{ "openapi": "3.0.1", "info": { "title": "BG PSD2 API", "version": "1.3 Dec 20th 2018", "description": "# Summary\nThe **NextGenPSD2** *Framework Version 1.3* offers a modern, open, harmonised and interoperable set of \nApplication Programming Interfaces (APIs) as the safest and most efficient way to provide data securely. \nThe NextGenPSD2 Framework reduces XS2A complexity and costs, addresses the problem of multiple competing standards \nin Europe and, aligned with the goals of the Euro Retail Payments Board,\nenables European banking customers to benefit from innovative products and services ('Banking as a Service') \nby granting TPPs safe and secure (authenticated and authorised) access to their bank accounts and financial data.\n\nThe possible Approaches are:\n * Redirect SCA Approach\n * OAuth SCA Approach\n * Decoupled SCA Approach\n * Embedded SCA Approach without SCA method\n * Embedded SCA Approach with only one SCA method available\n * Embedded SCA Approach with Selection of a SCA method\n\n Not every message defined in this API definition is necessary for all approaches. \n Furthermore this API definition does not differ between methods which are mandatory, conditional, or optional\n Therefore for a particular implementation of a Berlin Group PSD2 compliant API it is only necessary to support \n a certain subset of the methods defined in this API definition.\n\n **Please have a look at the implementation guidelines if you are not sure \n which message has to be used for the approach you are going to use.**\n\n## Some General Remarks Related to this version of the OpenAPI Specification:\n* **This API definition is based on the Implementation Guidelines of the Berlin Group PSD2 API.** \n It is not an replacement in any sense.\n The main specification is (at the moment) always the Implementation Guidelines of the Berlin Group PSD2 API.\n* **This API definition contains the REST-API for requests from the PISP to the ASPSP.**\n* **This API definition contains the messages for all different approaches defined in the Implementation Guidelines.**\n* According to the OpenAPI-Specification [https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.1.md]\n \n \"If in is \"header\" and the name field is \"Accept\", \"Content-Type\" or \"Authorization\", the parameter definition SHALL be ignored.\"\n \n The element \"Accept\" will not be defined in this file at any place.\n \n The elements \"Content-Type\" and \"Authorization\" are implicitly defined by the OpenApi tags \"content\" and \"security\".\n \n* There are several predefined types which might occur in payment initiation messages, \n but are not used in the standard JSON messages in the Implementation Guidelines.\n Therefore they are not used in the corresponding messages in this file either.\n We added them for the convenience of the user.\n If there is a payment product, which need these field, one can easily use the predefined types.\n But the ASPSP need not to accept them in general.\n \n* **We omit the definition of all standard HTTP header elements (mandatory/optional/conditional) \n except they are mention in the Implementation Guidelines.**\n Therefore the implementer might add the in his own realisation of a PSD2 comlient API in addition to the elements define in this file.\n \n## General Remarks on Data Types\n\nThe Berlin Group definition of UTF-8 strings in context of the PSD2 API have to support at least the following characters\n\na b c d e f g h i j k l m n o p q r s t u v w x y z\n\nA B C D E F G H I J K L M N O P Q R S T U V W X Y Z\n\n0 1 2 3 4 5 6 7 8 9\n\n/ - ? : ( ) . , ' +\n\nSpace\n", "license": { "name": "Creative Commons Attribution 4.0 International Public License", "url": "https://creativecommons.org/licenses/by/4.0/" }, "contact": { "name": "The Berlin Group - A European Standards Initiative", "url": "https://www.berlin-group.org/", "email": "info@berlin-group.org" } }, "externalDocs": { "description": "Full Documentation of NextGenPSD2 Access to Account Interoperability Framework\n(General Introduction Paper, Operational Rules, Implementation Guidelines)\n", "url": "https://www.berlin-group.org/nextgenpsd2-downloads" }, "servers": [ { "url": "https://api.testbank.com/psd2", "description": "PSD2 server" }, { "url": "https://test-api.testbank.com/psd2", "description": "Optional PSD2 test server" } ], "paths": { "/v1/{payment-service}/{payment-product}": { "post": { "summary": "Payment initiation request", "description": "This method is used to initiate a payment at the ASPSP.\n\n## Variants of Payment Initiation Requests\n\nThis method to initiate a payment initiation at the ASPSP can be sent with either a JSON body or an pain.001 body depending on the payment product in the path.\n\nThere are the following **payment products**:\n\n - Payment products with payment information in *JSON* format:\n - ***sepa-credit-transfers***\n - ***instant-sepa-credit-transfers***\n - ***target-2-payments***\n - ***cross-border-credit-transfers***\n - Payment products with payment information in *pain.001* XML format:\n - ***pain.001-sepa-credit-transfers***\n - ***pain.001-instant-sepa-credit-transfers***\n - ***pain.001-target-2-payments***\n - ***pain.001-cross-border-credit-transfers***\n\nFurthermore the request body depends on the **payment-service**\n * ***payments***: A single payment initiation request.\n * ***bulk-payments***: A collection of several payment iniatiation requests.\n \n In case of a *pain.001* message there are more than one payments contained in the *pain.001 message.\n \n In case of a *JSON* there are several JSON payment blocks contained in a joining list.\n * ***periodic-payments***: \n Create a standing order initiation resource for recurrent i.e. periodic payments addressable under {paymentId} \n with all data relevant for the corresponding payment product and the execution of the standing order contained in a JSON body. \n\nThis is the first step in the API to initiate the related recurring/periodic payment.\n \n## Single and mulitilevel SCA Processes\n\nThe Payment Initiation Requests are independent from the need of one ore multilevel \nSCA processing, i.e. independent from the number of authorisations needed for the execution of payments. \n\nBut the response messages are specific to either one SCA processing or multilevel SCA processing. \n\nFor payment initiation with multilevel SCA, this specification requires an explicit start of the authorisation, \ni.e. links directly associated with SCA processing like 'scaRedirect' or 'scaOAuth' cannot be contained in the \nresponse message of a Payment Initation Request for a payment, where multiple authorisations are needed. \nAlso if any data is needed for the next action, like selecting an SCA method is not supported in the response, \nsince all starts of the multiple authorisations are fully equal. \nIn these cases, first an authorisation sub-resource has to be generated following the 'startAuthorisation' link.\n", "operationId": "initiatePayment", "tags": [ "Payment Initiation Service (PIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/consentId_HEADER_optional" }, { "$ref": "#/components/parameters/PSU-IP-Address_mandatory" }, { "$ref": "#/components/parameters/TPP-Redirect-Preferred" }, { "$ref": "#/components/parameters/TPP-Redirect-URI" }, { "$ref": "#/components/parameters/TPP-Nok-Redirect-URI" }, { "$ref": "#/components/parameters/TPP-Explicit-Authorisation-Preferred" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "requestBody": { "$ref": "#/components/requestBodies/paymentInitiation" }, "responses": { "201": { "$ref": "#/components/responses/CREATED_201_PaymentInitiation" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } } }, "/v1/{payment-service}/{payment-product}/{paymentId}": { "get": { "summary": "Get Payment Information", "description": "Returns the content of a payment object", "operationId": "getPaymentInformation", "tags": [ "Payment Initiation Service (PIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_PaymentInitiationInformation" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } }, "delete": { "summary": "Payment Cancellation Request", "description": "This method initiates the cancellation of a payment. \nDepending on the payment-service, the payment-product and the ASPSP's implementation, \nthis TPP call might be sufficient to cancel a payment. \nIf an authorisation of the payment cancellation is mandated by the ASPSP, \na corresponding hyperlink will be contained in the response message.\n\nCancels the addressed payment with resource identification paymentId if applicable to the payment-service, payment-product and received in product related timelines (e.g. before end of business day for scheduled payments of the last business day before the scheduled execution day). \n\nThe response to this DELETE command will tell the TPP whether the \n * access method was rejected\n * access method was successful, or\n * access method is generally applicable, but further authorisation processes are needed.\n", "operationId": "cancelPayment", "tags": [ "Payment Initiation Service (PIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "204": { "$ref": "#/components/responses/NO_CONTENT_204_PaymentInitiationCancel" }, "202": { "$ref": "#/components/responses/RECEIVED_202_PaymentInitiationCancel" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS_CANC" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } } }, "/v1/{payment-service}/{payment-product}/{paymentId}/status": { "get": { "summary": "Payment initiation status request", "description": "Check the transaction status of a payment initiation.", "operationId": "getPaymentInitiationStatus", "tags": [ "Payment Initiation Service (PIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_PaymentInitiationStatus" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } } }, "/v1/{payment-service}/{payment-product}/{paymentId}/authorisations": { "post": { "summary": "Start the authorisation process for a payment initiation", "description": "Create an authorisation sub-resource and start the authorisation process. \nThe message might in addition transmit authentication and authorisation related data. \n\nThis method is iterated n times for a n times SCA authorisation in a \ncorporate context, each creating an own authorisation sub-endpoint for \nthe corresponding PSU authorising the transaction.\n\nThe ASPSP might make the usage of this access method unnecessary in case \nof only one SCA process needed, since the related authorisation resource \nmight be automatically created by the ASPSP after the submission of the \npayment data with the first POST payments/{payment-product} call.\n\nThe start authorisation process is a process which is needed for creating a new authorisation \nor cancellation sub-resource. \n\nThis applies in the following scenarios:\n\n * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding Payment \n Initiation Response that an explicit start of the authorisation process is needed by the TPP. \n The 'startAuthorisation' hyperlink can transport more information about data which needs to be \n uploaded by using the extended forms.\n * 'startAuthorisationWithPsuIdentfication', \n * 'startAuthorisationWithPsuAuthentication' #TODO\n * 'startAuthorisationWithAuthentciationMethodSelection' \n * The related payment initiation cannot yet be executed since a multilevel SCA is mandated.\n * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding \n Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP. \n The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded \n by using the extended forms as indicated above.\n * The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for \n executing the cancellation.\n * The signing basket needs to be authorised yet.\n", "operationId": "startPaymentAuthorisation", "tags": [ "Payment Initiation Service (PIS)", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "201": { "$ref": "#/components/responses/CREATED_201_StartScaProcess" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } }, "get": { "summary": "Get Payment Initiation Authorisation Sub-Resources Request", "description": "Read a list of all authorisation subresources IDs which have been created.\n\nThis function returns an array of hyperlinks to all generated authorisation sub-resources.\n", "operationId": "getPaymentInitiationAuthorisation", "tags": [ "Payment Initiation Service (PIS)", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_Authorisations" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } } }, "/v1/{payment-service}/{payment-product}/{paymentId}/authorisations/{authorisationId}": { "get": { "summary": "Read the SCA Status of the payment authorisation", "description": "This method returns the SCA status of a payment initiation's authorisation sub-resource.\n", "operationId": "getPaymentInitiationScaStatus", "tags": [ "Payment Initiation Service (PIS)", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/authorisationId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_ScaStatus" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } }, "put": { "summary": "Update PSU data for payment initiation", "description": "This methods updates PSU data on the authorisation resource if needed. \nIt may authorise a payment within the Embedded SCA Approach where needed.\n\nIndependently from the SCA Approach it supports e.g. the selection of \nthe authentication method and a non-SCA PSU authentication.\n\nThere are several possible Update PSU Data requests in the context of payment initiation services needed, \nwhich depends on the SCA approach:\n\n* Redirect SCA Approach:\n A specific Update PSU Data Request is applicable for \n * the selection of authentication methods, before choosing the actual SCA approach.\n* Decoupled SCA Approach:\n A specific Update PSU Data Request is only applicable for\n * adding the PSU Identification, if not provided yet in the Payment Initiation Request or the Account Information Consent Request, or if no OAuth2 access token is used, or\n * the selection of authentication methods.\n* Embedded SCA Approach: \n The Update PSU Data Request might be used \n * to add credentials as a first factor authentication data of the PSU and\n * to select the authentication method and\n * transaction authorisation.\n\nThe SCA Approach might depend on the chosen SCA method. \nFor that reason, the following possible Update PSU Data request can apply to all SCA approaches:\n\n* Select an SCA method in case of several SCA methods are available for the customer.\n\nThere are the following request types on this access path:\n * Update PSU Identification\n * Update PSU Authentication\n * Select PSU Autorization Method \n WARNING: This method need a reduced header, \n therefore many optional elements are not present. \n Maybe in a later version the access path will change.\n * Transaction Authorisation\n WARNING: This method need a reduced header, \n therefore many optional elements are not present. \n Maybe in a later version the access path will change.\n", "operationId": "updatePaymentPsuData", "tags": [ "Payment Initiation Service (PIS)", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/authorisationId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "requestBody": { "content": { "application/json": { "schema": { "oneOf": [ {}, { "$ref": "#/components/schemas/updatePsuAuthentication" }, { "$ref": "#/components/schemas/selectPsuAuthenticationMethod" }, { "$ref": "#/components/schemas/transactionAuthorisation" } ] }, "examples": { "Update PSU Identification (Decoupled Approach)": { "value": {} }, "Update PSU Authentication (Embedded Approach)": { "$ref": "#/components/examples/updatePsuAuthenticationExample_Embedded" }, "Select PSU Authentication Method (Embedded Approach)": { "$ref": "#/components/examples/selectPsuAuthenticationMethodExample_Embedded" }, "Transaction Authorisation (Embedded Approach)": { "$ref": "#/components/examples/transactionAuthorisationExample_Embedded" } } } } }, "responses": { "200": { "$ref": "#/components/responses/OK_200_UpdatePsuData" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } } }, "/v1/{payment-service}/{payment-product}/{paymentId}/cancellation-authorisations": { "post": { "summary": "Start the authorisation process for the cancellation of the addressed payment", "description": "Creates an authorisation sub-resource and start the authorisation process of the cancellation of the addressed payment. \nThe message might in addition transmit authentication and authorisation related data.\n\nThis method is iterated n times for a n times SCA authorisation in a \ncorporate context, each creating an own authorisation sub-endpoint for \nthe corresponding PSU authorising the cancellation-authorisation.\n\nThe ASPSP might make the usage of this access method unnecessary in case \nof only one SCA process needed, since the related authorisation resource \nmight be automatically created by the ASPSP after the submission of the \npayment data with the first POST payments/{payment-product} call.\n\nThe start authorisation process is a process which is needed for creating a new authorisation \nor cancellation sub-resource. \n\nThis applies in the following scenarios:\n\n * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding Payment \n Initiation Response that an explicit start of the authorisation process is needed by the TPP. \n The 'startAuthorisation' hyperlink can transport more information about data which needs to be \n uploaded by using the extended forms.\n * 'startAuthorisationWithPsuIdentfication', \n * 'startAuthorisationWithPsuAuthentication' #TODO\n * 'startAuthorisationWithAuthentciationMethodSelection' \n * The related payment initiation cannot yet be executed since a multilevel SCA is mandated.\n * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding \n Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP. \n The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded \n by using the extended forms as indicated above.\n * The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for \n executing the cancellation.\n * The signing basket needs to be authorised yet.\n", "operationId": "startPaymentInitiationCancellationAuthorisation", "tags": [ "Payment Initiation Service (PIS)", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "201": { "$ref": "#/components/responses/CREATED_201_StartScaProcess" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } }, "get": { "summary": "Will deliver an array of resource identifications to all generated cancellation authorisation sub-resources.", "description": "Retrieve a list of all created cancellation authorisation sub-resources.\n", "operationId": "getPaymentInitiationCancellationAuthorisationInformation", "tags": [ "Payment Initiation Service (PIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_CancellationList" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } } }, "/v1/{payment-service}/{payment-product}/{paymentId}/cancellation-authorisations/{cancellationId}": { "get": { "summary": "Read the SCA status of the payment cancellation's authorisation.", "description": "This method returns the SCA status of a payment initiation's authorisation sub-resource.\n", "operationId": "getPaymentCancellationScaStatus", "tags": [ "Payment Initiation Service (PIS)", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/cancellationId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_ScaStatus" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } }, "put": { "summary": "Update PSU Data for payment initiation cancellation", "description": "This method updates PSU data on the cancellation authorisation resource if needed. \nIt may authorise a cancellation of the payment within the Embedded SCA Approach where needed.\n\nIndependently from the SCA Approach it supports e.g. the selection of \nthe authentication method and a non-SCA PSU authentication.\n\nThis methods updates PSU data on the cancellation authorisation resource if needed. \n\nThere are several possible Update PSU Data requests in the context of a cancellation authorisation within the payment initiation services needed, \nwhich depends on the SCA approach:\n\n* Redirect SCA Approach:\n A specific Update PSU Data Request is applicable for \n * the selection of authentication methods, before choosing the actual SCA approach.\n* Decoupled SCA Approach:\n A specific Update PSU Data Request is only applicable for\n * adding the PSU Identification, if not provided yet in the Payment Initiation Request or the Account Information Consent Request, or if no OAuth2 access token is used, or\n * the selection of authentication methods.\n* Embedded SCA Approach: \n The Update PSU Data Request might be used \n * to add credentials as a first factor authentication data of the PSU and\n * to select the authentication method and\n * transaction authorisation.\n\nThe SCA Approach might depend on the chosen SCA method. \nFor that reason, the following possible Update PSU Data request can apply to all SCA approaches:\n\n* Select an SCA method in case of several SCA methods are available for the customer.\n\nThere are the following request types on this access path:\n * Update PSU Identification\n * Update PSU Authentication\n * Select PSU Autorization Method \n WARNING: This method need a reduced header, \n therefore many optional elements are not present. \n Maybe in a later version the access path will change.\n * Transaction Authorisation\n WARNING: This method need a reduced header, \n therefore many optional elements are not present. \n Maybe in a later version the access path will change.\n", "operationId": "updatePaymentCancellationPsuData", "tags": [ "Payment Initiation Service (PIS)", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/paymentService" }, { "$ref": "#/components/parameters/paymentProduct" }, { "$ref": "#/components/parameters/paymentId" }, { "$ref": "#/components/parameters/cancellationId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "requestBody": { "content": { "application/json": { "schema": { "oneOf": [ {}, { "$ref": "#/components/schemas/updatePsuAuthentication" }, { "$ref": "#/components/schemas/selectPsuAuthenticationMethod" }, { "$ref": "#/components/schemas/transactionAuthorisation" } ] }, "examples": { "Update PSU Identification (Embedded Approach)": { "value": {} }, "Update PSU Authentication (Embedded Approach)": { "$ref": "#/components/examples/updatePsuAuthenticationExample_Embedded" }, "Select PSU Authentication Method (Embedded Approach)": { "$ref": "#/components/examples/selectPsuAuthenticationMethodExample_Embedded" }, "Transaction Authorisation (Embedded Approach)": { "$ref": "#/components/examples/transactionAuthorisationExample_Embedded" } } } } }, "responses": { "200": { "$ref": "#/components/responses/OK_200_UpdatePsuData" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIS" } } } }, "/v1/accounts": { "get": { "summary": "Read Account List", "description": "Read the identifiers of the available payment account together with \nbooking balance information, depending on the consent granted.\n\nIt is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. \nThe addressed list of accounts depends then on the PSU ID and the stored consent addressed by consentId, \nrespectively the OAuth2 access token. \n\nReturns all identifiers of the accounts, to which an account access has been granted to through \nthe /consents endpoint by the PSU. \nIn addition, relevant information about the accounts and hyperlinks to corresponding account \ninformation resources are provided if a related consent has been already granted.\n\nRemark: Note that the /consents endpoint optionally offers to grant an access on all available \npayment accounts of a PSU. \nIn this case, this endpoint will deliver the information about all available payment accounts \nof the PSU at this ASPSP.\n", "operationId": "getAccountList", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/withBalanceQuery" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/consentId_HEADER_mandatory" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_AccountList" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/v1/accounts/{account-id}": { "get": { "summary": "Read Account Details", "description": "Reads details about an account, with balances where required. \nIt is assumed that a consent of the PSU to \nthis access is already given and stored on the ASPSP system. \nThe addressed details of this account depends then on the stored consent addressed by consentId, \nrespectively the OAuth2 access token.\n\n**NOTE:** The account-id can represent a multicurrency account. \nIn this case the currency code is set to \"XXX\".\n\nGive detailed information about the addressed account.\n\nGive detailed information about the addressed account together with balance information\n", "operationId": "readAccountDetails", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/accountId" }, { "$ref": "#/components/parameters/withBalanceQuery" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/consentId_HEADER_mandatory" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_AccountDetails" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/v1/accounts/{account-id}/balances": { "get": { "summary": "Read Balance", "description": "Reads account data from a given account addressed by \"account-id\". \n\n**Remark:** This account-id can be a tokenised identification due to data protection reason since the path \ninformation might be logged on intermediary servers within the ASPSP sphere. \nThis account-id then can be retrieved by the \"GET Account List\" call.\n\nThe account-id is constant at least throughout the lifecycle of a given consent.\n", "operationId": "getBalances", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/accountId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/consentId_HEADER_mandatory" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_Balances" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/v1/accounts/{account-id}/transactions/": { "get": { "summary": "Read transaction list of an account", "description": "Read transaction reports or transaction lists of a given account ddressed by \"account-id\", depending on the steering parameter \n\"bookingStatus\" together with balances.\n\nFor a given account, additional parameters are e.g. the attributes \"dateFrom\" and \"dateTo\". \nThe ASPSP might add balance information, if transaction lists without balances are not supported.\n", "operationId": "getTransactionList", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/accountId" }, { "$ref": "#/components/parameters/dateFrom" }, { "$ref": "#/components/parameters/dateTo" }, { "$ref": "#/components/parameters/entryReferenceFrom" }, { "$ref": "#/components/parameters/bookingStatus" }, { "$ref": "#/components/parameters/deltaList" }, { "$ref": "#/components/parameters/withBalanceQuery" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/consentId_HEADER_mandatory" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_AccountsTransactions" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/v1/accounts/{account-id}/transactions/{resourceId}": { "get": { "summary": "Read Transaction Details", "description": "Reads transaction details from a given transaction addressed by \"resourceId\" on a given account addressed by \"account-id\". \nThis call is only available on transactions as reported in a JSON format.\n\n**Remark:** Please note that the PATH might be already given in detail by the corresponding entry of the response of the \n\"Read Transaction List\" call within the _links subfield.\n", "operationId": "getTransactionDetails", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/accountId" }, { "$ref": "#/components/parameters/resourceId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/consentId_HEADER_mandatory" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_TransactionDetails" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/card-accounts": { "get": { "summary": "Reads a list of card accounts", "description": "Reads a list of card accounts with additional information, e.g. balance information. \nIt is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. \nThe addressed list of card accounts depends then on the PSU ID and the stored consent addressed by consentId, \nrespectively the OAuth2 access token. \n", "operationId": "getCardAccount", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/consentId_HEADER_mandatory" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_CardAccountList" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/card-accounts/{account-id}": { "get": { "summary": "Reads details about a card account", "description": "Reads details about a card account. \nIt is assumed that a consent of the PSU to this access is already given \nand stored on the ASPSP system. The addressed details of this account depends \nthen on the stored consent addressed by consentId, respectively the OAuth2 \naccess token.\n", "operationId": "ReadCardAccount", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/accountId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/consentId_HEADER_mandatory" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_CardAccountDetails" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/card-accounts/{account-id}/balances": { "get": { "summary": "Read card account balances", "description": "Reads balance data from a given card account addressed by \n\"account-id\". \n\nRemark: This account-id can be a tokenised identification due \nto data protection reason since the path information might be \nlogged on intermediary servers within the ASPSP sphere. \nThis account-id then can be retrieved by the \n\"GET Card Account List\" call\n", "operationId": "getCardAccountBalances", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/accountId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/consentId_HEADER_mandatory" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_CardAccountBalances" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/card-accounts/{account-id}/transactions": { "get": { "summary": "Read transaction list of an account", "description": "Reads account data from a given card account addressed by \"account-id\".\n", "operationId": "getCardAccountTransactionList", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/accountId" }, { "$ref": "#/components/parameters/dateFrom" }, { "$ref": "#/components/parameters/dateTo" }, { "$ref": "#/components/parameters/entryReferenceFrom" }, { "$ref": "#/components/parameters/bookingStatus" }, { "$ref": "#/components/parameters/deltaList" }, { "$ref": "#/components/parameters/withBalanceQuery" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/consentId_HEADER_mandatory" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_CardAccountsTransactions" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/v1/consents": { "post": { "summary": "Create consent", "description": "This method create a consent resource, defining access rights to dedicated accounts of \na given PSU-ID. These accounts are addressed explicitly in the method as \nparameters as a core function.\n\n**Side Effects**\nWhen this Consent Request is a request where the \"recurringIndicator\" equals \"true\", \nand if it exists already a former consent for recurring access on account information \nfor the addressed PSU, then the former consent automatically expires as soon as the new \nconsent request is authorised by the PSU.\n\nOptional Extension:\nAs an option, an ASPSP might optionally accept a specific access right on the access on all psd2 related services for all available accounts. \n\nAs another option an ASPSP might optionally also accept a command, where only access rights are inserted without mentioning the addressed account. \nThe relation to accounts is then handled afterwards between PSU and ASPSP. \nThis option is not supported for the Embedded SCA Approach. \nAs a last option, an ASPSP might in addition accept a command with access rights\n * to see the list of available payment accounts or\n * to see the list of available payment accounts with balances.\n", "operationId": "createConsent", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/TPP-Redirect-Preferred" }, { "$ref": "#/components/parameters/TPP-Redirect-URI" }, { "$ref": "#/components/parameters/TPP-Nok-Redirect-URI" }, { "$ref": "#/components/parameters/TPP-Explicit-Authorisation-Preferred" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "requestBody": { "$ref": "#/components/requestBodies/consents" }, "responses": { "201": { "$ref": "#/components/responses/CREATED_201_Consents" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/v1/consents/{consentId}": { "get": { "summary": "Get Consent Request", "description": "Returns the content of an account information consent object. \nThis is returning the data for the TPP especially in cases, \nwhere the consent was directly managed between ASPSP and PSU e.g. in a re-direct SCA Approach.\n", "operationId": "getConsentInformation", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/consentId_PATH" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_ConsentInformation" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } }, "delete": { "summary": "Delete Consent", "description": "The TPP can delete an account information consent object if needed.", "operationId": "deleteConsent", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/consentId_PATH" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "204": { "$ref": "#/components/responses/NO_CONTENT_204_Consents" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/v1/consents/{consentId}/status": { "get": { "summary": "Consent status request", "description": "Read the status of an account information consent resource.", "operationId": "getConsentStatus", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/consentId_PATH" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_ConsentStatus" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/v1/consents/{consentId}/authorisations": { "post": { "summary": "Start the authorisation process for a consent", "description": "Create an authorisation sub-resource and start the authorisation process of a consent. \nThe message might in addition transmit authentication and authorisation related data.\n\nhis method is iterated n times for a n times SCA authorisation in a \ncorporate context, each creating an own authorisation sub-endpoint for \nthe corresponding PSU authorising the consent.\n\nThe ASPSP might make the usage of this access method unnecessary, \nsince the related authorisation resource will be automatically created by \nthe ASPSP after the submission of the consent data with the first POST consents call.\n\nThe start authorisation process is a process which is needed for creating a new authorisation \nor cancellation sub-resource. \n\nThis applies in the following scenarios:\n\n * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding Payment \n Initiation Response that an explicit start of the authorisation process is needed by the TPP. \n The 'startAuthorisation' hyperlink can transport more information about data which needs to be \n uploaded by using the extended forms.\n * 'startAuthorisationWithPsuIdentfication', \n * 'startAuthorisationWithPsuAuthentication' #TODO\n * 'startAuthorisationWithAuthentciationMethodSelection' \n * The related payment initiation cannot yet be executed since a multilevel SCA is mandated.\n * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding \n Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP. \n The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded \n by using the extended forms as indicated above.\n * The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for \n executing the cancellation.\n * The signing basket needs to be authorised yet.\n", "operationId": "startConsentAuthorisation", "tags": [ "Account Information Service (AIS)", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/consentId_PATH" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "201": { "$ref": "#/components/responses/CREATED_201_StartScaProcess" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } }, "get": { "summary": "Get Consent Authorisation Sub-Resources Request", "description": "Return a list of all authorisation subresources IDs which have been created.\n\nThis function returns an array of hyperlinks to all generated authorisation sub-resources.\n", "operationId": "getConsentAuthorisation", "tags": [ "Account Information Service (AIS)" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/consentId_PATH" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_Authorisations" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/v1/consents/{consentId}/authorisations/{authorisationId}": { "get": { "summary": "Read the SCA status of the consent authorisation.", "description": "This method returns the SCA status of a consent initiation's authorisation sub-resource.\n", "operationId": "getConsentScaStatus", "tags": [ "Account Information Service (AIS)", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/consentId_PATH" }, { "$ref": "#/components/parameters/authorisationId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_ScaStatus" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } }, "put": { "summary": "Update PSU Data for consents", "description": "This method update PSU data on the consents resource if needed. \nIt may authorise a consent within the Embedded SCA Approach where needed.\n\nIndependently from the SCA Approach it supports e.g. the selection of \nthe authentication method and a non-SCA PSU authentication.\n\nThis methods updates PSU data on the cancellation authorisation resource if needed. \n\nThere are several possible Update PSU Data requests in the context of a consent request if needed, \nwhich depends on the SCA approach:\n\n* Redirect SCA Approach:\n A specific Update PSU Data Request is applicable for \n * the selection of authentication methods, before choosing the actual SCA approach.\n* Decoupled SCA Approach:\n A specific Update PSU Data Request is only applicable for\n * adding the PSU Identification, if not provided yet in the Payment Initiation Request or the Account Information Consent Request, or if no OAuth2 access token is used, or\n * the selection of authentication methods.\n* Embedded SCA Approach: \n The Update PSU Data Request might be used \n * to add credentials as a first factor authentication data of the PSU and\n * to select the authentication method and\n * transaction authorisation.\n\nThe SCA Approach might depend on the chosen SCA method. \nFor that reason, the following possible Update PSU Data request can apply to all SCA approaches:\n\n* Select an SCA method in case of several SCA methods are available for the customer.\n\nThere are the following request types on this access path:\n * Update PSU Identification\n * Update PSU Authentication\n * Select PSU Autorization Method \n WARNING: This method need a reduced header, \n therefore many optional elements are not present. \n Maybe in a later version the access path will change.\n * Transaction Authorisation\n WARNING: This method need a reduced header, \n therefore many optional elements are not present. \n Maybe in a later version the access path will change.\n", "operationId": "updateConsentsPsuData", "tags": [ "Account Information Service (AIS)", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/consentId_PATH" }, { "$ref": "#/components/parameters/authorisationId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/PSU-IP-Address_conditionalForAis" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "requestBody": { "content": { "application/json": { "schema": { "oneOf": [ {}, { "$ref": "#/components/schemas/updatePsuAuthentication" }, { "$ref": "#/components/schemas/selectPsuAuthenticationMethod" }, { "$ref": "#/components/schemas/transactionAuthorisation" } ] }, "examples": { "Update PSU Identification/Additional SCA Process (Embedded Approach)": { "value": {} }, "Update PSU Authentication (Embedded Approach)": { "$ref": "#/components/examples/updatePsuAuthenticationExample_Embedded" }, "Select PSU Authentication Method (Embedded Approach)": { "$ref": "#/components/examples/selectPsuAuthenticationMethodExample_Embedded" }, "Transaction Authorisation (Embedded Approach)": { "$ref": "#/components/examples/transactionAuthorisationExample_Embedded" } } } } }, "responses": { "200": { "$ref": "#/components/responses/OK_200_UpdatePsuData" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_AIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_AIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_AIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_AIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_AIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_AIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_AIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_AIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_AIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_AIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_AIS" } } } }, "/v1/funds-confirmations": { "post": { "summary": "Confirmation of Funds Request", "description": "Creates a confirmation of funds request at the ASPSP. Checks whether a specific amount is available at point of time of the request on an account linked to a given tuple card issuer(TPP)/card number, or addressed by IBAN and TPP respectively", "operationId": "checkAvailabilityOfFunds", "tags": [ "Confirmation of Funds Service (PIIS)" ], "parameters": [ { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" } ], "requestBody": { "$ref": "#/components/requestBodies/confirmationOfFunds" }, "responses": { "200": { "$ref": "#/components/responses/OK_200_ConfirmationOfFunds" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_PIIS" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_PIIS" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_PIIS" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_PIIS" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_PIIS" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_PIIS" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_PIIS" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_PIIS" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_PIIS" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_PIIS" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_PIIS" } } } }, "/v1/signing-baskets": { "post": { "summary": "Create a signing basket resource", "description": "Create a signing basket resource for authorising several transactions with one SCA method. \nThe resource identifications of these transactions are contained in the payload of this access method\n", "operationId": "createSigningBasket", "tags": [ "Signing Baskets" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/consentId_HEADER_optional" }, { "$ref": "#/components/parameters/PSU-IP-Address_mandatory" }, { "$ref": "#/components/parameters/TPP-Redirect-Preferred" }, { "$ref": "#/components/parameters/TPP-Redirect-URI" }, { "$ref": "#/components/parameters/TPP-Nok-Redirect-URI" }, { "$ref": "#/components/parameters/TPP-Explicit-Authorisation-Preferred" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "requestBody": { "$ref": "#/components/requestBodies/signingBasket" }, "responses": { "201": { "$ref": "#/components/responses/CREATED_201_SigningBasket" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_SB" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_SB" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_SB" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_SB" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_SB" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_SB" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_SB" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_SB" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_SB" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_SB" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_SB" } } } }, "/v1/signing-baskets/{basketId}": { "get": { "summary": "Returns the content of an signing basket object.", "description": "Returns the content of an signing basket object.", "operationId": "getSigningBasket", "tags": [ "Signing Baskets" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/basketId_PATH" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_GetSigningBasket" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_SB" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_SB" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_SB" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_SB" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_SB" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_SB" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_SB" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_SB" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_SB" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_SB" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_SB" } } }, "delete": { "summary": "Delete the signing basket", "description": "Delete the signing basket structure as long as no (partial) authorisation has yet been applied. \nThe undlerying transactions are not affected by this deletion.\n\nRemark: The signing basket as such is not deletable after a first (partial) authorisation has been applied. \nNevertheless, single transactions might be cancelled on an individual basis on the XS2A interface.\n", "operationId": "deleteSigningBasket", "tags": [ "Signing Baskets", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/basketId_PATH" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "204": { "$ref": "#/components/responses/NO_CONTENT_204_SigningBasket" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_SB" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_SB" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_SB" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_SB" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_SB" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_SB" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_SB" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_SB" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_SB" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_SB" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_SB" } } } }, "/v1/signing-baskets/{basketId}/status": { "get": { "summary": "Read the status of the signing basket", "description": "Returns the status of a signing basket object. \n", "operationId": "getSigningBasketStatus", "tags": [ "Signing Baskets", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/basketId_PATH" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_SigningBasketStatus" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_SB" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_SB" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_SB" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_SB" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_SB" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_SB" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_SB" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_SB" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_SB" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_SB" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_SB" } } } }, "/v1/signing-baskets/{basketId}/authorisations": { "post": { "summary": "Start the authorisation process for a signing basket", "description": "Create an authorisation sub-resource and start the authorisation process of a signing basket. \nThe message might in addition transmit authentication and authorisation related data.\n\nThis method is iterated n times for a n times SCA authorisation in a \ncorporate context, each creating an own authorisation sub-endpoint for \nthe corresponding PSU authorising the signing-baskets.\n\nThe ASPSP might make the usage of this access method unnecessary in case \nof only one SCA process needed, since the related authorisation resource \nmight be automatically created by the ASPSP after the submission of the \npayment data with the first POST signing basket call.\n\nThe start authorisation process is a process which is needed for creating a new authorisation \nor cancellation sub-resource. \n\nThis applies in the following scenarios:\n\n * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding Payment \n Initiation Response that an explicit start of the authorisation process is needed by the TPP. \n The 'startAuthorisation' hyperlink can transport more information about data which needs to be \n uploaded by using the extended forms.\n * 'startAuthorisationWithPsuIdentfication', \n * 'startAuthorisationWithPsuAuthentication' #TODO\n * 'startAuthorisationWithAuthentciationMethodSelection' \n * The related payment initiation cannot yet be executed since a multilevel SCA is mandated.\n * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding \n Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP. \n The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded \n by using the extended forms as indicated above.\n * The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for \n executing the cancellation.\n * The signing basket needs to be authorised yet.\n", "operationId": "startSigningBasketAuthorisation", "tags": [ "Signing Baskets", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/basketId_PATH" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "201": { "$ref": "#/components/responses/CREATED_201_StartScaProcess" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_SB" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_SB" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_SB" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_SB" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_SB" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_SB" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_SB" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_SB" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_SB" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_SB" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_SB" } } }, "get": { "summary": "Get Signing Basket Authorisation Sub-Resources Request", "description": "Read a list of all authorisation subresources IDs which have been created.\n\nThis function returns an array of hyperlinks to all generated authorisation sub-resources.\n", "operationId": "getSigningBasketAuthorisation", "tags": [ "Signing Baskets", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/basketId_PATH" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_Authorisations" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_SB" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_SB" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_SB" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_SB" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_SB" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_SB" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_SB" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_SB" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_SB" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_SB" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_SB" } } } }, "/v1/signing-baskets/{basketId}/authorisations/{authorisationId}": { "put": { "summary": "Update PSU Data for signing basket", "description": "This method update PSU data on the signing basket resource if needed. \nIt may authorise a igning basket within the Embedded SCA Approach where needed.\n\nIndependently from the SCA Approach it supports e.g. the selection of \nthe authentication method and a non-SCA PSU authentication.\n\nThis methods updates PSU data on the cancellation authorisation resource if needed. \n\nThere are several possible Update PSU Data requests in the context of a consent request if needed, \nwhich depends on the SCA approach:\n\n* Redirect SCA Approach:\n A specific Update PSU Data Request is applicable for \n * the selection of authentication methods, before choosing the actual SCA approach.\n* Decoupled SCA Approach:\n A specific Update PSU Data Request is only applicable for\n * adding the PSU Identification, if not provided yet in the Payment Initiation Request or the Account Information Consent Request, or if no OAuth2 access token is used, or\n * the selection of authentication methods.\n* Embedded SCA Approach: \n The Update PSU Data Request might be used \n * to add credentials as a first factor authentication data of the PSU and\n * to select the authentication method and\n * transaction authorisation.\n\nThe SCA Approach might depend on the chosen SCA method. \nFor that reason, the following possible Update PSU Data request can apply to all SCA approaches:\n\n* Select an SCA method in case of several SCA methods are available for the customer.\n\nThere are the following request types on this access path:\n * Update PSU Identification\n * Update PSU Authentication\n * Select PSU Autorization Method \n WARNING: This method need a reduced header, \n therefore many optional elements are not present. \n Maybe in a later version the access path will change.\n * Transaction Authorisation\n WARNING: This method need a reduced header, \n therefore many optional elements are not present. \n Maybe in a later version the access path will change.\n", "operationId": "updateSigningBasketPsuData", "tags": [ "Signing Baskets", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/basketId_PATH" }, { "$ref": "#/components/parameters/authorisationId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-ID" }, { "$ref": "#/components/parameters/PSU-ID-Type" }, { "$ref": "#/components/parameters/PSU-Corporate-ID" }, { "$ref": "#/components/parameters/PSU-Corporate-ID-Type" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "requestBody": { "content": { "application/json": { "schema": { "oneOf": [ {}, { "$ref": "#/components/schemas/updatePsuAuthentication" }, { "$ref": "#/components/schemas/selectPsuAuthenticationMethod" }, { "$ref": "#/components/schemas/transactionAuthorisation" } ] }, "examples": { "Update PSU Identification (Embedded Approach)": { "value": {} }, "Update PSU Authentication (Embedded Approach)": { "$ref": "#/components/examples/updatePsuAuthenticationExample_Embedded" }, "Select PSU Authentication Method (Embedded Approach)": { "$ref": "#/components/examples/selectPsuAuthenticationMethodExample_Embedded" }, "Transaction Authorisation (Embedded Approach)": { "$ref": "#/components/examples/transactionAuthorisationExample_Embedded" } } } } }, "responses": { "200": { "$ref": "#/components/responses/OK_200_UpdatePsuData" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_SB" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_SB" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_SB" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_SB" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_SB" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_SB" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_SB" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_SB" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_SB" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_SB" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_SB" } } }, "get": { "summary": "Read the SCA status of the signing basket authorisation", "description": "This method returns the SCA status of a signing basket's authorisation sub-resource.\n", "operationId": "getSigningBasketScaStatus", "tags": [ "Signing Baskets", "Common Services" ], "security": [ {}, { "BearerAuthOAuth": [] } ], "parameters": [ { "$ref": "#/components/parameters/basketId_PATH" }, { "$ref": "#/components/parameters/authorisationId" }, { "$ref": "#/components/parameters/X-Request-ID" }, { "$ref": "#/components/parameters/Digest" }, { "$ref": "#/components/parameters/Signature" }, { "$ref": "#/components/parameters/TPP-Signature-Certificate" }, { "$ref": "#/components/parameters/PSU-IP-Address_optional" }, { "$ref": "#/components/parameters/PSU-IP-Port" }, { "$ref": "#/components/parameters/PSU-Accept" }, { "$ref": "#/components/parameters/PSU-Accept-Charset" }, { "$ref": "#/components/parameters/PSU-Accept-Encoding" }, { "$ref": "#/components/parameters/PSU-Accept-Language" }, { "$ref": "#/components/parameters/PSU-User-Agent" }, { "$ref": "#/components/parameters/PSU-Http-Method" }, { "$ref": "#/components/parameters/PSU-Device-ID" }, { "$ref": "#/components/parameters/PSU-Geo-Location" } ], "responses": { "200": { "$ref": "#/components/responses/OK_200_ScaStatus" }, "400": { "$ref": "#/components/responses/BAD_REQUEST_400_SB" }, "401": { "$ref": "#/components/responses/UNAUTHORIZED_401_SB" }, "403": { "$ref": "#/components/responses/FORBIDDEN_403_SB" }, "404": { "$ref": "#/components/responses/NOT_FOUND_404_SB" }, "405": { "$ref": "#/components/responses/METHOD_NOT_ALLOWED_405_SB" }, "406": { "$ref": "#/components/responses/NOT_ACCEPTABLE_406_SB" }, "408": { "$ref": "#/components/responses/REQUEST_TIMEOUT_408_SB" }, "415": { "$ref": "#/components/responses/UNSUPPORTED_MEDIA_TYPE_415_SB" }, "429": { "$ref": "#/components/responses/TOO_MANY_REQUESTS_429_SB" }, "500": { "$ref": "#/components/responses/INTERNAL_SERVER_ERROR_500_SB" }, "503": { "$ref": "#/components/responses/SERVICE_UNAVAILABLE_503_SB" } } } } }, "components": { "securitySchemes": { "BearerAuthOAuth": { "description": "Bearer Token. \n\nIs contained only, if an OAuth2 based authentication was performed in a pre-step or \nan OAuth2 based SCA was performed in an preceding AIS service in the same session.\n", "type": "http", "scheme": "bearer" } }, "schemas": { "paymentId": { "description": "Resource identification of the generated payment initiation resource.", "type": "string", "example": "1234-wertiq-983" }, "paymentIdList": { "description": "A list of paymentIds", "type": "array", "minItems": "1", "items": { "$ref": "#/components/schemas/paymentId" } }, "basketId": { "description": "Resource identification of the generated signing basket resource.", "type": "string", "example": "1234-basket-567" }, "authorisationId": { "description": "Resource identification of the related SCA", "type": "string", "example": "123auth456" }, "authenticationMethodId": { "description": "An identification provided by the ASPSP for the later identification of the authentication method selection.\n", "type": "string", "maxLength": "35", "example": "myAuthenticationID" }, "accountId": { "description": "This identification is denoting the addressed account, where the transaction has been performed.", "type": "string", "example": "qwer3456tzui7890" }, "consentId": { "description": "ID of the corresponding consent object as returned by an Account Information Consent Request.\n", "type": "string" }, "consentIdList": { "description": "A list of consentIds", "type": "array", "minItems": "1", "items": { "$ref": "#/components/schemas/consentId" } }, "resourceId": { "description": "This identification is given by the attribute resourceId of the corresponding entry of a transaction list.\n", "type": "string", "example": "3dc3d5b3-7023-4848-9853-f5400a64e80f" }, "cancellationId": { "description": "Identification for cancellation resource", "type": "string", "example": "123auth456" }, "cardTransactionId": { "description": "Unique end to end identity.", "type": "string", "maxLength": "35" }, "terminalId": { "description": "Identification of the Terminal, where the card has been used.", "type": "string", "maxLength": "35" }, "entryReference": { "description": "Is the identification of the transaction as used e.g. for reference for deltafunction on application level.\n", "type": "string", "maxLength": "35" }, "transactionStatus": { "description": "The transaction status is filled with codes of the ISO 20022 data table:\n- 'ACCC': 'AcceptedSettlementCompleted' -\n Settlement on the creditor's account has been completed.\n- 'ACCP': 'AcceptedCustomerProfile' - \n Preceding check of technical validation was successful. \n Customer profile check was also successful.\n- 'ACSC': 'AcceptedSettlementCompleted' - \n Settlement on the debtor?s account has been completed.\n \n **Usage:** this can be used by the first agent to report to the debtor that the transaction has been completed. \n \n **Warning:** this status is provided for transaction status reasons, not for financial information. \n It can only be used after bilateral agreement.\n- 'ACSP': 'AcceptedSettlementInProcess' - \n All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution.\n- 'ACTC': 'AcceptedTechnicalValidation' - \n Authentication and syntactical and semantical validation are successful.\n- 'ACWC': 'AcceptedWithChange' - \n Instruction is accepted but a change will be made, such as date or remittance not sent.\n- 'ACWP': 'AcceptedWithoutPosting' - \n Payment instruction included in the credit transfer is accepted without being posted to the creditor customer?s account.\n- 'RCVD': 'Received' - \n Payment initiation has been received by the receiving agent.\n- 'PDNG': 'Pending' - \n Payment initiation or individual transaction included in the payment initiation is pending. \n Further checks and status update will be performed.\n- 'RJCT': 'Rejected' - \n Payment initiation or individual transaction included in the payment initiation has been rejected.\n- 'CANC': 'Cancelled'\n Payment initiation has been cancelled before execution\n Remark: This code is still requested from ISO20022.\n- 'ACFC': 'AcceptedFundsChecked' -\n Preceeding check of technical validation and customer profile was successful and an automatic funds check was positive .\n Remark: This code is still requested from ISO20022.\n- 'PATC': 'PartiallyAcceptedTechnical'\n Correct The payment initiation needs multiple authentications, where some but not yet all have been performed. Syntactical and semantical validations are successful.\n Remark: This code is still requested from ISO20022.\n", "type": "string", "enum": [ "ACCC", "ACCP", "ACSC", "ACSP", "ACTC", "ACWC", "ACWP", "RCVD", "PDNG", "RJCT", "CANC", "ACFC", "PATC" ], "example": "ACCP" }, "transactionStatus_SB": { "description": "The transaction status is filled with codes of the ISO 20022 data table.\nOnly the codes RCVD, PATC, ACTC, ACWC and RJCT are used:\n- 'ACSP': 'AcceptedSettlementInProcess' - \n All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution.\n- 'ACTC': 'AcceptedTechnicalValidation' - \n Authentication and syntactical and semantical validation are successful.\n- 'ACWC': 'AcceptedWithChange' - \n Instruction is accepted but a change will be made, such as date or remittance not sent.\n- 'RCVD': 'Received' - \n Payment initiation has been received by the receiving agent.\n- 'RJCT': 'Rejected' - \n Payment initiation or individual transaction included in the payment initiation has been rejected.\n", "type": "string", "enum": [ "ACSC", "ACTC", "ACWC", "RCVD", "RJCT" ], "example": "RCVD" }, "scaStatus": { "description": "This data element is containing information about the status of the SCA method applied. \n\nThe following codes are defined for this data type.\n\n * 'received':\n An authorisation or cancellation-authorisation resource has been created successfully.\n * 'psuIdentified':\n The PSU related to the authorisation or cancellation-authorisation resource has been identified.\n * 'psuAuthenticated':\n The PSU related to the authorisation or cancellation-authorisation resource has been identified and authenticated e.g. by a password or by an access token.\n * 'scaMethodSelected':\n The PSU/TPP has selected the related SCA routine. \n If the SCA method is chosen implicitly since only one SCA method is available, \n then this is the first status to be reported instead of 'received'.\n * 'started':\n The addressed SCA routine has been started.\n * 'finalised':\n The SCA routine has been finalised successfully.\n * 'failed':\n The SCA routine failed\n * 'exempted':\n SCA was exempted for the related transaction, the related authorisation is successful.\n", "type": "string", "enum": [ "received", "psuIdentified", "psuAuthenticated", "scaMethodSelected", "started", "finalised", "failed", "exempted" ], "example": "psuAuthenticated" }, "scaAuthenticationData": { "description": "SCA authentication data, depending on the chosen authentication method. \nIf the data is binary, then it is base64 encoded.\n", "type": "string" }, "consentStatus": { "description": "This is the overall lifecycle status of the consent.\n\nValid values are:\n - 'received': The consent data have been received and are technically correct. \n The data is not authorised yet.\n - 'rejected': The consent data have been rejected e.g. since no successful authorisation has taken place.\n - 'valid': The consent is accepted and valid for GET account data calls and others as specified in the consent object.\n - 'revokedByPsu': The consent has been revoked by the PSU towards the ASPSP.\n - 'expired': The consent expired.\n - 'terminatedByTpp': The corresponding TPP has terminated the consent by applying the DELETE method to the consent resource.\n\nThe ASPSP might add further codes. These codes then shall be contained in the ASPSP's documentation of the XS2A interface \nand has to be added to this API definition as well.\n", "type": "string", "enum": [ "received", "rejected", "valid", "revokedByPsu", "expired", "terminatedByTpp" ] }, "transactionFeeIndicator": { "description": "If equals 'true', the transaction will involve specific transaction cost as shown by the ASPSP in\ntheir public price list or as agreed between ASPSP and PSU.\nIf equals 'false', the transaction will not involve additional specific transaction costs to the PSU.\n", "type": "boolean" }, "recurringIndicator": { "description": "\"true\", if the consent is for recurring access to the account data.\n\n\"false\", if the consent is for one access to the account data.\n", "type": "boolean", "example": "false" }, "combinedServiceIndicator": { "description": "If \"true\" indicates that a payment initiation service will be addressed in the same \"session\".\n", "type": "boolean", "example": "false" }, "batchBookingPreferred": { "description": "If this element equals 'true', the PSU prefers only one booking entry. \nIf this element equals 'false', the PSU prefers individual booking of all contained individual transactions. \n\nThe ASPSP will follow this preference according to contracts agreed on with the PSU.\n", "type": "boolean", "example": "false" }, "scaMethods": { "description": "This data element might be contained, if SCA is required and if the PSU has a choice between different\nauthentication methods.\n\nDepending on the risk management of the ASPSP this choice might be offered before or after the PSU\nhas been identified with the first relevant factor, or if an access token is transported.\n\nIf this data element is contained, then there is also an hyperlink of type 'startAuthorisationWithAuthenticationMethodSelection'\ncontained in the response body.\n\nThese methods shall be presented towards the PSU for selection by the TPP.\n", "type": "array", "items": { "$ref": "#/components/schemas/authenticationObject" } }, "chosenScaMethod": { "$ref": "#/components/schemas/authenticationObject" }, "authenticationType": { "description": "Type of the authentication method.\n\nMore authentication types might be added during implementation projects and documented in the ASPSP documentation.\n\n - 'SMS_OTP': An SCA method, where an OTP linked to the transaction to be authorised is sent to the PSU through a SMS channel.\n - 'CHIP_OTP': An SCA method, where an OTP is generated by a chip card, e.g. an TOP derived from an EMV cryptogram. \n To contact the card, the PSU normally needs a (handheld) device. \n With this device, the PSU either reads the challenging data through a visual interface like flickering or \n the PSU types in the challenge through the device key pad. \n The device then derives an OTP from the challenge data and displays the OTP to the PSU.\n - 'PHOTO_OTP': An SCA method, where the challenge is a QR code or similar encoded visual data \n which can be read in by a consumer device or specific mobile app. \n The device resp. the specific app than derives an OTP from the visual challenge data and displays \n the OTP to the PSU.\n - 'PUSH_OTP': An OTP is pushed to a dedicated authentication APP and displayed to the PSU.\n", "type": "string", "enum": [ "SMS_OTP", "CHIP_OTP", "PHOTO_OTP", "PUSH_OTP" ] }, "authenticationObject": { "description": "Authentication Object\n", "type": "object", "required": [ "authenticationType", "authenticationMethodId" ], "properties": { "authenticationType": { "$ref": "#/components/schemas/authenticationType" }, "authenticationVersion": { "description": "Depending on the \"authenticationType\".\nThis version can be used by differentiating authentication tools used within performing OTP generation in the same authentication type.\nThis version can be referred to in the ASPSP?s documentation.\n", "type": "string" }, "authenticationMethodId": { "$ref": "#/components/schemas/authenticationMethodId" }, "name": { "description": "This is the name of the authentication method defined by the PSU in the Online Banking frontend of the ASPSP.\nAlternatively this could be a description provided by the ASPSP like \"SMS OTP on phone +49160 xxxxx 28\".\nThis name shall be used by the TPP when presenting a list of authentication methods to the PSU, if available.\n", "type": "string", "example": "SMS OTP on phone +49160 xxxxx 28" }, "explanation": { "description": "Detailed information about the SCA method for the PSU.\n", "type": "string", "example": "Detailed information about the SCA method for the PSU." } } }, "signingBasket": { "description": "JSON Body of a establish signing basket request.\nThe body shall contain at least one entry.\n", "type": "object", "properties": { "paymentIds": { "$ref": "#/components/schemas/paymentIdList" }, "consentIds": { "$ref": "#/components/schemas/consentIdList" } } }, "challengeData": { "description": "It is contained in addition to the data element 'chosenScaMethod' if challenge data is needed for SCA.\nIn rare cases this attribute is also used in the context of the 'startAuthorisationWithPsuAuthentication' link.\n", "type": "object", "properties": { "image": { "type": "string", "format": "byte", "description": "PNG data (max. 512 kilobyte) to be displayed to the PSU,\nBase64 encoding, cp. [RFC4648].\nThis attribute is used only, when PHOTO_OTP or CHIP_OTP\nis the selected SCA method.\n" }, "data": { "type": "string", "description": "String challenge data" }, "imageLink": { "type": "string", "format": "url", "description": "A link where the ASPSP will provides the challenge image for the TPP." }, "otpMaxLength": { "type": "integer", "description": "The maximal length for the OTP to be typed in by the PSU." }, "otpFormat": { "type": "string", "description": "The format type of the OTP to be typed in. The admitted values are \"characters\" or \"integer\".", "enum": [ "characters", "integer" ] }, "additionalInformation": { "type": "string", "description": "Additional explanation for the PSU to explain\ne.g. fallback mechanism for the chosen SCA method.\nThe TPP is obliged to show this to the PSU.\n" } } }, "hrefType": { "description": "Link to a resource", "type": "string", "example": "/v1/payments/sepa-credit-transfers/1234-wertiq-983" }, "authorisationsList": { "description": "An array of all authorisationIds", "type": "array", "items": { "$ref": "#/components/schemas/authorisationId" } }, "authorisations": { "description": "An array of all authorisationIds", "type": "object", "required": [ "authorisationIds" ], "properties": { "authorisationIds": { "$ref": "#/components/schemas/authorisationsList" } } }, "accountReference": { "description": "Reference to an account by either\n * IBAN, of a payment accounts, or\n * BBAN, for payment accounts if there is no IBAN, or \n * the Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements, or\n * the Primary Account Number (PAN) of a card in a masked form, or\n * an alias to access a payment account via a registered mobile phone number (MSISDN).\n", "type": "object", "properties": { "iban": { "$ref": "#/components/schemas/iban" }, "bban": { "$ref": "#/components/schemas/bban" }, "pan": { "$ref": "#/components/schemas/pan" }, "maskedPan": { "$ref": "#/components/schemas/maskedPan" }, "msisdn": { "$ref": "#/components/schemas/msisdn" }, "currency": { "$ref": "#/components/schemas/currencyCode" } } }, "balanceType": { "description": "The following balance types are defined:\n - \"closingBooked\": \n Balance of the account at the end of the pre-agreed account reporting period. \n It is the sum of the opening booked balance at the beginning of the period and all entries booked \n to the account during the pre-agreed account reporting period.\n \n For card-accounts, this is composed of\n \n - invoiced, but not yet paid entries\n \n - \"expected\":\n Balance composed of booked entries and pending items known at the time of calculation, \n which projects the end of day balance if everything is booked on the account and no other entry is posted.\n \n For card accounts, this is composed of \n - invoiced, but not yet paid entries, \n - not yet invoiced but already booked entries and\n - pending items (not yet booked)\n \n - \"authorised\":\n The expected balance together with the value of a pre-approved credit line the ASPSP makes permanently available to the user.\n \n For card-accounts:\n \n \"money to spend with the value of a pre-approved credit limit on the card account\"\n \n - \"openingBooked\":\n Book balance of the account at the beginning of the account reporting period. \n It always equals the closing book balance from the previous report.\n - \"interimAvailable\":\n Available balance calculated in the course of the account ?servicer?s business day, \n at the time specified, and subject to further changes during the business day. \n The interim balance is calculated on the basis of booked credit and debit items during the calculation \n time/period specified.\n \n For card-accounts, this is composed of\n - invoiced, but not yet paid entries, \n - not yet invoiced but already booked entries\n - \"forwardAvailable\":\n Forward available balance of money that is at the disposal of the account owner on the date specified.\n - \"nonInvoiced\": \n Only for card accounts, to be checked yet. \n", "type": "string", "enum": [ "closingBooked", "expected", "authorised", "openingBooked", "interimAvailable", "forwardAvailable", "nonInvoiced" ] }, "accountAccess": { "description": "Requested access services for a consent.\n", "type": "object", "properties": { "accounts": { "description": "Is asking for detailed account information. \n\nIf the array is empty, the TPP is asking for an accessible account list. \nThis may be restricted in a PSU/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for balances or transactions shall be empty, if used.\n", "type": "array", "items": { "$ref": "#/components/schemas/accountReference" } }, "balances": { "description": "Is asking for balances of the addressed accounts.\n\nIf the array is empty, the TPP is asking for the balances of all accessible account lists. \nThis may be restricted in a PSU/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for accounts or transactions shall be empty, if used.\n", "type": "array", "items": { "$ref": "#/components/schemas/accountReference" } }, "transactions": { "description": "Is asking for transactions of the addressed accounts. \n\nIf the array is empty, the TPP is asking for the transactions of all accessible account lists. \nThis may be restricted in a PSU/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for accounts or balances shall be empty, if used.\n", "type": "array", "items": { "$ref": "#/components/schemas/accountReference" } }, "availableAccounts": { "description": "Optional if supported by API provider.\n\nOnly the values \"allAccounts\" or \"allAccountsWithBalances\" is admitted.\n", "type": "string", "enum": [ "allAccounts", "allAccountsWithBalances" ] }, "allPsd2": { "description": "Optional if supported by API provider.\n\nOnly the value \"allAccounts\" is admitted.\n", "type": "string", "enum": [ "allAccounts" ] } } }, "cashAccountType": { "description": "ExternalCashAccountType1Code from ISO 20022.\n", "type": "string" }, "accountStatus": { "description": "Account status. The value is one of the following:\n - \"enabled\": account is available\n - \"deleted\": account is terminated\n - \"blocked\": account is blocked e.g. for legal reasons\nIf this field is not used, than the account is available in the sense of this specification.\n", "type": "string", "enum": [ "enabled", "deleted", "blocked" ] }, "accountDetails": { "description": "The ASPSP shall give at least one of the account reference identifiers:\n - iban\n - bban\n - pan\n - maskedPan\n - msisdn\nIf the account is a multicurrency account currency code in \"currency\" is set to \"XXX\".\n", "type": "object", "required": [ "currency" ], "properties": { "resourceId": { "description": "This shall be filled, if addressable resource are created by the ASPSP on the /accounts or /card-accounts endpoint.", "type": "string" }, "iban": { "$ref": "#/components/schemas/iban" }, "bban": { "$ref": "#/components/schemas/bban" }, "msisdn": { "$ref": "#/components/schemas/msisdn" }, "currency": { "$ref": "#/components/schemas/currencyCode" }, "name": { "description": "Name of the account given by the bank or the PSU in online-banking.", "type": "string", "maxLength": "35" }, "product": { "description": "Product name of the bank for this account, proprietary definition.", "type": "string", "maxLength": "35" }, "cashAccountType": { "$ref": "#/components/schemas/cashAccountType" }, "status": { "$ref": "#/components/schemas/accountStatus" }, "bic": { "$ref": "#/components/schemas/bicfi" }, "linkedAccounts": { "description": "Case of a set of pending card transactions, the APSP will provide the relevant cash account the card is set up on.", "type": "string", "maxLength": "70" }, "usage": { "description": "Specifies the usage of the account\n * PRIV: private personal account\n * ORGA: professional account\n", "type": "string", "maxLength": "4", "enum": [ "PRIV", "ORGA" ] }, "details": { "description": "Specifications that might be provided by the ASPSP\n - characteristics of the account\n - characteristics of the relevant card\n", "type": "string", "maxLength": "140" }, "balances": { "$ref": "#/components/schemas/balanceList" }, "_links": { "$ref": "#/components/schemas/_linksAccountDetails" } } }, "cardAccountDetails": { "description": "Card account details\n", "type": "object", "required": [ "maskedPan", "currency" ], "properties": { "resourceId": { "description": "This is the data element to be used in the path when retrieving data from a dedicated account.\nThis shall be filled, if addressable resource are created by the ASPSP on the /card-accounts endpoint.\n", "type": "string" }, "maskedPan": { "$ref": "#/components/schemas/maskedPan" }, "currency": { "$ref": "#/components/schemas/currencyCode" }, "name": { "description": "Name of the account given by the bank or the PSU in online-banking.", "type": "string", "maxLength": "35" }, "product": { "description": "Product name of the bank for this account, proprietary definition.", "type": "string", "maxLength": "35" }, "status": { "$ref": "#/components/schemas/accountStatus" }, "usage": { "description": "Specifies the usage of the account\n * PRIV: private personal account\n * ORGA: professional account\n", "type": "string", "maxLength": "4", "enum": [ "PRIV", "ORGA" ] }, "details": { "description": "Specifications that might be provided by the ASPSP\n - characteristics of the account\n - characteristics of the relevant card\n", "type": "string", "maxLength": "140" }, "creditLimit": { "$ref": "#/components/schemas/amount" }, "balances": { "$ref": "#/components/schemas/balanceList" }, "_links": { "$ref": "#/components/schemas/_linksAccountDetails" } } }, "accountList": { "description": "List of accounts with details.\n", "type": "object", "required": [ "accounts" ], "properties": { "accounts": { "type": "array", "items": { "$ref": "#/components/schemas/accountDetails" } } } }, "cardAccountList": { "description": "List of card accounts with details.\n", "type": "object", "required": [ "cardAccounts" ], "properties": { "cardAccounts": { "type": "array", "items": { "$ref": "#/components/schemas/cardAccountDetails" } } } }, "accountReport": { "description": "JSON based account report.\nThis account report contains transactions resulting from the query parameters.\n\n'booked' shall be contained if bookingStatus parameter is set to \"booked\" or \"both\".\n\n'pending' is not contained if the bookingStatus parameter is set to \"booked\".\n", "type": "object", "required": [ "_links" ], "properties": { "booked": { "$ref": "#/components/schemas/transactionList" }, "pending": { "$ref": "#/components/schemas/transactionList" }, "_links": { "$ref": "#/components/schemas/_linksAccountReport" } } }, "cardAccountReport": { "description": "JSON based card account report.\n\nThis card account report contains transactions resulting from the query parameters.\n", "type": "object", "required": [ "booked", "_links" ], "properties": { "booked": { "$ref": "#/components/schemas/cardTransactionList" }, "pending": { "$ref": "#/components/schemas/cardTransactionList" }, "_links": { "$ref": "#/components/schemas/_linksCardAccountReport" } } }, "transactionList": { "description": "Array of transaction details", "type": "array", "items": { "$ref": "#/components/schemas/transactionDetails" } }, "cardTransactionList": { "description": "Array of transaction details", "type": "array", "items": { "$ref": "#/components/schemas/cardTransaction" } }, "transactionDetails": { "description": "Transaction details", "type": "object", "required": [ "transactionAmount" ], "properties": { "transactionId": { "description": "the Transaction Id can be used as access-ID in the API, where more details on an transaction is offered. \nIf this data attribute is provided this shows that the AIS can get access on more details about this \ntransaction using the GET Transaction Details Request \n", "type": "string" }, "entryReference": { "description": "Is the identification of the transaction as used e.g. for reference for deltafunction on application level. \nThe same identification as for example used within camt.05x messages.\n", "type": "string", "maxLength": "35" }, "endToEndId": { "description": "Unique end to end identity.", "type": "string", "maxLength": "35" }, "mandateId": { "description": "Identification of Mandates, e.g. a SEPA Mandate ID.", "type": "string", "maxLength": "35" }, "checkId": { "description": "Identification of a Cheque.", "type": "string", "maxLength": "35" }, "creditorId": { "description": "Identification of Creditors, e.g. a SEPA Creditor ID.", "type": "string", "maxLength": "35" }, "bookingDate": { "$ref": "#/components/schemas/bookingDate" }, "valueDate": { "description": "The Date at which assets become available to the account owner in case of a credit.", "type": "string", "format": "date" }, "transactionAmount": { "$ref": "#/components/schemas/amount" }, "exchangeRate": { "$ref": "#/components/schemas/exchangeRateList" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "ultimateCreditor": { "$ref": "#/components/schemas/ultimateCreditor" }, "debtorName": { "$ref": "#/components/schemas/debtorName" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "ultimateDebtor": { "$ref": "#/components/schemas/ultimateDebtor" }, "remittanceInformationUnstructured": { "type": "string", "maxLength": "140" }, "remittanceInformationStructured": { "description": "Reference as contained in the structured remittance reference structure (without the surrounding XML structure).\n\nDifferent from other places the content is containt in plain form not in form of a structered field.\n", "type": "string", "maxLength": "140" }, "purposeCode": { "$ref": "#/components/schemas/purposeCode" }, "bankTransactionCode": { "$ref": "#/components/schemas/bankTransactionCode" }, "proprietaryBankTransactionCode": { "$ref": "#/components/schemas/proprietaryBankTransactionCode" }, "_links": { "$ref": "#/components/schemas/_linksTransactionDetails" } } }, "cardTransaction": { "description": "Card transaction information", "type": "object", "required": [ "transactionAmount" ], "properties": { "cardTransactionId": { "$ref": "#/components/schemas/cardTransactionId" }, "terminalId": { "$ref": "#/components/schemas/terminalId" }, "transactionDate": { "$ref": "#/components/schemas/transactionDate" }, "bookingDate": { "$ref": "#/components/schemas/bookingDate" }, "transactionAmount": { "$ref": "#/components/schemas/amount" }, "exchangeRate": { "$ref": "#/components/schemas/exchangeRateList" }, "originalAmount": { "$ref": "#/components/schemas/amount" }, "markupFee": { "$ref": "#/components/schemas/amount" }, "markupFeePercentage": { "type": "string" }, "cardAcceptorId": { "type": "string", "maxLength": "35" }, "cardAcceptorAddress": { "$ref": "#/components/schemas/address" }, "cardAcceptorCategoryCode": { "$ref": "#/components/schemas/cardAcceptorCategoryCode" }, "maskedPAN": { "$ref": "#/components/schemas/maskedPan" }, "transactionDetails": { "type": "string", "maxLength": "140" }, "invoiced": { "type": "boolean" }, "proprietaryBankTransactionCode": { "$ref": "#/components/schemas/proprietaryBankTransactionCode" } } }, "exchangeRateList": { "description": "Array of exchange rates", "type": "array", "items": { "$ref": "#/components/schemas/exchangeRate" } }, "exchangeRate": { "description": "Exchange Rate", "type": "object", "required": [ "sourceCurrency", "rate", "unitCurrency", "targetCurrency", "rateDate" ], "properties": { "sourceCurrency": { "$ref": "#/components/schemas/currencyCode" }, "rate": { "type": "string" }, "unitCurrency": { "type": "string" }, "targetCurrency": { "$ref": "#/components/schemas/currencyCode" }, "rateDate": { "type": "string", "format": "date" }, "rateContract": { "type": "string" } } }, "balance": { "description": "A single balance element\n", "type": "object", "required": [ "balanceAmount", "balanceType" ], "properties": { "balanceAmount": { "$ref": "#/components/schemas/amount" }, "balanceType": { "$ref": "#/components/schemas/balanceType" }, "lastChangeDateTime": { "description": "This data element might be used to indicate e.g. with the expected or booked balance that no action is known \non the account, which is not yet booked.\n", "type": "string", "format": "date-time" }, "referenceDate": { "description": "Reference date of the balance", "type": "string", "format": "date" }, "lastCommittedTransaction": { "description": "\"entryReference\" of the last commited transaction to support the TPP in identifying whether all \nPSU transactions are already known.\n", "type": "string", "maxLength": "35" } } }, "balanceList": { "description": "A list of balances regarding this account, e.g. the current balance, the last booked balance.\nThe list migght be restricted to the current ballance.\n", "type": "array", "items": { "$ref": "#/components/schemas/balance" } }, "cancellationList": { "description": "An array of all cancellationIds connected to this resource.", "type": "array", "items": { "$ref": "#/components/schemas/cancellationId" } }, "bicfi": { "description": "BICFI\n", "type": "string", "pattern": "[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}", "example": "AAAADEBBXXX" }, "pan": { "description": "Primary Account Number according to ISO/IEC 7812.\n", "type": "string", "maxLength": "35", "example": "5409050000000000" }, "maskedPan": { "description": "Masked Primary Account Number\n", "type": "string", "maxLength": "35", "example": "123456xxxxxx1234" }, "bban": { "description": "Basic Bank Account Number (BBAN) Identifier\n\nThis data element can be used in the body of the Consent Request\n Message for retrieving Account access Consent from this Account. This\n data elements is used for payment Accounts which have no IBAN.\n ISO20022: Basic Bank Account Number (BBAN). \n \n Identifier used nationally by financial institutions, i.e., in individual countries, \n generally as part of a National Account Numbering Scheme(s), \n which uniquely identifies the account of a customer.\n", "type": "string", "pattern": "[a-zA-Z0-9]{1,30}", "example": "BARC12345612345678" }, "msisdn": { "type": "string", "maxLength": "35", "description": "Mobile phone number.", "example": "+49 170 1234567" }, "iban": { "type": "string", "description": "IBAN of an account", "pattern": "[A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30}", "example": "FR7612345987650123456789014" }, "address": { "type": "object", "required": [ "country" ], "properties": { "street": { "type": "string", "maxLength": "70" }, "buildingNumber": { "type": "string" }, "city": { "type": "string" }, "postalCode": { "type": "string" }, "country": { "$ref": "#/components/schemas/countryCode" } }, "example": { "street": "rue blue", "buildingnNumber": "89", "city": "Paris", "postalCode": "75000", "country": "FR" } }, "countryCode": { "description": "ISO 3166 ALPHA2 country code", "type": "string", "pattern": "[A-Z]{2}", "example": "SE" }, "amount": { "type": "object", "required": [ "currency", "amount" ], "properties": { "currency": { "$ref": "#/components/schemas/currencyCode" }, "amount": { "$ref": "#/components/schemas/amountValue" } }, "example": { "currency": "EUR", "amount": "123" } }, "currencyCode": { "description": "ISO 4217 Alpha 3 currency code\n", "type": "string", "pattern": "[A-Z]{3}", "example": "EUR" }, "amountValue": { "description": "The amount given with fractional digits, where fractions must be compliant to the currency definition.\nUp to 14 significant figures. Negative amounts are signed by minus.\nThe decimal separator is a dot.\n\n**Example:**\nValid representations for EUR with up to two decimals are:\n\n * 1056\n * 5768.2\n * -1.50\n * 5877.78\n", "type": "string", "pattern": "-?[0-9]{1,14}(\\.[0-9]{1,3})?", "example": "5877.78" }, "remittanceInformationStructured": { "description": "Structured remittance information\n", "type": "object", "required": [ "reference" ], "properties": { "reference": { "type": "string", "maxLength": "35" }, "referenceType": { "type": "string", "maxLength": "35" }, "referenceIssuer": { "type": "string", "maxLength": "35" } } }, "remittanceInformationUnstructured": { "description": "Unstructured remittance information\n", "type": "string", "maxLength": "140", "example": "Ref Number Merchant" }, "purposeCode": { "description": "ExternalPurpose1Code from ISO 20022.\n\nValues from ISO 20022 External Code List ExternalCodeSets_1Q2018 June 2018.\n", "type": "string", "enum": [ "BKDF", "BKFE", "BKFM", "BKIP", "BKPP", "CBLK", "CDCB", "CDCD", "CDCS", "CDDP", "CDOC", "CDQC", "ETUP", "FCOL", "MTUP", "ACCT", "CASH", "COLL", "CSDB", "DEPT", "INTC", "LIMA", "NETT", "BFWD", "CCIR", "CCPC", "CCPM", "CCSM", "CRDS", "CRPR", "CRSP", "CRTL", "EQPT", "EQUS", "EXPT", "EXTD", "FIXI", "FWBC", "FWCC", "FWSB", "FWSC", "MARG", "MBSB", "MBSC", "MGCC", "MGSC", "OCCC", "OPBC", "OPCC", "OPSB", "OPSC", "OPTN", "OTCD", "REPO", "RPBC", "RPCC", "RPSB", "RPSC", "RVPO", "SBSC", "SCIE", "SCIR", "SCRP", "SHBC", "SHCC", "SHSL", "SLEB", "SLOA", "SWBC", "SWCC", "SWPT", "SWSB", "SWSC", "TBAS", "TBBC", "TBCC", "TRCP", "AGRT", "AREN", "BEXP", "BOCE", "COMC", "CPYR", "GDDS", "GDSV", "GSCB", "LICF", "MP2B", "POPE", "ROYA", "SCVE", "SERV", "SUBS", "SUPP", "TRAD", "CHAR", "COMT", "MP2P", "ECPG", "ECPR", "ECPU", "EPAY", "CLPR", "COMP", "DBTC", "GOVI", "HLRP", "HLST", "INPC", "INPR", "INSC", "INSU", "INTE", "LBRI", "LIFI", "LOAN", "LOAR", "PENO", "PPTI", "RELG", "RINP", "TRFD", "FORW", "FXNT", "ADMG", "ADVA", "BCDM", "BCFG", "BLDM", "BNET", "CBFF", "CBFR", "CCRD", "CDBL", "CFEE", "CGDD", "CORT", "COST", "CPKC", "DCRD", "DSMT", "DVPM", "EDUC", "FACT", "FAND", "FCPM", "FEES", "GOVT", "ICCP", "IDCP", "IHRP", "INSM", "IVPT", "MCDM", "MCFG", "MSVC", "NOWS", "OCDM", "OCFG", "OFEE", "OTHR", "PADD", "PTSP", "RCKE", "RCPT", "REBT", "REFU", "RENT", "REOD", "RIMB", "RPNT", "RRBN", "RVPM", "SLPI", "SPLT", "STDY", "TBAN", "TBIL", "TCSC", "TELI", "TMPG", "TPRI", "TPRP", "TRNC", "TRVC", "WEBI", "ANNI", "CAFI", "CFDI", "CMDT", "DERI", "DIVD", "FREX", "HEDG", "INVS", "PRME", "SAVG", "SECU", "SEPI", "TREA", "UNIT", "FNET", "FUTR", "ANTS", "CVCF", "DMEQ", "DNTS", "HLTC", "HLTI", "HSPC", "ICRF", "LTCF", "MAFC", "MARF", "MDCS", "VIEW", "CDEP", "SWFP", "SWPP", "SWRS", "SWUF", "ADCS", "AEMP", "ALLW", "ALMY", "BBSC", "BECH", "BENE", "BONU", "CCHD", "COMM", "CSLP", "GFRP", "GVEA", "GVEB", "GVEC", "GVED", "GWLT", "HREC", "PAYR", "PEFC", "PENS", "PRCP", "RHBS", "SALA", "SSBE", "LBIN", "LCOL", "LFEE", "LMEQ", "LMFI", "LMRK", "LREB", "LREV", "LSFL", "ESTX", "FWLV", "GSTX", "HSTX", "INTX", "NITX", "PTXP", "RDTX", "TAXS", "VATX", "WHLD", "TAXR", "B112", "BR12", "TLRF", "TLRR", "AIRB", "BUSB", "FERB", "RLWY", "TRPT", "CBTV", "ELEC", "ENRG", "GASB", "NWCH", "NWCM", "OTLC", "PHON", "UBIL", "WTER" ] }, "cardAcceptorCategoryCode": { "description": "Card Acceptor Category Code of the Card Acceptor as given in the related card transaction. \n", "type": "string" }, "bankTransactionCode": { "description": "Bank transaction code as used by the ASPSP and using the sub elements of this structured code defined by ISO 20022. \n\nThis code type is concatenating the three ISO20022 Codes \n * Domain Code, \n * Family Code, and \n * SubFamiliy Code \nby hyphens, resulting in ?DomainCode?-?FamilyCode?-?SubFamilyCode?.\n", "type": "string", "example": "PMNT-RCDT-ESCT" }, "proprietaryBankTransactionCode": { "description": "Proprietary bank transaction code as used within a community or within an ASPSP e.g. \nfor MT94x based transaction reports.\n", "type": "string", "maxLength": "35" }, "frequencyCode": { "description": "The following codes from the \"EventFrequency7Code\" of ISO 20022 are supported.\n- \"Daily\"\n- \"Weekly\"\n- \"EveryTwoWeeks\"\n- \"Monthly\"\n- \"EveryTwoMonths\"\n- \"Quarterly\"\n- \"SemiAnnual\"\n- \"Annual\"\n", "type": "string", "enum": [ "Daily", "Weekly", "EveryTwoWeeks", "Monthly", "EveryTwoMonths", "Quarterly", "SemiAnnual", "Annual" ] }, "frequencyPerDay": { "description": "This field indicates the requested maximum frequency for an access without PSU involvement per day.\nFor a one-off access, this attribute is set to \"1\".\n", "type": "integer", "example": "4" }, "dayOfExecution": { "description": "Day of execution as string.\n\nThis string consists of up two characters.\nLeading zeroes are not allowed.\n\n31 is ultimo of the month.\n", "type": "string", "maxLength": "2", "enum": [ "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20", "21", "22", "23", "24", "25", "26", "27", "28", "29", "30", "31" ] }, "executionRule": { "description": "\"following\" or \"preceeding\" supported as values. \nThis data attribute defines the behavior when recurring payment dates falls on a weekend or bank holiday. \nThe payment is then executed either the \"preceeding\" or \"following\" working day.\nASPSP might reject the request due to the communicated value, if rules in Online-Banking are not supporting \nthis execution rule.\n", "type": "string", "enum": [ "following", "preceeding" ] }, "psuData": { "description": "PSU Data for Update PSU Authentication.", "type": "object", "required": [ "password" ], "properties": { "password": { "description": "Password", "type": "string" } } }, "psuMessageText": { "description": "Text to be displayed to the PSU", "type": "string", "maxLength": "512" }, "creditorName": { "description": "Creditor Name", "type": "string", "maxLength": "70", "example": "Creditor Name" }, "debtorName": { "description": "Debtor Name", "type": "string", "maxLength": "70", "example": "Debtor Name" }, "ultimateDebtor": { "description": "Ultimate Debtor", "type": "string", "maxLength": "70", "example": "Ultimate Debtor" }, "ultimateCreditor": { "description": "Ultimate Creditor", "type": "string", "maxLength": "70", "example": "Ultimate Creditor" }, "transactionDate": { "description": "Date of the actual card transaction", "type": "string", "format": "date" }, "startDate": { "description": "The first applicable day of execution starting from this date is the first payment.\n", "type": "string", "format": "date" }, "endDate": { "description": "The last applicable day of execution\nIf not given, it is an infinite standing order.\n", "type": "string", "format": "date" }, "bookingDate": { "description": "The Date when an entry is posted to an account on the ASPSPs books.\n", "type": "string", "format": "date" }, "validUntil": { "description": "This parameter is requesting a valid until date for the requested consent. \nThe content is the local ASPSP date in ISO-Date Format, e.g. 2017-10-30. \n\nFuture dates might get adjusted by ASPSP. \n\nIf a maximal available date is requested, a date in far future is to be used: \"9999-12-31\". \n\nIn both cases the consent object to be retrieved by the GET Consent Request will contain the adjusted date.\n", "type": "string", "format": "date", "example": "2020-12-31" }, "lastActionDate": { "description": "This date is containing the date of the last action on the consent object either through \nthe XS2A interface or the PSU/ASPSP interface having an impact on the status.\n", "type": "string", "format": "date", "example": "2018-07-01" }, "paymentInitiationSct_json": { "description": "Body for a SCT payment initation.\n", "type": "object", "required": [ "debtorAccount", "instructedAmount", "creditorAccount", "creditorName" ], "properties": { "endToEndIdentification": { "type": "string", "maxLength": "35" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "$ref": "#/components/schemas/remittanceInformationUnstructured" } } }, "paymentInitiationSctInst_json": { "description": "Body for a SCT INST payment initation.\n", "type": "object", "required": [ "debtorAccount", "instructedAmount", "creditorAccount", "creditorName" ], "properties": { "endToEndIdentification": { "type": "string", "maxLength": "35" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "type": "string", "maxLength": "140" } } }, "paymentInitiationTarget2_json": { "description": "Body for a TARGET-2 payment initation.\n", "type": "object", "required": [ "debtorAccount", "instructedAmount", "creditorAccount", "creditorName" ], "properties": { "endToEndIdentification": { "type": "string", "maxLength": "35" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "type": "string", "maxLength": "140" } } }, "paymentInitiationCrossBorder_json": { "description": "JSON body for a cross-border payment initation.\n", "type": "object", "required": [ "debtorAccount", "instructedAmount", "creditorAccount", "creditorName" ], "properties": { "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "type": "string", "maxLength": "140" } } }, "paymentInitiationSctBulkElement_json": { "description": "Body for a bulk SCT payment initation.\n", "type": "object", "required": [ "instructedAmount", "creditorAccount", "creditorName" ], "properties": { "endToEndIdentification": { "type": "string", "maxLength": "35" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "$ref": "#/components/schemas/remittanceInformationUnstructured" } } }, "paymentInitiationSctInstBulkElement_json": { "description": "Body for a SCT INST payment initation.\n", "type": "object", "required": [ "instructedAmount", "creditorAccount", "creditorName" ], "properties": { "endToEndIdentification": { "type": "string", "maxLength": "35" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "type": "string", "maxLength": "140" } } }, "paymentInitiationTarget2BulkElement_json": { "description": "Body for a bulk TARGET-2 payment initation.\n", "type": "object", "required": [ "instructedAmount", "creditorAccount", "creditorName" ], "properties": { "endToEndIdentification": { "type": "string", "maxLength": "35" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "type": "string", "maxLength": "140" } } }, "paymentInitiationCrossBorderBulkElement_json": { "description": "JSON body for a cross-border payment initation.\n", "type": "object", "required": [ "instructedAmount", "creditorAccount", "creditorName" ], "properties": { "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "type": "string", "maxLength": "140" } } }, "periodicPaymentInitiationSct_json": { "description": "JSON Body for a periodic SCT payment initation.\n", "type": "object", "required": [ "debtorAccount", "instructedAmount", "creditorAccount", "creditorName", "startDate", "frequency" ], "properties": { "endToEndIdentification": { "type": "string", "maxLength": "35" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "$ref": "#/components/schemas/remittanceInformationUnstructured" }, "startDate": { "$ref": "#/components/schemas/startDate" }, "endDate": { "$ref": "#/components/schemas/endDate" }, "executionRule": { "$ref": "#/components/schemas/executionRule" }, "frequency": { "$ref": "#/components/schemas/frequencyCode" }, "dayOfExecution": { "$ref": "#/components/schemas/dayOfExecution" } } }, "periodicPaymentInitiationSctInst_json": { "description": "JSON Body for a periodic SCT INST payment initation.\n", "type": "object", "required": [ "debtorAccount", "instructedAmount", "creditorAccount", "creditorName", "startDate", "frequency" ], "properties": { "endToEndIdentification": { "type": "string", "maxLength": "35" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "type": "string", "maxLength": "140" }, "startDate": { "$ref": "#/components/schemas/startDate" }, "endDate": { "$ref": "#/components/schemas/endDate" }, "executionRule": { "$ref": "#/components/schemas/executionRule" }, "frequency": { "$ref": "#/components/schemas/frequencyCode" }, "dayOfExecution": { "$ref": "#/components/schemas/dayOfExecution" } } }, "periodicPaymentInitiationTarget2_json": { "description": "JSON Body for a periodic target-2 payment initation.\n", "type": "object", "required": [ "debtorAccount", "instructedAmount", "creditorAccount", "creditorName", "startDate", "frequency" ], "properties": { "endToEndIdentification": { "type": "string", "maxLength": "35" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "type": "string", "maxLength": "140" }, "startDate": { "$ref": "#/components/schemas/startDate" }, "endDate": { "$ref": "#/components/schemas/endDate" }, "executionRule": { "$ref": "#/components/schemas/executionRule" }, "frequency": { "$ref": "#/components/schemas/frequencyCode" }, "dayOfExecution": { "$ref": "#/components/schemas/dayOfExecution" } } }, "periodicPaymentInitiationCrossBorder_json": { "description": "JSON body for a periodic cross-border payment initation.\n", "type": "object", "required": [ "debtorAccount", "instructedAmount", "creditorAccount", "creditorName", "startDate", "frequency" ], "properties": { "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "instructedAmount": { "$ref": "#/components/schemas/amount" }, "creditorAccount": { "$ref": "#/components/schemas/accountReference" }, "creditorAgent": { "$ref": "#/components/schemas/bicfi" }, "creditorName": { "$ref": "#/components/schemas/creditorName" }, "creditorAddress": { "$ref": "#/components/schemas/address" }, "remittanceInformationUnstructured": { "type": "string", "maxLength": "140" }, "startDate": { "$ref": "#/components/schemas/startDate" }, "endDate": { "$ref": "#/components/schemas/endDate" }, "executionRule": { "$ref": "#/components/schemas/executionRule" }, "frequency": { "$ref": "#/components/schemas/frequencyCode" }, "dayOfExecution": { "$ref": "#/components/schemas/dayOfExecution" } } }, "bulkPaymentInitiationSct_json": { "description": "JSON Body for a bulk SCT payment initation.\n", "type": "object", "required": [ "payments", "debtorAccount" ], "properties": { "batchBookingPreferred": { "$ref": "#/components/schemas/batchBookingPreferred" }, "requestedExecutionDate": { "type": "string", "format": "date" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "payments": { "description": "A list of JSON bodies for SCT payments.", "type": "array", "items": { "$ref": "#/components/schemas/paymentInitiationSctBulkElement_json" } } } }, "bulkPaymentInitiationSctInst_json": { "description": "JSON Body for a bulk SCT INST payment initation.\n", "type": "object", "required": [ "payments", "debtorAccount" ], "properties": { "batchBookingPreferred": { "$ref": "#/components/schemas/batchBookingPreferred" }, "requestedExecutionDate": { "type": "string", "format": "date" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "payments": { "description": "A list of JSON bodies for SCT INST payments.", "type": "array", "items": { "$ref": "#/components/schemas/paymentInitiationSctInstBulkElement_json" } } } }, "bulkPaymentInitiationTarget2_json": { "description": "JSON Body for a bulk TARGET-2 payment initation.\n", "type": "object", "required": [ "payments", "debtorAccount" ], "properties": { "batchBookingPreferred": { "$ref": "#/components/schemas/batchBookingPreferred" }, "requestedExecutionDate": { "type": "string", "format": "date" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "payments": { "description": "A list of JSON bodies for TARGET-2 payments.", "type": "array", "items": { "$ref": "#/components/schemas/paymentInitiationTarget2BulkElement_json" } } } }, "bulkPaymentInitiationCrossBorder_json": { "description": "JSON body for a bulk cross-border payment initation.\n", "type": "object", "required": [ "payments", "debtorAccount" ], "properties": { "batchBookingPreferred": { "$ref": "#/components/schemas/batchBookingPreferred" }, "requestedExecutionDate": { "type": "string", "format": "date" }, "debtorAccount": { "$ref": "#/components/schemas/accountReference" }, "payments": { "description": "A List of JSON bodies for cross-border payments.", "type": "array", "items": { "$ref": "#/components/schemas/paymentInitiationCrossBorderBulkElement_json" } } } }, "confirmationOfFunds": { "description": "JSON Request body for the \"Confirmation of Funds Service\"\n\n
cardNumber | \nString | \nOptional | \nCard Number of the card issued by the PIISP. Should be delivered if available. | \n
account | \nAccount Reference | \nMandatory | \nPSU's account number. | \n
payee | \nMax70Text | \nOptional | \nThe merchant where the card is accepted as an information to the PSU. | \n
instructedAmount | \nAmount | \nMandatory | \nTransaction amount to be checked within the funds check mechanism. | \n