iiniPo3zkfpOgmHrmk0Osg" \ -H "App-Secret: gNebmvKyKAVTxY_fSVe-kQ" \ -H "Access-Token: 874bcafd85e1332e8657cfb68016ed33f52b055adeead1d97fdfd96fc4cb847b957ee63f407d459b80eef76951e967501ca6c0282e4a4e7f838906856720a0bf" \ -H "Client-Request-Id: 17" \ -X DELETE "/api/v2/tokens"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzMyMjIxNTkxLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.C_G_u7pkGfnqgJESqikSJwy2Fdi9nJ3bX_y-wjmCuwHzNRl3DkAkRMB4HFFrgXT7p-Ofbnnu2uQiKG7SImWaVY6ajCdMqiSk0cCszcWxIf1mj0pAEAbQHdJI-CfL-3gRwNFVw9PrfhwPuv8sx_yxsR98eBFH3cbUjbeGVrmxaVf4U3fYYx8UXMtD_E1nL26BRWNHAZsYGtp0FwYll4qI3uWCGTEAR-CVlgtcoUUk2xMy3aA-dgLa2XGsliJ0iJqjLumH9vGUXLC-EPNLThJGxXsGRm5zde8xra-TlHcKV2jJj71c_QfZFfQoieFsjEqKSyGoQeMP__rj0p04WgKyUA" \ 
 -H "App-Id: iiniPo3zkfpOgmHrmk0Osg" \ 
 -H "App-Secret: gNebmvKyKAVTxY_fSVe-kQ" \ 
 -H "Access-Token: 874bcafd85e1332e8657cfb68016ed33f52b055adeead1d97fdfd96fc4cb847b957ee63f407d459b80eef76951e967501ca6c0282e4a4e7f838906856720a0bf" \ 
 -H "Client-Request-Id: 17" \ 
 -X DELETE "/api/v2/tokens"

Example of request parameters

{"data":{},"exp":1574093211}

Example of response

{"data":{"revoked":true,"access_token":"yVJ-2246zz-1yRutZstm"}}

Request

DELETE /api/v2/tokens

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Access-Token`	string, required	Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

hash, required

Wrapper for the data.

revoked

boolean, required

Whether token was revoked or not. Allowed values: true, false

access_token

string, required

Token which was revoked or not.

Related Errors

Class	Code	Description
TokenMissing	400	This request cannot be performed without `Access_Token` header.
AuthorizationMissing	401	Authorization header is missing.
TokenNotFound	401	Token specified in request does not exist or cannot be retrieved.
TokenRevoked	401	Token specified in request is revoked and cannot be used anymore.
TokenExpired	401	Token specified in request is expired and cannot be used.
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.

Sessions

Show

Due to the asynchronous nature of requests, most of responses represent a session_secret. This endpoint could be used to verify the currrent state of newly created sessions.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzMyMjIxNTkxLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.C_G_u7pkGfnqgJESqikSJwy2Fdi9nJ3bX_y-wjmCuwHzNRl3DkAkRMB4HFFrgXT7p-Ofbnnu2uQiKG7SImWaVY6ajCdMqiSk0cCszcWxIf1mj0pAEAbQHdJI-CfL-3gRwNFVw9PrfhwPuv8sx_yxsR98eBFH3cbUjbeGVrmxaVf4U3fYYx8UXMtD_E1nL26BRWNHAZsYGtp0FwYll4qI3uWCGTEAR-CVlgtcoUUk2xMy3aA-dgLa2XGsliJ0iJqjLumH9vGUXLC-EPNLThJGxXsGRm5zde8xra-TlHcKV2jJj71c_QfZFfQoieFsjEqKSyGoQeMP__rj0p04WgKyUA" \ -H "App-Id: lYbM35hScWwT52d6Zxz-Lg" \ -H "App-Secret: ssZn53PTzxSv6kI1nJzlUQ" \ -H "Client-Request-Id: 4565" \ -X GET "/api/v2/sessions/:secret"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzMyMjIxNTkxLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.C_G_u7pkGfnqgJESqikSJwy2Fdi9nJ3bX_y-wjmCuwHzNRl3DkAkRMB4HFFrgXT7p-Ofbnnu2uQiKG7SImWaVY6ajCdMqiSk0cCszcWxIf1mj0pAEAbQHdJI-CfL-3gRwNFVw9PrfhwPuv8sx_yxsR98eBFH3cbUjbeGVrmxaVf4U3fYYx8UXMtD_E1nL26BRWNHAZsYGtp0FwYll4qI3uWCGTEAR-CVlgtcoUUk2xMy3aA-dgLa2XGsliJ0iJqjLumH9vGUXLC-EPNLThJGxXsGRm5zde8xra-TlHcKV2jJj71c_QfZFfQoieFsjEqKSyGoQeMP__rj0p04WgKyUA" \ 
 -H "App-Id: lYbM35hScWwT52d6Zxz-Lg" \ 
 -H "App-Secret: ssZn53PTzxSv6kI1nJzlUQ" \ 
 -H "Client-Request-Id: 4565" \ 
 -X GET "/api/v2/sessions/:secret"

Example of request parameters

{"data":{},"exp":1574093210}

Example of response

{"data":{"secret":"BVuveSLQCrA5jBYUyxXe","status":"fetched_kyc","extra":{"scopes":["accounts","transactions","kyc","payments","funds_availability","trusted_beneficiaries"]},"token":{"access_token":"5kHijxm_DEWoP5ncHWcF","expires_at":"2019-11-18T16:04:50.915Z"},"provider_code":"demobank","id":302,"fail_at":"2019-11-18T16:04:50.915Z","success_at":"2019-11-18T16:04:50.915Z","created_at":"2019-11-18T16:04:50.915Z","updated_at":"2019-11-18T16:04:50.915Z","events":[{}],"authorization_details":{"instruction":"Use PIN code from the received SMS.","mfa_fields":[{"code":"sms_pincode","display_name":"SMS-PIN","optional":true,"type":"embedded","nature":"text"}]},"customer_id":983}}

Request

GET /api/v2/sessions/:secret

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

secret (path)

string, required

Another session identifier that can be used for session lookup and confirmation. Can raise: SessionNotFound

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

hash, required

Wrapper for the data.

integer, required

Session identifier in Salt Edge PSD2 Compliance.

secret

string, required

Another session identifier that can be used for session lookup and confirmation.

status

string, required

Conveys current status of the operation. Allowed values: processing, redirect, waiting_confirmation, waiting_confirmation_code, executing, closed, fetched_kyc, fetched_accounts, fetched_transactions, fetched_trusted_beneficiaries

extra

hash, required

Extra details that should persist in the session.

scopes

array, optional

Set of permissions for access token. Allowed values: accounts, transactions, kyc, payments, funds_availability, trusted_beneficiaries

token

hash, required

Access token that will be used to access ASPSP data.

access_token

string, optional

Access token that will be used to access ASPSP data. Token is an unique value which is linked to authenticated user.

expires_at

datetime, optional

Datetime of token expiration.

fail_at

datetime, optional

Datetime of session failure.

success_at

datetime, optional

Datetime of session successful closure.

created_at

datetime, required

Datetime of session creation.

updated_at

datetime, required

Datetime of last session update.

events

array, required

Session progress events.

authorization_details

hash, required

Data which was used for authorization.

instruction

string, optional

Authorization type description.

mfa_fields

array, optional

Multi-Factor Authentication fields wrapper.

code

string, required

MFA Field identifier.

display_name

string, required

MFA Field label.

optional

boolean, required

Whether this MFA field is required to fill. Allowed values: true, false

type

string, required

Type of MFA Field value. Allowed values: number, password, text

customer_id

string, optional

PSU identifier on Salt Edge PSD2 Compliance side.

provider_code

string, required

Human readable Provider identifier.

Related Errors

Class	Code	Description
AuthorizationMissing	401	Authorization header is missing.
SessionNotFound	404	Session specified in request does not exist or cannot be retrieved.
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.

Confirm

This endpoint is used for processing additional interactive steps in the process of access token creation or account's refresh.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNyZWRlbnRpYWxzIjp7InNtc19waW5jb2RlIjoiNDU2OCJ9fSwiZXhwIjoxNzMyMjIxNTkyLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.Vov6ddWsI5aM8YdkCAF1xwYyXVcVMdajmJQ6dWw9u0J669MMUtQSgqCEDRldpQCMxj7JRYudykqAPAcjgacMz2TolbVjkEpgEvS8Jr5CvNSRte76u5Erxcj4sb8F5VIwT80wvO5lhPoYBOWCBom-3TsQpdpwnoi15YdHxQnNA5-t95a8rmtYyqVY0yFZPVOZcYWHS-wNCEjiK1EdaOs249OAgjpKR5KJiPE5EXAXEfw4UBkMrVJ1j8W3CXpWVRjP6-iSynPIJ7tLmAL6RyepJvJDcm0Ho9-jPlAFIGGv13DhDThrMPVlY7ivCoA5Wmqyj9ZpRbRLjSpjqoV7Z5zeMA" \ -H "App-Id: RC37EiVDTH72Dy66RiWfRA" \ -H "App-Secret: X-iIITSQB7qTeTYH_99H5A" \ -H "Client-Request-Id: 17" \ -X PUT "/api/v2/sessions/:secret"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7ImNyZWRlbnRpYWxzIjp7InNtc19waW5jb2RlIjoiNDU2OCJ9fSwiZXhwIjoxNzMyMjIxNTkyLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.Vov6ddWsI5aM8YdkCAF1xwYyXVcVMdajmJQ6dWw9u0J669MMUtQSgqCEDRldpQCMxj7JRYudykqAPAcjgacMz2TolbVjkEpgEvS8Jr5CvNSRte76u5Erxcj4sb8F5VIwT80wvO5lhPoYBOWCBom-3TsQpdpwnoi15YdHxQnNA5-t95a8rmtYyqVY0yFZPVOZcYWHS-wNCEjiK1EdaOs249OAgjpKR5KJiPE5EXAXEfw4UBkMrVJ1j8W3CXpWVRjP6-iSynPIJ7tLmAL6RyepJvJDcm0Ho9-jPlAFIGGv13DhDThrMPVlY7ivCoA5Wmqyj9ZpRbRLjSpjqoV7Z5zeMA" \ 
 -H "App-Id: RC37EiVDTH72Dy66RiWfRA" \ 
 -H "App-Secret: X-iIITSQB7qTeTYH_99H5A" \ 
 -H "Client-Request-Id: 17" \ 
 -X PUT "/api/v2/sessions/:secret"

Example of request parameters

{"data":{"credentials":{"sms_pincode":"4568"}},"exp":1574093210}

Example of response

{"data":{"secret":"xkeTNwR3GHH3cHcq3UCt","status":"waiting_confirmation_code","extra":{"scopes":["accounts","transactions","kyc","payments","funds_availability","trusted_beneficiaries"]},"token":{"access_token":"BVGU4xsgFdZRDx2BDoG1","expires_at":"2019-11-18T16:04:50.787Z"},"provider_code":"demobank","id":625,"events":[{}],"authorization_details":{},"customer_id":469,"fail_at":"2019-11-18T16:04:50.787Z","success_at":"2019-11-18T16:04:50.787Z","created_at":"2019-11-18T16:04:50.787Z","updated_at":"2019-11-18T16:04:50.787Z"}}

Request

PUT /api/v2/sessions/:secret

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

credentials

hash, required

Wrapper for interactive step credentials.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

secret (path)

string, required

Another session identifier that can be used for session lookup and confirmation. Can raise: SessionNotFound, SessionClosed, SessionExpired, ActionNotAllowed

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

hash, required

Wrapper for the data.

integer, required

Session id.

secret

string, required

Another session identifier that can be used for session lookup and confirmation.

status

string, required

extra

hash, required

Extra details that should persist in the session.

scopes

array, optional

Set of permissions for access token. Allowed values: accounts, transactions, kyc, payments, funds_availability, trusted_beneficiaries

token

hash, required

Access token that will be used to access ASPSP data.

access_token

string, optional

Access token that will be used to access ASPSP data. Token is an unique value which is linked to authenticated user.

expires_at

datetime, optional

Datetime of token expiration.

fail_at

datetime, optional

Datetime of session failure.

success_at

datetime, optional

Datetime of session successful closure.

created_at

datetime, required

Datetime of session creation.

updated_at

datetime, required

Datetime of last session update.

events

array, required

Session progress events.

authorization_details

hash, optional

Data which was used for authorization.

customer_id

string, optional

PSU identifier on Salt Edge PSD2 Compliance side.

provider_code

string, required

Human readable Provider identifier.

Related Errors

Class	Code	Description
SessionClosed	400	Session specified in request is already closed and cannot be modified.
SessionExpired	401	Found session is expired and cannot be processed anymore.
AuthorizationMissing	401	Authorization header is missing.
SessionNotFound	404	Session specified in request does not exist or cannot be retrieved.
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.
ActionNotAllowed	406	You're not allowed to perform this action. This might be a configuration problem or parameters incompatibility.

Destroy

Cancel session.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzMyMjIxNTkyLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.s60FTVeYv9tuYWOaa5TY-BXzOYeE5WgET7U0msCpeiimVB9KQqSKyXPVklGuvDHIAkTlsy5RE1ySWDyLR0OhD0r4ftgV-jHbidaySUXkKVAZHrk0MdDZZr5MD8uUi5skE84_bw2yB5VIfrpEr7o8GjDYfxaMahnngSn7Z0In8RUYhe_FXT4vLyV4nnAWkCb3odQeMvA1TtzP8evBmI19rEqK8xFXCF10zfwjG7XYhqQDPOkCc4mBDlXcgZi_4g1ku8K5PJcgAa0uyzYjCTnfqZxw8yVpc-94jZ5rCPRrbaMl6_Xi0WKkG-hYgZM8oJTbgYbnWOeseXpYb8RFVPeJ7A" \ -H "App-Id: TnzE5rqosgx9vrox4mU5EA" \ -H "App-Secret: ngYWj5vwwkf-fT1MkB6DBQ" \ -H "Client-Request-Id: 17" \ -X DELETE "/api/v2/sessions/:secret"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzMyMjIxNTkyLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.s60FTVeYv9tuYWOaa5TY-BXzOYeE5WgET7U0msCpeiimVB9KQqSKyXPVklGuvDHIAkTlsy5RE1ySWDyLR0OhD0r4ftgV-jHbidaySUXkKVAZHrk0MdDZZr5MD8uUi5skE84_bw2yB5VIfrpEr7o8GjDYfxaMahnngSn7Z0In8RUYhe_FXT4vLyV4nnAWkCb3odQeMvA1TtzP8evBmI19rEqK8xFXCF10zfwjG7XYhqQDPOkCc4mBDlXcgZi_4g1ku8K5PJcgAa0uyzYjCTnfqZxw8yVpc-94jZ5rCPRrbaMl6_Xi0WKkG-hYgZM8oJTbgYbnWOeseXpYb8RFVPeJ7A" \ 
 -H "App-Id: TnzE5rqosgx9vrox4mU5EA" \ 
 -H "App-Secret: ngYWj5vwwkf-fT1MkB6DBQ" \ 
 -H "Client-Request-Id: 17" \ 
 -X DELETE "/api/v2/sessions/:secret"

Example of request parameters

{"data":{},"exp":1574093210}

Example of response

{"data":{"session_secret":"_PkwuzoztNR3vz2-MzrJ"}}

Request

DELETE /api/v2/sessions/:secret

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

secret (path)

string, required

Session secret. Can raise: SessionNotFound, SessionClosed, SessionExpired, ActionNotAllowed

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

hash, required

Wrapper for the data.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance.

Related Errors

Class	Code	Description
SessionClosed	400	Session specified in request is already closed and cannot be modified.
SessionExpired	401	Found session is expired and cannot be processed anymore.
AuthorizationMissing	401	Authorization header is missing.
SessionNotFound	404	Session specified in request does not exist or cannot be retrieved.
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.
ActionNotAllowed	406	You're not allowed to perform this action. This might be a configuration problem or parameters incompatibility.

Trusted Beneficiary

Show

Endpoint used to fetch all data relevant to a trusted beneficiary including alias_name, identifiers, status and other.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzMyMjIxNTkyLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.s60FTVeYv9tuYWOaa5TY-BXzOYeE5WgET7U0msCpeiimVB9KQqSKyXPVklGuvDHIAkTlsy5RE1ySWDyLR0OhD0r4ftgV-jHbidaySUXkKVAZHrk0MdDZZr5MD8uUi5skE84_bw2yB5VIfrpEr7o8GjDYfxaMahnngSn7Z0In8RUYhe_FXT4vLyV4nnAWkCb3odQeMvA1TtzP8evBmI19rEqK8xFXCF10zfwjG7XYhqQDPOkCc4mBDlXcgZi_4g1ku8K5PJcgAa0uyzYjCTnfqZxw8yVpc-94jZ5rCPRrbaMl6_Xi0WKkG-hYgZM8oJTbgYbnWOeseXpYb8RFVPeJ7A" \ -H "App-Id: uNwDiUgp12XhONz1E_rV6g" \ -H "App-Secret: QsSGnN7sJHqUCyRnP6IHsQ" \ -H "Access-Token: bf0d0bb0c89896811579dbe456507cb7cf2f5bb9b0b06291670339a22e55eb484f81de6b286235c71c0f27adb1229a717c4b7f089dadaa51cc24145128ad65ab" \ -H "Client-Request-Id: 13" \ -X GET "/api/v2/trusted_beneficiaries/:id"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7fSwiZXhwIjoxNzMyMjIxNTkyLCJpc3MiOiJwcmlvcmEuc2FsdGVkZ2UuY29tIn0.s60FTVeYv9tuYWOaa5TY-BXzOYeE5WgET7U0msCpeiimVB9KQqSKyXPVklGuvDHIAkTlsy5RE1ySWDyLR0OhD0r4ftgV-jHbidaySUXkKVAZHrk0MdDZZr5MD8uUi5skE84_bw2yB5VIfrpEr7o8GjDYfxaMahnngSn7Z0In8RUYhe_FXT4vLyV4nnAWkCb3odQeMvA1TtzP8evBmI19rEqK8xFXCF10zfwjG7XYhqQDPOkCc4mBDlXcgZi_4g1ku8K5PJcgAa0uyzYjCTnfqZxw8yVpc-94jZ5rCPRrbaMl6_Xi0WKkG-hYgZM8oJTbgYbnWOeseXpYb8RFVPeJ7A" \ 
 -H "App-Id: uNwDiUgp12XhONz1E_rV6g" \ 
 -H "App-Secret: QsSGnN7sJHqUCyRnP6IHsQ" \ 
 -H "Access-Token: bf0d0bb0c89896811579dbe456507cb7cf2f5bb9b0b06291670339a22e55eb484f81de6b286235c71c0f27adb1229a717c4b7f089dadaa51cc24145128ad65ab" \ 
 -H "Client-Request-Id: 13" \ 
 -X GET "/api/v2/trusted_beneficiaries/:id"

Example of request parameters

{"data":{},"exp":1574173799,"id":414}

Example of response

{"data":{"alias_name":"John Smith GB","status":"approved","template_id":"516","identifiers":{"iban":"FK35****81**45****5635","currency_code":"GBP"},"session_secret":"P5rrqb4hWZ_ghjTj4cBj","provider_code":"demobank","id":719}}

Request

GET /api/v2/trusted_beneficiaries/:id

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Access-Token`	string, required	Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

integer, required

Trusted Beneficiary identifier on Salt Edge PSD2 Compliance side. Can raise: TrustedBeneficiaryNotFound

Response

Endpoint used to fetch all data relevant to a trusted beneficiary including alias_name, identifiers, status and other.

data

hash, required

Wrapper for the data.

integer, required

Trusted Beneficiary identifier on Salt Edge PSD2 Compliance side.

alias_name

string, required

Any human-readable description that is used to identify the trusted beneficiary on TPP side.

status

string, required

Conveys current status of the operation. Allowed values: approved

template_id

string, required

Payment template identifier on Salt Edge PSD2 Compliance side.

identifiers

hash, required

Object which maps the field of related payment template with its masked value. The value can be also empty.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance.

provider_code

string, required

Human readable Provider identifier.

Related Errors

Class	Code	Description
TokenMissing	400	This request cannot be performed without `Access_Token` header.
AuthorizationMissing	401	Authorization header is missing.
TokenNotFound	401	Token specified in request does not exist or cannot be retrieved.
TokenRevoked	401	Token specified in request is revoked and cannot be used anymore.
TokenExpired	401	Token specified in request is expired and cannot be used.
TrustedBeneficiaryNotFound	404	Trusted Beneficiary specified in request does not exist or cannot be retrieved.
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.

Index

Endpoint used to fetch all data relevant to trusted beneficiaries.

CURL

curl -i \ -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InByb3ZpZGVyX2NvZGUiOiJkZW1vYmFuayJ9LCJleHAiOjE3MzIyMjE1OTMsImlzcyI6InByaW9yYS5zYWx0ZWRnZS5jb20ifQ.BiBjxTvCpioMFbXDV1VAfdhpV_3ZUNyLyu7V6tx99VC-lAmITD8Vga23gSntwoZMug9EGmry53vJ-fPrLdq877fny_rusQMoxNBb3ZU9mUGRfE6pJeuht1kd5lRvEQVLqxsJw8ftPbU_g6ILNMmhm4SFNkEa8KN4EYCETGjhdekE7P5gmKcslfB3UW036BjYvHSCACeqSohYG5jSJi3s7l1VFzAV4_7BbhTsfZI_s3Nk_gLkJC9z8YjUTJ-pbTgUQ1wfO_8swqdqt6eskMLRAPQoyRUgZLMLR2ix1mP97DZbSqjTXdWnKcji1GChtNoK0QYo7IhmniS6VrUtXruPnw" \ -H "App-Id: IsiyTiKCOZDsV6mbafDzgg" \ -H "App-Secret: fzST4gs0xQHOJA9bToRqeQ" \ -H "Access-Token: 2bae74fd42f750e7401e0aa3cc9d5644ac815f5b9d2c16627af18cc76b2f507bc2dac1a10ab77c1b90b7e16423e2a0396d786959f09db9dc02128d820609d8df" \ -H "Client-Request-Id: 17" \ -X GET "/api/v2/trusted_beneficiaries"

curl -i  \ 
 -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJkYXRhIjp7InByb3ZpZGVyX2NvZGUiOiJkZW1vYmFuayJ9LCJleHAiOjE3MzIyMjE1OTMsImlzcyI6InByaW9yYS5zYWx0ZWRnZS5jb20ifQ.BiBjxTvCpioMFbXDV1VAfdhpV_3ZUNyLyu7V6tx99VC-lAmITD8Vga23gSntwoZMug9EGmry53vJ-fPrLdq877fny_rusQMoxNBb3ZU9mUGRfE6pJeuht1kd5lRvEQVLqxsJw8ftPbU_g6ILNMmhm4SFNkEa8KN4EYCETGjhdekE7P5gmKcslfB3UW036BjYvHSCACeqSohYG5jSJi3s7l1VFzAV4_7BbhTsfZI_s3Nk_gLkJC9z8YjUTJ-pbTgUQ1wfO_8swqdqt6eskMLRAPQoyRUgZLMLR2ix1mP97DZbSqjTXdWnKcji1GChtNoK0QYo7IhmniS6VrUtXruPnw" \ 
 -H "App-Id: IsiyTiKCOZDsV6mbafDzgg" \ 
 -H "App-Secret: fzST4gs0xQHOJA9bToRqeQ" \ 
 -H "Access-Token: 2bae74fd42f750e7401e0aa3cc9d5644ac815f5b9d2c16627af18cc76b2f507bc2dac1a10ab77c1b90b7e16423e2a0396d786959f09db9dc02128d820609d8df" \ 
 -H "Client-Request-Id: 17" \ 
 -X GET "/api/v2/trusted_beneficiaries"

Example of request parameters

{"data":{"provider_code":"demobank"},"exp":1574093211}

Example of response

{"data":[{"id":752,"alias_name":"Example Name","status":"approved","template_id":"75","identifiers":{"amount":"227.13","to_account":"1313613","description":"Test payment.","from_account":"1313634"},"provider_code":"demobank"}]}

Request

GET /api/v2/trusted_beneficiaries

Headers

Header	Type	Description
`Authorization`	string, required	JSON Web Token containing payload, signed using RSA256 and `application.private_key`. Can raise: AuthorizationMissing
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Access-Token`	string, required	Token for which we are requesting info. Can raise: TokenMissing, TokenNotFound, TokenRevoked, TokenExpired
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

data

hash, required

Wrapper for the data.

provider_code

string, required

Human readable Provider identifier. Can raise: ProviderNotFound, AccessDenied

exp

integer, required

The lifetime of the request in timestamp UTC format. Values greater than: Current time.

Response

Endpoint used to fetch all data relevant to trusted beneficiaries.

data

array, required

Wrapper for the data.

integer, required

Trusted Beneficiary identifier on Salt Edge PSD2 Compliance side.

alias_name

string, required

Any human-readable description that is used to identify the trusted beneficiary on TPP side.

status

string, required

Conveys current status of the operation. Allowed values: approved

template_id

string, required

Payment template identifier on Salt Edge PSD2 Compliance side.

session_secret

string, required

Session identifier in Salt Edge PSD2 Compliance.

identifiers

hash, required

Object which maps the field of related payment template with its masked value. The value can be also empty.

provider_code

string, required

Human readable Provider identifier.

Related Errors

Class	Code	Description
TokenMissing	400	This request cannot be performed without `Access_Token` header.
AccessDenied	401	Action you want to perform is not allowed. More in `error_message`
AuthorizationMissing	401	Authorization header is missing.
TokenNotFound	401	Token specified in request does not exist or cannot be retrieved.
TokenRevoked	401	Token specified in request is revoked and cannot be used anymore.
TokenExpired	401	Token specified in request is expired and cannot be used.
ProviderNotFound	404	Provider specified in request does not exist or cannot be retrieved.
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.

Providers

Index

Returns all ASPSPs which have approved access for your TPP. More information could be found at #requesting-provider-access compartment.

CURL

curl -i \ -H "App-Id: 5L1UlLqFeEjlFlJ4dzJFDw" \ -H "App-Secret: ym7AeWUYxHp0KG4MghAo-g" \ -H "Client-Request-Id: 17" \ -X GET "/api/v2/providers"

curl -i  \ 
 -H "App-Id: 5L1UlLqFeEjlFlJ4dzJFDw" \ 
 -H "App-Secret: ym7AeWUYxHp0KG4MghAo-g" \ 
 -H "Client-Request-Id: 17" \ 
 -X GET "/api/v2/providers"

Example of request parameters

{"per_page":50,"from_id":1}

Example of response

{"data":[{"id":846,"name":"Example Name","code":"demobank","connector_url":"https://user.will.be/redirected/here","status":"live","scopes":["accounts","transactions","kyc","payments","funds_availability","trusted_beneficiaries"],"created_at":"2019-11-18T16:04:50.725Z","updated_at":"2019-11-18T16:04:50.725Z","authorization_types":[{"code":"sms_pin","display_name":"SMS-PIN","scopes":["accounts","transactions"],"instruction":"Use PIN code from SMS to authorize.","required_fields":[{"code":"req_field","optional":"false","display_name":"Sms_pin","type":"string"}],"mfa_fields":[{"code":"req_field2","optional":"false","display_name":"Password","type":"string"}],"sandbox_credentials":{"required_fields":[{"example":"req_field","code":"req_field"}],"mfa_fields":[{"example":"mfa_field","code":"mfa_field"}]}}]}],"meta":{"next_id":2,"time":"2019-11-18T16:04:50.725Z"}}

Request

GET /api/v2/providers

Headers

Header	Type	Description
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

per_page

integer, optional

Number of providers that should be returned per request or less. Values in range between: 1 and 1000 Default value: 20

from_id

integer, optional

Return providers starting with a specific id. Default value: 0 Values greater than: 0

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

array, required

Wrapper for the data.

integer, required

ASPSP identifier in Salt Edge PSD2 Compliance Solution.

name

string, required

ASPSP name.

code

string, required

ASPSP code in Salt Edge PSD2 Compliance Solution.

connector_url

string, required

URL to Connector API layer implemented by ASPSP.

status

string, required

Current status of ASPSP. Allowed values: pending, disabled, test, live, sandbox

scopes

array, optional

Scopes supported by ASPSP. Allowed values: accounts, transactions, kyc, payments, funds_availability, trusted_beneficiaries

created_at

datetime, required

Datetime ASPSP registered in Salt Edge PSD2 Compliance Solution.

updated_at

datetime, required

Datetime ASPSP updated itself.

authorization_types

array, required

Available authorization types.

code

string, optional

Serves to identify any authorization type within the scope of a Provider on Salt Edge PSD2 Compliance Solution.

display_name

string, optional

Human readable name of given authorization type.

scopes

array, optional

List of scopes(permissions) that can be obtained through specific authorization type.

instruction

string, optional

Short instruction for the PSU.

required_fields

array, optional

List of all required(first step) authorization fields and their description.

display_name

string, optional

Human readable name of field.

code

string, optional

ASPSP code in Salt Edge PSD2 Compliance Solution.

optional

boolean, optional

Is current field required.

type

string, optional

Current field type.

mfa_fields

array, optional

List of all MFA(second step) authorization fields and their description.

display_name

string, optional

Human readable name of field.

code

string, optional

ASPSP code in Salt Edge PSD2 Compliance Solution.

optional

boolean, optional

Is current field required.

type

string, optional

Current field type.

sandbox_credentials

hash, optional

List of example credentials.

required_fields

array, optional

List of all required(first step) authorization fields and their description.

code

string, optional

ASPSP code in Salt Edge PSD2 Compliance Solution.

example

string, optional

Example of credentials for given field.

mfa_fields

array, optional

List of all MFA(second step) authorization fields and their description.

code

string, optional

ASPSP code in Salt Edge PSD2 Compliance Solution.

example

string, optional

Example of credentials for given field.

Related Errors

Class	Code	Description
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.

Templates

Returns all available payment templates which belong to a specific Provider.

CURL

curl -i \ -H "App-Id: X3R1wYzjbqdHUnePBINH8A" \ -H "App-Secret: K6gV3EPYH9ZYT7KOrjCuZg" \ -H "Client-Request-Id: 17" \ -X GET "/api/v2/providers/:provider_code/templates"

curl -i  \ 
 -H "App-Id: X3R1wYzjbqdHUnePBINH8A" \ 
 -H "App-Secret: K6gV3EPYH9ZYT7KOrjCuZg" \ 
 -H "Client-Request-Id: 17" \ 
 -X GET "/api/v2/providers/:provider_code/templates"

Example of response

{"data":[{"id":757,"description":"Internal transfer","provider_id":251,"payment_type":"internal_transfer","default":false,"extra":{},"created_at":"2019-11-18T16:04:50.658Z","updated_at":"2019-11-18T16:04:50.658Z","payment_attributes":[{"attribute_name":"amount","attribute_type":"number","label":"Amount","optional":false,"position":1,"values":[]},{"attribute_name":"to_account","attribute_type":"text","label":"To account","optional":false,"position":2,"values":[]},{"attribute_name":"currency","attribute_type":"dropdown","label":"Currency","optional":false,"position":3,"values":["EUR","USD"]}]}]}

Request

GET /api/v2/providers/:provider_code/templates

Headers

Header	Type	Description
`App-Id`	string, required	Application’s `app_id` from connection details tab. Can raise: OauthAppNotFound, CertificateNotFound
`App-Secret`	string, required	Application’s `app_secret` from connection details tab.
`Client-Request-Id`	string, optional	Request identifier. If present, it will be returned within `meta` field in response.

Unpacked Request Authorization

provider_code (path)

string, required

Human readable Provider identifier. Can raise: ProviderNotFound, AccessDenied

Response

Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.

data

array, required

Wrapper for the data.

integer, required

Template identifier.

description

string, required

Short description of payment template.

provider_id

integer, required

Identifies Provider under which template was defined.

payment_type

string, required

Specifies the type of payment associated with a preregistered template.

default

boolean, required

States whether given template is default or not. Allowed values: true, false

extra

hash, required

Extra details that should persist in the session.

created_at

datetime, required

Datetime of template creation on Salt Edge PSD2 Compliance side.

updated_at

datetime, required

Datetime of last template update on Salt Edge PSD2 Compliance side.

payment_attributes

array, required

Contains a list of payment attributes with their characteristics.

attribute_name

string, required

Name of the attribute, should be used by application as input field name.

attribute_type

string, required

Type of the input field that should be used. Allowed values: text, number, dropdown

label

string, required

Human readable label for presentation of the payment attribute.

optional

boolean, required

Flag that shows whether the attribute is optional or not. Allowed values: true, false

position

integer, required

Position index of the attribute within payment template, should be considered when rendering the template.

values

array, optional

List of possible values for a given payment attribute.

Related Errors

Class	Code	Description
AccessDenied	401	Action you want to perform is not allowed. More in `error_message`
ProviderNotFound	404	Provider specified in request does not exist or cannot be retrieved.
OauthAppNotFound	404	OAuth Application specified in request does not exist or cannot be retrieved.
CertificateNotFound	404	Certificate has no permissions.