· 6 years ago · Jun 25, 2019, 03:22 PM
1openapi: 3.0.1
2info:
3 title: BACAR Open API
4 version: "1.3 Dec 20th 2018"
5 description: |
6 # Summary
7 This document provides the specification of Banco Carregosa's Open API.
8
9 The PSD2 section follows the 1.3 release of the Berlin Group XS2A specifications, containing the REST-API definitions for requests from PISP's.
10
11 Banco Carregosa only supports the Redirect SCA Approach.
12
13 If there is a name field "Accept", "Content-Type" or "Authorization" in the "header", the parameter definition SHALL be ignored.
14
15 The element "Accept" will not be defined in this file at any place.
16
17 The elements "Content-Type" and "Authorization" are implicitly defined by the OpenApi tags "content" and "security".
18
19 ## General Remarks on Data Types
20
21 The PSD2 API supports at least the following characters
22
23 a b c d e f g h i j k l m n o p q r s t u v w x y z
24
25 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
26
27 0 1 2 3 4 5 6 7 8 9
28
29 / - ? : ( ) . , ' +
30
31 Space
32
33 ## Important Notes
34
35 Banco Carregosa has a multi-currency and sub-account structure.
36 Information consents are granted for an account identified by an IBAN.
37
38
39 This API extends the Berlin Group XS2A in regards to internal transfers according.
40
41 Fund-Confirmations should be accessed through the Account Information Service with a valid consent and accountId.
42
43
44 license:
45 name: Creative Commons Attribution 4.0 International Public License
46 url: https://creativecommons.org/licenses/by/4.0/
47 #termsOfService: URL for Terms of Service of the API
48 contact:
49 name: Banco Carregosa SA
50 url: https://www.bancocarregosa.com
51 email: geral@bancocarregosa.com
52
53externalDocs:
54 description: |
55 Full Documentation of NextGenPSD2 Access to Account Interoperability Framework
56 (General Introduction Paper, Operational Rules, Implementation Guidelines)
57 url: https://www.berlin-group.org/nextgenpsd2-downloads
58
59servers:
60 - url: https://api.testbank.com/psd2
61 description: PSD2 server
62 - url: https://test-api.testbank.com/psd2
63 description: Optional PSD2 test server
64
65paths:
66
67
68 #####################################################
69 # Account Information Service
70 #####################################################
71
72 #####################################################
73 # Accounts
74 #####################################################
75
76
77 /v1/accounts:
78 get:
79 summary: Read Account List
80 description: |
81 Read the identifiers of the available payment accounts.
82
83 Balances and transactions require an explicit request to these account references.
84
85 It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.
86 The addressed list of accounts depends then on the PSU ID and the stored consent addressed by consentId.
87
88 Returns all identifiers of the accounts, to which an account access has been granted to through
89 the /consents endpoint by the PSU.
90 In addition, relevant information about the accounts and hyperlinks to corresponding account
91 information resources are provided if a related consent has been already granted.
92
93 operationId: getAccountList
94 tags:
95 - Account Information Service (AIS)
96
97 security:
98 #####################################################
99 # REMARKS ON SECURITY IN THIS OPENAPI FILE
100 #In this file only the basic security element to transport
101 # the bearer token of an an OAuth2 process, which has to
102 # be included inthe HTTP header ist described.
103 #
104 # WARNING:
105 # If you want to use this file for a productive implementation,
106 # it is recommandes to adjust the security schemes according to
107 # your system enviroments and security policies.
108 #####################################################
109 - {}
110 - BearerAuthOAuth: []
111
112 parameters:
113 #path # NO PATH PARAMETER
114 #query
115 - $ref: "#/components/parameters/withBalanceQuery"
116 #header
117 #common header parameter
118 - $ref: "#/components/parameters/X-Request-ID"
119 #header to support the signature function
120 - $ref: "#/components/parameters/Digest"
121 - $ref: "#/components/parameters/Signature"
122 - $ref: "#/components/parameters/TPP-Signature-Certificate"
123 #method specific header elements
124 - $ref: "#/components/parameters/consentId_HEADER_mandatory"
125 #conditional elemention for AIS
126 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
127 #optional additional PSU Information in header
128 - $ref: "#/components/parameters/PSU-IP-Port"
129 - $ref: "#/components/parameters/PSU-Accept"
130 - $ref: "#/components/parameters/PSU-Accept-Charset"
131 - $ref: "#/components/parameters/PSU-Accept-Encoding"
132 - $ref: "#/components/parameters/PSU-Accept-Language"
133 - $ref: "#/components/parameters/PSU-User-Agent"
134 - $ref: "#/components/parameters/PSU-Http-Method"
135 - $ref: "#/components/parameters/PSU-Device-ID"
136 - $ref: "#/components/parameters/PSU-Geo-Location"
137 #NO REQUEST BODY
138
139 responses:
140 '200':
141 $ref: "#/components/responses/OK_200_AccountList"
142
143 '400':
144 $ref: "#/components/responses/BAD_REQUEST_400"
145 '401':
146 $ref: "#/components/responses/UNAUTHORIZED_401"
147 '403':
148 $ref: "#/components/responses/FORBIDDEN_403"
149 '404':
150 $ref: "#/components/responses/NOT_FOUND_404_AIS"
151 '405':
152 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
153 '408':
154 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
155 '429':
156 $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
157 '500':
158 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
159 '503':
160 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
161
162 /v1/accounts/{accountId}:
163 get:
164 summary: Read Account Details
165 description: |
166 Reads details about an account, with balances where required.
167 It is assumed that a consent of the PSU to
168 this access is already given and stored on the ASPSP system.
169 The addressed details of this account depends then on the stored consent addressed by consentId,
170 respectively the OAuth2 access token.
171
172 **NOTE:** The accountId can represent a multicurrency account.
173 In this case the currency code is set to "XXX".
174
175 Give detailed information about the addressed account.
176
177 Give detailed information about the addressed account together with balance information
178 operationId: readAccountDetails
179 tags:
180 - Account Information Service (AIS)
181
182 security:
183 #####################################################
184 # REMARKS ON SECURITY IN THIS OPENAPI FILE
185 #In this file only the basic security element to transport
186 # the bearer token of an an OAuth2 process, which has to
187 # be included inthe HTTP header ist described.
188 #
189 # WARNING:
190 # If you want to use this file for a productive implementation,
191 # it is recommandes to adjust the security schemes according to
192 # your system enviroments and security policies.
193 #####################################################
194 - {}
195 - BearerAuthOAuth: []
196
197 parameters:
198 #path
199 - $ref: "#/components/parameters/accountId"
200 #query
201 - $ref: "#/components/parameters/withBalanceQuery"
202 #header
203 #common header parameter
204 - $ref: "#/components/parameters/X-Request-ID"
205 #header to support the signature function
206 - $ref: "#/components/parameters/Digest"
207 - $ref: "#/components/parameters/Signature"
208 - $ref: "#/components/parameters/TPP-Signature-Certificate"
209 #method specific header elements
210 - $ref: "#/components/parameters/consentId_HEADER_mandatory"
211 #conditional elemention for AIS
212 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
213 #optional additional PSU Information in header
214 - $ref: "#/components/parameters/PSU-IP-Port"
215 - $ref: "#/components/parameters/PSU-Accept"
216 - $ref: "#/components/parameters/PSU-Accept-Charset"
217 - $ref: "#/components/parameters/PSU-Accept-Encoding"
218 - $ref: "#/components/parameters/PSU-Accept-Language"
219 - $ref: "#/components/parameters/PSU-User-Agent"
220 - $ref: "#/components/parameters/PSU-Http-Method"
221 - $ref: "#/components/parameters/PSU-Device-ID"
222 - $ref: "#/components/parameters/PSU-Geo-Location"
223 #NO REQUEST BODY
224
225 responses:
226 '200':
227 $ref: "#/components/responses/OK_200_AccountList"
228
229 '400':
230 $ref: "#/components/responses/BAD_REQUEST_400"
231 '401':
232 $ref: "#/components/responses/UNAUTHORIZED_401"
233 '403':
234 $ref: "#/components/responses/FORBIDDEN_403"
235 '404':
236 $ref: "#/components/responses/NOT_FOUND_404_AIS"
237 '405':
238 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
239 '408':
240 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
241 '429':
242 $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
243 '500':
244 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
245 '503':
246 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
247
248 /v1/accounts/{accountId}/balances:
249
250 get:
251 summary: Read Balance
252 description: |
253 Reads account data from a given account addressed by "accountId".
254
255 information might be logged on intermediary servers within the ASPSP sphere.
256 This accountId then can be retrieved by the "GET Account List" call.
257
258 The accountId is constant at least throughout the lifecycle of a given consent.
259
260 Balances have been extended by including a subaccount reference.
261 operationId: getBalances
262 tags:
263 - Account Information Service (AIS)
264
265 security:
266 #####################################################
267 # REMARKS ON SECURITY IN THIS OPENAPI FILE
268 #In this file only the basic security element to transport
269 # the bearer token of an an OAuth2 process, which has to
270 # be included inthe HTTP header ist described.
271 #
272 # WARNING:
273 # If you want to use this file for a productive implementation,
274 # it is recommandes to adjust the security schemes according to
275 # your system enviroments and security policies.
276 #####################################################
277 - {}
278 - BearerAuthOAuth: []
279
280 parameters:
281 #path
282 - $ref: "#/components/parameters/accountId"
283 #query # NO QUERY PARAMETER
284 #header
285 #common header parameter
286 - $ref: "#/components/parameters/X-Request-ID"
287 #header to support the signature function
288 - $ref: "#/components/parameters/Digest"
289 - $ref: "#/components/parameters/Signature"
290 - $ref: "#/components/parameters/TPP-Signature-Certificate"
291 #method specific header elements
292 - $ref: "#/components/parameters/consentId_HEADER_mandatory"
293 #conditional elemention for AIS
294 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
295 #optional additional PSU Information in header
296 - $ref: "#/components/parameters/PSU-IP-Port"
297 - $ref: "#/components/parameters/PSU-Accept"
298 - $ref: "#/components/parameters/PSU-Accept-Charset"
299 - $ref: "#/components/parameters/PSU-Accept-Encoding"
300 - $ref: "#/components/parameters/PSU-Accept-Language"
301 - $ref: "#/components/parameters/PSU-User-Agent"
302 - $ref: "#/components/parameters/PSU-Http-Method"
303 - $ref: "#/components/parameters/PSU-Device-ID"
304 - $ref: "#/components/parameters/PSU-Geo-Location"
305 #NO REQUEST BODY
306
307 responses:
308 '200':
309 $ref: "#/components/responses/OK_200_Balances"
310
311 '400':
312 $ref: "#/components/responses/BAD_REQUEST_400"
313 '401':
314 $ref: "#/components/responses/UNAUTHORIZED_401"
315 '403':
316 $ref: "#/components/responses/FORBIDDEN_403"
317 '404':
318 $ref: "#/components/responses/NOT_FOUND_404_AIS"
319 '405':
320 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
321 '408':
322 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
323 '429':
324 $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
325 '500':
326 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
327 '503':
328 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
329
330 /v1/accounts/{accountId}/transactions/:
331 get:
332 summary: Read transaction list of an account
333 description: |
334 Read transaction reports or transaction lists of a given account ddressed by "accountId", depending on the steering parameter
335 "bookingStatus" together with balances.
336
337 For a given account, additional parameters are e.g. the attributes "dateFrom" and "dateTo".
338 Transactions have been extended by including a subaccount reference.
339 operationId: getTransactionList
340 tags:
341 - Account Information Service (AIS)
342
343 security:
344 #####################################################
345 # REMARKS ON SECURITY IN THIS OPENAPI FILE
346 #In this file only the basic security element to transport
347 # the bearer token of an an OAuth2 process, which has to
348 # be included inthe HTTP header ist described.
349 #
350 # WARNING:
351 # If you want to use this file for a productive implementation,
352 # it is recommandes to adjust the security schemes according to
353 # your system enviroments and security policies.
354 #####################################################
355 - {}
356 - BearerAuthOAuth: []
357
358 parameters:
359 #path
360 - $ref: "#/components/parameters/accountId"
361 #query
362 - $ref: "#/components/parameters/dateFrom"
363 - $ref: "#/components/parameters/dateTo"
364 - $ref: "#/components/parameters/entryReferenceFrom"
365 - $ref: "#/components/parameters/bookingStatus"
366 - $ref: "#/components/parameters/deltaList"
367 - $ref: "#/components/parameters/withBalanceQuery"
368 #header
369 #common header parameter
370 - $ref: "#/components/parameters/X-Request-ID"
371 #header to support the signature function
372 - $ref: "#/components/parameters/Digest"
373 - $ref: "#/components/parameters/Signature"
374 - $ref: "#/components/parameters/TPP-Signature-Certificate"
375 #method specific header elements
376 - $ref: "#/components/parameters/consentId_HEADER_mandatory"
377 #- $ref: "#/components/parameters/Accept" #Can not defined in Open API. See general comments in the description attached to the top level of the file.
378 #conditional elemention for AIS
379 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
380 #optional additional PSU Information in header
381 - $ref: "#/components/parameters/PSU-IP-Port"
382 - $ref: "#/components/parameters/PSU-Accept"
383 - $ref: "#/components/parameters/PSU-Accept-Charset"
384 - $ref: "#/components/parameters/PSU-Accept-Encoding"
385 - $ref: "#/components/parameters/PSU-Accept-Language"
386 - $ref: "#/components/parameters/PSU-User-Agent"
387 - $ref: "#/components/parameters/PSU-Http-Method"
388 - $ref: "#/components/parameters/PSU-Device-ID"
389 - $ref: "#/components/parameters/PSU-Geo-Location"
390 #NO REQUEST BODY
391
392 responses:
393 '200':
394 $ref: "#/components/responses/OK_200_AccountsTransactions"
395
396 '400':
397 $ref: "#/components/responses/BAD_REQUEST_400"
398 '401':
399 $ref: "#/components/responses/UNAUTHORIZED_401"
400 '403':
401 $ref: "#/components/responses/FORBIDDEN_403"
402 '404':
403 $ref: "#/components/responses/NOT_FOUND_404_AIS"
404 '405':
405 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
406 '408':
407 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
408 '429':
409 $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
410 '500':
411 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
412 '503':
413 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
414
415
416 /v1/accounts/{accountId}/transactions/{resourceId}:
417 get:
418 summary: Read Transaction Details
419 description: |
420 Reads transaction details from a given transaction addressed by "resourceId" on a given account addressed by "accountId".
421 This call is only available on transactions as reported in a JSON format.
422
423 **Remark:** Please note that the PATH might be already given in detail by the corresponding entry of the response of the
424 "Read Transaction List" call within the _links subfield.
425 operationId: getTransactionDetails
426 tags:
427 - Account Information Service (AIS)
428
429 security:
430 #####################################################
431 # REMARKS ON SECURITY IN THIS OPENAPI FILE
432 #In this file only the basic security element to transport
433 # the bearer token of an an OAuth2 process, which has to
434 # be included inthe HTTP header ist described.
435 #
436 # WARNING:
437 # If you want to use this file for a productive implementation,
438 # it is recommandes to adjust the security schemes according to
439 # your system enviroments and security policies.
440 #####################################################
441 - {}
442 - BearerAuthOAuth: []
443
444 parameters:
445 #path
446 - $ref: "#/components/parameters/accountId"
447 - $ref: "#/components/parameters/resourceId"
448 #query # NO QUERY PARAMETER
449 #header
450 #common header parameter
451 - $ref: "#/components/parameters/X-Request-ID"
452 #header to support the signature function
453 - $ref: "#/components/parameters/Digest"
454 - $ref: "#/components/parameters/Signature"
455 - $ref: "#/components/parameters/TPP-Signature-Certificate"
456 #method specific header elements
457 - $ref: "#/components/parameters/consentId_HEADER_mandatory"
458 #conditional elemention for AIS
459 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
460 #optional additional PSU Information in header
461 - $ref: "#/components/parameters/PSU-IP-Port"
462 - $ref: "#/components/parameters/PSU-Accept"
463 - $ref: "#/components/parameters/PSU-Accept-Charset"
464 - $ref: "#/components/parameters/PSU-Accept-Encoding"
465 - $ref: "#/components/parameters/PSU-Accept-Language"
466 - $ref: "#/components/parameters/PSU-User-Agent"
467 - $ref: "#/components/parameters/PSU-Http-Method"
468 - $ref: "#/components/parameters/PSU-Device-ID"
469 - $ref: "#/components/parameters/PSU-Geo-Location"
470 #NO REQUEST BODY
471
472 responses:
473 '200':
474 $ref: "#/components/responses/OK_200_TransactionDetails"
475
476 '400':
477 $ref: "#/components/responses/BAD_REQUEST_400"
478 '401':
479 $ref: "#/components/responses/UNAUTHORIZED_401"
480 '403':
481 $ref: "#/components/responses/FORBIDDEN_403"
482 '404':
483 $ref: "#/components/responses/NOT_FOUND_404_AIS"
484 '405':
485 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
486 '408':
487 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
488 '429':
489 $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
490 '500':
491 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
492 '503':
493 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
494
495 /v1/accounts/{accountId}/funds-confirmations:
496 post:
497 summary: Confirmation of Funds Request
498 description:
499 This request was placed under the account information service. It requires a valid consent for balance or transaction information on the selected account.
500 operationId: checkAvailabilityOfFunds
501 tags:
502 - Account Information Service (AIS)
503
504 parameters:
505 #path
506 - $ref: "#/components/parameters/accountId"
507 #query # NO QUERY PARAMETER
508 #header
509 #common header parameter
510 - $ref: "#/components/parameters/X-Request-ID"
511 #method specific header elements
512 - $ref: "#/components/parameters/consentId_HEADER_mandatory"
513 #header to support the signature function
514 - $ref: "#/components/parameters/Digest"
515 - $ref: "#/components/parameters/Signature"
516 - $ref: "#/components/parameters/TPP-Signature-Certificate"
517
518 requestBody:
519 $ref: "#/components/requestBodies/confirmationOfFunds"
520
521 responses:
522 '200':
523 $ref: "#/components/responses/OK_200_ConfirmationOfFunds"
524 '400':
525 $ref: "#/components/responses/BAD_REQUEST_400"
526 '401':
527 $ref: "#/components/responses/UNAUTHORIZED_401"
528 '403':
529 $ref: "#/components/responses/FORBIDDEN_403"
530 '404':
531 $ref: "#/components/responses/NOT_FOUND_404_PIIS"
532 '405':
533 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
534 '408':
535 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
536 '500':
537 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
538 '503':
539 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
540
541 #####################################################
542 # Consents
543 #####################################################
544
545 /v1/consents:
546 post:
547 summary: Create consent
548 description: |
549 This method creates a consent resource, defining access rights to dedicated accounts of
550 a given PSU-ID.
551
552 **Side Effects**
553 When this Consent Request is a request where the "recurringIndicator" equals "true",
554 and if it exists already a former consent for recurring access on account information
555 for the addressed PSU, then the former consent automatically expires as soon as the new
556 consent request is authorised by the PSU.
557
558 Accepts a specific access on all psd2 related services for all psd2 accounts.
559
560 operationId: createConsent
561 tags:
562 - Account Information Service (AIS)
563
564 security:
565 #####################################################
566 # REMARKS ON SECURITY IN THIS OPENAPI FILE
567 #In this file only the basic security element to transport
568 # the bearer token of an an OAuth2 process, which has to
569 # be included inthe HTTP header ist described.
570 #
571 # WARNING:
572 # If you want to use this file for a productive implementation,
573 # it is recommandes to adjust the security schemes according to
574 # your system enviroments and security policies.
575 #####################################################
576 - {}
577 - BearerAuthOAuth: []
578
579 parameters:
580 #path # NO PATH PARAMETER
581 #query # NO QUERY PARAMETER
582 #header
583 #common header parameter
584 - $ref: "#/components/parameters/X-Request-ID"
585 #header to support the signature function
586 - $ref: "#/components/parameters/Digest"
587 - $ref: "#/components/parameters/Signature"
588 - $ref: "#/components/parameters/TPP-Signature-Certificate"
589 #method specific header elements
590 - $ref: "#/components/parameters/PSU-ID"
591 - $ref: "#/components/parameters/PSU-ID-Type"
592 - $ref: "#/components/parameters/PSU-Corporate-ID"
593 - $ref: "#/components/parameters/PSU-Corporate-ID-Type"
594 - $ref: "#/components/parameters/TPP-Redirect-Preferred"
595 - $ref: "#/components/parameters/TPP-Redirect-URI"
596 - $ref: "#/components/parameters/TPP-Nok-Redirect-URI"
597 - $ref: "#/components/parameters/TPP-Explicit-Authorisation-Preferred"
598 #conditional elemention for AIS
599 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
600 #optional additional PSU Information in header
601 - $ref: "#/components/parameters/PSU-IP-Port"
602 - $ref: "#/components/parameters/PSU-Accept"
603 - $ref: "#/components/parameters/PSU-Accept-Charset"
604 - $ref: "#/components/parameters/PSU-Accept-Encoding"
605 - $ref: "#/components/parameters/PSU-Accept-Language"
606 - $ref: "#/components/parameters/PSU-User-Agent"
607 - $ref: "#/components/parameters/PSU-Http-Method"
608 - $ref: "#/components/parameters/PSU-Device-ID"
609 - $ref: "#/components/parameters/PSU-Geo-Location"
610
611 requestBody:
612 $ref: "#/components/requestBodies/consents"
613
614 responses:
615 '201':
616 $ref: "#/components/responses/CREATED_201_Consents"
617
618 '400':
619 $ref: "#/components/responses/BAD_REQUEST_400"
620 '401':
621 $ref: "#/components/responses/UNAUTHORIZED_401"
622 '403':
623 $ref: "#/components/responses/FORBIDDEN_403"
624 '404':
625 $ref: "#/components/responses/NOT_FOUND_404_AIS"
626 '405':
627 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
628 '408':
629 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
630 '500':
631 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
632 '503':
633 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
634
635
636 /v1/consents/{consentId}:
637 get:
638 summary: Get Consent Request
639 description: |
640 Returns the content of an account information consent object.
641 This is returning the data for the TPP especially in cases,
642 where the consent was directly managed between ASPSP and PSU e.g. in a re-direct SCA Approach.
643 operationId: getConsentInformation
644 tags:
645 - Account Information Service (AIS)
646
647 security:
648 #####################################################
649 # REMARKS ON SECURITY IN THIS OPENAPI FILE
650 #In this file only the basic security element to transport
651 # the bearer token of an an OAuth2 process, which has to
652 # be included inthe HTTP header ist described.
653 #
654 # WARNING:
655 # If you want to use this file for a productive implementation,
656 # it is recommandes to adjust the security schemes according to
657 # your system enviroments and security policies.
658 #####################################################
659 - {}
660 - BearerAuthOAuth: []
661
662 parameters:
663 #path
664 - $ref: "#/components/parameters/consentId_PATH"
665 #query # NO QUERY PARAMETER
666 #header
667 #common header parameter
668 - $ref: "#/components/parameters/X-Request-ID"
669 #header to support the signature function
670 - $ref: "#/components/parameters/Digest"
671 - $ref: "#/components/parameters/Signature"
672 - $ref: "#/components/parameters/TPP-Signature-Certificate"
673 #conditional elemention for AIS
674 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
675 #optional additional PSU Information in header
676 - $ref: "#/components/parameters/PSU-IP-Port"
677 - $ref: "#/components/parameters/PSU-Accept"
678 - $ref: "#/components/parameters/PSU-Accept-Charset"
679 - $ref: "#/components/parameters/PSU-Accept-Encoding"
680 - $ref: "#/components/parameters/PSU-Accept-Language"
681 - $ref: "#/components/parameters/PSU-User-Agent"
682 - $ref: "#/components/parameters/PSU-Http-Method"
683 - $ref: "#/components/parameters/PSU-Device-ID"
684 - $ref: "#/components/parameters/PSU-Geo-Location"
685 #NO REQUEST BODY
686
687 responses:
688 '200':
689 $ref: "#/components/responses/OK_200_ConsentInformation"
690
691 '400':
692 $ref: "#/components/responses/BAD_REQUEST_400"
693 '401':
694 $ref: "#/components/responses/UNAUTHORIZED_401"
695 '403':
696 $ref: "#/components/responses/FORBIDDEN_403"
697 '404':
698 $ref: "#/components/responses/NOT_FOUND_404_AIS"
699 '405':
700 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
701 '408':
702 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
703 '500':
704 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
705 '503':
706 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
707
708
709 delete:
710 summary: Delete Consent
711 description: The TPP can delete an account information consent object if needed.
712 operationId: deleteConsent
713 tags:
714 - Account Information Service (AIS)
715
716 security:
717 #####################################################
718 # REMARKS ON SECURITY IN THIS OPENAPI FILE
719 #In this file only the basic security element to transport
720 # the bearer token of an an OAuth2 process, which has to
721 # be included inthe HTTP header ist described.
722 #
723 # WARNING:
724 # If you want to use this file for a productive implementation,
725 # it is recommandes to adjust the security schemes according to
726 # your system enviroments and security policies.
727 #####################################################
728 - {}
729 - BearerAuthOAuth: []
730
731 parameters:
732 #path
733 - $ref: "#/components/parameters/consentId_PATH"
734 #query # NO QUERY PARAMETER
735 #header
736 #common header parameter
737 - $ref: "#/components/parameters/X-Request-ID"
738 #header to support the signature function
739 - $ref: "#/components/parameters/Digest"
740 - $ref: "#/components/parameters/Signature"
741 - $ref: "#/components/parameters/TPP-Signature-Certificate"
742 #conditional elemention for AIS
743 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
744 #optional additional PSU Information in header
745 - $ref: "#/components/parameters/PSU-IP-Port"
746 - $ref: "#/components/parameters/PSU-Accept"
747 - $ref: "#/components/parameters/PSU-Accept-Charset"
748 - $ref: "#/components/parameters/PSU-Accept-Encoding"
749 - $ref: "#/components/parameters/PSU-Accept-Language"
750 - $ref: "#/components/parameters/PSU-User-Agent"
751 - $ref: "#/components/parameters/PSU-Http-Method"
752 - $ref: "#/components/parameters/PSU-Device-ID"
753 - $ref: "#/components/parameters/PSU-Geo-Location"
754 #NO REQUEST BODY
755
756 responses:
757 '204':
758 $ref: "#/components/responses/NO_CONTENT_204_Consents"
759
760 '400':
761 $ref: "#/components/responses/BAD_REQUEST_400"
762 '401':
763 $ref: "#/components/responses/UNAUTHORIZED_401"
764 '403':
765 $ref: "#/components/responses/FORBIDDEN_403"
766 '404':
767 $ref: "#/components/responses/NOT_FOUND_404_AIS"
768 '405':
769 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
770 '408':
771 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
772 '500':
773 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
774 '503':
775 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
776
777
778 /v1/consents/{consentId}/status:
779 get:
780 summary: Consent status request
781 description: Read the status of an account information consent resource.
782 operationId: getConsentStatus
783 tags:
784 - Account Information Service (AIS)
785
786 security:
787 #####################################################
788 # REMARKS ON SECURITY IN THIS OPENAPI FILE
789 #In this file only the basic security element to transport
790 # the bearer token of an an OAuth2 process, which has to
791 # be included inthe HTTP header ist described.
792 #
793 # WARNING:
794 # If you want to use this file for a productive implementation,
795 # it is recommandes to adjust the security schemes according to
796 # your system enviroments and security policies.
797 #####################################################
798 - {}
799 - BearerAuthOAuth: []
800
801 parameters:
802 #path
803 - $ref: "#/components/parameters/consentId_PATH"
804 #query # NO QUERY PARAMETER
805 #header
806 #common header parameter
807 - $ref: "#/components/parameters/X-Request-ID"
808 #header to support the signature function
809 - $ref: "#/components/parameters/Digest"
810 - $ref: "#/components/parameters/Signature"
811 - $ref: "#/components/parameters/TPP-Signature-Certificate"
812 #conditional elemention for AIS
813 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
814 #optional additional PSU Information in header
815 - $ref: "#/components/parameters/PSU-IP-Port"
816 - $ref: "#/components/parameters/PSU-Accept"
817 - $ref: "#/components/parameters/PSU-Accept-Charset"
818 - $ref: "#/components/parameters/PSU-Accept-Encoding"
819 - $ref: "#/components/parameters/PSU-Accept-Language"
820 - $ref: "#/components/parameters/PSU-User-Agent"
821 - $ref: "#/components/parameters/PSU-Http-Method"
822 - $ref: "#/components/parameters/PSU-Device-ID"
823 - $ref: "#/components/parameters/PSU-Geo-Location"
824 #NO REQUEST BODY
825
826 responses:
827 '200':
828 $ref: "#/components/responses/OK_200_ConsentStatus"
829
830 '400':
831 $ref: "#/components/responses/BAD_REQUEST_400"
832 '401':
833 $ref: "#/components/responses/UNAUTHORIZED_401"
834 '403':
835 $ref: "#/components/responses/FORBIDDEN_403"
836 '404':
837 $ref: "#/components/responses/NOT_FOUND_404_AIS"
838 '405':
839 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
840 '408':
841 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
842 '500':
843 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
844 '503':
845 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
846
847
848 /v1/consents/{consentId}/authorisations:
849
850 post:
851 summary: Start the authorisation process for a consent
852 description: |
853 Create an authorisation sub-resource and start the authorisation process of a consent.
854 The message might in addition transmit authentication and authorisation related data.
855
856 his method is iterated n times for a n times SCA authorisation in a
857 corporate context, each creating an own authorisation sub-endpoint for
858 the corresponding PSU authorising the consent.
859
860 The ASPSP might make the usage of this access method unnecessary,
861 since the related authorisation resource will be automatically created by
862 the ASPSP after the submission of the consent data with the first POST consents call.
863
864 The start authorisation process is a process which is needed for creating a new authorisation
865 or cancellation sub-resource.
866
867 This applies in the following scenarios:
868
869 * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding Payment
870 Initiation Response that an explicit start of the authorisation process is needed by the TPP.
871 The 'startAuthorisation' hyperlink can transport more information about data which needs to be
872 uploaded by using the extended forms.
873 * 'startAuthorisationWithPsuIdentfication',
874 * 'startAuthorisationWithPsuAuthentication' #TODO
875 * 'startAuthorisationWithAuthentciationMethodSelection'
876 * The related payment initiation cannot yet be executed since a multilevel SCA is mandated.
877 * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding
878 Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP.
879 The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded
880 by using the extended forms as indicated above.
881 * The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for
882 executing the cancellation.
883 * The signing basket needs to be authorised yet.
884 operationId: startConsentAuthorisation
885 tags:
886 - Account Information Service (AIS)
887 security:
888 #####################################################
889 # REMARKS ON SECURITY IN THIS OPENAPI FILE
890 #In this file only the basic security element to transport
891 # the bearer token of an an OAuth2 process, which has to
892 # be included inthe HTTP header ist described.
893 #
894 # WARNING:
895 # If you want to use this file for a productive implementation,
896 # it is recommandes to adjust the security schemes according to
897 # your system enviroments and security policies.
898 #####################################################
899 - {}
900 - BearerAuthOAuth: []
901 parameters:
902 #path
903 - $ref: "#/components/parameters/consentId_PATH"
904 #query # NO QUERY PARAMETER
905 #header
906 #common header parameter
907 - $ref: "#/components/parameters/X-Request-ID"
908 #header to support the signature function
909 - $ref: "#/components/parameters/Digest"
910 - $ref: "#/components/parameters/Signature"
911 - $ref: "#/components/parameters/TPP-Signature-Certificate"
912 #method specific header elements
913 - $ref: "#/components/parameters/PSU-ID"
914 - $ref: "#/components/parameters/PSU-ID-Type"
915 - $ref: "#/components/parameters/PSU-Corporate-ID"
916 - $ref: "#/components/parameters/PSU-Corporate-ID-Type"
917 #conditional elemention for AIS
918 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
919 #optional additional PSU Information in header
920 - $ref: "#/components/parameters/PSU-IP-Port"
921 - $ref: "#/components/parameters/PSU-Accept"
922 - $ref: "#/components/parameters/PSU-Accept-Charset"
923 - $ref: "#/components/parameters/PSU-Accept-Encoding"
924 - $ref: "#/components/parameters/PSU-Accept-Language"
925 - $ref: "#/components/parameters/PSU-User-Agent"
926 - $ref: "#/components/parameters/PSU-Http-Method"
927 - $ref: "#/components/parameters/PSU-Device-ID"
928 - $ref: "#/components/parameters/PSU-Geo-Location"
929 #NO REQUEST BODY
930
931 responses:
932 '201':
933 $ref: "#/components/responses/CREATED_201_StartScaProcess"
934
935 '400':
936 $ref: "#/components/responses/BAD_REQUEST_400"
937 '401':
938 $ref: "#/components/responses/UNAUTHORIZED_401"
939 '403':
940 $ref: "#/components/responses/FORBIDDEN_403"
941 '404':
942 $ref: "#/components/responses/NOT_FOUND_404_AIS"
943 '405':
944 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
945 '408':
946 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
947 '429':
948 $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
949 '500':
950 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
951 '503':
952 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
953
954
955 get:
956 summary: Get Consent Authorisation Sub-Resources Request
957 description: |
958 Return a list of all authorisation subresources IDs which have been created.
959
960 This function returns an array of hyperlinks to all generated authorisation sub-resources.
961 operationId: getConsentAuthorisation
962 tags:
963 - Account Information Service (AIS)
964
965 security:
966 #####################################################
967 # REMARKS ON SECURITY IN THIS OPENAPI FILE
968 #In this file only the basic security element to transport
969 # the bearer token of an an OAuth2 process, which has to
970 # be included inthe HTTP header ist described.
971 #
972 # WARNING:
973 # If you want to use this file for a productive implementation,
974 # it is recommandes to adjust the security schemes according to
975 # your system enviroments and security policies.
976 #####################################################
977 - {}
978 - BearerAuthOAuth: []
979
980 parameters:
981 #path
982 - $ref: "#/components/parameters/consentId_PATH"
983 #query # NO QUERY PARAMETER
984 #header
985 #common header parameter
986 - $ref: "#/components/parameters/X-Request-ID"
987 #header to support the signature function
988 - $ref: "#/components/parameters/Digest"
989 - $ref: "#/components/parameters/Signature"
990 - $ref: "#/components/parameters/TPP-Signature-Certificate"
991 #conditional elemention for AIS
992 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
993 #optional additional PSU Information in header
994 - $ref: "#/components/parameters/PSU-IP-Port"
995 - $ref: "#/components/parameters/PSU-Accept"
996 - $ref: "#/components/parameters/PSU-Accept-Charset"
997 - $ref: "#/components/parameters/PSU-Accept-Encoding"
998 - $ref: "#/components/parameters/PSU-Accept-Language"
999 - $ref: "#/components/parameters/PSU-User-Agent"
1000 - $ref: "#/components/parameters/PSU-Http-Method"
1001 - $ref: "#/components/parameters/PSU-Device-ID"
1002 - $ref: "#/components/parameters/PSU-Geo-Location"
1003 #NO REQUEST BODY
1004
1005 responses:
1006 '200':
1007 $ref: "#/components/responses/OK_200_Authorisations"
1008
1009 '400':
1010 $ref: "#/components/responses/BAD_REQUEST_400"
1011 '401':
1012 $ref: "#/components/responses/UNAUTHORIZED_401"
1013 '403':
1014 $ref: "#/components/responses/FORBIDDEN_403"
1015 '404':
1016 $ref: "#/components/responses/NOT_FOUND_404_AIS"
1017 '405':
1018 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
1019 '408':
1020 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
1021 '500':
1022 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
1023 '503':
1024 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
1025
1026
1027 /v1/consents/{consentId}/authorisations/{authorisationId}:
1028
1029 get:
1030 summary: Read the SCA status of the consent authorisation.
1031 description: |
1032 This method returns the SCA status of a consent initiation's authorisation sub-resource.
1033 operationId: getConsentScaStatus
1034 tags:
1035 - Account Information Service (AIS)
1036
1037 security:
1038 #####################################################
1039 # REMARKS ON SECURITY IN THIS OPENAPI FILE
1040 #In this file only the basic security element to transport
1041 # the bearer token of an an OAuth2 process, which has to
1042 # be included inthe HTTP header ist described.
1043 #
1044 # WARNING:
1045 # If you want to use this file for a productive implementation,
1046 # it is recommandes to adjust the security schemes according to
1047 # your system enviroments and security policies.
1048 #####################################################
1049 - {}
1050 - BearerAuthOAuth: []
1051
1052 parameters:
1053 #path
1054 - $ref: "#/components/parameters/consentId_PATH"
1055 - $ref: "#/components/parameters/authorisationId"
1056 #query # NO QUERY PARAMETER
1057 #header
1058 #common header parameter
1059 - $ref: "#/components/parameters/X-Request-ID"
1060 #header to support the signature function
1061 - $ref: "#/components/parameters/Digest"
1062 - $ref: "#/components/parameters/Signature"
1063 - $ref: "#/components/parameters/TPP-Signature-Certificate"
1064 #conditional elemention for AIS
1065 - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
1066 #optional additional PSU Information in header
1067 - $ref: "#/components/parameters/PSU-IP-Port"
1068 - $ref: "#/components/parameters/PSU-Accept"
1069 - $ref: "#/components/parameters/PSU-Accept-Charset"
1070 - $ref: "#/components/parameters/PSU-Accept-Encoding"
1071 - $ref: "#/components/parameters/PSU-Accept-Language"
1072 - $ref: "#/components/parameters/PSU-User-Agent"
1073 - $ref: "#/components/parameters/PSU-Http-Method"
1074 - $ref: "#/components/parameters/PSU-Device-ID"
1075 - $ref: "#/components/parameters/PSU-Geo-Location"
1076 #NO REQUEST BODY
1077
1078 responses:
1079 '200':
1080 $ref: "#/components/responses/OK_200_ScaStatus"
1081
1082 '400':
1083 $ref: "#/components/responses/BAD_REQUEST_400"
1084 '401':
1085 $ref: "#/components/responses/UNAUTHORIZED_401"
1086 '403':
1087 $ref: "#/components/responses/FORBIDDEN_403"
1088 '404':
1089 $ref: "#/components/responses/NOT_FOUND_404_AIS"
1090 '405':
1091 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
1092 '408':
1093 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
1094 '500':
1095 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
1096 '503':
1097 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
1098
1099 #####################################################
1100 # Payment Information Service
1101 #####################################################
1102
1103 /v1/{payment-service}/{payment-product}:
1104
1105 post:
1106 summary: Payment initiation request
1107 description: |
1108 This method is used to initiate a payment at the ASPSP.
1109
1110 ## Adaptation of Payment Initiation Requests
1111
1112 Payment initiations should be sent following the JSON body implementation.
1113 This service was extended to accept internal transfers.
1114 Only Single SCA Processes are accepted, limiting payment initiation services to accounts that may be authenticated in such a way.
1115
1116 There are the following **payment products** in *JSON* format:
1117 - ***sepa-credit-transfers***
1118 - ***internal-transfers***
1119
1120 The request body depends on the **payment-service** which accepts:
1121 * ***payments***: A single payment initiation request.
1122
1123
1124 operationId: initiatePayment
1125 tags:
1126 - Payment Initiation Service (PIS)
1127
1128 security:
1129 #####################################################
1130 # REMARKS ON SECURITY IN THIS OPENAPI FILE
1131 #In this file only the basic security element to transport
1132 # the bearer token of an an OAuth2 process, which has to
1133 # be included inthe HTTP header ist described.
1134 #
1135 # WARNING:
1136 # If you want to use this file for a productive implementation,
1137 # it is recommandes to adjust the security schemes according to
1138 # your system enviroments and security policies.
1139 #####################################################
1140 - {}
1141 - BearerAuthOAuth: []
1142
1143 parameters:
1144 #path
1145 - $ref: "#/components/parameters/paymentService"
1146 - $ref: "#/components/parameters/paymentProduct"
1147 #query # NO QUERY PARAMETER
1148 #header
1149 #common header parameter
1150 - $ref: "#/components/parameters/X-Request-ID"
1151 #header to support the signature function
1152 - $ref: "#/components/parameters/Digest"
1153 - $ref: "#/components/parameters/Signature"
1154 - $ref: "#/components/parameters/TPP-Signature-Certificate"
1155 #method specific header elements
1156 - $ref: "#/components/parameters/PSU-ID"
1157 - $ref: "#/components/parameters/PSU-ID-Type"
1158 - $ref: "#/components/parameters/PSU-Corporate-ID"
1159 - $ref: "#/components/parameters/PSU-Corporate-ID-Type"
1160 - $ref: "#/components/parameters/consentId_HEADER_optional"
1161 - $ref: "#/components/parameters/PSU-IP-Address_mandatory"
1162 - $ref: "#/components/parameters/TPP-Redirect-Preferred"
1163 - $ref: "#/components/parameters/TPP-Redirect-URI"
1164 - $ref: "#/components/parameters/TPP-Nok-Redirect-URI"
1165 - $ref: "#/components/parameters/TPP-Explicit-Authorisation-Preferred"
1166 #optional additional PSU Information in header
1167 - $ref: "#/components/parameters/PSU-IP-Port"
1168 - $ref: "#/components/parameters/PSU-Accept"
1169 - $ref: "#/components/parameters/PSU-Accept-Charset"
1170 - $ref: "#/components/parameters/PSU-Accept-Encoding"
1171 - $ref: "#/components/parameters/PSU-Accept-Language"
1172 - $ref: "#/components/parameters/PSU-User-Agent"
1173 - $ref: "#/components/parameters/PSU-Http-Method"
1174 - $ref: "#/components/parameters/PSU-Device-ID"
1175 - $ref: "#/components/parameters/PSU-Geo-Location"
1176
1177 requestBody:
1178 $ref: "#/components/requestBodies/paymentInitiation"
1179
1180 responses:
1181 '201':
1182 $ref: "#/components/responses/CREATED_201_PaymentInitiation"
1183 '400':
1184 $ref: "#/components/responses/BAD_REQUEST_400"
1185 '401':
1186 $ref: "#/components/responses/UNAUTHORIZED_401"
1187 '403':
1188 $ref: "#/components/responses/FORBIDDEN_403"
1189 '404':
1190 $ref: "#/components/responses/NOT_FOUND_404_PIS"
1191 '405':
1192 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
1193 '408':
1194 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
1195 '500':
1196 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
1197 '503':
1198 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
1199
1200 /v1/{payment-service}/{payment-product}/{paymentId}:
1201
1202 get:
1203 summary: Get Payment Information
1204 description: Returns the content of a payment object
1205 operationId: getPaymentInformation
1206 tags:
1207 - Payment Initiation Service (PIS)
1208 security:
1209 #####################################################
1210 # REMARKS ON SECURITY IN THIS OPENAPI FILE
1211 #In this file only the basic security element to transport
1212 # the bearer token of an an OAuth2 process, which has to
1213 # be included inthe HTTP header ist described.
1214 #
1215 # WARNING:
1216 # If you want to use this file for a productive implementation,
1217 # it is recommandes to adjust the security schemes according to
1218 # your system enviroments and security policies.
1219 #####################################################
1220 - {}
1221 - BearerAuthOAuth: []
1222 parameters:
1223 #path
1224 - $ref: "#/components/parameters/paymentService"
1225 - $ref: "#/components/parameters/paymentProduct"
1226 - $ref: "#/components/parameters/paymentId"
1227 #query # NO QUERY PARAMETER
1228 #header
1229 #common header parameter
1230 - $ref: "#/components/parameters/X-Request-ID"
1231 #header to support the signature function
1232 - $ref: "#/components/parameters/Digest"
1233 - $ref: "#/components/parameters/Signature"
1234 - $ref: "#/components/parameters/TPP-Signature-Certificate"
1235 #optional additional PSU Information in header
1236 - $ref: "#/components/parameters/PSU-IP-Address_optional"
1237 - $ref: "#/components/parameters/PSU-IP-Port"
1238 - $ref: "#/components/parameters/PSU-Accept"
1239 - $ref: "#/components/parameters/PSU-Accept-Charset"
1240 - $ref: "#/components/parameters/PSU-Accept-Encoding"
1241 - $ref: "#/components/parameters/PSU-Accept-Language"
1242 - $ref: "#/components/parameters/PSU-User-Agent"
1243 - $ref: "#/components/parameters/PSU-Http-Method"
1244 - $ref: "#/components/parameters/PSU-Device-ID"
1245 - $ref: "#/components/parameters/PSU-Geo-Location"
1246 #NO REQUEST BODY
1247
1248 responses:
1249 '200':
1250 $ref: "#/components/responses/OK_200_PaymentInitiationInformation"
1251 '400':
1252 $ref: "#/components/responses/BAD_REQUEST_400"
1253 '401':
1254 $ref: "#/components/responses/UNAUTHORIZED_401"
1255 '403':
1256 $ref: "#/components/responses/FORBIDDEN_403"
1257 '404':
1258 $ref: "#/components/responses/NOT_FOUND_404_PIS"
1259 '405':
1260 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
1261 '408':
1262 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
1263 '500':
1264 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
1265 '503':
1266 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
1267
1268 delete:
1269 summary: Payment Cancellation Request
1270 description: |
1271 This method initiates the cancellation of a payment pending authorisation.
1272
1273 An authorisation process is created by this request.
1274
1275 operationId: cancelPayment
1276 tags:
1277 - Payment Initiation Service (PIS)
1278
1279 security:
1280 #####################################################
1281 # REMARKS ON SECURITY IN THIS OPENAPI FILE
1282 #In this file only the basic security element to transport
1283 # the bearer token of an an OAuth2 process, which has to
1284 # be included inthe HTTP header ist described.
1285 #
1286 # WARNING:
1287 # If you want to use this file for a productive implementation,
1288 # it is recommandes to adjust the security schemes according to
1289 # your system enviroments and security policies.
1290 #####################################################
1291 - {}
1292 - BearerAuthOAuth: []
1293
1294 parameters:
1295 #path
1296 - $ref: "#/components/parameters/paymentService"
1297 - $ref: "#/components/parameters/paymentProduct"
1298 - $ref: "#/components/parameters/paymentId"
1299 #query # NO QUERY PARAMETER
1300 #header
1301 #common header parameter
1302 - $ref: "#/components/parameters/X-Request-ID"
1303 #header to support the signature function
1304 - $ref: "#/components/parameters/Digest"
1305 - $ref: "#/components/parameters/Signature"
1306 - $ref: "#/components/parameters/TPP-Signature-Certificate"
1307 #optional additional PSU Information in header
1308 - $ref: "#/components/parameters/PSU-IP-Address_optional"
1309 - $ref: "#/components/parameters/PSU-IP-Port"
1310 - $ref: "#/components/parameters/PSU-Accept"
1311 - $ref: "#/components/parameters/PSU-Accept-Charset"
1312 - $ref: "#/components/parameters/PSU-Accept-Encoding"
1313 - $ref: "#/components/parameters/PSU-Accept-Language"
1314 - $ref: "#/components/parameters/PSU-User-Agent"
1315 - $ref: "#/components/parameters/PSU-Http-Method"
1316 - $ref: "#/components/parameters/PSU-Device-ID"
1317 - $ref: "#/components/parameters/PSU-Geo-Location"
1318 #NO REQUEST BODY
1319
1320 responses:
1321 '204':
1322 $ref: "#/components/responses/NO_CONTENT_204_PaymentInitiationCancel"
1323 '400':
1324 $ref: "#/components/responses/BAD_REQUEST_400"
1325 '401':
1326 $ref: "#/components/responses/UNAUTHORIZED_401"
1327 '403':
1328 $ref: "#/components/responses/FORBIDDEN_403"
1329 '404':
1330 $ref: "#/components/responses/NOT_FOUND_404_PIS"
1331 '405':
1332 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
1333 '408':
1334 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
1335 '500':
1336 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
1337 '503':
1338 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
1339
1340
1341 /v1/{payment-service}/{payment-product}/{paymentId}/status:
1342
1343 get:
1344 summary: Payment initiation status request
1345 description: Check the transaction status of a payment initiation.
1346 operationId: getPaymentInitiationStatus
1347 tags:
1348 - Payment Initiation Service (PIS)
1349
1350 security:
1351 #####################################################
1352 # REMARKS ON SECURITY IN THIS OPENAPI FILE
1353 #In this file only the basic security element to transport
1354 # the bearer token of an an OAuth2 process, which has to
1355 # be included inthe HTTP header ist described.
1356 #
1357 # WARNING:
1358 # If you want to use this file for a productive implementation,
1359 # it is recommandes to adjust the security schemes according to
1360 # your system enviroments and security policies.
1361 #####################################################
1362 - {}
1363 - BearerAuthOAuth: []
1364
1365 parameters:
1366 #path
1367 - $ref: "#/components/parameters/paymentService"
1368 - $ref: "#/components/parameters/paymentProduct"
1369 - $ref: "#/components/parameters/paymentId"
1370 #query # NO QUERY PARAMETER
1371 #header
1372 #common header parameter
1373 - $ref: "#/components/parameters/X-Request-ID"
1374 #header to support the signature function
1375 - $ref: "#/components/parameters/Digest"
1376 - $ref: "#/components/parameters/Signature"
1377 - $ref: "#/components/parameters/TPP-Signature-Certificate"
1378 #optional additional PSU Information in header
1379 - $ref: "#/components/parameters/PSU-IP-Address_optional"
1380 - $ref: "#/components/parameters/PSU-IP-Port"
1381 - $ref: "#/components/parameters/PSU-Accept"
1382 - $ref: "#/components/parameters/PSU-Accept-Charset"
1383 - $ref: "#/components/parameters/PSU-Accept-Encoding"
1384 - $ref: "#/components/parameters/PSU-Accept-Language"
1385 - $ref: "#/components/parameters/PSU-User-Agent"
1386 - $ref: "#/components/parameters/PSU-Http-Method"
1387 - $ref: "#/components/parameters/PSU-Device-ID"
1388 - $ref: "#/components/parameters/PSU-Geo-Location"
1389 #NO REQUEST BODY
1390
1391 responses:
1392 '200':
1393 $ref: "#/components/responses/OK_200_PaymentInitiationStatus"
1394 '400':
1395 $ref: "#/components/responses/BAD_REQUEST_400"
1396 '401':
1397 $ref: "#/components/responses/UNAUTHORIZED_401"
1398 '403':
1399 $ref: "#/components/responses/FORBIDDEN_403"
1400 '404':
1401 $ref: "#/components/responses/NOT_FOUND_404_PIS"
1402 '405':
1403 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
1404 '408':
1405 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
1406 '500':
1407 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
1408 '503':
1409 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
1410
1411 /v1/{payment-service}/{payment-product}/{paymentId}/authorisations:
1412 post:
1413 summary: Start the authorisation process for a payment initiation
1414 description: |
1415 Create an authorisation sub-resource and start the authorisation process.
1416 The message might in addition transmit authentication and authorisation related data.
1417
1418 This method is iterated n times for a n times SCA authorisation in a
1419 corporate context, each creating an own authorisation sub-endpoint for
1420 the corresponding PSU authorising the transaction.
1421
1422 The ASPSP might make the usage of this access method unnecessary in case
1423 of only one SCA process needed, since the related authorisation resource
1424 might be automatically created by the ASPSP after the submission of the
1425 payment data with the first POST payments/{payment-product} call.
1426
1427 The start authorisation process is a process which is needed for creating a new authorisation
1428 or cancellation sub-resource.
1429
1430 This applies in the following scenarios:
1431
1432 * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding Payment
1433 Initiation Response that an explicit start of the authorisation process is needed by the TPP.
1434 The 'startAuthorisation' hyperlink can transport more information about data which needs to be
1435 uploaded by using the extended forms.
1436 * 'startAuthorisationWithPsuIdentfication',
1437 * 'startAuthorisationWithPsuAuthentication' #TODO
1438 * 'startAuthorisationWithAuthentciationMethodSelection'
1439 * The related payment initiation cannot yet be executed since a multilevel SCA is mandated.
1440 * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding
1441 Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP.
1442 The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded
1443 by using the extended forms as indicated above.
1444 * The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for
1445 executing the cancellation.
1446 * The signing basket needs to be authorised yet.
1447 operationId: startPaymentAuthorisation
1448 tags:
1449 - Payment Initiation Service (PIS)
1450 security:
1451 #####################################################
1452 # REMARKS ON SECURITY IN THIS OPENAPI FILE
1453 #In this file only the basic security element to transport
1454 # the bearer token of an an OAuth2 process, which has to
1455 # be included inthe HTTP header ist described.
1456 #
1457 # WARNING:
1458 # If you want to use this file for a productive implementation,
1459 # it is recommandes to adjust the security schemes according to
1460 # your system enviroments and security policies.
1461 #####################################################
1462 - {}
1463 - BearerAuthOAuth: []
1464 parameters:
1465 #path
1466 - $ref: "#/components/parameters/paymentService"
1467 - $ref: "#/components/parameters/paymentProduct"
1468 - $ref: "#/components/parameters/paymentId"
1469 #query # NO QUERY PARAMETER
1470 #header
1471 #common header parameter
1472 - $ref: "#/components/parameters/X-Request-ID"
1473 #method specific header elements
1474 - $ref: "#/components/parameters/PSU-ID"
1475 - $ref: "#/components/parameters/PSU-ID-Type"
1476 - $ref: "#/components/parameters/PSU-Corporate-ID"
1477 - $ref: "#/components/parameters/PSU-Corporate-ID-Type"
1478 #header to support the signature function
1479 - $ref: "#/components/parameters/Digest"
1480 - $ref: "#/components/parameters/Signature"
1481 - $ref: "#/components/parameters/TPP-Signature-Certificate"
1482 #optional additional PSU Information in header
1483 - $ref: "#/components/parameters/PSU-IP-Address_optional"
1484 - $ref: "#/components/parameters/PSU-IP-Port"
1485 - $ref: "#/components/parameters/PSU-Accept"
1486 - $ref: "#/components/parameters/PSU-Accept-Charset"
1487 - $ref: "#/components/parameters/PSU-Accept-Encoding"
1488 - $ref: "#/components/parameters/PSU-Accept-Language"
1489 - $ref: "#/components/parameters/PSU-User-Agent"
1490 - $ref: "#/components/parameters/PSU-Http-Method"
1491 - $ref: "#/components/parameters/PSU-Device-ID"
1492 - $ref: "#/components/parameters/PSU-Geo-Location"
1493 #NO REQUEST BODY
1494
1495 responses:
1496 '201':
1497 $ref: "#/components/responses/CREATED_201_StartScaProcess"
1498
1499 '400':
1500 $ref: "#/components/responses/BAD_REQUEST_400"
1501 '401':
1502 $ref: "#/components/responses/UNAUTHORIZED_401"
1503 '403':
1504 $ref: "#/components/responses/FORBIDDEN_403"
1505 '404':
1506 $ref: "#/components/responses/NOT_FOUND_404_PIS"
1507 '405':
1508 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
1509 '408':
1510 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
1511 '500':
1512 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
1513 '503':
1514 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
1515
1516
1517
1518
1519 get:
1520 summary: Get Payment Initiation Authorisation Sub-Resources Request
1521 description: |
1522 Read a list of all authorisation subresources IDs which have been created.
1523
1524 This function returns an array of hyperlinks to all generated authorisation sub-resources.
1525 operationId: getPaymentInitiationAuthorisation
1526 tags:
1527 - Payment Initiation Service (PIS)
1528
1529 security:
1530 #####################################################
1531 # REMARKS ON SECURITY IN THIS OPENAPI FILE
1532 #In this file only the basic security element to transport
1533 # the bearer token of an an OAuth2 process, which has to
1534 # be included inthe HTTP header ist described.
1535 #
1536 # WARNING:
1537 # If you want to use this file for a productive implementation,
1538 # it is recommandes to adjust the security schemes according to
1539 # your system enviroments and security policies.
1540 #####################################################
1541 - {}
1542 - BearerAuthOAuth: []
1543
1544 parameters:
1545 #path
1546 - $ref: "#/components/parameters/paymentService"
1547 - $ref: "#/components/parameters/paymentProduct"
1548 - $ref: "#/components/parameters/paymentId"
1549 #query # NO QUERY PARAMETER
1550 #header
1551 #common header parameter
1552 - $ref: "#/components/parameters/X-Request-ID"
1553 #header to support the signature function
1554 - $ref: "#/components/parameters/Digest"
1555 - $ref: "#/components/parameters/Signature"
1556 - $ref: "#/components/parameters/TPP-Signature-Certificate"
1557 #optional additional PSU Information in header
1558 - $ref: "#/components/parameters/PSU-IP-Address_optional"
1559 - $ref: "#/components/parameters/PSU-IP-Port"
1560 - $ref: "#/components/parameters/PSU-Accept"
1561 - $ref: "#/components/parameters/PSU-Accept-Charset"
1562 - $ref: "#/components/parameters/PSU-Accept-Encoding"
1563 - $ref: "#/components/parameters/PSU-Accept-Language"
1564 - $ref: "#/components/parameters/PSU-User-Agent"
1565 - $ref: "#/components/parameters/PSU-Http-Method"
1566 - $ref: "#/components/parameters/PSU-Device-ID"
1567 - $ref: "#/components/parameters/PSU-Geo-Location"
1568 #NO REQUEST BODY
1569
1570 responses:
1571 '200':
1572 $ref: "#/components/responses/OK_200_Authorisations"
1573 '400':
1574 $ref: "#/components/responses/BAD_REQUEST_400"
1575 '401':
1576 $ref: "#/components/responses/UNAUTHORIZED_401"
1577 '403':
1578 $ref: "#/components/responses/FORBIDDEN_403"
1579 '404':
1580 $ref: "#/components/responses/NOT_FOUND_404_PIS"
1581 '405':
1582 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
1583 '408':
1584 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
1585 '500':
1586 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
1587 '503':
1588 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
1589
1590
1591 /v1/{payment-service}/{payment-product}/{paymentId}/authorisations/{authorisationId}:
1592
1593 get:
1594 summary: Read the SCA Status of the payment authorisation
1595 description: |
1596 This method returns the SCA status of a payment initiation's authorisation sub-resource, including payment cancels.
1597 operationId: getPaymentInitiationScaStatus
1598 tags:
1599 - Payment Initiation Service (PIS)
1600
1601 security:
1602 #####################################################
1603 # REMARKS ON SECURITY IN THIS OPENAPI FILE
1604 #In this file only the basic security element to transport
1605 # the bearer token of an an OAuth2 process, which has to
1606 # be included inthe HTTP header ist described.
1607 #
1608 # WARNING:
1609 # If you want to use this file for a productive implementation,
1610 # it is recommandes to adjust the security schemes according to
1611 # your system enviroments and security policies.
1612 #####################################################
1613 - {}
1614 - BearerAuthOAuth: []
1615
1616 parameters:
1617 #path
1618 - $ref: "#/components/parameters/paymentService"
1619 - $ref: "#/components/parameters/paymentProduct"
1620 - $ref: "#/components/parameters/paymentId"
1621 - $ref: "#/components/parameters/authorisationId"
1622 #query # NO QUERY PARAMETER
1623 #header
1624 #common header parameter
1625 - $ref: "#/components/parameters/X-Request-ID"
1626 #header to support the signature function
1627 - $ref: "#/components/parameters/Digest"
1628 - $ref: "#/components/parameters/Signature"
1629 - $ref: "#/components/parameters/TPP-Signature-Certificate"
1630 #optional additional PSU Information in header
1631 - $ref: "#/components/parameters/PSU-IP-Address_optional"
1632 - $ref: "#/components/parameters/PSU-IP-Port"
1633 - $ref: "#/components/parameters/PSU-Accept"
1634 - $ref: "#/components/parameters/PSU-Accept-Charset"
1635 - $ref: "#/components/parameters/PSU-Accept-Encoding"
1636 - $ref: "#/components/parameters/PSU-Accept-Language"
1637 - $ref: "#/components/parameters/PSU-User-Agent"
1638 - $ref: "#/components/parameters/PSU-Http-Method"
1639 - $ref: "#/components/parameters/PSU-Device-ID"
1640 - $ref: "#/components/parameters/PSU-Geo-Location"
1641 #NO REQUEST BODY
1642
1643 responses:
1644 '200':
1645 $ref: "#/components/responses/OK_200_ScaStatus"
1646 '400':
1647 $ref: "#/components/responses/BAD_REQUEST_400"
1648 '401':
1649 $ref: "#/components/responses/UNAUTHORIZED_401"
1650 '403':
1651 $ref: "#/components/responses/FORBIDDEN_403"
1652 '404':
1653 $ref: "#/components/responses/NOT_FOUND_404_PIS"
1654 '405':
1655 $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
1656 '408':
1657 $ref: "#/components/responses/REQUEST_TIMEOUT_408"
1658 '500':
1659 $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
1660 '503':
1661 $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
1662
1663
1664
1665 #####################################################
1666 # Funds Confirmation Service
1667 #####################################################
1668
1669
1670
1671
1672components:
1673#####################################################
1674# Predefined Components
1675#####################################################
1676
1677 securitySchemes:
1678 #####################################################
1679 # Predefined Security Schemes:
1680 #
1681 # In this file only the basic security element to transport
1682 # the bearer token of an an OAuth2 process, which has to
1683 # be included inthe HTTP header ist described.
1684 #
1685 # WARNING:
1686 # If you want to use this file for a productive implementation,
1687 # it is recommandes to adjust the security schemes according to
1688 # your system enviroments and security policies.
1689 #####################################################
1690 BearerAuthOAuth:
1691 description: |
1692 Bearer Token.
1693
1694 Is contained only, if an OAuth2 based authentication was performed in a pre-step or
1695 an OAuth2 based SCA was performed in an preceding AIS service in the same session.
1696 type: http
1697 scheme: bearer
1698
1699
1700 schemas:
1701 #####################################################
1702 # Predefined Schemas
1703 #####################################################
1704
1705 paymentId:
1706 description:
1707 Resource identification of the generated payment initiation resource.
1708 type: string
1709 example: "1234-wertiq-983"
1710
1711
1712 authorisationId:
1713 description: Resource identification of the related SCA
1714 type: string
1715 example: "123auth456"
1716
1717
1718 authenticationMethodId:
1719 description: |
1720 An identification provided by the ASPSP for the later identification of the authentication method selection.
1721 type: string
1722 maxLength: 35
1723 example: "myAuthenticationID"
1724
1725
1726 accountId:
1727 description: This identification is denoting the addressed account, where the transaction has been performed.
1728 type: string
1729 example: "qwer3456tzui7890"
1730
1731
1732 consentId:
1733 description: |
1734 ID of the corresponding consent object as returned by an Account Information Consent Request.
1735 type: string
1736
1737
1738 resourceId:
1739 description: |
1740 This identification is given by the attribute resourceId of the corresponding entry of a transaction list.
1741 type: string
1742 example: "3dc3d5b3-7023-4848-9853-f5400a64e80f"
1743
1744
1745 cancellationId:
1746 description: Identification for cancellation resource
1747 type: string
1748 example: "123auth456"
1749
1750
1751 entryReference:
1752 description: |
1753 Is the identification of the transaction as used e.g. for reference for deltafunction on application level.
1754 type: string
1755 maxLength: 35
1756
1757
1758 transactionStatus:
1759 description: |
1760 The transaction status is filled with codes of the ISO 20022 data table:
1761 - 'ACCC': 'AcceptedSettlementCompleted' -
1762 Settlement on the creditor's account has been completed.
1763 - 'ACCP': 'AcceptedCustomerProfile' -
1764 Preceding check of technical validation was successful.
1765 Customer profile check was also successful.
1766 - 'ACSC': 'AcceptedSettlementCompleted' -
1767 Settlement on the debtor�s account has been completed.
1768
1769 **Usage:** this can be used by the first agent to report to the debtor that the transaction has been completed.
1770
1771 **Warning:** this status is provided for transaction status reasons, not for financial information.
1772 It can only be used after bilateral agreement.
1773 - 'ACSP': 'AcceptedSettlementInProcess' -
1774 All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution.
1775 - 'ACTC': 'AcceptedTechnicalValidation' -
1776 Authentication and syntactical and semantical validation are successful.
1777 - 'ACWC': 'AcceptedWithChange' -
1778 Instruction is accepted but a change will be made, such as date or remittance not sent.
1779 - 'ACWP': 'AcceptedWithoutPosting' -
1780 Payment instruction included in the credit transfer is accepted without being posted to the creditor customer�s account.
1781 - 'RCVD': 'Received' -
1782 Payment initiation has been received by the receiving agent.
1783 - 'PDNG': 'Pending' -
1784 Payment initiation or individual transaction included in the payment initiation is pending.
1785 Further checks and status update will be performed.
1786 - 'RJCT': 'Rejected' -
1787 Payment initiation or individual transaction included in the payment initiation has been rejected.
1788 - 'CANC': 'Cancelled'
1789 Payment initiation has been cancelled before execution
1790 Remark: This code is still requested from ISO20022.
1791 - 'ACFC': 'AcceptedFundsChecked' -
1792 Preceeding check of technical validation and customer profile was successful and an automatic funds check was positive .
1793 Remark: This code is still requested from ISO20022.
1794 - 'PATC': 'PartiallyAcceptedTechnical'
1795 Correct The payment initiation needs multiple authentications, where some but not yet all have been performed. Syntactical and semantical validations are successful.
1796 Remark: This code is still requested from ISO20022.
1797
1798 type: string
1799 enum:
1800 - "ACCC"
1801 - "ACCP"
1802 - "ACSC"
1803 - "ACSP"
1804 - "ACTC"
1805 - "ACWC"
1806 - "ACWP"
1807 - "RCVD"
1808 - "PDNG"
1809 - "RJCT"
1810 - "CANC"
1811 - "ACFC"
1812 - "PATC"
1813 example: "ACCP"
1814
1815
1816 scaStatus:
1817 description: |
1818 This data element is containing information about the status of the SCA method applied.
1819
1820 The following codes are defined for this data type.
1821
1822 * 'psuAuthenticated':
1823 The PSU related to the authorisation resource has been identified and authenticated e.g. by a password.
1824 * 'scaMethodSelected':
1825 First status to be reported instead since method is predetermined.
1826 * 'finalised':
1827 The SCA routine has been finalised successfully.
1828 * 'failed':
1829 The SCA routine failed
1830 * 'exempted':
1831 SCA was exempted for the related transaction, the related authorisation is successful.
1832 type: string
1833 enum:
1834 - "psuAuthenticated"
1835 - "scaMethodSelected"
1836 - "finalised"
1837 - "failed"
1838 - "exempted"
1839
1840 example: "psuAuthenticated"
1841
1842
1843 scaAuthenticationData:
1844 description: |
1845 SCA authentication data, depending on the chosen authentication method.
1846 If the data is binary, then it is base64 encoded.
1847 type: string
1848
1849 consentStatus:
1850 description: |
1851 This is the overall lifecycle status of the consent.
1852
1853 Valid values are:
1854 - 'received': The consent data have been received and are technically correct.
1855 The data is not authorised yet.
1856 - 'rejected': The consent data have been rejected e.g. since no successful authorisation has taken place.
1857 - 'valid': The consent is accepted and valid for GET account data calls and others as specified in the consent object.
1858 - 'revokedByPsu': The consent has been revoked by the PSU towards the ASPSP.
1859 - 'expired': The consent expired.
1860 - 'terminatedByTpp': The corresponding TPP has terminated the consent by applying the DELETE method to the consent resource.
1861
1862 The ASPSP might add further codes. These codes then shall be contained in the ASPSP's documentation of the XS2A interface
1863 and has to be added to this API definition as well.
1864 type: string
1865 enum:
1866 - "received"
1867 - "rejected"
1868 - "valid"
1869 - "revokedByPsu"
1870 - "expired"
1871 - "terminatedByTpp"
1872
1873
1874 transactionFeeIndicator:
1875 description: |
1876 If equals 'true', the transaction will involve specific transaction cost as shown by the ASPSP in
1877 their public price list or as agreed between ASPSP and PSU.
1878 If equals 'false', the transaction will not involve additional specific transaction costs to the PSU.
1879 type: boolean
1880
1881 recurringIndicator:
1882 description: |
1883 "true", if the consent is for recurring access to the account data.
1884
1885 "false", if the consent is for one access to the account data.
1886 type: boolean
1887 example: false
1888
1889 authenticationType:
1890 description: |
1891 Type of the authentication method.
1892
1893 More authentication types might be added during implementation projects and documented in the ASPSP documentation.
1894
1895 - 'SMS_OTP': An SCA method, where an OTP linked to the transaction to be authorised is sent to the PSU through a SMS channel.
1896 - 'CHIP_OTP': An SCA method, where an OTP is generated by a chip card, e.g. an TOP derived from an EMV cryptogram.
1897 To contact the card, the PSU normally needs a (handheld) device.
1898 With this device, the PSU either reads the challenging data through a visual interface like flickering or
1899 the PSU types in the challenge through the device key pad.
1900 The device then derives an OTP from the challenge data and displays the OTP to the PSU.
1901 - 'PHOTO_OTP': An SCA method, where the challenge is a QR code or similar encoded visual data
1902 which can be read in by a consumer device or specific mobile app.
1903 The device resp. the specific app than derives an OTP from the visual challenge data and displays
1904 the OTP to the PSU.
1905 - 'PUSH_OTP': An OTP is pushed to a dedicated authentication APP and displayed to the PSU.
1906
1907 type: string
1908 enum:
1909 - "SMS_OTP"
1910 - "CHIP_OTP"
1911 - "PHOTO_OTP"
1912 - "PUSH_OTP"
1913
1914
1915 hrefType:
1916 description: Link to a resource
1917 type: string
1918 example: "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
1919
1920 hrefTypeAccount:
1921 description: Link to an account detail
1922 type: string
1923 example: "/v1/accounts/1234-wertiq-983"
1924
1925 hrefTypeAccountList:
1926 description: Link to the account list
1927 type: string
1928 example: "/v1/accounts"
1929
1930 hrefTypeSCT:
1931 description: Link to an SCT
1932 type: string
1933 example: "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
1934
1935 hrefTypeIT:
1936 description: Link to an IT
1937 type: string
1938 example: "/v1/payments/internal-transfers/1234-wertiq-983"
1939
1940 hrefTypeBalances:
1941 description: Link to balances
1942 type: string
1943 example: "/v1/accounts/1234-wertiq-983/balances"
1944
1945 hrefTypeTransactions:
1946 description: Link to transactions
1947 type: string
1948 example: "/v1/accounts/1234-wertiq-983/transactions"
1949
1950 hrefTypeTransactionDetails:
1951 description: Link to a transaction detail
1952 type: string
1953 example: "/v1/accounts/1234-wertiq-983/transactions/1234-wertiq-983"
1954
1955 hrefTypeSCARedirect:
1956 description: Link to a resource
1957 type: string
1958 example: "/v1/payments/sepa-credit-transfers/1234-wertiq-983/authorisations/1234-wertiq-983/redirect"
1959
1960 hrefTypeSCAStatus:
1961 description: Link to a resource
1962 type: string
1963 example: "/v1/payments/sepa-credit-transfers/1234-wertiq-983/authorisations/1234-wertiq-983/status"
1964
1965 hrefTypeStatus:
1966 description: Link to a resource
1967 type: string
1968 example: "/v1/payments/sepa-credit-transfers/1234-wertiq-983/authorisations/1234-wertiq-983/status"
1969
1970 authorisationsList:
1971 description: An array of all authorisationIds
1972 type: array
1973 items:
1974 $ref: "#/components/schemas/authorisationId"
1975
1976 authorisations:
1977 description: An array of all authorisationIds
1978 type: object
1979 required:
1980 - authorisationIds
1981 properties:
1982 authorisationIds:
1983 $ref: "#/components/schemas/authorisationsList"
1984
1985 accountReference:
1986 description: |
1987 Reference to an account by either
1988 * IBAN, of a payment accounts
1989 type: object
1990 properties:
1991 iban:
1992 $ref: "#/components/schemas/iban"
1993
1994
1995 subAccountReference:
1996 description: |
1997 Reference to a subaccount by an ASPSP reference
1998 type: object
1999 properties:
2000 subAccountId:
2001 $ref: "#/components/schemas/subAccountId"
2002 subAccountName:
2003 $ref: "#/components/schemas/subAccountName"
2004
2005
2006 subAccountId:
2007 description: |
2008 Reference to a subaccount by an ASPSP reference
2009 type: string
2010 example: "0"
2011
2012
2013 subAccountName:
2014 description: |
2015 Name of the subaccount
2016 type: string
2017 example: "DO"
2018
2019 balanceType:
2020 description: |
2021 The following balance types are defined:
2022 - "closingBooked":
2023 Balance of the account at the end of the pre-agreed account reporting period.
2024 It is the sum of the opening booked balance at the beginning of the period and all entries booked
2025 to the account during the pre-agreed account reporting period.
2026
2027 - "valueDate":
2028 Value date balance composed of booked entries and pending items known at the time of calculation ,
2029 which projects the end of day balance for interest calculation if everything is booked on the account and no other entry is posted.
2030
2031 - "expected":
2032 Balance composed of booked entries and pending items known at the time of calculation,
2033 which projects the end of day balance if everything is booked on the account and no other entry is posted.
2034
2035 - "available":
2036 The Value Date balance deducted of credits awayting good collection, capital market buys and other debits pending settlement.
2037
2038 - "authorised":
2039 The available balance together with the value of a pre-approved credit line the ASPSP makes permanently available to the user.
2040
2041 type: string
2042 enum:
2043 - "closingBooked"
2044 - "expected"
2045 - "authorised"
2046 - "available"
2047 - "valueDate"
2048
2049 accountAccess:
2050 description: |
2051 Requested access services for a consent.
2052 type: object
2053 properties:
2054 accounts:
2055 description: |
2056 Is asking for detailed account information.
2057 type: array
2058 items:
2059 $ref: "#/components/schemas/accountReference"
2060 balances:
2061 description: |
2062 Is asking for balances of the addressed accounts.
2063 type: array
2064 items:
2065 $ref: "#/components/schemas/accountReference"
2066 transactions:
2067 description: |
2068 Is asking for transactions of the addressed accounts.
2069 type: array
2070 items:
2071 $ref: "#/components/schemas/accountReference"
2072 availableAccounts:
2073 description: |
2074 Not supported by API provider.
2075 type: string
2076 enum:
2077 - "allAccounts"
2078 - "allAccountsWithBalances"
2079 allPsd2:
2080 description: |
2081 Supported by API provider.
2082
2083 Only the value "allAccounts" is admitted.
2084 type: string
2085 enum:
2086 - "allAccounts"
2087
2088 cashAccountType:
2089 description: |
2090 ExternalCashAccountType1Code from ISO 20022.
2091 type: string
2092
2093 accountStatus:
2094 description: |
2095 Account status. The value is one of the following:
2096 - "enabled": account is available
2097 - "deleted": account is terminated
2098 - "blocked": account is blocked e.g. for legal reasons
2099 If this field is not used, than the account is available in the sense of this specification.
2100 type: string
2101 enum:
2102 - "enabled"
2103 - "deleted"
2104 - "blocked"
2105
2106 accountDetails:
2107 description: |
2108 The ASPSP shall give the following account reference identifiers:
2109 - iban
2110 type: object
2111 required:
2112 - currency
2113 properties:
2114 resourceId:
2115 description: This shall be filled, if addressable resource are created by the ASPSP on the /accounts endpoint.
2116 type: string
2117 iban:
2118 $ref: "#/components/schemas/iban"
2119 name:
2120 description: Name of the account given by the bank or the PSU in online-banking.
2121 type: string
2122 maxLength: 35
2123 product:
2124 description: Product name of the bank for this account, proprietary definition.
2125 type: string
2126 maxLength: 35
2127 cashAccountType:
2128 $ref: "#/components/schemas/cashAccountType"
2129 status:
2130 $ref: "#/components/schemas/accountStatus"
2131 bic:
2132 $ref: "#/components/schemas/bicfi"
2133 linkedAccounts:
2134 description: Case of a set of pending card transactions, the APSP will provide the relevant cash account the card is set up on.
2135 type: string
2136 maxLength: 70
2137 usage:
2138 description: |
2139 Specifies the usage of the account
2140 * PRIV: private personal account
2141 * ORGA: professional account
2142 type: string
2143 maxLength: 4
2144 enum:
2145 - "PRIV"
2146 - "ORGA"
2147 details:
2148 description: |
2149 Specifications that might be provided by the ASPSP
2150 - characteristics of the account
2151 - characteristics of the relevant card
2152 type: string
2153 maxLength: 140
2154 _links:
2155 $ref: "#/components/schemas/_linksAccountDetails"
2156
2157 accountList:
2158 description: |
2159 List of accounts with details.
2160 type: object
2161 properties:
2162 accounts:
2163 type: array
2164 items:
2165 $ref: "#/components/schemas/accountDetails"
2166
2167
2168 accountReport:
2169 description: |
2170 JSON based account report.
2171 This account report contains transactions resulting from the query parameters.
2172
2173 'booked' shall be contained if bookingStatus parameter is set to "booked" or "both".
2174
2175 'pending' is not contained if the bookingStatus parameter is set to "booked".
2176 type: object
2177 required:
2178 - _links
2179 properties:
2180 booked:
2181 $ref: "#/components/schemas/transactionList"
2182 pending:
2183 $ref: "#/components/schemas/transactionList"
2184 _links:
2185 $ref: "#/components/schemas/_linksAccountReport"
2186
2187
2188 transactionList:
2189 description: Array of transaction details
2190 type: array
2191 items:
2192 $ref: "#/components/schemas/transactionDetails"
2193
2194
2195 transactionDetails:
2196 description: Transaction details
2197 type: object
2198 required:
2199 - transactionAmount
2200 properties:
2201 transactionId:
2202 description: |
2203 the Transaction Id can be used as access-ID in the API, where more details on an transaction is offered.
2204 If this data attribute is provided this shows that the AIS can get access on more details about this
2205 transaction using the GET Transaction Details Request
2206 type: string
2207 entryReference:
2208 description: |
2209 Is the identification of the transaction as used e.g. for reference for deltafunction on application level.
2210 type: string
2211 maxLength: 35
2212 endToEndId:
2213 description: Unique end to end identity.
2214 type: string
2215 maxLength: 35
2216 mandateId:
2217 description: Identification of Mandates, e.g. a SEPA Mandate ID.
2218 type: string
2219 maxLength: 35
2220 checkId:
2221 description: Identification of a Cheque.
2222 type: string
2223 maxLength: 35
2224 creditorId:
2225 description: Identification of Creditors, e.g. a SEPA Creditor ID.
2226 type: string
2227 maxLength: 35
2228 bookingDate:
2229 $ref: "#/components/schemas/bookingDate"
2230 valueDate:
2231 description: The Date at which assets become available to the account owner in case of a credit.
2232 type: string
2233 format: date
2234 transactionAmount:
2235 $ref: "#/components/schemas/amount"
2236 exchangeRate:
2237 $ref: "#/components/schemas/exchangeRateList"
2238 creditorName:
2239 $ref: "#/components/schemas/creditorName"
2240 creditorAccount:
2241 $ref: "#/components/schemas/accountReference"
2242 ultimateCreditor:
2243 $ref: "#/components/schemas/ultimateCreditor"
2244 debtorName:
2245 $ref: "#/components/schemas/debtorName"
2246 debtorAccount:
2247 $ref: "#/components/schemas/accountReference"
2248 ultimateDebtor:
2249 $ref: "#/components/schemas/ultimateDebtor"
2250 remittanceInformationUnstructured:
2251 type: string
2252 maxLength: 140
2253 purposeCode:
2254 $ref: "#/components/schemas/purposeCode"
2255 bankTransactionCode:
2256 $ref: "#/components/schemas/bankTransactionCode"
2257 proprietaryBankTransactionCode:
2258 $ref: "#/components/schemas/proprietaryBankTransactionCode"
2259 _links:
2260 $ref: "#/components/schemas/_linksTransactionDetails"
2261
2262
2263 exchangeRateList:
2264 description: Array of exchange rates
2265 type: array
2266 items:
2267 $ref: "#/components/schemas/exchangeRate"
2268
2269
2270 exchangeRate:
2271 description: Exchange Rate
2272 type: object
2273 required:
2274 - sourceCurrency
2275 - rate
2276 - unitCurrency
2277 - targetCurrency
2278 - rateDate
2279 properties:
2280 sourceCurrency:
2281 $ref: "#/components/schemas/currencyCode"
2282 rate:
2283 type: string
2284 unitCurrency:
2285 type: string
2286 targetCurrency:
2287 $ref: "#/components/schemas/currencyCode"
2288 rateDate:
2289 type: string
2290 format: date
2291 rateContract:
2292 type: string
2293
2294
2295 balance:
2296 description: |
2297 A single balance element
2298 type:
2299 object
2300 required:
2301 - balanceAmount
2302 - balanceType
2303 - balanceSubAccount
2304 properties:
2305 balanceAmount:
2306 $ref: "#/components/schemas/amount"
2307 balanceType:
2308 $ref: "#/components/schemas/balanceType"
2309 balanceSubAccount:
2310 $ref: "#/components/schemas/subAccountReference"
2311 lastChangeDateTime:
2312 description: |
2313 This data element might be used to indicate e.g. with the expected or booked balance that no action is known
2314 on the account, which is not yet booked.
2315 type: string
2316 format: date-time
2317 referenceDate:
2318 description: Reference date of the balance
2319 type: string
2320 format: date
2321 lastCommittedTransaction:
2322 description: |
2323 "entryReference" of the last commited transaction to support the TPP in identifying whether all
2324 PSU transactions are already known.
2325 type: string
2326 maxLength: 35
2327
2328
2329 balanceList:
2330 description: |
2331 A list of balances regarding this account, e.g. the current balance, the last booked balance.
2332 The list migght be restricted to the current ballance.
2333 type: array
2334 items:
2335 $ref: "#/components/schemas/balance"
2336
2337
2338 cancellationList:
2339 description: An array of all cancellationIds connected to this resource.
2340 type: array
2341 items:
2342 $ref: "#/components/schemas/cancellationId"
2343
2344
2345 bicfi:
2346 description: |
2347 BICFI
2348 type: string
2349 pattern: "[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}"
2350 example: "AAAADEBBXXX"
2351
2352
2353 iban:
2354 type: string
2355 description: IBAN of an account
2356 pattern: "[A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30}"
2357 example: "FR7612345987650123456789014"
2358
2359
2360 address:
2361 type: object
2362 required:
2363 - country
2364 properties:
2365 street:
2366 type: string
2367 maxLength: 70
2368 buildingNumber:
2369 type: string
2370 city:
2371 type: string
2372 postalCode:
2373 type: string
2374 country:
2375 $ref: "#/components/schemas/countryCode"
2376 example:
2377 {
2378 street: "rue blue",
2379 buildingnNumber: "89",
2380 city: "Paris",
2381 postalCode: "75000",
2382 country: "FR"
2383 }
2384
2385
2386 countryCode:
2387 description: ISO 3166 ALPHA2 country code
2388 type: string
2389 pattern: "[A-Z]{2}"
2390 example: "SE"
2391
2392
2393 amount:
2394 type: object
2395 required:
2396 - currency
2397 - amount
2398 properties:
2399 currency:
2400 $ref: "#/components/schemas/currencyCode"
2401 amount:
2402 $ref: "#/components/schemas/amountValue"
2403 example:
2404 {
2405 "currency": "EUR",
2406 "amount": "123"
2407 }
2408
2409
2410 currencyCode:
2411 description: |
2412 ISO 4217 Alpha 3 currency code
2413 type: string
2414 pattern: "[A-Z]{3}"
2415 example: "EUR"
2416
2417
2418 amountValue:
2419 description: |
2420 The amount given with fractional digits, where fractions must be compliant to the currency definition.
2421 Up to 14 significant figures. Negative amounts are signed by minus.
2422 The decimal separator is a dot.
2423
2424 **Example:**
2425 Valid representations for EUR with up to two decimals are:
2426
2427 * 1056
2428 * 5768.2
2429 * -1.50
2430 * 5877.78
2431 type: string
2432 pattern: "-?[0-9]{1,14}(\\.[0-9]{1,3})?"
2433 example: "5877.78"
2434
2435
2436 remittanceInformationUnstructured:
2437 description: |
2438 Unstructured remittance information
2439 type: string
2440 maxLength: 140
2441 example: "Ref Number Merchant"
2442
2443
2444 #####################################################
2445 # Predefined Text Formats
2446 #####################################################
2447
2448 purposeCode:
2449 description: |
2450 ExternalPurpose1Code from ISO 20022.
2451
2452 Values from ISO 20022 External Code List ExternalCodeSets_1Q2018 June 2018.
2453
2454 type: string
2455 enum:
2456 - "BKDF"
2457 - "BKFE"
2458 - "BKFM"
2459 - "BKIP"
2460 - "BKPP"
2461 - "CBLK"
2462 - "CDCB"
2463 - "CDCD"
2464 - "CDCS"
2465 - "CDDP"
2466 - "CDOC"
2467 - "CDQC"
2468 - "ETUP"
2469 - "FCOL"
2470 - "MTUP"
2471 - "ACCT"
2472 - "CASH"
2473 - "COLL"
2474 - "CSDB"
2475 - "DEPT"
2476 - "INTC"
2477 - "LIMA"
2478 - "NETT"
2479 - "BFWD"
2480 - "CCIR"
2481 - "CCPC"
2482 - "CCPM"
2483 - "CCSM"
2484 - "CRDS"
2485 - "CRPR"
2486 - "CRSP"
2487 - "CRTL"
2488 - "EQPT"
2489 - "EQUS"
2490 - "EXPT"
2491 - "EXTD"
2492 - "FIXI"
2493 - "FWBC"
2494 - "FWCC"
2495 - "FWSB"
2496 - "FWSC"
2497 - "MARG"
2498 - "MBSB"
2499 - "MBSC"
2500 - "MGCC"
2501 - "MGSC"
2502 - "OCCC"
2503 - "OPBC"
2504 - "OPCC"
2505 - "OPSB"
2506 - "OPSC"
2507 - "OPTN"
2508 - "OTCD"
2509 - "REPO"
2510 - "RPBC"
2511 - "RPCC"
2512 - "RPSB"
2513 - "RPSC"
2514 - "RVPO"
2515 - "SBSC"
2516 - "SCIE"
2517 - "SCIR"
2518 - "SCRP"
2519 - "SHBC"
2520 - "SHCC"
2521 - "SHSL"
2522 - "SLEB"
2523 - "SLOA"
2524 - "SWBC"
2525 - "SWCC"
2526 - "SWPT"
2527 - "SWSB"
2528 - "SWSC"
2529 - "TBAS"
2530 - "TBBC"
2531 - "TBCC"
2532 - "TRCP"
2533 - "AGRT"
2534 - "AREN"
2535 - "BEXP"
2536 - "BOCE"
2537 - "COMC"
2538 - "CPYR"
2539 - "GDDS"
2540 - "GDSV"
2541 - "GSCB"
2542 - "LICF"
2543 - "MP2B"
2544 - "POPE"
2545 - "ROYA"
2546 - "SCVE"
2547 - "SERV"
2548 - "SUBS"
2549 - "SUPP"
2550 - "TRAD"
2551 - "CHAR"
2552 - "COMT"
2553 - "MP2P"
2554 - "ECPG"
2555 - "ECPR"
2556 - "ECPU"
2557 - "EPAY"
2558 - "CLPR"
2559 - "COMP"
2560 - "DBTC"
2561 - "GOVI"
2562 - "HLRP"
2563 - "HLST"
2564 - "INPC"
2565 - "INPR"
2566 - "INSC"
2567 - "INSU"
2568 - "INTE"
2569 - "LBRI"
2570 - "LIFI"
2571 - "LOAN"
2572 - "LOAR"
2573 - "PENO"
2574 - "PPTI"
2575 - "RELG"
2576 - "RINP"
2577 - "TRFD"
2578 - "FORW"
2579 - "FXNT"
2580 - "ADMG"
2581 - "ADVA"
2582 - "BCDM"
2583 - "BCFG"
2584 - "BLDM"
2585 - "BNET"
2586 - "CBFF"
2587 - "CBFR"
2588 - "CCRD"
2589 - "CDBL"
2590 - "CFEE"
2591 - "CGDD"
2592 - "CORT"
2593 - "COST"
2594 - "CPKC"
2595 - "DCRD"
2596 - "DSMT"
2597 - "DVPM"
2598 - "EDUC"
2599 - "FACT"
2600 - "FAND"
2601 - "FCPM"
2602 - "FEES"
2603 - "GOVT"
2604 - "ICCP"
2605 - "IDCP"
2606 - "IHRP"
2607 - "INSM"
2608 - "IVPT"
2609 - "MCDM"
2610 - "MCFG"
2611 - "MSVC"
2612 - "NOWS"
2613 - "OCDM"
2614 - "OCFG"
2615 - "OFEE"
2616 - "OTHR"
2617 - "PADD"
2618 - "PTSP"
2619 - "RCKE"
2620 - "RCPT"
2621 - "REBT"
2622 - "REFU"
2623 - "RENT"
2624 - "REOD"
2625 - "RIMB"
2626 - "RPNT"
2627 - "RRBN"
2628 - "RVPM"
2629 - "SLPI"
2630 - "SPLT"
2631 - "STDY"
2632 - "TBAN"
2633 - "TBIL"
2634 - "TCSC"
2635 - "TELI"
2636 - "TMPG"
2637 - "TPRI"
2638 - "TPRP"
2639 - "TRNC"
2640 - "TRVC"
2641 - "WEBI"
2642 - "ANNI"
2643 - "CAFI"
2644 - "CFDI"
2645 - "CMDT"
2646 - "DERI"
2647 - "DIVD"
2648 - "FREX"
2649 - "HEDG"
2650 - "INVS"
2651 - "PRME"
2652 - "SAVG"
2653 - "SECU"
2654 - "SEPI"
2655 - "TREA"
2656 - "UNIT"
2657 - "FNET"
2658 - "FUTR"
2659 - "ANTS"
2660 - "CVCF"
2661 - "DMEQ"
2662 - "DNTS"
2663 - "HLTC"
2664 - "HLTI"
2665 - "HSPC"
2666 - "ICRF"
2667 - "LTCF"
2668 - "MAFC"
2669 - "MARF"
2670 - "MDCS"
2671 - "VIEW"
2672 - "CDEP"
2673 - "SWFP"
2674 - "SWPP"
2675 - "SWRS"
2676 - "SWUF"
2677 - "ADCS"
2678 - "AEMP"
2679 - "ALLW"
2680 - "ALMY"
2681 - "BBSC"
2682 - "BECH"
2683 - "BENE"
2684 - "BONU"
2685 - "CCHD"
2686 - "COMM"
2687 - "CSLP"
2688 - "GFRP"
2689 - "GVEA"
2690 - "GVEB"
2691 - "GVEC"
2692 - "GVED"
2693 - "GWLT"
2694 - "HREC"
2695 - "PAYR"
2696 - "PEFC"
2697 - "PENS"
2698 - "PRCP"
2699 - "RHBS"
2700 - "SALA"
2701 - "SSBE"
2702 - "LBIN"
2703 - "LCOL"
2704 - "LFEE"
2705 - "LMEQ"
2706 - "LMFI"
2707 - "LMRK"
2708 - "LREB"
2709 - "LREV"
2710 - "LSFL"
2711 - "ESTX"
2712 - "FWLV"
2713 - "GSTX"
2714 - "HSTX"
2715 - "INTX"
2716 - "NITX"
2717 - "PTXP"
2718 - "RDTX"
2719 - "TAXS"
2720 - "VATX"
2721 - "WHLD"
2722 - "TAXR"
2723 - "B112"
2724 - "BR12"
2725 - "TLRF"
2726 - "TLRR"
2727 - "AIRB"
2728 - "BUSB"
2729 - "FERB"
2730 - "RLWY"
2731 - "TRPT"
2732 - "CBTV"
2733 - "ELEC"
2734 - "ENRG"
2735 - "GASB"
2736 - "NWCH"
2737 - "NWCM"
2738 - "OTLC"
2739 - "PHON"
2740 - "UBIL"
2741 - "WTER"
2742
2743
2744 cardAcceptorCategoryCode:
2745 description: |
2746 Card Acceptor Category Code of the Card Acceptor as given in the related card transaction.
2747 type: string #TODO Type in IG not defined probably identical to merchant category code.
2748
2749 bankTransactionCode:
2750 description: |
2751 Bank transaction code as used by the ASPSP and using the sub elements of this structured code defined by ISO 20022.
2752
2753 This code type is concatenating the three ISO20022 Codes
2754 * Domain Code,
2755 * Family Code, and
2756 * SubFamiliy Code
2757 by hyphens, resulting in �DomainCode�-�FamilyCode�-�SubFamilyCode�.
2758 type: string
2759 example: "PMNT-RCDT-ESCT"
2760
2761
2762 proprietaryBankTransactionCode:
2763 description: |
2764 Proprietary bank transaction code as used within a community or within an ASPSP e.g.
2765 for MT94x based transaction reports.
2766 type: string
2767 maxLength: 35
2768
2769
2770 frequencyCode:
2771 description: |
2772 The following codes from the "EventFrequency7Code" of ISO 20022 are supported.
2773 - "Daily"
2774 - "Weekly"
2775 - "EveryTwoWeeks"
2776 - "Monthly"
2777 - "EveryTwoMonths"
2778 - "Quarterly"
2779 - "SemiAnnual"
2780 - "Annual"
2781 type: string
2782 enum:
2783 - "Daily"
2784 - "Weekly"
2785 - "EveryTwoWeeks"
2786 - "Monthly"
2787 - "EveryTwoMonths"
2788 - "Quarterly"
2789 - "SemiAnnual"
2790 - "Annual"
2791
2792
2793 frequencyPerDay:
2794 description: |
2795 This field indicates the requested maximum frequency for an access without PSU involvement per day.
2796 For a one-off access, this attribute is set to "1".
2797 type: integer
2798 example: 4
2799
2800
2801 dayOfExecution:
2802 description: |
2803 Day of execution as string.
2804
2805 This string consists of up two characters.
2806 Leading zeroes are not allowed.
2807
2808 31 is ultimo of the month.
2809 type: string
2810 maxLength: 2
2811 enum:
2812 - "1"
2813 - "2"
2814 - "3"
2815 - "4"
2816 - "5"
2817 - "6"
2818 - "7"
2819 - "8"
2820 - "9"
2821 - "10"
2822 - "11"
2823 - "12"
2824 - "13"
2825 - "14"
2826 - "15"
2827 - "16"
2828 - "17"
2829 - "18"
2830 - "19"
2831 - "20"
2832 - "21"
2833 - "22"
2834 - "23"
2835 - "24"
2836 - "25"
2837 - "26"
2838 - "27"
2839 - "28"
2840 - "29"
2841 - "30"
2842 - "31"
2843
2844
2845 executionRule:
2846 description: |
2847 "following" or "preceeding" supported as values.
2848 This data attribute defines the behavior when recurring payment dates falls on a weekend or bank holiday.
2849 The payment is then executed either the "preceeding" or "following" working day.
2850 ASPSP might reject the request due to the communicated value, if rules in Online-Banking are not supporting
2851 this execution rule.
2852 type: string
2853 enum:
2854 - "following"
2855 - "preceeding"
2856
2857 psuData:
2858 description: PSU Data for Update PSU Authentication.
2859 type: object
2860 required:
2861 - password
2862 properties:
2863 password:
2864 description: Password
2865 type: string
2866
2867 psuMessageText:
2868 description: Text to be displayed to the PSU
2869 type: string
2870 maxLength: 512
2871
2872 creditorName:
2873 description: Creditor Name
2874 type: string
2875 maxLength: 70
2876 example: "Creditor Name"
2877
2878 debtorName:
2879 description: Debtor Name
2880 type: string
2881 maxLength: 70
2882 example: "Debtor Name"
2883
2884 ultimateDebtor:
2885 description: Ultimate Debtor
2886 type: string
2887 maxLength: 70
2888 example: "Ultimate Debtor"
2889
2890 ultimateCreditor:
2891 description: Ultimate Creditor
2892 type: string
2893 maxLength: 70
2894 example: "Ultimate Creditor"
2895
2896 #####################################################
2897 # Predefined Date and Time Related Formats
2898 #####################################################
2899
2900 transactionDate:
2901 description: Date of the actual card transaction
2902 type: string
2903 format: date
2904
2905 startDate:
2906 description: |
2907 The first applicable day of execution starting from this date is the first payment.
2908 type: string
2909 format: date
2910
2911 endDate:
2912 description: |
2913 The last applicable day of execution
2914 If not given, it is an infinite standing order.
2915 type: string
2916 format: date
2917
2918 bookingDate:
2919 description: |
2920 The Date when an entry is posted to an account on the ASPSPs books.
2921 type: string
2922 format: date
2923
2924 validUntil:
2925 description: |
2926 This parameter is requesting a valid until date for the requested consent.
2927 The content is the local ASPSP date in ISO-Date Format, e.g. 2017-10-30.
2928
2929 Future dates might get adjusted by ASPSP.
2930
2931 If a maximal available date is requested, a date in far future is to be used: "9999-12-31".
2932
2933 In both cases the consent object to be retrieved by the GET Consent Request will contain the adjusted date.
2934 type: string
2935 format: date
2936 example: "2020-12-31"
2937
2938 lastActionDate:
2939 description: |
2940 This date is containing the date of the last action on the consent object either through
2941 the XS2A interface or the PSU/ASPSP interface having an impact on the status.
2942 type: string
2943 format: date
2944 example: "2018-07-01"
2945
2946
2947#####################################################
2948# Content of Request Bodies
2949#####################################################
2950
2951
2952
2953 #####################################################
2954 # Content of Request Bodies - JSON
2955 #####################################################
2956
2957 paymentInitiationSct_json:
2958 description: |
2959 Body for a SCT payment initation.
2960 type: object
2961 required:
2962 - debtorAccount
2963 - instructedAmount
2964 - creditorAccount
2965 - creditorName
2966 properties:
2967 endToEndIdentification:
2968 type: string
2969 maxLength: 35
2970 debtorAccount:
2971 $ref: "#/components/schemas/accountReference"
2972 instructedAmount:
2973 $ref: "#/components/schemas/amount"
2974 creditorAccount:
2975 $ref: "#/components/schemas/accountReference"
2976 creditorAgent:
2977 $ref: "#/components/schemas/bicfi"
2978 creditorName:
2979 $ref: "#/components/schemas/creditorName"
2980 creditorAddress:
2981 $ref: "#/components/schemas/address"
2982 remittanceInformationUnstructured:
2983 $ref: "#/components/schemas/remittanceInformationUnstructured"
2984
2985
2986 paymentInitiationIt_json:
2987 description: |
2988 Body for a Internal Transfer payment initation.
2989 type: object
2990 required:
2991 - account
2992 - fromSubAccount
2993 - toSubAccount
2994 - instructedAmount
2995 - currency
2996 properties:
2997 endToEndIdentification:
2998 type: string
2999 maxLength: 35
3000 account:
3001 $ref: "#/components/schemas/accountReference"
3002 instructedAmount:
3003 $ref: "#/components/schemas/amount"
3004 fromSubAccount:
3005 $ref: "#/components/schemas/subAccountReference"
3006 toSubAccount:
3007 $ref: "#/components/schemas/subAccountReference"
3008
3009 confirmationOfFunds:
3010 description: |
3011 JSON Request body for the "Confirmation of Funds Service"
3012
3013 type: object
3014 required:
3015 - account
3016 - instructedAmount
3017 properties:
3018 subAccount:
3019 $ref: "#/components/schemas/subAccountId"
3020 payee:
3021 description: Name payee
3022 type: string
3023 maxLength: 70
3024 instructedAmount:
3025 $ref: "#/components/schemas/amount"
3026
3027
3028 consents:
3029 description: |
3030 Content of the body of a consent request.
3031 type: object
3032 required:
3033 - access
3034 - recurringIndicator
3035 - validUntil
3036 - frequencyPerDay
3037 - combinedServiceIndicator
3038 properties:
3039 access:
3040 $ref: "#/components/schemas/accountAccess"
3041 recurringIndicator:
3042 $ref: "#/components/schemas/recurringIndicator"
3043 validUntil:
3044 $ref: "#/components/schemas/validUntil"
3045 frequencyPerDay:
3046 $ref: "#/components/schemas/frequencyPerDay"
3047 combinedServiceIndicator:
3048 description: |
3049 If "true" indicates that a payment initiation service will be addressed in the same "session".
3050 type: boolean
3051 example: false
3052
3053 transactionAuthorisation:
3054 description: |
3055 Content of the body of a Transaction Authorisation Request
3056 type: object
3057 required:
3058 - scaAuthenticationData
3059 properties:
3060 scaAuthenticationData:
3061 $ref: "#/components/schemas/scaAuthenticationData"
3062
3063
3064
3065#####################################################
3066# Content of Response Bodies
3067#####################################################
3068
3069
3070 paymentInitiationStatusResponse-200_json:
3071 description: Body of the response for a successful payment initiation status request in case of an JSON based endpoint.
3072 type: object
3073 required:
3074 - transactionStatus
3075 properties:
3076 transactionStatus:
3077 $ref: "#/components/schemas/transactionStatus"
3078
3079
3080 paymentInitiationStatusResponse-200_xml:
3081 description: |
3082 Body of the response for a successful payment initiation status request in case of an XML based endpoint.
3083
3084 The status is returned as a pain.002 structure.
3085
3086 urn:iso:std:iso:20022:tech:xsd:pain.002.001.03
3087
3088 The chosen XML schema of the Status Request is following the XML schema definitions of the original pain.001 schema.
3089 type: string
3090
3091
3092 paymentInitationRequestResponse-201:
3093 description: Body of the response for a successful payment initiation request.
3094 type: object
3095 required:
3096 - transactionStatus
3097 - paymentId
3098 - _links
3099
3100 properties:
3101 transactionStatus:
3102 $ref: "#/components/schemas/transactionStatus"
3103 paymentId:
3104 $ref: "#/components/schemas/paymentId"
3105 transactionFees:
3106 # description: Can be used by the ASPSP to transport transaction fees relevant for the underlying payments.
3107 $ref: "#/components/schemas/amount"
3108 transactionFeeIndicator:
3109 $ref: "#/components/schemas/transactionFeeIndicator"
3110 _links:
3111 $ref: "#/components/schemas/_linksPaymentInitiation"
3112 psuMessage:
3113 $ref: "#/components/schemas/psuMessageText"
3114 tppMessages:
3115 type: array
3116 items:
3117 $ref: "#/components/schemas/tppMessage2XX"
3118
3119
3120 paymentInitiationCancelResponse-204_202:
3121 description: Body of the response for a successful cancel payment request.
3122 type: object
3123 required:
3124 - transactionStatus
3125 properties:
3126 transactionStatus:
3127 $ref: "#/components/schemas/transactionStatus"
3128 _links:
3129 $ref: "#/components/schemas/_linksPaymentInitiationCancel"
3130
3131
3132 paymentInitiationSctWithStatusResponse:
3133 description: |
3134 JSON response body consistion of the corresponding SCT payment initation JSON body together with an optional transaction status field.
3135 type: object
3136 required:
3137 - debtorAccount
3138 - instructedAmount
3139 - creditorAccount
3140 - creditorName
3141 properties:
3142 endToEndIdentification:
3143 type: string
3144 maxLength: 35
3145 debtorAccount:
3146 $ref: "#/components/schemas/accountReference"
3147 instructedAmount:
3148 $ref: "#/components/schemas/amount"
3149 creditorAccount:
3150 $ref: "#/components/schemas/accountReference"
3151 creditorAgent:
3152 $ref: "#/components/schemas/bicfi"
3153 creditorName:
3154 $ref: "#/components/schemas/creditorName"
3155 creditorAddress:
3156 $ref: "#/components/schemas/address"
3157 remittanceInformationUnstructured:
3158 $ref: "#/components/schemas/remittanceInformationUnstructured"
3159 transactionStatus:
3160 $ref: "#/components/schemas/transactionStatus"
3161
3162 paymentInitiationItWithStatusResponse:
3163 description: |
3164 JSON response body consistion of the corresponding Internal Transfer payment initation JSON body together with an optional transaction status field.
3165 type: object
3166 required:
3167 - account
3168 - instructedAmount
3169 - currency
3170 - fromSubAccount
3171 - toSubAccount
3172 properties:
3173 endToEndIdentification:
3174 type: string
3175 maxLength: 35
3176 account:
3177 $ref: "#/components/schemas/accountReference"
3178 instructedAmount:
3179 $ref: "#/components/schemas/amount"
3180 currency:
3181 $ref: "#/components/schemas/currencyCode"
3182 fromSubAccount:
3183 $ref: "#/components/schemas/subAccountReference"
3184 toSubAccount:
3185 $ref: "#/components/schemas/subAccountReference"
3186 remittanceInformationUnstructured:
3187 type: string
3188 maxLength: 140
3189 transactionStatus:
3190 $ref: "#/components/schemas/transactionStatus"
3191
3192 scaStatusResponse:
3193 description: Body of the JSON response with SCA Status
3194 type: object
3195 properties:
3196 scaStatus:
3197 $ref: "#/components/schemas/scaStatus"
3198
3199 startScaprocessResponse:
3200 description: Body of the JSON response for a Start SCA authorisation request.
3201 type: object
3202 required:
3203 - scaStatus
3204 - _links
3205 properties:
3206 scaStatus:
3207 $ref: "#/components/schemas/scaStatus"
3208 _links:
3209 $ref: "#/components/schemas/_linksStartScaProcess"
3210 psuMessage:
3211 $ref: "#/components/schemas/psuMessageText"
3212
3213
3214 consentsResponse-201:
3215 description: Body of the JSON response for a successful conset request.
3216 type: object
3217 required:
3218 - consentStatus
3219 - consentId
3220 - _links
3221 properties:
3222 consentStatus:
3223 $ref: "#/components/schemas/consentStatus"
3224 consentId:
3225 $ref: "#/components/schemas/consentId"
3226 _links:
3227 $ref: "#/components/schemas/_linksConsents"
3228 message:
3229 description: Text to be displayed to the PSU, e.g. in a Decoupled SCA Approach.
3230 type: string
3231 maxLength: 512
3232
3233
3234 consentStatusResponse-200:
3235 description: Body of the JSON response for a successful get status request for a consent.
3236 type: object
3237 required:
3238 - consentStatus
3239 properties:
3240 consentStatus:
3241 $ref: "#/components/schemas/consentStatus"
3242
3243 consentInformationResponse-200_json:
3244 description: Body of the JSON response for a successfull get consent request.
3245 type: object
3246 required:
3247 - access
3248 - recurringIndicator
3249 - validUntil
3250 - frequencyPerDay
3251 - lastActionDate
3252 - consentStatus
3253 properties:
3254 access:
3255 $ref: "#/components/schemas/accountAccess"
3256 recurringIndicator:
3257 $ref: "#/components/schemas/recurringIndicator"
3258 validUntil:
3259 $ref: "#/components/schemas/validUntil"
3260 frequencyPerDay:
3261 $ref: "#/components/schemas/frequencyPerDay"
3262 lastActionDate:
3263 $ref: "#/components/schemas/lastActionDate"
3264 consentStatus:
3265 $ref: "#/components/schemas/consentStatus"
3266
3267
3268 readAccountBalanceResponse-200:
3269 description: Body of the response for a successful read balance for an account request.
3270 type: object
3271 required:
3272 - balances
3273 properties:
3274 account:
3275 $ref: "#/components/schemas/accountReference"
3276 balances:
3277 $ref: "#/components/schemas/balanceList"
3278
3279
3280 transactionsResponse-200_json:
3281 description: |
3282 Body of the JSON response for a successful read transaction list request.
3283 This account report contains transactions resulting from the query parameters.
3284 type: object
3285 properties:
3286 account:
3287 $ref: "#/components/schemas/accountReference"
3288 transactions:
3289 $ref: "#/components/schemas/accountReport"
3290 balances:
3291 $ref: "#/components/schemas/balanceList"
3292 _links:
3293 $ref: "#/components/schemas/_linksDownload"
3294
3295
3296
3297#####################################################
3298# _links
3299#####################################################
3300
3301 _linksAll:
3302 description: |
3303 A _link object with all availabel link types
3304 type: object
3305 properties:
3306 scaRedirect:
3307 $ref: "#/components/schemas/hrefType"
3308 authoriseTransaction:
3309 $ref: "#/components/schemas/hrefType"
3310 self:
3311 $ref: "#/components/schemas/hrefType"
3312 status:
3313 $ref: "#/components/schemas/hrefTypeStatus"
3314 scaStatus:
3315 $ref: "#/components/schemas/hrefTypeSCAStatus"
3316 account:
3317 $ref: "#/components/schemas/hrefTypeAccount"
3318 balances:
3319 $ref: "#/components/schemas/hrefTypeBalances"
3320 transactions:
3321 $ref: "#/components/schemas/hrefTypeTransactions"
3322 transactionDetails:
3323 $ref: "#/components/schemas/hrefTypeTransactionDetails"
3324 first:
3325 $ref: "#/components/schemas/hrefType"
3326 next:
3327 $ref: "#/components/schemas/hrefType"
3328 previous:
3329 $ref: "#/components/schemas/hrefType"
3330 last:
3331 $ref: "#/components/schemas/hrefType"
3332 download:
3333 $ref: "#/components/schemas/hrefType"
3334
3335
3336 _linksPaymentInitiation:
3337 description: |
3338 A list of hyperlinks to be recognised by the TPP.
3339 Banco Carregosa only accepts scaRedirect.
3340
3341 Type of links admitted in this response:
3342
3343 * 'scaRedirect':
3344 The ASPSP transmits the link to which to redirect the PSU browser.
3345 * 'self':
3346 The link to the payment initiation resource created by this request.
3347 This link can be used to retrieve the resource data.
3348 * 'status':
3349 The link to retrieve the transaction status of the payment initiation.
3350 * 'scaStatus':
3351 The link to retrieve the scaStatus of the corresponding authorisation sub-resource.
3352 This link is only contained, if an authorisation sub-resource has been already created.
3353
3354 type: object
3355 properties:
3356 scaRedirect:
3357 $ref: "#/components/schemas/hrefTypeSCARedirect"
3358 self:
3359 $ref: "#/components/schemas/hrefType"
3360 status:
3361 $ref: "#/components/schemas/hrefTypeStatus"
3362 scaStatus:
3363 $ref: "#/components/schemas/hrefTypeSCAStatus"
3364 example:
3365 {
3366 "scaRedirect": {"href": "https://www.testbank.com/asdfasdfasdf"},
3367 "self": {"href": "/v1/payments/sepa-credit-transfers/1234-wertiq-983"}
3368 }
3369
3370 _linksStartScaProcess:
3371 description: |
3372 A list of hyperlinks to be recognised by the TPP. The actual hyperlinks used in the
3373 response depend on the dynamical decisions of the ASPSP when processing the request.
3374
3375 type: object
3376 properties:
3377 scaRedirect:
3378 $ref: "#/components/schemas/hrefType"
3379 scaStatus:
3380 $ref: "#/components/schemas/hrefType"
3381
3382 _linksPaymentInitiation_IT:
3383 description: |
3384 A list of hyperlinks to be recognised by the TPP.
3385 Banco Carregosa only accepts scaRedirect.
3386
3387 Type of links admitted in this response:
3388 * 'scaRedirect':
3389 The ASPSP transmits the link to which to redirect the PSU browser.
3390 * 'self':
3391 The link to the payment initiation resource created by this request. This link can be used to retrieve the resource data.
3392 * 'status':
3393 The link to retrieve the transaction status of the payment initiation.
3394
3395 type: object
3396 properties:
3397 scaRedirect:
3398 $ref: "#/components/schemas/hrefTypeSCARedirect"
3399 self:
3400 $ref: "#/components/schemas/hrefType"
3401 status:
3402 $ref: "#/components/schemas/hrefTypeStatus"
3403 scaStatus:
3404 $ref: "#/components/schemas/hrefTypeSCAStatus"
3405
3406 _linksPaymentInitiationCancel:
3407 description: |
3408 A list of hyperlinks to be recognised by the TPP.
3409 Banco Carregosa only accepts scaRedirect.
3410
3411 Type of links admitted in this response:
3412 * 'scaRedirect':
3413 The ASPSP transmits the link to which to redirect the PSU browser.
3414
3415 type: object
3416 properties:
3417 scaRedirect:
3418 $ref: "#/components/schemas/hrefTypeSCARedirect"
3419
3420
3421 _linksDownload:
3422 description: |
3423 A list of hyperlinks to be recognised by the TPP.
3424
3425 Type of links admitted in this response:
3426 - "download": a link to a resource, where the transaction report might be downloaded from in
3427 case where transaction reports have a huge size.
3428
3429 type: object
3430 required:
3431 - download
3432 properties:
3433 download:
3434 $ref: "#/components/schemas/hrefType"
3435
3436
3437
3438 _linksConsents:
3439 description: |
3440 A list of hyperlinks to be recognised by the TPP.
3441 Banco Carregosa only accepts scaRedirect.
3442
3443 Type of links admitted in this response:
3444 - 'scaRedirect':
3445 The ASPSP transmits the link to which to redirect the PSU browser.
3446 - 'self':
3447 The link to the Establish Account Information Consent resource created by this request.
3448 This link can be used to retrieve the resource data.
3449 - 'status':
3450 The link to retrieve the status of the account information consent.
3451 - 'scaStatus': The link to retrieve the scaStatus of the corresponding authorisation sub-resource.
3452 This link is only contained, if an authorisation sub-resource has been already created.
3453
3454 type: object
3455 properties:
3456 scaRedirect:
3457 $ref: "#/components/schemas/hrefTypeSCARedirect"
3458 self:
3459 $ref: "#/components/schemas/hrefType"
3460 status:
3461 $ref: "#/components/schemas/hrefType"
3462 scaStatus:
3463 $ref: "#/components/schemas/hrefType"
3464
3465
3466 _linksAccountReport:
3467 type: object
3468 required:
3469 - account
3470 properties:
3471 account:
3472 $ref: "#/components/schemas/hrefType"
3473 first:
3474 $ref: "#/components/schemas/hrefType"
3475 next:
3476 $ref: "#/components/schemas/hrefType"
3477 previous:
3478 $ref: "#/components/schemas/hrefType"
3479 last:
3480 $ref: "#/components/schemas/hrefType"
3481
3482
3483 _linksTransactionDetails:
3484 type: object
3485 required:
3486 - transactionDetails
3487 properties:
3488 transactionDetails:
3489 $ref: "#/components/schemas/hrefType"
3490
3491 _linksAccountDetails:
3492 description: |
3493 Links to the account, which can be directly used for retrieving account information from this dedicated account.
3494
3495 Links to "balances" and/or "transactions"
3496
3497 These links are only supported, when the corresponding consent has been already granted.
3498 type: object
3499 properties:
3500 account:
3501 $ref: "#/components/schemas/hrefTypeAccount"
3502 accountList:
3503 $ref: "#/components/schemas/hrefTypeAccountList"
3504 balances:
3505 $ref: "#/components/schemas/hrefTypeBalances"
3506 transactions:
3507 $ref: "#/components/schemas/hrefTypeTransactions"
3508
3509 _linksAccountList:
3510 description: |
3511 Links to the account, which can be directly used for retrieving account information from this dedicated account.
3512
3513 Links to "balances" and/or "transactions"
3514
3515 These links are only supported, when the corresponding consent has been already granted.
3516 type: object
3517 properties:
3518 self:
3519 $ref: "#/components/schemas/hrefTypeAccountList"
3520 balances:
3521 $ref: "#/components/schemas/hrefTypeBalances"
3522 transactions:
3523 $ref: "#/components/schemas/hrefTypeTransactions"
3524
3525#####################################################
3526# Tpp-Messages to Communicate Error Information
3527#####################################################
3528
3529
3530 #####################################################
3531 # Generic Elements
3532 #####################################################
3533
3534 tppMessageCategory:
3535 description: Category of the TPP message category
3536 type: string
3537 enum:
3538 - "ERROR"
3539 - "WARNING"
3540
3541 MessageCode2XX: #TODO: Ask os wether it should be included or not
3542 description: Message codes for HTTP Error codes 2XX.
3543 type: string
3544 enum:
3545 - "WARNING"
3546
3547
3548 MessageCode400:
3549 description: Message codes defined for HTTP Error code 400 (BAD_REQUEST).
3550 type: string
3551 enum:
3552 - "FORMAT_ERROR" #gen
3553
3554
3555 MessageCode401:
3556 description: Message codes defined for HTTP Error code 401 (UNAUTHORIZED).
3557 type: string
3558 enum:
3559 - "CERTIFICATE_INVALID" #gen
3560 - "CERTIFICATE_EXPIRED" #gen
3561 - "CERTIFICATE_BLOCKED" #gen
3562 - "CERTIFICATE_REVOKE" #gen
3563 - "CERTIFICATE_MISSING" #gen
3564 - "SIGNATURE_INVALID" #gen
3565 - "SIGNATURE_MISSING" #gen
3566 - "CORPORATE_ID_INVALID" #gen
3567 - "PSU_CREDENTIALS_INVALID" #gen
3568 - "CONSENT_INVALID" #gen, AIS
3569 - "CONSENT_EXPIRED" #gen
3570 - "TOKEN_UNKNOWN" #gen
3571 - "TOKEN_INVALID" #gen
3572 - "TOKEN_EXPIRED" #gen
3573
3574
3575 MessageCode403:
3576 description: Message codes defined defined for HTTP Error code 403 (FORBIDDEN).
3577 type: string
3578 enum:
3579 - "CONSENT_UNKNOWN" #gen
3580 - "SERVICE_BLOCKED" #gen
3581 - "RESOURCE_UNKNOWN" #gen
3582 - "RESOURCE_EXPIRED" #gen
3583 - "PRODUCT_INVALID" #PIS
3584
3585
3586 MessageCode404_AIS:
3587 description: Message codes defined for AIS for HTTP Error code 404 (NOT FOUND).
3588 type: string
3589 enum:
3590 - "RESOURCE_UNKNOWN" #gens
3591
3592
3593 MessageCode404_PIS:
3594 description: Message codes defined for PIS for HTTP Error code 404 (NOT FOUND).
3595 type: string
3596 enum:
3597 - "RESOURCE_UNKNOWN" #gens
3598 - "PRODUCT_UNKNOWN" #PIS
3599
3600 MessageCode404_PIIS:
3601 description: Message codes defined for PIIS for HTTP Error code 404 (NOT FOUND).
3602 type: string
3603 enum:
3604 - "RESOURCE_UNKNOWN" #gens
3605
3606
3607 MessageCode405:
3608 description: Message codes defined for payment cancelations PIS for HTTP Error code 405 (METHOD NOT ALLOWED).
3609 type: string
3610 enum:
3611 - "SERVICE_INVALID" #gens
3612
3613 MessageCode429_AIS:
3614 description: Message codes for HTTP Error code 429 (TOO MANY REQUESTS).
3615 type: string
3616 enum:
3617 - "ACCESS_EXCEEDED" #AIS
3618
3619
3620
3621 #####################################################
3622 # Next Gen propriatary Tpp-Messages
3623 #####################################################
3624
3625
3626 tppMessageText:
3627 description: Additional explaining text to the TPP.
3628 type: string
3629 maxLength: 512
3630
3631
3632 tppMessage2XX: #TODO Ask Ortwin whether do it or not
3633 type: object
3634 required:
3635 - category
3636 - code
3637 properties:
3638 category:
3639 $ref: "#/components/schemas/tppMessageCategory"
3640 code:
3641 $ref: "#/components/schemas/MessageCode2XX"
3642 path:
3643 type: string
3644 text:
3645 $ref: "#/components/schemas/tppMessageText"
3646
3647
3648 tppMessage400:
3649 type: object
3650 required:
3651 - category
3652 - code
3653 properties:
3654 category:
3655 $ref: "#/components/schemas/tppMessageCategory"
3656 code:
3657 $ref: "#/components/schemas/MessageCode400"
3658 path:
3659 type: string
3660 text:
3661 $ref: "#/components/schemas/tppMessageText"
3662
3663
3664 tppMessage401:
3665 type: object
3666 required:
3667 - category
3668 - code
3669 properties:
3670 category:
3671 $ref: "#/components/schemas/tppMessageCategory"
3672 code:
3673 $ref: "#/components/schemas/MessageCode401"
3674 path:
3675 type: string
3676 text:
3677 $ref: "#/components/schemas/tppMessageText"
3678
3679
3680 tppMessage403:
3681 type: object
3682 required:
3683 - category
3684 - code
3685 properties:
3686 category:
3687 $ref: "#/components/schemas/tppMessageCategory"
3688 code:
3689 $ref: "#/components/schemas/MessageCode403"
3690 path:
3691 type: string
3692 text:
3693 $ref: "#/components/schemas/tppMessageText"
3694
3695
3696 tppMessage404_PIS:
3697 type: object
3698 required:
3699 - category
3700 - code
3701 properties:
3702 category:
3703 $ref: "#/components/schemas/tppMessageCategory"
3704 code:
3705 $ref: "#/components/schemas/MessageCode404_PIS"
3706 path:
3707 type: string
3708 text:
3709 $ref: "#/components/schemas/tppMessageText"
3710
3711
3712 tppMessage404_AIS:
3713 type: object
3714 required:
3715 - category
3716 - code
3717 properties:
3718 category:
3719 $ref: "#/components/schemas/tppMessageCategory"
3720 code:
3721 $ref: "#/components/schemas/MessageCode404_AIS"
3722 path:
3723 type: string
3724 text:
3725 $ref: "#/components/schemas/tppMessageText"
3726
3727
3728 tppMessage404_PIIS:
3729 type: object
3730 required:
3731 - category
3732 - code
3733 properties:
3734 category:
3735 $ref: "#/components/schemas/tppMessageCategory"
3736 code:
3737 $ref: "#/components/schemas/MessageCode404_PIIS"
3738 path:
3739 type: string
3740 text:
3741 $ref: "#/components/schemas/tppMessageText"
3742
3743
3744 tppMessage405:
3745 type: object
3746 required:
3747 - category
3748 - code
3749 properties:
3750 category:
3751 $ref: "#/components/schemas/tppMessageCategory"
3752 code:
3753 $ref: "#/components/schemas/MessageCode405"
3754 path:
3755 type: string
3756 text:
3757 $ref: "#/components/schemas/tppMessageText"
3758
3759
3760 tppMessage429_AIS:
3761 type: object
3762 required:
3763 - category
3764 - code
3765 properties:
3766 category:
3767 $ref: "#/components/schemas/tppMessageCategory"
3768 code:
3769 $ref: "#/components/schemas/MessageCode429_AIS"
3770 path:
3771 type: string
3772 text:
3773 $ref: "#/components/schemas/tppMessageText"
3774
3775
3776 #####################################################
3777 # RFC7807 Messages
3778 #####################################################
3779
3780 tppErrorTitle:
3781 description: |
3782 Short human readable description of error type.
3783 Could be in local language.
3784 To be provided by ASPSPs.
3785 type: string
3786 maxLength: 70
3787
3788 tppErrorDetail:
3789 description: |
3790 Detailed human readable text specific to this instance of the error.
3791 XPath might be used to point to the issue generating the error in addition.
3792 Remark for Future: In future, a dedicated field might be introduced for the XPath.
3793 type: string
3794 maxLength: 512
3795
3796
3797
3798
3799 #####################################################
3800 # RFC7807 Messages
3801 #####################################################
3802
3803
3804 Error400:
3805 description: |
3806 Specific definition of reporting error information in case of a HTTP error code 400.
3807 type: object
3808 properties:
3809 tppMessages:
3810 type: array
3811 items:
3812 $ref: "#/components/schemas/tppMessage400"
3813
3814 Error401:
3815 description: |
3816 Specific definition of reporting error information in case of a HTTP error code 401.
3817 type: object
3818 properties:
3819 tppMessages:
3820 type: array
3821 items:
3822 $ref: "#/components/schemas/tppMessage401"
3823
3824
3825 Error403:
3826 description: |
3827 Specific definition of reporting error information in case of a HTTP error code 403.
3828 type: object
3829 properties:
3830 tppMessages:
3831 type: array
3832 items:
3833 $ref: "#/components/schemas/tppMessage403"
3834
3835
3836 Error404_NG_PIS:
3837 description: |
3838 NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.
3839 type: object
3840 properties:
3841 tppMessages:
3842 type: array
3843 items:
3844 $ref: "#/components/schemas/tppMessage404_PIS"
3845 _links:
3846 $ref: "#/components/schemas/_linksAll"
3847
3848
3849 Error404_NG_AIS:
3850 description: |
3851 NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.
3852 type: object
3853 properties:
3854 tppMessages:
3855 type: array
3856 items:
3857 $ref: "#/components/schemas/tppMessage404_AIS"
3858 _links:
3859 $ref: "#/components/schemas/_linksAccountDetails"
3860
3861
3862 Error404_NG_PIIS:
3863 description: |
3864 NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.
3865 type: object
3866 properties:
3867 tppMessages:
3868 type: array
3869 items:
3870 $ref: "#/components/schemas/tppMessage404_PIIS"
3871 _links:
3872 $ref: "#/components/schemas/_linksAll"
3873
3874
3875 Error405:
3876 description: |
3877 Specific definition of reporting error information in case of a HTTP error code 401.
3878 type: object
3879 properties:
3880 tppMessages:
3881 type: array
3882 items:
3883 $ref: "#/components/schemas/tppMessage405"
3884
3885
3886 Error429_NG_AIS:
3887 description: |
3888 Specific definition of reporting error information in case of a HTTP error code 429.
3889 type: object
3890 properties:
3891 tppMessages:
3892 type: array
3893 items:
3894 $ref: "#/components/schemas/tppMessage429_AIS"
3895 _links:
3896 $ref: "#/components/schemas/_linksAll"
3897 example:
3898 [{
3899 "category": "ERROR",
3900 "code": "ACCESS_EXCEEDED",
3901 "text": "additional text information of the ASPSP up to 512 characters"
3902 }]
3903
3904
3905 parameters:
3906 #####################################################
3907 # Predefined Parameters
3908 #####################################################
3909
3910 paymentService:
3911 name: payment-service
3912 in: path
3913 description: |
3914 Payment service:
3915
3916 Possible values are:
3917 * payments
3918 required: true
3919 schema:
3920 type: string
3921 enum:
3922 - "payments"
3923
3924
3925 paymentProduct:
3926 name: payment-product
3927 in: path
3928 description: |
3929 The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT).
3930
3931 The following payment products are supported:
3932 - sepa-credit-transfers
3933 - internal-transfers
3934
3935 required: true
3936 schema:
3937 type: string
3938 enum:
3939 - "sepa-credit-transfers"
3940 - "internal-transfers"
3941
3942
3943 paymentId:
3944 name: paymentId
3945 in: path
3946 description: Resource identification of the generated payment initiation resource.
3947 required: true
3948 schema:
3949 $ref: "#/components/schemas/paymentId"
3950
3951
3952 cancellationId:
3953 name: cancellationId
3954 in: path
3955 description: Identification for cancellation resource.
3956 required: true
3957 schema:
3958 $ref: "#/components/schemas/cancellationId"
3959
3960
3961 authorisationId:
3962 name: authorisationId
3963 in: path
3964 description: Resource identification of the related SCA.
3965 required: true
3966 schema:
3967 $ref: "#/components/schemas/authorisationId"
3968
3969
3970 accountId:
3971 name: accountId
3972 in: path
3973 description: |
3974 This identification is denoting the addressed account.
3975 The accountId is retrieved by using a "Read Account List" call.
3976 The accountId is the "id" attribute of the account structure.
3977 Its value is constant at least throughout the lifecycle of a given consent.
3978 required: true
3979 schema:
3980 $ref: "#/components/schemas/accountId"
3981
3982 resourceId:
3983 name: resourceId
3984 in: path
3985 description: |
3986 This identification is given by the attribute resourceId of the corresponding entry of a transaction list.
3987 required: true
3988 schema:
3989 $ref: "#/components/schemas/resourceId"
3990
3991 consentId_PATH:
3992 name: consentId
3993 in: path
3994 description: >
3995 ID of the corresponding consent object as returned by an Account
3996 Information Consent Request.
3997 required: true
3998 schema:
3999 $ref: '#/components/schemas/consentId'
4000
4001 consentId_HEADER_optional:
4002 name: ConsentId
4003 in: header
4004 description: |
4005 This data element may be contained, if the payment initiation transaction is part of a session, i.e. combined AIS/PIS/PIIS service.
4006 This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
4007 required: false
4008 schema:
4009 $ref: "#/components/schemas/consentId"
4010
4011
4012 consentId_HEADER_mandatory:
4013 name: ConsentId
4014 in: header
4015 description: |
4016 This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
4017 required: true
4018 schema:
4019 $ref: "#/components/schemas/consentId"
4020
4021
4022 withBalanceQuery:
4023 name: withBalance
4024 in: query
4025 description: |
4026 Ignored by the ASPSP.
4027 required: false
4028 schema:
4029 type: boolean
4030
4031
4032 dateFrom:
4033 name: dateFrom
4034 in: query
4035 description: |
4036 Conditional: Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required.
4037
4038 For booked transactions, the relevant date is the booking date.
4039
4040 For pending transactions, the relevant date is the entry date, which may not be transparent
4041 neither in this API nor other channels of the ASPSP.
4042 required: false
4043 schema:
4044 type: string
4045 format: date
4046
4047
4048 dateTo:
4049 name: dateTo
4050 in: query
4051 description: |
4052 End date (inclusive the data dateTo) of the transaction list, default is "now" if not given.
4053
4054 Might be ignored if a delta function is used.
4055
4056 For booked transactions, the relevant date is the booking date.
4057
4058 For pending transactions, the relevant date is the entry date, which may not be transparent
4059 neither in this API nor other channels of the ASPSP.
4060
4061 required: false
4062 schema:
4063 type: string
4064 format: date
4065
4066
4067 entryReferenceFrom:
4068 name: entryReferenceFrom
4069 in: query
4070 description: |
4071 This data attribute is indicating that the AISP is in favour to get all transactions after
4072 the transaction with identification entryReferenceFrom alternatively to the above defined period.
4073 This is a implementation of a delta access.
4074 If this data element is contained, the entries "dateFrom" and "dateTo" might be ignored by the ASPSP
4075 if a delta report is supported.
4076
4077 Optional if supported by API provider.
4078 required: false
4079 schema:
4080 type: string
4081
4082
4083 bookingStatus:
4084 name: bookingStatus
4085 in: query
4086 description: |
4087 Permitted codes are
4088 * "booked",
4089 * "pending" and
4090 * "both"
4091 "booked" shall be supported by the ASPSP.
4092 To support the "pending" and "both" feature is optional for the ASPSP,
4093 Error code if not supported in the online banking frontend
4094 required: true
4095 schema:
4096 type: string
4097 enum:
4098 - "booked"
4099 - "pending"
4100 - "both"
4101
4102
4103 deltaList:
4104 name: deltaList
4105 in: query
4106 description:
4107 This data attribute is indicating that the AISP is in favour to get all transactions after the last report access
4108 for this PSU on the addressed account.
4109 This is another implementation of a delta access-report.
4110
4111 This delta indicator might be rejected by the ASPSP if this function is not supported.
4112
4113 Optional if supported by API provider
4114 schema:
4115 type: boolean
4116
4117
4118 X-Request-ID:
4119 name: X-Request-ID
4120 in: header
4121 description: ID of the request, unique to the call, as determined by the initiating party.
4122 required: true
4123 example: "99391c7e-ad88-49ec-a2ad-99ddcb1f7721"
4124 schema:
4125 type: string
4126 format: uuid
4127
4128
4129 Digest:
4130 name: Digest
4131 in: header
4132 description: Is contained if and only if the "Signature" element is contained in the header of the request.
4133 schema:
4134 type: string
4135 required: false # conditional
4136 example: "SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A="
4137
4138
4139 Signature:
4140 name: Signature
4141 in: header
4142 description: |
4143 A signature of the request by the TPP on application level. This might be mandated by ASPSP.
4144 schema:
4145 type: string
4146 required: false # conditional
4147 example: >
4148 keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256",
4149 headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date",
4150 signature="Base64(RSA-SHA256(signing string))"
4151
4152
4153 TPP-Signature-Certificate:
4154 name: TPP-Signature-Certificate
4155 in: header
4156 description: |
4157 The certificate used for signing the request, in base64 encoding.
4158 Must be contained if a signature is contained.
4159 schema:
4160 type: string
4161 format: byte
4162 required: false # conditional
4163
4164
4165 TPP-Redirect-Preferred:
4166 name: TPP-Redirect-Preferred
4167 in: header
4168 description: |
4169 Ignored by ASPSP
4170 schema:
4171 type: string
4172 enum:
4173 - "true"
4174 - "false"
4175 #type: boolean
4176 required: false
4177
4178
4179 TPP-Redirect-URI:
4180 name: TPP-Redirect-URI
4181 in: header
4182 description: |
4183 URI of the TPP, where the transaction flow shall be redirected to after a Redirect.
4184
4185 It is recommended to always use this header field.
4186
4187 **Remark for Future:**
4188 This field might be changed to mandatory in the next version of the specification.
4189 schema:
4190 type: string
4191 format: uri
4192 required: false # conditional
4193
4194
4195 TPP-Nok-Redirect-URI:
4196 name: TPP-Nok-Redirect-URI
4197 in: header
4198 description: |
4199 Ignored by the ASPSP.
4200 schema:
4201 type: string
4202 format: uri
4203 required: false
4204
4205
4206 TPP-Explicit-Authorisation-Preferred:
4207 name: TPP-Explicit-Authorisation-Preferred
4208 in: header
4209 description: |
4210 Ignored by the ASPSP. TPP should assume a direct authorisation of the transaction in the next step.
4211
4212 schema:
4213 type: string
4214 enum:
4215 - "true"
4216 - "false"
4217 #type: boolean
4218 required: false
4219
4220
4221 PSU-ID:
4222 name: PSU-ID
4223 in: header
4224 description: |
4225 Client ID of the PSU in the ASPSP client interface. Might be mandated in the ASPSP's documentation.
4226 Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceeding
4227 AIS service in the same session.
4228 schema:
4229 type: string
4230 required: false
4231 example: "PSU-1234"
4232
4233
4234 PSU-ID-Type:
4235 name: PSU-ID-Type
4236 in: header
4237 description: |
4238 Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
4239 schema:
4240 type: string
4241 required: false
4242
4243
4244 PSU-Corporate-ID:
4245 name: PSU-Corporate-ID
4246 in: header
4247 description: |
4248 Might be mandated in the ASPSP's documentation. Only used in a corporate context.
4249 schema:
4250 type: string
4251 required: false
4252
4253
4254 PSU-Corporate-ID-Type:
4255 name: PSU-Corporate-ID-Type
4256 in: header
4257 description: |
4258 Might be mandated in the ASPSP's documentation. Only used in a corporate context.
4259 schema:
4260 type: string
4261 required: false
4262
4263
4264 PSU-IP-Address_mandatory:
4265 name: PSU-IP-Address
4266 in: header
4267 description: |
4268 The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
4269 schema:
4270 type: string
4271 format: ipv4
4272 required: true
4273 example: 192.168.8.78
4274
4275
4276 PSU-IP-Address_optional:
4277 name: PSU-IP-Address
4278 in: header
4279 description: |
4280 The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
4281 schema:
4282 type: string
4283 format: ipv4
4284 required: false
4285 example: 192.168.8.78
4286
4287
4288 PSU-IP-Address_conditionalForAis:
4289 name: PSU-IP-Address
4290 in: header
4291 description: |
4292 The forwarded IP Address header field consists of the corresponding HTTP request
4293 IP Address field between PSU and TPP.
4294 It shall be contained if and only if this request was actively initiated by the PSU.
4295 schema:
4296 type: string
4297 format: ipv4
4298 required: false
4299 example: 192.168.8.78
4300
4301 PSU-IP-Port:
4302 name: PSU-IP-Port
4303 in: header
4304 description: |
4305 The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
4306 schema:
4307 type: string
4308 required: false
4309 example: "1234"
4310
4311
4312 PSU-Accept:
4313 name: PSU-Accept
4314 in: header
4315 description: |
4316 The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
4317 schema:
4318 type: string
4319 required: false
4320
4321
4322 PSU-Accept-Charset:
4323 name: PSU-Accept-Charset
4324 in: header
4325 description: |
4326 The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
4327 schema:
4328 type: string
4329 required: false
4330
4331
4332 PSU-Accept-Encoding:
4333 name: PSU-Accept-Encoding
4334 in: header
4335 description: |
4336 The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
4337 schema:
4338 type: string
4339 required: false
4340
4341
4342 PSU-Accept-Language:
4343 name: PSU-Accept-Language
4344 in: header
4345 description: |
4346 The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
4347 schema:
4348 type: string
4349 required: false
4350
4351
4352 PSU-User-Agent:
4353 name: PSU-User-Agent
4354 in: header
4355 description: |
4356 The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
4357 schema:
4358 type: string
4359 required: false
4360
4361
4362 PSU-Http-Method:
4363 name: PSU-Http-Method
4364 in: header
4365 description: |
4366 HTTP method used at the PSU ? TPP interface, if available.
4367 Valid values are:
4368 * GET
4369 * POST
4370 * PUT
4371 * PATCH
4372 * DELETE
4373 schema:
4374 type: string
4375 enum:
4376 - "GET"
4377 - "POST"
4378 - "PUT"
4379 - "PATCH"
4380 - "DELETE"
4381 required: false
4382
4383
4384 PSU-Device-ID:
4385 name: PSU-Device-ID
4386 in: header
4387 description: |
4388 UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.
4389 UUID identifies either a device or a device dependant application installation.
4390 In case of an installation identification this ID need to be unaltered until removal from device.
4391 schema:
4392 type: string
4393 format: uuid
4394 required: false
4395 example: "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
4396
4397 PSU-Geo-Location:
4398 name: PSU-Geo-Location
4399 in: header
4400 description: |
4401 The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
4402 schema:
4403 type: string
4404 pattern: '(GEO:)[0-9]{1,3}\.[-][0-9]{6}\,[-][0-9]{1,3}\.[0-9]{6}'
4405 required: false
4406 example: GEO:52.506931,13.144558
4407
4408
4409
4410
4411 requestBodies:
4412 #####################################################
4413 # Reusable Request Bodies
4414 #####################################################
4415
4416 paymentInitiation:
4417 description: |
4418 required: true
4419 content:
4420 application/json:
4421 schema:
4422 oneOf:
4423 - $ref: "#/components/schemas/paymentInitiationSct_json"
4424 - $ref: "#/components/schemas/paymentInitiationIt_json"
4425
4426 examples:
4427 "Example 1: 'payments' - 'sepa-credit-transfers'":
4428 $ref: "#/components/examples/paymentInitiationSctBody_payments_json"
4429 "Example 2: 'payments' - 'internal-transfers'":
4430 $ref: "#/components/examples/paymentInitiationItBody_payments_json"
4431
4432 confirmationOfFunds:
4433 description: |
4434 When subaccount reference is missing funds availability is checked against main subaccount.
4435 content:
4436 application/json:
4437 schema:
4438 $ref: "#/components/schemas/confirmationOfFunds"
4439 examples:
4440 "Example":
4441 $ref: "#/components/examples/confirmationOfFundsExample"
4442 required: true
4443
4444
4445 consents:
4446 description: |
4447 Requestbody for a consents request
4448 content:
4449 application/json:
4450 schema:
4451 $ref: "#/components/schemas/consents"
4452 examples:
4453 "Consent Request on Dedicated Accounts":
4454 $ref: "#/components/examples/consentsExample_DedicatedAccounts"
4455 "Consent on Account List of Available Accounts":
4456 $ref: "#/components/examples/consentsExample_AccountList"
4457 "Consent Request on Account List or without Indication of dedicated Accounts":
4458 $ref: "#/components/examples/consentsExample_without_Accounts"
4459
4460 headers:
4461 #####################################################
4462 # Reusable Response Header Elements
4463 #####################################################
4464
4465 X-Request-ID:
4466 description: ID of the request, unique to the call, as determined by the initiating party.
4467 required: true
4468 example: "99391c7e-ad88-49ec-a2ad-99ddcb1f7721"
4469 schema:
4470 type: string
4471 format: uuid
4472
4473 ASPSP-SCA-Approach:
4474 description: |
4475 This data element must be contained, if the SCA Approach is already fixed.
4476 Possible values are
4477 * EMBEDDED
4478 * DECOUPLED
4479 * REDIRECT
4480 The OAuth SCA approach will be subsumed by REDIRECT.
4481 schema:
4482 type: string
4483 enum:
4484 - "EMBEDDED"
4485 - "DECOUPLED"
4486 - "REDIRECT"
4487 example: "EMBEDDED"
4488 required: false
4489
4490 Location:
4491 description: |
4492 Location of the created resource.
4493 schema:
4494 type: string
4495 format: url
4496 required: false
4497
4498 responses:
4499 #####################################################
4500 # Reusabale Responses
4501 #####################################################
4502 #####################################################
4503 # Positive Responses
4504 #####################################################
4505
4506 OK_200_PaymentInitiationInformation:
4507 description: OK
4508
4509 headers:
4510 X-Request-ID:
4511 $ref: "#/components/headers/X-Request-ID"
4512 content:
4513 application/json:
4514 schema:
4515 oneOf:
4516 - $ref: "#/components/schemas/paymentInitiationSctWithStatusResponse"
4517 - $ref: "#/components/schemas/paymentInitiationItWithStatusResponse"
4518
4519 OK_200_PaymentInitiationStatus:
4520 description: OK
4521
4522 headers:
4523 X-Request-ID:
4524 $ref: "#/components/headers/X-Request-ID"
4525
4526 content:
4527 application/json:
4528 schema:
4529 $ref: "#/components/schemas/paymentInitiationStatusResponse-200_json"
4530 examples:
4531 simple:
4532 $ref: "#/components/examples/paymentInitiationStatusResponse_json_Simple"
4533 extended:
4534 $ref: "#/components/examples/paymentInitiationStatusResponse_json_Extended"
4535
4536
4537 OK_200_Authorisations:
4538 description: OK
4539
4540 headers:
4541 X-Request-ID:
4542 $ref: "#/components/headers/X-Request-ID"
4543
4544 content:
4545 application/json:
4546 schema:
4547 $ref: "#/components/schemas/authorisations"
4548 examples:
4549 Example:
4550 $ref: "#/components/examples/authorisationListExample"
4551
4552
4553 OK_200_ScaStatus:
4554 description: OK
4555
4556 headers:
4557 X-Request-ID:
4558 $ref: "#/components/headers/X-Request-ID"
4559
4560 content:
4561 application/json:
4562 schema:
4563 $ref: "#/components/schemas/scaStatusResponse"
4564
4565
4566 OK_200_AccountList:
4567 description: OK
4568
4569 headers:
4570 X-Request-ID:
4571 $ref: "#/components/headers/X-Request-ID"
4572
4573 content:
4574 application/json:
4575 schema:
4576 $ref: "#/components/schemas/accountList"
4577 examples:
4578 "Example 1":
4579 $ref: "#/components/examples/accountListExample1"
4580 "Example 2":
4581 $ref: "#/components/examples/accountListExample2"
4582 "Example 3":
4583 $ref: "#/components/examples/accountListExample3"
4584
4585
4586
4587 OK_200_CancellationList:
4588 description: OK
4589
4590 headers:
4591 X-Request-ID:
4592 $ref: "#/components/headers/X-Request-ID"
4593
4594 content:
4595 application/json:
4596 schema:
4597 $ref: "#/components/schemas/cancellationList"
4598 examples:
4599 "Example 1":
4600 $ref: "#/components/examples/cancellationListExample"
4601
4602
4603
4604 OK_200_TransactionDetails:
4605 description: OK
4606
4607 headers:
4608 X-Request-ID:
4609 $ref: "#/components/headers/X-Request-ID"
4610
4611 content:
4612 application/json:
4613 schema:
4614 $ref: "#/components/schemas/transactionDetails"
4615 examples:
4616 Example:
4617 $ref: "#/components/examples/transactionDetailsExample"
4618
4619
4620 OK_200_Balances:
4621 description: OK
4622
4623 headers:
4624 X-Request-ID:
4625 $ref: "#/components/headers/X-Request-ID"
4626
4627 content:
4628 application/json:
4629 schema:
4630 $ref: "#/components/schemas/readAccountBalanceResponse-200"
4631 examples:
4632 "Example 1: Multicurrency Account":
4633 $ref: "#/components/examples/balancesExample2_MulticurrencyAcount"
4634
4635
4636 OK_200_AccountsTransactions:
4637 description: OK
4638
4639 headers:
4640 X-Request-ID:
4641 $ref: "#/components/headers/X-Request-ID"
4642
4643 content:
4644 application/json:
4645 schema:
4646 $ref: "#/components/schemas/transactionsResponse-200_json"
4647 examples:
4648 "Example 1":
4649 $ref: "#/components/examples/transactionsExample1_RegularAccount_json"
4650
4651
4652 OK_200_ConsentInformation:
4653 description: OK
4654
4655 headers:
4656 X-Request-ID:
4657 $ref: "#/components/headers/X-Request-ID"
4658
4659 content:
4660 application/json:
4661 schema:
4662 $ref: "#/components/schemas/consentInformationResponse-200_json"
4663 examples:
4664 Example:
4665 $ref: "#/components/examples/consentsInformationResponseExample"
4666
4667
4668 OK_200_ConsentStatus:
4669 description: OK
4670
4671 headers:
4672 X-Request-ID:
4673 $ref: "#/components/headers/X-Request-ID"
4674
4675 content:
4676 application/json:
4677 schema:
4678 $ref: "#/components/schemas/consentStatusResponse-200"
4679 examples:
4680 Example:
4681 $ref: "#/components/examples/consentStatusResponseExample1"
4682
4683
4684
4685 OK_200_ConfirmationOfFunds:
4686 description: OK
4687
4688 headers:
4689 Location:
4690 $ref: "#/components/headers/Location"
4691 X-Request-ID:
4692 $ref: "#/components/headers/X-Request-ID"
4693
4694 content:
4695 application/json:
4696 schema:
4697 description: |
4698 Equals "true" if sufficient funds are available at the time of the request,
4699 "false" otherwise.
4700 type: object
4701 required:
4702 - fundsAvailable
4703 properties:
4704 fundsAvailable:
4705 type: boolean
4706 examples:
4707 "Example":
4708 $ref: "#/components/examples/confirmationOfFundsResponseExample"
4709
4710
4711 CREATED_201_PaymentInitiation:
4712 description: CREATED
4713
4714 headers:
4715 X-Request-ID:
4716 $ref: "#/components/headers/X-Request-ID"
4717 Location:
4718 $ref: "#/components/headers/Location"
4719 ASPSP-SCA-Approach:
4720 $ref: "#/components/headers/ASPSP-SCA-Approach"
4721
4722 content:
4723 application/json:
4724 schema:
4725 oneOf:
4726 - $ref: "#/components/schemas/paymentInitationRequestResponse-201"
4727 examples:
4728 "Response with redirect":
4729 $ref: "#/components/examples/paymentInitiationExample_json_Redirect"
4730
4731 CREATED_201_StartScaProcess:
4732 description: Created
4733
4734 headers:
4735 X-Request-ID:
4736 $ref: "#/components/headers/X-Request-ID"
4737 ASPSP-SCA-Approach:
4738 $ref: "#/components/headers/ASPSP-SCA-Approach"
4739
4740 content:
4741 application/json:
4742 schema:
4743 $ref: "#/components/schemas/startScaprocessResponse"
4744 examples:
4745 "Example 1: payments - Decoupled Approach":
4746 $ref: "#/components/examples/startScaProcessResponseExample1"
4747
4748
4749 CREATED_201_Consents:
4750 description: Created
4751
4752 headers:
4753 Location:
4754 $ref: "#/components/headers/Location"
4755 X-Request-ID:
4756 $ref: "#/components/headers/X-Request-ID"
4757 ASPSP-SCA-Approach:
4758 $ref: "#/components/headers/ASPSP-SCA-Approach"
4759
4760 content:
4761 application/json:
4762 schema:
4763 $ref: "#/components/schemas/consentsResponse-201"
4764
4765 examples:
4766 "Response with redirect":
4767 $ref: "#/components/examples/consentResponseExample1a_Redirect"
4768
4769
4770
4771
4772 NO_CONTENT_204_PaymentInitiationCancel:
4773 description: OK
4774
4775 headers:
4776 X-Request-ID:
4777 $ref: "#/components/headers/X-Request-ID"
4778
4779 content:
4780 application/json:
4781 schema:
4782 $ref: "#/components/schemas/paymentInitiationCancelResponse-204_202"
4783 examples:
4784 Example:
4785 $ref: "#/components/examples/paymentInitiationCancelResponse-204_202"
4786
4787 NO_CONTENT_204_Consents:
4788 description: No Content
4789
4790 headers:
4791 X-Request-ID:
4792 $ref: "#/components/headers/X-Request-ID"
4793 #NO RESPONSE BODY
4794
4795
4796
4797 #####################################################
4798 # Negative Responses
4799 #####################################################
4800
4801 BAD_REQUEST_400:
4802 description: Bad Request
4803
4804 headers:
4805 Location:
4806 $ref: "#/components/headers/Location"
4807 X-Request-ID:
4808 $ref: "#/components/headers/X-Request-ID"
4809
4810 content:
4811 application/json:
4812 schema:
4813 $ref: "#/components/schemas/Error400"
4814
4815
4816 UNAUTHORIZED_401:
4817 description: Unauthorized
4818
4819 headers:
4820 Location:
4821 $ref: "#/components/headers/Location"
4822 X-Request-ID:
4823 $ref: "#/components/headers/X-Request-ID"
4824
4825 content:
4826 application/json:
4827 schema:
4828 $ref: "#/components/schemas/Error401"
4829
4830
4831 FORBIDDEN_403:
4832 description: Forbidden
4833
4834 headers:
4835 Location:
4836 $ref: "#/components/headers/Location"
4837 X-Request-ID:
4838 $ref: "#/components/headers/X-Request-ID"
4839
4840 content:
4841 application/json:
4842 schema:
4843 $ref: "#/components/schemas/Error403"
4844
4845 NOT_FOUND_404_PIS:
4846 description: Not found
4847
4848 headers:
4849 Location:
4850 $ref: "#/components/headers/Location"
4851 X-Request-ID:
4852 $ref: "#/components/headers/X-Request-ID"
4853
4854 content:
4855 application/json:
4856 schema:
4857 $ref: "#/components/schemas/Error404_NG_PIS"
4858
4859
4860 NOT_FOUND_404_AIS:
4861 description: Not found
4862
4863 headers:
4864 Location:
4865 $ref: "#/components/headers/Location"
4866 X-Request-ID:
4867 $ref: "#/components/headers/X-Request-ID"
4868
4869 content:
4870 application/json:
4871 schema:
4872 $ref: "#/components/schemas/Error404_NG_AIS"
4873
4874
4875 NOT_FOUND_404_PIIS:
4876 description: Not found
4877
4878 headers:
4879 Location:
4880 $ref: "#/components/headers/Location"
4881 X-Request-ID:
4882 $ref: "#/components/headers/X-Request-ID"
4883
4884 content:
4885 application/json:
4886 schema:
4887 $ref: "#/components/schemas/Error404_NG_PIIS"
4888
4889
4890
4891 METHOD_NOT_ALLOWED_405:
4892 description: Method Not Allowed
4893
4894 headers:
4895 Location:
4896 $ref: "#/components/headers/Location"
4897 X-Request-ID:
4898 $ref: "#/components/headers/X-Request-ID"
4899
4900 content:
4901 application/json:
4902 schema:
4903 $ref: "#/components/schemas/Error405"
4904
4905
4906 REQUEST_TIMEOUT_408:
4907 description: Request Timeout
4908
4909 headers:
4910 Location:
4911 $ref: "#/components/headers/Location"
4912 X-Request-ID:
4913 $ref: "#/components/headers/X-Request-ID"
4914 #No Response body because there are no valid message codes for PIS in case of HTTP code 408
4915
4916
4917 TOO_MANY_REQUESTS_429_AIS:
4918 description: Too Many Requests
4919
4920 headers:
4921 Location:
4922 $ref: "#/components/headers/Location"
4923 X-Request-ID:
4924 $ref: "#/components/headers/X-Request-ID"
4925
4926 content:
4927 application/json:
4928 schema:
4929 $ref: "#/components/schemas/Error429_NG_AIS"
4930
4931 INTERNAL_SERVER_ERROR_500:
4932 description: Internal Server Error
4933 headers:
4934 Location:
4935 $ref: "#/components/headers/Location"
4936 X-Request-ID:
4937 $ref: "#/components/headers/X-Request-ID"
4938 #No Response body because there are no valid message codes for PIS in case of HTTP code 500
4939
4940
4941 SERVICE_UNAVAILABLE_503:
4942 description: Service Unavailable
4943 headers:
4944 Location:
4945 $ref: "#/components/headers/Location"
4946 X-Request-ID:
4947 $ref: "#/components/headers/X-Request-ID"
4948 #No Response body because there are no valid message codes for PIS in case of HTTP code 503
4949
4950
4951 examples:
4952 #####################################################
4953 # Predefined Examples
4954 #####################################################
4955
4956 ibanExampleDe_01:
4957 value: "DE02100100109307118603"
4958
4959
4960 ibanExampleDe_02:
4961 value: "DE23100120020123456789"
4962
4963
4964 ibanExampleDe_03:
4965 value: "DE40100100103307118608"
4966
4967
4968 ibanExampleDe_04:
4969 value: "DE67100100101306118605"
4970
4971
4972 ibanExampleDe_05:
4973 value: "DE87200500001234567890"
4974
4975
4976 ibanExampleFr_01:
4977 value: "FR7612345987650123456789014"
4978
4979
4980 ibanExampleNl_01:
4981 value: "NL76RABO0359400371"
4982
4983
4984 ibanExampleSe_01:
4985 value: "SE9412309876543211234567"
4986
4987
4988 uuidExample:
4989 value: "99391c7e-ad88-49ec-a2ad-99ddcb1f7721"
4990
4991 paymentInitiationSctBody_payments_json:
4992 value:
4993 {
4994 "instructedAmount": {"currency": "EUR", "amount": "123.50"},
4995 "debtorAccount": {"iban": "DE40100100103307118608"},
4996 "creditorName": "Merchant123",
4997 "creditorAccount": {"iban": "DE02100100109307118603"},
4998 "remittanceInformationUnstructured": "Ref Number Merchant"
4999 }
5000
5001 paymentInitiationItBody_payments_json:
5002 value:
5003 {
5004 "instructedAmount": {"currency": "EUR", "amount": "123.50"},
5005 "fromSubAccount": "1",
5006 "toSubAccount": "2",
5007 "remittanceInformationUnstructured": "Ref Number Merchant"
5008 }
5009
5010
5011
5012 accountListExample1:
5013 summary: Account list Example 1
5014 description: Response in case of an example, where the consent has been given on two different IBANs
5015 value:
5016 {"accounts":
5017 [
5018 {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e80f",
5019 "iban": "DE2310010010123456789",
5020 "currency": "EUR",
5021 "product": "Girokonto",
5022 "cashAccountType": "CurrentAccount",
5023 "name": "Main Account",
5024 "_links": {
5025 "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/balances"},
5026 "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/transactions"}}
5027 },
5028 {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e81g",
5029 "iban": "DE2310010010123456788",
5030 "currency": "USD",
5031 "product": "Fremdw?hrungskonto",
5032 "cashAccountType": "CurrentAccount",
5033 "name": "US Dollar Account",
5034 "_links": {
5035 "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81g/balances" }}
5036 }
5037 ]}
5038
5039
5040 accountListExample2:
5041 summary: Account list Example 2
5042 description: |
5043 Response in case of an example where consent on transactions and balances has been given to a multicurrency account which has two sub-accounts with currencies EUR and USD, and where the ASPSP is giving the data access only on sub-account level
5044 value:
5045 {"accounts":
5046 [
5047 {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e80f",
5048 "iban": "DE2310010010123456788",
5049 "currency": "EUR",
5050 "product": "Girokonto",
5051 "cashAccountType": "CurrentAccount",
5052 "name": "Main Account",
5053 "_links": {
5054 "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/balances"},
5055 "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/transactions"}}
5056 },
5057 {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e81g",
5058 "iban": "DE2310010010123456788",
5059 "currency": "USD",
5060 "product": "Fremdw?hrungskonto",
5061 "cashAccountType": "CurrentAccount",
5062 "name": "US Dollar Account",
5063 "_links": {
5064 "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81g/balances"},
5065 "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81g/transactions"} }
5066 }
5067 ]}
5068
5069
5070 accountListExample3:
5071 summary: Account list Example 3
5072 description: |
5073 Account list response in case of an example where consent on balances and transactions has been given to
5074 a multicurrency account which has two sub-accounts with currencies EUR and USD and where the ASPSP is giving
5075 the data access on aggregation level and on sub-account level
5076 value:
5077 {"accounts":
5078 [
5079 {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e80f",
5080 "iban": "DE2310010010123456788",
5081 "currency": "XXX",
5082 "product": "Multi currency account",
5083 "cashAccountType": "CurrentAccount",
5084 "name": "Aggregation Account",
5085 "_links": {
5086 "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e333/balances"},
5087 "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e333/transactions"}}
5088 },
5089 {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e80f",
5090 "iban": "DE2310010010123456788",
5091 "currency": "EUR",
5092 "product": "Girokonto",
5093 "cashAccountType": "CurrentAccount",
5094 "name": "Main Account",
5095 "_links": {
5096 "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/balances"},
5097 "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/transactions"}}
5098 },
5099 {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e81g",
5100 "iban": "DE2310010010123456788",
5101 "currency": "USD",
5102 "product": "Fremdw?hrungskonto",
5103 "cashAccountType": "CurrentAccount",
5104 "name": "US Dollar Account",
5105 "_links": {
5106 "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81g/balances"},
5107 "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81g/transactions"} }
5108 }
5109 ]}
5110
5111
5112 startScaProcessResponseExample1:
5113 value:
5114 {
5115 "scaStatus": "received",
5116 "psuMessage": "Please use your BankApp for transaction Authorisation.",
5117 "_links":
5118 {
5119 "scaStatus": {"href":"/v1/payments/qwer3456tzui7890/authorisations/123auth456"}
5120 }
5121 }
5122
5123
5124 consentsExample_DedicatedAccounts:
5125 description: Consent request on dedicated accounts
5126 value:
5127 {
5128 "access":
5129 {
5130 "balances": [
5131 { "iban": "DE40100100103307118608" },
5132 { "iban": "DE02100100109307118603",
5133 "currency": "USD"
5134 },
5135 { "iban": "DE67100100101306118605" }
5136 ],
5137 "transactions": [
5138 { "iban": "DE40100100103307118608" },
5139 { "maskedPan": "123456xxxxxx1234" }
5140 ]
5141 },
5142 "recurringIndicator": "true",
5143 "validUntil": "2017-11-01",
5144 "frequencyPerDay": "4"
5145 }
5146
5147
5148
5149 consentsExample_AccountList:
5150 description: Consent on Account List of Available Accounts
5151 value:
5152 {"access":
5153 {"availableAccounts": "allAccounts"},
5154 "recurringIndicator": "false",
5155 "validUntil": "2017-08-06",
5156 "frequencyPerDay": "1"
5157 }
5158
5159
5160 consentsExample_without_Accounts:
5161 description: Consent request on account list or without indication of accounts
5162 value:
5163 {"access":
5164 {
5165 "balances": [],
5166 "transactions": []
5167 },
5168 "recurringIndicator": "true",
5169 "validUntil": "2017-11-01",
5170 "frequencyPerDay": "4"
5171 }
5172
5173
5174
5175 consentsInformationResponseExample:
5176 description: Consent request on account list or without indication of accounts
5177 value:
5178 {
5179 "access": {
5180 "balances": [
5181 {"iban": "DE2310010010123456789"}
5182 ],
5183 "transactions":
5184 [
5185 {"iban": "DE2310010010123456789"},
5186 {"pan": "123456xxxxxx3457"}
5187 ]
5188 },
5189 "recurringIndicator": "true",
5190 "validUntil": "2017-11-01",
5191 "frequencyPerDay": "4",
5192 "consentStatus": "valid",
5193 "_links": {"account": {"href": "/v1/accounts"}}
5194 }
5195
5196
5197 consentResponseExample1a_Redirect:
5198 description: Consent request Response in case of a redirect
5199 value:
5200 {
5201 "consentStatus": "received",
5202 "consentId": "1234-wertiq-983",
5203 "_links":
5204 {
5205 "scaRedirect": {"href": "https://www.testbank.com/authentication/1234-wertiq-983"},
5206 "status": {"href": "/v1/consents/1234-wertiq-983/status"},
5207 "scaStatus": {"href": "v1/consents/1234-wertiq-983/authorisations/123auth567"}
5208 }
5209 }
5210
5211
5212 consentResponseExample1b_Redirect:
5213 description: Consent request Response in case of a redirect with a dedicated start of the authorisation process
5214 value:
5215 {
5216 "consentStatus": "received",
5217 "consentId": "1234-wertiq-983",
5218 "_links":
5219 {
5220 "startAuthorisation": {"href": "v1/consents/1234-wertiq-983/authorisations"}
5221 }
5222 }
5223
5224
5225
5226 consentStatusResponseExample1:
5227 description: Response for a consent status request.
5228 value:
5229 {
5230 "consentStatus": "valid",
5231 }
5232
5233
5234 paymentInitiationExample_json_Redirect:
5235 description: "Response in case of a redirect with an implicitly created authorisation sub-resource"
5236 value:
5237 {
5238 "transactionStatus": "RCVD",
5239 "paymentId": "1234-wertiq-983",
5240 "_links":
5241 {
5242 "scaRedirect": {"href": "https://www.testbank.com/asdfasdfasdf"},
5243 "self": {"href": "/v1/payments/sepa-credit-transfers/1234-wertiq-983"},
5244 "status": {"href": "/v1/payments/1234-wertiq-983/status"},
5245 "scaStatus": {"href": "/v1/payments/1234-wertiq-983/authorisations/123auth456"}
5246 }
5247 }
5248
5249
5250 paymentInitiationExample_json__RedirectExplicitAuthorisation:
5251 description: "Response in case of a redirect with an explicit authorisation start"
5252 value:
5253 {
5254 "transactionStatus": "RCVD",
5255 "paymentId": "1234-wertiq-983",
5256 "_links":
5257 {
5258 "self": {"href": "/v1/payments/1234-wertiq-983"},
5259 "status": {"href": "/v1/payments/1234-wertiq-983/status"},
5260 "startAuthorisation": {"href": "/v1/payments1234-wertiq-983/authorisations"}
5261 }
5262 }
5263
5264
5265 paymentInitiationStatusResponse_json_Simple:
5266 value:
5267 {
5268 "transactionStatus": "ACCP"
5269 }
5270
5271
5272 paymentInitiationCancelResponse-204_202:
5273 value:
5274 {
5275 "transactionStatus": "CANC"
5276 }
5277
5278
5279 paymentInitiationStatusResponse_json_Extended:
5280 value: |
5281 {
5282 "transactionStatus": "ACCP",
5283 "scaStatus": "Some SCA Status"
5284 }
5285
5286
5287 transactionAuthorisationResponseExample:
5288 description: Response of a Transaction Authorisation request for the embedded approach.
5289 value:
5290 {
5291 "scaStatus": "finalised"
5292 }
5293
5294
5295 confirmationOfFundsExample:
5296 description: Request body for a confirmation of funds.
5297 value:
5298 {
5299 "cardNumber": "12345678901234",
5300 "account": {"iban": "DE23100120020123456789"},
5301 "instructedAmount": {"currency": "EUR", "amount": "123"}
5302 }
5303
5304
5305 confirmationOfFundsResponseExample:
5306 description: Response for a confirmation of funds request.
5307 value:
5308 {
5309 "fundsAvailable": "true"
5310 }
5311
5312
5313 balancesExample2_MulticurrencyAcount:
5314 description: |
5315 Response in case of a multicurrency account with one account in EUR,
5316 one in USD, where the ASPSP has delivered a link to the balance endpoint relative to the aggregated
5317 multicurrency account (aggregation level).
5318 value:
5319 {
5320 "balances":
5321 [{"balanceType": "closingBooked",
5322 "balanceAmount": {"currency": "EUR", "amount": "500.00"},
5323 "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
5324 "referenceDate": "2017-10-25"
5325 },
5326 {"balanceType": "expected",
5327 "balanceAmount": {"currency": "EUR", "amount": "900.00"},
5328 "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
5329 "lastChangeDateTime": "2017-10-25T15:30:35.035Z"
5330 },
5331 {"balanceType": "closingBooked",
5332 "balanceAmount": {"currency": "USD", "amount": "350.00"},
5333 "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
5334 "referenceDate": "2017-10-25"
5335 },
5336 {"balanceType": "expected",
5337 "balanceAmount": {"currency": "USD", "amount": "350.00"},
5338 "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
5339 "lastChangeDateTime": "2017-10-24T14:30:21Z"
5340 }]
5341 }
5342
5343
5344 transactionsExample1_RegularAccount_json:
5345 description: Response in JSON format for an access on a regular account
5346 value:
5347 {
5348 "account": {"iban": "DE2310010010123456788" },
5349 "transactions":
5350 {
5351 "booked":
5352 [{
5353 "transactionId": "1234567",
5354 "creditorName": "John Miles",
5355 "creditorAccount": {"iban": "DE67100100101306118605"},
5356 "transactionAmount": {"currency": "EUR", "amount": "256.67"},
5357 "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
5358 "bookingDate": "2017-10-25",
5359 "valueDate": "2017-10-26",
5360 "remittanceInformationUnstructured": "Example 1"
5361 },{
5362 "transactionId": "1234568",
5363 "debtorName": "Paul Simpson",
5364 "debtorAccount": {"iban": "NL76RABO0359400371"},
5365 "transactionAmount": {"currency": "EUR", "amount": "343.01"},
5366 "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
5367 "bookingDate": "2017-10-25",
5368 "valueDate": "2017-10-26",
5369 "remittanceInformationUnstructured": "Example 2"
5370 }],
5371 "pending":
5372 [{
5373 "transactionId": "1234569",
5374 "creditorName": "Claude Renault",
5375 "creditorAccount": {"iban": "FR7612345987650123456789014"},
5376 "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
5377 "transactionAmount": {"currency": "EUR", "amount": "-100.03"},
5378 "valueDate": "2017-10-26",
5379 "remittanceInformationUnstructured": "Example 3"
5380 }],
5381 "_links": {"account": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f"}}
5382 }
5383 }
5384
5385 transactionDetailsExample:
5386 description: Example for transaction details
5387 value:
5388 {
5389 "transactionsDetails":
5390 {
5391 "transactionId": "1234567",
5392 "creditorName": "John Miles",
5393 "creditorAccount": {"iban": "DE67100100101306118605"},
5394 "mandateId": "Mandate-2018-04-20-1234",
5395 "transactionAmount": {"currency": "EUR", "amount": "-256.67"},
5396 "bookingDate": "2017-10-25",
5397 "valueDate": "2017-10-26",
5398 "remittanceInformationUnstructured": "Example 1",
5399 "bankTransactionCode": "PMNT-RCVD-ESDD",
5400 }
5401 }
5402
5403
5404
5405 authorisationListExample:
5406 value:
5407 {
5408 "authorisationIds": ["123auth456"]
5409 }
5410
5411 cancellationListExample:
5412 value:
5413 {
5414 "cancellationIds": ["123auth456"]
5415 }
5416
5417
5418security:
5419#####################################################
5420# Global security options
5421#####################################################
5422 - {}
5423
5424
5425tags:
5426#####################################################
5427# Predefined Tags to Group Methods
5428#####################################################
5429
5430 - name: Account Information Service (AIS)
5431 description: |
5432 The Account Information Service (AIS) offers the following services
5433 * Transaction reports for a given account including balances if applicable.
5434 * Balances of a given account ,
5435 * A list of available accounts ,
5436 * Account details of a given account or of the list of all accessible accounts relative to a granted consent
5437 - name: Payment Initiation Service (PIS)
5438 description: |
5439 The Decription for Payment Initiation Service (PIS) offers the following services:
5440 * Initiation and update of a payment request
5441 * Status information of a payment