{"swagger":"2.0","info":{"title":"Open Bank Project API","description":"An Open Source API for Banks. (c) TESOBE GmbH. 2011 - 2024. Licensed under the AGPL and commercial licences.","contact":{"name":"TESOBE GmbH. / Open Bank Project","url":"https://openbankproject.com","email":"contact@tesobe.com"},"version":"v5.0.0"},"host":"api3.openbankproject.com","basePath":"/","schemes":["http","https"],"securityDefinitions":{"directLogin":{"type":"apiKey","description":"https://github.com/OpenBankProject/OBP-API/wiki/Direct-Login","in":"header","name":"Authorization"},"gatewayLogin":{"type":"apiKey","description":"https://github.com/OpenBankProject/OBP-API/wiki/Gateway-Login","in":"header","name":"Authorization"}},"security":[{"directLogin":[],"gatewayLogin":[]}],"paths":{"/obp/v5.0.0/banks":{"get":{"tags":["Bank","Account Information Service (AIS)","PSD2"],"summary":"Get Banks","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"
Get banks on this API instance
Returns a list of banks supported on this server:
Authentication is Optional
","operationId":"getBanks","parameters":[],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/BanksJson400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUnknownError"}}}}},"/obp/v5.0.0/banks/{BANK_ID}":{"get":{"tags":["Bank","Account Information Service (AIS)","PSD2"],"summary":"Get Bank","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Get the bank specified by BANK_ID
Returns information about a single bank specified by BANK_ID including:
Authentication is Optional
","operationId":"getBank","parameters":[{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/BankJson500"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUnknownError"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts-held":{"get":{"tags":["Account","Account Information Service (AIS)","View-Custom","PSD2"],"summary":"Get Accounts Held","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Get Accounts held by the current User if even the User has not been assigned the owner View yet.
Can be used to onboard the account to the API - since all other account and transaction endpoints require views to be assigned.
optional request parameters:
whole url example:
/banks/BANK_ID/accounts-held?account_type_filter=330,CURRENT+PLUS&account_type_filter_operation=INCLUDE
Authentication is Mandatory
","operationId":"getAccountsHeld","parameters":[{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/CoreAccountsHeldJsonV300"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/counterparties":{"get":{"tags":["Counterparty","Payment Initiation Service (PIS)","PSD2","Account"],"summary":"Get Counterparties (Explicit)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Get the Counterparties (Explicit) for the account / view.
Authentication is Mandatory
","operationId":"getExplictCounterpartiesForAccount","parameters":[{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/CounterpartiesJson400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/counterparties/{COUNTERPARTY_ID}":{"get":{"tags":["Counterparty","Payment Initiation Service (PIS)","PSD2","Counterparty-Metadata"],"summary":"Get Counterparty by Id (Explicit)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Information returned about the Counterparty specified by COUNTERPARTY_ID:
Authentication is Mandatory
","operationId":"getExplictCounterpartyById","parameters":[{"in":"path","name":"COUNTERPARTY_ID","description":"the counterparty id","required":true,"type":"string"},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/CounterpartyWithMetadataJson400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/funds-available":{"get":{"tags":["Account","Confirmation of Funds Service (PIIS)","PSD2"],"summary":"Check Available Funds","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Check Available Funds
Mandatory URL parameters:
Authentication is Mandatory
","operationId":"checkFundsAvailable","parameters":[{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/CheckFundsAvailableJson"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/transaction-request-types":{"get":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Get Transaction Request Types for Account","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Returns the Transaction Request Types that the account specified by ACCOUNT_ID and view specified by VIEW_ID has access to.
These are the ways this API Server can create a Transaction via a Transaction Request
(as opposed to Transaction Types which include external types too e.g. for Transactions created by core banking etc.)
A Transaction Request Type internally determines:
For instance in a 'SANDBOX_TAN' Transaction Request, for amounts over 1000 currency units, the user must supply a positive integer to complete the Transaction Request and create a Transaction.
This approach aims to provide only one endpoint for initiating transactions, and one that handles challenges, whilst still allowing flexibility with the payload and internal logic.
Authentication is Mandatory
","operationId":"getTransactionRequestTypes","parameters":[{"in":"body","name":"body","description":"EmptyClassJson object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/EmptyClassJson"}},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestTypesJsonV140"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/transaction-request-types/ACCOUNT/transaction-requests":{"post":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Create Transaction Request (ACCOUNT)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"When using ACCOUNT, the payee is set in the request body.
Money goes into the BANK_ID and ACCOUNT_ID specified in the request body.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
","operationId":"createTransactionRequestAccount","parameters":[{"in":"body","name":"body","description":"TransactionRequestBodyJsonV200 object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/TransactionRequestBodyJsonV200"}},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestWithChargeJSON400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/transaction-request-types/ACCOUNT_OTP/transaction-requests":{"post":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Create Transaction Request (ACCOUNT_OTP)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"When using ACCOUNT, the payee is set in the request body.
Money goes into the BANK_ID and ACCOUNT_ID specified in the request body.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
","operationId":"createTransactionRequestAccountOtp","parameters":[{"in":"body","name":"body","description":"TransactionRequestBodyJsonV200 object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/TransactionRequestBodyJsonV200"}},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestWithChargeJSON400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/transaction-request-types/COUNTERPARTY/transaction-requests":{"post":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Create Transaction Request (COUNTERPARTY)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Special instructions for COUNTERPARTY:
When using a COUNTERPARTY to create a Transaction Request, specificy the counterparty_id in the body of the request.
The routing details of the counterparty will be forwarded for the transfer.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
","operationId":"createTransactionRequestCounterparty","parameters":[{"in":"body","name":"body","description":"TransactionRequestBodyCounterpartyJSON object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/TransactionRequestBodyCounterpartyJSON"}},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestWithChargeJSON400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/transaction-request-types/REFUND/transaction-requests":{"post":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Create Transaction Request (REFUND)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Either the from
or the to
field must be filled. Those fields refers to the information about the party that will be refunded.
In case the from
object is used, it means that the refund comes from the part that sent you a transaction.
In the from
object, you have two choices :
- Use bank_id
and account_id
fields if the other account is registered on the OBP-API
- Use the counterparty_id
field in case the counterparty account is out of the OBP-API
In case the to
object is used, it means you send a request to a counterparty to ask for a refund on a previous transaction you sent.
(This case is not managed by the OBP-API and require an external adapter)
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
","operationId":"createTransactionRequestRefund","parameters":[{"in":"body","name":"body","description":"TransactionRequestBodyRefundJsonV400 object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/TransactionRequestBodyRefundJsonV400"}},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestWithChargeJSON400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/transaction-request-types/SANDBOX_TAN/transaction-requests":{"post":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Create Transaction Request (SANDBOX_TAN)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"When using SANDBOX_TAN, the payee is set in the request body.
Money goes into the BANK_ID and ACCOUNT_ID specified in the request body.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to SANDBOX_TAN. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
{
"XAF":{
"XAF":1.0,
"HKD":0.0135503,
"AUD":0.00228226,
"KRW":1.87975,
"JOD":0.00127784,
"GBP":0.00131092,
"MXN":0.0396,
"AED":0.00601555,
"INR":0.110241,
"XBT":2.9074795E-8,
"JPY":0.185328,
"USD":0.00163773,
"ILS":0.00641333,
"EUR":0.00152449
},
"HKD":{
"XAF":73.8049,
"HKD":1.0,
"AUD":0.178137,
"KRW":143.424,
"JOD":0.0903452,
"GBP":0.0985443,
"MXN":2.8067,
"AED":0.467977,
"INR":9.09325,
"XBT":2.164242461E-6,
"JPY":14.0867,
"USD":0.127427,
"ILS":0.460862,
"EUR":0.112495
},
"AUD":{
"XAF":438.162,
"HKD":5.61346,
"AUD":1.0,
"KRW":895.304,
"JOD":0.556152,
"GBP":0.609788,
"MXN":16.0826,
"AED":2.88368,
"INR":50.4238,
"XBT":1.2284055924E-5,
"JPY":87.0936,
"USD":0.785256,
"ILS":2.83558,
"EUR":0.667969
},
"KRW":{
"XAF":0.531986,
"HKD":0.00697233,
"AUD":0.00111694,
"KRW":1.0,
"JOD":6.30634E-4,
"GBP":6.97389E-4,
"MXN":0.0183,
"AED":0.00320019,
"INR":0.0586469,
"XBT":1.4234725E-8,
"JPY":0.0985917,
"USD":8.7125E-4,
"ILS":0.00316552,
"EUR":8.11008E-4
},
"JOD":{
"XAF":782.572,
"HKD":11.0687,
"AUD":1.63992,
"KRW":1585.68,
"JOD":1.0,
"GBP":1.06757,
"MXN":30.8336,
"AED":5.18231,
"INR":90.1236,
"XBT":2.3803244006E-5,
"JPY":156.304,
"USD":1.41112,
"ILS":5.02018,
"EUR":0.237707
},
"GBP":{
"XAF":762.826,
"HKD":10.1468,
"AUD":1.63992,
"KRW":1433.92,
"JOD":0.936707,
"GBP":1.0,
"MXN":29.242,
"AED":4.58882,
"INR":84.095,
"XBT":2.2756409956E-5,
"JPY":141.373,
"USD":1.2493,
"ILS":4.7002,
"EUR":1.16278
},
"MXN":{
"XAF":25.189,
"HKD":0.3562,
"AUD":0.0621,
"KRW":54.4512,
"JOD":0.0324,
"GBP":0.0341,
"MXN":1.0,
"AED":0.1688,
"INR":3.3513,
"XBT":8.1112586E-7,
"JPY":4.8687,
"USD":0.0459,
"ILS":0.1541,
"EUR":0.0384
},
"AED":{
"XAF":166.236,
"HKD":2.13685,
"AUD":0.346779,
"KRW":312.482,
"JOD":0.1930565,
"GBP":0.217921,
"MXN":5.9217,
"AED":1.0,
"INR":18.3255,
"XBT":4.603349217E-6,
"JPY":30.8081,
"USD":0.27225,
"ILS":0.968033,
"EUR":0.253425
},
"INR":{
"XAF":9.07101,
"HKD":0.109972,
"AUD":0.0198319,
"KRW":17.0512,
"JOD":0.0110959,
"GBP":0.0118913,
"MXN":0.2983,
"AED":0.0545671,
"INR":1.0,
"XBT":2.2689396E-7,
"JPY":1.68111,
"USD":0.0148559,
"ILS":0.0556764,
"EUR":0.0138287
},
"XBT":{
"XAF":3.4353824E7,
"HKD":460448.9,
"AUD":81168.603,
"KRW":7.0131575E7,
"JOD":41960.111,
"GBP":44188.118,
"MXN":1230503.3,
"AED":217414.47,
"INR":4407607.74,
"XBT":1.0,
"JPY":6805170.8,
"USD":59245.918,
"ILS":182981.21,
"EUR":52436.431
},
"JPY":{
"XAF":5.39585,
"HKD":0.0709891,
"AUD":0.0114819,
"KRW":10.1428,
"JOD":0.00639777,
"GBP":0.0070735,
"MXN":0.2053,
"AED":0.032459,
"INR":0.594846,
"XBT":1.47171931E-7,
"JPY":1.0,
"USD":0.00883695,
"ILS":0.0320926,
"EUR":0.00822592
},
"USD":{
"XAF":610.601,
"HKD":7.84766,
"AUD":1.27347,
"KRW":1147.78,
"JOD":0.708659,
"GBP":0.800446,
"MXN":21.748,
"AED":3.6731,
"INR":67.3135,
"XBT":1.69154E-5,
"JPY":113.161,
"USD":1.0,
"ILS":3.55495,
"EUR":0.930886
},
"ILS":{
"XAF":155.925,
"HKD":2.16985,
"AUD":0.352661,
"KRW":315.903,
"JOD":0.199196,
"GBP":0.212763,
"MXN":6.4871,
"AED":1.03302,
"INR":17.9609,
"XBT":5.452272147E-6,
"JPY":31.1599,
"USD":0.281298,
"ILS":1.0,
"EUR":1.19318
},
"EUR":{
"XAF":655.957,
"HKD":8.88926,
"AUD":1.49707,
"KRW":1233.03,
"JOD":0.838098,
"GBP":0.860011,
"MXN":26.0359,
"AED":3.94594,
"INR":72.3136,
"XBT":1.9087905636E-5,
"JPY":121.567,
"USD":1.07428,
"ILS":4.20494,
"EUR":1.0
}
}
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
","operationId":"createTransactionRequestSandboxTan","parameters":[{"in":"body","name":"body","description":"TransactionRequestBodyJsonV200 object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/TransactionRequestBodyJsonV200"}},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestWithChargeJSON210"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/transaction-request-types/SEPA/transaction-requests":{"post":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Create Transaction Request (SEPA)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Special instructions for SEPA:
When using a SEPA Transaction Request, you specify the IBAN of a Counterparty in the body of the request.
The routing details (IBAN) of the counterparty will be forwarded to the core banking system for the transfer.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
","operationId":"createTransactionRequestSepa","parameters":[{"in":"body","name":"body","description":"TransactionRequestBodySEPAJsonV400 object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/TransactionRequestBodySEPAJsonV400"}},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestWithChargeJSON400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/transaction-request-types/SIMPLE/transaction-requests":{"post":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Create Transaction Request (SIMPLE)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Special instructions for SIMPLE:
You can transfer money to the Bank Account Number or Iban directly.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
","operationId":"createTransactionRequestSimple","parameters":[{"in":"body","name":"body","description":"TransactionRequestBodySimpleJsonV400 object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/TransactionRequestBodySimpleJsonV400"}},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestWithChargeJSON400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/transaction-request-types/{TRANSACTION_REQUEST_TYPE}/transaction-requests/{TRANSACTION_REQUEST_ID}/challenge":{"post":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Answer Transaction Request Challenge","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"In Sandbox mode, any string that can be converted to a positive integer will be accepted as an answer.
This endpoint totally depends on createTransactionRequest, it need get the following data from createTransactionRequest response body.
1)TRANSACTION_REQUEST_TYPE
: is the same as createTransactionRequest request URL .
2)TRANSACTION_REQUEST_ID
: is the id
field in createTransactionRequest response body.
3) id
: is challenge.id
field in createTransactionRequest response body.
4) answer
: must be 123
in case that Strong Customer Authentication method for OTP challenge is dummy.
For instance: SANDBOX_TAN_OTP_INSTRUCTION_TRANSPORT=dummy
Possible values are dummy,email and sms
In kafka mode, the answer can be got by phone message or other SCA methods.
Note that each Transaction Request Type can have its own OTP_INSTRUCTION_TRANSPORT method.
OTP_INSTRUCTION_TRANSPORT methods are set in Props. See sample.props.template for instructions.
Single or Multiple authorisations
OBP allows single or multi party authorisations.
Single party authorisation:
In the case that only one person needs to authorise i.e. answer a security challenge we have the following change of state of a transaction request
:
INITIATED => COMPLETED
Multiparty authorisation:
In the case that multiple parties (n persons) need to authorise a transaction request i.e. answer security challenges, we have the followings state flow for a transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in the case of a correct answer but the user is different than expected the challenge will fail.
Rule for calculating number of security challenges:
If Product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In the case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute, the default number of security challenges created is one.
Authentication is Mandatory
","operationId":"answerTransactionRequestChallenge","parameters":[{"in":"body","name":"body","description":"ChallengeAnswerJson400 object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/ChallengeAnswerJson400"}},{"in":"path","name":"TRANSACTION_REQUEST_ID","description":"The transaction request id","required":true,"type":"string"},{"in":"path","name":"TRANSACTION_REQUEST_TYPE","description":"The transaction request type","required":true,"type":"string"},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestWithChargeJSON210"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/transaction-requests/{TRANSACTION_REQUEST_ID}":{"get":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Get Transaction Request.","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Returns transaction request for transaction specified by TRANSACTION_REQUEST_ID and for account specified by ACCOUNT_ID at bank specified by BANK_ID.
The VIEW_ID specified must be 'owner' and the user must have access to this view.
Version 2.0.0 now returns charge information.
Transaction Requests serve to initiate transactions that may or may not proceed. They contain information including:
PSD2 Context: PSD2 requires transparency of charges to the customer.
This endpoint provides the charge that would be applied if the Transaction Request proceeds - and a record of that charge there after.
The customer can proceed with the Transaction by answering the security challenge.
Authentication is Mandatory
","operationId":"getTransactionRequest","parameters":[{"in":"path","name":"TRANSACTION_REQUEST_ID","description":"The transaction request id","required":true,"type":"string"},{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestWithChargeJSON210"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/balances":{"get":{"tags":["Account","Account Information Service (AIS)","PSD2"],"summary":"Get Account Balances","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Get the Balances for one Account of the current User at one bank.
Authentication is Mandatory
","operationId":"getBankAccountBalances","parameters":[{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/AccountBalanceJsonV400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/account_ids/private":{"get":{"tags":["Account","Account Information Service (AIS)","PSD2"],"summary":"Get Accounts at Bank (IDs only)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Returns only the list of accounts ids at BANK_ID that the user has access to.
Each account must have at least one private View.
For each account the API returns its account ID.
If you want to see more information on the Views, use the Account Detail call.
optional request parameters:
whole url example:
/banks/BANK_ID/accounts/account_ids/private?account_type_filter=330,CURRENT+PLUS&account_type_filter_operation=INCLUDE
Authentication is Mandatory
","operationId":"getPrivateAccountIdsbyBankId","parameters":[{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/AccountsIdsJsonV300"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/accounts/private":{"get":{"tags":["Account","Account Information Service (AIS)","PSD2"],"summary":"Get Accounts at Bank (Minimal)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Returns the minimal list of private accounts at BANK_ID that the user has access to.
For each account, the API returns the ID, routing addresses and the views available to the current user.
If you want to see more information on the Views, use the Account Detail call.
optional request parameters:
whole url example:
/banks/BANK_ID/accounts/private?account_type_filter=330,CURRENT+PLUS&account_type_filter_operation=INCLUDE
Authentication is Mandatory
","operationId":"privateAccountsAtOneBank","parameters":[{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/CoreAccountsJsonV300"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/balances":{"get":{"tags":["Account","Account Information Service (AIS)","PSD2"],"summary":"Get Accounts Balances","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Get the Balances for the Accounts of the current User at one bank.
Authentication is Mandatory
","operationId":"getBankAccountsBalances","parameters":[{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/AccountsBalancesJsonV400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/consents/{CONSENT_ID}/challenge":{"post":{"tags":["Consent","Account Information Service (AIS)","PSD2"],"summary":"Answer Consent Challenge","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"An OBP Consent allows the holder of the Consent to call one or more endpoints.
Consents must be created and authorisied using SCA (Strong Customer Authentication).
That is, Consents can be created by an authorised User via the OBP REST API but they must be confirmed via an out of band (OOB) mechanism such as a code sent to a mobile phone.
Each Consent has one of the following states: INITIATED, ACCEPTED, REJECTED, REVOKED, RECEIVED, VALID, REVOKEDBYPSU, EXPIRED, TERMINATEDBYTPP, AUTHORISED, AWAITINGAUTHORISATION.
Each Consent is bound to a consumer i.e. you need to identify yourself over request header value Consumer-Key.
For example:
GET /obp/v4.0.0/users/current HTTP/1.1
Host: 127.0.0.1:8080
Consent-JWT: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOlt7InJvbGVfbmFtZSI6IkNhbkdldEFueVVzZXIiLCJiYW5rX2lkIjoiIn
1dLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIzNDc1MDEzZi03YmY5LTQyNj
EtOWUxYy0xZTdlNWZjZTJlN2UiLCJhdWQiOiI4MTVhMGVmMS00YjZhLTQyMDUtYjExMi1lNDVmZDZmNGQzYWQiLCJuYmYiOjE1ODA3NDE2NjcsIml
zcyI6Imh0dHA6XC9cLzEyNy4wLjAuMTo4MDgwIiwiZXhwIjoxNTgwNzQ1MjY3LCJpYXQiOjE1ODA3NDE2NjcsImp0aSI6ImJkYzVjZTk5LTE2ZTY
tNDM4Yi1hNjllLTU3MTAzN2RhMTg3OCIsInZpZXdzIjpbXX0.L3fEEEhdCVr3qnmyRKBBUaIQ7dk1VjiFaEBW8hUNjfg
Consumer-Key: ejznk505d132ryomnhbx1qmtohurbsbb0kijajsk
cache-control: no-cache
Maximum time to live of the token is specified over props value consents.max_time_to_live. In case isn't defined default value is 3600 seconds.
Example of POST JSON:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com",
"valid_from": "2020-02-07T08:43:34Z",
"time_to_live": 3600
}
Please note that only optional fields are: consumer_id, valid_from and time_to_live.
In case you omit they the default values are used:
consumer_id = consumer of current user
valid_from = current time
time_to_live = consents.max_time_to_live
This endpoint is used to confirm a Consent previously created.
The User must supply a code that was sent out of band (OOB) for example via an SMS.
Authentication is Mandatory
","operationId":"answerConsentChallenge","parameters":[{"in":"body","name":"body","description":"PostConsentChallengeJsonV310 object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/PostConsentChallengeJsonV310"}},{"in":"path","name":"CONSENT_ID","description":"the consent id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/ConsentChallengeJsonV310"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/my/consent-infos":{"get":{"tags":["Consent","Account Information Service (AIS)","PSD2"],"summary":"Get Consents Info","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"This endpoint gets the Consents that the current User created.
Authentication is Mandatory
","operationId":"getConsentInfos","parameters":[{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/ConsentInfosJsonV400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/my/consents":{"get":{"tags":["Consent","Account Information Service (AIS)","PSD2"],"summary":"Get Consents","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"This endpoint gets the Consents that the current User created.
Authentication is Mandatory
","operationId":"getConsents","parameters":[{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/ConsentsJsonV400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/my/consents/{CONSENT_ID}/revoke":{"get":{"tags":["Consent","Account Information Service (AIS)","PSD2"],"summary":"Revoke Consent","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Revoke Consent for current user specified by CONSENT_ID
There are a few reasons you might need to revoke an application’s access to a user’s account:
- The user explicitly wishes to revoke the application’s access
- You as the service provider have determined an application is compromised or malicious, and want to disable it
- etc.
Please note that this endpoint only supports the case:: "The user explicitly wishes to revoke the application’s access"
OBP as a resource server stores access tokens in a database, then it is relatively easy to revoke some token that belongs to a particular user.
The status of the token is changed to "REVOKED" so the next time the revoked client makes a request, their token will fail to validate.
Authentication is Mandatory
","operationId":"revokeConsent","parameters":[{"in":"path","name":"CONSENT_ID","description":"the consent id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/ConsentJsonV310"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/my/consents/EMAIL":{"post":{"tags":["Consent","Account Information Service (AIS)","PSD2"],"summary":"Create Consent (EMAIL)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"This endpoint starts the process of creating a Consent.
The Consent is created in an INITIATED state.
A One Time Password (OTP) (AKA security challenge) is sent Out of band (OOB) to the User via the transport defined in SCA_METHOD
SCA_METHOD is typically "SMS" or "EMAIL". "EMAIL" is used for testing purposes.
When the Consent is created, OBP (or a backend system) stores the challenge so it can be checked later against the value supplied by the User with the Answer Consent Challenge endpoint.
An OBP Consent allows the holder of the Consent to call one or more endpoints.
Consents must be created and authorisied using SCA (Strong Customer Authentication).
That is, Consents can be created by an authorised User via the OBP REST API but they must be confirmed via an out of band (OOB) mechanism such as a code sent to a mobile phone.
Each Consent has one of the following states: INITIATED, ACCEPTED, REJECTED, REVOKED, RECEIVED, VALID, REVOKEDBYPSU, EXPIRED, TERMINATEDBYTPP, AUTHORISED, AWAITINGAUTHORISATION.
Each Consent is bound to a consumer i.e. you need to identify yourself over request header value Consumer-Key.
For example:
GET /obp/v4.0.0/users/current HTTP/1.1
Host: 127.0.0.1:8080
Consent-JWT: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOlt7InJvbGVfbmFtZSI6IkNhbkdldEFueVVzZXIiLCJiYW5rX2lkIjoiIn
1dLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIzNDc1MDEzZi03YmY5LTQyNj
EtOWUxYy0xZTdlNWZjZTJlN2UiLCJhdWQiOiI4MTVhMGVmMS00YjZhLTQyMDUtYjExMi1lNDVmZDZmNGQzYWQiLCJuYmYiOjE1ODA3NDE2NjcsIml
zcyI6Imh0dHA6XC9cLzEyNy4wLjAuMTo4MDgwIiwiZXhwIjoxNTgwNzQ1MjY3LCJpYXQiOjE1ODA3NDE2NjcsImp0aSI6ImJkYzVjZTk5LTE2ZTY
tNDM4Yi1hNjllLTU3MTAzN2RhMTg3OCIsInZpZXdzIjpbXX0.L3fEEEhdCVr3qnmyRKBBUaIQ7dk1VjiFaEBW8hUNjfg
Consumer-Key: ejznk505d132ryomnhbx1qmtohurbsbb0kijajsk
cache-control: no-cache
Maximum time to live of the token is specified over props value consents.max_time_to_live. In case isn't defined default value is 3600 seconds.
Example of POST JSON:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com",
"valid_from": "2020-02-07T08:43:34Z",
"time_to_live": 3600
}
Please note that only optional fields are: consumer_id, valid_from and time_to_live.
In case you omit they the default values are used:
consumer_id = consumer of current user
valid_from = current time
time_to_live = consents.max_time_to_live
Authentication is Mandatory
Example 1:
{
"everything": true,
"views": [],
"entitlements": [],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com"
}
Please note that consumer_id is optional field
Example 2:
{
"everything": true,
"views": [],
"entitlements": [],
"email": "eveline@example.com"
}
Please note if everything=false you need to explicitly specify views and entitlements
Example 3:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com"
}
This endpoint starts the process of creating a Consent.
The Consent is created in an INITIATED state.
A One Time Password (OTP) (AKA security challenge) is sent Out of Band (OOB) to the User via the transport defined in SCA_METHOD
SCA_METHOD is typically "SMS" or "EMAIL". "EMAIL" is used for testing purposes.
When the Consent is created, OBP (or a backend system) stores the challenge so it can be checked later against the value supplied by the User with the Answer Consent Challenge endpoint.
An OBP Consent allows the holder of the Consent to call one or more endpoints.
Consents must be created and authorisied using SCA (Strong Customer Authentication).
That is, Consents can be created by an authorised User via the OBP REST API but they must be confirmed via an out of band (OOB) mechanism such as a code sent to a mobile phone.
Each Consent has one of the following states: INITIATED, ACCEPTED, REJECTED, REVOKED, RECEIVED, VALID, REVOKEDBYPSU, EXPIRED, TERMINATEDBYTPP, AUTHORISED, AWAITINGAUTHORISATION.
Each Consent is bound to a consumer i.e. you need to identify yourself over request header value Consumer-Key.
For example:
GET /obp/v4.0.0/users/current HTTP/1.1
Host: 127.0.0.1:8080
Consent-JWT: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOlt7InJvbGVfbmFtZSI6IkNhbkdldEFueVVzZXIiLCJiYW5rX2lkIjoiIn
1dLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIzNDc1MDEzZi03YmY5LTQyNj
EtOWUxYy0xZTdlNWZjZTJlN2UiLCJhdWQiOiI4MTVhMGVmMS00YjZhLTQyMDUtYjExMi1lNDVmZDZmNGQzYWQiLCJuYmYiOjE1ODA3NDE2NjcsIml
zcyI6Imh0dHA6XC9cLzEyNy4wLjAuMTo4MDgwIiwiZXhwIjoxNTgwNzQ1MjY3LCJpYXQiOjE1ODA3NDE2NjcsImp0aSI6ImJkYzVjZTk5LTE2ZTY
tNDM4Yi1hNjllLTU3MTAzN2RhMTg3OCIsInZpZXdzIjpbXX0.L3fEEEhdCVr3qnmyRKBBUaIQ7dk1VjiFaEBW8hUNjfg
Consumer-Key: ejznk505d132ryomnhbx1qmtohurbsbb0kijajsk
cache-control: no-cache
Maximum time to live of the token is specified over props value consents.max_time_to_live. In case isn't defined default value is 3600 seconds.
Example of POST JSON:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com",
"valid_from": "2020-02-07T08:43:34Z",
"time_to_live": 3600
}
Please note that only optional fields are: consumer_id, valid_from and time_to_live.
In case you omit they the default values are used:
consumer_id = consumer of current user
valid_from = current time
time_to_live = consents.max_time_to_live
Authentication is Mandatory
Example 1:
{
"everything": true,
"views": [],
"entitlements": [],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com"
}
Please note that consumer_id is optional field
Example 2:
{
"everything": true,
"views": [],
"entitlements": [],
"email": "eveline@example.com"
}
Please note if everything=false you need to explicitly specify views and entitlements
Example 3:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com"
}
Get settlement accounts on this API instance
Returns a list of settlement accounts at this Bank
Note: a settlement account is considered as a bank account.
So you can update it and add account attributes to it using the regular account endpoints
Authentication is Mandatory
","operationId":"getSettlementAccounts","parameters":[{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/SettlementAccountsJson"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/banks/{BANK_ID}/transaction-types":{"get":{"tags":["Bank","Account Information Service (AIS)","PSD2"],"summary":"Get Transaction Types at Bank","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Get Transaction Types for the bank specified by BANK_ID:
Lists the possible Transaction Types available at the bank (as opposed to Transaction Request Types which are the possible ways Transactions can be created by this API Server).
Authentication is Optional
","operationId":"getTransactionTypes","parameters":[{"in":"body","name":"body","description":"EmptyClassJson object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/EmptyClassJson"}},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/TransactionTypesJsonV200"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorBankNotFound"}}}}},"/obp/v5.0.0/certs":{"get":{"tags":["API","Account Information Service (AIS)","PSD2"],"summary":"Get JSON Web Key (JWK)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Get the server's public JSON Web Key (JWK) set and certificate chain.
It is required by client applications to validate ID tokens, self-contained access tokens and other issued objects.
Authentication is Optional
","operationId":"getServerJWK","parameters":[],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/SeverJWK"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUnknownError"}}}}},"/obp/v5.0.0/consumer/consent-requests":{"post":{"tags":["Consent","Account Information Service (AIS)","PSD2"],"summary":"Create Consent Request","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Client Authentication (mandatory)
It is used when applications request an access token to access their own resources, not on behalf of a user.
The client needs to authenticate themselves for this request.
In case of public client we use client_id and private kew to obtain access token, otherwise we use client_id and client_secret.
The obtained access token is used in the HTTP Bearer auth header of our request.
Example:
Authorization: Bearer eXtneO-THbQtn3zvK_kQtXXfvOZyZFdBCItlPDbR2Bk.dOWqtXCtFX-tqGTVR0YrIjvAolPIVg7GZ-jz83y6nA0
Authentication is Optional
","operationId":"createConsentRequest","parameters":[{"in":"body","name":"body","description":"PostConsentRequestJsonV500 object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/PostConsentRequestJsonV500"}}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/ConsentRequestResponseJson"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorBankNotFound"}}}}},"/obp/v5.0.0/consumer/consent-requests/CONSENT_REQUEST_ID":{"get":{"tags":["Consent","Account Information Service (AIS)","PSD2"],"summary":"Get Consent Request","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Authentication is Optional
","operationId":"getConsentRequest","parameters":[],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/ConsentRequestResponseJson"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorBankNotFound"}}}}},"/obp/v5.0.0/consumer/consent-requests/CONSENT_REQUEST_ID/EMAIL/consents":{"post":{"tags":["Consent","Account Information Service (AIS)","PSD2"],"summary":"Create Consent By CONSENT_REQUEST_ID (EMAIL)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"This endpoint continues the process of creating a Consent. It starts the SCA flow which changes the status of the consent from INITIATED to ACCEPTED or REJECTED.
Please note that the Consent cannot elevate the privileges logged in user already have.
Authentication is Mandatory
","operationId":"createConsentByConsentRequestIdEmail","parameters":[],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/ConsentJsonV500"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/consumer/consent-requests/CONSENT_REQUEST_ID/SMS/consents":{"post":{"tags":["Consent","Account Information Service (AIS)","PSD2"],"summary":"Create Consent By CONSENT_REQUEST_ID (SMS)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"This endpoint continues the process of creating a Consent. It starts the SCA flow which changes the status of the consent from INITIATED to ACCEPTED or REJECTED.
Please note that the Consent cannot elevate the privileges logged in user already have.
Authentication is Mandatory
","operationId":"createConsentByConsentRequestIdSms","parameters":[],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/ConsentJsonV500"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/consumer/consent-requests/CONSENT_REQUEST_ID/consents":{"get":{"tags":["Consent","Account Information Service (AIS)","PSD2"],"summary":"Get Consent By Consent Request Id","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"This endpoint gets the Consent By consent request id.
Authentication is Mandatory
","operationId":"getConsentByConsentRequestId","parameters":[],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/ConsentJsonV500"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/management/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/{VIEW_ID}/counterparties":{"get":{"tags":["Counterparty","Payment Initiation Service (PIS)","PSD2","Account"],"summary":"Get Counterparties for any account (Explicit)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Get the Counterparties (Explicit) for any account .
Authentication is Mandatory
","operationId":"getCounterpartiesForAnyAccount","parameters":[{"in":"path","name":"VIEW_ID","description":"The view id","required":true,"type":"string"},{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/CounterpartiesJson400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/my/accounts":{"get":{"tags":["Account","Account Information Service (AIS)","PrivateData","PSD2"],"summary":"Get Accounts at all Banks (private)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Returns the list of accounts containing private views for the user.
Each account lists the views available to the user.
optional request parameters:
whole url example:
/my/accounts?account_type_filter=330,CURRENT+PLUS&account_type_filter_operation=INCLUDE
Authentication is Mandatory
","operationId":"corePrivateAccountsAllBanks","parameters":[],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/CoreAccountsJsonV300"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/my/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/account":{"get":{"tags":["Account","Account Information Service (AIS)","PSD2"],"summary":"Get Account by Id (Core)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Information returned about the account specified by ACCOUNT_ID:
This call returns the owner view and requires access to that view.
Authentication is Mandatory
","operationId":"getCoreAccountById","parameters":[{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/ModeratedCoreAccountJsonV400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}},"/obp/v5.0.0/my/banks/{BANK_ID}/accounts/{ACCOUNT_ID}/transactions":{"get":{"tags":["Transaction","Account Information Service (AIS)","Account","PSD2"],"summary":"Get Transactions for Account (Core)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"Returns transactions list (Core info) of the account specified by ACCOUNT_ID.
Authentication is Mandatory
Possible custom url parameters for pagination:
eg1:?limit=100&offset=0
eg2:?limit=100&offset=0&sort_direction=ASC
Date format parameter: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'(1100-01-01T01:01:01.000Z) ==> time zone is UTC.
eg3:?sort_direction=ASC&limit=100&offset=0&from_date=1100-01-01T01:01:01.000Z&to_date=1100-01-01T01:01:01.000Z
","operationId":"getCoreTransactionsForBankAccount","parameters":[{"in":"path","name":"ACCOUNT_ID","description":"The account id","required":true,"type":"string"},{"in":"path","name":"BANK_ID","description":"The bank id","required":true,"type":"string"}],"responses":{"200":{"description":"Success","schema":{"$ref":"#/definitions/CoreTransactionsJsonV300"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorFilterSortDirectionError"}}}}},"/obp/v5.0.0/transaction-request-types/CARD/transaction-requests":{"post":{"tags":["Transaction-Request","Payment Initiation Service (PIS)","PSD2"],"summary":"Create Transaction Request (CARD)","security":[{"directLogin":[],"gatewayLogin":[]}],"description":"When using CARD, the payee is set in the request body .
Money goes into the Counterparty in the request body.
Initiate a Payment via creating a Transaction Request.
In OBP, a transaction request
may or may not result in a transaction
. However, a transaction
only has one possible state: completed.
A Transaction Request
can have one of several states: INITIATED, NEXT_CHALLENGE_PENDING etc.
Transactions
are modeled on items in a bank statement that represent the movement of money.
Transaction Requests
are requests to move money which may or may not succeed and thus result in a Transaction
.
A Transaction Request
might create a security challenge that needs to be answered before the Transaction Request
proceeds.
In case 1 person needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => COMPLETED
In case n persons needs to answer security challenge we have next flow of state of an transaction request
:
INITIATED => NEXT_CHALLENGE_PENDING => ... => NEXT_CHALLENGE_PENDING => COMPLETED
The security challenge is bound to a user i.e. in case of right answer and the user is different than expected one the challenge will fail.
Rule for calculating number of security challenges:
If product Account attribute REQUIRED_CHALLENGE_ANSWERS=N then create N challenges
(one for every user that has a View where permission "can_add_transaction_request_to_any_account"=true)
In case REQUIRED_CHALLENGE_ANSWERS is not defined as an account attribute default value is 1.
Transaction Requests contain charge information giving the client the opportunity to proceed or not (as long as the challenge level is appropriate).
Transaction Requests can have one of several Transaction Request Types which expect different bodies. The escaped body is returned in the details key of the GET response.
This provides some commonality and one URL for many different payment or transfer types with enough flexibility to validate them differently.
The payer is set in the URL. Money comes out of the BANK_ID and ACCOUNT_ID specified in the URL.
In sandbox mode, TRANSACTION_REQUEST_TYPE is commonly set to ACCOUNT. See getTransactionRequestTypesSupportedByBank for all supported types.
In sandbox mode, if the amount is less than 1000 EUR (any currency, unless it is set differently on this server), the transaction request will create a transaction without a challenge, else the Transaction Request will be set to INITIALISED and a challenge will need to be answered.
If a challenge is created you must answer it using Answer Transaction Request Challenge before the Transaction is created.
You can transfer between different currency accounts. (new in 2.0.0). The currency in body must match the sending account.
The following static FX rates are available in sandbox mode:
Transaction Requests satisfy PSD2 requirements thus:
1) A transaction can be initiated by a third party application.
2) The customer is informed of the charge that will incurred.
3) The call supports delegated authentication (OAuth)
See this python code for a complete example of this flow.
There is further documentation here
Authentication is Mandatory
","operationId":"createTransactionRequestCard","parameters":[{"in":"body","name":"body","description":"TransactionRequestBodyCardJsonV400 object that needs to be added.","required":true,"schema":{"$ref":"#/definitions/TransactionRequestBodyCardJsonV400"}}],"responses":{"201":{"description":"Success","schema":{"$ref":"#/definitions/TransactionRequestWithChargeJSON400"}},"400":{"description":"Error","schema":{"$ref":"#/definitions/ErrorUserNotLoggedIn"}}}}}},"definitions":{"ErrorFilterSortDirectionError":{"properties":{"message":{"type":"string","example":"OBP-10023: obp_sort_direction parameter can only take two values: DESC or ASC!"}}},"ErrorUserNotLoggedIn":{"properties":{"message":{"type":"string","example":"OBP-20001: User not logged in. Authentication is required!"}}},"ErrorBankNotFound":{"properties":{"message":{"type":"string","example":"OBP-30001: Bank not found. Please specify a valid value for BANK_ID."}}},"ErrorUnknownError":{"properties":{"message":{"type":"string","example":"OBP-50000: Unknown Error."}}},"TransactionRequestRefundFrom":{"required":["counterparty_id"],"properties":{"counterparty_id":{"type":"string","example":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"}}},"AmountOfMoneyJsonV121":{"required":["currency","amount"],"properties":{"currency":{"type":"string","example":"EUR"},"amount":{"type":"string","example":"0"}}},"CounterpartyMetadataJson":{"required":["public_alias","physical_location","image_url","private_alias","url","more_info","corporate_location","open_corporates_url"],"properties":{"public_alias":{"type":"string","example":"String"},"physical_location":{"$ref":"#/definitions/LocationJsonV210"},"image_url":{"type":"string","example":"String"},"private_alias":{"type":"string","example":"String"},"url":{"type":"string","example":"String"},"more_info":{"type":"string","example":"String"},"corporate_location":{"$ref":"#/definitions/LocationJsonV210"},"open_corporates_url":{"type":"string","example":"String"}}},"TransactionRequestTransferToAccount":{"required":["description","future_date","to","transfer_type","value"],"properties":{"description":{"type":"string","example":"String"},"future_date":{"type":"string","example":"20181230"},"to":{"$ref":"#/definitions/ToAccountTransferToAccount"},"transfer_type":{"type":"string","example":"String"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"}}},"ChallengeAnswerJson400":{"required":["id","answer"],"properties":{"id":{"type":"string","example":"This is challenge.id, you can get it from `Create Transaction Request.` response, only is useful if status ==`INITIATED` there."},"answer":{"type":"string","example":"123"},"reason_code":{"type":"string","example":"[Optional] Reason code for REJECT answer (e.g. 'CUST')"},"additional_information":{"type":"string","example":"[Optional] Additional description for REJECT answer"}}},"ChallengeJsonV400":{"required":["allowed_attempts","user_id","id","link","challenge_type"],"properties":{"allowed_attempts":{"type":"integer","format":"int32","example":"3"},"user_id":{"type":"string","example":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"},"id":{"type":"string","example":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub"},"link":{"type":"string","example":"/obp/v4.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/VIEW_ID/transaction-request-types/TRANSACTION_REQUEST_TYPE/transaction-requests/TRANSACTION_REQUEST_ID/challenge"},"challenge_type":{"type":"string","example":"OBP_TRANSACTION_REQUEST_CHALLENGE"}}},"TransactionRequestTypeJsonV140":{"required":["value","charge"],"properties":{"value":{"type":"string","example":"10"},"charge":{"$ref":"#/definitions/TransactionRequestChargeJsonV140"}}},"ConsentInfoJsonV400":{"required":["created_by_user_id","api_version","last_usage_date","status","consumer_id","api_standard","consent_id","last_action_date"],"properties":{"created_by_user_id":{"type":"string","example":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"},"api_version":{"type":"string","example":"v1.3"},"last_usage_date":{"type":"string","example":"2021-04-08T09:12:27Z"},"status":{"type":"string","example":"INITIATED"},"consumer_id":{"type":"string","example":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"},"api_standard":{"type":"string","example":"Berlin Group"},"consent_id":{"type":"string","example":"9d429899-24f5-42c8-8565-943ffa6a7945"},"last_action_date":{"type":"string","example":"2020-01-27"}}},"CounterpartyIdJson":{"required":["counterparty_id"],"properties":{"counterparty_id":{"type":"string","example":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"}}},"TransactionRequestRefundTo":{"properties":{"bank_id":{"type":"string","example":"gh.29.uk"},"account_id":{"type":"string","example":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"},"counterparty_id":{"type":"string","example":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"}}},"TransactionRequestChargeJsonV140":{"required":["summary","value"],"properties":{"summary":{"type":"string","example":"The bank fixed charge"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"}}},"ThisAccountJsonV300":{"required":["id","bank_routing","account_routings","holders"],"properties":{"id":{"type":"string","example":"String"},"bank_routing":{"$ref":"#/definitions/BankRoutingJsonV121"},"account_routings":{"type":"array","items":{"$ref":"#/definitions/AccountRoutingJsonV121"}},"holders":{"type":"array","items":{"$ref":"#/definitions/AccountHolderJSON"}}}},"AmountOfMoney":{"required":["currency","amount"],"properties":{"currency":{"type":"string","example":"EUR"},"amount":{"type":"string","example":"100"}}},"CoreAccountJson":{"required":["account_routings","label","account_type","bank_id","id","views"],"properties":{"account_routings":{"type":"array","items":{"$ref":"#/definitions/AccountRoutingJsonV121"}},"label":{"type":"string","example":"String"},"account_type":{"type":"string","example":"330"},"bank_id":{"type":"string","example":"gh.29.uk"},"id":{"type":"string","example":"5995d6a2-01b3-423c-a173-5481df49bdaf"},"views":{"type":"array","items":{"$ref":"#/definitions/ViewBasicV300"}}}},"TransactionRequestBodyJsonV200":{"required":["to","value","description"],"properties":{"to":{"$ref":"#/definitions/TransactionRequestAccountJsonV140"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"},"description":{"type":"string","example":"this is for work"}}},"IbanJson":{"required":["iban"],"properties":{"iban":{"type":"string","example":"123"}}},"TransactionTypesJsonV200":{"required":["transaction_types"],"properties":{"transaction_types":{"type":"array","items":{"$ref":"#/definitions/TransactionTypeJsonV200"}}}},"ConsentJsonV500":{"required":["consent_id","jwt","status"],"properties":{"consent_id":{"type":"string","example":"9d429899-24f5-42c8-8565-943ffa6a7945"},"jwt":{"type":"string","example":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4"},"status":{"type":"string","example":"INITIATED"},"consent_request_id":{"type":"string","example":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"}}},"CoreCounterpartyJsonV300":{"required":["id","holder","bank_routing","account_routings"],"properties":{"id":{"type":"string","example":"5995d6a2-01b3-423c-a173-5481df49bdaf"},"holder":{"$ref":"#/definitions/AccountHolderJSON"},"bank_routing":{"$ref":"#/definitions/BankRoutingJsonV121"},"account_routings":{"type":"array","items":{"$ref":"#/definitions/AccountRoutingJsonV121"}}}},"TransactionTypeJsonV200":{"required":["description","short_code","bank_id","id","charge","summary"],"properties":{"description":{"type":"string","example":"PlaceholderString"},"short_code":{"type":"string","example":"PlaceholderString"},"bank_id":{"type":"string","example":"gh.29.uk"},"id":{"$ref":"#/definitions/TransactionTypeId"},"charge":{"$ref":"#/definitions/AmountOfMoneyJsonV121"},"summary":{"type":"string","example":"PlaceholderString"}}},"AccountHeldJson":{"required":["number","account_routings","label","bank_id","id"],"properties":{"number":{"type":"string","example":"123"},"account_routings":{"type":"array","items":{"$ref":"#/definitions/AccountRoutingJsonV121"}},"label":{"type":"string","example":"My Account"},"bank_id":{"type":"string","example":"123"},"id":{"type":"string","example":"12314"}}},"AccountRoutingJsonV121":{"required":["scheme","address"],"properties":{"scheme":{"type":"string","example":"AccountNumber"},"address":{"type":"string","example":"4930396"}}},"BankJson500":{"required":["bank_routings","website","full_name","logo","id","bank_code"],"properties":{"bank_routings":{"type":"array","items":{"$ref":"#/definitions/BankRoutingJsonV121"}},"website":{"type":"string","example":"bank logoUrl string"},"full_name":{"type":"string","example":"bank fullName string"},"attributes":{"type":"array","items":{"$ref":"#/definitions/BankAttributeBankResponseJsonV400"}},"logo":{"type":"string","example":"bank logoUrl string"},"id":{"type":"string","example":"gh.29.uk"},"bank_code":{"type":"string","example":"CGHZ"}}},"TransactionRequestChargeJsonV200":{"required":["summary","value"],"properties":{"summary":{"type":"string","example":"Rent the flat"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"}}},"TransactionAttributeResponseJson":{"required":["transaction_attribute_id","name","type","value"],"properties":{"transaction_attribute_id":{"type":"string","example":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"},"name":{"type":"string","example":"HOUSE_RENT"},"type":{"type":"string","example":"DATE_WITH_DAY"},"value":{"type":"string","example":"123456789"}}},"AccountRouting":{"required":["scheme","address"],"properties":{"scheme":{"type":"string","example":"accountNumber"},"address":{"type":"string","example":"123456"}}},"SettlementAccountsJson":{"required":["settlement_accounts"],"properties":{"settlement_accounts":{"type":"array","items":{"$ref":"#/definitions/SettlementAccountJson"}}}},"AccountAttributeResponseJson":{"required":["name","account_attribute_id","product_code","type","value"],"properties":{"name":{"type":"string","example":"OVERDRAFT_START_DATE"},"account_attribute_id":{"type":"string","example":"613c83ea-80f9-4560-8404-b9cd4ec42a7f"},"product_code":{"type":"string","example":"1234BW"},"type":{"type":"string","example":"DATE_WITH_DAY"},"product_instance_code":{"type":"string","example":"LKJL98769F"},"value":{"type":"string","example":"2012-04-23"}}},"TransactionRequestBodyAllTypes":{"required":["description","value"],"properties":{"to_transfer_to_phone":{"$ref":"#/definitions/TransactionRequestTransferToPhone"},"description":{"type":"string","example":"This an optional field. Maximum length is 2000. It can be any characters here."},"to_transfer_to_atm":{"$ref":"#/definitions/TransactionRequestTransferToAtm"},"to_counterparty":{"$ref":"#/definitions/TransactionRequestCounterpartyId"},"to_sepa_credit_transfers":{"$ref":"#/definitions/SepaCreditTransfers"},"to_simple":{"$ref":"#/definitions/TransactionRequestSimple"},"to_sepa":{"$ref":"#/definitions/TransactionRequestIban"},"to_transfer_to_account":{"$ref":"#/definitions/TransactionRequestTransferToAccount"},"value":{"$ref":"#/definitions/AmountOfMoney"},"to_sandbox_tan":{"$ref":"#/definitions/TransactionRequestAccount"}}},"AccountBalanceJsonV400":{"required":["account_routings","label","bank_id","account_id","balances"],"properties":{"account_routings":{"type":"array","items":{"$ref":"#/definitions/AccountRouting"}},"label":{"type":"string","example":"My Account"},"bank_id":{"type":"string","example":"gh.29.uk"},"account_id":{"type":"string","example":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"},"balances":{"type":"array","items":{"$ref":"#/definitions/BalanceJsonV400"}}}},"TransactionRequestTypesJsonV140":{"required":["transaction_request_types"],"properties":{"transaction_request_types":{"type":"array","items":{"$ref":"#/definitions/TransactionRequestTypeJsonV140"}}}},"TransactionRequestBodyCardJsonV400":{"required":["card","to","value","description"],"properties":{"card":{"$ref":"#/definitions/CardJsonV400"},"to":{"$ref":"#/definitions/CounterpartyIdJson"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"},"description":{"type":"string","example":"A card payment description. "}}},"AccountsIdsJsonV300":{"required":["accounts"],"properties":{"accounts":{"type":"array","items":{"$ref":"#/definitions/AccountIdJson"}}}},"TransactionRequestAccountJsonV140":{"required":["bank_id","account_id"],"properties":{"bank_id":{"type":"string","example":"gh.29.uk"},"account_id":{"type":"string","example":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"}}},"PostConsentPhoneJsonV310":{"required":["phone_number","everything","views","entitlements"],"properties":{"phone_number":{"type":"string","example":"+44 07972 444 876"},"time_to_live":{"type":"integer","format":"int64","example":"3600"},"everything":{"type":"boolean","example":"false"},"consumer_id":{"type":"string"},"valid_from":{"type":"string","format":"date","example":"2024-03-29T00:00:36Z"},"views":{"type":"array","items":{"$ref":"#/definitions/PostConsentViewJsonV310"}},"entitlements":{"type":"array","items":{"$ref":"#/definitions/PostConsentEntitlementJsonV310"}}}},"SettlementAccountJson":{"required":["account_attributes","branch_id","account_routings","label","balance","payment_system","account_id"],"properties":{"account_attributes":{"type":"array","items":{"$ref":"#/definitions/AccountAttributeResponseJson"}},"branch_id":{"type":"string","example":"DERBY6"},"account_routings":{"type":"array","items":{"$ref":"#/definitions/AccountRoutingJsonV121"}},"label":{"type":"string","example":"My Account"},"balance":{"$ref":"#/definitions/AmountOfMoneyJsonV121"},"payment_system":{"type":"string","example":"SEPA"},"account_id":{"type":"string","example":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"}}},"TransactionRequestBodyRefundJsonV400":{"required":["description","refund","value"],"properties":{"description":{"type":"string","example":"A refund description. "},"refund":{"$ref":"#/definitions/RefundJson"},"to":{"$ref":"#/definitions/TransactionRequestRefundTo"},"from":{"$ref":"#/definitions/TransactionRequestRefundFrom"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"}}},"ToAccountTransferToAtmKycDocument":{"required":["type","number"],"properties":{"type":{"type":"string","example":"String"},"number":{"type":"string","example":"String"}}},"TransactionRequestWithChargeJSON400":{"required":["start_date","id","end_date","status","from","details","charge","type","transaction_ids","challenges"],"properties":{"start_date":{"type":"string","format":"date","example":"1100-01-01T00:00:00Z"},"id":{"type":"string","example":"4050046c-63b3-4868-8a22-14b4181d33a6"},"end_date":{"type":"string","format":"date","example":"1100-01-01T00:00:00Z"},"status":{"type":"string","example":"COMPLETED"},"from":{"$ref":"#/definitions/TransactionRequestAccountJsonV140"},"details":{"$ref":"#/definitions/TransactionRequestBodyAllTypes"},"charge":{"$ref":"#/definitions/TransactionRequestChargeJsonV200"},"type":{"type":"string","example":"SANDBOX_TAN"},"transaction_ids":{"type":"array","items":{"type":"string"}},"challenges":{"type":"array","items":{"$ref":"#/definitions/ChallengeJsonV400"}}}},"PostSimpleCounterpartyJson400":{"required":["other_account_routing_address","other_account_routing_scheme","name","other_account_secondary_routing_address","description","other_branch_routing_address","other_bank_routing_scheme","other_branch_routing_scheme","other_bank_routing_address","other_account_secondary_routing_scheme"],"properties":{"other_account_routing_address":{"type":"string","example":"36f8a9e6-c2b1-407a-8bd0-421b7119307e"},"other_account_routing_scheme":{"type":"string","example":"OBP"},"name":{"type":"string","example":"John Smith Ltd."},"other_account_secondary_routing_address":{"type":"string","example":"DE89370400440532013000"},"description":{"type":"string","example":"The piano lession-Invoice No:68"},"other_branch_routing_address":{"type":"string","example":"12f8a9e6-c2b1-407a-8bd0-421b7119307e"},"other_bank_routing_scheme":{"type":"string","example":"OBP"},"other_branch_routing_scheme":{"type":"string","example":"OBP"},"other_bank_routing_address":{"type":"string","example":"gh.29.uk"},"other_account_secondary_routing_scheme":{"type":"string","example":"IBAN"}}},"CoreTransactionDetailsJSON":{"required":["new_balance","description","completed","type","value","posted"],"properties":{"new_balance":{"$ref":"#/definitions/AmountOfMoneyJsonV121"},"description":{"type":"string","example":"OBP"},"completed":{"type":"string","format":"date","example":"1100-01-01T00:00:00Z"},"type":{"type":"string","example":"AC"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"},"posted":{"type":"string","format":"date","example":"1100-01-01T00:00:00Z"}}},"CounterpartyWithMetadataJson400":{"required":["other_account_routing_address","other_account_routing_scheme","created_by_user_id","name","other_account_secondary_routing_address","is_beneficiary","description","other_branch_routing_address","bespoke","other_bank_routing_scheme","other_branch_routing_scheme","this_account_id","this_view_id","currency","metadata","other_bank_routing_address","this_bank_id","counterparty_id","other_account_secondary_routing_scheme"],"properties":{"other_account_routing_address":{"type":"string","example":"36f8a9e6-c2b1-407a-8bd0-421b7119307e"},"other_account_routing_scheme":{"type":"string","example":"OBP"},"created_by_user_id":{"type":"string","example":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"},"name":{"type":"string","example":"CounterpartyName"},"other_account_secondary_routing_address":{"type":"string","example":"DE89370400440532013000"},"is_beneficiary":{"type":"boolean","example":"true"},"description":{"type":"string","example":"My landlord"},"other_branch_routing_address":{"type":"string","example":"12f8a9e6-c2b1-407a-8bd0-421b7119307e"},"bespoke":{"type":"array","items":{"$ref":"#/definitions/PostCounterpartyBespokeJson"}},"other_bank_routing_scheme":{"type":"string","example":"OBP"},"other_branch_routing_scheme":{"type":"string","example":"OBP"},"this_account_id":{"type":"string","example":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"},"this_view_id":{"type":"string","example":"owner"},"currency":{"type":"string","example":"EUR"},"metadata":{"$ref":"#/definitions/CounterpartyMetadataJson"},"other_bank_routing_address":{"type":"string","example":"gh.29.uk"},"this_bank_id":{"type":"string","example":"gh.29.uk"},"counterparty_id":{"type":"string","example":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"},"other_account_secondary_routing_scheme":{"type":"string","example":"IBAN"}}},"TransactionRequestIban":{"required":["iban"],"properties":{"iban":{"type":"string","example":"String"}}},"TransactionRequestSimple":{"required":["otherAccountSecondaryRoutingAddress","otherBankRoutingScheme","otherBranchRoutingScheme","otherAccountRoutingScheme","otherBankRoutingAddress","otherAccountRoutingAddress","otherAccountSecondaryRoutingScheme","otherBranchRoutingAddress"],"properties":{"otherAccountSecondaryRoutingAddress":{"type":"string","example":"DE91 1000 0000 0123 4567 89"},"otherBankRoutingScheme":{"type":"string","example":"BIC"},"otherBranchRoutingScheme":{"type":"string","example":"BRANCH-CODE"},"otherAccountRoutingScheme":{"type":"string","example":"IBAN"},"otherBankRoutingAddress":{"type":"string","example":"GENODEM1GLS"},"otherAccountRoutingAddress":{"type":"string","example":"DE91 1000 0000 0123 4567 89"},"otherAccountSecondaryRoutingScheme":{"type":"string","example":"IBAN"},"otherBranchRoutingAddress":{"type":"string","example":"DERBY6"}}},"TransactionRequestAccount":{"required":["bank_id","account_id"],"properties":{"bank_id":{"type":"string","example":"String"},"account_id":{"type":"string","example":"String"}}},"CardJsonV400":{"required":["expiry_year","cvv","expiry_month","brand","card_number","name_on_card","card_type"],"properties":{"expiry_year":{"type":"string","example":"2023"},"cvv":{"type":"string","example":"123"},"expiry_month":{"type":"string","example":"01"},"brand":{"type":"string","example":"Visa"},"card_number":{"type":"string","example":"364435172576215"},"name_on_card":{"type":"string","example":"SusanSmith"},"card_type":{"type":"string","example":"Credit"}}},"ConsentJsonV400":{"required":["api_version","jwt","status","api_standard","consent_id"],"properties":{"api_version":{"type":"string","example":"v1.3"},"jwt":{"type":"string","example":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4"},"status":{"type":"string","example":"INITIATED"},"api_standard":{"type":"string","example":"Berlin Group"},"consent_id":{"type":"string","example":"9d429899-24f5-42c8-8565-943ffa6a7945"}}},"CoreTransactionJsonV300":{"required":["this_account","id","details","other_account","transaction_attributes"],"properties":{"this_account":{"$ref":"#/definitions/ThisAccountJsonV300"},"id":{"type":"string","example":"5995d6a2-01b3-423c-a173-5481df49bdaf"},"details":{"$ref":"#/definitions/CoreTransactionDetailsJSON"},"other_account":{"$ref":"#/definitions/CoreCounterpartyJsonV300"},"transaction_attributes":{"type":"array","items":{"$ref":"#/definitions/TransactionAttributeResponseJson"}}}},"BankRoutingJsonV121":{"required":["scheme","address"],"properties":{"scheme":{"type":"string","example":"scheme value"},"address":{"type":"string","example":""}}},"AccountIdJson":{"required":["id"],"properties":{"id":{"type":"string","example":"5995d6a2-01b3-423c-a173-5481df49bdaf"}}},"TransactionRequestBodyCounterpartyJSON":{"required":["description","to","charge_policy","value"],"properties":{"description":{"type":"string","example":"A description for the transaction to the counterparty"},"future_date":{"type":"string","example":"20200127"},"to":{"$ref":"#/definitions/CounterpartyIdJson"},"charge_policy":{"type":"string","example":"SHARED"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"}}},"CounterpartiesJson400":{"required":["counterparties"],"properties":{"counterparties":{"type":"array","items":{"$ref":"#/definitions/CounterpartyJson400"}}}},"CoreAccountsHeldJsonV300":{"required":["accounts"],"properties":{"accounts":{"type":"array","items":{"$ref":"#/definitions/AccountHeldJson"}}}},"TransactionRequestCounterpartyId":{"required":["counterparty_id"],"properties":{"counterparty_id":{"type":"string","example":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"}}},"TransactionTypeId":{"required":["value"],"properties":{"value":{"type":"string","example":"123"}}},"ModeratedCoreAccountJsonV400":{"required":["number","account_routings","label","balance","views_basic","product_code","bank_id","id"],"properties":{"number":{"type":"string","example":"546387432"},"account_routings":{"type":"array","items":{"$ref":"#/definitions/AccountRoutingJsonV121"}},"label":{"type":"string","example":"My Account"},"balance":{"$ref":"#/definitions/AmountOfMoneyJsonV121"},"views_basic":{"type":"array","items":{"type":"string"}},"product_code":{"type":"string","example":"AC"},"bank_id":{"type":"string","example":"gh.29.uk"},"id":{"type":"string","example":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"}}},"ConsentsJsonV400":{"required":["consents"],"properties":{"consents":{"type":"array","items":{"$ref":"#/definitions/ConsentJsonV400"}}}},"PostCounterpartyBespokeJson":{"required":["key","value"],"properties":{"key":{"type":"string","example":"englishName"},"value":{"type":"string","example":"english Name"}}},"ConsentRequestResponseJson":{"required":["consent_request_id","payload","consumer_id"],"properties":{"consent_request_id":{"type":"string","example":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"},"payload":{"type":"object","properties":{"everything":{"type":"boolean","example":"false"},"account_access":{"type":"array","items":{"type":"object","properties":{"account_routing":{"type":"object","properties":{"scheme":{"type":"string","example":"AccountNumber"},"address":{"type":"string","example":"4930396"}},"required":["scheme","address"]},"view_id":{"type":"string","example":"owner"}},"required":["account_routing","view_id"]}},"phone_number":{"type":"string","example":"+44 07972 444 876"},"valid_from":{"type":"string","example":"2022-06-14T12:42:00Z"},"time_to_live":{"type":"integer","format":"int32","example":"3600"}},"required":["everything","account_access","phone_number","valid_from","time_to_live"]},"consumer_id":{"type":"string","example":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"}}},"ViewBasicV300":{"required":["id","short_name","description","is_public"],"properties":{"id":{"type":"string","example":"owner"},"short_name":{"type":"string","example":"Owner"},"description":{"type":"string","example":"This view is for the owner for the account."},"is_public":{"type":"boolean","example":"false"}}},"ConsentJsonV310":{"required":["consent_id","jwt","status"],"properties":{"consent_id":{"type":"string","example":"9d429899-24f5-42c8-8565-943ffa6a7945"},"jwt":{"type":"string","example":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4"},"status":{"type":"string","example":"INITIATED"}}},"BankAttributeBankResponseJsonV400":{"required":["name","value"],"properties":{"name":{"type":"string","example":"ACCOUNT_MANAGEMENT_FEE"},"value":{"type":"string","example":"5987953"}}},"ToAccountTransferToAtm":{"required":["legal_name","date_of_birth","mobile_phone_number","kyc_document"],"properties":{"legal_name":{"type":"string","example":"Eveline Tripman"},"date_of_birth":{"type":"string","example":"20181230"},"mobile_phone_number":{"type":"string","example":"+44 07972 444 876"},"kyc_document":{"$ref":"#/definitions/ToAccountTransferToAtmKycDocument"}}},"PostConsentEmailJsonV310":{"required":["email","everything","views","entitlements"],"properties":{"time_to_live":{"type":"integer","format":"int64","example":"3600"},"email":{"type":"string","example":"felixsmith@example.com"},"everything":{"type":"boolean","example":"false"},"consumer_id":{"type":"string","example":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"},"valid_from":{"type":"string","format":"date","example":"2024-03-29T00:00:36Z"},"views":{"type":"array","items":{"$ref":"#/definitions/PostConsentViewJsonV310"}},"entitlements":{"type":"array","items":{"$ref":"#/definitions/PostConsentEntitlementJsonV310"}}}},"TransactionRequestBodySEPAJsonV400":{"required":["description","to","charge_policy","value"],"properties":{"description":{"type":"string","example":"This is a SEPA Transaction Request"},"future_date":{"type":"string","example":"20200127"},"to":{"$ref":"#/definitions/IbanJson"},"charge_policy":{"type":"string","example":"SHARED"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"},"reasons":{"type":"array","items":{"$ref":"#/definitions/TransactionRequestReasonJsonV400"}}}},"CheckFundsAvailableJson":{"required":["answer","date","available_funds_request_id"],"properties":{"answer":{"type":"string","example":"yes"},"date":{"type":"string","format":"date","example":"2024-03-29T00:00:36Z"},"available_funds_request_id":{"type":"string","example":"c4ykz59svsr9b7fmdxk8ezs7"}}},"ChallengeJsonV140":{"required":["id","allowed_attempts","challenge_type"],"properties":{"id":{"type":"string","example":"be1a183d-b301-4b83-b855-5eeffdd3526f"},"allowed_attempts":{"type":"integer","format":"int32","example":"3"},"challenge_type":{"type":"string","example":"SANDBOX_TAN"}}},"AccountsBalancesJsonV400":{"required":["accounts"],"properties":{"accounts":{"type":"array","items":{"$ref":"#/definitions/AccountBalanceJsonV400"}}}},"LocationJsonV210":{"required":["latitude","longitude","date","user"],"properties":{"latitude":{"type":"number","format":"double","example":"11.45"},"longitude":{"type":"number","format":"double","example":"11.45"},"date":{"type":"string","format":"date","example":"1100-01-01T00:00:00Z"},"user":{"$ref":"#/definitions/UserJSONV210"}}},"CoreTransactionsJsonV300":{"required":["transactions"],"properties":{"transactions":{"type":"array","items":{"$ref":"#/definitions/CoreTransactionJsonV300"}}}},"TransactionRequestTransferToAtm":{"required":["description","to","from","message","value"],"properties":{"description":{"type":"string","example":"String"},"to":{"$ref":"#/definitions/ToAccountTransferToAtm"},"from":{"$ref":"#/definitions/FromAccountTransfer"},"message":{"type":"string","example":"String"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"}}},"SepaCreditTransfers":{"required":["debtorAccount","instructedAmount","creditorAccount","creditorName"],"properties":{"debtorAccount":{"$ref":"#/definitions/PaymentAccount"},"instructedAmount":{"$ref":"#/definitions/AmountOfMoneyJsonV121"},"creditorAccount":{"$ref":"#/definitions/PaymentAccount"},"creditorName":{"type":"string","example":"John Miles"}}},"ToAccountTransferToAccount":{"required":["name","bank_code","branch_number","account"],"properties":{"name":{"type":"string","example":"String"},"bank_code":{"type":"string","example":"String"},"branch_number":{"type":"string","example":"String"},"account":{"$ref":"#/definitions/ToAccountTransferToAccountAccount"}}},"UserJSONV210":{"required":["id","provider","username"],"properties":{"id":{"type":"string","example":"123"},"provider":{"type":"string","example":"http://127.0.0.1:8080"},"username":{"type":"string","example":"felixsmith"}}},"BankJson400":{"required":["bank_routings","website","full_name","logo","id","short_name"],"properties":{"bank_routings":{"type":"array","items":{"$ref":"#/definitions/BankRoutingJsonV121"}},"website":{"type":"string","example":"www.openbankproject.com"},"full_name":{"type":"string","example":"full_name"},"attributes":{"type":"array","items":{"$ref":"#/definitions/BankAttributeBankResponseJsonV400"}},"logo":{"type":"string","example":"logo"},"id":{"type":"string","example":"gh.29.uk"},"short_name":{"type":"string","example":"short_name "}}},"ConsentInfosJsonV400":{"required":["consents"],"properties":{"consents":{"type":"array","items":{"$ref":"#/definitions/ConsentInfoJsonV400"}}}},"AccountHolderJSON":{"required":["name","is_alias"],"properties":{"name":{"type":"string","example":"OBP"},"is_alias":{"type":"boolean","example":"true"}}},"BanksJson400":{"required":["banks"],"properties":{"banks":{"type":"array","items":{"$ref":"#/definitions/BankJson400"}}}},"SeverJWK":{"required":["e","n","kty","use","kid"],"properties":{"e":{"type":"string","example":"AQAB"},"n":{"type":"string","example":"hrB0OWqg6AeNU3WCnhheG18R5EbQtdNYGOaSeylTjkj2lZr0_vkhNVYvase-CroxO4HOT06InxTYwLnmJiyv2cZxReuoVjTlk--olGu-9MZooiFiqWez0JzndyKxQ27OiAjFsMh0P04kaUXeHKhXRfiU7K2FqBshR1UlnWe7iHLkq2p9rrGjxQc7ff0w-Uc0f-8PWg36Y2Od7s65493iVQwnI13egqMaSvgB1s8_dgm08noEjhr8C5m1aKmr5oipWEPNi-SBV2VNuiCLR1IEPuXq0tOwwZfv31t34KPO-2H2bbaWmzGJy9mMOGqoNrbXyGiUZoyeHRELaNtm1GilyQ"},"kty":{"type":"string","example":"RSA"},"use":{"type":"string","example":"sig"},"kid":{"type":"string","example":"fr6-BxXH5gikFeZ2O6rGk0LUmJpukeswASN_TMW8U_s"}}},"ToAccountTransferToAccountAccount":{"required":["number","iban"],"properties":{"number":{"type":"string","example":"String"},"iban":{"type":"string","example":"String"}}},"ToAccountTransferToPhone":{"required":["mobile_phone_number"],"properties":{"mobile_phone_number":{"type":"string","example":"+44 07972 444 876"}}},"CoreAccountsJsonV300":{"required":["accounts"],"properties":{"accounts":{"type":"array","items":{"$ref":"#/definitions/CoreAccountJson"}}}},"FromAccountTransfer":{"required":["mobile_phone_number","nickname"],"properties":{"mobile_phone_number":{"type":"string","example":"+44 07972 444 876"},"nickname":{"type":"string","example":"String"}}},"TransactionRequestBodySimpleJsonV400":{"required":["description","to","charge_policy","value"],"properties":{"description":{"type":"string","example":"This an optional field. Maximum length is 2000. It can be any characters here."},"future_date":{"type":"string","example":"20200127"},"to":{"$ref":"#/definitions/PostSimpleCounterpartyJson400"},"charge_policy":{"type":"string","example":"SHARED"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"}}},"TransactionRequestTransferToPhone":{"required":["description","to","from","message","value"],"properties":{"description":{"type":"string","example":"String"},"to":{"$ref":"#/definitions/ToAccountTransferToPhone"},"from":{"$ref":"#/definitions/FromAccountTransfer"},"message":{"type":"string","example":"String"},"value":{"$ref":"#/definitions/AmountOfMoneyJsonV121"}}},"TransactionRequestWithChargeJSON210":{"required":["challenge","start_date","id","end_date","status","from","details","charge","type","transaction_ids"],"properties":{"challenge":{"$ref":"#/definitions/ChallengeJsonV140"},"start_date":{"type":"string","format":"date","example":"1100-01-01T00:00:00Z"},"id":{"type":"string","example":"4050046c-63b3-4868-8a22-14b4181d33a6"},"end_date":{"type":"string","format":"date","example":"1100-01-01T00:00:00Z"},"status":{"type":"string","example":"COMPLETED"},"from":{"$ref":"#/definitions/TransactionRequestAccountJsonV140"},"details":{"$ref":"#/definitions/TransactionRequestBodyAllTypes"},"charge":{"$ref":"#/definitions/TransactionRequestChargeJsonV200"},"type":{"type":"string","example":"SANDBOX_TAN"},"transaction_ids":{"type":"array","items":{"type":"string"}}}},"PostConsentRequestJsonV500":{"required":["account_access","everything"],"properties":{"phone_number":{"type":"string","example":"+44 07972 444 876"},"time_to_live":{"type":"integer","format":"int64","example":"3600"},"email":{"type":"string","example":"felixsmith@example.com"},"account_access":{"type":"array","items":{"$ref":"#/definitions/AccountAccessV500"}},"everything":{"type":"boolean","example":"false"},"consumer_id":{"type":"string","example":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"},"valid_from":{"type":"string","format":"date","example":"2024-03-29T00:00:36Z"},"entitlements":{"type":"array","items":{"$ref":"#/definitions/PostConsentEntitlementJsonV310"}}}},"CounterpartyJson400":{"required":["other_account_routing_address","other_account_routing_scheme","created_by_user_id","name","other_account_secondary_routing_address","is_beneficiary","description","other_branch_routing_address","bespoke","other_bank_routing_scheme","other_branch_routing_scheme","this_account_id","this_view_id","currency","other_bank_routing_address","this_bank_id","counterparty_id","other_account_secondary_routing_scheme"],"properties":{"other_account_routing_address":{"type":"string","example":"36f8a9e6-c2b1-407a-8bd0-421b7119307e"},"other_account_routing_scheme":{"type":"string","example":"OBP"},"created_by_user_id":{"type":"string","example":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"},"name":{"type":"string","example":"CounterpartyName"},"other_account_secondary_routing_address":{"type":"string","example":"DE89370400440532013000"},"is_beneficiary":{"type":"boolean","example":"true"},"description":{"type":"string","example":"My landlord"},"other_branch_routing_address":{"type":"string","example":"12f8a9e6-c2b1-407a-8bd0-421b7119307e"},"bespoke":{"type":"array","items":{"$ref":"#/definitions/PostCounterpartyBespokeJson"}},"other_bank_routing_scheme":{"type":"string","example":"OBP"},"other_branch_routing_scheme":{"type":"string","example":"OBP"},"this_account_id":{"type":"string","example":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"},"this_view_id":{"type":"string","example":"owner"},"currency":{"type":"string","example":"EUR"},"other_bank_routing_address":{"type":"string","example":"gh.29.uk"},"this_bank_id":{"type":"string","example":"gh.29.uk"},"counterparty_id":{"type":"string","example":"9fg8a7e4-6d02-40e3-a129-0b2bf89de8uh"},"other_account_secondary_routing_scheme":{"type":"string","example":"IBAN"}}},"PaymentAccount":{"required":["iban"],"properties":{"iban":{"type":"string","example":"GB33BUKB20201555555555"}}},"BalanceJsonV400":{"required":["type","currency","amount"],"properties":{"type":{"type":"string","example":""},"currency":{"type":"string","example":"EUR"},"amount":{"type":"string","example":"10"}}},"PostConsentViewJsonV310":{"required":["bank_id","account_id","view_id"],"properties":{"bank_id":{"type":"string","example":"gh.29.uk"},"account_id":{"type":"string","example":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"},"view_id":{"type":"string","example":"owner"}}},"PostConsentEntitlementJsonV310":{"required":["bank_id","role_name"],"properties":{"bank_id":{"type":"string","example":"gh.29.uk"},"role_name":{"type":"string","example":"CanGetCustomer"}}},"RefundJson":{"required":["transaction_id","reason_code"],"properties":{"transaction_id":{"type":"string","example":"2fg8a7e4-6d02-40e3-a129-0b2bf89de8ub"},"reason_code":{"type":"string","example":"CUST"}}},"TransactionRequestReasonJsonV400":{"required":["code"],"properties":{"description":{"type":"string","example":"SEPA payment"},"amount":{"type":"string","example":"100"},"code":{"type":"string","example":"410"},"document_number":{"type":"string","example":"2020/154"},"currency":{"type":"string","example":"EUR"}}},"AccountAccessV500":{"required":["account_routing","view_id"],"properties":{"account_routing":{"$ref":"#/definitions/AccountRoutingJsonV121"},"view_id":{"type":"string","example":"owner"}}},"EmptyClassJson":{"required":["jsonString"],"properties":{"jsonString":{"type":"string","example":"{}"}}},"PostConsentChallengeJsonV310":{"required":["answer"],"properties":{"answer":{"type":"string","example":"12345678"}}},"ConsentChallengeJsonV310":{"required":["consent_id","jwt","status"],"properties":{"consent_id":{"type":"string","example":"9d429899-24f5-42c8-8565-943ffa6a7945"},"jwt":{"type":"string","example":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4"},"status":{"type":"string","example":"INITIATED"}}}}}