API Explorer

v1.3 (38 APIs)

Bank
Accounts
Views
Counterparties
Transactions

Create a signing basket resource

NOTE: This endpoint currently only returns example data.

Create a signing basket resource for authorising several transactions with one SCA method.
The resource identifications of these transactions are contained in the payload of this access method

Authentication is Mandatory

Typical Successful Response:

								
									
{ "basketId":"1234-basket-567", "challengeData":{ "otpMaxLength":0, "additionalInformation":"additionalInformation", "image":"image", "imageLink":"http://example.com/aeiou", "otpFormat":"characters", "data":["data","data"] }, "scaMethods":"", "tppMessages":[{ "path":"path", "code":{ }, "text":{ }, "category":{ } },{ "path":"path", "code":{ }, "text":{ }, "category":{ } }], "_links":{ "scaStatus":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "startAuthorisationWithEncryptedPsuAuthentication":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "scaRedirect":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "startAuthorisationWithAuthenticationMethodSelection":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "startAuthorisationWithPsuAuthentication":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "scaOAuth":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "self":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "startAuthorisationWithPsuIdentification":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "startAuthorisation":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "startAuthorisationWithTransactionAuthorisation":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "status":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983" }, "chosenScaMethod":"", "transactionStatus":"ACCP", "psuMessage":{ } }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-50000: Unknown Error.
Implemented in BGv1.3 by createSigningBasket

Delete the signing basket

NOTE: This endpoint currently only returns example data.

Delete the signing basket structure as long as no (partial) authorisation has yet been applied.
The undlerying transactions are not affected by this deletion.

Remark: The signing basket as such is not deletable after a first (partial) authorisation has been applied.
Nevertheless, single transactions might be cancelled on an individual basis on the XS2A interface.

Authentication is Mandatory

Typical Successful Response:

								
									
{ }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-50000: Unknown Error.
Implemented in BGv1.3 by deleteSigningBasket

Get Signing Basket Authorisation Sub-Resources Request

NOTE: This endpoint currently only returns example data.

Read a list of all authorisation subresources IDs which have been created.

This function returns an array of hyperlinks to all generated authorisation sub-resources.

Authentication is Mandatory

Typical Successful Response:

								
									
{ "authorisationIds":"" }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-50000: Unknown Error.
Implemented in BGv1.3 by getSigningBasketAuthorisation

Read the SCA status of the signing basket authorisation

NOTE: This endpoint currently only returns example data.

This method returns the SCA status of a signing basket's authorisation sub-resource.

Authentication is Mandatory

Typical Successful Response:

								
									
{ "scaStatus":"psuAuthenticated" }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-50000: Unknown Error.
Implemented in BGv1.3 by getSigningBasketScaStatus

Read the status of the signing basket

NOTE: This endpoint currently only returns example data.

Returns the status of a signing basket object.

Authentication is Mandatory

Typical Successful Response:

								
									
{ "transactionStatus":"RCVD" }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-50000: Unknown Error.
Implemented in BGv1.3 by getSigningBasketStatus

Returns the content of an signing basket object

NOTE: This endpoint currently only returns example data.

Returns the content of an signing basket object.

Authentication is Mandatory

Typical Successful Response:

								
									
{ "transactionStatus":"ACCP", "payments":"", "consents":"" }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-50000: Unknown Error.
Implemented in BGv1.3 by getSigningBasket

Start the authorisation process for a signing basket

NOTE: This endpoint currently only returns example data.

Create an authorisation sub-resource and start the authorisation process of a signing basket.
The message might in addition transmit authentication and authorisation related data.

This method is iterated n times for a n times SCA authorisation in a
corporate context, each creating an own authorisation sub-endpoint for
the corresponding PSU authorising the signing-baskets.

The ASPSP might make the usage of this access method unnecessary in case
of only one SCA process needed, since the related authorisation resource
might be automatically created by the ASPSP after the submission of the
payment data with the first POST signing basket call.

The start authorisation process is a process which is needed for creating a new authorisation
or cancellation sub-resource.

This applies in the following scenarios:

  • The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding Payment
    Initiation Response that an explicit start of the authorisation process is needed by the TPP.
    The 'startAuthorisation' hyperlink can transport more information about data which needs to be
    uploaded by using the extended forms.
    • 'startAuthorisationWithPsuIdentfication',
    • 'startAuthorisationWithPsuAuthentication' #TODO
    • 'startAuthorisationWithAuthentciationMethodSelection'
  • The related payment initiation cannot yet be executed since a multilevel SCA is mandated.
  • The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding
    Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP.
    The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded
    by using the extended forms as indicated above.
  • The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for
    executing the cancellation.
  • The signing basket needs to be authorised yet.

Authentication is Mandatory

Typical Successful Response:

								
									
{ "challengeData":{ "otpMaxLength":0, "additionalInformation":"additionalInformation", "image":"image", "imageLink":"http://example.com/aeiou", "otpFormat":"characters", "data":"data" }, "scaMethods":"", "scaStatus":"psuAuthenticated", "_links":{ "scaStatus":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "startAuthorisationWithEncryptedPsuAuthentication":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "scaRedirect":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "selectAuthenticationMethod":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "startAuthorisationWithPsuAuthentication":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "authoriseTransaction":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "scaOAuth":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983", "updatePsuIdentification":"/v1.3/payments/sepa-credit-transfers/1234-wertiq-983" }, "chosenScaMethod":"", "psuMessage":{ } }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-50000: Unknown Error.
Implemented in BGv1.3 by startSigningBasketAuthorisation

Update PSU Data for signing basket

NOTE: This endpoint currently only returns example data.

This method update PSU data on the signing basket resource if needed.
It may authorise a igning basket within the Embedded SCA Approach where needed.

Independently from the SCA Approach it supports e.g. the selection of
the authentication method and a non-SCA PSU authentication.

This methods updates PSU data on the cancellation authorisation resource if needed.

There are several possible Update PSU Data requests in the context of a consent request if needed,
which depends on the SCA approach:

  • Redirect SCA Approach:
    A specific Update PSU Data Request is applicable for
    • the selection of authentication methods, before choosing the actual SCA approach.
  • Decoupled SCA Approach:
    A specific Update PSU Data Request is only applicable for
  • adding the PSU Identification, if not provided yet in the Payment Initiation Request or the Account Information Consent Request, or if no OAuth2 access token is used, or
  • the selection of authentication methods.
  • Embedded SCA Approach:
    The Update PSU Data Request might be used
  • to add credentials as a first factor authentication data of the PSU and
  • to select the authentication method and
  • transaction authorisation.

The SCA Approach might depend on the chosen SCA method.
For that reason, the following possible Update PSU Data request can apply to all SCA approaches:

  • Select an SCA method in case of several SCA methods are available for the customer.

There are the following request types on this access path:
* Update PSU Identification
* Update PSU Authentication
* Select PSU Autorization Method
WARNING: This method need a reduced header,
therefore many optional elements are not present.
Maybe in a later version the access path will change.
* Transaction Authorisation
WARNING: This method need a reduced header,
therefore many optional elements are not present.
Maybe in a later version the access path will change.

Authentication is Mandatory

Typical Successful Response:

								
									
{ "jvalueToCaseclass":"" }
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-50000: Unknown Error.
Implemented in BGv1.3 by updateSigningBasketPsuData