{ "openapi": "3.0.1", "info": { "title": "PSD2 ASPSP services for AISP, PISP and CBPII.", "description": "This API intends to provide an interface between\n- Account Servicing Payment Service Providers (ASPSP)\n- Third Party (Payment Service) Providers (TPP)\n\nTPP may act with different roles as described below:\n- Account Information Service Providers (AISP)\n- Payment Initiation Service Providers (PISP)\n- Card Based Payment Instrument Issuers (CBPII)\n\nThe Payment Service User (PSU) is the owner of the accounts held by the ASPSP and gives accreditations to the TPP in order to access his accounts information or initiates payment from these accounts\n\nThe API is designed on a REST model using JSON structures.\n\nThe Richardson Maturity Model is applied on level three using HAL HYPERMEDIA links\n", "contact": { "name": "STET", "url": "https://www.stet.eu/en/psd2/", "email": "psd2@stet.eu" }, "license": { "name": "Creative Commons Attribution 3.0 France (CC BY 3.0 FR)" }, "version": "1.6.3.2", "x-comments": [ "The [title] directive might be customized within each implementation" ] }, "servers": [ { "url": "https://localhost/v1" } ], "paths": { "/accounts": { "get": { "tags": [ "AISP" ], "summary": "Retrieval of the PSU accounts (AISP)", "description": "### Description\nThis call returns all payment accounts that are relevant for the PSU on behalf of whom the AISP is connected.\nThanks to HYPERMEDIA, each account is returned with the links aiming to ease access to the relevant transactions and balances.\nThe result may be subject to pagination (i.e. retrieving a partial result in case of having too many results) through a set of pages by the ASPSP. Thereafter, the AISP may ask for the first, next, previous or last page of results.\n\n### Prerequisites\n\n- The TPP was registered by the Registration Authority for the AISP role.\n- The TPP and the PSU have a contract that was enrolled by the ASPSP\n - At this step, the ASPSP has delivered an OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token to the TPP (cf. paragraph 3.4.2).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token which allows the ASPSP to identify the relevant PSU and retrieve the linked PSU context (cf. paragraph 3.4.2) if any.\n- The ASPSP takes into account the access token that establishes the link between the PSU and the AISP.\n\n### Business Flow\nThe TPP sends a request to the ASPSP for retrieving the list of the PSU payment accounts.\nThe ASPSP computes the relevant PSU accounts and builds the answer as an accounts list.\nThe result may be subject to pagination in order to avoid an excessive result set.\nEach payment account will be provided with its characteristics.\n", "operationId": "accountsGet", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "workspace", "in": "query", "description": "Workspace to be used for processing an AISP request.\nIf not provided, the default workspace is computed from the authentication that was used for getting the OAuth2 Access Token.\n", "schema": { "maxLength": 32, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "responses": { "200": { "description": "The ASPSP return a PSU context\n- listing the accounts that were made available to the AISP by the PSU and,\n- for each of these accounts, the further transactions that were enabled by the PSU through HYPERMEDIA links.\n", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalAccounts" } } } }, "204": { "description": "No content.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": {} }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "aisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] } }, "/accounts/{accountResourceId}/owners": { "get": { "tags": [ "AISP" ], "summary": "Retrieval of an account owners (AISP)", "description": "### Description\nThis call returns the owners identities for a given PSU account that is specified by the AISP through an account resource identification.\nThis call cannot be used when the account is owned by a legal entity where the identity of this entity is directly available in the account structure (field [company]).\n### Prerequisites\n- The TPP was registered by the Registration Authority for the AISP role\n- The TPP and the PSU have a contract that was enrolled by the ASPSP\n - At this step, the ASPSP has delivered an OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token to the TPP (cf. paragraph 3.4.2).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token which allows the ASPSP to identify the relevant PSU and retrieve the linked PSU context (cf. paragraph 3.4.2) is any.\n- The ASPSP takes into account the access token that establishes the link between the PSU and the AISP.\n- The TPP has previously retrieved the list of available accounts for the PSU\n### Business flow\nThe AISP requests the ASPSP on one of the PSU's accounts.\nThe ASPSP answers by the identities of the account owners.\n", "operationId": "accountsOwnersGet", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "accountResourceId", "in": "path", "description": "Identification of account resource to fetch", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "workspace", "in": "query", "description": "Workspace to be used for processing an AISP request.\nIf not provided, the default workspace is computed from the authentication that was used for getting the OAuth2 Access Token.\n", "schema": { "maxLength": 32, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "responses": { "200": { "description": "Account owners identities response", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalOwners" } } } }, "204": { "description": "No content.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": {} }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "aisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] } }, "/accounts/{accountResourceId}/balances": { "get": { "tags": [ "AISP" ], "summary": "Retrieval of an account balances report (AISP)", "description": "### Description\nThis call returns a set of balances for a given PSU account that is specified by the AISP through an account resource Identification\n### Prerequisites\n- The TPP was registered by the Registration Authority for the AISP role\n- The TPP and the PSU have a contract that was enrolled by the ASPSP\n - At this step, the ASPSP has delivered an OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token to the TPP (cf. paragraph 3.4.2).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token which allows the ASPSP to identify the relevant PSU and retrieve the linked PSU context (cf. paragraph 3.4.2) if any.\n- The ASPSP takes into account the access token that establishes the link between the PSU and the AISP.\n- The TPP has previously retrieved the list of available accounts for the PSU\n### Business flow\nThe AISP requests the ASPSP on one of the PSU's accounts.\nThe ASPSP answers by providing a list of balances on this account.\n- The ASPSP should provide at least one balance on the account.\n - For cash account, this balance should be the accounting balance (CACC)\n - For card transactions account, the accounting balance is meaningless and must be replaced by an other type of balance (OTHR).\n- Case of no registered transaction on the account, this balance will have an amount equal to zero.\n- The ASPSP can provide other balance restitutions, e.g. instant balance, as well, if possible.\n- Actually, from the PSD2 perspective, any other balances that are provided through the Web-Banking service of the ASPSP must also be provided by this ASPSP through the API.\n", "operationId": "accountsBalancesGet", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "accountResourceId", "in": "path", "description": "Identification of account resource to fetch", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "workspace", "in": "query", "description": "Workspace to be used for processing an AISP request.\nIf not provided, the default workspace is computed from the authentication that was used for getting the OAuth2 Access Token.\n", "schema": { "maxLength": 32, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "responses": { "200": { "description": "The ASPSP answers with a list of account balances", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalBalances" } } } }, "204": { "description": "No content.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": {} }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "aisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] } }, "/accounts/{accountResourceId}/transactions": { "get": { "tags": [ "AISP" ], "summary": "Retrieval of an account transaction set (AISP)", "description": "### Description\nThis call returns transactions for an account for a given PSU account that is specified by the AISP through an account resource identification.\nThe request may use some filter parameter in order to restrict the query\n - on a given imputation date range\n - past a given incremental technical identification\nThe result may be subject to pagination (i.e. retrieving a partial result in case of having too many results) through a set of pages by the ASPSP. Thereafter, the AISP may ask for the first, next, previous or last page of results.\n### Prerequisites\n- The TPP was registered by the Registration Authority for the AISP role\n- The TPP and the PSU have a contract that was enrolled by the ASPSP\n - At this step, the ASPSP has delivered an OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token to the TPP (cf. paragraph 3.4.2).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token which allows the ASPSP to identify the relevant PSU and retrieve the linked PSU context (cf. paragraph 3.4.2) is any.\n- The ASPSP takes into account the access token that establishes the link between the PSU and the AISP.\n- The TPP has previously retrieved the list of available accounts for the PSU\n### Business flow\nThe AISP requests the ASPSP on one of the PSU's accounts. It may specify some selection criteria.\nThe ASPSP answers by a set of transactions that matches the query.\n- The result may be subject to pagination in order to avoid an excessive result set.\n- Case of no registered transaction on the account, this result will be an empty list.\nThe default transaction set, in the absence of filter query parameter, has to be specified and documented by the implementation.\nThe sort order of transaction might be specific to each ASPSP, due to each Information System constraints.\n", "operationId": "accountsTransactionsGet", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "accountResourceId", "in": "path", "description": "Identification of account resource to fetch", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, { "name": "dateFrom", "in": "query", "description": "Inclusive minimal imputation date of the transactions.\n\nTransactions having an imputation date equal to this parameter are included within the result.\n", "schema": { "type": "string", "format": "date-time" } }, { "name": "dateTo", "in": "query", "description": "Exclusive maximal imputation date of the transactions.\n\nTransactions having an imputation date equal to this parameter are not included within the result.\n", "schema": { "type": "string", "format": "date-time" } }, { "name": "dateType", "in": "query", "description": "This parameter specifies the type of date on which [dateFrom] and [dateTo] apply.\nIf not provided, the ASPSP will use its own default date type as specified in its implementation documentation.\nThe implementation documentation must also specify which date types are supported.\n", "schema": { "type": "string", "enum": [ "transactionDate", "bookingDate" ] } }, { "name": "entryReferenceFrom", "in": "query", "description": "Specifies the value on which the result has to be computed.\n\nOnly the transaction having a technical identification greater than this value must be included within the result\n", "schema": { "maxLength": 40, "type": "string" } }, { "name": "entryReferenceto", "in": "query", "description": "Specifies the value on which the result has to be computed.\n\nOnly the transaction having a technical identification less than or equal to this value must be included within the result\n", "schema": { "maxLength": 40, "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "workspace", "in": "query", "description": "Workspace to be used for processing an AISP request.\nIf not provided, the default workspace is computed from the authentication that was used for getting the OAuth2 Access Token.\n", "schema": { "maxLength": 32, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "responses": { "200": { "description": "Complete transactions response", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalTransactions" } } } }, "204": { "description": "No content.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": {} }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "aisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] } }, "/accounts/{accountResourceId}/transactions/{transactionResourceId}/details": { "get": { "tags": [ "AISP" ], "summary": "Retrieval of transaction details (AISP)", "description": "### Description\nThis call returns the details of a transaction from a given PSU account.\nThe AISP has to specified\n- the account through an account resource identification\n- the transaction through a transaction resource identifcation\n### Prerequisites\n- The TPP was registered by the Registration Authority for the AISP role\n- The TPP and the PSU have a contract that was enrolled by the ASPSP\n - At this step, the ASPSP has delivered an OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token to the TPP (cf. paragraph 3.4.2).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token which allows the ASPSP to identify the relevant PSU and retrieve the linked PSU context (cf. paragraph 3.4.2) is any.\n- The ASPSP takes into account the access token that establishes the link between the PSU and the AISP.\n- The TPP has previously retrieved the list of available accounts for the PSU and the transactions from one given account\n- A transaction includes a \"details\" hyperlink which indicates that detailed information is available for this transaction.\n### Business flow\nThe AISP requests the ASPSP on one of the transactions.\nThe ASPSP answers by the details on this transaction.\n", "operationId": "accountsTransactionsDetailsGet", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "accountResourceId", "in": "path", "description": "Identification of account resource to fetch", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, { "name": "transactionResourceId", "in": "path", "description": "Identification of transaction resource to fetch", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "responses": { "200": { "description": "Complete transactions response", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalTransactionDetails" } } } }, "204": { "description": "No content.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": {} }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "aisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)", "Modified for CR521 (Remove useless parameters when retrieving transaction details)" ] } }, "/accounts/{accountResourceId}/overdrafts": { "get": { "tags": [ "AISP" ], "summary": "Retrieval of an account overdraft (AISP)", "description": "### Description\nThis call returns the overdrafts that can be used for a given PSU account that is specified by the AISP through an account resource identification.\nThe request may use some filter parameter in order to restrict the query\n### Prerequisites\n- The TPP was registered by the Registration Authority for the AISP role\n- The TPP and the PSU have a contract that was enrolled by the ASPSP\n - At this step, the ASPSP has delivered an OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token to the TPP (cf. paragraph 3.4.2).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token which allows the ASPSP to identify the relevant PSU and retrieve the linked PSU context (cf. paragraph 3.4.2) is any.\n- The ASPSP takes into account the access token that establishes the link between the PSU and the AISP.\n- The TPP has previously retrieved the list of available accounts for the PSU\n### Business flow\nThe AISP requests the ASPSP on one of the PSU's accounts.\nThe ASPSP answers by the overdraft that can be applied.\n", "operationId": "accountsOverdraftsGet", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "accountResourceId", "in": "path", "description": "Identification of account resource to fetch", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "workspace", "in": "query", "description": "Workspace to be used for processing an AISP request.\nIf not provided, the default workspace is computed from the authentication that was used for getting the OAuth2 Access Token.\n", "schema": { "maxLength": 32, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "responses": { "200": { "description": "Overdraft response", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalOverdrafts" } } } }, "204": { "description": "No content.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": {} }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "aisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] } }, "/consents": { "put": { "tags": [ "AISP" ], "summary": "Forwarding the PSU consent (AISP)", "description": "### Description\nIn the mixed detailed consent on accounts\n- the AISP captures the consent of the PSU\n- then it forwards this consent to the ASPSP\nThis consent replaces any prior consent that was previously sent by the AISP.\n### Prerequisites\n- The TPP was registered by the Registration Authority for the AISP role.\n- The TPP and the PSU have a contract that was enrolled by the ASPSP\n - At this step, the ASPSP has delivered an OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token to the TPP (cf. paragraph 3.4.2).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token which allows the ASPSP to identify the relevant PSU and retrieve the linked PSU context (cf. paragraph 3.4.2) if any.\n- The ASPSP takes into account the access token that establishes the link between the PSU and the AISP.\n### Business Flow\nThe PSU specifies to the AISP which of his/her accounts will be accessible and which functionalities should be available.\nThe AISP forwards these settings to the ASPSP.\nThe ASPSP answers by HTTP201 return code.\n", "operationId": "consentsPut", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "requestBody": { "description": "List of consents granted to the AISP by the PSU.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Access" } } }, "required": true }, "responses": { "201": { "description": "Created", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": {} }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "501": { "description": "Not Implemented.\nThis code should be used when the entry point is implemented but cannot provide a result, given the context.\nWhen the entry point is not implemented at all, HTTP400 will be returned.\n", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "aisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ], "x-codegen-request-body-name": "access" } }, "/end-user-identity": { "get": { "tags": [ "AISP" ], "summary": "Retrieval of the identity of the end-user (AISP)", "description": "### Description\nThis call returns the identity of the PSU (end-user).\n### Prerequisites\n- The TPP was registered by the Registration Authority for the AISP role.\n- The TPP and the PSU have a contract that was enrolled by the ASPSP\n - At this step, the ASPSP has delivered an OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token to the TPP (cf. paragraph 3.4.2).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token which allows the ASPSP to identify the relevant PSU and retrieve the linked PSU context (cf. paragraph 3.4.2) if any.\n- The ASPSP takes into account the access token that establishes the link between the PSU and the AISP.\n### Business Flow\n The AISP asks for the identity of the PSU.\n The ASPSP answers with the identity, i.e. first and last names of the end-user.\n", "operationId": "EndUserIdentityGet", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "responses": { "200": { "description": "The ASPSP returns the identity of the PSU\n", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalEndUserIdentity" } } } }, "204": { "description": "No content.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": {} }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "aisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] } }, "/trusted-beneficiaries": { "get": { "tags": [ "AISP" ], "summary": "Retrieval of the trusted beneficiaries list (AISP)", "description": "### Description\nThis call returns all trusted beneficiaries that were set by the PSU.\nThose beneficiaries can benefit from an SCA exemption during payment initiation.\nThe result may be subject to pagination (i.e. retrieving a partial result in case of having too many results) through a set of pages by the ASPSP. Thereafter, the AISP may ask for the first, next, previous or last page of results.\n### Prerequisites\n- The TPP was registered by the Registration Authority for the AISP role.\n- The TPP and the PSU have a contract that was enrolled by the ASPSP\n - At this step, the ASPSP has delivered an OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token to the TPP (cf. paragraph 3.4.2).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its OAUTH2 \"Authorization Code\" or \"Resource Owner Password\" access token which allows the ASPSP to identify the relevant PSU and retrieve the linked PSU context (cf. paragraph 3.4.2) if any.\n- The ASPSP takes into account the access token that establishes the link between the PSU and the AISP.\n### Business Flow\nThe AISP asks for the trusted beneficiaries list.\nThe ASPSP answers with a list of beneficiary details structure.\n", "operationId": "trustedBeneficiariesGet", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "workspace", "in": "query", "description": "Workspace to be used for processing an AISP request.\nIf not provided, the default workspace is computed from the authentication that was used for getting the OAuth2 Access Token.\n", "schema": { "maxLength": 32, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "responses": { "200": { "description": "The ASPSP returns the list of whitelisted beneficiaries\n", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalBeneficiaries" } } } }, "204": { "description": "No content.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": {} }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "501": { "description": "Not Implemented.\nThis code should be used when the entry point is implemented but cannot provide a result, given the context.\nWhen the entry point is not implemented at all, HTTP400 will be returned.\n", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "aisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] } }, "/funds-confirmations": { "post": { "tags": [ "CBPII" ], "summary": "Payment coverage check request (CBPII)", "description": "### Description\nThe CBPII can ask an ASPSP to check if a given amount can be covered by the liquidity that is available on a PSU cash account or payment card.\n### Prerequisites\n- The TPP was registered by the Registration Authority for the CBPII role\n- The TPP and the PSU have a contract that was registered by the ASPSP\n - At this step, the ASPSP has delivered an \"Authorization Code\", a \"Resource Owner Password\" or a \"Client Credential\" OAUTH2 access token to the TPP (cf. paragraph 3.4.2).\n - Each ASPSP has to implement either the \"Authorization Code\"/\"Resource Owner Password\" or the \"Client Credential\" OAUTH2 access token model.\n - Doing this, it will edit the [security] section on this path in order to specify which model it has chosen\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its OAUTH2 \"Authorization Code\", \"Resource Owner Password\" or \"Client Credential\" access token which allows the ASPSP to identify the relevant PSU.\n### Business flow\nThe CBPII requests the ASPSP for a payment coverage check against either a bank account or a card primary identifier.\nThis request cannot handle exchange rate and must be specified with the relevant account currency.\nThe ASPSP answers with a structure embedding the original request and the result as a Boolean.\n", "operationId": "fundsConfirmationsPost", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "Idempotency-Key", "in": "header", "description": "Key provided by the API client to ensure idempotency in case of retry of a given request", "required": true, "schema": { "type": "string", "format": "uuid", "x-comments": [ "Added for CR526 (Add an Idempotency Header)" ] }, "x-comments": [ "Added for CR526 (Add an Idempotency Header)" ] } ], "requestBody": { "description": "parameters of a payment coverage request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PaymentCoverageRequestResource" } } }, "required": true }, "responses": { "200": { "description": "payment coverage request", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } }, "Digest": { "description": "Digest of the body", "schema": { "type": "string" } }, "Signature": { "description": "[http-signature of the response ](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalPaymentCoverageReport" } } } }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "cbpii" ] }, { "clientCredentials": [ "cbpii" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)", "Modified for CR526 (Add an Idempotency Header)" ], "x-codegen-request-body-name": "paymentCoverage" } }, "/payment-requests": { "post": { "tags": [ "PISP" ], "summary": "Payment request initiation (PISP)", "description": "### Description\nThe following use cases can be applied:\n- payment request on behalf of a merchant\n- transfer request on behalf of the account's owner\n- standing-order request on behalf of the account's owner\n#### Data content\nA payment request or a transfer request might embed several payment instructions having\n- one single execution date or multiple execution dates\n- one single beneficiary or multiple beneficiaries\nHaving at the same time multiple beneficiaries and multiple execution date might not be a relevant business case, although it is technically allowed.\nEach implementation will have to specify which business use cases are actually supported.\nA standing order request must embed one single payment instruction and must address one single beneficiary.\n- The beneficiary must be set at the payment level\n- The standing order specific characteristics (start date, periodicity...) must be set at the instruction level\n\nPayment request can rely for execution on different payment instruments:\n- SEPA Credit Transfer (SCT)\n- Domestic Credit Transfer in a non-Euro-currency\n- International payment\nThe following table indicates how to use the different fields, depending on the payment instrument:\n\n| Structure | SEPA payments | Domestic payments in non-euro currency | International payments |\n| --------- | ------------- | -------------------------------------- | ---------------------- |\n| PaymentTypeInformation/InstructionPriority (payment level) | \"HIGH\" for high-priority SCT, \"NORM\" for other SCT, Ignored for SCTInst | \"HIGH\" for high-priority CT, \"NORM\" or ignored for other CT | \"HIGH\" for high-priority payments, \"NORM\" or ignored for other payments |\n| PaymentTypeInformation/ServiceLevel (payment level) | \"SEPA\" for SCT and SCTInst | ignored | ignored |\n| PaymentTypeInformation/CategoryPurpose (payment level) | \"CASH\" for transfer request, \"DVPM\" for payment request on behalf of a merchant || \"CORT\" for generic international payments, \"INTC\" for transfers between two branches within the same company, \"TREA\" for treasury transfers |\n| PaymentTypeInformation/LocalInstrument (payment level) | \"INST\" pour les SCTInst, otherwise ignored | Ignored or valued with ISO20022 external code ||\n| RequestedExecutionDate (at transaction level) | Optional. if set by the PISP, it indicates the date on debit on the ordering party account. If not set by the PISP, this requests the ASPSP to execute the payment instruction as soon as possible. |||\n| EndToEndIdentification (at transaction level) | Mandatory | Optional ||\n| UltimateDebtor (at transaction level) | Optional |||\n| UltimateCreditor (at transaction level) | Optional |||\n| InstructedAmount (at transaction level) | Mandatory || Mandatory and exclusive use of one of these structures |\n| EquivalentAmount (at transaction level) | Not used || Mandatory and exclusive use of one of these structures |\n| ChargeBearer (at transaction level) | \"SLEV\" for SCT and SCTInst | \"SLEV\" or \"SHAR\" | \"CRED\", \"DEBT\" or \"SHAR\" |\n| Purpose (at transaction level) | Optional |||\n| RegulatoryReportingCode (at transaction level) | Not used | Mandatory (possibly multiple values) |\n| InstructionForCreditorAgent (at transaction level) | Not used || Optional (possibly multiple values) |\n| RemittanceInformation | Mandatory. Structured or unstructured, depending on the local rules and constraints |||\n| Debtor (at payment level) | Mandatory, 2 address lines only | Mandatory, 4 address lines only | Mandatory. Complete strustured address can be used. |\n| DebtorAccount (at payment level) | Optional | Optional. Account currency may be specified ||\n| DebtorAgent (at payment level) | Optional |||\n| Creditor (at transaction level) | Mandatory, 2 address lines only | Mandatory, 4 address lines only | Mandatory. Complete strustured address can be used. Date and place of birth must be specified |\n| CreditorAccount (at transaction level) | Mandatory | Mandatory. Account currency may be specified ||\n| CreditorAgent (at transaction level) | Optional |||\n| ClearingSystemId et ClearingSystemMemberId (at transaction level) | Not used || Optional |\n| IntermediaryAgent et IntermediaryAgentAccount (at transaction level) | Not used | Optional ||\n\n#### Prerequisites for all use cases\n- The TPP was registered by the Registration Authority for the PISP role\n- The TPP was provided with an OAUTH2 \"Client Credential\" access token by the ASPSP (cf. paragraph 3.4.2).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its \"OAUTH2 Client Credential\" access token\n\n#### Business flow\n##### Payment Request use case\nThe PISP forwards a payment request on behalf of a merchant.\nThe PSU buys some goods or services on an e-commerce website held by a merchant. Among other payment method, the merchant suggests the use of a PISP service. As there is obviously a contract between the merchant and the PISP, there is no need for the ASPSP to check the existence of such a contract between the PSU and this PISP to initiate the process.\nCase of the PSU that chooses to use the PISP service:\n- The merchant forwards the requested payment characteristics to the PISP and redirects the PSU to the PISP portal.\n- The PISP requests from the PSU which ASPSP will be used.\n- The PISP prepares the Payment Request and sends this request to the ASPSP.\n- The Request can embed several payment instructions having different requested execution date.\n- The beneficiary, as being the merchant, is set at the payment level.\n\n ##### Transfer Request use case\n The PISP forwards a transfer request on behalf of the owner of the account.\n - The PSU provides the PISP with all information needed for the transfer.\n - The PISP prepares the Transfer Request and sends this request to the relevant ASPSP that holds the debtor account.\n - The Request can embed several payment instructions having different beneficiaries.\n - The requested execution date, as being the same for all instructions, is set at the payment level.\n\n ##### Standing Order Request use case\n The PISP forwards a Standing Order request on behalf of the owner of the account.\n - The PSU provides the PISP with all information needed for the Standing Order.\n - The PISP prepares the Standing Order Request and sends this request to the relevant ASPSP that holds the debtor account.\n - The Request embeds one single payment instruction with\n - The requested execution date of the first occurrence\n - The requested execution frequency of the payment in order to compute further execution dates\n - An execution rule to handle cases when the computed execution dates cannot be processed (e.g. bank holydays)\n - An optional end date for closing the standing Order\n", "operationId": "paymentRequestsPost", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "ui_locales", "in": "query", "description": "End-User's preferred languages and scripts for the user interface, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.\n", "schema": { "maxLength": 140, "type": "string" } }, { "name": "PSU-Workspace", "in": "header", "description": "Workspace to be used for processing the PSU authentication when confirming a PISP request.\n", "schema": { "maxLength": 32, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "Idempotency-Key", "in": "header", "description": "Key provided by the API client to ensure idempotency in case of retry of a given request", "required": true, "schema": { "type": "string", "format": "uuid", "x-comments": [ "Added for CR526 (Add an Idempotency Header)" ] }, "x-comments": [ "Added for CR526 (Add an Idempotency Header)" ] } ], "requestBody": { "description": "ISO20022 based payment Initiation Request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PaymentRequestResource" } } }, "required": true }, "responses": { "201": { "description": "The request was created as a resource. The ASPSP must authenticate the PSU.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } }, "Digest": { "description": "Digest of the body", "schema": { "type": "string" } }, "Signature": { "description": "[http-signature of the response ](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string" } }, "location": { "description": "URI of the created (and updated if needed) Payment Request.\nActually, this link is the URI to be used (cf. paragraph 4.6) for retrieving the Payment Request ant its status:\n- GET /payment-requests/{paymentRequestResourceId}\nThe parameter {paymentRequestResourceId} is the identifier of the Payment Request, as the resource that was created on the ASPSP server side.\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalAuthenticationRequest" } } } }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "clientCredentials": [ "pisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)", "Modified for CR526 (Add an Idempotency Header)" ], "x-codegen-request-body-name": "paymentRequest" } }, "/payment-requests/{paymentRequestResourceId}": { "get": { "tags": [ "PISP" ], "summary": "Retrieval of a payment request (PISP)", "description": "### Description\nThe following use cases can be applied:\n- retrieval of a payment request on behalf of a merchant\n- retrieval of a transfer request on behalf of the account's owner\n- retrieval of a standing-order request on behalf of the account's owner\n\nThe PISP has previously sent a Request through a POST command.\n- The ASPSP has registered the Request, updated if necessary the relevant identifiers in order to avoid duplicates and returned the location of the updated Request.\n- The PISP gets the Request that was updated with the resource identifiers, and eventually the status of the Payment/Transfer Request and the status of the subsequent credit transfer.\n\n### Prerequisites\n- The TPP was registered by the Registration Authority for the PISP role\n- The TPP was provided with an OAUTH2 \"Client Credential\" access token by the ASPSP (cf. paragraph 3.4.2).\n- The TPP has previously posted a Request which was saved by the ASPSP (cf. paragraph 4.5.3)\n - The ASPSP has answered with a location link to the saved Payment/Transfer Request (cf. paragraph 4.5.4)\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its \"OAUTH2 Client Credential\" access token\n\n### Business flow\nThe PISP asks to retrieve the Payment/Transfer Request that was saved by the ASPSP. The PISP uses the location link provided by the ASPSP in response of the posting of this request.\nThe ASPSP returns the previously posted Payment/Transfer Request which is enriched with:\n- The resource identifiers given by the ASPSP\n- The status information of the Payment Request and of the subsequent credit transfer\nThe status information must be available during at least 30 calendar days after the posting of the Payment Request. However, the ASPSP may increase this availability duration, based on its own rules.\n", "operationId": "paymentRequestsGet", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "paymentRequestResourceId", "in": "path", "description": "Identification of the Payment Request Resource", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "responses": { "200": { "description": "Retrieval of the previously posted Payment Request", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } }, "Digest": { "description": "Digest of the body", "schema": { "type": "string" } }, "Signature": { "description": "[http-signature of the response ](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalPaymentRequest" } } } }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "clientCredentials": [ "pisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "put": { "tags": [ "PISP" ], "summary": "Cancellation of a Payment/Transfer Request (PISP)", "description": "### Description\nThe PISP sent a Payment/Transfer Request through a POST command.\nThe ASPSP registered the Payment/Transfer Request, updated if necessary the relevant identifiers in order to avoid duplicates and returned the location of the updated Request.\nThe PISP got the Payment/Transfer Request that was updated with the resource identifiers, and eventually the status of the Payment/Transfer Request and the status of the subsequent credit transfer.\nThe PISP requests for the payment cancellation (global cancellation) or for some payment instructions cancellation (partial cancellation)\nNo other modification of the Payment/Transfer Request is allowed.\n### Prerequisites\n- The TPP was registered by the Registration Authority for the PISP role\n- The TPP was provided with an OAUTH2 \"Client Credential\" access token by the ASPSP (cf. paragraph 3.4.2).\n- The TPP previously posted a Payment/Transfer Request which was saved by the ASPSP (cf. paragraph 4.5.3)\n - The ASPSP answered with a location link to the saved Payment/Transfer Request (cf. paragraph 4.5.4)\n - The PISP retrieved the saved Payment/Transfer Request (cf. paragraph 4.5.4)\n- The TPP and the ASPSP successfully processed a mutual check and authentication\n- The TPP presented its \"OAUTH2 Client Credential\" access token.\n- The TPP presented the payment/transfer request.\n- The PSU was successfully authenticated.\n\n### Business flow\n#### Payment/Transfer request cancellation circumstances\nThe cancellation of a Payment/Transfer request might be triggered by the PISP upon request of the PSU.\nIt can also be triggered by the PISP itself in case of error or fraud detection.\nSince the consequence of the cancellation will be a rejection of the Payment/Transfer request globally or limited to some of its instructions, the modification of the payment request will focus on setting the relevant status to the value \"CANC\".\nThis \"CANC\" status must however be explained through a reason code that can be set with the following values:\n\n| Reason | description |\n| ------ | ----------- |\n| DS02 | The PSU himsef/herself ordered the cancellation. |\n| DUPL | The PISP requested the cancellation for a duplication of a previous Payment/Transfer request |\n| FRAD | The PISP requested the cancellation for fraudulent origin of the Payment/Transfer request |\n| TECH | The PISP requested the cancellation for a technical issue on its side |\n\n#### Payment/Transfer request cancellation level\n- Case of a payment with multiple instructions or a standing order, the PISP asks to cancel the whole Payment/Transfer or Standing Order Request including all non-executed payment instructions by setting the [paymentInformationStatus] and the relevant [statusReasonInformation] at payment level.\n- Case of a payment with multiple instructions, the PISP asks to cancel one or several payment instructions by setting the [transactionStatus] and the relevant [statusReasonInformation] at each relevant instruction level.\n\nThe cancellation request might need a PSU authentication before committing, especially when the request is PSU-driven. In other cases, the ASPSP may consider that a PSU authentication is irrelevant.\nIn order to meet all possibilities, the cancellation request must nevertheless include:\n- The specification of the authentication approaches that are supported by the PISP (any combination of \"REDIRECT\" and \"DECOUPLED\" values).\n- In case of possible REDIRECT or DECOUPLED authentication approach, one or two call-back URLs to be used by the ASPSP at the finalisation of the authentication and consent process :\n - The first call-back URL will be called by the ASPSP if the Transfer Request is processed without any error or rejection by the PSU\n - The second call-back URL is to be used by the ASPSP in case of processing error or rejection by the PSU. Since this second URL is optional, the PISP might not provide it. In this case, the ASPSP will use the same URL for any processing result.\n - Both call-back URLS must be used in a TLS-secured request.\n- In case of possible \"DECOUPLED\" approach, a PSU identifier that can be processed by the ASPSP for PSU recognition.\n\n- The ASPSP saves the updated Payment/Transfer Request and answers to the PISP. The answer embeds\n - The specification of the chosen authentication approach taking into account both the PISP and the PSU capabilities.\n - In case of chosen REDIRECT authentication approach, the URL to be used by the PISP for redirecting the PSU in order to perform an authentication.\n\nCase of the PSU neither gives nor denies his/her consent, the Cancellation Request shall expire and is then rejected to the PISP. The expiration delay is specified by each ASPSP.\nIf any modification of the payment request other than cancellation is applied by the PISP, the ASPSP must reject the request with HTTP403 without modifying the payment request resource.\n\nThere is no need for the PISP to post a confirmation of the cancellation request.\n", "operationId": "paymentRequestPut", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "paymentRequestResourceId", "in": "path", "description": "Identification of the Payment Request Resource", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "requestBody": { "description": "ISO20022 based payment Initiation Request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PaymentRequestResource" } } }, "required": true }, "responses": { "200": { "description": "The cancellation request was saved. The ASPSP may have to authenticate the PSU before committing the update.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } }, "Digest": { "description": "Digest of the body", "schema": { "type": "string" } }, "Signature": { "description": "[http-signature of the response ](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalAuthenticationRequest" } } } }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "409": { "description": "Conflict.\nThe request could not be completed due to a conflict with the current state of the target resource.\n", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "clientCredentials": [ "pisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ], "x-codegen-request-body-name": "paymentRequest" } }, "/payment-requests/{paymentRequestResourceId}/confirmation": { "post": { "tags": [ "PISP" ], "summary": "Confirmation of a payment request using an OAUTH2 Authorization code grant (PISP)", "description": "### Description\nThe PISP confirms one of the following requests or modifications:\n- payment request on behalf of a merchant\n- transfer request on behalf of the account's owner\n- standing-order request on behalf of the account's owner\nThe ASPSP answers with a status of the relevant request and the subsequent Credit Transfer.\n\n### Prerequisites\n- The TPP was registered by the Registration Authority for the PISP role\n- The TPP was provided with an OAUTH2 \"Client Credential\" access token by the ASPSP (cf. paragraph 3.4.2).\n- The TPP has previously posted a Request which was saved by the ASPSP (cf. paragraph 4.5.3)\n - The ASPSP has answered with a location link to the saved Payment Request (cf. paragraph 4.5.4)\n - The TPP has retrieved the saved request in order to get the relevant resource Ids (cf. paragraph 4.6).\n- The PSU was authenticated by the ASPSP through an OAUTH2 authorization code grant flow (REDIRECT approach) and the PISP got the relevant token\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP has presented its \"OAUTH2 Authorization Code\" access token\n\n### Business flow\nOnce the PSU was authenticated through an OAUTH2 authorization code grant flow (REDIRECT approach), it is the due to the PISP to confirm the Request to the ASPSP in order to complete the process flow.\nThe ASPSP must wait for confirmation before executing the subsequent Credit Tranfer.\nAny further confirmation by the PISP on the same Payment-Request must be ignored.\n", "operationId": "paymentRequestConfirmationPost", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "paymentRequestResourceId", "in": "path", "description": "Identification of the Payment Request Resource", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "Idempotency-Key", "in": "header", "description": "Key provided by the API client to ensure idempotency in case of retry of a given request", "required": true, "schema": { "type": "string", "format": "uuid", "x-comments": [ "Added for CR526 (Add an Idempotency Header)" ] }, "x-comments": [ "Added for CR526 (Add an Idempotency Header)" ] } ], "requestBody": { "description": "Parameters needed for confirmation of the Payment Request.\nEven though there is no parameter, a Json (void) body structure must be provided.\n", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ConfirmationResource" } } }, "required": true }, "responses": { "200": { "description": "retrieval of the Payment Request enriched with the status report", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } }, "Digest": { "description": "Digest of the body", "schema": { "type": "string" } }, "Signature": { "description": "[http-signature of the response ](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalPaymentRequest" } } } }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "409": { "description": "Conflict.\nThe request could not be completed due to a conflict with the current state of the target resource.\n", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "accessCode": [ "pisp" ] }, { "clientCredentials": [ "pisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)", "Modified for CR526 (Add an Idempotency Header)" ], "x-codegen-request-body-name": "confirmationRequest" } }, "/payment-requests/{paymentRequestResourceId}/transactions": { "get": { "tags": [ "PISP" ], "summary": "Retrieval of the Credit Transfert Transactions that were processed for a given payment request (PISP)", "description": "### Description\nThe PISP gets the execution history of a payment request.\nThis entry-point is an alternative to the retrieval of the history through the retrieval of the payment request.\nSo, each ASPSP may choose or not to implement this entry-point.\n\n### Prerequisites\n- The TPP was registered by the Registration Authority for the PISP role\n- The TPP has previously posted a Standing Order Request which was saved by the ASPSP (cf. paragraph 4.5.3)\n - The ASPSP has answered with a location link to the saved Payment Request (cf. paragraph 4.5.4)\n - The TPP has retrieved the saved request in order to get the relevant resource Ids (cf. paragraph 4.6).\n- The TPP and the ASPSP have successfully processed a mutual check and authentication\n- The TPP was provided with an OAUTH2 \"Client Credential\" access token by the ASPSP (cf. paragraph 3.4.2).\n- The TPP presented its \"OAUTH2 Client Credential\" access token.\n\n### Business flow\nThe PISP post the history request.\nThe ASPSP answers with the list of relevant transactions.\n", "operationId": "paymentRequestTransactionsGet", "parameters": [ { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, { "name": "paymentRequestResourceId", "in": "path", "description": "Identification of the Payment Request Resource", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } ], "responses": { "200": { "description": "retrieval of the Payment Request enriched with the status report", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } }, "Digest": { "description": "Digest of the body", "schema": { "type": "string" } }, "Signature": { "description": "[http-signature of the response ](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/HalCreditTransfertTransactions" } } } }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "409": { "description": "Conflict.\nThe request could not be completed due to a conflict with the current state of the target resource.\n", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "application/hal+json; charset=utf-8": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "security": [ { "clientCredentials": [ "pisp" ] } ], "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] } } }, "components": { "schemas": { "ErrorModel": { "required": [ "message", "status" ], "type": "object", "properties": { "timestamp": { "type": "string", "description": "current timestamp", "format": "date-time" }, "status": { "type": "integer", "description": "HTTP error code", "format": "int32" }, "error": { "maxLength": 140, "type": "string", "description": "HTTP error text" }, "message": { "maxLength": 140, "type": "string", "description": "HTTP textual reason phrase" }, "path": { "maxLength": 140, "type": "string", "description": "Relevant path that was used" }, "details": { "minItems": 1, "type": "array", "description": "list of detailed errors that were encountered", "items": { "$ref": "#/components/schemas/ErrorDetail" } } }, "description": "Generic error report structure", "example": "{\n \"timestamp\" : \"2021-03-17T16:47:00.187248+01:00\",\n \"status\" : 400,\n \"error\" : \"Bad Request\",\n \"message\" : \"This Authentication Approach is not available\",\n \"details\" : [ {\n \"path\" : \"$.supplementaryData.acceptedAuthenticationApproach\",\n \"erroneousValue\" : \"EMBEDDED\",\n \"expectedEnumeration\" : [ \"REDIRECT\", \"DECOUPLED\" ]\n } ]\n}", "x-definition-type": "Technical" }, "AuthenticationApproach": { "type": "string", "description": "Authentication approaches that can be applied.\nREDIRECT: the PSU is redirected by the TPP to the ASPSP which processes identification and authentication\nDECOUPLED: the TPP identifies the PSU and forwards the identification to the ASPSP which processes the authentication through a decoupled device\nNONE: there is no need for the PSU to authenticate\n", "enum": [ "REDIRECT", "DECOUPLED", "EMBEDDED-1-FACTOR", "NONE" ], "x-definition-type": "Technical" }, "AuthenticationApproaches": { "type": "array", "description": "List of authentication approaches", "items": { "$ref": "#/components/schemas/AuthenticationApproach" }, "x-definition-type": "Technical" }, "GenericLink": { "required": [ "href" ], "type": "object", "properties": { "href": { "maxLength": 2000, "type": "string", "description": "URI to be used. HREF stands for Hypertext REFerence." }, "templated": { "type": "boolean", "description": "This field must be set with \"true\" when [href] is an URI template, i.e. with parameters that will be set by the client afterwards. Parameter fields must be included by the API server according to RFC6570.\nOtherwise, this property must be absent or set to false\ndefault value: false\n" } }, "description": "hypertext reference", "example": "{\n \"href\" : \"/v1/accounts\"\n}", "x-definition-type": "Hal", "x-generic": true }, "AccountListLinks": { "required": [ "self" ], "type": "object", "properties": { "self": { "$ref": "#/components/schemas/GenericLink" }, "consents": { "$ref": "#/components/schemas/GenericLink" }, "endUserIdentity": { "$ref": "#/components/schemas/GenericLink" }, "trustedBeneficiaries": { "$ref": "#/components/schemas/GenericLink" }, "workspaces": { "type": "array", "description": "list of all workspaces that can be accessed by the PSU", "items": { "$ref": "#/components/schemas/GenericLink" } }, "first": { "$ref": "#/components/schemas/GenericLink" }, "last": { "$ref": "#/components/schemas/GenericLink" }, "next": { "$ref": "#/components/schemas/GenericLink" }, "prev": { "$ref": "#/components/schemas/GenericLink" } }, "description": "Links that can be used for further navigation when browsing Account Information at top level\n| Link | Description |\n| ---- | ----------- |\n| self | link to the list of all available accounts |\n| consents | link to the consents forwarding |\n| endUserIdentity | link to the end-user identity|\n| trustedBeneficiaries | link to the list of trusted beneficiaries |\n| worspaces | array of link to each relevant workspaces |\n| first | link to the first page of the accounts result |\n| last | link to the last page of the accounts result |\n| next | link to the next page of the accounts result |\n| prev | link to the previous page of the accounts result |\n", "example": "{\n \"self\" : {\n \"href\" : \"/v1/accounts\"\n },\n \"consents\" : {\n \"href\" : \"/v1/consents\"\n },\n \"endUserIdentity\" : {\n \"href\" : \"v1/end-user-identity\"\n },\n \"trustedBeneficiaries\" : {\n \"href\" : \"/v1/trusted-beneficiaries\"\n },\n \"workspaces\": [\n {\n \"href\": \"v1/accounts?worspace=PRO_1\",\n \"templated\": true\n },\n {\n \"href\": \"v1/accounts?worspace=PRO_2\",\n \"templated\": true\n }\n ]\n}", "x-definition-type": "Hal" }, "AccountLinks": { "type": "object", "properties": { "owners": { "$ref": "#/components/schemas/GenericLink" }, "balances": { "$ref": "#/components/schemas/GenericLink" }, "transactions": { "$ref": "#/components/schemas/GenericLink" }, "overdrafts": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation when browsing Account Information at one account level\n| Link | Description |\n| ---- | ----------- |\n| owners | link to the owners identities for a given account |\n| balances | link to the balances of a given account |\n| transactions | link to the transactions of a given account |\n| overdrafts | link to the lists of overdrafts of a given account |\n", "example": "{\n \"balances\" : {\n \"href\" : \"/v1/accounts/Alias1/balances\"\n },\n \"transactions\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions\"\n },\n \"overdrafts\" : {\n \"href\" : \"/v1/accounts/Alias1/overdrafts\"\n }\n}", "x-definition-type": "Hal" }, "OwnersLinks": { "required": [ "self" ], "type": "object", "properties": { "self": { "$ref": "#/components/schemas/GenericLink" }, "parent-list": { "$ref": "#/components/schemas/GenericLink" }, "balances": { "$ref": "#/components/schemas/GenericLink" }, "transactions": { "$ref": "#/components/schemas/GenericLink" }, "overdrafts": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation when browsing balances Information at one account level\n| Link | Description |\n| ---- | ----------- |\n| self | link to the owners of a given account |\n| parent-list | link to the list of all available accounts |\n| balances | link to the balances for a given account |\n| transactions | link to the transactions of a given account |\n| overdrafts | link to the lists of overdrafts of a given account |\n", "example": "{\n \"self\": {\n \"href\": \"/v1/accounts/myAccountId/owners\"\n },\n \"parentList\": {\n \"href\": \"/v1/accounts\"\n },\n \"balances\": {\n \"href\": \"/v1/accounts/myAccountId/balances\"\n },\n \"transactions\": {\n \"href\": \"/v1/accounts/myAccountId/transactions\"\n },\n \"overdrafts\": {\n \"href\": \"/v1/accounts/myAccountId/overdrafts\"\n }\n} ", "x-definition-type": "Hal" }, "BalancesLinks": { "required": [ "self" ], "type": "object", "properties": { "self": { "$ref": "#/components/schemas/GenericLink" }, "parent-list": { "$ref": "#/components/schemas/GenericLink" }, "owners": { "$ref": "#/components/schemas/GenericLink" }, "transactions": { "$ref": "#/components/schemas/GenericLink" }, "overdrafts": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation when browsing balances Information at one account level\n| Link | Description |\n| ---- | ----------- |\n| self | link to the balances of a given account |\n| parent-list | link to the list of all available accounts |\n| owners | link to the owners identities for a given account |\n| transactions | link to the transactions of a given account |\n| overdrafts | link to the lists of overdrafts of a given account |\n", "example": "{\n \"self\" : {\n \"href\" : \"/v1/accounts/myAccountId/balances\"\n },\n \"parent-list\" : {\n \"href\" : \"/v1/accounts\"\n },\n \"transactions\" : {\n \"href\" : \"/v1/accounts/myAccountId/transactions\"\n },\n \"overdrafts\" : {\n \"href\" : \"/v1/accounts/myAccountId/overdrafts\"\n }\n}", "x-definition-type": "Hal" }, "TransactionsLinks": { "required": [ "self" ], "type": "object", "properties": { "self": { "$ref": "#/components/schemas/GenericLink" }, "parent-list": { "$ref": "#/components/schemas/GenericLink" }, "owners": { "$ref": "#/components/schemas/GenericLink" }, "balances": { "$ref": "#/components/schemas/GenericLink" }, "overdrafts": { "$ref": "#/components/schemas/GenericLink" }, "first": { "$ref": "#/components/schemas/GenericLink" }, "last": { "$ref": "#/components/schemas/GenericLink" }, "next": { "$ref": "#/components/schemas/GenericLink" }, "prev": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation when browsing transactions Information at one account level\n| Link | Description |\n| ---- | ----------- |\n| self | link to the transactions of a given account |\n| parent-list | link to the list of all available accounts |\n| owners | link to the owners identities for a given account |\n| balances | link to the balances of a given account |\n| overdrafts | link to the lists of overdrafts of a given account |\n| first | link to the first page of the transactions result |\n| last | link to the last page of the transactions result |\n| next | link to the next page of the transactions result |\n| prev | link to the previous page of the transactions result |\n", "example": "{\n \"self\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions\"\n },\n \"parent-list\" : {\n \"href\" : \"/v1/accounts\"\n },\n \"balances\" : {\n \"href\" : \"/v1/accounts/Alias1/balances\"\n },\n \"overdrafts\" : {\n \"href\" : \"/v1/accounts/Alias1/overdrafts\"\n },\n \"last\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions?page=last\"\n },\n \"next\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions?page=next\"\n }\n}", "x-definition-type": "Hal" }, "OverdraftsLinks": { "required": [ "self" ], "type": "object", "properties": { "self": { "$ref": "#/components/schemas/GenericLink" }, "parent-list": { "$ref": "#/components/schemas/GenericLink" }, "owners": { "$ref": "#/components/schemas/GenericLink" }, "balances": { "$ref": "#/components/schemas/GenericLink" }, "transactions": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation when browsing overdrafts Information at one account level\n| Link | Description |\n| ---- | ----------- |\n| self | link to the overdrafts of a given account |\n| parent-list | link to the list of all available accounts |\n| owners | link to the owners identities for a given account |\n| balances | link to the balances of a given account |\n| transactions | link to the transactions of a given account |\n", "example": "{\n \"self\" : {\n \"href\" : \"/v1/accounts/Alias1/overdrafts\"\n },\n \"parent-list\" : {\n \"href\" : \"/v1/accounts\"\n },\n \"balances\" : {\n \"href\" : \"/v1/accounts/Alias1/balances\"\n },\n \"transactions\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions\"\n }\n}", "x-definition-type": "Hal" }, "EndUserIdentityLinks": { "required": [ "self" ], "type": "object", "properties": { "self": { "$ref": "#/components/schemas/GenericLink" }, "accounts": { "$ref": "#/components/schemas/GenericLink" }, "consents": { "$ref": "#/components/schemas/GenericLink" }, "trustedBeneficiaries": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation after retrieving end-user identity\n| Link | Description |\n| ---- | ----------- |\n| self | link to the end-user identity |\n| accounts | link to the list of all available accounts |\n| consents | link to the consents forwarding |\n| trustedBeneficiaries | link to the list of trusted beneficiaries |\n", "example": "{\n \"self\" : {\n \"href\" : \"v1/end-user-identity\"\n },\n \"accounts\" : {\n \"href\" : \"/v1/accounts\"\n },\n \"consents\" : {\n \"href\" : \"/v1/consents\"\n },\n \"trustedBeneficiaries\" : {\n \"href\" : \"/v1/trusted-beneficiaries\"\n }\n}", "x-definition-type": "Hal" }, "BeneficiariesLinks": { "required": [ "self" ], "type": "object", "properties": { "self": { "$ref": "#/components/schemas/GenericLink" }, "accounts": { "$ref": "#/components/schemas/GenericLink" }, "consents": { "$ref": "#/components/schemas/GenericLink" }, "endUserIdentity": { "$ref": "#/components/schemas/GenericLink" }, "first": { "$ref": "#/components/schemas/GenericLink" }, "last": { "$ref": "#/components/schemas/GenericLink" }, "next": { "$ref": "#/components/schemas/GenericLink" }, "prev": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation when browsing Account Information at one account level\n| Link | Description |\n| ---- | ----------- |\n| self | link to the list of trusted beneficiaries |\n| accounts | link to the list of all available accounts |\n| consents | link to the consents forwarding |\n| endUserIdentity | link to the end-user identity |\n| first | link to the first page of the beneficiaries result |\n| last | link to the last page of the beneficiaries result |\n| next | link to the next page of the beneficiaries result |\n| prev | link to the previous page of the beneficiaries result |\n", "example": "{\n \"self\" : {\n \"href\" : \"/v1/trusted-beneficiaries\"\n },\n \"accounts\" : {\n \"href\" : \"/v1/accounts\"\n }\n}", "x-definition-type": "Hal" }, "PaymentRequestLinks": { "type": "object", "properties": { "request": { "$ref": "#/components/schemas/GenericLink" }, "confirmation": { "$ref": "#/components/schemas/GenericLink" }, "transactions": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation when having post a Payment Request in order to get the relevant status report.\n| Link | Description |\n| ---- | ----------- |\n| request | This link provides the payment-request URL for retrieving or modifying |\n| confirmation | This link shall not be provided when the confirmation was already posted. |\n| transactions | The ASPSP might choose to provide the relevant transactions of a Payment Request through a specific link |\n", "example": "{\n \"request\" : {\n \"href\" : \"/v1/payment-requests/MyPmtInfRscId\"\n },\n \"confirmation\" : {\n \"href\" : \"/v1/payment-requests/MyPmtInfRscId/confirmation\"\n }\n}", "x-definition-type": "Hal" }, "CreditTransferTransactionLinks": { "type": "object", "properties": { "self": { "$ref": "#/components/schemas/GenericLink" }, "parent": { "$ref": "#/components/schemas/GenericLink" }, "first": { "$ref": "#/components/schemas/GenericLink" }, "last": { "$ref": "#/components/schemas/GenericLink" }, "next": { "$ref": "#/components/schemas/GenericLink" }, "prev": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation when retrieving the transaction of a payment request.\n| Link | Description |\n| ---- | ----------- |\n| self | link to the transactions |\n| parent | This link shall point to the parent payment request. |\n| first | link to the first page of the transactions result |\n| last | link to the last page of the transactions result |\n| next | link to the next page of the transactions result |\n| prev | link to the previous page of the transactions result |\n", "example": "{\n \"self\": {\n \"href\": \"/v1/payment-requests/MyPmtInfRscId/creditTransfertTransactions\"\n },\n \"parent\": {\n \"href\": \"/v1/payment-requests/MyPmtInfRscId\"\n }\n}", "x-definition-type": "Hal" }, "PaymentCoverageReportLinks": { "required": [ "self" ], "type": "object", "properties": { "self": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation to post another coverage request.\n", "example": "{\n \"self\" : {\n \"href\" : \"v1/funds-confirmations\"\n }\n}", "x-definition-type": "Hal" }, "PaymentRequestResourceCreationLinks": { "type": "object", "properties": { "consentApproval": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further navigation, especially in REDIRECT approach\n| Link | Description |\n| ---- | ----------- |\n| consentApproval | URL to be used by the PISP in order to start the ASPSP authentication and consent management process |\n", "example": "{\n \"consentApproval\" : {\n \"href\" : \"https://psd2.aspsp/consent-approval\"\n }\n}", "x-definition-type": "Hal" }, "GenericIdentification": { "required": [ "identification", "schemeName" ], "type": "object", "properties": { "identification": { "maxLength": 70, "type": "string", "description": "API: Identifier\n" }, "schemeName": { "maxLength": 70, "type": "string", "description": "Name of the identification scheme.\nPossible values for the scheme name, partially based on ISO20022 external code list, are the following:\n| Code | Name | Description |\n| ---- | ---- | ----------- |\n| BANK | BankPartyIdentification | Unique and unambiguous assignment made by a specific bank or similar financial institution to identify a relationship as defined between the bank and its client. |\n| BBAN | BBANIdentifier | Basic Bank Account Number (BBAN) - identifier used nationally by financial institutions, ie, in individual countries, generally as part of a National Account Numbering Scheme(s), to uniquely identify the account of a customer. |\n| COID | CountryIdentificationCode) : Country authority given organisation identification (e.g., corporate registration number) |\n| SREN | SIREN | The SIREN number is a 9 digit code assigned by INSEE, the French National Institute for Statistics and Economic Studies, to identify an organisation in France. |\n| SRET | SIRET | The SIRET number is a 14 digit code assigned by INSEE, the French National Institute for Statistics and Economic Studies, to identify an organisation unit in France. It consists of the SIREN number, followed by a five digit classification number, to identify the local geographical unit of that entity. |\n| NIDN | NationalIdentityNumber | Number assigned by an authority to identify the national identity number of a person. |\nOther values are also permitted, for instance:\n| Code | Name | Description |\n| ---- | ---- | ----------- |\n| OAUT | OAUTH2 | OAUTH2 access token that is owned by the PISP being also an AISP and that can be used in order to identify the PSU |\n| CPAN | CardPan | Card PAN |\n| MPAN | MaskedPan | Card PAN where some digits were replaced for security reason |\n| TPAN | TokenizedPan | Token which was provided by a Token Service Provider (TSP) in order to obfuscate a real card PAN. The TSP must be identified in the issuer field |\n| TBAN | TokenizedIBAN | Token which was provided by a Token Service Provider (TSP) in order to obfuscate an IBAN. The TSP must be identified in the issuer field |\nEach implementation of the STET PSD2 API must specify in its own documentation which schemes can actually been used\n" }, "issuer": { "maxLength": 35, "type": "string", "description": "ISO20022: Entity that assigns the identification. this could a country code or any organisation name or identifier that can be recognized by both parties\n" } }, "description": "ISO20022: Unique identification of an account, a person or an organisation, as assigned by an issuer.\nAPI: The ASPSP will document which account reference type it will support.\n", "example": "{\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n}", "x-definition-type": "ISO20022", "x-generic": true }, "AccountIdentification": { "type": "object", "properties": { "workspace": { "maxLength": 32, "type": "string", "description": "Workspace to which the account is linked.\nThis workspace might be specified by the AISP when forwarding the consent on accounts.\nIf not provided, the default workspace is computed from the authentication that was used for getting the OAuth2 Access Token.\n" }, "iban": { "pattern": "^[A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30}$", "type": "string", "description": "ISO20022: International Bank Account Number (IBAN) - identification used internationally by financial institutions to uniquely identify the account of a customer.\n\nFurther specifications of the format and content of the IBAN can be found in the standard ISO 13616 \"Banking and related financial services - International Bank Account Number (IBAN)\" version 1997-10-01, or later revisions.\n" }, "other": { "$ref": "#/components/schemas/GenericIdentification" }, "currency": { "$ref": "#/components/schemas/CurrencyCode" } }, "description": "Unique and unambiguous identification for the account between the account owner and the account servicer.\nCard accounts must provide the identification of the card through the \"other\" substructure by giving, for instance, the masked PAN (MPAN).\nThe currency used for the account, when needed, can be specified through the [currency] field.\n", "example": "{\n \"workspace\": \"PRO_1\",\n \"iban\" : \"YY64COJH41059545330222956960771321\",\n \"currency\" : \"EUR\"\n}", "x-definition-type": "ISO20022", "x-generic": true }, "CurrencyCode": { "pattern": "^[A-Z]{3,3}$", "type": "string", "description": "Specifies the currency of the amount or of the account.\nA code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 \"Codes for the representation of currencies and funds\".\n", "x-definition-type": "ISO20022" }, "AmountType": { "required": [ "amount", "currency" ], "type": "object", "properties": { "amount": { "type": "number", "description": "ISO20022: Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party.\n", "format": "float" }, "currency": { "$ref": "#/components/schemas/CurrencyCode" } }, "description": "Structure aiming to embed the amount and the currency to be used.\n", "example": "{\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n}", "x-definition-type": "ISO20022", "x-generic": true }, "EquivalentAmountType": { "required": [ "amount", "currency", "currencyOfTransfer" ], "type": "object", "properties": { "amount": { "type": "number", "description": "ISO20022: Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party.\n", "format": "float" }, "currency": { "$ref": "#/components/schemas/CurrencyCode" }, "currencyOfTransfer": { "$ref": "#/components/schemas/CurrencyCode" } }, "description": "Amount of money to be moved between debtor and creditor, before deduction of charges, expressed in the currency of the debtor's account, and to be moved in a different currency.\nUsage: The first agent will convert the equivalent amount into the amount to be moved.\n", "example": "{\n \"amount\" : 140.45,\n \"currency\" : \"EUR\",\n \"currencyOfTransfer\" : \"USD\"\n}", "x-definition-type": "ISO20022" }, "ClearingSystemMemberIdentification": { "required": [ "clearingSystemId", "memberId" ], "type": "object", "properties": { "clearingSystemId": { "maxLength": 35, "type": "string", "description": "ISO20022: Specification of a pre-agreed offering between clearing agents or the channel through which the payment instruction is processed.\n" }, "memberId": { "maxLength": 35, "type": "string", "description": "ISO20022: Identification of a member of a clearing system.\n" } }, "description": "ISO20022: Information used to identify a member within a clearing system.\nAPI: to be used for some specific international credit transfers in order to identify the beneficiary bank\n", "example": "{\n \"clearingSystemId\" : \"NZNCC\",\n \"memberId\" : \"020368\"\n}", "x-definition-type": "ISO20022" }, "FinancialInstitutionIdentification": { "required": [ "bicFi" ], "type": "object", "properties": { "bicFi": { "pattern": "^[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}$", "type": "string", "description": "ISO20022: Code allocated to a financial institution by the ISO 9362 Registration Authority as described in ISO 9362 \"Banking - Banking telecommunication messages - Business identification code (BIC)\".\n" }, "clearingSystemMemberId": { "$ref": "#/components/schemas/ClearingSystemMemberIdentification" }, "lei": { "$ref": "#/components/schemas/LeiIdentification" }, "name": { "maxLength": 140, "type": "string", "description": "Name of the financial institution" }, "postalAddress": { "$ref": "#/components/schemas/PostalAddress" } }, "description": "ISO20022: Unique and unambiguous identification of a financial institution, as assigned under an internationally recognised or proprietary identification scheme.\n", "example": "{\n \"bicFi\" : \"BNKAFRPPXXX\"\n}", "x-definition-type": "ISO20022", "x-generic": true }, "PostalAddress": { "required": [ "country" ], "type": "object", "properties": { "addressType": { "type": "string", "description": "ISO20022: Identifies the nature of the postal address.\nAPI: Cannot be used for SEPA payments. Proprietary codes can be specified and documented if needed.\n| Code | Name | Description |\n| ---- | ---- | ----------- |\n| BIZZ | Business | Address is the business address |\n| DLVY | Delivery | Address is the address to which delivery is to take place |\n| MLTO | Mail To | Address is the address to which mail is sent |\n| PBOX | PO Box | Address is is a postal office (PO) box |\n| ADDR | Postal | Address is the complete postal address |\n| HOME | Home | Address is the home address |\n", "enum": [ "BIZZ", "DLVY", "MLTO", "PBOX", "ADDR", "HOME" ] }, "department": { "maxLength": 70, "type": "string", "description": "ISO20022: Identification of a division of a large organisation or building.\nAPI: Cannot be used for SEPA payments.\n" }, "subDepartment": { "maxLength": 70, "type": "string", "description": "ISO20022: Identification of a sub-division of a large organisation or building.\nAPI: Cannot be used for SEPA payments.\n" }, "streetName": { "maxLength": 70, "type": "string", "description": "ISO20022: Name of a street or thoroughfare.\nAPI: Cannot be used for SEPA payments.\n" }, "buildingNumber": { "maxLength": 16, "type": "string", "description": "ISO20022: Number that identifies the position of a building on a street.\nAPI: Cannot be used for SEPA payments.\n" }, "buildingName": { "maxLength": 16, "type": "string", "description": "ISO20022: Name of the building or house.\nAPI: Cannot be used for SEPA payments.\n" }, "postCode": { "maxLength": 16, "type": "string", "description": "ISO20022: Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail.\nAPI: Cannot be used for SEPA payments.\n" }, "townName": { "maxLength": 35, "type": "string", "description": "ISO20022: Name of a built-up area, with defined boundaries, and a local government.\nAPI: Cannot be used for SEPA payments.\n" }, "countrySubDivision": { "maxLength": 35, "type": "string", "description": "ISO20022: Identifies a subdivision of a country such as state, region, county.\nAPI: Cannot be used for SEPA payments.\n" }, "country": { "pattern": "^([A-Z]{2,2})$", "type": "string", "description": "ISO20022: Country in which a person resides (the place of a person's home). In the case of a company, it is the country from which the affairs of that company are directed.\n" }, "addressLine": { "maxItems": 7, "minItems": 1, "type": "array", "description": "Unstructured address. The lines must embed zip code and town name.\nFor SEPA payments, only two address lines are allowed.\n", "items": { "maxLength": 70, "type": "string", "description": "Address line" } } }, "description": "ISO20022: Information that locates and identifies a specific address, as defined by postal services.\n", "example": "{\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n}", "x-definition-type": "ISO20022" }, "PhoneNumber": { "pattern": "^\\+[0-9]{1,3}-[0-9()+\\-]{1,30}$", "type": "string", "description": "The collection of information which identifies a specific phone or FAX number as defined by telecom services.\nIt consists of a \"+\" followed by the country code (from 1 to 3 characters) then a \"-\" and finally, any combination of numbers, \"(\", \")\", \"+\" and \"-\" (up to 30 characters).\n", "x-definition-type": "ISO20022" }, "ContactDetails": { "type": "object", "properties": { "phoneNumber": { "$ref": "#/components/schemas/PhoneNumber" }, "faxNumber": { "$ref": "#/components/schemas/PhoneNumber" }, "emailAddress": { "maxLength": 2048, "pattern": "^.+@.+$", "type": "string", "description": "email address of the contact" } }, "description": "Indicates how to contact the party.\n", "example": "{\n \"emailAddress\" : \"John.doe@john-doe.com\"\n}", "x-definition-type": "ISO20022" }, "DateAndPlaceOfBirth": { "required": [ "birthDate", "cityOfBirth", "countryOfBirth" ], "type": "object", "properties": { "birthDate": { "type": "string", "description": "Date on which a person is born.", "format": "date" }, "cityOfBirth": { "maxLength": 35, "type": "string", "description": "City where a person was born." }, "countryOfBirth": { "pattern": "^[A-Z]{2,2}$", "type": "string", "description": "Country where a person was born." } }, "description": "Date and place of birth of a person.\nThis information must be requested for detection of Fraud, Money-Laundering and Terrorism Financing in case of international payment.\n", "example": "{\n \"birthDate\" : \"1985-02-19\",\n \"cityOfBirth\" : \"Paris\",\n \"countryOfBirth\" : \"FR\"\n}", "x-definition-type": "ISO20022" }, "LeiIdentification": { "pattern": "^[A-Z0-9]{18,18}[0-9]{2,2}$", "type": "string", "description": "Legal Entity Identifier is a code allocated to a party as described in ISO 17442 \"Financial Services - Legal Entity Identifier (LEI)\".\n", "x-definition-type": "ISO20022" }, "PartyIdentification": { "required": [ "name" ], "type": "object", "properties": { "name": { "maxLength": 140, "type": "string", "description": "ISO20022: Name by which a party is known and which is usually used to identify that party.\nThe [organisationId] property allows the specification of an unique and unambiguous way to identify an organisation.\nThe [privateId] property allows the specification of an unique and unambiguous way to identify a person.\n" }, "dateAndPlaceOfBirth": { "$ref": "#/components/schemas/DateAndPlaceOfBirth" }, "postalAddress": { "$ref": "#/components/schemas/PostalAddress" }, "contactDetails": { "$ref": "#/components/schemas/ContactDetails" }, "organisationId": { "$ref": "#/components/schemas/GenericIdentification" }, "privateId": { "$ref": "#/components/schemas/GenericIdentification" }, "lei": { "$ref": "#/components/schemas/LeiIdentification" } }, "description": "API : Description of a Party which can be either a person or an organization.\n", "example": "{\n \"name\" : \"MyPreferredPisp\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n }\n}", "x-definition-type": "ISO20022", "x-generic": true }, "ResourceId": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string", "description": "API: Identifier assigned by the ASPSP for further use of the created resource through API calls.\nThe API client cannot set or modify the value of this field.\nSince this value can be exchanged between the server and the client as an URL element or for support information, it must not contain sensitive value such as personal or business data.\nHowever it is the duty of each ASPSP to perform its own risk analysis on this topic.\n", "x-definition-type": "Resources" }, "EndToEndId": { "pattern": "^([a-zA-Z0-9 /\\-?:\\()\\.,']{1,36})$", "type": "string", "description": "ISO20022: Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain.\n" }, "PaymentIdentification": { "required": [ "instructionId" ], "type": "object", "properties": { "instructionId": { "pattern": "^([a-zA-Z0-9 /\\-?:\\()\\.,']{1,36})$", "type": "string", "description": "ISO20022: Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction.\n\nAPI: Unique identification shared between the PISP and the ASPSP\n" }, "endToEndId": { "$ref": "#/components/schemas/EndToEndId" }, "uetr": { "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89ab][a-f0-9]{3}-[a-f0-9]{12}$", "type": "string", "description": "ISO20022: Universally unique identifier to provide an end-to-end reference of a payment transaction.\n" } }, "description": "ISO20022: Set of elements used to reference a payment instruction.\n", "example": "{\n \"resourceId\" : \"MyInstrRscId1\",\n \"instructionId\" : \"MyInstrId1\",\n \"endToEndId\" : \"MyEndToEndId1\"\n}", "x-definition-type": "ISO20022" }, "PriorityCode": { "type": "string", "description": "ISO20022: Indicator of the urgency or order of importance that the instructing party would like the instructed party to apply to the processing of the instruction.\nAPI: This field is useless for SCTInst and thus should be ignored.\n", "enum": [ "HIGH", "NORM" ], "x-definition-type": "ISO20022" }, "CategoryPurposeCode": { "type": "string", "description": "ISO20022: Specifies the high level purpose of the instruction based on a set of pre-defined categories. This is used by the initiating party to provide information concerning the processing of the payment. It is likely to trigger special processing by any of the agents involved in the payment chain.\nAPI: The following values are allowed:\n| Code | Name | Description |\n| ---- | ---- | ---------- |\n| CASH | CashManagementTransfer | Transaction is a general cash management instruction. |\n| CORT | TradeSettlementPayment | Transaction is related to settlement of a trade, e.g. a foreign exchange deal or a securities transaction. |\n| DVPM | DeliverAgainstPayment | Code used to pre-advise the account servicer of a forthcoming deliver against payment instruction. |\n| INTC | IntraCompanyPayment | Transaction is an intra-company payment, i.e. a payment between two companies belonging to the same group. |\n| SALA | SalaryPayment | Transaction is the payment of salaries. |\n| TREA | TreasuryPayment | Transaction is related to treasury operations. E.g. financial contract settlement. |\n", "enum": [ "CASH", "CORT", "DVPM", "INTC", "TREA", "SALA" ], "x-definition-type": "ISO20022" }, "ServiceLevelCode": { "type": "string", "description": "ISO20022: Agreement under which or rules under which the transaction should be processed. Specifies a pre-agreed service or level of service between the parties, as published in an external service level code list.\nAPI: Only \"SEPA\" (SEPA Credit Transfer) value is allowed\n", "enum": [ "SEPA" ], "x-definition-type": "ISO20022" }, "LocalInstrumentCode": { "type": "string", "description": "ISO20022: User community specific instrument.\nUsage: This element is used to specify a local instrument, local clearing option and/or further qualify the service or service level.\nAPI: \"INST\" value is to be used in order to ask for an SEPA instant Payment (SCTInst).\nFor International payments, this field may be valued with one of the ISO20022 external code to specify which payment instrument should be used by the creditor's bank.\n", "x-definition-type": "ISO20022" }, "PaymentTypeInformation": { "type": "object", "properties": { "instructionPriority": { "$ref": "#/components/schemas/PriorityCode" }, "serviceLevel": { "$ref": "#/components/schemas/ServiceLevelCode" }, "localInstrument": { "$ref": "#/components/schemas/LocalInstrumentCode" }, "categoryPurpose": { "$ref": "#/components/schemas/CategoryPurposeCode" } }, "description": "ISO20022: Set of elements used to further specify the type of transaction.\n", "example": "{\n \"serviceLevel\" : \"SEPA\",\n \"localInstrument\" : \"INST\",\n \"categoryPurpose\" : \"CASH\"\n}", "x-definition-type": "ISO20022" }, "PurposeCode": { "type": "string", "description": "ISO20022: Underlying reason for the payment transaction, as published in an external purpose code list.\nAPI: The following values are allowed for Payment Request\n| Code | Name | Description |\n| ---- | ---- | ---------- |\n| ACCT | AccountManagement | Funds moved between 2 accounts of same account holder at the same bank) |\n| CASH | CashManagementTransfer | (general cash management instruction) may be used for Transfer Initiation |\n| COMC | CommercialPayment | Transaction is related to a payment of commercial credit or debit. |\n| CPKC | CarparkCharges | General Carpark Charges Transaction is related to carpark charges. |\n| SALA | SalaryPayment | Transaction is the payment of salaries. |\n| TRPT | RoadPricing | Transport RoadPricing Transaction is for the payment to top-up pre-paid card and electronic road pricing for the purpose of transportation. |\n", "enum": [ "ACCT", "CASH", "COMC", "CPKC", "TRPT", "SALA" ], "x-definition-type": "ISO20022" }, "ChargeBearerCode": { "type": "string", "description": "ISO20022: Specifies which party/parties will bear the charges associated with the processing of the payment transaction.\nThe following values are allowed:\n| Code | Name | Description |\n| ---- | ---- | ---------- |\n| DEBT | BorneByDebtor | All transaction charges are to be borne by the debtor. |\n| CRED | BorneByCreditor | All transaction charges are to be borne by the creditor. |\n| SHAR | Shared | In a credit transfer context, means that transaction charges on the sender side are to be borne by the debtor, transaction charges on the receiver side are to be borne by the creditor. In a direct debit context, means that transaction charges on the sender side are to be borne by the creditor, transaction charges on the receiver side are to be borne by the debtor. |\n| SLEV | FollowingServiceLevel | Charges are to be applied following the rules agreed in the service level and/or scheme. |\n", "enum": [ "DEBT", "CRED", "SHAR", "SLEV" ], "x-definition-type": "ISO20022" }, "CodeAndIssuer": { "required": [ "code" ], "type": "object", "properties": { "code": { "maxLength": 4, "type": "string", "description": "Provides the code." }, "issuer": { "maxLength": 35, "type": "string", "description": "Identification of the issuer of the code." } }, "description": "Specifies a code and the issuer of this code.\n", "example": "{\n \"code\" : \"CD01\",\n \"issuer\" : \"MyIssuer\"\n}", "x-definition-type": "ISO20022" }, "DocumentLineIdentification": { "type": "object", "properties": { "type": { "$ref": "#/components/schemas/CodeAndIssuer" }, "number": { "maxLength": 35, "type": "string", "description": "Unique and unambiguous identification of the referred document line." }, "relatedDate": { "type": "string", "description": "Date associated with the referred document line.", "format": "date" } }, "description": "Provides identification of the document line.\nthe [type] property must be used for specifying the type of referred document type.\n", "example": "{\n \"type\" : {\n \"code\" : \"CD01\",\n \"issuer\" : \"MyIssuer\"\n },\n \"number\" : \"1\",\n \"relatedDate\" : \"2020-02-09\"\n}", "x-definition-type": "ISO20022" }, "TypedAmount": { "required": [ "amount" ], "type": "object", "properties": { "type": { "maxLength": 35, "type": "string", "description": "Type of the amount" }, "amount": { "$ref": "#/components/schemas/AmountType" } }, "description": "ISO20022: Typed Amount\nAPI: Amounts must always be set as positive values.\n", "example": "{\n \"type\" : \"CHRG\",\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n}", "x-definition-type": "ISO20022" }, "DocumentAdjustment": { "required": [ "amount" ], "type": "object", "properties": { "amount": { "$ref": "#/components/schemas/AmountType" }, "creditDebitIndicator": { "$ref": "#/components/schemas/CreditDebitIndicator" }, "reason": { "maxLength": 4, "type": "string", "description": "Specifies the reason for the adjustment." }, "additionalInformation": { "maxLength": 140, "type": "string", "description": "Provides further details on the document adjustment." } }, "description": "ISO20022: Specifies detailed information on the amount and reason of the adjustment.\nAPI: Amounts must always be set as positive values.\n", "example": "{\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n },\n \"creditDebitIndicator\" : \"CRDT\",\n \"reason\" : \"RFND\",\n \"additionalInformation\" : \"Some comment\"\n}", "x-definition-type": "ISO20022" }, "RemittanceAmount": { "type": "object", "properties": { "duePayableAmount": { "$ref": "#/components/schemas/AmountType" }, "discountAppliedAmount": { "$ref": "#/components/schemas/TypedAmount" }, "creditNoteAmount": { "$ref": "#/components/schemas/AmountType" }, "taxAmount": { "$ref": "#/components/schemas/TypedAmount" }, "adjustmentAmountAndReason": { "$ref": "#/components/schemas/DocumentAdjustment" }, "remittedAmount": { "$ref": "#/components/schemas/AmountType" } }, "description": "ISO20022: Provides details on the amounts of the document line.\nAPI: Amounts must always be set as positive values.\n| Property | Description |\n| -------- | ----------- |\n| duePayableAmount | Amount specified is the exact amount due and payable to the creditor. |\n| discountAppliedAmount | Amount of discount to be applied to the amount due and payable to the creditor. |\n| creditNoteAmount | Amount of a credit note. |\n| taxAmount | Amount of the tax. |\n| adjustmentAmountAndReason | Specifies detailed information on the amount and reason of the adjustment. |\n| remittedAmount | Amount of money remitted. |\n", "example": "{\n \"remittedAmount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n}", "x-definition-type": "ISO20022" }, "LineDetail": { "type": "object", "properties": { "identification": { "$ref": "#/components/schemas/DocumentLineIdentification" }, "description": { "maxLength": 2048, "type": "string", "description": "Description associated with the document line." }, "amount": { "$ref": "#/components/schemas/RemittanceAmount" } }, "description": "Set of elements used to provide the content of the referred document line.", "example": "{\n \"identification\" : {\n \"type\" : {\n \"code\" : \"CD01\",\n \"issuer\" : \"MyIssuer\"\n },\n \"number\" : \"1\",\n \"relatedDate\" : \"2020-02-09\"\n },\n \"description\" : \"Some comments\",\n \"amount\" : {\n \"remittedAmount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n }\n}", "x-definition-type": "ISO20022" }, "ReferredDocumentInformation": { "type": "object", "properties": { "type": { "$ref": "#/components/schemas/CodeAndIssuer" }, "number": { "maxLength": 35, "type": "string", "description": "Unique and unambiguous identification of the referred document." }, "relatedDate": { "type": "string", "description": "Date associated with the referred document.", "format": "date" }, "lineDetails": { "minItems": 1, "type": "array", "description": "Sets of elements used to provide the content of the referred document line.", "items": { "$ref": "#/components/schemas/LineDetail" } } }, "description": "Provides the identification and the content of the referred document.", "example": "{\n \"type\" : {\n \"code\" : \"CD01\",\n \"issuer\" : \"MyIssuer\"\n },\n \"number\" : \"1\",\n \"relatedDate\" : \"2020-02-19\",\n \"lineDetails\" : [ {\n \"amount\" : {\n \"remittedAmount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n }\n } ]\n}", "x-definition-type": "ISO20022" }, "ReferredDocumentInformations": { "minItems": 1, "type": "array", "description": "Provides the identification and the content of the referred documents.\n", "items": { "$ref": "#/components/schemas/ReferredDocumentInformation" }, "x-definition-type": "ISO20022" }, "CreditorReferenceInformation": { "type": "object", "properties": { "type": { "$ref": "#/components/schemas/CodeAndIssuer" }, "reference": { "maxLength": 35, "type": "string", "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction." } }, "description": "Reference information provided by the creditor to allow the identification of the underlying documents.", "example": "{\n \"type\" : {\n \"code\" : \"CD01\",\n \"issuer\" : \"MyIssuer\"\n },\n \"reference\" : \"CredRef56FH6\"\n}", "x-definition-type": "ISO20022" }, "TitleAndName": { "type": "object", "properties": { "title": { "maxLength": 35, "type": "string", "description": "Title or position of the party or the party's authorised reprensentative." }, "name": { "maxLength": 140, "type": "string", "description": "Name of the party or the party's authorised reprensentative." } }, "description": "Title and Name of the party or the party's authorised reprensentative.", "example": "{\n \"title\" : \"M.\",\n \"name\" : \"John Doe\"\n}", "x-definition-type": "ISO20022" }, "TaxParty": { "type": "object", "properties": { "taxIdentification": { "maxLength": 35, "type": "string", "description": "Tax identification number of the party." }, "registrationIdentification": { "maxLength": 35, "type": "string", "description": "Unique identification, as assigned by an organisation, to unambiguously identify a party." }, "taxType": { "maxLength": 35, "type": "string", "description": "Type of tax payer." }, "authorisation": { "$ref": "#/components/schemas/TitleAndName" } }, "description": "Set of elements used to identify a party of the transaction to which the tax applies.\nThe [authorization] property aims to provide the details of the authorised tax paying party.\n", "example": "{\n \"taxIdentification\" : \"TaxIdHGH5445\",\n \"registrationIdentification\" : \"REGId387H\",\n \"taxType\" : \"VAT\",\n \"authorisation\" : {\n \"title\" : \"M.\",\n \"name\" : \"John Doe\"\n }\n}", "x-definition-type": "ISO20022" }, "TaxRecordPeriodCode": { "type": "string", "description": "Identification of the period related to the tax payment.\n| Code | Description |\n| ---- | ---------- |\n| MM01 | FirstMonth Tax is related to the second month of the period. |\n| MM02 | SecondMonth Tax is related to the first month of the period. |\n| MM03 | ThirdMonth Tax is related to the third month of the period. |\n| MM04 | FourthMonth Tax is related to the fourth month of the period. |\n| MM05 | FifthMonth Tax is related to the fifth month of the period. |\n| MM06 | SixthMonth Tax is related to the sixth month of the period. |\n| MM07 | SeventhMonth Tax is related to the seventh month of the period. |\n| MM08 | EighthMonth Tax is related to the eighth month of the period. |\n| MM09 | NinthMonth Tax is related to the ninth month of the period. |\n| MM10 | TenthMonth Tax is related to the tenth month of the period. |\n| MM11 | EleventhMonth Tax is related to the eleventh month of the period. |\n| MM12 | TwelfthMonth Tax is related to the twelfth month of the period. |\n| QTR1 | FirstQuarter Tax is related to the first quarter of the period. |\n| QTR2 | SecondQuarter Tax is related to the second quarter of the period. |\n| QTR3 | ThirdQuarter Tax is related to the third quarter of the period. |\n| QTR4 | FourthQuarter Tax is related to the fourth quarter of the period. |\n| HLF1 | FirstHalf Tax is related to the first half of the period. |\n| HLF2 | SecondHalf Tax is related to the second half of the period. |\n", "enum": [ "MM01", "MM02", "MM03", "MM04", "MM05", "MM06", "MM07", "MM08", "MM09", "MM10", "MM11", "MM12", "QTR1", "QTR2", "QTR3", "QTR4", "HLF1", "HLF2" ], "x-definition-type": "ISO20022" }, "TaxPeriod": { "type": "object", "properties": { "year": { "pattern": "^[0-9]{4,4}$", "type": "string", "description": "Year related to the tax payment." }, "type": { "$ref": "#/components/schemas/TaxRecordPeriodCode" }, "fromDate": { "type": "string", "description": "Start date of the range.", "format": "date" }, "toDate": { "type": "string", "description": "End date of the range.", "format": "date" } }, "description": "Set of elements used to provide details on the period of time related to the tax payment.\nThe [type] property aims to identify the period related to the tax payment.\n", "example": "{\n \"year\" : \"2020\",\n \"type\" : \"QTR4\",\n \"fromDate\" : \"2019-10-01\",\n \"toDate\" : \"2020-01-01\"\n}", "x-definition-type": "ISO20022" }, "PercentageRate": { "type": "number", "description": "Rate expressed as a percentage, ie, in hundredths, eg, 0.7 is 7/10 of a percent, and 7.0 is 7%.", "format": "float", "x-definition-type": "ISO20022" }, "TaxRecordDetails": { "required": [ "amount" ], "type": "object", "properties": { "period": { "$ref": "#/components/schemas/TaxPeriod" }, "amount": { "$ref": "#/components/schemas/AmountType" } }, "description": "ISO20022: Elements used to provide details on the tax period and amount.\nAPI: Amounts must always be set as positive values.\n| Property | Description |\n| -------- | ----------- |\n| period | Set of elements used to provide details on the period of time related to the tax payment. |\n| amount | Underlying tax amount related to the specified period. |\n", "example": "{\n \"period\" : {\n \"year\" : \"2020\",\n \"type\" : \"QTR4\",\n \"fromDate\" : \"2019-10-01\",\n \"toDate\" : \"2020-01-01\"\n },\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n}", "x-definition-type": "ISO20022" }, "TaxAmount": { "type": "object", "properties": { "rate": { "$ref": "#/components/schemas/PercentageRate" }, "taxableBaseAmount": { "$ref": "#/components/schemas/AmountType" }, "totalAmount": { "$ref": "#/components/schemas/AmountType" }, "details": { "minItems": 1, "type": "array", "description": "Set of elements used to provide details on the tax period and amount.", "items": { "$ref": "#/components/schemas/TaxRecordDetails" } } }, "description": "ISO20022: Set of elements used to provide information on the amount of the tax record.\nAPI: Amounts must always be set as positive values.\n| Property | Description |\n| -------- | ----------- |\n| rate | Rate used to calculate the tax. |\n| taxableBaseAmount | Amount of money on which the tax is based. |\n| totalAmount | Total amount that is the result of the calculation of the tax for the record. |\n| details | Set of elements used to provide details on the tax period and amount. |\n", "example": "{\n \"details\" : [ {\n \"period\" : {\n \"year\" : \"2020\",\n \"type\" : \"QTR4\",\n \"fromDate\" : \"2019-10-01\",\n \"toDate\" : \"2020-01-01\"\n },\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n } ]\n}", "x-definition-type": "ISO20022" }, "TaxRecord": { "type": "object", "properties": { "type": { "maxLength": 35, "type": "string", "description": "High level code to identify the type of tax details." }, "category": { "maxLength": 35, "type": "string", "description": "Specifies the tax code as published by the tax authority." }, "categoryDetails": { "maxLength": 35, "type": "string", "description": "Provides further details of the category tax code." }, "debtorStatus": { "maxLength": 35, "type": "string", "description": "Code provided by local authority to identify the status of the party that has drawn up the settlement document." }, "certificateIdentification": { "maxLength": 35, "type": "string", "description": "Identification number of the tax report as assigned by the taxing authority." }, "formsCode": { "maxLength": 35, "type": "string", "description": "Identifies, in a coded form, on which template the tax report is to be provided." }, "period": { "$ref": "#/components/schemas/TaxPeriod" }, "taxAmount": { "$ref": "#/components/schemas/TaxAmount" }, "additionalInformation": { "maxLength": 140, "type": "string", "description": "Further details of the tax record." } }, "description": "Record of tax details\nthe [period] property embbeds the set of elements used to provide details on the period of time related to the tax payment.\nthe [amount] property embbeds the set of elements used to provide information on the amount of the tax record.\n", "example": "{\n \"type\" : \"NationalTax\",\n \"category\" : \"VAT\",\n \"categoryDetails\" : \"VAT02\",\n \"debtorStatus\" : \"Valid\",\n \"certificateIdentification\" : \"CertId56RD\",\n \"formsCode\" : \"FormHJH7\",\n \"period\" : {\n \"year\" : \"2020\",\n \"type\" : \"QTR4\",\n \"fromDate\" : \"2019-10-01\",\n \"toDate\" : \"2020-01-01\"\n },\n \"taxAmount\" : {\n \"details\" : [ {\n \"period\" : {\n \"year\" : \"2020\",\n \"type\" : \"QTR4\",\n \"fromDate\" : \"2019-10-01\",\n \"toDate\" : \"2020-01-01\"\n },\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n } ]\n },\n \"additionalInformation\" : \"Some comment\"\n}", "x-definition-type": "ISO20022" }, "TaxInformation": { "type": "object", "properties": { "creditor": { "$ref": "#/components/schemas/TaxParty" }, "debtor": { "$ref": "#/components/schemas/TaxParty" }, "ultimateDebtor": { "$ref": "#/components/schemas/TaxParty" }, "administrationZone": { "maxLength": 35, "type": "string", "description": "Territorial part of a country to which the tax payment is related." }, "referenceNumber": { "maxLength": 140, "type": "string", "description": "Tax reference information that is specific to a taxing agency." }, "method": { "maxLength": 35, "type": "string", "description": "Method used to indicate the underlying business or how the tax is paid." }, "totalTaxableBaseAmount": { "$ref": "#/components/schemas/AmountType" }, "totalTaxAmount": { "$ref": "#/components/schemas/AmountType" }, "date": { "type": "string", "description": "Date by which tax is due.", "format": "date" }, "sequenceNumber": { "type": "integer", "description": "Sequential number of the tax report.", "format": "int32" }, "record": { "minItems": 1, "type": "array", "description": "Records of tax details", "items": { "$ref": "#/components/schemas/TaxRecord" } } }, "description": "ISO20022: Details about tax paid, or to be paid, to the government in accordance with the law, including pre-defined parameters such as thresholds and type of account.\nAPI: Amounts must always be set as positive values.\nThe [totalTaxableBaseAmount] property indicates the total amount of money on which the tax is based.\nThe [totalTaxAmount] property indicates the total amount of money as result of the calculation of the tax.\n", "example": "{\n \"creditor\" : {\n \"taxIdentification\" : \"TaxIdHGH5445\",\n \"registrationIdentification\" : \"REGId387H\",\n \"taxType\" : \"VAT\",\n \"authorisation\" : {\n \"title\" : \"M.\",\n \"name\" : \"John Doe\"\n }\n },\n \"debtor\" : {\n \"taxIdentification\" : \"TaxIdHGH5445\",\n \"registrationIdentification\" : \"REGId387H\",\n \"taxType\" : \"VAT\",\n \"authorisation\" : {\n \"title\" : \"M.\",\n \"name\" : \"John Doe\"\n }\n },\n \"administrationZone\" : \"FR\",\n \"method\" : \"CT\",\n \"date\" : \"2020-02-19\",\n \"record\" : [ {\n \"type\" : \"NationalTax\",\n \"category\" : \"VAT\",\n \"categoryDetails\" : \"VAT02\",\n \"debtorStatus\" : \"Valid\",\n \"certificateIdentification\" : \"CertId56RD\",\n \"formsCode\" : \"FormHJH7\",\n \"period\" : {\n \"year\" : \"2020\",\n \"type\" : \"QTR4\",\n \"fromDate\" : \"2019-10-01\",\n \"toDate\" : \"2020-01-01\"\n },\n \"taxAmount\" : {\n \"details\" : [ {\n \"period\" : {\n \"year\" : \"2020\",\n \"type\" : \"QTR4\",\n \"fromDate\" : \"2019-10-01\",\n \"toDate\" : \"2020-01-01\"\n },\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n } ]\n },\n \"additionalInformation\" : \"Some comment\"\n } ]\n}", "x-definition-type": "ISO20022" }, "StructuredRemittanceInformation": { "type": "object", "properties": { "referredDocumentInformation": { "$ref": "#/components/schemas/ReferredDocumentInformations" }, "referredDocumentAmount": { "$ref": "#/components/schemas/RemittanceAmount" }, "creditorReferenceInformation": { "$ref": "#/components/schemas/CreditorReferenceInformation" }, "invoicer": { "$ref": "#/components/schemas/PartyIdentification" }, "invoicee": { "$ref": "#/components/schemas/PartyIdentification" }, "taxRemittance": { "$ref": "#/components/schemas/TaxInformation" } }, "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in a structured form.\n", "example": "{\n \"referredDocumentInformation\" : [ {\n \"type\" : {\n \"code\" : \"CD01\",\n \"issuer\" : \"MyIssuer\"\n },\n \"number\" : \"1\",\n \"relatedDate\" : \"2020-02-19\",\n \"lineDetails\" : [ {\n \"amount\" : {\n \"remittedAmount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n }\n } ]\n } ],\n \"referredDocumentAmount\" : {\n \"remittedAmount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n },\n \"creditorReferenceInformation\" : {\n \"type\" : {\n \"code\" : \"CD01\",\n \"issuer\" : \"MyIssuer\"\n },\n \"reference\" : \"CredRef56FH6\"\n },\n \"invoicee\" : {\n \"name\" : \"MyPreferredPisp\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n }\n },\n \"taxRemittance\" : {\n \"creditor\" : {\n \"taxIdentification\" : \"TaxIdHGH5445\",\n \"registrationIdentification\" : \"REGId387H\",\n \"taxType\" : \"VAT\",\n \"authorisation\" : {\n \"title\" : \"M.\",\n \"name\" : \"John Doe\"\n }\n },\n \"debtor\" : {\n \"taxIdentification\" : \"TaxIdHGH5445\",\n \"registrationIdentification\" : \"REGId387H\",\n \"taxType\" : \"VAT\",\n \"authorisation\" : {\n \"title\" : \"M.\",\n \"name\" : \"John Doe\"\n }\n },\n \"administrationZone\" : \"FR\",\n \"method\" : \"CT\",\n \"date\" : \"2020-02-19\",\n \"record\" : [ {\n \"type\" : \"NationalTax\",\n \"category\" : \"VAT\",\n \"categoryDetails\" : \"VAT02\",\n \"debtorStatus\" : \"Valid\",\n \"certificateIdentification\" : \"CertId56RD\",\n \"formsCode\" : \"FormHJH7\",\n \"period\" : {\n \"year\" : \"2020\",\n \"type\" : \"QTR4\",\n \"fromDate\" : \"2019-10-01\",\n \"toDate\" : \"2020-01-01\"\n },\n \"taxAmount\" : {\n \"details\" : [ {\n \"period\" : {\n \"year\" : \"2020\",\n \"type\" : \"QTR4\",\n \"fromDate\" : \"2019-10-01\",\n \"toDate\" : \"2020-01-01\"\n },\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n } ]\n },\n \"additionalInformation\" : \"Some comment\"\n } ]\n }\n}", "x-definition-type": "ISO20022", "x-generic": true }, "RemittanceInformation": { "type": "object", "properties": { "unstructured": { "minItems": 1, "type": "array", "description": "Unstructured remittance information.\nEach implementation may add a pattern in order to specify its own character set constraints.\n", "items": { "title": "remittanceLine", "maxLength": 140, "type": "string", "description": "Relevant information to the transaction" } }, "structured": { "minItems": 1, "type": "array", "description": "Structured remittance information", "items": { "$ref": "#/components/schemas/StructuredRemittanceInformation" } } }, "description": "ISO20022: Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system.\nAPI:\n- Only one occurrence of the unstructured information is allowed.\n- Only one occurrence of the structured information is allowed.\n- Structured and unstructured information can coexist.\n", "example": "{\n \"unstructured\" : [ \"MyRemittanceInformation\" ]\n}", "x-definition-type": "ISO20022" }, "PaymentInformationStatusCode": { "type": "string", "description": "ISO20022: Specifies the status of the payment information.\nAPI: Mandatory. The following values are allowed to provide the status of the Payment Request\n| Code | Name | Description |\n| ---- | ---- | ---------- |\n| ACCO | AcceptedCustomerCOnfirmed | The customer, during his/her authentication, has confirmed the payment request. |\n| ACCP | AcceptedCustomerProfile | Preceding check of technical validation was successful. Customer profile check was also successful. |\n| ACSC | AcceptedSettlementCompleted | Settlement on the debtor's account was completed. In the case of SCTInst, this status must not been set by the debtor's Bank before the reception of the positive confirmation. |\n| ACSP | AcceptedSettlementInProcess | All preceding checks such as technical validation and customer profile were successful. Dynamic risk assessment is now also successful and therefore the Payment Request was accepted for execution. |\n| ACTC | AcceptedTechnicalValidation | Authentication and syntactical and semantical validation are successful. |\n| ACWC | AcceptedWithChange | Instruction is accepted but a change will be made, such as date or remittance not sent. |\n| ACWP | AcceptedWithoutPosting | Payment instruction included in the credit transfer is accepted without being posted to the creditor customer's account. |\n| CANC | Cancelled | Payment initiation was successfully cancelled after having received a request for cancellation. |\n| PART | PartiallyAccepted | A number of transactions were accepted, whereas another number of transactions have not yet achieved 'accepted' status. |\n| PATC | PartiallyAcceptedTechnicalCorrect | Payment initiation needs multiple authentications, where some but not yet all were performed. Syntactical and semantical validations are successful. |\n| RCVD | Received | Payment initiation was received by the receiving agent. |\n| PDNG | Pending | Payment request or individual transaction included in the Payment Request is pending. Further checks and status update will be performed. |\n| RJCT | Rejected | Payment request was rejected. |\n![](https://www.stet.eu//assets/files/documents-api/payment-request-status-1-4-2.png)\n", "enum": [ "ACCP", "ACSC", "ACSP", "ACTC", "ACWC", "ACWP", "CANC", "PART", "RCVD", "PDNG", "RJCT", "ACCO" ], "x-definition-type": "ISO20022", "x-generic": true }, "TransactionIndividualStatusCode": { "type": "string", "description": "ISO20022: Specifies the status of the payment information group.\n\nAPI: Only the following values are allowed to provide the status of the subsequent CREDIT TRANSFER to the Payment Request\n| Code | Name | Description |\n| ---- | ---- | ---------- |\n| ACSC | AcceptedSettlementCompleted | Settlement on the debtor's account was completed. In the case of SCTInst, this status must not been set by the debtor's Bank before the reception of the positive confirmation. The transaction cannot be cancelled. |\n| ACSP | AcceptedSettlementInProcess | All preceding checks such as technical validation and customer profile were successful and therefore the Payment Request was accepted for execution. The transaction cannot be cancelled. |\n| ACTC | AcceptedTechnicalValidation | Authentication and syntactical and semantical validation are successful. The transaction might be cancelled. |\n| CANC | Cancelled | Payment initiation was successfully cancelled after having received a request for cancellation. |\n| PDNG | Pending | Payment request or individual transaction included in the Payment Request is pending. Further checks and status update will be performed. The transaction might be cancelled. |\n| RJCT | Rejected | Payment request or individual transaction included in the Payment Request was rejected. |\n![](https://www.stet.eu//assets/files/documents-api/transaction-status-1-4-2.png)\n", "enum": [ "ACSC", "ACSP", "ACTC", "CANC", "PDNG", "RJCT" ], "x-definition-type": "ISO20022", "x-generic": true }, "StatusReasonInformation": { "type": "string", "description": "ISO20022: Provides detailed information on the status reason.\n\nAPI: Can only be used in case the status is equal to \"RJCT\" or \"CANC\". Only the following values are allowed:\n| Code | Name | Description |\n| ---- | ---- | ---------- |\n| AC01 | IncorectAccountNumber | the account number is either invalid or does not exist |\n| AC04 | ClosedAccountNumber | the account is closed and cannot be used |\n| AC06 | BlockedAccount | the account is blocked and cannot be used |\n| AG01 | TransactionForbidden | Transaction forbidden on this type of account |\n| AG03 | TransactionNotSupported | Transaction type not supported/authorized on this account |\n| AM02 | NotAllowedAccount | SPecific transaction/message amount is greater than allowed maximum |\n| AM04 | InsufficientFunds | Amount of funds available to cover specified message amount is insufficient |\n| AM18 | InvalidNumberOfTransactions | the number of transactions exceeds the ASPSP acceptance limit |\n| CH03 | RequestedExecutionDateOrRequestedCollectionDateTooFarInFuture | The requested execution date is too far in the future |\n| CH04 | RequestedExecutionDateOrRequestedCollectionDateTooFarInPast | Value in Requested Execution Date or Requested Collection Date is too far in the past |\n| CNOR | CreditorBankIsNotRegistered | Creditor bank is not registered under this BIC in the CSM |\n| CUST | RequestedByCustomer | The reject is due to the debtor: refusal or lack of liquidity |\n| DS02 | OrderCancelled | An authorized user has cancelled the order |\n| DUPL | DuplicatePayment | Payment is a duplicate of another payment. Can only be set by a PISP for a payment request cancellation. |\n| FF01 | InvalidFileFormat | The reject is due to the original Payment Request which is invalid (syntax, structure or values) |\n| FRAD | FraudulentOriginated | the Payment Request is considered as fraudulent |\n| MS03 | NotSpecifiedReasonAgentGenerated | No reason specified by the ASPSP |\n| NOAS | NoAnswerFromCustomer | The PSU has neither accepted nor rejected the Payment Request and a time-out has occurred |\n| RR01 | MissingDebtorAccountOrIdentification | The Debtor account and/or Identification are missing or inconsistent |\n| RR03 | MissingCreditorNameOrAddress | Specification of the creditor's name and/or address needed for regulatory requirements is insufficient or missing. |\n| RR04 | RegulatoryReason | Reject from regulatory reason |\n| RR12 | InvalidPartyID | Invalid or missing identification required within a particular country or payment type. |\n| TECH | TechnicalProblem | Technical problems resulting in an erroneous transaction. Can only be set by a PISP for a payment request cancellation. |\n", "enum": [ "AC01", "AC04", "AC06", "AG01", "AG03", "AM18", "CH03", "CUST", "DS02", "DUPL", "FF01", "FRAD", "MS03", "NOAS", "RR01", "RR03", "RR04", "RR12", "CNOR", "CH04", "AM04", "AM02" ], "x-comments": [ "Modified for CR523 (Add a reason for insufficient funds)", "Modified for CR522 (Add a reason code in order to explain that the transaction amount is over the maximal allowed amount)" ], "x-definition-type": "ISO20022", "x-generic": true }, "RegulatoryReportingCode": { "maxLength": 10, "type": "string", "description": "Information needed due to regulatory and statutory requirements.\nEconomical codes to be used are provided by the National Competent Authority\n", "x-definition-type": "ISO20022" }, "RegulatoryReportingCodes": { "maxItems": 10, "minItems": 1, "type": "array", "description": "List of needed regulatory reporting codes for international payments\n", "items": { "$ref": "#/components/schemas/RegulatoryReportingCode" }, "x-definition-type": "ISO20022" }, "RequestedExecutionDate": { "type": "string", "description": "ISO20022: Date at which the initiating party requests the clearing agent to process the payment.\nAPI:\nWhen set by the PISP, this field indicates the future date at which the payment instruction should be executed and the debtor account should be debited.\nif this field is not set by the PISP, the ASPSP is requested to execute the payment instruction as soon as possible.\nIn most of the cases, especially for international payments, the date of the credit on the credit account cannot be set. Only SCTInst can guarantee having the same date for this credit.\nWhen the payment cannot be processed at the requested date, the ASPSP is allowed to shift the applied execution date to the next possible execution date for non-standing orders.\nFor standing orders, this field is useless since the [startDate] parameter already provides the needed information for the first payment instruction to be executed.\n", "format": "date-time", "x-definition-type": "ISO20022" }, "StartDate": { "type": "string", "description": "The first applicable day of execution for a given period.\n", "format": "date-time", "x-definition-type": "ISO20022" }, "EndDate": { "type": "string", "description": "The last applicable day of execution for a given period.\nIf not given, the period is considered as endless.\n", "format": "date-time", "x-definition-type": "ISO20022" }, "ExecutionRule": { "type": "string", "description": "Execution date shifting rule for standing orders\nThis data attribute defines the behaviour when recurring payment dates falls on a weekend or bank holiday.\nThe payment is then executed either the \"preceding\" or \"following\" working day.\nASPSP might reject the request due to the communicated value, if rules in Online-Banking are not supporting\nthis execution rule.\n| Code | Description |\n| ---- | ----------- |\n| FWNG | following |\n| PREC | preceding |\n", "enum": [ "FWNG", "PREC" ], "x-definition-type": "ISO20022" }, "FrequencyCode": { "type": "string", "description": "Frequency rule for standing orders.\nThe following codes from the \"EventFrequency7Code\" of ISO 20022 are supported.\n| Code | Description |\n| ---- | ----------- |\n| DAIL | Daily |\n| WEEK | Weekly |\n| TOWK | EveryTwoWeeks |\n| MNTH | Monthly |\n| TOMN | EveryTwoMonths |\n| QUTR | Quarterly |\n| SEMI | SemiAnnual |\n| YEAR | Annual |\nHowever, each ASPSP might restrict these values into a subset if needed.\n", "enum": [ "DAIL", "WEEK", "TOWK", "MNTH", "TOMN", "QUTR", "SEMI", "YEAR" ], "x-definition-type": "ISO20022" }, "ExchangeRate": { "required": [ "rateType" ], "type": "object", "properties": { "unitCurrency": { "$ref": "#/components/schemas/CurrencyCode" }, "exchangeRate": { "type": "number", "description": "The factor used for conversion of an amount from one currency to another. This reflects the price at which one currency was bought with another currency.\n", "format": "float" }, "rateType": { "type": "string", "description": "Specifies the type used to complete the currency exchange.\n| Code | Name | Description |\n| ---- | ---- | ---------- |\n| SPOT | Spot | Exchange rate applied is the spot rate. |\n| SALE | Sale | Exchange rate applied is the market rate at the time of the sale. |\n| AGRD | Agreed | Exchange rate applied is the rate agreed between the parties. |\n", "enum": [ "SPOT", "SALE", "AGRD" ] }, "contractIdentification": { "maxLength": 35, "type": "string", "description": "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent." }, "estimatedPayerAmount": { "$ref": "#/components/schemas/AmountType" }, "estimatedPayeeAmount": { "$ref": "#/components/schemas/AmountType" } }, "description": "ISO20022: Provides details on the currency exchange rate and contract.\nThe [unitCurrency] property specifies the currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP.\nThe [estimatedPayerAmount] gives an estimation of the amount that will be debited on the payer's account, including transaction and change fees.\nThe [estimatedPayeeAmunt] gives an estimation of the amount that will be credited on the payee's account.\nAPI: Amounts must always be set as positive values.\n", "example": "{\n \"unitCurrency\" : \"USD\",\n \"exchangeRate\" : 1.1,\n \"rateType\" : \"AGRD\",\n \"contractIdentification\" : \"CTRCT37H8\"\n}", "x-definition-type": "ISO20022" }, "InstructionForCreditorAgent": { "type": "object", "properties": { "code": { "type": "string", "description": "Coded information related to the processing of the payment instruction, provided by the initiating party, and intended for the creditor's agent.\n| Code | Name | Description |\n| ---- | ---- | ---------- |\n| CHQB | PayCreditorByCheque | (Ultimate) creditor must be paid by cheque. |\n| HOLD | HoldCashForCreditor | Amount of money must be held for the (ultimate) creditor, who will call. Pay on identification. |\n| PHOB | PhoneBeneficiary | Please advise/contact (ultimate) creditor/claimant by phone. |\n| TELB | Telecom | Please advise/contact (ultimate) creditor/claimant by the most efficient means of telecommunication. |", "enum": [ "CHQB", "HOLD", "PHOB", "TELB" ] }, "instructionInformation": { "maxLength": 140, "type": "string", "description": "Further information complementing the coded instruction or instruction to the creditor's agent that is bilaterally agreed or specific to a user community." } }, "description": "Further information related to the processing of the payment instruction that may need to be acted upon by the creditor's agent. The instruction may relate to a level of service, or may be an instruction that has to be executed by the creditor's agent, or may be information required by the creditor's agent.\n", "example": "{\n \"code\" : \"TELB\",\n \"instructionInformation\" : \"Please contact M. John Doe\"\n}", "x-definition-type": "ISO20022" }, "IntermediaryAgent": { "type": "object", "properties": { "agent": { "$ref": "#/components/schemas/PartyIdentification" }, "agentAccount": { "$ref": "#/components/schemas/AccountIdentification" } }, "description": "Agent and agent account between the debtor's agent and the creditor's agent.", "example": "{\n \"agent\" : {\n \"name\" : \"MyPreferredPisp\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n }\n },\n \"agentAccount\" : {\n \"iban\" : \"YY64COJH41059545330222956960771321\",\n \"currency\" : \"EUR\"\n }\n}", "x-definition-type": "ISO20022" }, "StandingOrderCharacteristics": { "required": [ "executionRule", "frequency", "startDate" ], "type": "object", "properties": { "startDate": { "$ref": "#/components/schemas/StartDate" }, "endDate": { "$ref": "#/components/schemas/EndDate" }, "executionRule": { "$ref": "#/components/schemas/ExecutionRule" }, "frequency": { "$ref": "#/components/schemas/FrequencyCode" } }, "description": "Specifies the characteristics of a standing order.\n", "example": "{\n \"startDate\" : \"2020-02-24T00:00Z\",\n \"executionRule\" : \"FWNG\",\n \"frequency\" : \"MNTH\"\n}", "x-definition-type": "ISO20022" }, "CreditTransferTransactionResource": { "required": [ "beneficiary", "paymentId" ], "type": "object", "properties": { "paymentId": { "$ref": "#/components/schemas/PaymentIdentification" }, "resourceId": { "$ref": "#/components/schemas/ResourceId" }, "requestedExecutionDate": { "$ref": "#/components/schemas/RequestedExecutionDate" }, "cancellableTill": { "type": "string", "description": "This field may allow the PISP to get information on the limit timestamp for requesting cancelation of the transaction.\nWhen this field is not provided by the ASPSP, the PISP must rely on the status of the transaction [transactionStatus] in order to estimate if the transaction is actually cancellable.\n", "format": "date-time" }, "acceptanceDateTime": { "type": "string", "description": "ISO20022: Date and time at which all processing conditions for execution of the payment are met and adequate financial cover is available at the account servicing agent.\n", "format": "date-time" }, "debtorDecisionDate": { "type": "string", "description": "ISO20022: Date and time on when the debtor has accepted or rejected the request.\n", "format": "date-time" }, "appliedExecutionDate": { "type": "string", "description": "ISO20022: Date and time on when the payment was executed.\n", "format": "date-time" }, "standingOrderCharacteristics": { "$ref": "#/components/schemas/StandingOrderCharacteristics" }, "instructedAmount": { "$ref": "#/components/schemas/AmountType" }, "equivalentAmount": { "$ref": "#/components/schemas/EquivalentAmountType" }, "exchangeRateInformation": { "$ref": "#/components/schemas/ExchangeRate" }, "ultimateDebtor": { "$ref": "#/components/schemas/PartyIdentification" }, "intermediaryAgent": { "$ref": "#/components/schemas/IntermediaryAgent" }, "beneficiary": { "$ref": "#/components/schemas/Beneficiary" }, "ultimateCreditor": { "$ref": "#/components/schemas/PartyIdentification" }, "instructionForCreditorAgent": { "type": "array", "description": "Further information related to the processing of the payment instruction, provided by the initiating party, and intended for the creditor agent.", "items": { "$ref": "#/components/schemas/InstructionForCreditorAgent" } }, "purpose": { "$ref": "#/components/schemas/PurposeCode" }, "regulatoryReportingCodes": { "$ref": "#/components/schemas/RegulatoryReportingCodes" }, "remittanceInformation": { "$ref": "#/components/schemas/RemittanceInformation" }, "transactionStatus": { "$ref": "#/components/schemas/TransactionIndividualStatusCode" }, "statusReasonInformation": { "$ref": "#/components/schemas/StatusReasonInformation" }, "supplementaryData": { "$ref": "#/components/schemas/SupplementaryData" }, "investigationStatus": { "type": "boolean", "description": "Boolean indicator aiming to clarify that the relevant transaction is under dispute investigation.\n", "x-comments": [ "Added for CR496 (Add an investigation status for a payment request)" ] } }, "description": "ISO20022: Payment processes required to transfer cash from the debtor to the creditor.\nThe [instructedAmount] property indicates Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party.\n Usage: This amount has to be transported unchanged through the transaction chain.\nAPI: Amounts must always be set as positive values.\n", "example": "{\n \"paymentId\" : {\n \"instructionId\" : \"MyInstrId3\",\n \"endToEndId\" : \"MyEndToEndId3\"\n },\n \"requestedExecutionDate\" : \"2020-02-19T12:56:54.639Z\",\n \"instructedAmount\" : {\n \"amount\" : 124.35,\n \"currency\" : \"EUR\"\n },\n \"beneficiary\" : {\n \"creditor\" : {\n \"name\" : \"myMerchant\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"852126789\",\n \"schemeName\" : \"SIREN\",\n \"issuer\" : \"FR\"\n }\n },\n \"creditorAccount\" : {\n \"iban\" : \"YY64COJH41059545330222956960771321\",\n \"currency\" : \"EUR\"\n }\n },\n \"ultimateCreditor\" : {\n \"name\" : \"myPreferredUltimateMerchant\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"85212678900025\",\n \"schemeName\" : \"SIRET\",\n \"issuer\" : \"FR\"\n }\n },\n \"purpose\" : \"CASH\",\n \"remittanceInformation\" : {\n \"unstructured\" : [ \"MyRemittanceInformation\" ]\n }\n}", "x-comments": [ "Modified for CR496 (Add an investigation status for a payment request)" ], "x-definition-type": "ISO20022", "x-generic": true, "x-not-allowed-in-post": [ "transactionStatus", "statusReasonInformation", "cancellableTill", "acceptanceDateTime", "debtorDecisionDate", "appliedExecutionDate", "investigationStatus" ] }, "SupplementaryData": { "type": "object", "properties": { "acceptedAuthenticationApproach": { "$ref": "#/components/schemas/AuthenticationApproaches" }, "appliedAuthenticationApproach": { "$ref": "#/components/schemas/AuthenticationApproach" }, "appliedAuthentication": { "type": "string", "description": "Can only be set by the ASPSP.\nThis field allows the ASPSP to inform the PISP about the way authentication was processed during the payment request confirmation.\n", "enum": [ "noAuthentication", "oneFactorAuthentication", "strongAuthentication" ] }, "scaHint": { "type": "string", "description": "can only be set by the PISP\nHint given by the merchant and/or the PISP about an SCA exemption context\n", "enum": [ "noScaExemption", "scaExemption" ] }, "successfulReportUrl": { "type": "string", "description": "URL to be used by the ASPSP in order to notify the PISP of the finalisation of the authentication and consent process in REDIRECT and DECOUPLED approach\n" }, "unsuccessfulReportUrl": { "type": "string", "description": "URL to be used by the ASPSP in order to notify the PISP of the failure of the authentication and consent process in REDIRECT and DECOUPLED approach\nIf this URL is not provided by the PISP, the ASPSP will use the \"successfulReportUrl\" even in case of failure of the Payment Request processing\n" }, "nextStatusRequestHint": { "type": "string", "description": "Date and time at which the PISP is suggested to ask again for the status of the payment request.\n", "format": "date-time" }, "loginHintToken": { "type": "string", "description": "The LOGIN_HINT_TOKEN is a piece of data that may be provided to the API client by the API server, once a PSU has been identified and authenticated.\n* through a response to a token introspection request (RFC7662)\n* through a status response to a Payment Request\nThis LOGIN_HINT_TOKEN can then be sent back by the API client to the API server through the posting of a new Payment request.\nThis will help the API server to identify the relevant PSU and ease the authentication process.\n", "x-comments": [ "Added for CR530 (Providing a LOGIN_HINT_TOKEN in request/response to a payment request submission)" ] } }, "description": "ISO20022: Additional information that cannot be captured in the structured elements and/or any other specific block.\nAPI: This structure is used to embed the relevant URLs for returning the status report to the PISP and to specify which authentication approaches are accepted by the PISP and which was chosen by the ASPSP\nThe [acceptedAuthenticationApproach] property can only be set by the PISP.\n- Authentication approaches that are supported by the PISP. The PISP can provide several choices separated by commas.\n- Case of none of the accepted approaches is supported by the ASPSP, the latest will respond with HTTP400 (Bad request) and specify wich approaches are actually supported.\nThe [appliedAuthentication] will be set by the ASPSP.\n- The ASPSP, based on the authentication approaches proposed by the PISP, choose the one that it can processed, in respect with the preferences and constraints of the PSU and indicates in this field which approach was chosen.\n- It may happen that the ASPSP considers that, in case of payment cancellation request, there is no need for authentication and will then return \"NONE\".\n", "example": "{\n \"successfulReportUrl\" : \"http://myPisp/PaymentSuccess\",\n \"unsuccessfulReportUrl\" : \"http://myPisp/PaymentFailure\"\n}", "x-comments": [ "Modified for CR530 (Providing a LOGIN_HINT_TOKEN in request/response to a payment request submission)" ], "x-definition-type": "ISO20022" }, "BalanceStatus": { "type": "string", "description": "Type of balance\n| Code | Name | Description |\n| ---- | ---- | ----------- |\n| CLBD | ISO20022 ClosingBooked | Balance of the account at the end of the pre-agreed account reporting period. It is the sum of the opening booked balance at the beginning of the period and all entries booked to the account during the pre-agreed account reporting period. |\n| PRCD | ISO20022 PreviouslyClosedBooked | Balance of the account at the previously closed account reporting period. The opening booked balance for the new period has to be equal to this balance. Usage: the previously booked closing balance should equal (inclusive date) the booked closing balance of the date it references and equal the actual booked opening balance of the current date. |\n| ITAV | ISO20022 InterimAvailable | Available balance calculated in the course of the account servicer's business day, at the time specified, and subject to further changes during the business day. The interim balance is calculated on the basis of booked credit and debit items during the calculation time/period specified. |\n| XPCD | ISO20022 Expected | Balance, composed of booked entries and pending items known at the time of calculation, which projects the end of day balance if everything is booked on the account and no other entry is posted. |\n| VALU | (None) | Value-date balance |\n| OTHR | (None) | Other Balance |\n", "enum": [ "CLBD", "XPCD", "VALU", "OTHR", "PRCD", "ITAV" ], "x-definition-type": "ISO20022" }, "TransactionStatus": { "type": "string", "description": "Type of Transaction\n| Code | Name | Description |\n| ---- | ---- | ----------- |\n| BOOK | ClosingBooked | Accounted transaction |\n| PDNG | Pending | Transaction that is to be accounted and does already affect the instant balance |\n| FUTR | Future | Entry is on the books of the account servicer and value will be applied to the account owner at a future date and time. |\n| INFO | Information | Entry is only provided for information, and no booking on the account owner's account in the account servicer's ledger was performed. |\n", "enum": [ "BOOK", "PDNG", "FUTR", "INFO" ], "x-definition-type": "ISO20022" }, "BankTransactionCode": { "required": [ "domain", "family", "subFamily" ], "type": "object", "properties": { "domain": { "maxLength": 4, "type": "string", "description": "Set of elements used to provide the domain, the family and the sub-family of the bank transaction code, in a structured and hierarchical format.\n" }, "family": { "maxLength": 4, "type": "string", "description": "Specifies the family and the sub-family of the bank transaction code, within a specific domain, in a structured and hierarchical format.\n" }, "subFamily": { "maxLength": 4, "type": "string", "description": "Specifies the sub-product family within a specific family.\n" }, "code": { "maxLength": 35, "type": "string", "description": "Proprietary bank transaction code to identify the underlying transaction.\n" }, "issuer": { "maxLength": 35, "type": "string", "description": "Identification of the issuer of the proprietary bank transaction code.\n" } }, "description": "Set of elements used to fully identify the type of underlying transaction resulting in an entry.\n\nISO20022 provides a list of [possible Bank Transaction Code combinations](https://www.iso20022.org/external_code_list.page)\n\nTransaction codification might also be specified at national community level.\n\nFor instance a French Transaction codification is [available](https://www.cfonb.org/fichiers/20190913092943_Brochure_Codes_Operation_pour_restitutions_clienteles_V5_0_novembre_2018.pdf)\n\nIt applies with paragraph 2 code table using the following mapping:\n - domain must be set with \"FR\"\n - family must be set with one of the values that are provided in the [code Famille] column (e.g. \"OPCA\")\n - subFamily must be set with one of the values that are provided in the [code operation] column (e.g. \"05\")\n - code might be set with a proprietary transaction code that must be documented by the implementation.\n", "example": "{\n \"domain\" : \"PMNT\",\n \"family\" : \"CCRD\",\n \"subFamily\" : \"POSC\"\n}", "x-definition-type": "ISO20022" }, "CreditDebitIndicator": { "type": "string", "description": "Accounting flow of the amount\n| Code | Description |\n| ---- | ----------- |\n| CRDT | Credit type amount |\n| DBIT | Debit type amount |\n", "enum": [ "CRDT", "DBIT" ], "x-definition-type": "ISO20022" }, "RelatedParties": { "type": "object", "properties": { "initiatingParty": { "$ref": "#/components/schemas/PartyIdentification" }, "debtorAgent": { "$ref": "#/components/schemas/FinancialInstitutionIdentification" }, "debtor": { "$ref": "#/components/schemas/PartyIdentification" }, "debtorAccount": { "$ref": "#/components/schemas/AccountIdentification" }, "ultimateDebtor": { "$ref": "#/components/schemas/PartyIdentification" }, "creditorAgent": { "$ref": "#/components/schemas/FinancialInstitutionIdentification" }, "creditor": { "$ref": "#/components/schemas/PartyIdentification" }, "creditorAccount": { "$ref": "#/components/schemas/AccountIdentification" }, "ultimateCreditor": { "$ref": "#/components/schemas/PartyIdentification" } }, "description": "information about the parties that are related to the transaction", "example": "{\n \"creditorAgent\" : {\n \"bicFi\" : \"BNKAFRPPXXX\"\n },\n \"creditor\" : {\n \"name\" : \"MyPreferredPisp\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n }\n },\n \"creditorAccount\" : {\n \"iban\" : \"YY64COJH41059545330222956960771321\",\n \"currency\" : \"EUR\"\n }\n}", "x-definition-type": "ISO20022" }, "AmountAndCurrencyExchangeDetails": { "required": [ "amount", "exchangeRate", "sourceCurrency" ], "type": "object", "properties": { "type": { "maxLength": 35, "type": "string", "description": "specifies the type of amount in case of proprietary amount" }, "amount": { "$ref": "#/components/schemas/AmountType" }, "sourceCurrency": { "$ref": "#/components/schemas/CurrencyCode" }, "targetCurrency": { "$ref": "#/components/schemas/CurrencyCode" }, "unitCurrency": { "$ref": "#/components/schemas/CurrencyCode" }, "exchangeRate": { "type": "number", "description": "Factor used to convert an amount from one currency into another. This reflects the price at which one currency was bought with another currency.\nExchangeRate expresses the ratio between UnitCurrency and QuotedCurrency (ExchangeRate = UnitCurrency/QuotedCurrency).\n", "format": "float" }, "contractIdentification": { "maxLength": 35, "type": "string", "description": "Unique identification to unambiguously identify the foreign exchange contract." }, "quotationDate": { "type": "string", "description": "Date and time at which an exchange rate is quoted.", "format": "date" } }, "description": "ISO20022: details on amount and currency exchange\nThe [amount] property is the amount of money to be exchanged against another amount of money in the counter currency.\nThe [sourceCurency] property indicates the currency from which an amount is to be converted in a currency conversion.\nThe [targetCurrency] property indicates the currency into which an amount is to be converted in a currency conversion.\nThe [unitCurrency] indicates the currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP.\nAPI: Amounts must always be set as positive values.\n", "example": "{\n \"type\" : \"Contract\",\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n },\n \"sourceCurrency\" : \"EUR\",\n \"targetCurrency\" : \"USD\",\n \"unitCurrency\" : \"EUR\",\n \"exchangeRate\" : 1.1,\n \"contractIdentification\" : \"Ctrct4XG56\",\n \"quotationDate\" : \"2020-02-17\"\n}", "x-definition-type": "ISO20022" }, "AmountAndCurrencyExchange": { "type": "object", "properties": { "instructedAmount": { "$ref": "#/components/schemas/AmountAndCurrencyExchangeDetails" }, "transactionAmount": { "$ref": "#/components/schemas/AmountAndCurrencyExchangeDetails" }, "counterValueAmount": { "$ref": "#/components/schemas/AmountAndCurrencyExchangeDetails" }, "announcedPostingAmount": { "$ref": "#/components/schemas/AmountAndCurrencyExchangeDetails" }, "proprietaryAmount": { "type": "array", "description": "Set of elements used to provide information on the original amount and currency exchange.\n", "items": { "$ref": "#/components/schemas/AmountAndCurrencyExchangeDetails" } } }, "description": "Provides detailed information on the original amount.\nThe [instructedAmount] property identifies the amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party and provides currency exchange information in case the instructed amount and/or currency is/are different from the entry amount and/or currency.\nThe [transactionAmount] property identifies the amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party and provides currency exchange information in case the instructed amount and/or currency is/are different from the entry amount and/or currency.\nThe [cunterValueAmount] property embbeds the set of elements used to provide the countervalue amount and currency exchange information.\n- This can be either the counter amount quoted in an FX deal, or the result of the currency information applied to an instructed amount, before deduction of charges.\nThe [announcedPostingAmount] property specifies the amount of money, based on terms of corporate action event and balance of underlying securities, entitled to/from the account owner.\n- In some situations, this amount may alternatively be called entitled amount.\n", "example": "{\n \"instructedAmount\" : {\n \"type\" : \"Contract\",\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n },\n \"sourceCurrency\" : \"EUR\",\n \"targetCurrency\" : \"USD\",\n \"unitCurrency\" : \"EUR\",\n \"exchangeRate\" : 1.1,\n \"contractIdentification\" : \"Ctrct4XG56\",\n \"quotationDate\" : \"2020-02-17\"\n }\n}", "x-definition-type": "ISO20022" }, "TaxCharges": { "type": "object", "properties": { "identification": { "maxLength": 35, "type": "string", "description": "Unique reference to unambiguously identify the nature of the tax levied, such as Value Added Tax (VAT)." }, "rate": { "$ref": "#/components/schemas/PercentageRate" }, "amount": { "$ref": "#/components/schemas/AmountType" } }, "description": "ISO20022: Provides details on the tax applied to charges.\n- The [rate] property is the rate used to calculate the tax.\n- the [amount] property is the amount of money resulting from the calculation of the tax.\nAPI: Amounts must always be set as positive values.\n", "example": "{\n \"identification\" : \"VAT\",\n \"rate\" : 12.3,\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n}", "x-definition-type": "ISO20022" }, "ChargesRecord": { "type": "object", "properties": { "amount": { "$ref": "#/components/schemas/AmountType" }, "creditDebitIndicator": { "$ref": "#/components/schemas/CreditDebitIndicator" }, "chargeIncludedIndicator": { "type": "boolean", "description": "Indicates whether the charge should be included in the amount or is added as pre-advice.\nOne of the following values must be used:\n - Meaning When True: Included\n - Meaning When False: Pre-advised\n" }, "code": { "$ref": "#/components/schemas/CodeAndIssuer" }, "rate": { "$ref": "#/components/schemas/PercentageRate" }, "bearer": { "$ref": "#/components/schemas/ChargeBearerCode" }, "agent": { "$ref": "#/components/schemas/FinancialInstitutionIdentification" }, "tax": { "$ref": "#/components/schemas/TaxCharges" } }, "description": "ISO20022: Provides further individual record details on the charges related to the payment transaction.\n- The [amount] proprty specifies the transaction charges to be paid by the charge bearer.\n- The [creditDebitIndicator] property indicates whether the charges amount is a credit or a debit amount.\n A zero amount is considered to be a credit.\n- the [code] property is the charge type, in a coded form\n- the [rate] property is the rate used to calculate the amount of the charge or fee.\n- the [bearer] property specifies which party/parties will bear the charges associated with the processing of the payment transaction.\n- the [agent] property specifies the agent that takes the transaction charges or to which the transaction charges are due.\n- the [tax] property provides details on the tax applied to charges.\nAPI: Amounts must always be set as positive values.\n", "example": "{\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n },\n \"creditDebitIndicator\" : \"DBIT\",\n \"chargeIncludedIndicator\" : true,\n \"code\" : {\n \"code\" : \"CD01\",\n \"issuer\" : \"MyIssuer\"\n },\n \"rate\" : 0.5,\n \"bearer\" : \"SHAR\",\n \"agent\" : {\n \"bicFi\" : \"BNKAFRPPXXX\"\n },\n \"tax\" : {\n \"identification\" : \"VAT\",\n \"rate\" : 12.3,\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n }\n}", "x-definition-type": "ISO20022" }, "Charges": { "type": "object", "properties": { "totalChargesAndTaxAmount": { "$ref": "#/components/schemas/AmountType" }, "record": { "type": "array", "description": "Provides details of the individual charges record.", "items": { "$ref": "#/components/schemas/ChargesRecord" } } }, "description": "ISO20022: Provides further details on the charges related to the payment transaction.\nAPI: Amounts must always be set as positive values.\n", "example": "{\n \"totalChargesAndTaxAmount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n },\n \"record\" : [ {\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n },\n \"creditDebitIndicator\" : \"DBIT\",\n \"chargeIncludedIndicator\" : true,\n \"code\" : {\n \"code\" : \"CD01\",\n \"issuer\" : \"MyIssuer\"\n },\n \"rate\" : 0.5,\n \"bearer\" : \"SHAR\",\n \"agent\" : {\n \"bicFi\" : \"BNKAFRPPXXX\"\n },\n \"tax\" : {\n \"identification\" : \"VAT\",\n \"rate\" : 12.3,\n \"amount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n }\n }\n } ]\n}", "x-definition-type": "ISO20022" }, "TransactionResource": { "required": [ "creditDebitIndicator", "status", "transactionAmount" ], "type": "object", "properties": { "resourceId": { "$ref": "#/components/schemas/ResourceId" }, "entryReference": { "maxLength": 40, "type": "string", "description": "Technical incremental identification of the transaction used for reconciliation by the AISP.\nOnce assigned, this value cannot be changed for the relevant transaction.\nIt is assumed that this value is unique and thus cannot be shared by several transactions.\n\nThe reconciliation of transactions can be done by the [resourceId] or the [entryReference] field.\nIf none of these fields cannot be provided, it is therefore suggested that the [remittanceInformation] field, once set, should not be updated afterwards.\nActually the [additionalTransactionInformation] field can be used to update the details of a given transaction.\n" }, "transactionAmount": { "$ref": "#/components/schemas/AmountType" }, "creditDebitIndicator": { "$ref": "#/components/schemas/CreditDebitIndicator" }, "transactionAmountDetails": { "$ref": "#/components/schemas/AmountAndCurrencyExchange" }, "status": { "$ref": "#/components/schemas/TransactionStatus" }, "endToEndId": { "$ref": "#/components/schemas/EndToEndId" }, "expectedBookingDate": { "type": "string", "description": "Expected booking date of the transaction on the account if the transaction is not yet booked.\n", "format": "date-time" }, "bookingDate": { "type": "string", "description": "Real booking date of the transaction on the account\n", "format": "date-time" }, "valueDate": { "type": "string", "description": "Value date of the transaction on the account", "format": "date-time" }, "transactionDate": { "type": "string", "description": "Date used for specific purposes:\n- for card transaction: date of the commercial transaction\n- for credit transfer: acquiring date of the transaction as seen by the Payer's Bank\n- for direct debit: receiving date of the transaction as seen by the Payer's Bank\n", "format": "date-time" }, "bankTransactionCode": { "$ref": "#/components/schemas/BankTransactionCode" }, "charges": { "$ref": "#/components/schemas/Charges" }, "relatedParties": { "$ref": "#/components/schemas/RelatedParties" }, "remittanceInformation": { "$ref": "#/components/schemas/RemittanceInformation" }, "additionalTransactionInformation": { "maxLength": 500, "type": "string", "description": "Additional information about reconciliation." }, "standingOrderCharacteristics": { "$ref": "#/components/schemas/StandingOrderCharacteristics" }, "merchantCategoryCode": { "maxLength": 4, "type": "string", "description": "Category code conform to ISO 18245, related to the type of services or goods the merchant provides for the transaction.\n" }, "_links": { "$ref": "#/components/schemas/TransactionLinks" }, "bookingPeriod": { "$ref": "#/components/schemas/Period" }, "cardId": { "$ref": "#/components/schemas/GenericIdentification" } }, "description": "ISO20022: Structure of a transaction.\n- the [charges] property provides information on the charges, pre-advised or included in the entry amount.\n- the [relatedParties] property specifies either the debtor or the creditor counterpart information\nAPI:\n- Amounts must always be set as positive values in complement with the Credit/Debit indicator.\n- At least expectedBookingDate or bookingDate must be provided\"\n", "example": "{\n \"entryReference\" : \"DHGF36DJ0\",\n \"transactionAmount\" : {\n \"amount\" : 12.25,\n \"currency\" : \"EUR\"\n },\n \"creditDebitIndicator\" : \"DBIT\",\n \"status\" : \"BOOK\",\n \"bookingDate\" : \"2020-02-14T00:00+01:00\",\n \"remittanceInformation\" : {\n \"unstructured\" : [ \"Cheque n XXXXXXX\" ]\n }\n}", "x-definition-type": "ISO20022" }, "PsuStatusType": { "maxLength": 35, "type": "string", "description": "ISO20022: Specifies the type of account ownership.\n| Name | Description |\n| ---- | ---------- |\n| Account Holder | Person which is the sole holder of the account. |\n| Account Co-Holder | Person which shares with others the holding of the account. |\n| Attorney | Generic case of a person having a mandate to access the account data. |\n| Custodian For Minor | Entity that holds shares/units on behalf of a legal minor. Although the account is registered under the name of the minor, the custodian retains control of the account. |\n| Legal Guardian | Entity that was appointed by a legal authority to act on behalf of a person judged to be incapacitated. |\n| Nominee | Entity named by the beneficial owner to act on its behalf, often to facilitate dealing, or to conceal the identity of the beneficiary. |\n| Successor On Death | Deceased's estate, or successor, to whom the respective percentage of ownership will be transferred upon the death of one of the owners. |\n| Trustee | Legal owners of the property. However, the beneficiary has the equitable or beneficial ownership. |\n", "x-definition-type": "ISO20022" }, "AccountResource": { "required": [ "_links", "cashAccountType", "name" ], "type": "object", "properties": { "workspace": { "$ref": "#/components/schemas/Workspace" }, "resourceId": { "$ref": "#/components/schemas/ResourceId" }, "bicFi": { "pattern": "^[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}$", "type": "string", "description": "ISO20022: Code allocated to a financial institution by the ISO 9362 Registration Authority as described in ISO 9362 \"Banking - Banking telecommunication messages - Business identification code (BIC)\".\n" }, "accountId": { "$ref": "#/components/schemas/AccountIdentification" }, "name": { "maxLength": 70, "type": "string", "description": "Label of the PSU account\nIn case of a delayed debit card transaction set, the name shall specify the holder name and can also provide the imputation date\n" }, "details": { "maxLength": 140, "type": "string", "description": "Specifications that might be provided by the ASPSP\n- characteristics of the account\n- characteristics of the relevant card\n" }, "linkedAccount": { "maxLength": 70, "type": "string", "description": "Case of a set of pending card transactions, the ASPSP will provide the relevant cash account the card is set up on.\nWhen used, this field must be valued with the resourceId of the relevant cash account.\n" }, "usage": { "type": "string", "description": "Specifies the usage of the account\n| Code | Description |\n| ---- | ----------- |\n| PRIV | Private personal account |\n| ORGA | Professional account |\nCase of a set of pending card transactions, this field does not have to be set since the usage is inherited from the linked account.\n", "enum": [ "PRIV", "ORGA" ] }, "cashAccountType": { "type": "string", "description": "Specifies the type of the account\n| Code | Description |\n| ---- | ----------- |\n| CACC | Cash account |\n| CARD | List of card based transactions |\n", "enum": [ "CACC", "CARD" ] }, "product": { "maxLength": 35, "type": "string", "description": "Product Name of the Bank for this account, proprietary definition\n" }, "balances": { "minItems": 1, "type": "array", "description": "list of balances provided by the ASPSP", "items": { "$ref": "#/components/schemas/BalanceResource" } }, "psuStatus": { "$ref": "#/components/schemas/PsuStatusType" }, "_links": { "$ref": "#/components/schemas/AccountLinks" } }, "description": "PSU account that is made available to the TPP.\nThe ASPSP is able to set up specific accounts in order to provide card transactions with a delayed debit.\nThis account must be specific to a given card. Consequently, when the card is renewed, a new account will be set up.\nASPSP might also set-up different accounts for one given card but with different imputation dates. The remanence of these accounts is up to the ASPSP but must be equal or greater than the one which is provided through the Web-Banking interface.\nCase a payment card is blocked, any relevant information (balances, transactions...) that is available through the ASPSP PSU-interfaces must also be available through the API till the end of remanence period.\n", "example": "{\n \"resourceId\" : \"Alias1\",\n \"bicFi\" : \"BNKAFRPPXXX\",\n \"accountId\" : {\n \"iban\" : \"YY64COJH41059545330222956960771321\",\n \"currency\" : \"EUR\"\n },\n \"name\" : \"Compte de Mr et Mme Dupont\",\n \"usage\" : \"PRIV\",\n \"cashAccountType\" : \"CACC\",\n \"psuStatus\" : \"Co-account Holder\",\n \"_links\" : {\n \"balances\" : {\n \"href\" : \"/v1/accounts/Alias1/balances\"\n },\n \"transactions\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions\"\n },\n \"overdrafts\" : {\n \"href\" : \"/v1/accounts/Alias1/overdrafts\"\n }\n }\n}", "x-definition-type": "Resources" }, "BalanceResource": { "required": [ "balanceAmount", "balanceType", "name" ], "type": "object", "properties": { "name": { "maxLength": 70, "type": "string", "description": "Label of the balance" }, "balanceAmount": { "$ref": "#/components/schemas/AmountType" }, "balanceType": { "$ref": "#/components/schemas/BalanceStatus" }, "lastChangeDateTime": { "type": "string", "description": "Timestamp of the last change of the balance amount", "format": "date-time" }, "referenceDate": { "type": "string", "description": "Reference date for the balance", "format": "date-time" }, "lastCommittedTransaction": { "maxLength": 40, "type": "string", "description": "Identification of the last committed transaction. This is actually useful for instant balance.\n" } }, "description": "Structure of an account balance", "example": "{\n \"name\" : \"Solde comptable au 12/01/2017\",\n \"balanceAmount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n },\n \"balanceType\" : \"CLBD\",\n \"lastCommittedTransaction\" : \"A452CH\"\n}", "x-definition-type": "Resources", "x-generic": true }, "Nonce": { "maxLength": 70, "type": "string", "description": "Challenge to be sent in order to avoid replay of the authentication process.\n", "x-definition-type": "Resources" }, "ConfirmationResource": { "type": "object", "properties": { "nonce": { "$ref": "#/components/schemas/Nonce" }, "psuAuthenticationFactor": { "type": "string", "description": "authentication factor forwarded by the TPP to the ASPSP in order to fulfil the strong customer authentication process" } }, "description": "Confirmation request resource", "example": "{\n \"nonce\" : \"Nonce56fdd\",\n \"psuAuthenticationFactor\" : \"U1RF51mITWWmTQ72M1xWiw\"\n}", "x-definition-type": "Resources" }, "PaymentInformationId": { "pattern": "^([a-zA-Z0-9 /\\-?:\\()\\.,']{1,36})$", "type": "string", "description": "ISO20022: Reference assigned by a sending party to unambiguously identify the payment information block within the message.\nAPI: This field is a clue for idempotency check by the ASPSP in order to avoid duplicate SCA or payment execution. However the ASPSP may use other mechanisms.\n", "x-definition-type": "ISO20022" }, "CreationDateTime": { "type": "string", "description": "ISO20022: Date and time at which a (group of) payment instruction(s) was created by the instructing party.\n", "format": "date-time", "x-definition-type": "ISO20022" }, "FundsAvailabilityInformation": { "type": "boolean", "description": "Indicator that the payment can be covered or not by the funds available on the relevant account\n- true: payment is covered\n- false: payment is not covered\nThis indicator must be provided by the ASPSP when the Booking Information is present and set to \"False\".\nThis indicator will not be provided if the Booking Information is absent or set to \"True\".\n", "x-definition-type": "ISO20022" }, "BookingInformation": { "type": "boolean", "description": "Indicator that the payment can be immediately booked or not\n- true: payment is booked\n- false: payment is not booked\nBooking a transaction means that the funds required by this transaction are immediatly reserved and that a subsequent transaction will not interfere with the proper execution of the payment.\nHowever, usual fraud detection mechanisms might still be triggered and result as a rejection of the payment.\nThis indicator must be provided when the relevant Credit Transfer will be executed as soon as possible but not as an instant payment.\nThis indicator is irrelevant and will not be provided for delayed payments.\nThis indicator is only relevant for the first occurrence of a standing order when this occurrence is not delayed and will be executed as soon as possible.\n\nCase the Information System cannot handle this immediate booking, the ASPSP will have to provide the funds availability information.\n", "x-definition-type": "ISO20022" }, "BatchBookingIndicator": { "type": "boolean", "description": "Identifies whether a single entry per individual transaction or a batch entry for the sum of the amounts of all transactions within the group of a message is requested.\nMeaning When True: Identifies that a batch entry for the sum of the amounts of all transactions in the batch or message is requested.\nMeaning When False: Identifies that a single entry for each of the transactions in the batch or message is requested.\nDefault value: each ASPSP must be able to specify its own default value.\n", "x-definition-type": "ISO20022" }, "PaymentRequestResource": { "required": [ "creationDateTime", "creditTransferTransaction", "initiatingParty", "numberOfTransactions", "paymentInformationId", "paymentTypeInformation", "supplementaryData" ], "type": "object", "properties": { "resourceId": { "$ref": "#/components/schemas/ResourceId" }, "paymentInformationId": { "$ref": "#/components/schemas/PaymentInformationId" }, "batchBooking": { "$ref": "#/components/schemas/BatchBookingIndicator" }, "creationDateTime": { "$ref": "#/components/schemas/CreationDateTime" }, "numberOfTransactions": { "minimum": 1, "type": "integer", "description": "ISO20022: Number of individual transactions contained in the message.\nAPI: Each ASPSP will specify a maximum value for this field taking into accounts its specificities about payment request handling\n" }, "initiatingParty": { "$ref": "#/components/schemas/PartyIdentification" }, "acceptDebtorAccountChange": { "type": "boolean", "description": "indicator that the debtor account can be changed in the payment request by the ASPSP if needed\n- true: debtor account can be changed (default value)\n- false: debtor account cannot be changed\n" }, "acceptChargeHandlingChange": { "type": "boolean", "description": "indicator that the charge handling can be changed in the payment request by the ASPSP if needed\n- true: charge handling can be changed (default value)\n- false: charge handling cannot be changed\n" }, "acceptInstantPaymentDowngrade": { "type": "boolean", "description": "Indicator that the requested instant SEPA Credit Transfer method can be downgraded by the ASPSP into a plain-vanilla SEPA Credit Transfer, when Instant SCT cannot apply or is refused by the PSU.\nEventually, it is up to the ASPSP to downgrade or reject the payment. In case of a downgrade, the ASPSP will have to update de relevant field [LocalInstrument] and remove the \"INST\" value in order to keep the PISP informed.\n- true: payment method can be downgraded\n- false: payment method cannot be downgraded (default value)\n" }, "paymentTypeInformation": { "$ref": "#/components/schemas/PaymentTypeInformation" }, "debtor": { "$ref": "#/components/schemas/PartyIdentification" }, "debtorAccount": { "$ref": "#/components/schemas/AccountIdentification" }, "debtorAgent": { "$ref": "#/components/schemas/FinancialInstitutionIdentification" }, "chargeBearer": { "$ref": "#/components/schemas/ChargeBearerCode" }, "paymentInformationStatus": { "$ref": "#/components/schemas/PaymentInformationStatusCode" }, "statusReasonInformation": { "$ref": "#/components/schemas/StatusReasonInformation" }, "fundsAvailability": { "$ref": "#/components/schemas/FundsAvailabilityInformation" }, "booking": { "$ref": "#/components/schemas/BookingInformation" }, "creditTransferTransaction": { "minItems": 1, "type": "array", "description": "ISO20022: Payment processes required to transfer cash from the debtor to the creditor.\nAPI: Each ASPSP will specify a maxItems value for this field taking into accounts its specificities about payment request handling\n", "items": { "$ref": "#/components/schemas/CreditTransferTransactionResource" } }, "supplementaryData": { "$ref": "#/components/schemas/SupplementaryData" } }, "description": "ISO20022: The PaymentRequestResource message is sent by the Creditor sending party to the Debtor receiving party, directly or through agents. It is used by a Creditor to request movement of funds from the debtor account to a creditor.\nAPI:\nInformation about the creditor (Id, account and agent) must be placed at instruction level. Thus multi-beneficiary payments can be handled.\nThe requested execution date must be placed at payment level even when all instructions are requested to be executed at the same date.\nThe latest case includes:\n- multiple instructions having different requested execution dates\n- standing orders settings\n", "example": "{\n \"paymentInformationId\" : \"MyPmtInfId\",\n \"creationDateTime\" : \"2020-02-19T13:56:54.877+01:00\",\n \"numberOfTransactions\" : 2,\n \"initiatingParty\" : {\n \"name\" : \"MyPreferredPisp\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n }\n },\n \"paymentTypeInformation\" : {\n \"serviceLevel\" : \"SEPA\",\n \"localInstrument\" : \"INST\",\n \"categoryPurpose\" : \"CASH\"\n },\n \"debtor\" : {\n \"name\" : \"MyCustomer\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"privateId\" : {\n \"identification\" : \"FD37G\",\n \"schemeName\" : \"BANK\",\n \"issuer\" : \"BICXYYTTZZZ\"\n }\n },\n \"chargeBearer\" : \"SLEV\",\n \"creditTransferTransaction\" : [ {\n \"paymentId\" : {\n \"instructionId\" : \"MyInstrId3\",\n \"endToEndId\" : \"MyEndToEndId3\"\n },\n \"requestedExecutionDate\" : \"2020-02-19T13:56:54.878+01:00\",\n \"instructedAmount\" : {\n \"amount\" : 124.35,\n \"currency\" : \"EUR\"\n },\n \"beneficiary\" : {\n \"creditor\" : {\n \"name\" : \"June Doe\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n },\n \"privateId\" : {\n \"identification\" : \"852126789\",\n \"schemeName\" : \"SIREN\",\n \"issuer\" : \"FR\"\n }\n },\n \"creditorAccount\" : {\n \"iban\" : \"YY49QEZO90424459988701367845944910\",\n \"currency\" : \"EUR\"\n }\n },\n \"ultimateCreditor\" : {\n \"name\" : \"myPreferredUltimateMerchant\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"85212678900025\",\n \"schemeName\" : \"SIRET\",\n \"issuer\" : \"FR\"\n }\n },\n \"purpose\" : \"CASH\",\n \"remittanceInformation\" : {\n \"unstructured\" : [ \"MyRemittanceInformation\" ]\n }\n }, {\n \"paymentId\" : {\n \"instructionId\" : \"MyInstrId4\",\n \"endToEndId\" : \"MyEndToEndId4\"\n },\n \"requestedExecutionDate\" : \"2020-02-19T13:56:54.878+01:00\",\n \"instructedAmount\" : {\n \"amount\" : 124.35,\n \"currency\" : \"EUR\"\n },\n \"beneficiary\" : {\n \"creditor\" : {\n \"name\" : \"John Doe\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n },\n \"privateId\" : {\n \"identification\" : \"852126789\",\n \"schemeName\" : \"SIREN\",\n \"issuer\" : \"FR\"\n }\n },\n \"creditorAccount\" : {\n \"iban\" : \"YY27KYHO61109079868328944728829436\",\n \"currency\" : \"EUR\"\n }\n },\n \"ultimateCreditor\" : {\n \"name\" : \"myPreferredUltimateMerchant\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"85212678900025\",\n \"schemeName\" : \"SIRET\",\n \"issuer\" : \"FR\"\n }\n },\n \"purpose\" : \"CASH\",\n \"remittanceInformation\" : {\n \"unstructured\" : [ \"MyRemittanceInformation\" ]\n }\n } ],\n \"supplementaryData\" : {\n \"acceptedAuthenticationApproach\" : [ \"REDIRECT\", \"DECOUPLED\" ],\n \"successfulReportUrl\" : \"http://myPisp/PaymentSuccess\",\n \"unsuccessfulReportUrl\" : \"http://myPisp/PaymentFailure\"\n }\n}", "x-definition-type": "Resources", "x-generic": true, "x-not-allowed-in-post": [ "paymentInformationStatus", "statusReasonInformation" ] }, "PaymentCoverageRequestResource": { "required": [ "accountId", "paymentCoverageRequestId" ], "type": "object", "properties": { "paymentCoverageRequestId": { "maxLength": 35, "type": "string", "description": "Identification of the payment Coverage Request" }, "payee": { "maxLength": 70, "type": "string", "description": "The merchant where the card is accepted as information to the PSU." }, "instructedAmount": { "$ref": "#/components/schemas/AmountType" }, "accountId": { "$ref": "#/components/schemas/AccountIdentification" } }, "description": "Payment coverage request structure.\nThe request must rely either on a cash account or a payment card.\nThe [instructedAmount] property is the payment account on wihich the request is processed. This amount must be positive.\nAmounts must always be set as positive values.\n", "example": "{\n \"paymentCoverageRequestId\" : \"MyCoverage123456\",\n \"instructedAmount\" : {\n \"amount\" : 12345.0,\n \"currency\" : \"EUR\"\n },\n \"accountId\" : {\n \"iban\" : \"YY13RDHN98392489481620896668799742\"\n }\n}", "x-definition-type": "Resources" }, "Overdraft": { "required": [ "allowedAmount" ], "type": "object", "properties": { "allowedAmount": { "$ref": "#/components/schemas/AmountType" } }, "description": "ISO20022: Overdraft characteristics\nAPI: Amounts must always be set as positive values.\n", "example": "{\n \"allowedAmount\" : {\n \"amount\" : 30000.0,\n \"currency\" : \"EUR\"\n }\n}", "x-definition-type": "ISO20022" }, "Workspace": { "required": [ "identification", "label" ], "type": "object", "properties": { "identification": { "maxLength": 32, "type": "string", "description": "identification of the workspace to be used as an optional query parameter for some AISP queries" }, "label": { "maxLength": 128, "type": "string", "description": "textual description of the workspace as specified by the ASPSP in relationship wth the PSU" } }, "description": "Some ASPSP may provide different user workspaces that can be accessed by the same authenticated PSU. In this case, the AISP is able to retrieve the different pieces of account information by specifying the relevant workspace as a QUERY parameter. Identification of the workspace to be used when processing the request. If not present, the default workspace to be used is the one that is linked to the authentication processed during the OAuth2 access token request.", "example": "{\n \"identification\" : \"PRO_1\",\n \"label\" : \"comptes de la SARL PRO1\"\n}" }, "HalAccounts": { "required": [ "_links", "accounts" ], "type": "object", "properties": { "accounts": { "type": "array", "description": "List of PSU account that are made available to the TPP\n", "items": { "$ref": "#/components/schemas/AccountResource" } }, "_links": { "$ref": "#/components/schemas/AccountListLinks" } }, "description": "HYPERMEDIA structure used for returning the list of the available accounts to the AISP", "example": "{\n \"accounts\" : [ {\n \"workspace\": {\n \"identification\" : \"PERSO\",\n \"label\" : \"comptes personnels\"\n },\n \"resourceId\" : \"Alias1\",\n \"bicFi\" : \"BNKAFRPPXXX\",\n \"accountId\" : {\n \"iban\" : \"YY64COJH41059545330222956960771321\",\n \"currency\" : \"EUR\"\n },\n \"name\" : \"Compte de Mr et Mme Dupont\",\n \"usage\" : \"PRIV\",\n \"cashAccountType\" : \"CACC\",\n \"psuStatus\" : \"Co-account Holder\",\n \"_links\" : {\n \"balances\" : {\n \"href\" : \"/v1/accounts/Alias1/balances\"\n },\n \"transactions\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions\"\n },\n \"overdrafts\" : {\n \"href\" : \"/v1/accounts/Alias1/overdrafts\"\n }\n }\n }, {\n \"workspace\": {\n \"identification\" : \"PERSO\",\n \"label\" : \"comptes personnels\"\n },\n \"resourceId\" : \"Alias2\",\n \"bicFi\" : \"BNKAFRPPXXX\",\n \"accountId\" : {\n \"iban\" : \"YY64COJH41059545330222956960771321\",\n \"currency\" : \"EUR\"\n },\n \"name\" : \"Compte de Mme Dupont\",\n \"usage\" : \"PRIV\",\n \"cashAccountType\" : \"CACC\",\n \"psuStatus\" : \"Account Holder\",\n \"_links\" : {\n \"balances\" : {\n \"href\" : \"/v1/accounts/Alias2/balances\"\n },\n \"transactions\" : {\n \"href\" : \"/v1/accounts/Alias2/transactions\"\n },\n \"overdrafts\" : {\n \"href\" : \"/v1/accounts/Alias2/overdrafts\"\n }\n }\n } ],\n \"_links\" : {\n \"self\" : {\n \"href\" : \"/v1/accounts\"\n\n },\n \"consents\" : {\n \"href\" : \"/v1/consents\"\n\n },\n \"endUserIdentity\" : {\n \"href\" : \"v1/end-user-identity\"\n },\n \"trustedBeneficiaries\" : {\n \"href\" : \"/v1/trusted-beneficiaries\"\n }\n }\n}", "x-definition-type": "Hal" }, "HalBalances": { "required": [ "_links", "balances" ], "type": "object", "properties": { "balances": { "minItems": 1, "type": "array", "description": "List of account balances", "items": { "$ref": "#/components/schemas/BalanceResource" } }, "_links": { "$ref": "#/components/schemas/BalancesLinks" } }, "description": "HYPERMEDIA structure used for returning the list of the relevant balances for a given account to the AISP", "example": "{\n \"balances\" : [ {\n \"name\" : \"Solde comptable au 12/01/2017\",\n \"balanceAmount\" : {\n \"amount\" : 123.45,\n \"currency\" : \"EUR\"\n },\n \"balanceType\" : \"CLBD\",\n \"lastCommittedTransaction\" : \"A452CH\"\n }, {\n \"name\" : \"Solde instantane au 12/01/2017 20:13\",\n \"balanceAmount\" : {\n \"amount\" : 105.65,\n \"currency\" : \"EUR\"\n },\n \"balanceType\" : \"XPCD\",\n \"lastCommittedTransaction\" : \"A452D0\"\n } ],\n \"_links\" : {\n \"self\" : {\n \"href\" : \"/v1/accounts/myAccountId/balances\"\n },\n \"parent-list\" : {\n \"href\" : \"/v1/accounts\"\n },\n \"transactions\" : {\n \"href\" : \"/v1/accounts/myAccountId/transactions\"\n },\n \"overdrafts\" : {\n \"href\" : \"/v1/accounts/myAccountId/overdrafts\"\n }\n }\n}", "x-definition-type": "Hal" }, "HalTransactions": { "required": [ "_links", "transactions" ], "type": "object", "properties": { "transactions": { "type": "array", "description": "List of transactions", "items": { "$ref": "#/components/schemas/TransactionResource" } }, "_links": { "$ref": "#/components/schemas/TransactionsLinks" } }, "description": "HYPERMEDIA structure used for returning the list of the transactions for a given account to the AISP", "example": "{\n \"transactions\" : [ {\n \"entryReference\" : \"DHGF36DJ0\",\n \"transactionAmount\" : {\n \"amount\" : 12.25,\n \"currency\" : \"EUR\"\n },\n \"creditDebitIndicator\" : \"DBIT\",\n \"status\" : \"BOOK\",\n \"bookingDate\" : \"2020-02-14T00:00+01:00\",\n \"remittanceInformation\" : {\n \"unstructured\" : [ \"Cheque n XXXXXXX\" ]\n }\n }, {\n \"entryReference\" : \"DHGF36DJ1\",\n \"transactionAmount\" : {\n \"amount\" : 66.38,\n \"currency\" : \"EUR\"\n },\n \"creditDebitIndicator\" : \"DBIT\",\n \"status\" : \"BOOK\",\n \"bookingDate\" : \"2020-02-14T00:00+01:00\",\n \"remittanceInformation\" : {\n \"unstructured\" : [ \"Prelevement ICS XXXXXXX\" ]\n }\n } ],\n \"_links\" : {\n \"self\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions\"\n },\n \"parent-list\" : {\n \"href\" : \"/v1/accounts\"\n },\n \"balances\" : {\n \"href\" : \"/v1/accounts/Alias1/balances\"\n },\n \"overdrafts\" : {\n \"href\" : \"/v1/accounts/Alias1/overdrafts\"\n },\n \"last\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions?page=last\"\n },\n \"next\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions?page=next\"\n }\n }\n}", "x-definition-type": "Hal" }, "HalOverdrafts": { "required": [ "_links", "overdrafts" ], "type": "object", "properties": { "overdrafts": { "$ref": "#/components/schemas/Overdraft" }, "_links": { "$ref": "#/components/schemas/OverdraftsLinks" } }, "description": "HYPERMEDIA structure used for returning the list of the overdrafts that can apply on a given account to the AISP", "example": "{\n \"overdrafts\" : {\n \"allowedAmount\" : {\n \"amount\" : 30000.0,\n \"currency\" : \"EUR\"\n }\n },\n \"_links\" : {\n \"self\" : {\n \"href\" : \"/v1/accounts/Alias1/overdrafts\"\n },\n \"parent-list\" : {\n \"href\" : \"/v1/accounts\"\n },\n \"balances\" : {\n \"href\" : \"/v1/accounts/Alias1/balances\"\n },\n \"transactions\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions\"\n }\n }\n}", "x-definition-type": "Hal" }, "HalPaymentRequest": { "required": [ "_links", "paymentRequest" ], "type": "object", "properties": { "paymentRequest": { "$ref": "#/components/schemas/PaymentRequestResource" }, "_links": { "$ref": "#/components/schemas/PaymentRequestLinks" } }, "description": "HYPERMEDIA structure used for returning the original Payment Request to the PISP", "example": "{\n \"paymentRequest\" : {\n \"resourceId\" : \"MyPmtInfRscId\",\n \"paymentInformationId\" : \"MyPmtInfId\",\n \"creationDateTime\" : \"2020-02-19T13:56:54.758+01:00\",\n \"numberOfTransactions\" : 2,\n \"initiatingParty\" : {\n \"name\" : \"MyPreferredPisp\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n }\n },\n \"paymentTypeInformation\" : {\n \"serviceLevel\" : \"SEPA\",\n \"localInstrument\" : \"INST\",\n \"categoryPurpose\" : \"CASH\"\n },\n \"debtor\" : {\n \"name\" : \"MyCustomer\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"privateId\" : {\n \"identification\" : \"FD37G\",\n \"schemeName\" : \"BANK\",\n \"issuer\" : \"BICXYYTTZZZ\"\n }\n },\n \"debtorAgent\" : {\n \"bicFi\" : \"BNKAFRPPXXX\"\n },\n \"chargeBearer\" : \"SLEV\",\n \"paymentInformationStatus\" : \"PDNG\",\n \"creditTransferTransaction\" : [ {\n \"paymentId\" : {\n \"instructionId\" : \"MyInstrId3\",\n \"endToEndId\" : \"MyEndToEndId3\"\n\n },\n \"requestedExecutionDate\" : \"2020-02-19T13:56:54.759+01:00\",\n \"instructedAmount\" : {\n \"amount\" : 124.35,\n \"currency\" : \"EUR\"\n\n },\n \"beneficiary\" : {\n \"creditor\" : {\n \"name\" : \"June Doe\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n },\n \"privateId\" : {\n \"identification\" : \"852126789\",\n \"schemeName\" : \"SIREN\",\n \"issuer\" : \"FR\"\n }\n },\n \"creditorAccount\" : {\n \"iban\" : \"YY49QEZO90424459988701367845944910\",\n \"currency\" : \"EUR\"\n }\n },\n \"ultimateCreditor\" : {\n \"name\" : \"myPreferredUltimateMerchant\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"85212678900025\",\n \"schemeName\" : \"SIRET\",\n \"issuer\" : \"FR\"\n }\n },\n \"purpose\" : \"CASH\",\n \"remittanceInformation\" : {\n \"unstructured\" : [ \"MyRemittanceInformation\" ]\n },\n \"transactionStatus\" : \"PDNG\"\n }, {\n \"paymentId\" : {\n \"instructionId\" : \"MyInstrId4\",\n \"endToEndId\" : \"MyEndToEndId4\"\n },\n \"requestedExecutionDate\" : \"2020-02-19T13:56:54.759+01:00\",\n \"instructedAmount\" : {\n \"amount\" : 124.35,\n \"currency\" : \"EUR\"\n },\n \"beneficiary\" : {\n \"creditor\" : {\n \"name\" : \"John Doe\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"12FR5\",\n \"schemeName\" : \"COID\",\n \"issuer\" : \"ACPR\"\n },\n \"privateId\" : {\n \"identification\" : \"852126789\",\n \"schemeName\" : \"SIREN\",\n \"issuer\" : \"FR\"\n }\n },\n \"creditorAccount\" : {\n \"iban\" : \"YY27KYHO61109079868328944728829436\",\n \"currency\" : \"EUR\"\n }\n },\n \"ultimateCreditor\" : {\n \"name\" : \"myPreferredUltimateMerchant\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"85212678900025\",\n \"schemeName\" : \"SIRET\",\n \"issuer\" : \"FR\"\n }\n },\n \"purpose\" : \"CASH\",\n \"remittanceInformation\" : {\n \"unstructured\" : [ \"MyRemittanceInformation\" ]\n },\n \"transactionStatus\" : \"PDNG\"\n } ],\n \"supplementaryData\" : {\n \"acceptedAuthenticationApproach\" : [ \"REDIRECT\", \"DECOUPLED\" ],\n \"appliedAuthenticationApproach\" : \"REDIRECT\",\n \"successfulReportUrl\" : \"http://myPisp/PaymentSuccess\",\n \"unsuccessfulReportUrl\" : \"http://myPisp/PaymentFailure\"\n }\n },\n \"_links\" : {\n \"request\" : {\n \"href\" : \"/v1/payment-requests/MyPmtInfRscId\"\n },\n \"confirmation\" : {\n \"href\" : \"/v1/payment-requests/MyPmtInfRscId/confirmation\"\n }\n }\n}", "x-definition-type": "Hal" }, "HalCreditTransfertTransactions": { "required": [ "_links", "creditTransferTransaction" ], "type": "object", "properties": { "creditTransferTransaction": { "minItems": 0, "type": "array", "description": "ISO20022: Payment processes required to transfer cash from the debtor to the creditor.\nAPI: Each ASPSP will specify a maxItems value for this field taking into accounts its specificities about payment request handling\n", "items": { "$ref": "#/components/schemas/CreditTransferTransactionResource" } }, "_links": { "$ref": "#/components/schemas/CreditTransferTransactionLinks" } }, "description": "HYPERMEDIA structure used for returning the transactions of a given payment request to the PISP", "example": "{\n \"creditTransferTransaction\": [\n {\n \"paymentId\": {\n \"instructionId\": \"MyInstrId3\",\n \"endToEndId\": \"MyEndToEndId3\"\n },\n \"requestedExecutionDate\": \"2021-08-23T14:27:04.601852Z\",\n \"instructedAmount\": {\n \"amount\": 124.35,\n \"currency\": \"EUR\"\n },\n \"beneficiary\": {\n \"creditor\": {\n \"name\": \"myMerchant\",\n \"postalAddress\": {\n \"country\": \"FR\",\n \"addressLine\": [\n \"18 rue de la DSP2\",\n \"75008 PARIS\"\n ]\n },\n \"organisationId\": {\n \"identification\": \"852126789\",\n \"schemeName\": \"SIREN\",\n \"issuer\": \"FR\"\n }\n },\n \"creditorAccount\": {\n \"iban\": \"YY64COJH41059545330222956960771321\"\n }\n },\n \"ultimateCreditor\": {\n \"name\": \"MyPreferredPisp\",\n \"postalAddress\": {\n \"country\": \"FR\",\n \"addressLine\": [\n \"18 rue de la DSP2\",\n \"75008 PARIS\"\n ]\n },\n \"organisationId\": {\n \"identification\": \"12FR5\",\n \"schemeName\": \"COID\",\n \"issuer\": \"ACPR\"\n }\n },\n \"purpose\": \"CASH\",\n \"remittanceInformation\": {\n \"unstructured\": [\n \"MyRemittanceInformation\"\n ]\n }\n }\n ],\n \"links\": {\n \"self\": {\n \"href\": \"/v1/payment-requests/MyPmtInfRscId/creditTransfertTransactions\"\n },\n \"parent\": {\n \"href\": \"/v1/payment-requests/MyPmtInfRscId\"\n }\n }\n}", "x-definition-type": "Hal" }, "HalAuthenticationRequest": { "type": "object", "properties": { "appliedAuthenticationApproach": { "$ref": "#/components/schemas/AuthenticationApproach" }, "nonce": { "$ref": "#/components/schemas/Nonce" }, "_links": { "$ref": "#/components/schemas/PaymentRequestResourceCreationLinks" } }, "description": "Data forwarded by the ASPSP top the PISP after creation of the Payment Request resource creation\nThe ASPSP, based on the authentication approaches proposed by the PISP, choose the one that it can processed, in respect with the preferences and constraints of the PSU and indicates in this field which approach was chosen.\nIt may happen that the ASPSP considers that, in case of payment cancellation request, there is no need for authentication and will then return \"NONE\".\n", "example": "{\n \"appliedAuthenticationApproach\" : \"REDIRECT\",\n \"nonce\" : \"GH6HGH5CGH763\",\n \"_links\" : {\n \"consentApproval\" : {\n \"href\" : \"https://psd2.aspsp/consent-approval\"\n }\n }\n}", "x-definition-type": "Hal" }, "HalPaymentCoverageReport": { "required": [ "_links", "request", "result" ], "type": "object", "properties": { "request": { "$ref": "#/components/schemas/PaymentCoverageRequestResource" }, "result": { "type": "boolean", "description": "Result of the coverage check :\n- true: the payment can be covered\n- false: the payment cannot be covered\n" }, "_links": { "$ref": "#/components/schemas/PaymentCoverageReportLinks" } }, "description": "HYPERMEDIA structure used for returning the payment coverage report to the CBPII", "example": "{\n \"request\" : {\n \"paymentCoverageRequestId\" : \"MyCoverage123456\",\n \"instructedAmount\" : {\n \"amount\" : 12345.0,\n \"currency\" : \"EUR\"\n },\n \"accountId\" : {\n \"iban\" : \"YY13RDHN98392489481620896668799742\"\n }\n },\n \"result\" : true,\n \"_links\" : {\n \"self\" : {\n \"href\" : \"v1/funds-confirmations\"\n }\n }\n}", "x-definition-type": "Hal" }, "Beneficiary": { "required": [ "creditor" ], "type": "object", "properties": { "workspace": { "$ref": "#/components/schemas/Workspace" }, "id": { "pattern": "^([a-zA-Z0-9 /\\-?:\\()\\.,']{1,36})$", "type": "string", "description": "Id of the beneficiary" }, "isTrusted": { "type": "boolean", "description": "The ASPSP having not implemented the trusted beneficiaries list must not set this flag.\nOtherwise, the ASPSP indicates whether or not the beneficiary was registered by the PSU within the trusted beneficiaries list.\n- true: the beneficiary is actually a trusted beneficiary\n- false: the beneficiary is not a trusted beneficiary\n", "readOnly": true }, "creditorAgent": { "$ref": "#/components/schemas/FinancialInstitutionIdentification" }, "creditor": { "$ref": "#/components/schemas/PartyIdentification" }, "creditorAccount": { "$ref": "#/components/schemas/AccountIdentification" } }, "description": "Specification of a beneficiary", "example": "{\n \"creditor\" : {\n \"name\" : \"myMerchant\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"852126789\",\n \"schemeName\" : \"SIREN\",\n \"issuer\" : \"FR\"\n }\n },\n \"creditorAccount\" : {\n \"iban\" : \"YY64COJH41059545330222956960771321\",\n \"currency\" : \"EUR\"\n }\n}", "x-definition-type": "Resources" }, "NamePrefixCode": { "type": "string", "description": "Specifies the terms used to formally address a person.\nThis field accepts the following code values\n| Code | Description |\n| ---- | ---------- |\n| DOCT | Doctor |\n| MADM | Madam |\n| MISS | Miss |\n| MIST | Mister |\n", "enum": [ "DOCT", "MADM", "MISS", "MIST" ], "x-definition-type": "ISO20022" }, "Identity": { "required": [ "fullName" ], "type": "object", "properties": { "fullName": { "maxLength": 140, "type": "string", "description": "Last name and first name\n" }, "namePrefix": { "$ref": "#/components/schemas/NamePrefixCode" }, "firstName": { "maxLength": 70, "type": "string", "description": "First name\n" }, "lastName": { "maxLength": 70, "type": "string", "description": "Last name\n" } }, "description": "HYPERMEDIA structure used for returning the identity of the PSU", "example": "{\n \"fullName\" : \"M. John Doe\",\n \"namePrefix\" : \"MIST\",\n \"firstName\" : \"John\",\n \"lastName\" : \"Doe\"\n}", "x-definition-type": "Iso20022" }, "HalOwners": { "required": [ "_links" ], "type": "object", "properties": { "company": { "$ref": "#/components/schemas/GenericIdentification" }, "identities": { "type": "array", "description": "identity of the account owners.\n", "items": { "$ref": "#/components/schemas/Identity" } }, "_links": { "$ref": "#/components/schemas/OwnersLinks" } }, "description": "HYPERMEDIA structure used for returning the identities of the account owners.\nThese owners are either real persons or a company.\n- in the first case, the [identities] block must be used\n- in the second cas, the [company] property specifies the identity of the company owning the account.", "example": "{\n \"identities\" : [ {\n \"fullName\" : \"M. John Doe\",\n \"namePrefix\" : \"MIST\",\n \"firstName\" : \"John\",\n \"lastName\" : \"Doe\"\n } ],\n \"_links\" : {\n \"balances\" : {\n \"href\" : \"/v1/accounts/Alias1/balances\"\n },\n \"transactions\" : {\n \"href\" : \"/v1/accounts/Alias1/transactions\"\n },\n \"overdrafts\" : {\n \"href\" : \"/v1/accounts/Alias1/overdrafts\"\n }\n }\n}", "x-definition-type": "Hal" }, "HalEndUserIdentity": { "required": [ "_links", "identity" ], "type": "object", "properties": { "identity": { "$ref": "#/components/schemas/Identity" }, "_links": { "$ref": "#/components/schemas/EndUserIdentityLinks" } }, "description": "HYPERMEDIA structure used for returning the identity of the PSU.\nThe [identity] property specifies the identity of the PSU which has granted access to the AISP on the accounts data\nThis information can be retrieved based on the PSU's authentication that occurred during the OAUTH2 access token initialisation.\n", "example": "{\n \"identity\" : {\n \"fullName\" : \"Mme Cecile Dupond\",\n \"namePrefix\" : \"MADM\",\n \"firstName\" : \"Cecile\",\n \"lastName\" : \"Dupond\"\n },\n \"_links\" : {\n \"self\" : {\n \"href\" : \"v1/end-user-identity\"\n },\n \"accounts\" : {\n \"href\" : \"/v1/accounts\"\n },\n \"consents\" : {\n \"href\" : \"/v1/consents\"\n },\n \"trustedBeneficiaries\" : {\n \"href\" : \"/v1/trusted-beneficiaries\"\n }\n }\n}", "x-definition-type": "Hal" }, "HalBeneficiaries": { "required": [ "_links", "beneficiaries" ], "type": "object", "properties": { "beneficiaries": { "type": "array", "description": "List of trusted beneficiaries", "items": { "$ref": "#/components/schemas/Beneficiary" } }, "_links": { "$ref": "#/components/schemas/BeneficiariesLinks" } }, "description": "HYPERMEDIA structure used for returning the list of the whitelisted beneficiaries", "example": "{\n \"demoBeneficiaries\" : [ {\n \"creditor\" : {\n \"name\" : \"myMerchant\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"852126789\",\n \"schemeName\" : \"SIREN\",\n \"issuer\" : \"FR\"\n }\n },\n \"creditorAccount\" : {\n \"iban\" : \"YY64COJH41059545330222956960771321\",\n \"currency\" : \"EUR\"\n }\n } ],\n \"beneficiaries\" : [ {\n \"creditor\" : {\n \"name\" : \"myMerchant\",\n \"postalAddress\" : {\n \"country\" : \"FR\",\n \"addressLine\" : [ \"18 rue de la DSP2\", \"75008 PARIS\" ]\n },\n \"organisationId\" : {\n \"identification\" : \"852126789\",\n \"schemeName\" : \"SIREN\",\n \"issuer\" : \"FR\"\n }\n },\n \"creditorAccount\" : {\n \"iban\" : \"YY64COJH41059545330222956960771321\",\n \"currency\" : \"EUR\"\n }\n } ],\n \"_links\" : {\n \"self\" : {\n \"href\" : \"/v1/trusted-beneficiaries\"\n },\n \"accounts\" : {\n \"href\" : \"/v1/accounts\"\n }\n }\n}", "x-definition-type": "Hal" }, "AccessibleAccounts": { "type": "array", "description": "List of accessible accounts for one given functionality", "example": "{\n \"workspace\": \"PRIV\",\n \"access\": true\n}", "items": { "$ref": "#/components/schemas/AccountIdentification" }, "x-definition-type": "Resources" }, "AccessibleTrustedBeneficiaries": { "type": "object", "properties": { "workspace": { "maxLength": 32, "type": "string", "description": "Identification of the workspace.\nIf not provided, the default workspace is computed from the authentication that was used for getting the OAuth2 Access Token.\n" }, "access": { "type": "boolean", "description": "Indicator that access to the trusted beneficiaries list was granted or not to the AISP by the PSU for the default workspace\n- true: the access was granted\n- false: the access was not granted\n" } }, "description": "list of workspaces for which the PSU has given consent to the access by the AISP", "example": "{\n \"workspace\" : \"PRO_1\",\n \"access\" : \"true\"\n}" }, "Access": { "required": [ "balances", "owners", "psuIdentity", "transactions" ], "type": "object", "properties": { "owners": { "$ref": "#/components/schemas/AccessibleAccounts" }, "balances": { "$ref": "#/components/schemas/AccessibleAccounts" }, "transactions": { "$ref": "#/components/schemas/AccessibleAccounts" }, "overdrafts": { "$ref": "#/components/schemas/AccessibleAccounts" }, "trustedBeneficiaries": { "type": "boolean", "description": "Indicator that access to the trusted beneficiaries list was granted or not to the AISP by the PSU\n- true: the access was granted\n- false: the access was not granted\n" }, "trustedWorkspaceBeneficiaries": { "type": "array", "description": "Indicator, for each given workspace, that access to the trusted beneficiaries list was granted or not to the AISP by the PSU.\n", "items": { "$ref": "#/components/schemas/AccessibleTrustedBeneficiaries" } }, "psuIdentity": { "type": "boolean", "description": "Indicator that access to the PSU identity, first name and last name, was granted or not to the AISP by the PSU\n- true: the access was granted\n- false: the access was not granted\n" } }, "description": "Requested access services.", "example": "{\n \"owners\" : [ ],\n \"balances\" : [ {\n \"other\" : {\n \"identification\" : \"Alias1\",\n \"schemeName\" : \"BANK\",\n \"issuer\" : \"BNKAFRPPXXX\"\n },\n \"currency\" : \"EUR\"\n }, {\n \"other\" : {\n \"identification\" : \"Alias2\",\n \"schemeName\" : \"BANK\",\n \"issuer\" : \"BNKAFRPPXXX\"\n },\n \"currency\" : \"EUR\"\n } ],\n \"transactions\" : [ {\n \"other\" : {\n \"identification\" : \"Alias1\",\n \"schemeName\" : \"BANK\",\n \"issuer\" : \"BNKAFRPPXXX\"\n },\n \"currency\" : \"EUR\"\n } ],\n \"trustedBeneficiaries\" : \"true\",\n \"psuIdentity\" : true\n}", "x-definition-type": "Resources" }, "ErrorDetail": { "type": "object", "properties": { "location": { "type": "string", "description": "Location of the erroneous parameter when not in request body", "enum": [ "header", "query" ] }, "name": { "type": "string", "description": "Name of the erroneous parameter when not in request body" }, "path": { "type": "string", "description": "JsonPath of the erroneous request body property" }, "erroneousValue": { "type": "string", "description": "Erroneous parameter value" }, "message": { "type": "string", "description": "Relevant message for the erroneous parameter" }, "expectedPattern": { "type": "string", "description": "Expected pattern, if any, that the erroneous parameter does not match with" }, "expectedValueRange": { "type": "object", "properties": { "minValue": { "type": "integer" }, "maxValue": { "type": "integer" } }, "description": "Expected value range, if any, that the erroneous parameter does not match with", "example": "{\n \"minValue\": 1,\n \"maxValue\": 100\n} " }, "expectedValueCount": { "type": "object", "properties": { "minValue": { "type": "integer" }, "maxValue": { "type": "integer" } }, "description": "Expected value count, in the case of an array item, that the erroneous parameter does not match with", "example": "{\n \"minValue\": \"1\"\n} " }, "expectedEnumeration": { "type": "array", "description": "Expected enumeration, if any, that the erroneous parameter do not match with", "items": { "type": "string" } } }, "description": "detailed error description", "x-definition-type": "Technical" }, "HalTransactionDetails": { "required": [ "_links", "details" ], "type": "object", "properties": { "details": { "type": "array", "description": "Details of the transactions", "items": { "type": "string" } }, "_links": { "$ref": "#/components/schemas/TransactionDetailsLinks" } }, "description": "HYPERMEDIA structure used for returning the details of a given transaction", "example": "{\n \"details\": [\n \"First detail\",\n \"Second detail\"\n ],\n \"links\": {\n \"transactions\": {\n \"href\": \"/v1/accounts\"\n },\n \"accounts\": {\n \"href\": \"/v1/accounts\"\n }\n }\n}", "x-definition-type": "Hal" }, "Period": { "type": "object", "properties": { "startDate": { "$ref": "#/components/schemas/StartDate" }, "endDate": { "$ref": "#/components/schemas/EndDate" } }, "description": "definition of a time period", "example": "{\n \"startDate\": \"2021-08-01T00:00+02:00\",\n \"endDate\": \"2021-08-31T00:00+02:00\"\n} " }, "TransactionDetailsLinks": { "type": "object", "properties": { "transactions": { "$ref": "#/components/schemas/GenericLink" }, "accounts": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used after retrieving details on a given transaction\n| Link | Description |\n| ---- | ----------- |\n| transactions | link to the transaction list |\n| accounts | link to the list of all available accounts |\n", "example": "{\n \"transactions\": {\n \"href\": \"/v1/accounts/Alias1/transactions\"\n },\n \"accounts\": {\n \"href\": \"/v1/accounts\"\n }\n} ", "x-definition-type": "Hal" }, "TransactionLinks": { "type": "object", "properties": { "details": { "$ref": "#/components/schemas/GenericLink" } }, "description": "links that can be used for further retrieving details on a given transaction\n| Link | Description |\n| ---- | ----------- |\n| details | link to the details of the transaction |\n", "example": "{\n \"details\": {\n \"href\": \"/v1/accounts/Alias1/transactions/Transaction1/details\"\n }\n}\n ", "x-definition-type": "Hal" } }, "responses": { "204": { "description": "No content.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": {} }, "400": { "description": "Invalid status value", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "401": { "description": "Unauthorized, authentication failure.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "403": { "description": "Forbidden, authentication successful but access to resource is not allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "404": { "description": "Not found, no request available.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "405": { "description": "Method Not Allowed.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "406": { "description": "Not Acceptable.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "408": { "description": "Request Timeout.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "409": { "description": "Conflict.\nThe request could not be completed due to a conflict with the current state of the target resource.\n", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "429": { "description": "Too many requests.", "headers": { "Warning": { "description": "Warning header.\nThis header can be used by the server to inform the client of a deprecated entry-point through the value \"299\" value and a descriptive message.\n", "schema": { "type": "string" } }, "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "500": { "description": "Internal server error.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "501": { "description": "Not Implemented.\nThis code should be used when the entry point is implemented but cannot provide a result, given the context.\nWhen the entry point is not implemented at all, HTTP400 will be returned.\n", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } }, "503": { "description": "Service unavailable.", "headers": { "X-Request-ID": { "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "schema": { "type": "string" } } }, "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ErrorModel" } } } } }, "parameters": { "AccountResourceIdentification": { "name": "accountResourceId", "in": "path", "description": "Identification of account resource to fetch", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, "PaymentRequestResourceIdentification": { "name": "paymentRequestResourceId", "in": "path", "description": "Identification of the Payment Request Resource", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, "FromEntryReference": { "name": "entryReferenceFrom", "in": "query", "description": "Specifies the value on which the result has to be computed.\n\nOnly the transaction having a technical identification greater than this value must be included within the result\n", "schema": { "maxLength": 40, "type": "string" } }, "ToEntryReference": { "name": "entryReferenceto", "in": "query", "description": "Specifies the value on which the result has to be computed.\n\nOnly the transaction having a technical identification less than or equal to this value must be included within the result\n", "schema": { "maxLength": 40, "type": "string" } }, "ToImputationDate": { "name": "dateTo", "in": "query", "description": "Exclusive maximal imputation date of the transactions.\n\nTransactions having an imputation date equal to this parameter are not included within the result.\n", "schema": { "type": "string", "format": "date-time" } }, "FromImputationDate": { "name": "dateFrom", "in": "query", "description": "Inclusive minimal imputation date of the transactions.\n\nTransactions having an imputation date equal to this parameter are included within the result.\n", "schema": { "type": "string", "format": "date-time" } }, "DateType": { "name": "dateType", "in": "query", "description": "This parameter specifies the type of date on which [dateFrom] and [dateTo] apply.\nIf not provided, the ASPSP will use its own default date type as specified in its implementation documentation.\nThe implementation documentation must also specify which date types are supported.\n", "schema": { "type": "string", "enum": [ "transactionDate", "bookingDate" ] } }, "UiLocales": { "name": "ui_locales", "in": "query", "description": "End-User's preferred languages and scripts for the user interface, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference.\n", "schema": { "maxLength": 140, "type": "string" } }, "Workspace": { "name": "workspace", "in": "query", "description": "Workspace to be used for processing an AISP request.\nIf not provided, the default workspace is computed from the authentication that was used for getting the OAuth2 Access Token.\n", "schema": { "maxLength": 32, "type": "string" } }, "AuthorizationParameter": { "name": "Authorization", "in": "header", "description": "Access token to be passed as a header", "required": true, "schema": { "type": "string" } }, "PsuIpAddressHeader": { "name": "PSU-IP-Address", "in": "header", "description": "IP address used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, "PsuIpPortHeader": { "name": "PSU-IP-Port", "in": "header", "description": "IP port used by the PSU's terminal when connecting to the TPP", "schema": { "type": "string" } }, "PsuHttpMethodHeader": { "name": "PSU-HTTP-Method", "in": "header", "description": "Http method for the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, "PsuDateHeader": { "name": "PSU-Date", "in": "header", "description": "Timestamp of the most relevant PSU's terminal request to the TTP", "schema": { "type": "string" } }, "PsuGeoLocation": { "name": "PSU-GEO-Location", "in": "header", "description": "Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP", "schema": { "type": "string" } }, "PsuUserAgentHeader": { "name": "PSU-User-Agent", "in": "header", "description": "\"User-Agent\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, "PsuRefererHeader": { "name": "PSU-Referer", "in": "header", "description": "\"Referer\" header field sent by the PSU terminal when connecting to the TPP.\nNotice that an initial typo in RFC 1945 specifies that \"referer\" (incorrect spelling) is to be used. The correct spelling \"referrer\" can be used but might not be understood.\n", "schema": { "type": "string" } }, "PsuAcceptHeader": { "name": "PSU-Accept", "in": "header", "description": "\"Accept\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, "PsuAcceptCharsetHeader": { "name": "PSU-Accept-Charset", "in": "header", "description": "\"Accept-Charset\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, "PsuAcceptEncodingHeader": { "name": "PSU-Accept-Encoding", "in": "header", "description": "\"Accept-Encoding\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, "PsuAcceptLanguageHeader": { "name": "PSU-Accept-Language", "in": "header", "description": "\"Accept-Language\" header field sent by the PSU terminal when connecting to the TPP\n", "schema": { "type": "string" } }, "PsuDeviceId": { "name": "PSU-Device-ID", "in": "header", "description": "UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.\nUUID identifies either a device or a device dependant application installation.\nIn case of installation identification this ID need to be unaltered until removal from device.\n", "schema": { "type": "string" } }, "DigestHeader": { "name": "Digest", "in": "header", "description": "Digest of the body", "schema": { "type": "string" } }, "SignatureHeader": { "name": "Signature", "in": "header", "description": "[http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)\nThe keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.\n", "schema": { "type": "string", "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Modified for CR408 (Implementation of Json Web Signature Profile)" ] }, "Correlation": { "name": "X-Request-ID", "in": "header", "description": "Correlation header to be set in a request and retrieved in the relevant response\n", "required": true, "schema": { "maxLength": 70, "type": "string" } }, "TransactionResourceIdentification": { "name": "transactionResourceId", "in": "path", "description": "Identification of transaction resource to fetch", "required": true, "schema": { "pattern": "^([a-zA-Z0-9_ /\\-?:\\()\\.,']{1,100})$", "type": "string" } }, "PsuWorkspace": { "name": "PSU-Workspace", "in": "header", "description": "Workspace to be used for processing the PSU authentication when confirming a PISP request.\n", "schema": { "maxLength": 32, "type": "string" } }, "IdempotencyHeader": { "name": "Idempotency-Key", "in": "header", "description": "Key provided by the API client to ensure idempotency in case of retry of a given request", "required": true, "schema": { "type": "string", "format": "uuid", "x-comments": [ "Added for CR526 (Add an Idempotency Header)" ] }, "x-comments": [ "Added for CR526 (Add an Idempotency Header)" ] }, "JwSignatureHeader": { "name": "X-JWS-Signature", "in": "header", "description": "[JSON WEB signature of the request](https://www.openbankingeurope.eu/media/2095/obe-json-web-signature-profile-for-open-banking.pdf)\n", "schema": { "type": "string", "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] }, "x-comments": [ "Added for CR408 (Implementation of Json Web Signature Profile)" ] } }, "requestBodies": { "PaymentRequest": { "description": "ISO20022 based payment Initiation Request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PaymentRequestResource" } } }, "required": true }, "Confirmation": { "description": "Parameters needed for confirmation of the Payment Request.\nEven though there is no parameter, a Json (void) body structure must be provided.\n", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ConfirmationResource" } } }, "required": true }, "PaymentCoverageRequest": { "description": "parameters of a payment coverage request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PaymentCoverageRequestResource" } } }, "required": true }, "Consents": { "description": "List of consents granted to the AISP by the PSU.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Access" } } }, "required": true } }, "securitySchemes": { "accessCode": { "type": "oauth2", "description": "In order to access the PSU's account information, the AISP needs to get either an authorization code grant or a Client Initiated Backchannel Authentication token.\nIn order to post a funds confirmation request, the CBPII needs to get either an authorization code grant or a Client Initiated Backchannel Authentication token when registration of the account has not been previously processed.\nIn order to confirm a Payment or Transfer Request, the PISP needs to get either an authorization code grant or a Client Initiated Backchannel Authentication token.\nThe client_id field within the token request must be filled with the value of the organization identifier attribute that was set in the distinguished name of eIDAS certificate of the TPP, according to ETSI recommandations.\n(cf paragraph 5.2.1 of [ETSI specfication](https://www.etsi.org/standards-search#page=1&search=TS119495))\n", "flows": { "authorizationCode": { "authorizationUrl": "https://oauth2.aspsp/authorization", "tokenUrl": "https://oauth2.aspsp/token", "scopes": { "aisp": "Access by an AISP to one given PSU's account", "cbpii": "Access by a CBPII to one given PSU's account to check payment coverage", "pisp": "Access by a PISP for posting a confirmation after authentication of the PSU through OAUTH2 Authorization Code", "extended_transaction_history": "Access by an AISP to a transaction history over more than the 90 last days" } } }, "x-comments": [ "The [authorizationUrl] and [tokenUrl] directives might be customized within each implementation" ] }, "clientCredentials": { "type": "oauth2", "description": "In order to post, get or cancel a Payment or Transfer Request, the PISP needs to get a client credential OAUTH2 token.\nIn order to confirm a Payment or Transfer Request, the PISP needs to get either an authorization code grant or a client credential OAUTH2 token.\nIn order to post a funds confirmation request, the CBPII needs to get a client credential OAUTH2 token when registration of the account has already been previously processed.\nThe client_id field within the token request must be filled with the value of the organization identifier attribute that was set in the distinguished name of eIDAS certificate of the TPP, according to ETSI recommandations.\n(cf paragraph 5.2.1 of [ETSI specfication](https://www.etsi.org/standards-search#page=1&search=TS119495))\n", "flows": { "clientCredentials": { "tokenUrl": "https://oauth2.aspsp/token", "scopes": { "pisp": "Access by a PISP to payments resources", "cbpii": "Access by a CBPII to one given PSU's account to check payment coverage" } } }, "x-comments": [ "The [tokenUrl] directives might be customized within each implementation" ] } } }, "x-comments": [ "The private [x-comments] structure is used to comment changes made in the OpenApi file.", "The private [x-generic] boolean aism at pointing out generic structures that will only appear once within the functional model documentation.", "The private [x-previous-name] string aism at providing the old name of a structure that was renamed.", "The private [x-not-allowed-in-post] structure indicates which structures cannot be valued by the API client during a POST.", "The private [x-definition-type] tag indicates the category of each definition.", "It is strongly recommended to use the private [x-stet-psd2-api-reference-version] tag to indicate on which version of the STET PSD2 API the current implementation is based", "In the case the current implementation specified a derived definition from the STET PSD2 API, it is strongly recommended to add a private [x-original-definition] tag within the derived structure in order to recall the original one's $ref.", "In the case the current implementation specified a derived parameter from the STET PSD2 API, it is strongly recommended to add a private [x-original-parameter] tag within the derived structure in order to recall the original one's $ref.", "The [basePath] directive might be customized within each implementation.", "The [host] directive must be customized within each implementation." ] }