--- swagger: "2.0" info: contact: email: info@berlin-group.org name: The Berlin Group - A European Standards Initiative url: https://www.berlin-group.org/ description: "# Endpoints url \ndiscount sandbox \nhttps://mtls-api-nonprod.discountbank.co.il/devapi/cert\n\ndiscount prod \nhttps://mtls-api.discountbank.co.il/prod/d\n\nmercantile sandbox \ \nhttps://mtls-api-nonprod.mercantile.co.il/devapi/cert\n\nmercantile prod \nhttps://mtls-api.mercantile.co.il/prod/d\n\n# Summary\nLike a (regular payment) account, specific savings accounts can be addressed in a consent request by identifying the account by its IBAN.\nIn some cases, a savings / loan accountmight not be connected to any globally defined identifier. Therefore, the additional element "other" \nis used, which might be provided instead of or in addition to an IBAN thereby identifying the specific account, for which a consent is requested.\n\nAdditionally, a savings account can be addressed by an Account Access Object containing an identifier of the savings account / loan account accompanied by\nthe specification of the cashAccountType to Type "SVGS"/ "LOAN". A consent of this type will grant the access to the related savingsaccount/ loan account, if the\nASPSP supports the corresponding endpoints at all.\n\nAs a third / fourth way to establish a savings specific consent, the TPP can request a bank-offered consent or a global consent but restricting the \ requested \naccess to a certain cashAccountType �e.g. "SVGS" or "LOAN". A consent of this type grant the access to accounts of only the related type (e.g. savings account/\nloan account),if the ASPSP supports the corresponding endpoints at all.\n\nNot supported query parameters \nRead Savings Account Transaction List: entryReferenceFrom, deltaList \nRead Loan Account Transaction List: entryReferenceFrom, deltaList" license: name: Creative Commons Attribution 4.0 International Public License url: https://creativecommons.org/licenses/by/4.0/ title: PSD2 Savings and Loans 1.4 version: "1.4" x-ibm-name: psd2-savings-and-loans-1-4 name: "" basePath: /psd2 schemes: - https paths: /v1.4/loans: get: produces: - application/json - application/problem+json parameters: - description: ID of the request, unique to the call, as determined by the initiating party. format: uuid in: header name: X-Request-ID required: true type: string x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 - description: Is contained if and only if the "Signature" element is contained in the header of the request. in: header name: Digest required: true type: string x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A= - description: | A signature of the request by the TPP on application level. This might be mandated by ASPSP. in: header name: Signature required: true type: string x-example: | keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" - description: "The certificate used for signing the request, in base64 encoding. \nMust be contained if a signature is contained.\n" format: byte in: header name: TPP-Signature-Certificate required: true type: string - description: | This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation. in: header name: Consent-ID required: true type: string - description: "The forwarded IP Address header field consists of the corresponding HTTP request \nIP Address field between PSU and TPP. \nIt shall be contained if and only if this request was actively initiated by the PSU.\n" format: ipv4 in: header name: PSU-IP-Address required: false type: string x-example: 192.168.8.78 - description: | The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. in: header name: PSU-IP-Port required: false type: string x-example: "1234" - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Charset required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Encoding required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Language required: false type: string - description: | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. in: header name: PSU-User-Agent required: false type: string - description: | HTTP method used at the PSU ? TPP interface, if available. Valid values are: * GET * POST * PUT * PATCH * DELETE enum: - GET - POST - PUT - PATCH - DELETE in: header name: PSU-Http-Method required: false type: string - description: | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device. format: uuid in: header name: PSU-Device-ID required: false type: string x-example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555 - description: | The forwarded Geo Location of the corresponding http request between PSU and TPP if available. in: header name: PSU-Geo-Location pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$ required: false type: string x-example: GEO:52.506931;13.144558 responses: 200: description: OK examples: application/json: $ref: '#/x-components/examples/loanAccountListExample' headers: X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: description: | List of loan accounts with details. properties: loanAccounts: items: $ref: '#/definitions/accountDetailsSavingsLoans' type: array required: - loanAccounts type: object 400: description: Bad Request headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error400_NG_AIS' 401: description: Unauthorized headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error401_NG_AIS' 403: description: Forbidden headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error403_NG_AIS' 404: description: Not found headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error404_NG_AIS' 405: description: Method Not Allowed headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error405_NG_AIS' 406: description: Not Acceptable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error406_NG_AIS' 408: description: Request Timeout headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 409: description: Conflict headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error409_NG_AIS' 415: description: Unsupported Media Type headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 429: description: Too Many Requests headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error429_NG_AIS' 500: description: Internal Server Error headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 503: description: Service Unavailable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string tags: - Extended Account Information Service (AIS) - loans - account list description: "Reads a list of loan accounts potentially with additional information, e.g. balance information.\nIt is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. \nThe addressed list of savings accounts depends then on the stored consent addressed by consentId,\nrespectively the OAuth2 accesstoken.\n" operationId: accounts-LOAN:get_loans summary: Read list of loans account security: - oauth-Berlin: - accounts-LOAN /v1.4/loans/{loan-account-id}: get: produces: - application/json - application/problem+json parameters: - description: "This identification is denoting the addressed loan account. \nThe loan-account-id is retrieved by using a \"readLoanAccountList\".\nThe loan-account-id is the \"resourceId\" attribute of the loan account structure.\nIts value is constant at least throughout the lifecycle of a given consent.\n" in: path name: loan-account-id required: true type: string - description: ID of the request, unique to the call, as determined by the initiating party. format: uuid in: header name: X-Request-ID required: true type: string x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 - description: Is contained if and only if the "Signature" element is contained in the header of the request. in: header name: Digest required: true type: string x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A= - description: | A signature of the request by the TPP on application level. This might be mandated by ASPSP. in: header name: Signature required: true type: string x-example: | keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" - description: "The certificate used for signing the request, in base64 encoding. \nMust be contained if a signature is contained.\n" format: byte in: header name: TPP-Signature-Certificate required: true type: string - description: | This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation. in: header name: Consent-ID required: true type: string - description: "The forwarded IP Address header field consists of the corresponding HTTP request \nIP Address field between PSU and TPP. \nIt shall be contained if and only if this request was actively initiated by the PSU.\n" format: ipv4 in: header name: PSU-IP-Address required: false type: string x-example: 192.168.8.78 - description: | The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. in: header name: PSU-IP-Port required: false type: string x-example: "1234" - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Charset required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Encoding required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Language required: false type: string - description: | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. in: header name: PSU-User-Agent required: false type: string - description: | HTTP method used at the PSU ? TPP interface, if available. Valid values are: * GET * POST * PUT * PATCH * DELETE enum: - GET - POST - PUT - PATCH - DELETE in: header name: PSU-Http-Method required: false type: string - description: | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device. format: uuid in: header name: PSU-Device-ID required: false type: string x-example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555 - description: | The forwarded Geo Location of the corresponding http request between PSU and TPP if available. in: header name: PSU-Geo-Location pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$ required: false type: string x-example: GEO:52.506931;13.144558 responses: 200: description: OK examples: application/json: $ref: '#/x-components/examples/loanAccountDetailsExample' headers: X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: properties: loanAccount: $ref: '#/definitions/accountDetailsSavingsLoans' required: - loanAccount type: object 400: description: Bad Request headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error400_NG_AIS' 401: description: Unauthorized headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error401_NG_AIS' 403: description: Forbidden headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error403_NG_AIS' 404: description: Not found headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error404_NG_AIS' 405: description: Method Not Allowed headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error405_NG_AIS' 406: description: Not Acceptable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error406_NG_AIS' 408: description: Request Timeout headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 409: description: Conflict headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error409_NG_AIS' 415: description: Unsupported Media Type headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 429: description: Too Many Requests headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error429_NG_AIS' 500: description: Internal Server Error headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 503: description: Service Unavailable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string security: - oauth-Berlin: - accounts-LOAN tags: - Account Information Service (AIS) - loans - account details description: "Reads details about a loan account. \nIt is assumed that a consent of the PSU to \nthis access is already given and stored on the ASPSP system. \nThe addressed details of this account depend then on the stored consent addressed by consentId, \nrespectively the OAuth2 access token.\n \n" operationId: accounts-LOAN:get_loan summary: Read loan account details /v1.4/loans/{loan-account-id}/balances: get: produces: - application/json - application/problem+json parameters: - description: "This identification is denoting the addressed loan account. \nThe loan-account-id is retrieved by using a \"readLoanAccountList\".\nThe loan-account-id is the \"resourceId\" attribute of the loan account structure.\nIts value is constant at least throughout the lifecycle of a given consent.\n" in: path name: loan-account-id required: true type: string - description: ID of the request, unique to the call, as determined by the initiating party. format: uuid in: header name: X-Request-ID required: true type: string x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 - description: Is contained if and only if the "Signature" element is contained in the header of the request. in: header name: Digest required: true type: string x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A= - description: | A signature of the request by the TPP on application level. This might be mandated by ASPSP. in: header name: Signature required: true type: string x-example: | keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" - description: "The certificate used for signing the request, in base64 encoding. \nMust be contained if a signature is contained.\n" format: byte in: header name: TPP-Signature-Certificate required: true type: string - description: | This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation. in: header name: Consent-ID required: true type: string - description: "The forwarded IP Address header field consists of the corresponding HTTP request \nIP Address field between PSU and TPP. \nIt shall be contained if and only if this request was actively initiated by the PSU.\n" format: ipv4 in: header name: PSU-IP-Address required: false type: string x-example: 192.168.8.78 - description: | The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. in: header name: PSU-IP-Port required: false type: string x-example: "1234" - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Charset required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Encoding required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Language required: false type: string - description: | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. in: header name: PSU-User-Agent required: false type: string - description: | HTTP method used at the PSU ? TPP interface, if available. Valid values are: * GET * POST * PUT * PATCH * DELETE enum: - GET - POST - PUT - PATCH - DELETE in: header name: PSU-Http-Method required: false type: string - description: | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device. format: uuid in: header name: PSU-Device-ID required: false type: string x-example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555 - description: | The forwarded Geo Location of the corresponding http request between PSU and TPP if available. in: header name: PSU-Geo-Location pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$ required: false type: string x-example: GEO:52.506931;13.144558 responses: 200: description: OK headers: X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: properties: balances: items: $ref: '#/definitions/balance' type: array loanAccount: $ref: '#/definitions/accountReference' required: - loanAccount - balances type: object 400: description: Bad Request headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error400_NG_AIS' 401: description: Unauthorized headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error401_NG_AIS' 403: description: Forbidden headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error403_NG_AIS' 404: description: Not found headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error404_NG_AIS' 405: description: Method Not Allowed headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error405_NG_AIS' 406: description: Not Acceptable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error406_NG_AIS' 408: description: Request Timeout headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 409: description: Conflict headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error409_NG_AIS' 415: description: Unsupported Media Type headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 429: description: Too Many Requests headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error429_NG_AIS' 500: description: Internal Server Error headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 503: description: Service Unavailable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string security: - oauth-Berlin: - balances-LOAN tags: - Account Information Service (AIS) - loans - balances description: | Reads balance data from a given loan account addressed by "loan-account-id". The loan-account-id is constant at least throughout the lifecycle of a given consent. operationId: balances-LOAN:get_loan_balances summary: Read Loan Account Balances /v1.4/loans/{loan-account-id}/transactions: get: produces: - application/json - application/problem+json parameters: - description: "This identification is denoting the addressed loan account. \nThe loan-account-id is retrieved by using a \"readLoanAccountList\".\nThe loan-account-id is the \"resourceId\" attribute of the loan account structure.\nIts value is constant at least throughout the lifecycle of a given consent.\n" in: path name: loan-account-id required: true type: string - description: "Conditional: Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required\nand if bookingStatus does not equal \"information\".\n\nFor booked transactions, the relevant date is the booking date. \n\nFor pending transactions, the relevant date is the entry date, which may not be transparent \nneither in this API nor other channels of the ASPSP.\n" format: date in: query name: dateFrom required: true type: string - description: "End date (inclusive the data dateTo) of the transaction list, default is \"now\" if not given. \n\nMight be ignored if a delta function is used.\n\nFor booked transactions, the relevant date is the booking date. \n\nFor pending transactions, the relevant date is the entry date, which may not be transparent \nneither in this API nor other channels of the ASPSP.\n" format: date in: query name: dateTo required: false type: string - description: "Permitted codes are \n * \"booked\",\n * \"pending\", \n \ * \"both\",\n * \"information\" and\n * \"all\"\n\"booked\" shall be supported by the ASPSP.\nTo support the \"pending\" and \"both\" feature is optional for the ASPSP, \nError code if not supported in the online banking frontend.\nIf supported, \"both\" means to request transaction reports of transaction of bookingStatus either \"pending\" or \"booked\".\nTo support the \"information\" feature is optional for the ASPSP. Currently the booking status “information” only covers standing orders. Error code if not supported.\nTo support the \"all\" feature is optional for the ASPSP, Error code if not supported. If supported, \"all\" means to request transaction reports of transaction of any bookingStatus (\"pending\", \"booked\" or \"information\").\n" enum: - information - booked - pending - both - all in: query name: bookingStatus required: true type: string - description: ID of the request, unique to the call, as determined by the initiating party. format: uuid in: header name: X-Request-ID required: true type: string x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 - description: Is contained if and only if the "Signature" element is contained in the header of the request. in: header name: Digest required: true type: string x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A= - description: | A signature of the request by the TPP on application level. This might be mandated by ASPSP. in: header name: Signature required: true type: string x-example: | keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" - description: "The certificate used for signing the request, in base64 encoding. \nMust be contained if a signature is contained.\n" format: byte in: header name: TPP-Signature-Certificate required: true type: string - description: | This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation. in: header name: Consent-ID required: true type: string - description: "The forwarded IP Address header field consists of the corresponding HTTP request \nIP Address field between PSU and TPP. \nIt shall be contained if and only if this request was actively initiated by the PSU.\n" format: ipv4 in: header name: PSU-IP-Address required: false type: string x-example: 192.168.8.78 - description: | The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. in: header name: PSU-IP-Port required: false type: string x-example: "1234" - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Charset required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Encoding required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Language required: false type: string - description: | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. in: header name: PSU-User-Agent required: false type: string - description: | HTTP method used at the PSU ? TPP interface, if available. Valid values are: * GET * POST * PUT * PATCH * DELETE enum: - GET - POST - PUT - PATCH - DELETE in: header name: PSU-Http-Method required: false type: string - description: | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device. format: uuid in: header name: PSU-Device-ID required: false type: string x-example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555 - description: | The forwarded Geo Location of the corresponding http request between PSU and TPP if available. in: header name: PSU-Geo-Location pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$ required: false type: string x-example: GEO:52.506931;13.144558 responses: 200: description: OK headers: X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: description: | Body of the JSON response for a successful read transaction list request. This account report contains transactions resulting from the query parameters. properties: _links: $ref: '#/definitions/_linksPagination' balances: items: $ref: '#/definitions/balance' type: array loanAccount: $ref: '#/definitions/accountReference' transactions: $ref: '#/definitions/accountReport' required: - loanAccount type: object 400: description: Bad Request headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error400_NG_AIS' 401: description: Unauthorized headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error401_NG_AIS' 403: description: Forbidden headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error403_NG_AIS' 404: description: Not found headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error404_NG_AIS' 405: description: Method Not Allowed headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error405_NG_AIS' 406: description: Not Acceptable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error406_NG_AIS' 408: description: Request Timeout headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 409: description: Conflict headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error409_NG_AIS' 415: description: Unsupported Media Type headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 429: description: Too Many Requests headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error429_NG_AIS' 500: description: Internal Server Error headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 503: description: Service Unavailable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string security: - oauth-Berlin: - transactions-LOAN tags: - Account Information Service (AIS) - loans - transactions description: "'Reads transaction data from a given loan account addressed by \"loan-account-id\". \nThis can be booked or pending transactions. \n\nNote: The ASPSP might use standard compression methods on application level for the response message \nas indicated in the content encoding header. \n\nRemark: Please note that the PATH might be already given in detail by the response of the \n\"Read Loan Account List\" call within the _links subfield.'\n" operationId: transactions-LOAN:get_loan_transactions summary: Read transaction list of a loan account /v1.4/savings: get: produces: - application/json - application/problem+json parameters: - description: ID of the request, unique to the call, as determined by the initiating party. format: uuid in: header name: X-Request-ID required: true type: string x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 - description: Is contained if and only if the "Signature" element is contained in the header of the request. in: header name: Digest required: true type: string x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A= - description: | A signature of the request by the TPP on application level. This might be mandated by ASPSP. in: header name: Signature required: true type: string x-example: | keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" - description: "The certificate used for signing the request, in base64 encoding. \nMust be contained if a signature is contained.\n" format: byte in: header name: TPP-Signature-Certificate required: true type: string - description: | This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation. in: header name: Consent-ID required: true type: string - description: "The forwarded IP Address header field consists of the corresponding HTTP request \nIP Address field between PSU and TPP. \nIt shall be contained if and only if this request was actively initiated by the PSU.\n" format: ipv4 in: header name: PSU-IP-Address required: false type: string x-example: 192.168.8.78 - description: | The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. in: header name: PSU-IP-Port required: false type: string x-example: "1234" - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Charset required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Encoding required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Language required: false type: string - description: | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. in: header name: PSU-User-Agent required: false type: string - description: | HTTP method used at the PSU ? TPP interface, if available. Valid values are: * GET * POST * PUT * PATCH * DELETE enum: - GET - POST - PUT - PATCH - DELETE in: header name: PSU-Http-Method required: false type: string - description: | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device. format: uuid in: header name: PSU-Device-ID required: false type: string x-example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555 - description: | The forwarded Geo Location of the corresponding http request between PSU and TPP if available. in: header name: PSU-Geo-Location pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$ required: false type: string x-example: GEO:52.506931;13.144558 responses: 200: description: OK examples: application/json: $ref: '#/x-components/examples/savingsAccountListExample' headers: X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: description: | List of savings accounts with details. properties: savingsAccounts: items: $ref: '#/definitions/accountDetailsSavingsLoans' type: array required: - savingsAccounts type: object 400: description: Bad Request headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error400_NG_AIS' 401: description: Unauthorized headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error401_NG_AIS' 403: description: Forbidden headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error403_NG_AIS' 404: description: Not found headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error404_NG_AIS' 405: description: Method Not Allowed headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error405_NG_AIS' 406: description: Not Acceptable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error406_NG_AIS' 408: description: Request Timeout headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 409: description: Conflict headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error409_NG_AIS' 415: description: Unsupported Media Type headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 429: description: Too Many Requests headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error429_NG_AIS' 500: description: Internal Server Error headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 503: description: Service Unavailable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string security: - oauth-Berlin: - accounts-SVGS tags: - Extended Account Information Service (AIS) - savings - account list description: "Reads a list of savings accounts potentially with additional information, e.g. balance information.\nIt is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. \nThe addressed list of savings accounts depends then on the stored consent addressed by consentId,\nrespectively the OAuth2 accesstoken.\n" operationId: accounts-SVGS:get_savings summary: Read list of savings accounts /v1.4/savings/{savings-account-id}: get: produces: - application/json - application/problem+json parameters: - description: "This identification is denoting the addressed savings account. \nThe savings-account-id is retrieved by using a \"Read SavingsAccountList\".\nThe savings-account-id is the \"resourceId\" attribute of the savings account structure.\nIts value is constant at least throughout the lifecycle of a given consent.\n" in: path name: savings-account-id required: true type: string - description: ID of the request, unique to the call, as determined by the initiating party. format: uuid in: header name: X-Request-ID required: true type: string x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 - description: Is contained if and only if the "Signature" element is contained in the header of the request. in: header name: Digest required: true type: string x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A= - description: | A signature of the request by the TPP on application level. This might be mandated by ASPSP. in: header name: Signature required: true type: string x-example: | keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" - description: "The certificate used for signing the request, in base64 encoding. \nMust be contained if a signature is contained.\n" format: byte in: header name: TPP-Signature-Certificate required: true type: string - description: | This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation. in: header name: Consent-ID required: true type: string - description: "The forwarded IP Address header field consists of the corresponding HTTP request \nIP Address field between PSU and TPP. \nIt shall be contained if and only if this request was actively initiated by the PSU.\n" format: ipv4 in: header name: PSU-IP-Address required: false type: string x-example: 192.168.8.78 - description: | The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. in: header name: PSU-IP-Port required: false type: string x-example: "1234" - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Charset required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Encoding required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Language required: false type: string - description: | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. in: header name: PSU-User-Agent required: false type: string - description: | HTTP method used at the PSU ? TPP interface, if available. Valid values are: * GET * POST * PUT * PATCH * DELETE enum: - GET - POST - PUT - PATCH - DELETE in: header name: PSU-Http-Method required: false type: string - description: | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device. format: uuid in: header name: PSU-Device-ID required: false type: string x-example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555 - description: | The forwarded Geo Location of the corresponding http request between PSU and TPP if available. in: header name: PSU-Geo-Location pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$ required: false type: string x-example: GEO:52.506931;13.144558 responses: 200: description: OK examples: application/json: $ref: '#/x-components/examples/savingsAccountDetailsExample' headers: X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: properties: savingsAccount: $ref: '#/definitions/accountDetailsSavingsLoans' required: - savingsAccount type: object 400: description: Bad Request headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error400_NG_AIS' 401: description: Unauthorized headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error401_NG_AIS' 403: description: Forbidden headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error403_NG_AIS' 404: description: Not found headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error404_NG_AIS' 405: description: Method Not Allowed headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error405_NG_AIS' 406: description: Not Acceptable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error406_NG_AIS' 408: description: Request Timeout headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 409: description: Conflict headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error409_NG_AIS' 415: description: Unsupported Media Type headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 429: description: Too Many Requests headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error429_NG_AIS' 500: description: Internal Server Error headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 503: description: Service Unavailable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string security: - oauth-Berlin: - accounts-SVGS tags: - Account Information Service (AIS) - savings - account details description: "Reads details about a savings account. \nIt is assumed that a consent of the PSU to \nthis access is already given and stored on the ASPSP system. \nThe addressed details of this account depend then on the stored consent addressed by consentId, \nrespectively the OAuth2 access token.\n \ \n" operationId: accounts-SVGS:get_saving summary: Read savings account details /v1.4/savings/{savings-account-id}/balances: get: produces: - application/json - application/problem+json parameters: - description: "This identification is denoting the addressed savings account. \nThe savings-account-id is retrieved by using a \"Read SavingsAccountList\".\nThe savings-account-id is the \"resourceId\" attribute of the savings account structure.\nIts value is constant at least throughout the lifecycle of a given consent.\n" in: path name: savings-account-id required: true type: string - description: ID of the request, unique to the call, as determined by the initiating party. format: uuid in: header name: X-Request-ID required: true type: string x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 - description: Is contained if and only if the "Signature" element is contained in the header of the request. in: header name: Digest required: true type: string x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A= - description: | A signature of the request by the TPP on application level. This might be mandated by ASPSP. in: header name: Signature required: true type: string x-example: | keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" - description: "The certificate used for signing the request, in base64 encoding. \nMust be contained if a signature is contained.\n" format: byte in: header name: TPP-Signature-Certificate required: true type: string - description: | This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation. in: header name: Consent-ID required: true type: string - description: "The forwarded IP Address header field consists of the corresponding HTTP request \nIP Address field between PSU and TPP. \nIt shall be contained if and only if this request was actively initiated by the PSU.\n" format: ipv4 in: header name: PSU-IP-Address required: false type: string x-example: 192.168.8.78 - description: | The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. in: header name: PSU-IP-Port required: false type: string x-example: "1234" - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Charset required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Encoding required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Language required: false type: string - description: | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. in: header name: PSU-User-Agent required: false type: string - description: | HTTP method used at the PSU ? TPP interface, if available. Valid values are: * GET * POST * PUT * PATCH * DELETE enum: - GET - POST - PUT - PATCH - DELETE in: header name: PSU-Http-Method required: false type: string - description: | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device. format: uuid in: header name: PSU-Device-ID required: false type: string x-example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555 - description: | The forwarded Geo Location of the corresponding http request between PSU and TPP if available. in: header name: PSU-Geo-Location pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$ required: false type: string x-example: GEO:52.506931;13.144558 responses: 200: description: OK headers: X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: properties: balances: description: 'BOI Remark: ASPSP must provide at least one balanceType and all balances that presented in the online channels.' items: $ref: '#/definitions/balance' type: array savingsAccount: $ref: '#/definitions/accountReference' required: - savingsAccount - balances type: object 400: description: Bad Request headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error400_NG_AIS' 401: description: Unauthorized headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error401_NG_AIS' 403: description: Forbidden headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error403_NG_AIS' 404: description: Not found headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error404_NG_AIS' 405: description: Method Not Allowed headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error405_NG_AIS' 406: description: Not Acceptable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error406_NG_AIS' 408: description: Request Timeout headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 409: description: Conflict headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error409_NG_AIS' 415: description: Unsupported Media Type headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 429: description: Too Many Requests headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error429_NG_AIS' 500: description: Internal Server Error headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 503: description: Service Unavailable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string security: - oauth-Berlin: - balances-SVGS tags: - Account Information Service (AIS) - savings - balances description: | Reads balancedata from a given savings account addressed by "savings-account-id". The savings-account-id is constant at least throughout the lifecycle of a given consent. operationId: balances-SVGS:get_saving_balances summary: Read Savings Account Balances /v1.4/savings/{savings-account-id}/transactions: get: produces: - application/json - application/problem+json parameters: - description: "This identification is denoting the addressed savings account. \nThe savings-account-id is retrieved by using a \"Read SavingsAccountList\".\nThe savings-account-id is the \"resourceId\" attribute of the savings account structure.\nIts value is constant at least throughout the lifecycle of a given consent.\n" in: path name: savings-account-id required: true type: string - description: "Conditional: Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required\nand if bookingStatus does not equal \"information\".\n\nFor booked transactions, the relevant date is the booking date. \n\nFor pending transactions, the relevant date is the entry date, which may not be transparent \nneither in this API nor other channels of the ASPSP.\n" format: date in: query name: dateFrom required: true type: string - description: "End date (inclusive the data dateTo) of the transaction list, default is \"now\" if not given. \n\nMight be ignored if a delta function is used.\n\nFor booked transactions, the relevant date is the booking date. \n\nFor pending transactions, the relevant date is the entry date, which may not be transparent \nneither in this API nor other channels of the ASPSP.\n" format: date in: query name: dateTo required: false type: string - description: "Permitted codes are \n * \"booked\",\n * \"pending\", \n \ * \"both\",\n * \"information\" and\n * \"all\"\n\"booked\" shall be supported by the ASPSP.\nTo support the \"pending\" and \"both\" feature is optional for the ASPSP, \nError code if not supported in the online banking frontend.\nIf supported, \"both\" means to request transaction reports of transaction of bookingStatus either \"pending\" or \"booked\".\nTo support the \"information\" feature is optional for the ASPSP. Currently the booking status “information” only covers standing orders. Error code if not supported.\nTo support the \"all\" feature is optional for the ASPSP, Error code if not supported. If supported, \"all\" means to request transaction reports of transaction of any bookingStatus (\"pending\", \"booked\" or \"information\").\n" enum: - information - booked - pending - both - all in: query name: bookingStatus required: true type: string - description: ID of the request, unique to the call, as determined by the initiating party. format: uuid in: header name: X-Request-ID required: true type: string x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 - description: Is contained if and only if the "Signature" element is contained in the header of the request. in: header name: Digest required: true type: string x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A= - description: | A signature of the request by the TPP on application level. This might be mandated by ASPSP. in: header name: Signature required: true type: string x-example: | keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" - description: "The certificate used for signing the request, in base64 encoding. \nMust be contained if a signature is contained.\n" format: byte in: header name: TPP-Signature-Certificate required: true type: string - description: | This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation. in: header name: Consent-ID required: true type: string - description: "The forwarded IP Address header field consists of the corresponding HTTP request \nIP Address field between PSU and TPP. \nIt shall be contained if and only if this request was actively initiated by the PSU.\n" format: ipv4 in: header name: PSU-IP-Address required: false type: string x-example: 192.168.8.78 - description: | The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. in: header name: PSU-IP-Port required: false type: string x-example: "1234" - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Charset required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Encoding required: false type: string - description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Language required: false type: string - description: | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. in: header name: PSU-User-Agent required: false type: string - description: | HTTP method used at the PSU ? TPP interface, if available. Valid values are: * GET * POST * PUT * PATCH * DELETE enum: - GET - POST - PUT - PATCH - DELETE in: header name: PSU-Http-Method required: false type: string - description: | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device. format: uuid in: header name: PSU-Device-ID required: false type: string x-example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555 - description: | The forwarded Geo Location of the corresponding http request between PSU and TPP if available. in: header name: PSU-Geo-Location pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$ required: false type: string x-example: GEO:52.506931;13.144558 responses: 200: description: OK headers: X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: description: | Body of the JSON response for a successful read transaction list request. This account report contains transactions resulting from the query parameters. properties: _links: $ref: '#/definitions/_linksPagination' balances: items: $ref: '#/definitions/balance' type: array savingsAccount: $ref: '#/definitions/accountReference' transactions: $ref: '#/definitions/accountReport' required: - savingsAccount type: object 400: description: Bad Request headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error400_NG_AIS' 401: description: Unauthorized headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error401_NG_AIS' 403: description: Forbidden headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error403_NG_AIS' 404: description: Not found headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error404_NG_AIS' 405: description: Method Not Allowed headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error405_NG_AIS' 406: description: Not Acceptable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error406_NG_AIS' 408: description: Request Timeout headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 409: description: Conflict headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error409_NG_AIS' 415: description: Unsupported Media Type headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 429: description: Too Many Requests headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string schema: $ref: '#/definitions/Error429_NG_AIS' 500: description: Internal Server Error headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string 503: description: Service Unavailable headers: Location: description: | Location of the created resource. format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid type: string security: - oauth-Berlin: - transactions-SVGS tags: - Account Information Service (AIS) - savings - transactions description: "'Reads transaction data from a given savings account addressed by \"savings-account-id\". \nThis can be booked or pending transactions. \n\nNote: The ASPSP might use standard compression methods on application level for the response message \nas indicated in the content encoding header. \n\nRemark: Please note that the PATH might be already given in detail by the response of the \n\"Read Savings Account List\" call within the _links subfield.'\n" operationId: transactions-SVGS:get_saving_transactions summary: Read transaction list of a savings account definitions: EntryDetailsElement: properties: checkId: description: Identification of a Cheque. maxLength: 35 type: string creditorAccount: $ref: '#/definitions/accountReference' creditorAgent: $ref: '#/definitions/bicfi' creditorId: maxLength: 35 type: string creditorName: maxLength: 70 type: string currencyExchange: items: $ref: '#/definitions/reportExchangeRate' type: array debtorAccount: $ref: '#/definitions/accountReference' debtorAgent: $ref: '#/definitions/bicfi' debtorName: maxLength: 70 type: string endToEndId: description: Unique end to end identity. maxLength: 35 type: string mandateId: description: Identification of Mandates, e.g. a SEPA Mandate ID. maxLength: 35 type: string purposeCode: $ref: '#/definitions/purposeCode' remittanceInformationUnstructured: example: Ref Number Merchant maxLength: 140 type: string remittanceInformationUnstructuredArray: example: - Ref Number Merchant - Some Other Text items: maxLength: 140 type: string type: array transactionAmount: $ref: '#/definitions/amount' ultimateCreditor: maxLength: 70 type: string ultimateDebtor: maxLength: 70 type: string required: - transactionAmount type: object Error400_AIS: description: "Standardised definition of reporting error information according to [RFC7807] \nin case of a HTTP error code 400 for AIS.\n" properties: _links: $ref: '#/definitions/_linksAll' additionalErrors: description: | Array of Error Information Blocks. Might be used if more than one error is to be communicated items: description: This is a data element to support the declaration of additional errors in the context of [RFC7807]. properties: code: $ref: '#/definitions/MessageCode400_AIS' detail: $ref: '#/definitions/tppErrorDetail' title: $ref: '#/definitions/tppErrorTitle' required: - code type: object type: array code: $ref: '#/definitions/MessageCode400_AIS' detail: description: "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n" maxLength: 500 type: string title: description: "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n" maxLength: 70 type: string type: description: "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n" format: uri maxLength: 70 type: string required: - type - code type: object Error400_NG_AIS: description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 400. properties: _links: $ref: '#/definitions/_linksAll' tppMessages: items: $ref: '#/definitions/tppMessage400_AIS' type: array type: object Error401_AIS: description: "Standardised definition of reporting error information according to [RFC7807] \nin case of a HTTP error code 401 for AIS.\n" properties: _links: $ref: '#/definitions/_linksAll' additionalErrors: description: | Array of Error Information Blocks. Might be used if more than one error is to be communicated items: description: This is a data element to support the declaration of additional errors in the context of [RFC7807]. properties: code: $ref: '#/definitions/MessageCode401_AIS' detail: $ref: '#/definitions/tppErrorDetail' title: $ref: '#/definitions/tppErrorTitle' required: - code type: object type: array code: $ref: '#/definitions/MessageCode401_AIS' detail: description: "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n" maxLength: 500 type: string title: description: "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n" maxLength: 70 type: string type: description: "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n" format: uri maxLength: 70 type: string required: - type - code type: object Error401_NG_AIS: description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401. properties: _links: $ref: '#/definitions/_linksAll' tppMessages: items: $ref: '#/definitions/tppMessage401_AIS' type: array type: object Error403_AIS: description: "Standardised definition of reporting error information according to [RFC7807] \nin case of a HTTP error code 403 for AIS.\n" properties: _links: $ref: '#/definitions/_linksAll' additionalErrors: description: | Array of Error Information Blocks. Might be used if more than one error is to be communicated items: description: This is a data element to support the declaration of additional errors in the context of [RFC7807]. properties: code: $ref: '#/definitions/MessageCode403_AIS' detail: $ref: '#/definitions/tppErrorDetail' title: $ref: '#/definitions/tppErrorTitle' required: - code type: object type: array code: $ref: '#/definitions/MessageCode403_AIS' detail: description: "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n" maxLength: 500 type: string title: description: "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n" maxLength: 70 type: string type: description: "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n" format: uri maxLength: 70 type: string required: - type - code type: object Error403_NG_AIS: description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 403. properties: _links: $ref: '#/definitions/_linksAll' tppMessages: items: $ref: '#/definitions/tppMessage403_AIS' type: array type: object Error404_AIS: description: "Standardised definition of reporting error information according to [RFC7807] \nin case of a HTTP error code 404 for AIS.\n" properties: _links: $ref: '#/definitions/_linksAll' additionalErrors: description: | Array of Error Information Blocks. Might be used if more than one error is to be communicated items: description: This is a data element to support the declaration of additional errors in the context of [RFC7807]. properties: code: $ref: '#/definitions/MessageCode404_AIS' detail: $ref: '#/definitions/tppErrorDetail' title: $ref: '#/definitions/tppErrorTitle' required: - code type: object type: array code: $ref: '#/definitions/MessageCode404_AIS' detail: description: "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n" maxLength: 500 type: string title: description: "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n" maxLength: 70 type: string type: description: "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n" format: uri maxLength: 70 type: string required: - type - code type: object Error404_NG_AIS: description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404. properties: _links: $ref: '#/definitions/_linksAll' tppMessages: items: $ref: '#/definitions/tppMessage404_AIS' type: array type: object Error405_AIS: description: "Standardised definition of reporting error information according to [RFC7807] \nin case of a HTTP error code 405 for AIS.\n" properties: _links: $ref: '#/definitions/_linksAll' additionalErrors: description: | Array of Error Information Blocks. Might be used if more than one error is to be communicated items: description: This is a data element to support the declaration of additional errors in the context of [RFC7807]. properties: code: $ref: '#/definitions/MessageCode405_AIS' detail: $ref: '#/definitions/tppErrorDetail' title: $ref: '#/definitions/tppErrorTitle' required: - code type: object type: array code: $ref: '#/definitions/MessageCode405_AIS' detail: description: "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n" maxLength: 500 type: string title: description: "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n" maxLength: 70 type: string type: description: "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n" format: uri maxLength: 70 type: string required: - type - code type: object Error405_NG_AIS: description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401. properties: _links: $ref: '#/definitions/_linksAll' tppMessages: items: $ref: '#/definitions/tppMessage405_AIS' type: array type: object Error406_AIS: description: "Standardised definition of reporting error information according to [RFC7807] \nin case of a HTTP error code 406 for AIS.\n" properties: _links: $ref: '#/definitions/_linksAll' additionalErrors: description: | Array of Error Information Blocks. Might be used if more than one error is to be communicated items: description: This is a data element to support the declaration of additional errors in the context of [RFC7807]. properties: code: $ref: '#/definitions/MessageCode406_AIS' detail: $ref: '#/definitions/tppErrorDetail' title: $ref: '#/definitions/tppErrorTitle' required: - code type: object type: array code: $ref: '#/definitions/MessageCode406_AIS' detail: description: "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n" maxLength: 500 type: string title: description: "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n" maxLength: 70 type: string type: description: "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n" format: uri maxLength: 70 type: string required: - type - code type: object Error406_NG_AIS: description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 406. properties: _links: $ref: '#/definitions/_linksAll' tppMessages: items: $ref: '#/definitions/tppMessage406_AIS' type: array type: object Error409_AIS: description: "Standardised definition of reporting error information according to [RFC7807] \nin case of a HTTP error code 409 for AIS.\n" properties: _links: $ref: '#/definitions/_linksAll' additionalErrors: description: | Array of Error Information Blocks. Might be used if more than one error is to be communicated items: description: This is a data element to support the declaration of additional errors in the context of [RFC7807]. properties: code: $ref: '#/definitions/MessageCode409_AIS' detail: $ref: '#/definitions/tppErrorDetail' title: $ref: '#/definitions/tppErrorTitle' required: - code type: object type: array code: $ref: '#/definitions/MessageCode409_AIS' detail: description: "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n" maxLength: 500 type: string title: description: "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n" maxLength: 70 type: string type: description: "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n" format: uri maxLength: 70 type: string required: - type - code type: object Error409_NG_AIS: description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 409. example: - category: ERROR code: STATUS_INVALID text: additional text information of the ASPSP up to 500 characters properties: _links: $ref: '#/definitions/_linksAll' tppMessages: items: $ref: '#/definitions/tppMessage409_AIS' type: array type: object Error429_AIS: description: "Standardised definition of reporting error information according to [RFC7807] \nin case of a HTTP error code 429 for AIS.\n" properties: _links: $ref: '#/definitions/_linksAll' additionalErrors: description: | Array of Error Information Blocks. Might be used if more than one error is to be communicated items: description: "This is a data element to support the declaration of additional errors in the context of [RFC7807] \nin case of a HTTP error code 429 for. \n" properties: code: $ref: '#/definitions/MessageCode429_AIS' detail: $ref: '#/definitions/tppErrorDetail' title: $ref: '#/definitions/tppErrorTitle' required: - code type: object type: array code: $ref: '#/definitions/MessageCode429_AIS' detail: description: "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n" maxLength: 500 type: string title: description: "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n" maxLength: 70 type: string type: description: "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n" format: uri maxLength: 70 type: string required: - type - code type: object Error429_NG_AIS: description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 429. example: - category: ERROR code: ACCESS_EXCEEDED text: additional text information of the ASPSP up to 500 characters properties: _links: $ref: '#/definitions/_linksAll' tppMessages: items: $ref: '#/definitions/tppMessage429_AIS' type: array type: object MessageCode400_AIS: description: Message codes defined for AIS for HTTP Error code 400 (BAD_REQUEST). enum: - FORMAT_ERROR - PARAMETER_NOT_CONSISTENT - PARAMETER_NOT_SUPPORTED - SERVICE_INVALID - RESOURCE_UNKNOWN - RESOURCE_EXPIRED - RESOURCE_BLOCKED - TIMESTAMP_INVALID - PERIOD_INVALID - SCA_METHOD_UNKNOWN - SCA_INVALID - CONSENT_UNKNOWN - SESSIONS_NOT_SUPPORTED type: string MessageCode401_AIS: description: Message codes defined for AIS for HTTP Error code 401 (UNAUTHORIZED). enum: - CERTIFICATE_INVALID - ROLE_INVALID - CERTIFICATE_EXPIRED - CERTIFICATE_BLOCKED - CERTIFICATE_REVOKE - CERTIFICATE_MISSING - SIGNATURE_INVALID - SIGNATURE_MISSING - CORPORATE_ID_INVALID - PSU_CREDENTIALS_INVALID - CONSENT_INVALID - CONSENT_EXPIRED - TOKEN_UNKNOWN - TOKEN_INVALID - TOKEN_EXPIRED type: string MessageCode403_AIS: description: Message codes defined for AIS for HTTP Error code 403 (FORBIDDEN). enum: - CONSENT_UNKNOWN - SERVICE_BLOCKED - RESOURCE_UNKNOWN - RESOURCE_EXPIRED type: string MessageCode404_AIS: description: Message codes defined for AIS for HTTP Error code 404 (NOT FOUND). enum: - RESOURCE_UNKNOWN type: string MessageCode405_AIS: description: Message codes defined for AIS for HTTP Error code 405 (METHOD NOT ALLOWED). enum: - SERVICE_INVALID type: string MessageCode406_AIS: description: Message codes defined for AIS for HTTP Error code 406 (NOT ACCEPTABLE). enum: - REQUESTED_FORMATS_INVALID type: string MessageCode409_AIS: description: Message codes defined for AIS for HTTP Error code 409 (CONFLICT). enum: - STATUS_INVALID type: string MessageCode429_AIS: description: Message codes for HTTP Error code 429 (TOO MANY REQUESTS). enum: - ACCESS_EXCEEDED type: string _linksAccountDetails: additionalProperties: $ref: '#/definitions/hrefType' description: | Links to the loan / saving account, which can be directly used for retrieving account information from this dedicated account. Links to "balances" and/or "transactions" These links are only supported, when the corresponding consent has been already granted. properties: balances: $ref: '#/definitions/hrefType' loanAccount: $ref: '#/definitions/hrefType' savingsAccount: $ref: '#/definitions/hrefType' transactions: $ref: '#/definitions/hrefType' type: object _linksAccountReport: additionalProperties: $ref: '#/definitions/hrefType' properties: account: $ref: '#/definitions/hrefType' first: $ref: '#/definitions/hrefType' last: $ref: '#/definitions/hrefType' next: $ref: '#/definitions/hrefType' previous: $ref: '#/definitions/hrefType' required: - account type: object _linksAll: additionalProperties: $ref: '#/definitions/hrefType' description: | A _link object with all available link types. properties: account: $ref: '#/definitions/hrefType' balances: $ref: '#/definitions/hrefType' cardAccount: $ref: '#/definitions/hrefType' cardTransactions: $ref: '#/definitions/hrefType' confirmation: $ref: '#/definitions/hrefType' first: $ref: '#/definitions/hrefType' last: $ref: '#/definitions/hrefType' loanAccount: $ref: '#/definitions/hrefType' next: $ref: '#/definitions/hrefType' previous: $ref: '#/definitions/hrefType' savingsAccount: $ref: '#/definitions/hrefType' scaOAuth: $ref: '#/definitions/hrefType' scaStatus: $ref: '#/definitions/hrefType' self: $ref: '#/definitions/hrefType' status: $ref: '#/definitions/hrefType' transactionDetails: $ref: '#/definitions/hrefType' transactions: $ref: '#/definitions/hrefType' type: object _linksPagination: additionalProperties: $ref: '#/definitions/hrefType' properties: first: $ref: '#/definitions/hrefType' last: $ref: '#/definitions/hrefType' next: $ref: '#/definitions/hrefType' previous: $ref: '#/definitions/hrefType' type: object _linksTransactionDetails: additionalProperties: $ref: '#/definitions/hrefType' properties: transactionDetails: $ref: '#/definitions/hrefType' required: - transactionDetails type: object accountAccess: description: | Requested access services for a consent. properties: accounts: description: "Is asking for detailed account information. \n\nIf the array is empty, the TPP is asking for an accessible account list. \nThis may be restricted in a PSU/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for balances or transactions shall be empty, if used\n" items: $ref: '#/definitions/consentAccountReference' type: array allPsd2: description: | Optional if supported by API provider. Only the value "allAccounts" is admitted. enum: - allAccounts type: string availableAccounts: description: | Optional. Only the value "allAccounts" is admitted. enum: - allAccounts type: string availableAccountsWithBalance: description: "Optional if supported by API provider. \nOnly the value \"allAccounts\" is admitted.\n" enum: - allAccounts type: string balances: description: "Is asking for balances of the addressed accounts.\n\nIf the array is empty, the TPP is asking for the balances of all accessible account lists. \nThis may be restricted in a PSU/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for accounts or transactions shall be empty, if used.\n" items: $ref: '#/definitions/consentAccountReference' type: array restrictedTo: description: "Conditional if supported by API provider.\n\nIf the TPP requests access to account via available accounts (list of available accounts), global or bank driven consents, the TPP may include this element to restrict access to the referred account types.\nAbsence of the element is interpreted as \"no restriction\" (therefore access to accounts of all types is requested). The element may only occur, if each of the elements\n * accounts\n * balances\n * transactions\n \n is either not present or contains an empty array.\n Remark for future: In a future version of the XS2A-Interface the data model for consents will be changed and therefore this element will most likely become obsolete.\n BOI-REMARK:\n This attribute have to be supported by the API Provider. \n \n In detailed consent model this field have to be empty or not presented.\n" items: $ref: '#/definitions/cashAccountType' type: array transactions: description: "Is asking for transactions of the addressed accounts. \n\nIf the array is empty, the TPP is asking for the transactions of all accessible account lists. \nThis may be restricted in a PSU/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for accounts or balances shall be empty, if used.\n" items: $ref: '#/definitions/consentAccountReference' type: array type: object accountDetailsSavingsLoans: description: | Details of a savings or loans account properties: _links: $ref: '#/definitions/_linksAccountDetails' balances: description: | A list of balances regarding this account, e.g. the current balance, the last booked balance. The list might be restricted to the current balance. items: $ref: '#/definitions/balance' type: array bban: $ref: '#/definitions/bban' bic: $ref: '#/definitions/bicfi' cashAccountType: $ref: '#/definitions/cashAccountType' collateralsInvolved: description: | 'Only used for loan accounts: Is set to true if a collateral is involved securing the loan. (e.g. security deposit, physical collaterals like houses, cars). More information might be provided under the "details" attribute.' type: boolean currency: $ref: '#/definitions/currencyCode' details: description: | Specifications that might be provided by the ASPSP: - characteristics of the account - characteristics of the relevant card - characteristics of the savings account, and the ASPSP will provide specification for each deposit - characteristics of the loan maxLength: 500 type: string displayName: description: Name of the saving \loan \ account as defined by the PSU within online channels. maxLength: 70 type: string guarateeInvolved: description: | 'Only used for loan accounts: Is set to true in case of specific collaterals where a guarantee of payment of the loan is given by a different person.' type: boolean iban: $ref: '#/definitions/iban' interest: description: | A set of interest rates associated to this account, e.g. interests for savings or credits.Optionally used for savings accounts and loan accounts. items: $ref: '#/definitions/interest' type: array linkedAccounts: description: Case of a set of pending card transactions, the APSP will provide the relevant cash account associated to pending loan, savings or card transactions. maxLength: 70 type: string msisdn: $ref: '#/definitions/msisdn' name: description: Name of the saving \loan \ account, as assigned by the ASPSP, in agreement with the account owner in order to provide an additional means of identification of the account. maxLength: 70 type: string other: $ref: '#/definitions/otherType' ownerName: description: Name of the legal account owner. If there is more than one owner, then e.g. two names might be noted here. For a corporate account, the corporate name is used for this attribute. Even if supported by the ASPSP, the provision of this field might depend on the fact whether anexplicit consent to this specific additional account information has been given by the PSU. BOI Remarks - Name of the legal Saving \ Loan account owner. For the Israeli market there is no need in explicit consent to this specific additional account information. maxLength: 140 type: string product: description: Product name of the bank for this account, proprietary definition. maxLength: 35 type: string relatedDates: $ref: '#/definitions/relatedDates' resourceId: description: This shall be filled, if addressable resource are created by the ASPSP on the /savings or /loans endpoint. type: string status: description: | Account status. The value is one of the following: - "enabled": account is available - "deleted": account is terminated - "blocked": account is blocked e.g. for legal reasons If this field is not used, than the account is available in the sense of this specification. enum: - enabled - deleted - blocked type: string usage: description: | Specifies the usage of the account: * PRIV: private personal account * ORGA: professional account enum: - PRIV - ORGA maxLength: 4 type: string required: - currency - cashAccountType type: object accountReference: description: "Reference to an account by either\n * IBAN, of a payment accounts, or\n * BBAN, for payment accounts if there is no IBAN, or \n * the Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements, or\n * the Primary Account Number (PAN) of a card in a masked form, or\n * an alias to access a payment account via a registered mobile phone number (MSISDN), or\n * a proprietary ID of the respective account that uniquely identifies the account for this ASPSP.\n" properties: bban: $ref: '#/definitions/bban' cashAccountType: $ref: '#/definitions/cashAccountType' currency: $ref: '#/definitions/currencyCode' iban: $ref: '#/definitions/iban' maskedPan: $ref: '#/definitions/maskedPan' msisdn: $ref: '#/definitions/msisdn' other: $ref: '#/definitions/otherType' type: object accountReport: description: | JSON based account report. This account report contains transactions resulting from the query parameters. 'booked' shall be contained if bookingStatus parameter is set to "booked" or "both". 'pending' is not contained if the bookingStatus parameter is set to "booked" or "information". 'information' Only contained if the bookingStatus is set to "information" and if supported by ASPSP. properties: _links: $ref: '#/definitions/_linksAccountReport' booked: description: Array of transaction details. items: $ref: '#/definitions/transactions' type: array information: description: Array of transaction details. items: $ref: '#/definitions/transactions' type: array pending: description: Array of transaction details. items: $ref: '#/definitions/transactions' type: array required: - _links type: object amount: example: amount: "123" currency: EUR properties: amount: description: | The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot. **Example:** Valid representations for EUR with up to two decimals are: * 1056 * 5768.2 * -1.50 * 5877.78 example: "5877.78" pattern: ^-?[0-9]{1,14}(\.[0-9]{1,3})?$ type: string currency: $ref: '#/definitions/currencyCode' required: - currency - amount type: object amountDependentRate: description: Used in case of FC index properties: fromAmount: $ref: '#/definitions/amount' percentage: description: 'The (signed) rate of the interest. Remark: ISO 20022 is defining Percentage as a decimal type, where 5.0 expresses 5% interest rate. This specification is using a signed percentage to be able to express also negative percentage codes, i.e. -1.2 will express -1,2% of interest.' example: "-0.3" type: string toAmount: $ref: '#/definitions/amount' required: - percentage type: object balance: description: | A single balance element. properties: balanceAmount: $ref: '#/definitions/amount' balanceType: $ref: '#/definitions/balanceType' creditLimitIncluded: description: "A flag indicating if the credit limit of the corresponding account \nis included in the calculation of the balance, where applicable.\n" example: false type: boolean lastChangeDateTime: description: "This data element might be used to indicate e.g. with the expected or booked balance that no action is known \non the account, which is not yet booked.\n" format: date-time type: string lastCommittedTransaction: description: "\"entryReference\" of the last commited transaction to support the TPP in identifying whether all \nPSU transactions are already known.\n" maxLength: 35 type: string referenceDate: description: Indicates the date of the balance. format: date type: string required: - balanceAmount - balanceType - creditLimitIncluded - referenceDate type: object balanceType: description: "The following balance types are defined:\n - \"closingBooked\": \n Balance of the account at the end of the pre-agreed account reporting period. \n It is the sum of the opening booked balance at the beginning of the period and all entries booked \n to the account during the pre-agreed account reporting period.\n \n For card-accounts, this is composed of\n \ \n - invoiced, but not yet paid entries\n \n - \"expected\":\n \ Balance composed of booked entries and pending items known at the time of calculation, \n which projects the end of day balance if everything is booked on the account and no other entry is posted.\n \n For card accounts, this is composed of:\n - invoiced, but not yet paid entries\n - not yet invoiced but already booked entries and\n - pending items (not yet booked)\n \ \n ###For card-accounts:\n ###\n ###\"money to spend with the value of a pre-approved credit limit on the card account\"\n ###\n For savings and loans:\n \n estimated balance (e.g. including an upcoming interest payment) for the referenced date.\n \n BOI -remarks: openingBooked is not supported for the Israeli market.\n - \"openingBooked\":\n Book balance of the account at the beginning of the account reporting period. \n It always equals the closing book balance from the previous report.\n - \"interimAvailable\":\n \ Available balance calculated in the course of the account ?servicer?s business day, \n at the time specified, and subject to further changes during the business day. \n The interim balance is calculated on the basis of booked credit and debit items during the calculation \n time/period specified.\n \ \n For card-accounts, this is composed of:\n - invoiced, but not yet paid entries\n - not yet invoiced but already booked entries\n NOT used for savings and loans.\n \n - \"interimBooked\":\n Balance calculated in the course of the account servicer's business day, at the time specified, \n and subject to further changes during the business day. \n The interim balance is calculated on the basis of booked credit and debit items during the calculation time/period \n specified.\n \n - \"forwardAvailable\":\n \ Forward available balance of money that is at the disposal of the account owner on the date specified.\n NOT used for savings and loans.\n \n - \"nonInvoiced\": \n Only for card accounts, to be defined yet.\n" enum: - closingBooked - expected - openingBooked - interimAvailable - interimBooked - forwardAvailable - nonInvoiced type: string bankTransactionCode: description: "Bank transaction code as used by the ASPSP and using the sub elements of this structured code defined by ISO 20022. \n\nThis code type is concatenating the three ISO20022 Codes \n * Domain Code, \n * Family Code, and \n * SubFamiliy Code \nby hyphens, resulting in 'DomainCode'-'FamilyCode'-'SubFamilyCode'.\nFor standing order reports the following codes are applicable:\n * \"PMNT-ICDT-STDO\" for credit transfers,\n * \"PMNT-IRCT-STDO\" for instant credit transfers\n \ * \"PMNT-ICDT-XBST\" for cross-border credit transfers\n * \"PMNT-IRCT-XBST\" for cross-border real time credit transfers and\n * \"PMNT-MCOP-OTHR\" for specific standing orders which have a dynamical amount to move left funds e.g. on month end to a saving account\n" example: PMNT-RDDT-ESDD type: string bban: description: "Basic Bank Account Number (BBAN) Identifier.\n\nThis data element can be used in the body of the consent request.\n Message for retrieving account access consent from this account. This\n data elements is used for payment accounts which have no IBAN.\n ISO20022: Basic Bank Account Number (BBAN). \n \n Identifier used nationally by financial institutions, i.e., in individual countries, \n generally as part of a National Account Numbering Scheme(s), \n which uniquely identifies the account of a customer.\n" type: string bicfi: description: | BICFI example: AAAADEBBXXX pattern: ^[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}$ type: string cashAccountType: description: "ExternalCashAccountType1Code from ISO 20022.\nThe API provider may restrict the accepted values further .\nThe TPP includes this element, if the account reference may identify several accounts of different types, but the TPP only requests access to a specific type (e.g. card accounts).\nBOI-REMARK - In case the TPP requests access for several types with same identifiers, the TPP will send the same identifier multiple times for each cashAccountType.. \n" enum: - CACC - CARD - LOAN - SVGS type: string consentAccountReference: description: "Reference to an account by either\n * IBAN, of a payment accounts, or\n * PAN of a card in a masked form, or\n * an alias to access a payment account via a registered mobile phone number (MSISDN).\n \n BOI-REMARK: The currency of the account is needed, where the currency is an account charactaristic identifying certain sub-accounts under one external identifier like an IBAN. Once the currency wasn't defined, a specific IBAN includes all the currencies relates to this IBAN.\n" properties: bban: $ref: '#/definitions/bban' cashAccountType: $ref: '#/definitions/cashAccountType' currency: $ref: '#/definitions/consentCurrencyCode' iban: $ref: '#/definitions/iban' maskedPan: $ref: '#/definitions/maskedPan' msisdn: $ref: '#/definitions/msisdn' other: $ref: '#/definitions/otherType' type: object consentCurrencyCode: description: | In the Israeli market there are 3 options for currency code in post consent for CACC- * "ILS" - consent just for the ILS local currency. * "ILY" - consent just for all foreign currencies. * empty [] - consent for all currencies. If the user want a multicurrency consent, this field should be empty. enum: - ILS - ILY example: ILS type: string currencyCode: description: | ISO 4217 Alpha 3 currency code. example: EUR pattern: ^[A-Z]{3}$ type: string executionRule: description: "\"following\" or \"preceding\" supported as values. \nThis data attribute defines the behaviour when recurring payment dates falls on a weekend or bank holiday. \nThe payment is then executed either the \"preceding\" or \"following\" working day.\nASPSP might reject the request due to the communicated value, if rules in Online-Banking are not supporting \nthis execution rule.\n" enum: - following - preceding type: string frequencyCode: description: | The following codes from the "EventFrequency7Code" of ISO 20022 are supported: - "Daily" - "Weekly" - "EveryTwoWeeks" - "Monthly" - "EveryTwoMonths" - "Quarterly" - "SemiAnnual" - "Annual" - "MonthlyVariable" enum: - Daily - Weekly - EveryTwoWeeks - Monthly - EveryTwoMonths - Quarterly - SemiAnnual - Annual - MonthlyVariable type: string hrefType: description: Link to a resource. properties: href: description: Link to a resource. example: /v1/payments/sepa-credit-transfers/1234-wertiq-983 type: string type: object iban: description: IBAN of an account. example: FR7612345987650123456789014 pattern: ^[A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30}$ type: string index: minProperties: 1 properties: additionalInformation: description: Explanations e.g. on the "other" type. maxLength: 500 type: string exchangeRate: $ref: '#/definitions/amountDependentRate' index: description: | 'The following codes are supported: - "CPI" : customer Price Index - "FC" : foreign currency - "other" : for others, not clearly specified index relations' maxLength: 35 type: string rootIndexValue: description: A number giving the basic index value in case of CPI which is the basis for the loan contract. maxLength: 35 type: string type: object interest: properties: changeMechanism: description: | An explanation of a mandated change mechanism. maxLength: 1024 type: string fromDateTime: description: The date from which this interest rate is applicable. If no exact time is applicable, 00:00:00 is chosen as time definition. format: date-time type: string rate: description: An array of interest rates, which might apply to different amount ranges. items: $ref: '#/definitions/amountDependentRate' type: array relatedIndices: description: List of Indices where the interest rate is related to. items: $ref: '#/definitions/index' type: array toDateTime: description: The date until this interest rate is applicable. If no exact time is applicable, 23:59:59 is chosen as time definition. format: date-time type: string type: description: FIXD and INDE are the only permitted codes for now. enum: - FIXD - INDE type: string required: - rate type: object maskedPan: description: | Masked Primary Account Number. example: 123456xxxxxx1234 maxLength: 35 type: string msisdn: description: Mobile phone number. example: +49 170 1234567 maxLength: 35 type: string otherType: description: In cases where the specifically defined criteria (IBAN, BBAN, MSISDN) are not provided to identify an instance of the respective account type (e.g. a savings account), the ASPSP shall include a proprietary ID of the respective account that uniquely identifies the account for this ASPSP. properties: identification: description: Proprietary identification of the account. maxLength: 35 type: string issuer: description: Issuer of the identification. maxLength: 35 type: string schemeNameCode: description: An entry provided by an external ISO code list. maxLength: 35 type: string schemeNameProprietary: description: A scheme name defined in a proprietary way. maxLength: 35 type: string required: - identification type: object purposeCode: description: | ExternalPurpose1Code from ISO 20022. Values from ISO 20022 External Code List ExternalCodeSets_1Q2018 June 2018. enum: - BKDF - BKFE - BKFM - BKIP - BKPP - CBLK - CDCB - CDCD - CDCS - CDDP - CDOC - CDQC - ETUP - FCOL - MTUP - ACCT - CASH - COLL - CSDB - DEPT - INTC - LIMA - NETT - BFWD - CCIR - CCPC - CCPM - CCSM - CRDS - CRPR - CRSP - CRTL - EQPT - EQUS - EXPT - EXTD - FIXI - FWBC - FWCC - FWSB - FWSC - MARG - MBSB - MBSC - MGCC - MGSC - OCCC - OPBC - OPCC - OPSB - OPSC - OPTN - OTCD - REPO - RPBC - RPCC - RPSB - RPSC - RVPO - SBSC - SCIE - SCIR - SCRP - SHBC - SHCC - SHSL - SLEB - SLOA - SWBC - SWCC - SWPT - SWSB - SWSC - TBAS - TBBC - TBCC - TRCP - AGRT - AREN - BEXP - BOCE - COMC - CPYR - GDDS - GDSV - GSCB - LICF - MP2B - POPE - ROYA - SCVE - SERV - SUBS - SUPP - TRAD - CHAR - COMT - MP2P - ECPG - ECPR - ECPU - EPAY - CLPR - COMP - DBTC - GOVI - HLRP - HLST - INPC - INPR - INSC - INSU - INTE - LBRI - LIFI - LOAN - LOAR - PENO - PPTI - RELG - RINP - TRFD - FORW - FXNT - ADMG - ADVA - BCDM - BCFG - BLDM - BNET - CBFF - CBFR - CCRD - CDBL - CFEE - CGDD - CORT - COST - CPKC - DCRD - DSMT - DVPM - EDUC - FACT - FAND - FCPM - FEES - GOVT - ICCP - IDCP - IHRP - INSM - IVPT - MCDM - MCFG - MSVC - NOWS - OCDM - OCFG - OFEE - OTHR - PADD - PTSP - RCKE - RCPT - REBT - REFU - RENT - REOD - RIMB - RPNT - RRBN - RVPM - SLPI - SPLT - STDY - TBAN - TBIL - TCSC - TELI - TMPG - TPRI - TPRP - TRNC - TRVC - WEBI - ANNI - CAFI - CFDI - CMDT - DERI - DIVD - FREX - HEDG - INVS - PRME - SAVG - SECU - SEPI - TREA - UNIT - FNET - FUTR - ANTS - CVCF - DMEQ - DNTS - HLTC - HLTI - HSPC - ICRF - LTCF - MAFC - MARF - MDCS - VIEW - CDEP - SWFP - SWPP - SWRS - SWUF - ADCS - AEMP - ALLW - ALMY - BBSC - BECH - BENE - BONU - CCHD - COMM - CSLP - GFRP - GVEA - GVEB - GVEC - GVED - GWLT - HREC - PAYR - PEFC - PENS - PRCP - RHBS - SALA - SSBE - LBIN - LCOL - LFEE - LMEQ - LMFI - LMRK - LREB - LREV - LSFL - ESTX - FWLV - GSTX - HSTX - INTX - NITX - PTXP - RDTX - TAXS - VATX - WHLD - TAXR - B112 - BR12 - TLRF - TLRR - AIRB - BUSB - FERB - RLWY - TRPT - CBTV - ELEC - ENRG - GASB - NWCH - NWCM - OTLC - PHON - UBIL - WTER type: string relatedDates: description: Dates related to this account, e.g. start Date. properties: contractAvailabilityDate: description: Next Date where money can be taken off a savings account without loss of interest, if initiated now (in case of a savings account). Next Date where a loan can be fully repaid without any extra fee. format: date type: string contractEndDate: description: End of the account contract. format: date type: string contractStartDate: description: Start of the account contract. format: date type: string type: object reportExchangeRate: description: Exchange Rate. properties: contractIdentification: type: string exchangeRate: type: string quotationDate: format: date type: string sourceCurrency: $ref: '#/definitions/currencyCode' targetCurrency: $ref: '#/definitions/currencyCode' unitCurrency: type: string required: - sourceCurrency - exchangeRate - unitCurrency - targetCurrency - quotationDate type: object standingOrderDetails: description: | Details of underlying standing orders. properties: endDate: format: date type: string executionRule: $ref: '#/definitions/executionRule' frequency: $ref: '#/definitions/frequencyCode' startDate: format: date type: string withinAMonthFlag: description: "This element is only used in case of frequency equals \"Monthly\".\n\nIf this element equals false it has no effect.\nIf this element equals true, then the execution rule is overruled if the day of execution would fall into a different month using the execution rule.\n\nExample: executionRule equals \"preceding\", dayOfExecution equals \"02\" and the second of a month is a Sunday. \nIn this case, the transaction date would be on the last day of the month before.\n This would be overruled if withinAMonthFlag equals true and the payment is processed on Monday the third of the Month.\nRemark: This attribute is rarely supported in the market.\n" type: boolean required: - startDate - frequency type: object tppErrorDetail: description: "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n" maxLength: 500 type: string tppErrorTitle: description: "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n" maxLength: 70 type: string tppMessage400_AIS: properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode400_AIS' path: type: string text: $ref: '#/definitions/tppMessageText' required: - category - code type: object tppMessage401_AIS: properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode401_AIS' path: type: string text: $ref: '#/definitions/tppMessageText' required: - category - code type: object tppMessage403_AIS: properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode403_AIS' path: type: string text: $ref: '#/definitions/tppMessageText' required: - category - code type: object tppMessage404_AIS: properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode404_AIS' path: type: string text: $ref: '#/definitions/tppMessageText' required: - category - code type: object tppMessage405_AIS: properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode405_AIS' path: type: string text: $ref: '#/definitions/tppMessageText' required: - category - code type: object tppMessage406_AIS: properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode406_AIS' path: type: string text: $ref: '#/definitions/tppMessageText' required: - category - code type: object tppMessage409_AIS: properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode409_AIS' path: type: string text: $ref: '#/definitions/tppMessageText' required: - category - code type: object tppMessage429_AIS: properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode429_AIS' path: type: string text: $ref: '#/definitions/tppMessageText' required: - category - code type: object tppMessageCategory: description: Category of the TPP message category. enum: - ERROR - WARNING type: string tppMessageText: description: Additional explaining text to the TPP. maxLength: 500 type: string transactions: description: Transaction details. properties: _links: $ref: '#/definitions/_linksTransactionDetails' additionalInformation: maxLength: 500 type: string additionalInformationStructured: description: "Is used if and only if the bookingStatus entry equals \"information\". \nEvery active standing order related to the dedicated payment account result into one entry.\n" properties: standingOrderDetails: $ref: '#/definitions/standingOrderDetails' required: - standingOrderDetails type: object balanceAfterTransaction: $ref: '#/definitions/balance' bankTransactionCode: $ref: '#/definitions/bankTransactionCode' batchIndicator: description: | If this indicator equals true, then the related entry is a batch entry. type: boolean batchNumberOfTransactions: description: | Shall be used if and only if the batchIndicator is contained and equals true. type: integer bookingDate: description: | The date when an entry is posted to an account on the ASPSPs books. format: date type: string checkId: description: Identification of a Cheque. maxLength: 35 type: string creditorAccount: $ref: '#/definitions/accountReference' creditorAgent: $ref: '#/definitions/bicfi' creditorId: description: Identification of Creditors, e.g. a SEPA Creditor ID. example: Creditor Id 5678 maxLength: 35 type: string creditorName: description: Creditor name. example: Creditor Name maxLength: 70 type: string currencyExchange: items: $ref: '#/definitions/reportExchangeRate' type: array debtorAccount: $ref: '#/definitions/accountReference' debtorAgent: $ref: '#/definitions/bicfi' debtorName: description: Debtor name. example: Debtor Name maxLength: 70 type: string endToEndId: description: Unique end to end identity. maxLength: 35 type: string entryDetails: description: | Might be used by the ASPSP to transport details about transactions within a batch. items: $ref: '#/definitions/EntryDetailsElement' type: array entryReference: description: | Is the identification of the transaction as used e.g. for reference for deltafunction on application level. The same identification as for example used within camt.05x messages. maxLength: 35 type: string mandateId: description: Identification of Mandates, e.g. a SEPA Mandate ID. maxLength: 35 type: string proprietaryBankTransactionCode: maxLength: 35 type: string purposeCode: $ref: '#/definitions/purposeCode' remittanceInformationUnstructured: example: Ref Number Merchant maxLength: 140 type: string remittanceInformationUnstructuredArray: example: - Ref Number Merchant - Some Other Text items: maxLength: 140 type: string type: array transactionAmount: $ref: '#/definitions/amount' transactionId: description: | This identification is given by the attribute transactionId of the corresponding entry of a transaction list. example: 3dc3d5b3-7023-4848-9853-f5400a64e80f type: string ultimateCreditor: description: Ultimate creditor. example: Ultimate Creditor maxLength: 70 type: string ultimateDebtor: description: Ultimate debtor. example: Ultimate Debtor maxLength: 70 type: string valueDate: description: The Date at which assets become available to the account owner in case of a credit, or cease to be available to the account owner in case of a debit entry. **Usage:** If entry status is pending and value date is present, then the value date refers to an expected/requested value date. format: date type: string required: - transactionAmount type: object securityDefinitions: oauth-Berlin: type: oauth2 description: Application flow OAuth for Berlin clients flow: accessCode scopes: accounts-LOAN: "" transactions-LOAN: "" balances-LOAN: "" accounts-SVGS: "" transactions-SVGS: "" balances-SVGS: "" accounts-CACC: "" account_data: "" authorizationUrl: https://https://mtls-api-discountbank.dmz.prd/prod/d/consent/authorize tokenUrl: https://https://mtls-api-discountbank.dmz.prd/prod/d/consent/token x-scopeValidate: tls-profile: inbal.harel@dbank.co.il externalDocs: description: | Full Documentation of NextGenPSD2 Access to Account Interoperability Framework (General Introduction Paper, Operational Rules, Implementation Guidelines) url: https://www.berlin-group.org/nextgenpsd2-downloads x-components: parameters: Digest: description: Is contained if and only if the "Signature" element is contained in the header of the request. in: header name: Digest required: true type: string x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A= PSU-Accept: description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept required: false type: string PSU-Accept-Charset: description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Charset required: false type: string PSU-Accept-Encoding: description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Encoding required: false type: string PSU-Accept-Language: description: | The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. in: header name: PSU-Accept-Language required: false type: string PSU-Device-ID: description: | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device. format: uuid in: header name: PSU-Device-ID required: false type: string x-example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555 PSU-Geo-Location: description: | The forwarded Geo Location of the corresponding http request between PSU and TPP if available. in: header name: PSU-Geo-Location pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$ required: false type: string x-example: GEO:52.506931;13.144558 PSU-Http-Method: description: | HTTP method used at the PSU ? TPP interface, if available. Valid values are: * GET * POST * PUT * PATCH * DELETE enum: - GET - POST - PUT - PATCH - DELETE in: header name: PSU-Http-Method required: false type: string PSU-IP-Address_conditionalForAis: description: "The forwarded IP Address header field consists of the corresponding HTTP request \nIP Address field between PSU and TPP. \nIt shall be contained if and only if this request was actively initiated by the PSU.\n" format: ipv4 in: header name: PSU-IP-Address required: false type: string x-example: 192.168.8.78 PSU-IP-Port: description: | The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. in: header name: PSU-IP-Port required: false type: string x-example: "1234" PSU-User-Agent: description: | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. in: header name: PSU-User-Agent required: false type: string Signature: description: | A signature of the request by the TPP on application level. This might be mandated by ASPSP. in: header name: Signature required: true type: string x-example: | keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" TPP-Signature-Certificate: description: "The certificate used for signing the request, in base64 encoding. \nMust be contained if a signature is contained.\n" format: byte in: header name: TPP-Signature-Certificate required: true type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. format: uuid in: header name: X-Request-ID required: true type: string x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 bookingStatusGeneric: description: "Permitted codes are \n * \"booked\",\n * \"pending\", \n * \"both\",\n * \"information\" and\n * \"all\"\n\"booked\" shall be supported by the ASPSP.\nTo support the \"pending\" and \"both\" feature is optional for the ASPSP, \nError code if not supported in the online banking frontend.\nIf supported, \"both\" means to request transaction reports of transaction of bookingStatus either \"pending\" or \"booked\".\nTo support the \"information\" feature is optional for the ASPSP. Currently the booking status “information” only covers standing orders. Error code if not supported.\nTo support the \"all\" feature is optional for the ASPSP, Error code if not supported. If supported, \"all\" means to request transaction reports of transaction of any bookingStatus (\"pending\", \"booked\" or \"information\").\n" enum: - information - booked - pending - both - all in: query name: bookingStatus required: true type: string consentId_HEADER_mandatory: description: | This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation. in: header name: Consent-ID required: true type: string dateFrom: description: "Conditional: Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required\nand if bookingStatus does not equal \"information\".\n\nFor booked transactions, the relevant date is the booking date. \n\nFor pending transactions, the relevant date is the entry date, which may not be transparent \nneither in this API nor other channels of the ASPSP.\n" format: date in: query name: dateFrom required: true type: string dateTo: description: "End date (inclusive the data dateTo) of the transaction list, default is \"now\" if not given. \n\nMight be ignored if a delta function is used.\n\nFor booked transactions, the relevant date is the booking date. \n\nFor pending transactions, the relevant date is the entry date, which may not be transparent \nneither in this API nor other channels of the ASPSP.\n" format: date in: query name: dateTo required: false type: string deltaList: description: |- This data attribute is indicating that the AISP is in favour to get all transactions after the last report access for this PSU on the addressed account. This is another implementation of a delta access-report. This delta indicator might be rejected by the ASPSP if this function is not supported. Optional if supported by API provider in: query name: deltaList type: boolean entryReferenceFrom: description: "This data attribute is indicating that the AISP is in favour to get all transactions after \nthe transaction with identification entryReferenceFrom alternatively to the above defined period. \nThis is a implementation of a delta access. \nIf this data element is contained, the entries \"dateFrom\" and \"dateTo\" might be ignored by the ASPSP \nif a delta report is supported.\n\nOptional if supported by API provider.\n" in: query name: entryReferenceFrom required: false type: string loanAccountId: description: "This identification is denoting the addressed loan account. \nThe loan-account-id is retrieved by using a \"readLoanAccountList\".\nThe loan-account-id is the \"resourceId\" attribute of the loan account structure.\nIts value is constant at least throughout the lifecycle of a given consent.\n" in: path name: loan-account-id required: true type: string savingsAccountId: description: "This identification is denoting the addressed savings account. \nThe savings-account-id is retrieved by using a \"Read SavingsAccountList\".\nThe savings-account-id is the \"resourceId\" attribute of the savings account structure.\nIts value is constant at least throughout the lifecycle of a given consent.\n" in: path name: savings-account-id required: true type: string responses: BAD_REQUEST_400_AIS: content: application/json: schema: $ref: '#/definitions/Error400_NG_AIS' application/problem+json: schema: $ref: '#/definitions/Error400_AIS' description: Bad Request headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' CONFLICT_409_AIS: content: application/json: schema: $ref: '#/definitions/Error409_NG_AIS' application/problem+json: schema: $ref: '#/definitions/Error409_AIS' description: Conflict headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' FORBIDDEN_403_AIS: content: application/json: schema: $ref: '#/definitions/Error403_NG_AIS' application/problem+json: schema: $ref: '#/definitions/Error403_AIS' description: Forbidden headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' INTERNAL_SERVER_ERROR_500_AIS: description: Internal Server Error headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' METHOD_NOT_ALLOWED_405_AIS: content: application/json: schema: $ref: '#/definitions/Error405_NG_AIS' application/problem+json: schema: $ref: '#/definitions/Error405_AIS' description: Method Not Allowed headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' NOT_ACCEPTABLE_406_AIS: content: application/json: schema: $ref: '#/definitions/Error406_NG_AIS' application/problem+json: schema: $ref: '#/definitions/Error406_AIS' description: Not Acceptable headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' NOT_FOUND_404_AIS: content: application/json: schema: $ref: '#/definitions/Error404_NG_AIS' application/problem+json: schema: $ref: '#/definitions/Error404_AIS' description: Not found headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' OK_200_LoanAccountBalances: content: application/json: examples: 'Example 1: Regular Account': $ref: '#/x-components/examples/loanAccountBalancesExample' schema: properties: balances: items: $ref: '#/definitions/balance' type: array loanAccount: $ref: '#/definitions/accountReference' required: - loanAccount - balances type: object description: OK headers: X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' OK_200_LoanAccountDetails: content: application/json: example: $ref: '#/x-components/examples/loanAccountDetailsExample' schema: properties: loanAccount: $ref: '#/definitions/accountDetailsSavingsLoans' required: - loanAccount type: object description: OK headers: X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' OK_200_LoanAccountList: content: application/json: example: $ref: '#/x-components/examples/loanAccountListExample' schema: description: | List of loan accounts with details. properties: loanAccounts: items: $ref: '#/definitions/accountDetailsSavingsLoans' type: array required: - loanAccounts type: object description: OK headers: X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' OK_200_LoanAccountsTransactions: content: application/json: examples: Example 1: $ref: '#/x-components/examples/loanAccountTransactionsExample' Example 2: $ref: '#/x-components/examples/loanAccountTransactionsExample2_paging_json' schema: description: | Body of the JSON response for a successful read transaction list request. This account report contains transactions resulting from the query parameters. properties: _links: $ref: '#/definitions/_linksPagination' balances: items: $ref: '#/definitions/balance' type: array loanAccount: $ref: '#/definitions/accountReference' transactions: $ref: '#/definitions/accountReport' required: - loanAccount type: object description: OK headers: X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' OK_200_SavingsAccountBalances: content: application/json: examples: 'Example 1: Regular Account': $ref: '#/x-components/examples/savingsAccountBalancesExample' schema: properties: balances: description: 'BOI Remark: ASPSP must provide at least one balanceType and all balances that presented in the online channels.' items: $ref: '#/definitions/balance' type: array savingsAccount: $ref: '#/definitions/accountReference' required: - savingsAccount - balances type: object description: OK headers: X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' OK_200_SavingsAccountDetails: content: application/json: example: $ref: '#/x-components/examples/savingsAccountDetailsExample' schema: properties: savingsAccount: $ref: '#/definitions/accountDetailsSavingsLoans' required: - savingsAccount type: object description: OK headers: X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' OK_200_SavingsAccountList: content: application/json: example: $ref: '#/x-components/examples/savingsAccountListExample' schema: description: | List of savings accounts with details. properties: savingsAccounts: items: $ref: '#/definitions/accountDetailsSavingsLoans' type: array required: - savingsAccounts type: object description: OK headers: X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' OK_200_SavingsAccountsTransactions: content: application/json: examples: Example 1: $ref: '#/x-components/examples/savingsAccountTransactionsExample' Example 2: $ref: '#/x-components/examples/savingAccountTransactionsExample2_paging_json' schema: description: | Body of the JSON response for a successful read transaction list request. This account report contains transactions resulting from the query parameters. properties: _links: $ref: '#/definitions/_linksPagination' balances: items: $ref: '#/definitions/balance' type: array savingsAccount: $ref: '#/definitions/accountReference' transactions: $ref: '#/definitions/accountReport' required: - savingsAccount type: object description: OK headers: X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' REQUEST_TIMEOUT_408_AIS: description: Request Timeout headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' SERVICE_UNAVAILABLE_503_AIS: description: Service Unavailable headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' TOO_MANY_REQUESTS_429_AIS: content: application/json: schema: $ref: '#/definitions/Error429_NG_AIS' application/problem+json: schema: $ref: '#/definitions/Error429_AIS' description: Too Many Requests headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' UNAUTHORIZED_401_AIS: content: application/json: schema: $ref: '#/definitions/Error401_NG_AIS' application/problem+json: schema: $ref: '#/definitions/Error401_AIS' description: Unauthorized headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' UNSUPPORTED_MEDIA_TYPE_415_AIS: description: Unsupported Media Type headers: Location: $ref: '#/x-components/headers/Location' X-Request-ID: $ref: '#/x-components/headers/X-Request-ID' examples: loanAccountBalancesExample: description: Generic response to a /readLoanAccountBalances request. summary: Loan Account Balances Example value: balances: - balanceAmount: amount: "-80000.00" currency: EUR balanceType: closingBooked referenceDate: "2020-10-01" - balanceAmount: amount: "-82500.00" currency: EUR balanceType: expected lastChangeDateTime: "2020-11-20T15:30:35.035Z" loanAccount: iban: DE2310010010123456788 loanAccountDetailsExample: description: Generic response to a /readLoanAccountDetails request. summary: Loan Account Details Example value: loanAccount: _links: balances: href: /v1/loans/3dc3d5b3-7023-4848-9853-f5400a64e81a/balances transactions: href: /v1/loans/3dc3d5b3-7023-4848-9853-f5400a64e81a/transactions balances: - balanceAmount: amount: "-80000.00" currency: EUR balanceType: closingBooked referenceDate: "2020-10-01" cashAccountType: LOAN collateralsInvolved: false currency: EUR iban: DE2310010010123456788 interest: - rate: - percentage: "4.5" toDateTime: "2021-01-05T23:59:59" type: FIXD name: ' Silver' ownerName: Paul Simpson product: Retail loan relatedDates: contractAvailabilityDate: "2020-01-01" contractEndDate: "2023-01-01" contractStartDate: "2017-01-01" resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e81a status: enabled loanAccountListExample: description: Response in case of an example, where the consent has been given on two different Accounts. summary: Loan Account List Example value: loanAccounts: - _links: balances: href: /v1/loans/3dc3d5b3-7023-4848-9853-f5400a64e81a/balances transactions: href: /v1/loans/3dc3d5b3-7023-4848-9853-f5400a64e81a/transactions balances: - balanceAmount: amount: "-80000.00" currency: EUR balanceType: closingBooked referenceDate: "2020-10-30" cashAccountType: LOAN collateralsInvolved: false currency: EUR interest: - rate: - percentage: "4.5" toDateTime: "2021-01-05T23:59:59" type: FIXD name: ' Silver' other: identification: MyProprietaryID-0003 ownerName: Paul Simpson product: Retail loan relatedDates: contractAvailabilityDate: "2020-01-01" contractEndDate: "2023-01-01" contractStartDate: "2017-01-01" resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e81a - _links: balances: href: /v1/loans/3dc3d5b3-7023-4848-9853-f5400a64e816/balances transactions: href: /v1/loans/3dc3d5b3-7023-4848-9853-f5400a64e816/transactions balances: - balanceAmount: amount: "-10000.00" currency: USD balanceType: closingBooked referenceDate: "2020-10-30" cashAccountType: LOAN collateralsInvolved: false currency: EUR interest: - rate: - percentage: "4.5" toDateTime: "2021-01-05T23:59:59" type: FIXD name: ' Silver' other: identification: MyProprietaryID-0004 ownerName: Paul Simpson product: Retail loan relatedDates: contractAvailabilityDate: "2020-01-01" contractEndDate: "2023-01-01" contractStartDate: "2017-01-01" resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e816 - _links: balances: href: /v1/loans/3dc3d5b3-10a4-4848-9853-f5400a64e81g/balances transactions: href: /v1/loans/3dc3d5b3-10a4-4848-9853-f5400a64e81g/transactions balances: - balanceAmount: amount: "-100000.00" currency: EUR balanceType: closingBooked referenceDate: "2020-10-01" cashAccountType: LOAN collateralsInvolved: false currency: EUR iban: DE40100100103307118608 interest: - rate: - percentage: "2.0" toDateTime: "2039-12-31T23:59:59" type: FIXD name: ' Happy Home 2008' ownerName: Paul Simpson product: Mortgage loan relatedDates: contractAvailabilityDate: "2030-01-01" contractEndDate: "2040-01-01" contractStartDate: "2020-01-01" resourceId: 3dc3d5b3-10a4-4848-9853-f5400a64e81g loanAccountTransactionsExample: description: Generic response to a /readSavingsAccountTransactionss request. summary: Savings Account Transactions Example value: loanAccount: iban: DE2310010010123456788 transactions: booked: - bookingDate: "2020-08-30" remittanceInformationUnstructured: Amortization Aug 2020 transactionAmount: amount: "1250" currency: EUR transactionId: "1234567" valueDate: "2020-08-31" - bookingDate: "2020-09-29" remittanceInformationUnstructured: Amortization Sep 2020 transactionAmount: amount: "1250" currency: EUR transactionId: "1234568" valueDate: "2020-09-30" - bookingDate: "2020-09-30" remittanceInformationUnstructured: Interest Q3 2020 transactionAmount: amount: "-10.00" currency: EUR transactionId: "1234569" valueDate: "2020-09-30" pending: - remittanceInformationUnstructured: Amortization Oct 2020 transactionAmount: amount: ”1250" currency: EUR transactionId: "1234569" valueDate: "2020-10-31" loanAccountTransactionsExample2_paging_json: description: Response in case of data paging. value: _links: first: href: /v1/loans/12345678999/transactions last: href: /v1.0.8/accounts/12345678999/transactions next: href: /v1/loans/12345678999/transactions previous: href: /v1/accounts/12345678999/transactions loanAccount: iban: DE2310010010123456788 savingAccountTransactionsExample2_paging_json: description: Response in case of data paging. value: _links: first: href: /v1/savings/12345678999/transactions last: href: /v1/savings/12345678999/transactions next: href: /v1/savings/12345678999/transactions previous: href: /v1/savings/12345678999/transactions savingsAccount: iban: DE2310010010123456788 savingsAccountBalancesExample: description: Generic response to a /readSavingsAccountBalances request. summary: Savings Account Balances Example value: balances: - balanceAmount: amount: "5000.00" currency: EUR balanceType: closingBooked referenceDate: "2020-10-20" savingsAccount: iban: DE2310010010123456788 savingsAccountDetailsExample: description: Generic response to a /readSavingsAccountDetails request. summary: Savings Account Details Example value: savingsAccount: _links: balances: href: /v1/savings/3dc3d5b3-7023-4848-9853-f5400a64e81a/balances transactions: href: /v1/savings/3dc3d5b3-7023-4848-9853-f5400a64e81a/transactions balances: - balanceAmount: amount: "5000.00" currency: EUR balanceType: closingBooked referenceDate: "2020-10-01" cashAccountType: SVGS currency: EUR iban: DE2310010010123456788 interest: - rate: - fromAmount: amount: "0.0" currency: EUR percentage: "1.5" toAmount: amount: "2000" currency: EUR - fromAmount: amount: "2000" currency: EUR percentage: "0.1" toDateTime: "2017-01-05T23:59:59" type: FIXD - fromDateTime: "2017-01-06T00:00:00" rate: - fromAmount: amount: "0.0" currency: EUR percentage: "0.5" toAmount: amount: "2000" currency: EUR - fromAmount: amount: "2000" currency: EUR percentage: "0.1" type: FIXD name: Savings 1 ownerName: Paul Simpson product: Saving Account relatedDates: contractAvailabilityDate: "2019-01-01" contractEndDate: "2026-01-01" contractStartDate: "2016-01-01" resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e81a status: enabled savingsAccountListExample: description: Response in case of an example, where the consent has been given on two different Accounts. summary: Savings Account List Example value: savingsAccounts: - _links: balances: href: /v1/savings/3dc3d5b3-7023-4848-9853-f5400a64e81a/balances transactions: href: /v1/savings/3dc3d5b3-7023-4848-9853-f5400a64e81a/transactions balances: - balanceAmount: amount: "5000.00" currency: EUR balanceType: closingBooked referenceDate: "2020-10-01" cashAccountType: SVGS currency: EUR interest: - rate: - fromAmount: amount: "0.0" currency: EUR percentage: "1.5" toAmount: amount: "2000" currency: EUR - fromAmount: amount: "2000" currency: EUR percentage: "0.1" toDateTime: "2017-01-05T23:59:59" type: FIXD - fromDateTime: "2017-01-06T00:00:00" rate: - fromAmount: amount: "0.0" currency: EUR percentage: "0.5" toAmount: amount: "2000" currency: EUR - fromAmount: amount: "2000" currency: EUR percentage: "0.1" type: FIXD name: Savings 1a other: identification: MyProprietaryID-0001 ownerName: Paul Simpson product: Saving Account relatedDates: contractAvailabilityDate: "2019-01-01" contractEndDate: "2026-01-01" contractStartDate: "2016-01-01" resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e81a - _links: balances: href: /v1/savings/3dc3d5b3-7023-4848-9853-f5400a64e813/balances transactions: href: /v1/savings/3dc3d5b3-7023-4848-9853-f5400a64e813/transactions balances: - balanceAmount: amount: 4000.00" currency: EUR balanceType: closingBooked referenceDate: "2020-10-01" cashAccountType: SVGS currency: EUR interest: - rate: - fromAmount: amount: "0.0" currency: EUR percentage: "1.5" toAmount: amount: "2000" currency: EUR - fromAmount: amount: "2000" currency: EUR percentage: "0.1" toDateTime: "2017-01-05T23:59:59" type: FIXD - fromDateTime: "2017-01-06T00:00:00" rate: - fromAmount: amount: "0.0" currency: EUR percentage: "0.5" toAmount: amount: "2000" currency: EUR - fromAmount: amount: "2000" currency: EUR percentage: "0.1" type: FIXD name: Savings 1b other: identification: MyProprietaryID-0002 ownerName: Paul Simpson product: Saving Account relatedDates: contractAvailabilityDate: "2019-01-01" contractEndDate: "2026-01-01" contractStartDate: "2016-01-01" resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e813 savingsAccountTransactionsExample: description: Generic response to a /readSavingsAccountTransactionss request. summary: Savings Account Transactions Example value: savingsAccount: iban: DE2310010010123456788 transactions: booked: - bookingDate: "2020-10-01" remittanceInformationUnstructured: Example 1 transactionAmount: amount: "2000" currency: EUR transactionId: "1234567" valueDate: "2020-10-02" - bookingDate: "2020-10-09" remittanceInformationUnstructured: Example 2 transactionAmount: amount: "2000" currency: EUR transactionId: "1234568" valueDate: "2020-10-10" pending: - remittanceInformationUnstructured: Example3 transactionAmount: amount: "2000" currency: EUR transactionId: "1234570" valueDate: "2020-10-30" headers: Location: description: | Location of the created resource. required: false schema: format: url type: string X-Request-ID: description: ID of the request, unique to the call, as determined by the initiating party. example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 required: true schema: format: uuid type: string x-ibm-configuration: enforced: true testable: true phase: realized security: - oauth-Berlin: - accounts-LOAN - transactions-LOAN - balances-LOAN - accounts-SVGS - transactions-SVGS - balances-SVGS - accounts-CACC - account_data x-ibm-endpoints: - endpointUrl: https://mtls-api.discountbank.co.il/prod/d type: - production - development ...