PSD2 Business OBG 1.0.0

No votes yet

Description

Summary

Contact information

Discount Bank LTD

Support_api@dbank.co.il

https://www.OpenBanking.co.il/

components

parameters:
- Authorization:
  - description: This field might be used in case where a consent was agreed between ASPSP and PSU through an OAuth2 based protocol, facilitated by the TPP.
  - in: header
  - name: Authorization
  - required: false
  - schema:
    - $ref: #/definitions/authorization
- Digest:
  - description: Is contained if and only if the "Signature" element is contained in the header of the request.
  - in: header
  - name: Digest
  - required: true
  - type: string
  - x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=
- PSU-Accept:
  - description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
  - in: header
  - maxLength: 1024
  - name: PSU-Accept
  - required: false
  - type: string
- PSU-Accept-Charset:
  - description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
  - in: header
  - maxLength: 1024
  - name: PSU-Accept-Charset
  - required: false
  - type: string
- PSU-Accept-Encoding:
  - description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
  - in: header
  - maxLength: 1024
  - name: PSU-Accept-Encoding
  - required: false
  - type: string
- PSU-Accept-Language:
  - description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
  - in: header
  - maxLength: 1024
  - name: PSU-Accept-Language
  - required: false
  - type: string
- PSU-Corporate-ID:
  - description: Might be mandated in the ASPSP's documentation. Only used in a corporate context.
  - in: header
  - name: PSU-Corporate-ID
  - pattern: ^[A-Z]{2}[-]\d{9,10}|\d{9,10}$
  - required: false
  - type: string
- PSU-Corporate-ID-Type:
  - description: Might be mandated in the ASPSP's documentation. Only used in a corporate context.
  - in: header
  - maxLength: 512
  - name: PSU-Corporate-ID-Type
  - required: false
  - type: string
- PSU-Device-ID:
  - description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device.
  - format: uuid
  - in: header
  - name: PSU-Device-ID
  - required: false
  - type: string
  - x-example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555
- PSU-Device-ID_conditional:
  - description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.
  - example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555
  - in: header
  - name: PSU-Device-ID
  - required: false
  - schema:
    - format: uuid
    - type: string
- PSU-Geo-Location:
  - description: The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
  - in: header
  - name: PSU-Geo-Location
  - pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$
  - required: false
  - type: string
  - x-example: GEO:52.506931;13.144558
- PSU-Geo-Location_conditional:
  - description: The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
  - example: GEO:52.506931;13.144558
  - in: header
  - name: PSU-Geo-Location
  - required: false
  - schema:
    - pattern: ^GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6}$
    - type: string
- PSU-Http-Method:
  - description: HTTP method used at the PSU ? TPP interface, if available. Valid values are: * GET * POST * PUT * PATCH * DELETE
  - enum:
    - 0: GET
    - 1: POST
    - 2: PUT
    - 3: PATCH
    - 4: DELETE
  - in: header
  - name: PSU-Http-Method
  - required: false
  - type: string
- PSU-ID:
  - description: BOI-REMARK - The PSU id number or passport number. Possible values are: * ID = only digits. * Passport = 2 characters ISO 3166 country code + '-' + Passport number.
  - in: header
  - name: PSU-ID
  - pattern: ^([0-9]{9}|[A-Za-z]{2}-([A-Za-z0-9]){1,16})$
  - required: true
  - type: string
  - x-example: IL-12345678945
- PSU-ID-Type:
  - description: BOI-REMARK - Specific brands or channels of the ASPSP only in case there is more than one. Possible values should be found in ASPSP's documentation and get approved in advance by BOI.
  - in: header
  - maxLength: 512
  - name: PSU-ID-Type
  - required: false
  - type: string
- PSU-IP-Address_conditionalForAis:
  - description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. It shall be contained if and only if this request was actively initiated by the PSU.
  - format: ipv4
  - in: header
  - name: PSU-IP-Address
  - required: false
  - type: string
  - x-example: 192.168.8.78
- PSU-IP-Address_mandatory:
  - description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request.
  - format: ipv4
  - in: header
  - name: PSU-IP-Address
  - required: true
  - type: string
  - x-example: 192.168.8.78
- PSU-IP-Address_optional:
  - description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
  - format: ipv4
  - in: header
  - name: PSU-IP-Address
  - required: false
  - type: string
  - x-example: 192.168.8.78
- PSU-IP-Port:
  - description: The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
  - in: header
  - maxLength: 5
  - name: PSU-IP-Port
  - required: false
  - type: string
  - x-example: 1234
- PSU-IP-Port_mandatory:
  - description: The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
  - example: 1234
  - in: header
  - name: PSU-IP-Port
  - required: false
  - schema:
    - maxLength: 5
    - type: string
- PSU-User-Agent:
  - description: The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
  - in: header
  - maxLength: 1024
  - name: PSU-User-Agent
  - required: false
  - type: string
- Signature:
  - description: A signature of the request by the TPP on application level. This might be mandated by ASPSP.
  - in: header
  - name: Signature
  - required: true
  - type: string
  - x-example: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))"
- TPP-Brand-Logging-Information:
  - description: This header might be used by TPPs to inform the ASPSP about the brand used by the TPP towards the PSU. This information is meant for logging entries to enhance communication between ASPSP and PSU or ASPSP and TPP. This header might be ignored by the ASPSP.
  - in: header
  - name: TPP-Brand-Logging-Information
  - required: false
  - type: string
- TPP-Decoupled-Preferred:
  - description: If it equals "true", the TPP prefers a decoupled SCA approach. If it equals "false", the TPP prefers not to use the decoupled approach for SCA. The ASPSP will then choose between the embedded or the redirect SCA approach, depending on the choice of the SCA procedure by the TPP/PSU. If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the parameter TPP-Redirect-Preferred and the SCA method chosen by the TPP/PSU. The parameter might be ignored by the ASPSP. If both parameters TPP-Redirect-Preferred and TPP-Decoupled-Preferred are present and true, the request is still not rejected, but it is up to the ASPSP, which approach will actually be used. **Remark for Future:** TPP-Redirect-Preferred and TPP-Decoupled-Preferred will be revised in future versions, maybe merged. Currently kept separate for downward compatibility.
  - in: header
  - name: TPP-Decoupled-Preferred
  - required: false
  - type: boolean
- TPP-Explicit-Authorisation-Preferred:
  - description: If it equals "true", the TPP prefers to start the authorisation process separately, e.g. because of the usage of a signing basket. This preference might be ignored by the ASPSP, if a signing basket is not supported as functionality. If it equals "false" or if the parameter is not used, there is no preference of the TPP. This especially indicates that the TPP assumes a direct authorisation of the transaction in the next step, without using a signing basket.
  - in: header
  - name: TPP-Explicit-Authorisation-Preferred
  - required: false
  - type: boolean
- TPP-Nok-Redirect-URI:
  - description: If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method. This might be ignored by the ASPSP.
  - format: uri
  - in: header
  - maxLength: 2048
  - name: TPP-Nok-Redirect-URI
  - required: false
  - type: string
- TPP-Notification-Content-Preferred:
  - description: The string has the form status=X1, ..., Xn where Xi is one of the constants SCA, PROCESS, LAST and where constants are not repeated. The usage of the constants supports the of following semantics: SCA: A notification on every change of the scaStatus attribute for all related authorisation processes is preferred by the TPP. PROCESS: A notification on all changes of consentStatus or transactionStatus attributes is preferred by the TPP. LAST: Only a notification on the last consentStatus or transactionStatus as available in the XS2A interface is preferred by the TPP. This header field may be ignored, if the ASPSP does not support resource notification services for the related TPP.
  - in: header
  - maxLength: 2048
  - name: TPP-Notification-Content-Preferred
  - required: false
  - type: string
- TPP-Notification-URI:
  - description: URI for the Endpoint of the TPP-API to which the status of the payment initiation should be sent. This header field may by ignored by the ASPSP. For security reasons, it shall be ensured that the TPP-Notification-URI as introduced above is secured by the TPP eIDAS QWAC used for identification of the TPP. The following applies: URIs which are provided by TPPs in TPP-Notification-URI shall comply with the domain secured by the eIDAS QWAC certificate of the TPP in the field CN or SubjectAltName of the certificate. Please note that in case of example-TPP.com as certificate entry TPP- Notification-URI like www.example-TPP.com/xs2a-client/v1/ASPSPidentifcation/mytransaction- id/notifications or notifications.example-TPP.com/xs2a-client/v1/ASPSPidentifcation/mytransaction- id/notifications would be compliant. Wildcard definitions shall be taken into account for compliance checks by the ASPSP. ASPSPs may respond with ASPSP-Notification-Support set to false, if the provided URIs do not comply.
  - format: uri
  - in: header
  - maxLength: 2048
  - name: TPP-Notification-URI
  - required: false
  - type: string
- TPP-Notification-URI_mandatory:
  - description: URI for the Endpoint of the TPP-API to which the status of the consent status should be sent. For security reasons, it shall be ensured that the TPP-Notification-URI as introduced above is secured by the TPP eIDAS QWAC used for identification of the TPP. The following applies: URIs which are provided by TPPs in TPP-Notification-URI shall comply with the domain secured by the eIDAS QWAC certificate of the TPP in the field CN or SubjectAltName of the certificate. Please note that in case of example-TPP.com as certificate entry TPP- Notification-URI like www.example-TPP.com/xs2a-client/v1/ASPSPidentifcation/mytransaction- id/notifications or notifications.example-TPP.com/xs2a-client/v1/ASPSPidentifcation/mytransaction- id/notifications would be compliant. Wildcard definitions shall be taken into account for compliance checks by the ASPSP. ASPSPs may respond with ASPSP-Notification-Support set to false, if the provided URIs do not comply.
  - format: uri
  - in: header
  - maxLength: 2048
  - name: TPP-Notification-URI
  - required: true
  - type: string
- TPP-Redirect-Preferred:
  - description: BOI-REMARK- If it equals "false" , the ASPSP has to choose Decoupled SCA approach if supported by the ASPSP for the related PSU, because Embedded does not supported. ASPSP not supporting Decoupled SCA approach can ignore this attribute.
  - in: header
  - name: TPP-Redirect-Preferred
  - required: false
  - type: boolean
- TPP-Redirect-URI:
  - description: URI of the TPP, where the transaction flow shall be redirected to after a Redirect. Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true". It is recommended to always use this header field. **Remark for Future:** This field might be changed to mandatory in the next version of the specification.
  - format: uri
  - in: header
  - maxLength: 2048
  - name: TPP-Redirect-URI
  - required: false
  - type: string
- TPP-Rejection-NoFunds-Preferred:
  - description: If it equals "true" then the TPP prefers a rejection of the payment initiation in case the ASPSP is providing an integrated confirmation of funds request an the result of this is that not sufficient funds are available. If it equals "false" then the TPP prefers that the ASPSP is dealing with the payment initiation like in the ASPSPs online channel, potentially waiting for a certain time period for funds to arrive to initiate the payment. This parameter might be ignored by the ASPSP.
  - in: header
  - name: TPP-Rejection-NoFunds-Preferred
  - required: false
  - type: boolean
- TPP-Signature-Certificate:
  - description: The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.
  - format: byte
  - in: header
  - name: TPP-Signature-Certificate
  - required: true
  - type: string
- X-Request-ID:
  - description: ID of the request, unique to the call, as determined by the initiating party.
  - format: uuid
  - in: header
  - name: X-Request-ID
  - required: true
  - type: string
  - x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- accountId:
  - description: This identification is denoting the addressed (card) account. The account-id is retrieved by using a "Read Account List" or "Read Card Account list" call. The account-id is the "resourceId" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.
  - in: path
  - name: account-id
  - required: true
  - type: string
- authorisationId:
  - description: Resource identification of the related SCA.
  - in: path
  - name: authorisationId
  - required: true
  - type: string
- bookingStatusCard:
  - description: Permitted codes are * "booked", * "pending", * "both", "booked" shall be supported by the ASPSP. To support the "pending" and "both" feature is optional for the ASPSP, Error code if not supported in the online banking frontend. If supported, "both" means to request transaction reports of transaction of bookingStatus either "pending" or "booked".
  - enum:
    - 0: booked
    - 1: pending
    - 2: both
  - in: query
  - name: bookingStatus
  - required: true
  - type: string
- bookingStatusGeneric:
  - description: Permitted codes are * "booked", * "pending", * "both", * "information" and * "all" "booked" shall be supported by the ASPSP. To support the "pending" and "both" feature is optional for the ASPSP, Error code if not supported in the online banking frontend. If supported, "both" means to request transaction reports of transaction of bookingStatus either "pending" or "booked". To support the "information" feature is optional for the ASPSP. Currently the booking status “information” only covers standing orders. Error code if not supported. To support the "all" feature is optional for the ASPSP, Error code if not supported. If supported, "all" means to request transaction reports of transaction of any bookingStatus ("pending", "booked" or "information").
  - enum:
    - 0: information
    - 1: booked
    - 2: pending
    - 3: both
    - 4: all
  - in: query
  - name: bookingStatus
  - required: true
  - type: string
- consentId_HEADER_mandatory:
  - description: This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
  - in: header
  - maxLength: 512
  - name: Consent-ID
  - required: true
  - type: string
- consentId_HEADER_optional:
  - description: This data element may be contained, if the payment initiation transaction is part of a session, i.e. combined AIS/PIS service. This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
  - in: header
  - maxLength: 512
  - name: Consent-ID
  - required: false
  - type: string
- consentId_PATH:
  - description: ID of the corresponding consent object as returned by an account information consent request.
  - in: path
  - maxLength: 512
  - name: consentId
  - required: true
  - type: string
- dateFrom:
  - description: Conditional: Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required and if bookingStatus does not equal "information". For booked transactions, the relevant date is the booking date. For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP. BOI remarks: the minimum value can be at least 12 month prior to "now". In case of exception from the minimum value the response will be only for the minimum period.
  - format: date
  - in: query
  - name: dateFrom
  - required: true
  - type: string
- dateTo:
  - description: End date (inclusive the data dateTo) of the transaction list, default is "now" if not given. Might be ignored if a delta function is used. For booked transactions, the relevant date is the booking date. For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP. BOI-REMARK: ASPSP must support this option for account-id/transactions
  - format: date
  - in: query
  - name: dateTo
  - required: false
  - type: string
- deltaList:
  - description: This data attribute is indicating that the AISP is in favour to get all transactions after the last report access for this PSU on the addressed account. This is another implementation of a delta access-report. This delta indicator might be rejected by the ASPSP if this function is not supported. Optional if supported by API provider
  - in: query
  - name: deltaList
  - type: boolean
- entryReferenceFrom:
  - description: This data attribute is indicating that the AISP is in favour to get all transactions after the transaction with identification entryReferenceFrom alternatively to the above defined period. This is a implementation of a delta access. If this data element is contained, the entries "dateFrom" and "dateTo" might be ignored by the ASPSP if a delta report is supported. Optional if supported by API provider.
  - in: query
  - name: entryReferenceFrom
  - required: false
  - type: string
- paymentId:
  - description: Resource identification of the generated payment initiation resource.
  - in: path
  - name: paymentId
  - required: true
  - type: string
- paymentProduct:
  - description: The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported. The following payment products are supported: - "masav" - "zahav" - "fp" **Remark:** For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities. **Remark:** For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.
  - enum:
    - 0: masav
    - 1: zahav
    - 2: fp
  - in: path
  - name: payment-product
  - required: true
  - type: string
- paymentService:
  - description: Payment service: Possible values are: * payments * bulk-payments * periodic-payments
  - enum:
    - 0: payments
    - 1: bulk-payments
    - 2: periodic-payments
  - in: path
  - name: payment-service
  - required: true
  - type: string
- transactionId:
  - description: This identification is given by the attribute transactionId of the corresponding entry of a transaction list.
  - in: path
  - name: transactionId
  - required: true
  - type: string
- withBalanceQuery:
  - description: If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP.
  - in: query
  - name: withBalance
  - required: false
  - type: boolean
responses:
- BAD_REQUEST_400_AIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error400_NG_AIS
  - description: Bad Request
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- BAD_REQUEST_400_PIIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error400_NG_AIS
  - description: Bad Request
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- BAD_REQUEST_400_PIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error400_NG_PIS
  - description: Bad Request
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- CONFLICT_409_AIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error409_NG_AIS
  - description: Conflict
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- CONFLICT_409_PIIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error409_NG_PIIS
  - description: Conflict
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- CONFLICT_409_PIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error409_NG_PIS
  - description: Conflict
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- CONFLICT_409_SBS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error409_NG_SBS
  - description: Conflict
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- CREATED_201_Consents:
  - content:
    - application/json:
      - examples:
        Response in case of the OAuth2 approach with an implicit generated authorisation resource:
        $ref: #/x-components/examples/consentResponseExample2_OAuth2
        Response in case of the decoupled approach:
        $ref: #/x-components/examples/consentResponseExample3_Decoupled
      - schema:
        $ref: #/definitions/consentsResponse-201
  - description: Created
  - headers:
    - ASPSP-Notification-Content:
      - $ref: #/x-components/headers/ASPSP-Notification-Content
    - ASPSP-Notification-Support:
      - $ref: #/x-components/headers/ASPSP-Notification-Support
    - ASPSP-SCA-Approach:
      - $ref: #/x-components/headers/ASPSP-SCA-Approach
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- CREATED_201_PaymentInitiation:
  - content:
    - application/json:
      - examples:
        Response in case of an OAuth2 SCA approach approach with implicitly creating an authorisation sub-resource:
        $ref: #/x-components/examples/paymentInitiationExample_json_OAuth2
        Response in case of the decoupled approach with explicit start of authorisation needed (will be done with the update PSU identification function):
        $ref: #/x-components/examples/paymentInitiationExample_json_Decoupled
      - schema:
        $ref: #/definitions/paymentInitationRequestResponse-201
  - description: CREATED
  - headers:
    - ASPSP-Notification-Content:
      - $ref: #/x-components/headers/ASPSP-Notification-Content
    - ASPSP-Notification-Support:
      - $ref: #/x-components/headers/ASPSP-Notification-Support
    - ASPSP-SCA-Approach:
      - $ref: #/x-components/headers/ASPSP-SCA-Approach
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- CREATED_201_StartScaProcess:
  - content:
    - application/json:
      - examples:
        Example 1: payments - Decoupled Approach:
        $ref: #/x-components/examples/startScaProcessResponseExample1
      - schema:
        $ref: #/definitions/startScaprocessResponse
  - description: Created
  - headers:
    - ASPSP-SCA-Approach:
      - $ref: #/x-components/headers/ASPSP-SCA-Approach
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- FORBIDDEN_403_AIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error403_NG_AIS
  - description: Forbidden
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- FORBIDDEN_403_PIIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error403_NG_PIIS
  - description: Forbidden
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- FORBIDDEN_403_PIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error403_NG_PIS
  - description: Forbidden
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- FORBIDDEN_403_SBS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error403_NG_SBS
  - description: Forbidden
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- INTERNAL_SERVER_ERROR_500_AIS:
  - description: Internal Server Error
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- INTERNAL_SERVER_ERROR_500_PIIS:
  - description: Internal Server Error
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- INTERNAL_SERVER_ERROR_500_PIS:
  - description: Internal Server Error
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- INTERNAL_SERVER_ERROR_500_SBS:
  - description: Internal Server Error
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- METHOD_NOT_ALLOWED_405_AIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error405_NG_AIS
  - description: Method Not Allowed
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- METHOD_NOT_ALLOWED_405_PIIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error405_NG_PIIS
  - description: Method Not Allowed
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- METHOD_NOT_ALLOWED_405_PIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error405_NG_PIS
  - description: Method Not Allowed
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- METHOD_NOT_ALLOWED_405_PIS_CANC:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error405_NG_PIS_CANC
  - description: Method Not Allowed
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- METHOD_NOT_ALLOWED_405_SBS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error405_NG_SBS
  - description: Method Not Allowed
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NOT_ACCEPTABLE_406_AIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error406_NG_AIS
  - description: Not Acceptable
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NOT_ACCEPTABLE_406_PIIS:
  - description: Not Acceptable
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NOT_ACCEPTABLE_406_PIS:
  - description: Not Acceptable
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NOT_ACCEPTABLE_406_SBS:
  - description: Not Acceptable
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NOT_FOUND_404_AIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error404_NG_AIS
  - description: Not found
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NOT_FOUND_404_PIIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error404_NG_PIIS
  - description: Not found
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NOT_FOUND_404_PIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error404_NG_PIS
  - description: Not found
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NOT_FOUND_404_SBS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error404_NG_SBS
  - description: Not found
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NO_CONTENT_204_Consents:
  - description: No Content
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NO_CONTENT_204_PaymentInitiationCancel:
  - description: No Content
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- NO_CONTENT_204_SigningBasket:
  - description: No Content
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_AccountDetails:
  - content:
    - application/json:
      - examples:
        Multicurrency Account:
        $ref: #/x-components/examples/accountDetailsMulticurrencyAccount
        Regular Account:
        $ref: #/x-components/examples/accountDetailsRegularAccount
      - schema:
        properties:
        account:
        $ref: #/definitions/accountDetails
        required:
        0: account
        type: object
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_AccountList:
  - content:
    - application/json:
      - examples:
        Example 1:
        $ref: #/x-components/examples/accountListExample1
        Example 2:
        $ref: #/x-components/examples/accountListExample2
        Example 3:
        $ref: #/x-components/examples/accountListExample3
      - schema:
        $ref: #/definitions/accountList
  - description: OK. In case, no account is accessible, the ASPSP shall return an empty array. As this is also considered a positive response, the Response code must still be 200.
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_AccountsTransactions:
  - content:
    - application/json:
      - examples:
        Example 1:
        $ref: #/x-components/examples/transactionsExample1_RegularAccount_json
        Example 2:
        $ref: #/x-components/examples/transactionsExample2_paging_json
        Example 3:
        $ref: #/x-components/examples/transactionsExample3_MulticurrencyAccount_json
      - schema:
        $ref: #/definitions/transactionsResponse-200_json
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_Authorisations:
  - content:
    - application/json:
      - examples:
        Example:
        $ref: #/x-components/examples/authorisationListExample
      - schema:
        $ref: #/definitions/authorisations
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_Balances:
  - content:
    - application/json:
      - examples:
        Example 1: Regular Account:
        $ref: #/x-components/examples/balancesExample1_RegularAccount
        Example 2: Multicurrency Account:
        $ref: #/x-components/examples/balancesExample2_MulticurrencyAcount
        Example 3::
        $ref: #/x-components/examples/balancesExample3_RegularAccount
      - schema:
        $ref: #/definitions/readAccountBalanceResponse-200
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_CardAccountBalances:
  - content:
    - application/json:
      - examples:
        Example::
        $ref: #/x-components/examples/balancesExample_CardAccount
      - schema:
        $ref: #/definitions/readCardAccountBalanceResponse-200
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_CardAccountDetails:
  - content:
    - application/json:
      - examples:
        Card Account:
        $ref: #/x-components/examples/cardAccountDetailsExample
      - schema:
        properties:
        cardAccount:
        $ref: #/definitions/cardAccountDetails
        required:
        0: cardAccount
        type: object
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_CardAccountList:
  - content:
    - application/json:
      - examples:
        Example 1:
        $ref: #/x-components/examples/cardAccountListExample1
      - schema:
        $ref: #/definitions/cardAccountList
  - description: OK. In case, no card-account is accessible, the ASPSP shall return an empty array. As this is also considered a positive response, the Response Code must still be 200.
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_CardAccountsTransactions:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/cardAccountsTransactionsResponse200
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_ConsentInformation:
  - content:
    - application/json:
      - examples:
        Example:
        $ref: #/x-components/examples/consentsInformationResponseExample
      - schema:
        $ref: #/definitions/consentInformationResponse-200_json
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_ConsentStatus:
  - content:
    - application/json:
      - examples:
        Example:
        $ref: #/x-components/examples/consentStatusResponseExample1
      - schema:
        $ref: #/definitions/consentStatusResponse-200
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_PaymentInitiationInformation:
  - content:
    - application/json:
      - schema:
        oneOf:
        0:
        $ref: #/definitions/paymentInitiationWithStatusResponse
        1:
        $ref: #/definitions/periodicPaymentInitiationWithStatusResponse
        2:
        $ref: #/definitions/bulkPaymentInitiationWithStatusResponse
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_PaymentInitiationStatus:
  - content:
    - application/json:
      - examples:
        extended:
        $ref: #/x-components/examples/paymentInitiationStatusResponse_json_Extended
        simple:
        $ref: #/x-components/examples/paymentInitiationStatusResponse_json_Simple
      - schema:
        $ref: #/definitions/paymentInitiationStatusResponse-200_json
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_ScaStatus:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/scaStatusResponse
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_TransactionDetails:
  - content:
    - application/json:
      - examples:
        Example:
        $ref: #/x-components/examples/transactionDetailsExample
      - schema:
        properties:
        transactionsDetails:
        $ref: #/definitions/transactionDetailsBody
        required:
        0: transactionsDetails
        type: object
  - description: OK
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- OK_200_UpdatePsuData:
  - content:
    - application/json:
      - examples:
        Authorisation confirmation:
        $ref: #/x-components/examples/authorisationConfirmationResponseExample
      - schema:
        oneOf:
        0:
        $ref: #/definitions/authorisationConfirmationResponse
  - description: OK
  - headers:
    - ASPSP-SCA-Approach:
      - $ref: #/x-components/headers/ASPSP-SCA-Approach
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- RECEIVED_202_PaymentInitiationCancel:
  - content:
    - application/json:
      - examples:
        Example:
        $ref: #/x-components/examples/paymentInitiationCancelResponse-202
      - schema:
        $ref: #/definitions/paymentInitiationCancelResponse-202
  - description: Received
  - headers:
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- REQUEST_TIMEOUT_408_AIS:
  - description: Request Timeout
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- REQUEST_TIMEOUT_408_PIIS:
  - description: Request Timeout
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- REQUEST_TIMEOUT_408_PIS:
  - description: Request Timeout
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- REQUEST_TIMEOUT_408_SBS:
  - description: Request Timeout
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- SERVICE_UNAVAILABLE_503_AIS:
  - description: Service Unavailable
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- SERVICE_UNAVAILABLE_503_PIIS:
  - description: Service Unavailable
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- SERVICE_UNAVAILABLE_503_PIS:
  - description: Service Unavailable
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- SERVICE_UNAVAILABLE_503_SBS:
  - description: Service Unavailable
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- TOO_MANY_REQUESTS_429_AIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error429_NG_AIS
  - description: Too Many Requests
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- TOO_MANY_REQUESTS_429_PIIS:
  - description: Too Many Requests
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- TOO_MANY_REQUESTS_429_PIS:
  - description: Too Many Requests
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- TOO_MANY_REQUESTS_429_SBS:
  - description: Too Many Requests
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- UNAUTHORIZED_401_AIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error401_NG_AIS
  - description: Unauthorized
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- UNAUTHORIZED_401_PIIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error401_NG_PIIS
  - description: Unauthorized
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- UNAUTHORIZED_401_PIS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error401_NG_PIS
  - description: Unauthorized
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- UNAUTHORIZED_401_SBS:
  - content:
    - application/json:
      - schema:
        $ref: #/definitions/Error401_NG_SBS
  - description: Unauthorized
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- UNSUPPORTED_MEDIA_TYPE_415_AIS:
  - description: Unsupported Media Type
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- UNSUPPORTED_MEDIA_TYPE_415_PIIS:
  - description: Unsupported Media Type
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- UNSUPPORTED_MEDIA_TYPE_415_PIS:
  - description: Unsupported Media Type
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
- UNSUPPORTED_MEDIA_TYPE_415_SBS:
  - description: Unsupported Media Type
  - headers:
    - Location:
      - $ref: #/x-components/headers/Location
    - X-Request-ID:
      - $ref: #/x-components/headers/X-Request-ID
examples:
- accountDetailsMulticurrencyAccount:
  - description: Account details for a multicurrency account.
  - value:
    - account:
      - _links:
        balances:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/balances
        transactions:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/transactions
      - cashAccountType: CACC
      - currency: XXX
      - iban: FR7612345987650123456789014
      - name: Aggregation Account
      - ownerName: Heike Mustermann
      - product: Multicurrency Account
      - resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e80f
- accountDetailsRegularAccount:
  - description: Account details for a regular Account.
  - value:
    - account:
      - _links:
        balances:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/balances
        transactions:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/transactions
      - cashAccountType: CACC
      - currency: EUR
      - iban: FR7612345987650123456789014
      - name: Main Account
      - ownerName: Heike Mustermann
      - product: Girokonto
      - resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e80f
- accountListExample1:
  - description: Response in case of an example, where the consent has been given on two different IBANs.
  - summary: Account list Example 1
  - value:
    - accounts:
      - 0:
        _links:
        balances:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/balances
        transactions:
        href: v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/transactions
        cashAccountType: CACC
        currency: EUR
        iban: DE2310010010123456789
        name: Main Account
        product: Girokonto
        resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e80f
      - 1:
        _links:
        balances:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81e/balances
        cashAccountType: CACC
        currency: USD
        iban: DE2310010010123456788
        name: US Dollar Account
        product: Fremdwährungskonto
        resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e81e
- accountListExample2:
  - description: Response in case of an example where consent on transactions and balances has been given to a multicurrency account which has two sub-accounts with currencies EUR and USD, and where the ASPSP is giving the data access only on sub-account level.
  - summary: Account list Example 2
  - value:
    - accounts:
      - 0:
        _links:
        balances:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/balances
        transactions:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/transactions
        cashAccountType: CACC
        currency: EUR
        iban: DE2310010010123456788
        name: Main Account
        product: Girokonto
        resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e80f
      - 1:
        _links:
        balances:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81e/balances
        transactions:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81e/transactions
        cashAccountType: CACC
        currency: USD
        iban: DE2310010010123456788
        name: US Dollar Account
        product: Fremdwährungskonto
        resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e81e
- accountListExample3:
  - description: Account list response in case of an example where consent on balances and transactions has been given to a multicurrency account which has two sub-accounts with currencies EUR and USD and where the ASPSP is giving the data access on aggregation level and on sub-account level.
  - summary: Account list Example 3
  - value:
    - accounts:
      - 0:
        _links:
        balances:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e333/balances
        transactions:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e333/transactions
        cashAccountType: CACC
        currency: XXX
        iban: DE2310010010123456788
        name: Aggregation Account
        product: Multi currency account
        resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e80f
      - 1:
        _links:
        balances:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80e/balances
        transactions:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80e/transactions
        cashAccountType: CACC
        currency: EUR
        iban: DE2310010010123456788
        name: Main Account
        product: Girokonto
        resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e80e
      - 2:
        _links:
        balances:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81d/balances
        transactions:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81d/transactions
        cashAccountType: CACC
        currency: USD
        iban: DE2310010010123456788
        name: US Dollar Account
        product: Fremdwährungskonto
        resourceId: 3dc3d5b3-7023-4848-9853-f5400a64e81d
- authorisationConfirmationExample_Redirect:
  - description: Authorisation confirmation request body for the redirect approach.
  - value:
    - confirmationCode: 2256ffgh
- authorisationConfirmationResponseExample:
  - description: Response of an authorisation confirmation request.
  - value:
    - _links:
      - status:
        href: /v1/payments/masav/qwer3456tzui7890/status
    - scaStatus: finalised
- authorisationListExample:
  - value:
    - authorisationIds:
      - 0: 123auth456
- balancesExample1_RegularAccount:
  - description: Response for a read balance request in case of a regular account.
  - value:
    - account:
      - iban: FR7612345987650123456789014
    - balances:
      - 0:
        balanceAmount:
        amount: 500.00
        currency: EUR
        balanceType: closingBooked
        referenceDate: 2017-10-25
      - 1:
        balanceAmount:
        amount: 900.00
        currency: EUR
        balanceType: expected
        lastChangeDateTime: 2017-10-25T15:30:35.035Z
- balancesExample2_MulticurrencyAcount:
  - description: Response in case of a multicurrency account with one account in EUR, one in USD, where the ASPSP has delivered a link to the balance endpoint relative to the aggregated multicurrency account (aggregation level).
  - value:
    - balances:
      - 0:
        balanceAmount:
        amount: 500.00
        currency: EUR
        balanceType: closingBooked
        referenceDate: 2017-10-25
      - 1:
        balanceAmount:
        amount: 900.00
        currency: EUR
        balanceType: expected
        lastChangeDateTime: 2017-10-25T15:30:35.035Z
      - 2:
        balanceAmount:
        amount: 350.00
        currency: USD
        balanceType: closingBooked
        referenceDate: 2017-10-25
      - 3:
        balanceAmount:
        amount: 350.00
        currency: USD
        balanceType: expected
        lastChangeDateTime: 2017-10-24T14:30:21Z
- balancesExample3_RegularAccount:
  - description: Response in case of a regular account where the corresponding balances in the online channel is reported independently from account statements with fixed dates, i.e. always displaying running balance for current time.
  - value:
    - balances:
      - 0:
        balanceAmount:
        amount: 1000.00
        currency: EUR
        balanceType: interimBooked
      - 1:
        balanceAmount:
        amount: 300.00
        currency: EUR
        balanceType: interimAvailable
      - 2:
        balanceAmount:
        amount: 5300.00
        currency: EUR
        balanceType: interimAvailable
        creditLimitIncluded: true
- balancesExample_CardAccount:
  - description: Response in case of card account balance request.
  - value:
    - balances:
      - 0:
        balanceAmount:
        amount: 14355.78
        currency: EUR
        balanceType: interimBooked
      - 1:
        balanceAmount:
        amount: 4175.86
        currency: EUR
        balanceType: nonInvoiced
    - cardAccount:
      - maskedPan: 525412******3241
- cardAccountDetailsExample:
  - description: Card account details example.
  - summary: Card account details example 1
  - value:
    - cardAccount:
      - _links:
        transactions:
        href: /v1/card-accounts/3d9a81b3-a47d-4130-8765-a9c0ff861b99/transactions
      - balances:
        0:
        balanceAmount:
        amount: 14355.78
        currency: EUR
        balanceType: interimBooked
        1:
        balanceAmount:
        amount: 4175.86
        currency: EUR
        balanceType: nonInvoiced
      - creditLimit:
        amount: 15000
        currency: EUR
      - currency: EUR
      - maskedPan: 525412******3241
      - name: Main
      - ownerName: Heike Mustermann
      - product: Basic Credit
      - resourceId: 3d9a81b3-a47d-4130-8765-a9c0ff861b99
      - status: enabled
- cardAccountListExample1:
  - description: Card account list example.
  - summary: Card account list example 1
  - value:
    - cardAccounts:
      - 0:
        _links:
        transactions:
        href: /v1/card-accounts/3d9a81b3-a47d-4130-8765-a9c0ff861b99/transactions
        balances:
        0:
        balanceAmount:
        amount: 14355.78
        currency: EUR
        balanceType: interimBooked
        1:
        balanceAmount:
        amount: 4175.86
        currency: EUR
        balanceType: nonInvoiced
        creditLimit:
        amount: 15000
        currency: EUR
        currency: EUR
        maskedPan: 525412******3241
        name: Main
        product: Basic Credit
        resourceId: 3d9a81b3-a47d-4130-8765-a9c0ff861b99
        status: enabled
- confirmationOfFundsExample:
  - description: Request body for a confirmation of funds.
  - value:
    - account:
      - iban: DE23100120020123456789
    - cardNumber: 12345678901234
    - instructedAmount:
      - amount: 123
      - currency: EUR
- confirmationOfFundsResponseExample:
  - description: Response for a confirmation of funds request.
  - value:
    - fundsAvailable: true
- consentResponseExample2_OAuth2:
  - description: Response in case of the OAuth2 approach with an implicit generated authorisation resource.
  - value:
    - _links:
      - scaOAuth:
        href: https://www.testbank.com/oauth/.well-known/oauth-authorization-server
      - scaStatus:
        href: /v1/consents/1234-wertiq-983/authorisations/123auth567
      - self:
        href: /v1/consents/1234-wertiq-983
    - consentId: 1234-wertiq-983
    - consentStatus: received
- consentResponseExample3_Decoupled:
  - description: Response in case of the decoupled approach.
  - value:
    - _links:
      - startAuthorisationWithPsuIdentification:
        href: /psd2/v1/consents/1234-wertiq-983/authorisations
    - consentId: 1234-wertiq-983
    - consentStatus: received
- consentResponseExample4_Embedded:
  - description: Response in case of the embedded approach.
  - value:
    - _links:
      - self:
        href: /v1.0.8/consents/1234-wertiq-983
    - consentId: 1234-wertiq-983
    - consentStatus: received
- consentStatusResponseExample1:
  - description: Response for a consent status request.
  - value:
    - consentStatus: valid
- consentsExample_AccountList:
  - description: Consent on account list of available accounts.
  - value:
    - access:
      - availableAccounts: allAccounts
    - frequencyPerDay: 100
    - recurringIndicator: false
    - validUntil: 2017-08-06
- consentsExample_DedicatedAccounts:
  - description: Consent request on dedicated accounts.
  - value:
    - access:
      - balances:
        0:
        iban: DE40100100103307118608
        1:
        currency: ILS
        iban: DE02100100109307118603
        2:
        iban: DE67100100101306118605
      - transactions:
        0:
        iban: DE40100100103307118608
    - frequencyPerDay: 100
    - recurringIndicator: true
    - validUntil: 2017-11-01
- consentsExample_without_Accounts:
  - description: Consent request on account list or without indication of accounts.
  - value:
    - access:
      - balances:
      - transactions:
    - frequencyPerDay: 100
    - recurringIndicator: true
    - validUntil: 2017-11-01
- consentsInformationResponseExample:
  - description: Consent request on account list or without indication of accounts.
  - value:
    - _links:
      - account:
        href: /v1/accounts
    - access:
      - balances:
        0:
        iban: DE2310010010123456789
      - transactions:
        0:
        iban: DE2310010010123456789
    - consentStatus: valid
    - frequencyPerDay: 100
    - recurringIndicator: true
    - validUntil: 2017-11-01
- ibanExampleDe_01:
  - value: DE02100100109307118603
- ibanExampleDe_02:
  - value: DE23100120020123456789
- ibanExampleDe_03:
  - value: DE40100100103307118608
- ibanExampleDe_04:
  - value: DE67100100101306118605
- ibanExampleDe_05:
  - value: DE87200500001234567890
- ibanExampleFr_01:
  - value: FR7612345987650123456789014
- ibanExampleNl_01:
  - value: NL76RABO0359400371
- ibanExampleSe_01:
  - value: SE9412309876543211234567
- maskedPanExample:
  - value: 123456xxxxxx1234
- paymentInitiationCancelResponse-202:
  - value:
    - _links:
      - self:
        href: /v1/payments/123456scheduled789
      - startAuthorisation:
        href: /v1/payments/123456scheduled789/cancellation-authorisations
      - status:
        href: /v1/payments/123456scheduled789/status
    - transactionStatus: ACTC
- paymentInitiationExample_json_Decoupled:
  - description: Response in case of the decoupled approach with explicit start of authorisation needed
  - value:
    - _links:
      - self:
        href: /v1/payments/1234-wertiq-983
      - startAuthorisationWithPsuIdentification:
        href: /v1/payments/1234-wertiq-983/authorisations
    - paymentId: 1234-wertiq-983
    - transactionStatus: RCVD
- paymentInitiationExample_json_OAuth2:
  - description: Response in case of an OAuth2 SCA approach approach with implicitly creating an authorisation sub-resource
  - value:
    - _links:
      - scaOAuth:
        href: https://www.testbank.com/oauth/.well-known/oauth-authorization-server
      - scaStatus:
        href: /v1/payments/1234-wertiq-983/authorisations/123auth456
      - self:
        href: /v1/payments/1234-wertiq-983
      - status:
        href: /v1/payments/1234-wertiq-983/status
    - paymentId: 1234-wertiq-983
    - transactionStatus: RCVD
- paymentInitiationSctBody_bulk-payments_json:
  - value:
    - batchBookingPreferred: true
    - debtorAccount:
      - iban: DE40100100103307118608
    - paymentInformationId: my-bulk-identification-1234
    - payments:
      - 0:
        creditorAccount:
        iban: DE02100100109307118603
        creditorName: Merchant123
        instructedAmount":
        amount: 123.50
        currency: EUR
        remittanceInformationUnstructured: Ref Number Merchant 1
      - 1:
        creditorAccount:
        iban: FR7612345987650123456789014
        creditorName: Merchant456
        instructedAmount":
        amount: 34.10
        currency: EUR
        remittanceInformationUnstructured: Ref Number Merchant 2
    - requestedExecutionDate: 2018-08-01
- paymentInitiationSctBody_payments_json:
  - value:
    - creditorAccount:
      - iban: DE02100100109307118603
    - creditorName: Merchant123
    - debtorAccount:
      - iban: DE40100100103307118608
    - instructedAmount:
      - amount: 123.50
      - currency: EUR
    - remittanceInformationUnstructured: Ref Number Merchant
- paymentInitiationSctBody_periodic-payments_json:
  - value:
    - creditorAccount:
      - iban: DE23100120020123456789
    - creditorName: Merchant123
    - dayOfExecution: 01
    - debtorAccount:
      - iban: DE40100100103307118608
    - executionRule: preceding
    - frequency: Monthly
    - instructedAmount:
      - amount: 123
      - currency: EUR
    - remittanceInformationUnstructured: Ref Number Abonnement
    - startDate: 2018-03-01
- paymentInitiationStatusResponse_json_Extended:
  - value: { "transactionStatus": "ACCP", "scaStatus": "received" }
- paymentInitiationStatusResponse_json_Simple:
  - value:
    - transactionStatus: ACCP
- startScaProcessResponseExample1:
  - value:
    - _links:
      - scaStatus:
        href: /v1/payments/qwer3456tzui7890/authorisations/123auth456
    - authorisationId: 123auth456
    - psuMessage: Please use your BankApp for transaction Authorisation.
    - scaStatus: received
- transactionAuthorisationResponseExample:
  - description: Response of a Transaction Authorisation request for the embedded approach.
  - value:
    - scaStatus: finalised
- transactionDetailsExample:
  - description: Example for transaction details.
  - value:
    - transactionsDetails:
      - bankTransactionCode: PMNT-RDDT-ESDD
      - bookingDate: 2017-10-25
      - creditorAccount:
        iban: DE67100100101306118605
      - creditorName: John Miles
      - mandateId: Mandate-2018-04-20-1234
      - remittanceInformationUnstructured: Example 1
      - transactionAmount:
        amount: -256.67
        currency: EUR
      - transactionId: 1234567
      - valueDate: 2017-10-26
- transactionsExample1_RegularAccount_json:
  - description: Response in JSON format for an access on a regular account.
  - value:
    - account:
      - iban: DE2310010010123456788
    - transactions:
      - _links:
        account:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f
      - booked:
        0:
        bookingDate: 2017-10-25
        creditorAccount:
        iban: DE67100100101306118605
        creditorName: John Miles
        remittanceInformationUnstructured: Example 1
        transactionAmount:
        amount: 256.67
        currency: EUR
        transactionId: 1234567
        valueDate: 2017-10-26
        1:
        bookingDate: 2017-10-25
        debtorAccount:
        iban: NL76RABO0359400371
        debtorName: Paul Simpson
        remittanceInformationUnstructured: Example 2
        transactionAmount:
        amount: 343.01
        currency: EUR
        transactionId: 1234568
        valueDate: 2017-10-26
      - pending:
        0:
        creditorAccount:
        iban: FR7612345987650123456789014
        creditorName: Claude Renault
        remittanceInformationUnstructured: Example 3
        transactionAmount:
        amount: -100.03
        currency: EUR
        transactionId: 1234569
        valueDate: 2017-10-26
- transactionsExample2_paging_json:
  - description: Response in case of data paging.
  - value:
    - _links:
      - first:
        href: /v1/accounts/12345678991/transactions
      - last:
        href: /v1/accounts/12345678999/transactions
      - next:
        href: /v1/accounts/12345678995/transactions
      - previous:
        href: /v1/accounts/12345678993/transactions
- transactionsExample3_MulticurrencyAccount_json:
  - description: Response in JSON format for an access on a multicurrency account on aggregation level
  - value:
    - account:
      - iban: DE40100100103307118608
    - transactions:
      - _links:
        account:
        href: /v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f
      - booked:
        0:
        bookingDate: 2017-10-25
        creditorAccount:
        iban: DE67100100101306118605
        creditorName: John Miles
        remittanceInformationUnstructured: Example 1
        transactionAmount:
        amount: -256.67
        currency: EUR
        transactionId: 1234567
        valueDate: 2017-10-26
        1:
        bookingDate: 2017-10-25
        debtorAccount:
        iban: NL76RABO0359400371
        debtorName: Paul Simpson
        remittanceInformationUnstructured: Example 2
        transactionAmount:
        amount: 343.01
        currency: EUR
        transactionId: 1234568
        valueDate: 2017-10-26
        2:
        bookingDate: 2017-10-25
        debtorAccount:
        iban: SE9412309876543211234567
        debtorName: Pepe Martin
        remittanceInformationUnstructured: Example 3
        transactionAmount:
        amount: 100
        currency: USD
        transactionId: 1234569
        valueDate: 2017-10-26
      - pending:
        0:
        creditorAccount:
        iban: FR7612345987650123456789014
        creditorName: Claude Renault
        remittanceInformationUnstructured: Example 4
        transactionAmount:
        amount: -100.03
        currency: EUR
        transactionId: 1234570
        valueDate: 2017-10-26
- updatePsuIdentificationResponseExample_Decoupled_payments:
  - description: Response of an update PSU identification for a payment initiation request for the decoupled approach.
  - value:
    - _links:
      - scaStatus:
        href: /v1/payments/qwer3456tzui7890/authorisations/123auth456
    - psuMessage: Please use your BankApp for transaction Authorisation.
    - scatransactionStatus: psuIdentified
- uuidExample:
  - value: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
headers:
- ASPSP-Multiple-Consent-Support:
  - description: true if the ASPSP supports the Multiple Consent Service. false if the ASPSP does not support the Multiple Consent Service. If not provided, this also implies that the ASPSP does not support the Multiple Consent Service.
  - required: false
  - schema:
    - type: boolean
- ASPSP-Notification-Content:
  - description: The string has the form status=X1, …, Xn where Xi is one of the constants SCA, PROCESS, LAST and where constants are not repeated. The usage of the constants supports the following semantics SCA - Notification on every change of the scaStatus attribute for all related authorisation processes is provided by the ASPSP for the related resource. PROCESS - Notification on all changes of consentStatus or transactionStatus attributes is provided by the ASPSP for the related resource LAST - Notification on the last consentStatus or transactionStatus as available in the XS2A interface is provided by the ASPSP for the related resource. This field must be provided if the ASPSP-Notification-Support=true. The ASPSP might consider the notification content as preferred by the TPP, but can also respond independently of the preferred request
  - required: false
  - schema:
    - type: string
- ASPSP-Notification-Support:
  - description: true if the ASPSP supports resource status notification services. false if the ASPSP supports resource status notification in general, but not for the current request. Not used, if resource status notification services are generally not supported by the ASPSP. Shall be supported if the ASPSP supports resource status notification services.
  - required: false
  - schema:
    - type: boolean
- ASPSP-SCA-Approach:
  - description: This data element must be contained, if the SCA Approach is already fixed. Possible values are * DECOUPLED * REDIRECT The OAuth SCA approach will be subsumed by REDIRECT.
  - required: false
  - schema:
    - enum:
      - 0: DECOUPLED
      - 1: REDIRECT
    - example: REDIRECT
    - type: string
- Location:
  - description: Location of the created resource.
  - required: false
  - schema:
    - format: url
    - type: string
- X-Request-ID:
  - description: ID of the request, unique to the call, as determined by the initiating party.
  - example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
  - required: true
  - schema:
    - format: uuid
    - type: string
requestBodies:
- consents:
  - content:
    - application/json:
      - examples:
        Consent Request on Account List or without Indication of dedicated Accounts:
        $ref: #/x-components/examples/consentsExample_without_Accounts
        Consent Request on Dedicated Accounts:
        $ref: #/x-components/examples/consentsExample_DedicatedAccounts
        Consent on Account List of Available Accounts:
        $ref: #/x-components/examples/consentsExample_AccountList
      - schema:
        $ref: #/definitions/consents
  - description: Request body for a consents request.
- paymentInitiation:
  - content:
    - application/json:
      - examples:
        Example 1: 'payments' :
        $ref: #/x-components/examples/paymentInitiationSctBody_payments_json
        Example 2: 'periodic-payments' - 'masav:
        $ref: #/x-components/examples/paymentInitiationSctBody_periodic-payments_json
        Example 3: 'bulk-payments' - 'masav':
        $ref: #/x-components/examples/paymentInitiationSctBody_bulk-payments_json
      - schema:
        oneOf:
        0:
        $ref: #/definitions/paymentInitiation_json
        1:
        $ref: #/definitions/periodicPaymentInitiation_json
        2:
        $ref: #/definitions/bulkPaymentInitiation_json
  - description: JSON request body for a payment inition request message. There are the following payment-products supported: * "masav" with JSON-Body * "zahav" with JSON-Body * "FP" with JSON-Body There are the following payment-services supported: * "payments" * "bulk-payments" - optional * "periodic-payments" - optional All optional, conditional and predefined but not yet used fields are defined.

Support

Discuss this API in the forum

Endpoints

production

development

https://mtls-api.discountbank.co.il/prod/d

Paths

/accounts

Account Information Service (AIS)

Summary

Read account list

Description

Read the identifiers of the available payment account together with booking balance information, depending on the consent granted.

It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. The addressed list of accounts depends then on the PSU ID and the stored consent addressed by consentId, respectively the OAuth2 access token.

Returns all identifiers of the accounts, to which an account access has been granted to through the /consents endpoint by the PSU. In addition, relevant information about the accounts and hyperlinks to corresponding account information resources are provided if a related consent has been already granted.

Remark: Note that the /consents endpoint optionally offers to grant an access on all available payment accounts of a PSU. In this case, this endpoint will deliver the information about all available payment accounts of the PSU at this ASPSP. BOI-REMARK: TPP with PSP_IC role is authorised to much less details about accounts, all attributes that should be filtered are marked on schema AccountDetails.

Security

oauth2

(oauth2 accessCode)

Scopes

accounts-CACC

data account access

Client-Id

X-IBM-Client-Id

(apiKey located in header)

Parameters

withBalance

Optional in query

boolean

If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP.

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Digest

Required in header

string

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature

Optional in header

string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

TPP-Signature-Certificate

Optional in header

string

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

Consent-ID

Optional in header

string

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

{
    "maxLength": 512
}

PSU-IP-Address

Optional in header

string / ipv4

The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. It shall be contained if and only if this request was actively initiated by the PSU.

{
    "x-example": "192.168.8.78"
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device.

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

Optional in header

string

application/json

Responses

200

OK. In case, no account is accessible, the ASPSP shall return an empty array. As this is also considered a positive response, the Response code must still be 200.

accountList

400

Bad Request

Error400_NG_AIS

401

Unauthorized

Error401_NG_AIS

403

Forbidden

Error403_NG_AIS

404

Not found

Error404_NG_AIS

405

Method Not Allowed

Error405_NG_AIS

406

Not Acceptable

Error406_NG_AIS

408

Request Timeout

409

Conflict

Error409_NG_AIS

415

Unsupported Media Type

429

Too Many Requests

Error429_NG_AIS

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

GET https://mtls-api.discountbank.co.il/prod/d/psd2/business/accounts

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/accounts

Headers

X-Request-ID

Digest

Signature

TPP-Signature-Certificate

Consent-ID

PSU-IP-Address

PSU-IP-Port

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

Parameters

withBalance

Request

Response

/accounts/{account-id}

Account Information Service (AIS)

Summary

Read account details

Description

Reads details about an account, with balances where required. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. The addressed details of this account depends then on the stored consent addressed by consentId, respectively the OAuth2 access token.

NOTE: The account-id can represent a multicurrency account. In this case the currency code is set to "XXX".

Give detailed information about the addressed account.

Give detailed information about the addressed account together with balance information BOI-REMARK: TPP with PSP_IC role is authorised to much less details about accounts, all attributes that should be filtered are marked on schema AccountDetails.

Security

oauth2

(oauth2 accessCode)

Scopes

accounts-CACC

data account access

Parameters

account-id

Required in path

string

This identification is denoting the addressed (card) account. The account-id is retrieved by using a "Read Account List" or "Read Card Account list" call. The account-id is the "resourceId" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

withBalance

Optional in query

boolean

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Digest

Required in header

string

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature

Required in header

string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

{
    "x-example": "keyId=\"SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE\",algorithm=\"rsa-sha256\", headers=\"Digest X-Request-ID PSU-ID TPP-Redirect-URI Date\", signature=\"Base64(RSA-SHA256(signing string))\"\n"
}

TPP-Signature-Certificate

Required in header

string / byte

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

Consent-ID

Required in header

string

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

{
    "maxLength": 512
}

PSU-IP-Address

Optional in header

string / ipv4

{
    "x-example": "192.168.8.78"
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

Optional in header

string

application/json

Responses

200

{
    "headers": {
        "X-Request-ID": {
            "description": "ID of the request, unique to the call, as determined by the initiating party.",
            "type": "string"
        }
    },
    "schema": {
        "properties": {
            "account": {
                "$ref": "#\/definitions\/accountDetails"
            }
        },
        "required": [
            "account"
        ],
        "type": "object"
    }
}

400

Bad Request

Error400_NG_AIS

401

Unauthorized

Error401_NG_AIS

403

Forbidden

Error403_NG_AIS

404

Not found

Error404_NG_AIS

405

Method Not Allowed

Error405_NG_AIS

406

Not Acceptable

Error406_NG_AIS

408

Request Timeout

409

Conflict

Error409_NG_AIS

415

Unsupported Media Type

429

Too Many Requests

Error429_NG_AIS

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

GET https://mtls-api.discountbank.co.il/prod/d/psd2/business/accounts/{account-id}

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/accounts/{account-id}

Headers

X-Request-ID

Digest

Signature

TPP-Signature-Certificate

Consent-ID

PSU-IP-Address

PSU-IP-Port

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

Parameters

account-id

withBalance

Request

Response

/accounts/{account-id}/balances

Account Information Service (AIS)

Summary

Read balance

Description

Reads account data from a given account addressed by "account-id".

Remark: This account-id can be a tokenised identification due to data protection reason since the path information might be logged on intermediary servers within the ASPSP sphere. This account-id then can be retrieved by the "Get account list" call.

The account-id is constant at least throughout the lifecycle of a given consent.

Security

oauth2

(oauth2 accessCode)

Scopes

balances-CACC

data balances

Parameters

account-id

Required in path

string

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Digest

Required in header

string

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature

Required in header

string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

{
    "x-example": "keyId=\"SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE\",algorithm=\"rsa-sha256\", headers=\"Digest X-Request-ID PSU-ID TPP-Redirect-URI Date\", signature=\"Base64(RSA-SHA256(signing string))\"\n"
}

TPP-Signature-Certificate

Required in header

string / byte

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

Consent-ID

Required in header

string

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

{
    "maxLength": 512
}

PSU-IP-Address

Optional in header

string / ipv4

{
    "x-example": "192.168.8.78"
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

Optional in header

string

application/json

Responses

200

readAccountBalanceResponse-200

400

Bad Request

Error400_NG_AIS

401

Unauthorized

Error401_NG_AIS

403

Forbidden

Error403_NG_AIS

404

Not found

Error404_NG_AIS

405

Method Not Allowed

Error405_NG_AIS

406

Not Acceptable

Error406_NG_AIS

408

Request Timeout

409

Conflict

Error409_NG_AIS

415

Unsupported Media Type

429

Too Many Requests

Error429_NG_AIS

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

GET https://mtls-api.discountbank.co.il/prod/d/psd2/business/accounts/{account-id}/balances

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/accounts/{account-id}/balances

Headers

X-Request-ID

Digest

Signature

TPP-Signature-Certificate

Consent-ID

PSU-IP-Address

PSU-IP-Port

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

Parameters

account-id

Request

Response

/accounts/{account-id}/transactions

Account Information Service (AIS)

Summary

Read transaction list of an account

Description

Read transaction reports or transaction lists of a given account ddressed by "account-id", depending on the steering parameter "bookingStatus" together with balances.

For a given account, additional parameters are e.g. the attributes "dateFrom" and "dateTo". The ASPSP might add balance information, if transaction lists without balances are not supported.

Security

oauth2

(oauth2 accessCode)

Scopes

transactions-CACC

data transactions

Parameters

account-id

Required in path

string

dateFrom

Required in query

string / date

Conditional: Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required and if bookingStatus does not equal "information".

For booked transactions, the relevant date is the booking date.

For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP. BOI remarks: the minimum value can be at least 12 month prior to "now". In case of exception from the minimum value the response will be only for the minimum period.

dateTo

Optional in query

string / date

End date (inclusive the data dateTo) of the transaction list, default is "now" if not given.

Might be ignored if a delta function is used.

For booked transactions, the relevant date is the booking date.

For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP. BOI-REMARK: ASPSP must support this option for account-id/transactions

entryReferenceFrom

Optional in query

string

This data attribute is indicating that the AISP is in favour to get all transactions after the transaction with identification entryReferenceFrom alternatively to the above defined period. This is a implementation of a delta access. If this data element is contained, the entries "dateFrom" and "dateTo" might be ignored by the ASPSP if a delta report is supported.

Optional if supported by API provider.

bookingStatus

Required in query

string

Permitted codes are

"booked",
"pending",
"both",
"information" and
"all" "booked" shall be supported by the ASPSP. To support the "pending" and "both" feature is optional for the ASPSP, Error code if not supported in the online banking frontend. If supported, "both" means to request transaction reports of transaction of bookingStatus either "pending" or "booked". To support the "information" feature is optional for the ASPSP. Currently the booking status “information” only covers standing orders. Error code if not supported. To support the "all" feature is optional for the ASPSP, Error code if not supported. If supported, "all" means to request transaction reports of transaction of any bookingStatus ("pending", "booked" or "information").

{
    "enum": [
        "information",
        "booked",
        "pending",
        "both",
        "all"
    ]
}

deltaList

Optional in query

boolean

This data attribute is indicating that the AISP is in favour to get all transactions after the last report access for this PSU on the addressed account. This is another implementation of a delta access-report. This delta indicator might be rejected by the ASPSP if this function is not supported. Optional if supported by API provider

withBalance

Optional in query

boolean

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Digest

Required in header

string

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature

Required in header

string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

{
    "x-example": "keyId=\"SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE\",algorithm=\"rsa-sha256\", headers=\"Digest X-Request-ID PSU-ID TPP-Redirect-URI Date\", signature=\"Base64(RSA-SHA256(signing string))\"\n"
}

TPP-Signature-Certificate

Required in header

string / byte

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

Consent-ID

Required in header

string

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

{
    "maxLength": 512
}

PSU-IP-Address

Optional in header

string / ipv4

{
    "x-example": "192.168.8.78"
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

Optional in header

string

application/json

Responses

200

transactionsResponse-200_json

400

Bad Request

Error400_NG_AIS

401

Unauthorized

Error401_NG_AIS

403

Forbidden

Error403_NG_AIS

404

Not found

Error404_NG_AIS

405

Method Not Allowed

Error405_NG_AIS

406

Not Acceptable

Error406_NG_AIS

408

Request Timeout

409

Conflict

Error409_NG_AIS

415

Unsupported Media Type

429

Too Many Requests

Error429_NG_AIS

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

GET https://mtls-api.discountbank.co.il/prod/d/psd2/business/accounts/{account-id}/transactions

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/accounts/{account-id}/transactions

Headers

X-Request-ID

Digest

Signature

TPP-Signature-Certificate

Consent-ID

PSU-IP-Address

PSU-IP-Port

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

Parameters

account-id

dateFrom

dateTo

entryReferenceFrom

bookingStatus

deltaList

withBalance

Request

Response

/consents

Account Information Service (AIS)

Summary

Create consent

Description

This method create a consent resource, defining access rights to dedicated accounts of a given PSU-ID. These accounts are addressed explicitly in the method as parameters as a core function.

Side Effects When this consent request is a request where the "recurringIndicator" equals "true", and if it exists already a former consent for recurring access on account information for the addressed PSU, then the former consent automatically expires as soon as the new consent request is authorised by the PSU.

BOI-REMARK: BOI is differentiating ASPSPs in the role of banks and of credit card processors. For banks, the detailed consent will differentiate between payment accounts and card accounts- payment accounts are addressed by the IBAN as offered in the generic NextGenPSD2 standard. If card related information is also addressed, the TPP shall not use PANs of a credit card. The TPP may use the IBAN with the additional cashAccountType "CARD". When card related information is addressed the meaning is that the consent is given to all credit cards related to the same IBAN. For credit card processors, all cards which are to be consented for account information need to be addressed by maskedPANs specificlly in the Detailed Consent Model. Credit card processors are mandated to offer in addition the Bank Offered Consent Model, i.e. in a first (or follow up) consent request, the TPP can let the PSU choose all cards to be addressed during authorisation on the ASPSP authorisation page. The TPP will retrieve the maskedPANs of all related cards in the GET /card-accounts/… calls.

Optional Extension: As an option, an ASPSP might optionally accept a specific access right on the access on all PSD2 related services for all available accounts.

As another option an ASPSP might optionally also accept a command, where only access rights are inserted without mentioning the addressed account. The relation to accounts is then handled afterwards between PSU and ASPSP. This option is not supported for the Embedded SCA Approach. As a last option, an ASPSP might in addition accept a command with access rights

to see the list of available payment accounts or
to see the list of available payment accounts with balances.

Security

Parameters

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Digest

Required in header

string

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature

Required in header

string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

{
    "x-example": "keyId=\"SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE\",algorithm=\"rsa-sha256\", headers=\"Digest X-Request-ID PSU-ID TPP-Redirect-URI Date\", signature=\"Base64(RSA-SHA256(signing string))\"\n"
}

TPP-Signature-Certificate

Required in header

string / byte

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-ID

Required in header

string

BOI-REMARK - The PSU id number or passport number. Possible values are:

ID = only digits.
Passport = 2 characters ISO 3166 country code + '-' + Passport number.

{
    "pattern": "^([0-9]{9}|[A-Za-z]{2}-([A-Za-z0-9]){1,16})$",
    "x-example": "IL-12345678945"
}

PSU-ID-Type

Optional in header

string

BOI-REMARK - Specific brands or channels of the ASPSP only in case there is more than one. Possible values should be found in ASPSP's documentation and get approved in advance by BOI.

{
    "maxLength": 512
}

PSU-Corporate-ID

Optional in header

string

Might be mandated in the ASPSP's documentation. Only used in a corporate context.

{
    "pattern": "^[A-Z]{2}[-]\\d{9,10}|\\d{9,10}$"
}

PSU-Corporate-ID-Type

Optional in header

string

Might be mandated in the ASPSP's documentation. Only used in a corporate context.

{
    "maxLength": 512
}

TPP-Redirect-Preferred

Optional in header

boolean

BOI-REMARK- If it equals "false" , the ASPSP has to choose Decoupled SCA approach if supported by the ASPSP for the related PSU, because Embedded does not supported. ASPSP not supporting Decoupled SCA approach can ignore this attribute.

TPP-Decoupled-Preferred

Optional in header

boolean

If it equals "true", the TPP prefers a decoupled SCA approach. If it equals "false", the TPP prefers not to use the decoupled approach for SCA. The ASPSP will then choose between the embedded or the redirect SCA approach, depending on the choice of the SCA procedure by the TPP/PSU. If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the parameter TPP-Redirect-Preferred and the SCA method chosen by the TPP/PSU. The parameter might be ignored by the ASPSP. If both parameters TPP-Redirect-Preferred and TPP-Decoupled-Preferred are present and true, the request is still not rejected, but it is up to the ASPSP, which approach will actually be used.

Remark for Future: TPP-Redirect-Preferred and TPP-Decoupled-Preferred will be revised in future versions, maybe merged. Currently kept separate for downward compatibility.

TPP-Redirect-URI

Optional in header

string / uri

URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true". It is recommended to always use this header field.

Remark for Future: This field might be changed to mandatory in the next version of the specification.

{
    "maxLength": 2048
}

TPP-Nok-Redirect-URI

Optional in header

string / uri

If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method. This might be ignored by the ASPSP.

{
    "maxLength": 2048
}

TPP-Explicit-Authorisation-Preferred

Optional in header

boolean

If it equals "true", the TPP prefers to start the authorisation process separately, e.g. because of the usage of a signing basket. This preference might be ignored by the ASPSP, if a signing basket is not supported as functionality.

If it equals "false" or if the parameter is not used, there is no preference of the TPP. This especially indicates that the TPP assumes a direct authorisation of the transaction in the next step, without using a signing basket.

TPP-Brand-Logging-Information

Optional in header

string

This header might be used by TPPs to inform the ASPSP about the brand used by the TPP towards the PSU. This information is meant for logging entries to enhance communication between ASPSP and PSU or ASPSP and TPP. This header might be ignored by the ASPSP.

TPP-Notification-URI

Required in header

string / uri

URI for the Endpoint of the TPP-API to which the status of the consent status should be sent.

For security reasons, it shall be ensured that the TPP-Notification-URI as introduced above is secured by the TPP eIDAS QWAC used for identification of the TPP. The following applies:

URIs which are provided by TPPs in TPP-Notification-URI shall comply with the domain secured by the eIDAS QWAC certificate of the TPP in the field CN or SubjectAltName of the certificate. Please note that in case of example-TPP.com as certificate entry TPP- Notification-URI like www.example-TPP.com/xs2a-client/v1/ASPSPidentifcation/mytransaction- id/notifications or notifications.example-TPP.com/xs2a-client/v1/ASPSPidentifcation/mytransaction- id/notifications would be compliant.

Wildcard definitions shall be taken into account for compliance checks by the ASPSP. ASPSPs may respond with ASPSP-Notification-Support set to false, if the provided URIs do not comply.

{
    "maxLength": 2048
}

TPP-Notification-Content-Preferred

Optional in header

string

The string has the form

status=X1, ..., Xn

where Xi is one of the constants SCA, PROCESS, LAST and where constants are not repeated. The usage of the constants supports the of following semantics:

SCA: A notification on every change of the scaStatus attribute for all related authorisation processes is preferred by the TPP.

PROCESS: A notification on all changes of consentStatus or transactionStatus attributes is preferred by the TPP. LAST: Only a notification on the last consentStatus or transactionStatus as available in the XS2A interface is preferred by the TPP.

This header field may be ignored, if the ASPSP does not support resource notification services for the related TPP.

{
    "maxLength": 2048
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-IP-Address

Required in header

string / ipv4

The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request.

{
    "x-example": "192.168.8.78"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

body

Optional in body

object

Request body for a consents request.

consents

Content-Type

Optional in header

string

application/json

Optional in header

string

application/json

Responses

201

Created

consentsResponse-201

400

Bad Request

Error400_NG_AIS

401

Unauthorized

Error401_NG_AIS

403

Forbidden

Error403_NG_AIS

404

Not found

Error404_NG_AIS

405

Method Not Allowed

Error405_NG_AIS

406

Not Acceptable

Error406_NG_AIS

408

Request Timeout

409

Conflict

Error409_NG_AIS

415

Unsupported Media Type

429

Too Many Requests

Error429_NG_AIS

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

POST https://mtls-api.discountbank.co.il/prod/d/psd2/business/consents

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/consents

Body

Headers

content-type

X-Request-ID

Digest

Signature

TPP-Signature-Certificate

PSU-ID

PSU-ID-Type

PSU-Corporate-ID

PSU-Corporate-ID-Type

TPP-Redirect-Preferred

TPP-Decoupled-Preferred

TPP-Redirect-URI

TPP-Nok-Redirect-URI

TPP-Explicit-Authorisation-Preferred

TPP-Brand-Logging-Information

TPP-Notification-URI

TPP-Notification-Content-Preferred

PSU-IP-Port

PSU-IP-Address

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

Request

Response

/consents/{consentId}

Account Information Service (AIS)

Summary

Delete consent

Description

The TPP can delete an account information consent object if needed.

Security

Parameters

consentId

Required in path

string

ID of the corresponding consent object as returned by an account information consent request.

{
    "maxLength": 512
}

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Digest

Required in header

string

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature

Required in header

string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

{
    "x-example": "keyId=\"SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE\",algorithm=\"rsa-sha256\", headers=\"Digest X-Request-ID PSU-ID TPP-Redirect-URI Date\", signature=\"Base64(RSA-SHA256(signing string))\"\n"
}

TPP-Signature-Certificate

Required in header

string / byte

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-IP-Address

Optional in header

string / ipv4

{
    "x-example": "192.168.8.78"
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

Optional in header

string

application/json

Responses

204

No Content

400

Bad Request

Error400_NG_AIS

401

Unauthorized

Error401_NG_AIS

403

Forbidden

Error403_NG_AIS

404

Not found

Error404_NG_AIS

405

Method Not Allowed

Error405_NG_AIS

406

Not Acceptable

Error406_NG_AIS

408

Request Timeout

409

Conflict

Error409_NG_AIS

415

Unsupported Media Type

429

Too Many Requests

Error429_NG_AIS

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

DELETE https://mtls-api.discountbank.co.il/prod/d/psd2/business/consents/{consentId}

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/consents/{consentId}

Headers

X-Request-ID

Digest

Signature

TPP-Signature-Certificate

PSU-IP-Address

PSU-IP-Port

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

Parameters

consentId

Request

Response

Account Information Service (AIS)

Summary

Get consent request

Description

Returns the content of an account information consent object. This is returning the data for the TPP especially in cases, where the consent was directly managed between ASPSP and PSU e.g. in a redirect SCA Approach.

Security

oauth2

(oauth2 accessCode)

Scopes

consents

/consents/{consentId}

Parameters

consentId

Required in path

string

ID of the corresponding consent object as returned by an account information consent request.

{
    "maxLength": 512
}

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Digest

Required in header

string

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature

Required in header

string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

{
    "x-example": "keyId=\"SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE\",algorithm=\"rsa-sha256\", headers=\"Digest X-Request-ID PSU-ID TPP-Redirect-URI Date\", signature=\"Base64(RSA-SHA256(signing string))\"\n"
}

TPP-Signature-Certificate

Required in header

string / byte

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-IP-Address

Optional in header

string / ipv4

{
    "x-example": "192.168.8.78"
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

Optional in header

string

application/json

Responses

200

consentInformationResponse-200_json

400

Bad Request

Error400_NG_AIS

401

Unauthorized

Error401_NG_AIS

403

Forbidden

Error403_NG_AIS

404

Not found

Error404_NG_AIS

405

Method Not Allowed

Error405_NG_AIS

406

Not Acceptable

Error406_NG_AIS

408

Request Timeout

409

Conflict

Error409_NG_AIS

415

Unsupported Media Type

429

Too Many Requests

Error429_NG_AIS

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

GET https://mtls-api.discountbank.co.il/prod/d/psd2/business/consents/{consentId}

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/consents/{consentId}

Headers

X-Request-ID

Digest

Signature

TPP-Signature-Certificate

PSU-IP-Address

PSU-IP-Port

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

Parameters

consentId

Request

Response

/consents/{consentId}/status

Account Information Service (AIS)

Summary

Consent status request

Description

Read the status of an account information consent resource.

Security

Parameters

consentId

Required in path

string

ID of the corresponding consent object as returned by an account information consent request.

{
    "maxLength": 512
}

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Digest

Required in header

string

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature

Required in header

string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

{
    "x-example": "keyId=\"SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE\",algorithm=\"rsa-sha256\", headers=\"Digest X-Request-ID PSU-ID TPP-Redirect-URI Date\", signature=\"Base64(RSA-SHA256(signing string))\"\n"
}

TPP-Signature-Certificate

Required in header

string / byte

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-IP-Address

Optional in header

string / ipv4

{
    "x-example": "192.168.8.78"
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

Optional in header

string

application/json

Responses

200

consentStatusResponse-200

400

Bad Request

Error400_NG_AIS

401

Unauthorized

Error401_NG_AIS

403

Forbidden

Error403_NG_AIS

404

Not found

Error404_NG_AIS

405

Method Not Allowed

Error405_NG_AIS

406

Not Acceptable

Error406_NG_AIS

408

Request Timeout

409

Conflict

Error409_NG_AIS

415

Unsupported Media Type

429

Too Many Requests

Error429_NG_AIS

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

GET https://mtls-api.discountbank.co.il/prod/d/psd2/business/consents/{consentId}/status

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/consents/{consentId}/status

Headers

X-Request-ID

Digest

Signature

TPP-Signature-Certificate

PSU-IP-Address

PSU-IP-Port

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

Parameters

consentId

Request

Response

/payments/{payment-product}/{paymentId}

Payment Initiation Service (PIS)

Summary

Get payment information

Description

Returns the content of a payment object

Security

Client-Id

X-IBM-Client-Id

(apiKey located in header)

oauth2

(oauth2 accessCode)

Scopes

payments

Parameters

payment-product

Required in path

string

The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The following payment products are supported:

"masav"
"zahav"
"fp"

Remark: For all SEPA Credit Transfer based endpoints which accept XML encoding, the XML pain.001 schemes provided by EPC are supported by the ASPSP as a minimum for the body content. Further XML schemes might be supported by some communities.

Remark: For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.

{
    "enum": [
        "masav",
        "zahav",
        "fp"
    ]
}

paymentId

Required in path

string

Resource identification of the generated payment initiation resource.

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Digest

Optional in header

string

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature

Optional in header

string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

{
    "x-example": "keyId=\"SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE\",algorithm=\"rsa-sha256\", headers=\"Digest X-Request-ID PSU-ID TPP-Redirect-URI Date\", signature=\"Base64(RSA-SHA256(signing string))\"\n"
}

TPP-Signature-Certificate

Optional in header

string / byte

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-IP-Address

Optional in header

string / ipv4

The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.

{
    "x-example": "192.168.8.78"
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

content-authorization

Optional in header

string

signed JWT with the required claims

Authorization

Required in header

string

token

Optional in header

string

application/json

Responses

200

400

Bad Request

Error400_NG_PIS

401

Unauthorized

Error401_NG_PIS

403

Forbidden

Error403_NG_PIS

404

Not found

Error404_NG_PIS

405

Method Not Allowed

Error405_NG_PIS

406

Not Acceptable

408

Request Timeout

409

Conflict

Error409_NG_PIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

GET https://mtls-api.discountbank.co.il/prod/d/psd2/business/payments/{payment-product}/{paymentId}

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/payments/{payment-product}/{paymentId}

Headers

X-Request-ID

Digest

Signature

TPP-Signature-Certificate

PSU-IP-Address

PSU-IP-Port

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

content-authorization

Authorization

Parameters

payment-product

paymentId

Request

Response

/payments/{payment-product}/{paymentId}/status

Payment Initiation Service (PIS)

Summary

Payment initiation status request

Description

Check the transaction status of a payment initiation.

Security

Client-Id

X-IBM-Client-Id

(apiKey located in header)

Parameters

payment-product

Required in path

string

The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The following payment products are supported:

"masav"
"zahav"
"fp"

Remark: For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.

{
    "enum": [
        "masav",
        "zahav",
        "fp"
    ]
}

paymentId

Required in path

string

Resource identification of the generated payment initiation resource.

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Digest

Optional in header

string

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature

Optional in header

string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

{
    "x-example": "keyId=\"SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE\",algorithm=\"rsa-sha256\", headers=\"Digest X-Request-ID PSU-ID TPP-Redirect-URI Date\", signature=\"Base64(RSA-SHA256(signing string))\"\n"
}

TPP-Signature-Certificate

Optional in header

string / byte

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-IP-Address

Optional in header

string / ipv4

The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.

{
    "x-example": "192.168.8.78"
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

content-authorization

Optional in header

string

signed JWT with the required claims

Optional in header

string

application/json

Responses

200

paymentInitiationStatusResponse-200_json

400

Bad Request

Error400_NG_PIS

401

Unauthorized

Error401_NG_PIS

403

Forbidden

Error403_NG_PIS

404

Not found

Error404_NG_PIS

405

Method Not Allowed

Error405_NG_PIS

406

Not Acceptable

408

Request Timeout

409

Conflict

Error409_NG_PIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

GET https://mtls-api.discountbank.co.il/prod/d/psd2/business/payments/{payment-product}/{paymentId}/status

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/payments/{payment-product}/{paymentId}/status

Headers

X-Request-ID

Digest

Signature

TPP-Signature-Certificate

PSU-IP-Address

PSU-IP-Port

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

content-authorization

Parameters

payment-product

paymentId

Request

Response

/payments/{payment-product}

Payment Initiation Service (PIS)

Summary

Payment initiation request

Description

This method is used to initiate a payment at the ASPSP.

Variants of payment initiation requests

This method to initiate a payment initiation at the ASPSP can be sent with JSON body .

There are the following payment products:

Payment products with payment information in JSON format:
- masav
- zahav
- FP

Furthermore the request body depends on the payment-service:

payments: A single payment initiation request.
bulk-payments: A collection of several payment initiation requests.

In case of a pain.001 message there are more than one payments contained in the *pain.001 message.

In case of a JSON there are several JSON payment blocks contained in a joining list.
periodic-payments: Create a standing order initiation resource for recurrent i.e. periodic payments addressable under {paymentId} with all data relevant for the corresponding payment product and the execution of the standing order contained in a JSON body.

This is the first step in the API to initiate the related recurring/periodic payment.

BOI-REMARK : Multilevel SCA Approach does not supported.

The Payment Initiation Requests are independent from the need of one or multilevel

Single and mulitilevel SCA Processes

The payment initiation requests are independent from the need of one or multilevel SCA processing, i.e. independent from the number of authorisations needed for the execution of payments.

But the response messages are specific to either one SCA processing or multilevel SCA processing.

For payment initiation with multilevel SCA, this specification requires an explicit start of the authorisation, i.e. links directly associated with SCA processing like 'scaRedirect' or 'scaOAuth' cannot be contained in the response message of a Payment Initation Request for a payment, where multiple authorisations are needed. Also if any data is needed for the next action, like selecting an SCA method is not supported in the response, since all starts of the multiple authorisations are fully equal. In these cases, first an authorisation sub-resource has to be generated following the 'startAuthorisation' link.

Security

Client-Id

X-IBM-Client-Id

(apiKey located in header)

Parameters

payment-product

Required in path

string

The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The ASPSP will publish which of the payment products/endpoints will be supported.

The following payment products are supported:

"masav"
"zahav"
"fp"

Remark: For cross-border and TARGET-2 payments only community wide pain.001 schemes do exist. There are plenty of country specificic scheme variants.

{
    "enum": [
        "masav",
        "zahav",
        "fp"
    ]
}

X-Request-ID

Required in header

string / uuid

ID of the request, unique to the call, as determined by the initiating party.

Content-Authorization

Required in header

string

signed JWT with the required claims

PSU-ID

Required in header

string

BOI-REMARK - The PSU id number or passport number. Possible values are:

ID = only digits.
Passport = 2 characters ISO 3166 country code + '-' + Passport number.

{
    "pattern": "^([0-9]{9}|[A-Za-z]{2}-([A-Za-z0-9]){1,16})$",
    "x-example": "IL-12345678945"
}

PSU-ID-Type

Optional in header

string

BOI-REMARK - Specific brands or channels of the ASPSP only in case there is more than one. Possible values should be found in ASPSP's documentation and get approved in advance by BOI.

{
    "maxLength": 512
}

Consent-ID

Optional in header

string

This data element may be contained, if the payment initiation transaction is part of a session, i.e. combined AIS/PIS service. This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

{
    "maxLength": 512
}

PSU-IP-Address

Optional in header

string / ipv4

{
    "x-example": "192.168.8.78"
}

TPP-Redirect-Preferred

Optional in header

boolean

TPP-Decoupled-Preferred

Optional in header

boolean

Remark for Future: TPP-Redirect-Preferred and TPP-Decoupled-Preferred will be revised in future versions, maybe merged. Currently kept separate for downward compatibility.

TPP-Redirect-URI

Optional in header

string / uri

URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true". It is recommended to always use this header field.

Remark for Future: This field might be changed to mandatory in the next version of the specification.

{
    "maxLength": 2048
}

TPP-Nok-Redirect-URI

Optional in header

string / uri

{
    "maxLength": 2048
}

TPP-Explicit-Authorisation-Preferred

Optional in header

boolean

TPP-Rejection-NoFunds-Preferred

Optional in header

boolean

If it equals "true" then the TPP prefers a rejection of the payment initiation in case the ASPSP is providing an integrated confirmation of funds request an the result of this is that not sufficient funds are available.

If it equals "false" then the TPP prefers that the ASPSP is dealing with the payment initiation like in the ASPSPs online channel, potentially waiting for a certain time period for funds to arrive to initiate the payment.

This parameter might be ignored by the ASPSP.

TPP-Brand-Logging-Information

Optional in header

string

TPP-Notification-URI

Optional in header

string / uri

URI for the Endpoint of the TPP-API to which the status of the payment initiation should be sent. This header field may by ignored by the ASPSP.

For security reasons, it shall be ensured that the TPP-Notification-URI as introduced above is secured by the TPP eIDAS QWAC used for identification of the TPP. The following applies:

Wildcard definitions shall be taken into account for compliance checks by the ASPSP. ASPSPs may respond with ASPSP-Notification-Support set to false, if the provided URIs do not comply.

{
    "maxLength": 2048
}

TPP-Notification-Content-Preferred

Optional in header

string

The string has the form

status=X1, ..., Xn

where Xi is one of the constants SCA, PROCESS, LAST and where constants are not repeated. The usage of the constants supports the of following semantics:

SCA: A notification on every change of the scaStatus attribute for all related authorisation processes is preferred by the TPP.

This header field may be ignored, if the ASPSP does not support resource notification services for the related TPP.

{
    "maxLength": 2048
}

PSU-IP-Port

Optional in header

string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

{
    "maxLength": 5,
    "x-example": "1234"
}

PSU-Accept

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Charset

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Encoding

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Accept-Language

Optional in header

string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-User-Agent

Optional in header

string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

{
    "maxLength": 1024
}

PSU-Http-Method

Optional in header

string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

GET
POST
PUT
PATCH
DELETE

{
    "enum": [
        "GET",
        "POST",
        "PUT",
        "PATCH",
        "DELETE"
    ]
}

PSU-Device-ID

Optional in header

string / uuid

{
    "x-example": "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
}

PSU-Geo-Location

Optional in header

string

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

{
    "pattern": "^GEO:-?[0-9]{1,2}\\.[0-9]{6};-?[0-9]{1,3}\\.[0-9]{6}$",
    "x-example": "GEO:52.506931;13.144558"
}

body

Required in body

object

JSON request body for a payment inition request message.

There are the following payment-products supported:

"masav" with JSON-Body
"zahav" with JSON-Body
"FP" with JSON-Body

There are the following payment-services supported:

"payments"
"bulk-payments" - optional
"periodic-payments" - optional

All optional, conditional and predefined but not yet used fields are defined.

paymentInitiation_json

Content-Type

Optional in header

string

application/json

Optional in header

string

application/json

Responses

201

CREATED

paymentInitationRequestResponse-201

400

Bad Request

Error400_NG_PIS

401

Unauthorized

Error401_NG_PIS

403

Forbidden

Error403_NG_PIS

404

Not found

Error404_NG_PIS

405

Method Not Allowed

Error405_NG_PIS

406

Not Acceptable

408

Request Timeout

409

Conflict

Error409_NG_PIS

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

Example Request

Example Response

Definition

POST https://mtls-api.discountbank.co.il/prod/d/psd2/business/payments/{payment-product}

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/payments/{payment-product}

Body

Headers

content-type

X-Request-ID

Content-Authorization

PSU-ID

PSU-ID-Type

Consent-ID

PSU-IP-Address

TPP-Redirect-Preferred

TPP-Decoupled-Preferred

TPP-Redirect-URI

TPP-Nok-Redirect-URI

TPP-Explicit-Authorisation-Preferred

TPP-Rejection-NoFunds-Preferred

TPP-Brand-Logging-Information

TPP-Notification-URI

TPP-Notification-Content-Preferred

PSU-IP-Port

PSU-Accept

PSU-Accept-Charset

PSU-Accept-Encoding

PSU-Accept-Language

PSU-User-Agent

PSU-Http-Method

PSU-Device-ID

PSU-Geo-Location

Parameters

payment-product

Request

Response

/oauth/consents/.well-known/oauth-authorization-server

Summary

OAuth2 Location

Description

The link where the configuration of the OAuth2 Server is defined.

Security

Client-Id

X-IBM-Client-Id

(apiKey located in header)

Parameters

Digest

Optional in header

string

This field is not verified

Signature

Optional in header

string

A signature of the request by the TPP on application level. This field is not verified.

tpp-signature-certificate

Optional in header

string

The certificate used for signing the request, in base64 encoding. The certificate is eIDAS Qseal certificate must contain the same O + OU that exsists in the eIDAS Qwac certificate.

Optional in header

string

application/json

Responses

200

200 OK

well-known-response

Example Request

Example Response

Definition

GET https://mtls-api.discountbank.co.il/prod/d/psd2/business/oauth/consents/.well-known/oauth-authorization-server

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/oauth/consents/.well-known/oauth-authorization-server

Headers

Digest

Signature

tpp-signature-certificate

Request

Response

/oauth/payments/.well-known/oauth-authorization-server

Security

Client-Id

X-IBM-Client-Id

(apiKey located in header)

Parameters

TPP-Signature-Certificate

Required in header

string

The certificate used for signing the request, in base64 encoding. The certificate is eIDAS Qseal certificate must contain the same O + OU that exsists in the eIDAS Qwac certificate.

Optional in header

string

application/json

Responses

200

200 OK

well-known-payment-response

Example Request

Example Response

Definition

GET https://mtls-api.discountbank.co.il/prod/d/psd2/business/oauth/payments/.well-known/oauth-authorization-server

Response

Try this operation

https://mtls-api.discountbank.co.il/prod/d/psd2/business/oauth/payments/.well-known/oauth-authorization-server

Headers

TPP-Signature-Certificate

Request

Response

Definitions

EntryDetailsElement

{
    "properties": {
        "checkId": {
            "description": "Identification of a Cheque.",
            "maxLength": 35,
            "type": "string"
        },
        "creditorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "creditorAgent": {
            "$ref": "#\/definitions\/bicfi"
        },
        "creditorId": {
            "$ref": "#\/definitions\/creditorId"
        },
        "creditorName": {
            "$ref": "#\/definitions\/creditorName"
        },
        "currencyExchange": {
            "$ref": "#\/definitions\/reportExchangeRateList"
        },
        "debtorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "debtorAgent": {
            "$ref": "#\/definitions\/bicfi"
        },
        "debtorName": {
            "$ref": "#\/definitions\/debtorName"
        },
        "endToEndId": {
            "description": "Unique end to end identity.",
            "maxLength": 35,
            "type": "string"
        },
        "mandateId": {
            "description": "Identification of Mandates, e.g. a SEPA Mandate ID.",
            "maxLength": 35,
            "type": "string"
        },
        "purposeCode": {
            "$ref": "#\/definitions\/purposeCode"
        },
        "remittanceInformationUnstructured": {
            "$ref": "#\/definitions\/remittanceInformationUnstructured"
        },
        "remittanceInformationUnstructuredArray": {
            "$ref": "#\/definitions\/remittanceInformationUnstructuredArray"
        },
        "transactionAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "ultimateCreditor": {
            "$ref": "#\/definitions\/ultimateCreditor"
        },
        "ultimateDebtor": {
            "$ref": "#\/definitions\/ultimateDebtor"
        }
    },
    "required": [
        "transactionAmount"
    ],
    "type": "object"
}

Error400_AIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 400 for AIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode400_AIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode400_AIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error400_NG_AIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 400.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage400_AIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error400_NG_PIIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 400.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage400_PIIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error400_NG_PIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 400.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage400_PIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error400_NG_SBS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 400.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage400_SBS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error400_PIIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 400 for PIIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode400_PIIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode400_PIIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error400_PIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 400 for PIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode400_PIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode400_PIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error400_SBS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 400 for signing baskets.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode400_SBS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode400_SBS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error401_AIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 401 for AIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode401_AIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode401_AIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error401_NG_AIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage401_AIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error401_NG_PIIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage401_PIIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error401_NG_PIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage401_PIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error401_NG_SBS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage401_SBS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error401_PIIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 401 for PIIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode401_PIIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode401_PIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error401_PIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 401 for PIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode401_PIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode401_PIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error401_SBS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 401 for signing baskets.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode401_SBS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode401_SBS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error403_AIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 403 for AIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode403_AIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode403_AIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error403_NG_AIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 403.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage403_AIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error403_NG_PIIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 403.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage403_PIIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error403_NG_PIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 403.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage403_PIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error403_NG_SBS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 403.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage403_SBS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error403_PIIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 403 for PIIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode403_PIIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode403_PIIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error403_PIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 403 for PIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode403_PIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode403_PIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error403_SBS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 403 for signing baskets.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode403_SBS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode403_SBS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error404_AIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 404 for AIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode404_AIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode404_AIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error404_NG_AIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage404_AIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error404_NG_PIIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage404_PIIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error404_NG_PIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage404_PIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error404_NG_SBS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage404_SBS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error404_PIIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 404 for PIIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode404_PIIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode404_PIIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error404_PIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 404 for PIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode404_PIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode404_PIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error404_SBS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 404 for signing baskets.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode404_SBS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode404_SBS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error405_AIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 405 for AIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode405_AIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode405_AIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error405_NG_AIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage405_AIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error405_NG_PIIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage405_PIIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error405_NG_PIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage405_PIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error405_NG_PIS_CANC

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage405_PIS_CANC"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error405_NG_SBS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage405_SBS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error405_PIIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 405 for PIIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode405_PIIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode405_PIIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error405_PIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 405 for PIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode405_PIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode405_PIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error405_PIS_CANC

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 405 for a pament cancelation (PIS).

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode405_PIS_CANC"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode405_PIS_CANC"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error405_SBS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 405 for signing baskets.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode405_SBS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode405_SBS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error406_AIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 406 for AIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode406_AIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode406_AIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error406_NG_AIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 406.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage406_AIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error409_AIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 409 for AIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode409_AIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode409_AIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error409_NG_AIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 409.

{
    "example": [
        {
            "category": "ERROR",
            "code": "STATUS_INVALID",
            "text": "additional text information of the ASPSP up to 500 characters"
        }
    ],
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage409_AIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error409_NG_PIIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 409.

{
    "example": [
        {
            "category": "ERROR",
            "code": "STATUS_INVALID",
            "text": "additional text information of the ASPSP up to 500 characters"
        }
    ],
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage409_PIIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error409_NG_PIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 409.

{
    "example": [
        {
            "category": "ERROR",
            "code": "STATUS_INVALID",
            "text": "additional text information of the ASPSP up to 500 characters"
        }
    ],
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage409_PIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error409_NG_SBS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 409.

{
    "example": [
        {
            "category": "ERROR",
            "code": "STATUS_INVALID",
            "text": "additional text information of the ASPSP up to 500 characters"
        }
    ],
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage409_SBS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

Error409_PIIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 409 for PIIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode409_PIIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode409_PIIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error409_PIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 409 for PIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode409_PIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode409_PIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error409_SBS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 409 for signing baskets.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode409_SBS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode409_SBS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error429_AIS

Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 429 for AIS.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "additionalErrors": {
            "description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
            "items": {
                "description": "This is a data element to support the declaration of additional errors in the context of [RFC7807]\nin case of a HTTP error code 429 for.\n",
                "properties": {
                    "code": {
                        "$ref": "#\/definitions\/MessageCode429_AIS"
                    },
                    "detail": {
                        "$ref": "#\/definitions\/tppErrorDetail"
                    },
                    "title": {
                        "$ref": "#\/definitions\/tppErrorTitle"
                    }
                },
                "required": [
                    "code"
                ],
                "type": "object"
            },
            "type": "array"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode429_AIS"
        },
        "detail": {
            "description": "Detailed human readable text specific to this instance of the error.\nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
            "maxLength": 500,
            "type": "string"
        },
        "title": {
            "description": "Short human readable description of error type.\nCould be in local language.\nTo be provided by ASPSPs.\n",
            "maxLength": 70,
            "type": "string"
        },
        "type": {
            "description": "A URI reference [RFC3986] that identifies the problem type.\nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
            "format": "uri",
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "type",
        "code"
    ],
    "type": "object"
}

Error429_NG_AIS

NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 429.

{
    "example": [
        {
            "category": "ERROR",
            "code": "ACCESS_EXCEEDED",
            "text": "additional text information of the ASPSP up to 500 characters"
        }
    ],
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage429_AIS"
            },
            "type": "array"
        }
    },
    "type": "object"
}

MessageCode200InitiationStatus

Message codes for HTTP codes 200 to a Payment Initiation Status Request.

{
    "enum": [
        "FUNDS_NOT_AVAILABLE"
    ],
    "type": "string"
}

MessageCode201PaymentInitiation

Message codes for HTTP Codes 201 to a Payment Initiation Request.

{
    "enum": [
        "WARNING",
        "BENEFICIARY_WHITELISTING_REQUIRED"
    ],
    "type": "string"
}

MessageCode2XX

Message codes for HTTP Error codes 2XX.

{
    "enum": [
        "WARNING"
    ],
    "type": "string"
}

MessageCode400_AIS

Message codes defined for AIS for HTTP Error code 400 (BAD_REQUEST).

{
    "enum": [
        "FORMAT_ERROR",
        "PARAMETER_NOT_CONSISTENT",
        "PARAMETER_NOT_SUPPORTED",
        "SERVICE_INVALID",
        "RESOURCE_UNKNOWN",
        "RESOURCE_EXPIRED",
        "RESOURCE_BLOCKED",
        "TIMESTAMP_INVALID",
        "PERIOD_INVALID",
        "SCA_METHOD_UNKNOWN",
        "SCA_INVALID",
        "CONSENT_UNKNOWN",
        "SESSIONS_NOT_SUPPORTED"
    ],
    "type": "string"
}

MessageCode400_PIIS

Message codes defined for PIIS for HTTP Error code 400 (BAD_REQUEST).

{
    "enum": [
        "FORMAT_ERROR",
        "PARAMETER_NOT_CONSISTENT",
        "PARAMETER_NOT_SUPPORTED",
        "SERVICE_INVALID",
        "RESOURCE_UNKNOWN",
        "RESOURCE_EXPIRED",
        "RESOURCE_BLOCKED",
        "TIMESTAMP_INVALID",
        "PERIOD_INVALID",
        "SCA_METHOD_UNKNOWN",
        "SCA_INVALID",
        "CONSENT_UNKNOWN",
        "CARD_INVALID",
        "NO_PIIS_ACTIVATION"
    ],
    "type": "string"
}

MessageCode400_PIS

Message codes defined for PIS for HTTP Error code 400 (BAD_REQUEST).

{
    "enum": [
        "FORMAT_ERROR",
        "PARAMETER_NOT_CONSISTENT",
        "PARAMETER_NOT_SUPPORTED",
        "SERVICE_INVALID",
        "RESOURCE_UNKNOWN",
        "RESOURCE_EXPIRED",
        "RESOURCE_BLOCKED",
        "TIMESTAMP_INVALID",
        "PERIOD_INVALID",
        "SCA_METHOD_UNKNOWN",
        "SCA_INVALID",
        "CONSENT_UNKNOWN",
        "PAYMENT_FAILED",
        "EXECUTION_DATE_INVALID"
    ],
    "type": "string"
}

MessageCode400_SBS

Message codes defined for signing baskets for HTTP Error code 400 (BAD_REQUEST).

{
    "enum": [
        "FORMAT_ERROR",
        "PARAMETER_NOT_CONSISTENT",
        "PARAMETER_NOT_SUPPORTED",
        "SERVICE_INVALID",
        "RESOURCE_UNKNOWN",
        "RESOURCE_EXPIRED",
        "RESOURCE_BLOCKED",
        "TIMESTAMP_INVALID",
        "PERIOD_INVALID",
        "SCA_METHOD_UNKNOWN",
        "SCA_INVALID",
        "CONSENT_UNKNOWN",
        "REFERENCE_MIX_INVALID"
    ],
    "type": "string"
}

MessageCode401_AIS

Message codes defined for AIS for HTTP Error code 401 (UNAUTHORIZED).

{
    "enum": [
        "CERTIFICATE_INVALID",
        "ROLE_INVALID",
        "CERTIFICATE_EXPIRED",
        "CERTIFICATE_BLOCKED",
        "CERTIFICATE_REVOKE",
        "CERTIFICATE_MISSING",
        "SIGNATURE_INVALID",
        "SIGNATURE_MISSING",
        "CORPORATE_ID_INVALID",
        "PSU_CREDENTIALS_INVALID",
        "CONSENT_INVALID",
        "CONSENT_EXPIRED",
        "TOKEN_UNKNOWN",
        "TOKEN_INVALID",
        "TOKEN_EXPIRED"
    ],
    "type": "string"
}

MessageCode401_PIIS

Message codes defined for PIIS for HTTP Error code 401 (UNAUTHORIZED).

{
    "enum": [
        "CERTIFICATE_INVALID",
        "ROLE_INVALID",
        "CERTIFICATE_EXPIRED",
        "CERTIFICATE_BLOCKED",
        "CERTIFICATE_REVOKE",
        "CERTIFICATE_MISSING",
        "SIGNATURE_INVALID",
        "SIGNATURE_MISSING",
        "CORPORATE_ID_INVALID",
        "PSU_CREDENTIALS_INVALID",
        "CONSENT_INVALID",
        "CONSENT_EXPIRED",
        "TOKEN_UNKNOWN",
        "TOKEN_INVALID",
        "TOKEN_EXPIRED"
    ],
    "type": "string"
}

MessageCode401_PIS

Message codes defined for PIS for HTTP Error code 401 (UNAUTHORIZED).

{
    "enum": [
        "CERTIFICATE_INVALID",
        "ROLE_INVALID",
        "CERTIFICATE_EXPIRED",
        "CERTIFICATE_BLOCKED",
        "CERTIFICATE_REVOKE",
        "CERTIFICATE_MISSING",
        "SIGNATURE_INVALID",
        "SIGNATURE_MISSING",
        "CORPORATE_ID_INVALID",
        "PSU_CREDENTIALS_INVALID",
        "CONSENT_INVALID",
        "CONSENT_EXPIRED",
        "TOKEN_UNKNOWN",
        "TOKEN_INVALID",
        "TOKEN_EXPIRED",
        "KID_MISSING"
    ],
    "type": "string"
}

MessageCode401_SBS

Message codes defined for signing baskets for HTTP Error code 401 (UNAUTHORIZED).

{
    "enum": [
        "CERTIFICATE_INVALID",
        "ROLE_INVALID",
        "CERTIFICATE_EXPIRED",
        "CERTIFICATE_BLOCKED",
        "CERTIFICATE_REVOKE",
        "CERTIFICATE_MISSING",
        "SIGNATURE_INVALID",
        "SIGNATURE_MISSING",
        "CORPORATE_ID_INVALID",
        "PSU_CREDENTIALS_INVALID",
        "CONSENT_INVALID",
        "CONSENT_EXPIRED",
        "TOKEN_UNKNOWN",
        "TOKEN_INVALID",
        "TOKEN_EXPIRED"
    ],
    "type": "string"
}

MessageCode403_AIS

Message codes defined for AIS for HTTP Error code 403 (FORBIDDEN).

{
    "enum": [
        "CONSENT_UNKNOWN",
        "SERVICE_BLOCKED",
        "RESOURCE_UNKNOWN",
        "RESOURCE_EXPIRED"
    ],
    "type": "string"
}

MessageCode403_PIIS

Message codes defined for PIIS for HTTP Error code 403 (FORBIDDEN).

{
    "enum": [
        "CONSENT_UNKNOWN",
        "SERVICE_BLOCKED",
        "RESOURCE_UNKNOWN",
        "RESOURCE_EXPIRED"
    ],
    "type": "string"
}

MessageCode403_PIS

Message codes defined defined for PIS for PIS for HTTP Error code 403 (FORBIDDEN).

{
    "enum": [
        "CONSENT_UNKNOWN",
        "SERVICE_BLOCKED",
        "RESOURCE_UNKNOWN",
        "RESOURCE_EXPIRED",
        "PRODUCT_INVALID"
    ],
    "type": "string"
}

MessageCode403_SBS

Message codes defined for signing baskets for HTTP Error code 403 (FORBIDDEN).

{
    "enum": [
        "CONSENT_UNKNOWN",
        "SERVICE_BLOCKED",
        "RESOURCE_UNKNOWN",
        "RESOURCE_EXPIRED"
    ],
    "type": "string"
}

MessageCode404_AIS

Message codes defined for AIS for HTTP Error code 404 (NOT FOUND).

{
    "enum": [
        "RESOURCE_UNKNOWN"
    ],
    "type": "string"
}

MessageCode404_PIIS

Message codes defined for PIIS for HTTP Error code 404 (NOT FOUND).

{
    "enum": [
        "RESOURCE_UNKNOWN"
    ],
    "type": "string"
}

MessageCode404_PIS

Message codes defined for PIS for HTTP Error code 404 (NOT FOUND).

{
    "enum": [
        "RESOURCE_UNKNOWN",
        "PRODUCT_UNKNOWN"
    ],
    "type": "string"
}

MessageCode404_SBS

Message codes defined for signing baskets for HTTP Error code 404 (NOT FOUND).

{
    "enum": [
        "RESOURCE_UNKNOWN"
    ],
    "type": "string"
}

MessageCode405_AIS

Message codes defined for AIS for HTTP Error code 405 (METHOD NOT ALLOWED).

{
    "enum": [
        "SERVICE_INVALID"
    ],
    "type": "string"
}

MessageCode405_PIIS

Message codes defined for PIIS for HTTP Error code 405 (METHOD NOT ALLOWED).

{
    "enum": [
        "SERVICE_INVALID"
    ],
    "type": "string"
}

MessageCode405_PIS

Message codes defined for payment cancelations PIS for HTTP Error code 405 (METHOD NOT ALLOWED).

{
    "enum": [
        "SERVICE_INVALID"
    ],
    "type": "string"
}

MessageCode405_PIS_CANC

Message codes defined for payment cancelations PIS for HTTP Error code 405 (METHOD NOT ALLOWED).

{
    "enum": [
        "CANCELLATION_INVALID",
        "SERVICE_INVALID"
    ],
    "type": "string"
}

MessageCode405_SBS

Message codes defined for SBS for HTTP Error code 405 (METHOD NOT ALLOWED).

{
    "enum": [
        "SERVICE_INVALID"
    ],
    "type": "string"
}

MessageCode406_AIS

Message codes defined for AIS for HTTP Error code 406 (NOT ACCEPTABLE).

{
    "enum": [
        "REQUESTED_FORMATS_INVALID"
    ],
    "type": "string"
}

MessageCode409_AIS

Message codes defined for AIS for HTTP Error code 409 (CONFLICT).

{
    "enum": [
        "STATUS_INVALID"
    ],
    "type": "string"
}

MessageCode409_PIIS

Message codes defined for PIIS for HTTP Error code 409 (CONFLICT).

{
    "enum": [
        "STATUS_INVALID"
    ],
    "type": "string"
}

MessageCode409_PIS

Message codes defined for PIS for HTTP Error code 409 (CONFLICT).

{
    "enum": [
        "STATUS_INVALID"
    ],
    "type": "string"
}

MessageCode409_SBS

Message codes defined for signing baskets for HTTP Error code 409 (CONFLICT).

{
    "enum": [
        "REFERENCE_STATUS_INVALID",
        "STATUS_INVALID"
    ],
    "type": "string"
}

MessageCode429_AIS

Message codes for HTTP Error code 429 (TOO MANY REQUESTS).

{
    "enum": [
        "ACCESS_EXCEEDED"
    ],
    "type": "string"
}

_linksAccountDetails

Links to the account, which can be directly used for retrieving account information from this dedicated account.

Links to "balances" and/or "transactions"

These links are only supported, when the corresponding consent has been already granted.

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "balances": {
            "$ref": "#\/definitions\/hrefType"
        },
        "transactions": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "type": "object"
}

_linksAccountReport

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "account": {
            "$ref": "#\/definitions\/hrefType"
        },
        "first": {
            "$ref": "#\/definitions\/hrefType"
        },
        "last": {
            "$ref": "#\/definitions\/hrefType"
        },
        "next": {
            "$ref": "#\/definitions\/hrefType"
        },
        "previous": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "required": [
        "account"
    ],
    "type": "object"
}

_linksAll

A _link object with all available link types.

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "account": {
            "$ref": "#\/definitions\/hrefType"
        },
        "balances": {
            "$ref": "#\/definitions\/hrefType"
        },
        "cardAccount": {
            "$ref": "#\/definitions\/hrefType"
        },
        "cardTransactions": {
            "$ref": "#\/definitions\/hrefType"
        },
        "confirmation": {
            "$ref": "#\/definitions\/hrefType"
        },
        "first": {
            "$ref": "#\/definitions\/hrefType"
        },
        "last": {
            "$ref": "#\/definitions\/hrefType"
        },
        "next": {
            "$ref": "#\/definitions\/hrefType"
        },
        "previous": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaOAuth": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/hrefType"
        },
        "self": {
            "$ref": "#\/definitions\/hrefType"
        },
        "status": {
            "$ref": "#\/definitions\/hrefType"
        },
        "transactionDetails": {
            "$ref": "#\/definitions\/hrefType"
        },
        "transactions": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "type": "object"
}

_linksAuthorisationConfirmation

A list of hyperlinks to be recognised by the TPP. The actual hyperlinks used in the response depend on the dynamical decisions of the ASPSP when processing the request.

Remark: All links can be relative or full links, to be decided by the ASPSP.

Type of links admitted in this response, (further links might be added for ASPSP defined extensions):

'scaStatus': The link to retrieve the status of the corresponding transaction resource.

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "scaStatus": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "type": "object"
}

_linksCardAccountReport

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "card": {
            "$ref": "#\/definitions\/hrefType"
        },
        "cardAccount": {
            "$ref": "#\/definitions\/hrefType"
        },
        "first": {
            "$ref": "#\/definitions\/hrefType"
        },
        "last": {
            "$ref": "#\/definitions\/hrefType"
        },
        "next": {
            "$ref": "#\/definitions\/hrefType"
        },
        "previous": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "required": [
        "cardAccount",
        "card"
    ],
    "type": "object"
}

_linksConsents

A list of hyperlinks to be recognised by the TPP.

Type of links admitted in this response (which might be extended by single ASPSPs as indicated in its XS2A documentation):

'scaOAuth': In case of an OAuth2 based Redirect Approach, the ASPSP is transmitting the link where the configuration of the OAuth2 Server is defined. The configuration follows the OAuth 2.0 Authorisation Server Metadata specification.
'confirmation': Might be added by the ASPSP if either the "scaRedirect" or "scaOAuth" hyperlink is returned in the same response message. This hyperlink defines the URL to the resource which needs to be updated with
- a confirmation code as retrieved after the plain redirect authentication process with the ASPSP authentication server or
- an access token as retrieved by submitting an authorization code after the integrated OAuth based authentication process with the ASPSP authentication server.
- 'self': The link to the Establish Account Information Consent resource created by this request. This link can be used to retrieve the resource data.
- 'status': The link to retrieve the status of the account information consent.
- 'scaStatus': The link to retrieve the scaStatus of the corresponding authorisation sub-resource. This link is only contained, if an authorisation sub-resource has been already created.

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "confirmation": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaOAuth": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/hrefType"
        },
        "self": {
            "$ref": "#\/definitions\/hrefType"
        },
        "status": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "type": "object"
}

_linksGetConsent

A list of hyperlinks to be recognised by the TPP.

Links of type "account" and/or "cardAccount", depending on the nature of the consent.

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "account": {
            "$ref": "#\/definitions\/hrefType"
        },
        "card-account": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "type": "object"
}

_linksPagination

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "first": {
            "$ref": "#\/definitions\/hrefType"
        },
        "last": {
            "$ref": "#\/definitions\/hrefType"
        },
        "next": {
            "$ref": "#\/definitions\/hrefType"
        },
        "previous": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "type": "object"
}

_linksPaymentInitiation

A list of hyperlinks to be recognised by the TPP. The actual hyperlinks used in the response depend on the dynamical decisions of the ASPSP when processing the request.

Remark: All links can be relative or full links, to be decided by the ASPSP.

Type of links admitted in this response, (further links might be added for ASPSP defined extensions):

   * 'scaOAuth':

In case of a SCA OAuth2 Approach, the ASPSP is transmitting the URI where the configuration of the Authorisation Server can be retrieved. The configuration follows the OAuth 2.0 Authorisation Server Metadata specification.

'confirmation': Might be added by the ASPSP if either the "scaRedirect" or "scaOAuth" hyperlink is returned in the same response message. This hyperlink defines the URL to the resource which needs to be updated with
- a confirmation code as retrieved after the plain redirect authentication process with the ASPSP authentication server or
- an access token as retrieved by submitting an authorization code after the integrated OAuth based authentication process with the ASPSP authentication server.
'self': The link to the payment initiation resource created by this request. This link can be used to retrieve the resource data.
'status': The link to retrieve the transaction status of the payment initiation.
'scaStatus': The link to retrieve the scaStatus of the corresponding authorisation sub-resource. This link is only contained, if an authorisation sub-resource has been already created.

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "example": {
        "self": {
            "href": "\/psd2\/v1\/payments\/sepa-credit-transfers\/1234-wertiq-983"
        }
    },
    "properties": {
        "confirmation": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaOAuth": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/hrefType"
        },
        "self": {
            "$ref": "#\/definitions\/hrefType"
        },
        "status": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "type": "object"
}

_linksPaymentInitiationStatus

Should refer to next steps if the problem can be resolved via the interface e.g. for re-submission of credentials.

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "example": {
        "self": {
            "href": "\/psd2\/v1\/payments\/sepa-credit-transfers\/1234-wertiq-983"
        }
    },
    "type": "object"
}

_linksSelectPsuAuthenticationMethod

A list of hyperlinks to be recognised by the TPP. The actual hyperlinks used in the response depend on the dynamical decisions of the ASPSP when processing the request.

Remark: All links can be relative or full links, to be decided by the ASPSP.

Remark: This method can be applied before or after PSU identification. This leads to many possible hyperlink responses. Type of links admitted in this response, (further links might be added for ASPSP defined extensions):

'scaRedirect': In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browser.
'scaOAuth': In case of a SCA OAuth2 Approach, the ASPSP is transmitting the URI where the configuration of the Authorisation Server can be retrieved. The configuration follows the OAuth 2.0 Authorisation Server Metadata specification.
- 'confirmation': Might be added by the ASPSP if either the "scaRedirect" or "scaOAuth" hyperlink is returned in the same response message. This hyperlink defines the URL to the resource which needs to be updated with
  - a confirmation code as retrieved after the plain redirect authentication process with the ASPSP authentication server or
  - an access token as retrieved by submitting an authorization code after the integrated OAuth based authentication process with the ASPSP authentication server.
'updatePsuIdentification': The link to the authorisation or cancellation authorisation sub-resource, where PSU identification data needs to be uploaded.
'scaStatus': The link to retrieve the scaStatus of the corresponding authorisation sub-resource.

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "confirmation": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaOAuth": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaRedirect": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/hrefType"
        },
        "updatePsuIdentification": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "type": "object"
}

_linksStartScaProcess

A list of hyperlinks to be recognised by the TPP. The actual hyperlinks used in the response depend on the dynamical decisions of the ASPSP when processing the request.

Remark: All links can be relative or full links, to be decided by the ASPSP.

Type of links admitted in this response, (further links might be added for ASPSP defined extensions):

'scaOAuth': In case of a SCA OAuth2 Approach, the ASPSP is transmitting the URI where the configuration of the Authorisation Server can be retrieved. The configuration follows the OAuth 2.0 Authorisation Server Metadata specification.
- 'confirmation': Might be added by the ASPSP if either the "scaRedirect" or "scaOAuth" hyperlink is returned in the same response message. This hyperlink defines the URL to the resource which needs to be updated with
  - a confirmation code as retrieved after the plain redirect authentication process with the ASPSP authentication server or
  - an access token as retrieved by submitting an authorization code after the integrated OAuth based authentication process with the ASPSP authentication server.
'scaStatus': The link to retrieve the scaStatus of the corresponding authorisation sub-resource.

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "confirmation": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaOAuth": {
            "$ref": "#\/definitions\/hrefType"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "type": "object"
}

_linksTransactionDetails

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "transactionDetails": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "required": [
        "transactionDetails"
    ],
    "type": "object"
}

_linksUpdatePsuIdentification

A list of hyperlinks to be recognised by the TPP. The actual hyperlinks used in the response depend on the dynamical decisions of the ASPSP when processing the request.

Remark: All links can be relative or full links, to be decided by the ASPSP.

Type of links admitted in this response, (further links might be added for ASPSP defined extensions):

'scaStatus': The link to retrieve the scaStatus of the corresponding authorisation sub-resource.
'selectAuthenticationMethod': This is a link to a resource, where the TPP can select the applicable second factor authentication methods for the PSU, if there are several available authentication methods and if the PSU is already sufficiently authenticated.. If this link is contained, then there is also the data element "scaMethods" contained in the response body.

{
    "additionalProperties": {
        "$ref": "#\/definitions\/hrefType"
    },
    "properties": {
        "scaStatus": {
            "$ref": "#\/definitions\/hrefType"
        },
        "selectAuthenticationMethod": {
            "$ref": "#\/definitions\/hrefType"
        }
    },
    "type": "object"
}

accountAccess

Requested access services for a consent.

{
    "properties": {
        "accounts": {
            "description": "Is asking for detailed account information.\n\nIf the array is empty in a request, the TPP is asking for an accessible account list.\nThis may be restricted in a PSU\/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for balances, additionalInformation sub attributes or transactions shall be empty, if used.\n",
            "items": {
                "$ref": "#\/definitions\/consentAccountReference"
            },
            "type": "array"
        },
        "additionalInformation": {
            "$ref": "#\/definitions\/additionalInformationAccess"
        },
        "allPsd2": {
            "description": "Optional if supported by API provider.\n\nThe values \"allAccounts\" and \"allAccountsWithOwnerName\" are admitted.\nThe support of the \"allAccountsWithOwnerName\" value by the ASPSP is optional.\n",
            "enum": [
                "allAccounts"
            ],
            "type": "string"
        },
        "availableAccounts": {
            "description": "Optional if supported by API provider.\n\nThe values \"allAccounts\" and \"allAccountsWithOwnerName\" are admitted.\nThe support of the \"allAccountsWithOwnerName\" value by the ASPSP is optional.\n",
            "enum": [
                "allAccounts"
            ],
            "type": "string"
        },
        "availableAccountsWithBalance": {
            "description": "Optional if supported by API provider.\n\nThe values \"allAccounts\" and \"allAccountsWithOwnerName\" are admitted.\nThe support of the \"allAccountsWithOwnerName\" value by the ASPSP is optional.\n",
            "enum": [
                "allAccounts"
            ],
            "type": "string"
        },
        "balances": {
            "description": "Is asking for balances of the addressed accounts.\n\nIf the array is empty in the request, the TPP is asking for the balances of all accessible account lists.\nThis may be restricted in a PSU\/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for accounts, additionalInformation sub attributes or transactions shall be empty, if used.\n",
            "items": {
                "$ref": "#\/definitions\/consentAccountReference"
            },
            "type": "array"
        },
        "restrictedTo": {
            "description": "If the TPP requests access to accounts via availableAccounts (List of available accounts), global\nor bank driven consents, the TPP may include this element to restrict access to the referred\naccount types. Absence of the element is interpreted as \"no restriction\" (therefore access to\naccounts of all types is requested). The element may only occur, if each of the elements\n  - accounts\n  - balances\n  - transactions\nis either not present or contains an empty array.\nBOI-REMARK:\n  This attribute have to be supported by the API Provider.\n\n  In detailed consent model this field have to be empty or not presented.\n",
            "items": {
                "$ref": "#\/definitions\/cashAccountType"
            },
            "type": "array"
        },
        "transactions": {
            "description": "Is asking for transactions of the addressed accounts.\n\nIf the array is empty in the request, the TPP is asking for the transactions of all accessible account lists.\nThis may be restricted in a PSU\/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for accounts, additionalInformation sub attributes or balances shall be empty, if used.\n",
            "items": {
                "$ref": "#\/definitions\/consentAccountReference"
            },
            "type": "array"
        }
    },
    "type": "object"
}

accountDetails

The ASPSP shall give at least one of the account reference identifiers:

iban
bban
maskedPan
msisdn
other If the account is a multicurrency account currency code in "currency" is set to "XXX" or "ILY" depents on the consent.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAccountDetails"
        },
        "balances": {
            "$ref": "#\/definitions\/balanceList"
        },
        "bban": {
            "$ref": "#\/definitions\/bban"
        },
        "bic": {
            "$ref": "#\/definitions\/bicfi"
        },
        "cashAccountType": {
            "$ref": "#\/definitions\/cashAccountType"
        },
        "currency": {
            "$ref": "#\/definitions\/currencyCode"
        },
        "details": {
            "description": "Specifications that might be provided by the ASPSP:\n  - characteristics of the account\n  - characteristics of the relevant card\n",
            "maxLength": 500,
            "type": "string"
        },
        "displayName": {
            "$ref": "#\/definitions\/displayName"
        },
        "iban": {
            "$ref": "#\/definitions\/iban"
        },
        "linkedAccounts": {
            "description": "Case of a set of pending card transactions, the APSP will provide the relevant cash account the card is set up on.",
            "maxLength": 70,
            "type": "string"
        },
        "msisdn": {
            "$ref": "#\/definitions\/msisdn"
        },
        "name": {
            "description": "Name of the account, as assigned by the ASPSP, in agreement with the account owner in order to provide an additional means of identification of the account.",
            "maxLength": 70,
            "type": "string"
        },
        "other": {
            "$ref": "#\/definitions\/otherType"
        },
        "ownerName": {
            "$ref": "#\/definitions\/ownerName"
        },
        "product": {
            "description": "Product name of the bank for this account, proprietary definition.",
            "maxLength": 35,
            "type": "string"
        },
        "resourceId": {
            "description": "This shall be filled, if addressable resource are created by the ASPSP on the \/accounts or \/card-accounts endpoint.",
            "type": "string"
        },
        "status": {
            "$ref": "#\/definitions\/accountStatus"
        },
        "usage": {
            "description": "Specifies the usage of the account:\n  * PRIV: private personal account\n  * ORGA: professional account\n",
            "enum": [
                "PRIV",
                "ORGA"
            ],
            "maxLength": 4,
            "type": "string"
        }
    },
    "required": [
        "currency",
        "cashAccountType"
    ],
    "type": "object"
}

accountId

This identification is denoting the addressed account, where the transaction has been performed.

{
    "example": "qwer3456tzui7890",
    "type": "string"
}

accountList

List of accounts with details.

{
    "properties": {
        "accounts": {
            "items": {
                "$ref": "#\/definitions\/accountDetails"
            },
            "type": "array"
        }
    },
    "required": [
        "accounts"
    ],
    "type": "object"
}

accountReference

Reference to an account by either

IBAN, of a payment accounts, or
BBAN, for payment accounts if there is no IBAN, or
the Primary Account Number (PAN) of a card in a masked form, or
an alias to access a payment account via a registered mobile phone number (MSISDN), or
a proprietary ID of the respective account that uniquely identifies the account for this ASPSP.

{
    "properties": {
        "bban": {
            "$ref": "#\/definitions\/bban"
        },
        "cashAccountType": {
            "$ref": "#\/definitions\/cashAccountType"
        },
        "currency": {
            "$ref": "#\/definitions\/currencyCode"
        },
        "iban": {
            "$ref": "#\/definitions\/iban"
        },
        "maskedPan": {
            "$ref": "#\/definitions\/maskedPan"
        },
        "msisdn": {
            "$ref": "#\/definitions\/msisdn"
        },
        "other": {
            "$ref": "#\/definitions\/otherType"
        }
    },
    "type": "object"
}

accountReport

JSON based account report. This account report contains transactions resulting from the query parameters.

'booked' shall be contained if bookingStatus parameter is set to "booked" or "both".

'pending' is not contained if the bookingStatus parameter is set to "booked" or "information".

'information' Only contained if the bookingStatus is set to "information" and if supported by ASPSP.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAccountReport"
        },
        "booked": {
            "$ref": "#\/definitions\/transactionList"
        },
        "information": {
            "$ref": "#\/definitions\/transactionList"
        },
        "pending": {
            "$ref": "#\/definitions\/transactionList"
        }
    },
    "required": [
        "_links"
    ],
    "type": "object"
}

accountStatus

Account status. The value is one of the following:

"enabled": account is available
"deleted": account is terminated
"blocked": account is blocked e.g. for legal reasons If this field is not used, than the account is available in the sense of this specification.

{
    "enum": [
        "enabled",
        "deleted",
        "blocked"
    ],
    "type": "string"
}

additionalInformation

Might be used by the ASPSP to transport additional transaction related information to the PSU

{
    "example": "Some additional transaction related information.",
    "maxLength": 500,
    "type": "string"
}

additionalInformationAccess

Optional if supported by API provider.

Is asking for additional information as added within this structured object. The usage of this data element requires at least one of the entries "accounts", "transactions" or "balances" also to be contained in the object. If detailed accounts are referenced, it is required in addition that any account addressed within the additionalInformation attribute is also addressed by at least one of the attributes "accounts", "transactions" or "balances".

{
    "properties": {
        "ownerName": {
            "description": "Is asking for account owner name of the accounts referenced within.\nIf the array is empty in the request, the TPP is asking for the account\nowner name of all accessible accounts.\nThis may be restricted in a PSU\/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for accounts, balances or transactions shall be empty, if used.\nThe ASPSP will indicate in the consent resource after a successful authorisation,\nwhether the ownerName consent can be accepted by providing the accounts on which the ownerName will\nbe delivered.\nThis array can be empty.\n",
            "items": {
                "$ref": "#\/definitions\/accountReference"
            },
            "type": "array"
        },
        "trustedBeneficiaries": {
            "description": "Optional if supported by API provider.\nIs asking for the trusted beneficiaries related to the accounts referenced within and related to the PSU.\nIf the array is empty in the request, the TPP is asking for the lists of trusted beneficiaries of all accessible accounts.\nThis may be restricted in a PSU\/ASPSP authorization dialogue by the PSU if also the account lists addressed\nby the tags “accounts”, “balances” or “transactions” are empty.\nThe ASPSP will indicate in the consent resource after a successful authorisation,\nwhether the trustedBeneficiaries consent can be accepted by providing the accounts on which the list of trusted beneficiaries will be delivered.\nThis array can be empty.\n",
            "items": {
                "$ref": "#\/definitions\/accountReference"
            },
            "type": "array"
        }
    },
    "type": "object"
}

additionalInformationStructured

Is used if and only if the bookingStatus entry equals "information". Every active standing order related to the dedicated payment account result into one entry.

{
    "properties": {
        "standingOrderDetails": {
            "$ref": "#\/definitions\/standingOrderDetails"
        }
    },
    "required": [
        "standingOrderDetails"
    ],
    "type": "object"
}

address

{
    "example": {
        "buildingnNumber": "89",
        "country": "FR",
        "postCode": "75000",
        "streetName": "rue blue",
        "townName": "Paris"
    },
    "properties": {
        "buildingNumber": {
            "maxLength": 10,
            "type": "string"
        },
        "country": {
            "$ref": "#\/definitions\/countryCode"
        },
        "postCode": {
            "maxLength": 10,
            "type": "string"
        },
        "streetName": {
            "maxLength": 70,
            "type": "string"
        },
        "townName": {
            "maxLength": 70,
            "type": "string"
        }
    },
    "required": [
        "country"
    ],
    "type": "object"
}

amount

{
    "example": {
        "amount": "123",
        "currency": "EUR"
    },
    "properties": {
        "amount": {
            "$ref": "#\/definitions\/amountValue"
        },
        "currency": {
            "$ref": "#\/definitions\/currencyCode"
        }
    },
    "required": [
        "currency",
        "amount"
    ],
    "type": "object"
}

amountValue

The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot.

Example: Valid representations for EUR with up to two decimals are:

1056
5768.2
-1.50
5877.78

{
    "example": "5877.78",
    "pattern": "^-?[0-9]{1,14}(\\.[0-9]{1,3})?$",
    "type": "string"
}

authenticationMethodId

An identification provided by the ASPSP for the later identification of the authentication method selection.

{
    "example": "myAuthenticationID",
    "maxLength": 35,
    "type": "string"
}

authorisationConfirmation

Content of the body of an authorisation confirmation request

{
    "properties": {
        "confirmationCode": {
            "description": "Confirmation Code as retrieved by the TPP from the redirect based SCA process.",
            "type": "string"
        }
    },
    "required": [
        "confirmationCode"
    ],
    "type": "object"
}

authorisationConfirmationResponse

Body of the JSON response for an authorisation confirmation request.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAuthorisationConfirmation"
        },
        "psuMessage": {
            "$ref": "#\/definitions\/psuMessageText"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/scaStatusAuthorisationConfirmation"
        }
    },
    "required": [
        "scaStatus",
        "_links"
    ],
    "type": "object"
}

authorisationId

Resource identification of the related SCA.

{
    "example": "123auth456",
    "type": "string"
}

authorisations

An array of all authorisationIds.

{
    "properties": {
        "authorisationIds": {
            "$ref": "#\/definitions\/authorisationsList"
        }
    },
    "required": [
        "authorisationIds"
    ],
    "type": "object"
}

authorisationsList

An array of all authorisationIds.

{
    "items": {
        "$ref": "#\/definitions\/authorisationId"
    },
    "type": "array"
}

authorization

Authorization by OAuth2 based Protocol.

{
    "type": "string"
}

balance

A single balance element.

{
    "properties": {
        "balanceAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "balanceType": {
            "$ref": "#\/definitions\/balanceType"
        },
        "creditLimitIncluded": {
            "description": "A flag indicating if the credit limit of the corresponding account\nis included in the calculation of the balance, where applicable.\n",
            "example": false,
            "type": "boolean"
        },
        "lastChangeDateTime": {
            "description": "This data element might be used to indicate e.g. with the expected or booked balance that no action is known\non the account, which is not yet booked.\n",
            "format": "date-time",
            "type": "string"
        },
        "lastCommittedTransaction": {
            "description": "\"entryReference\" of the last commited transaction to support the TPP in identifying whether all\nPSU transactions are already known.\n",
            "maxLength": 35,
            "type": "string"
        },
        "referenceDate": {
            "description": "Indicates the date of the balance.",
            "format": "date",
            "type": "string"
        }
    },
    "required": [
        "balanceAmount",
        "balanceType",
        "creditLimitIncluded",
        "referenceDate"
    ],
    "type": "object"
}

balanceList

A list of balances regarding this account, e.g. the current balance, the last booked balance. The list might be restricted to the current balance.

{
    "items": {
        "$ref": "#\/definitions\/balance"
    },
    "type": "array"
}

balanceType

The following balance types are defined:

"closingBooked": #BOI-REMARK: THIS TYPE IS MANDATORY Balance of the account at the end of the pre-agreed account reporting period. It is the sum of the opening booked balance at the beginning of the period and all entries booked to the account during the pre-agreed account reporting period.

For card-accounts, this is composed of
- invoiced, but not yet paid entries
"expected": #BOI-REMARK: THIS TYPE IS CONDITIONAL Balance composed of booked entries and pending items known at the time of calculation, which projects the end of day balance if everything is booked on the account and no other entry is posted.

For card accounts, this is composed of:
- invoiced, but not yet paid entries
- not yet invoiced but already booked entries and
- pending items (not yet booked)
For card-accounts:

"money to spend with the value of a pre-approved credit limit on the card account"
"openingBooked": #BOI-REMARK: THIS TYPE IS OPTIONAL Book balance of the account at the beginning of the account reporting period. It always equals the closing book balance from the previous report.
"interimAvailable": #BOI-REMARK: THIS TYPE IS CONDITIONAL Available balance calculated in the course of the account ?servicer?s business day, at the time specified, and subject to further changes during the business day. The interim balance is calculated on the basis of booked credit and debit items during the calculation time/period specified.

For card-accounts, this is composed of:
- invoiced, but not yet paid entries
- not yet invoiced but already booked entries
"interimBooked": #BOI-REMARK: THIS TYPE IS CONDITIONAL Balance calculated in the course of the account servicer's business day, at the time specified, and subject to further changes during the business day. The interim balance is calculated on the basis of booked credit and debit items during the calculation time/period specified.
"forwardAvailable": #BOI-REMARK: THIS TYPE IS CONDITIONAL Forward available balance of money that is at the disposal of the account owner on the date specified.
"nonInvoiced":
Only for card accounts, to be checked yet.

{
    "enum": [
        "closingBooked",
        "expected",
        "openingBooked",
        "interimAvailable",
        "interimBooked",
        "forwardAvailable",
        "nonInvoiced"
    ],
    "type": "string"
}

bankTransactionCode

Bank transaction code as used by the ASPSP and using the sub elements of this structured code defined by ISO 20022.

This code type is concatenating the three ISO20022 Codes

Domain Code,
Family Code, and
SubFamiliy Code by hyphens, resulting in 'DomainCode'-'FamilyCode'-'SubFamilyCode'.

{
    "example": "PMNT-RDDT-ESDD",
    "type": "string"
}

batchBookingPreferred

If this element equals 'true', the PSU prefers only one booking entry. If this element equals 'false', the PSU prefers individual booking of all contained individual transactions.

The ASPSP will follow this preference according to contracts agreed on with the PSU.

{
    "example": false,
    "type": "boolean"
}

bban

Basic Bank Account Number (BBAN) Identifier.

This data element can be used in the body of the consent request. Message for retrieving account access consent from this account. This data elements is used for payment accounts which have no IBAN. ISO20022: Basic Bank Account Number (BBAN).

Identifier used nationally by financial institutions, i.e., in individual countries, generally as part of a National Account Numbering Scheme(s), which uniquely identifies the account of a customer.

{
    "type": "string"
}

bicfi

BICFI

{
    "example": "AAAADEBBXXX",
    "pattern": "^[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}$",
    "type": "string"
}

bookingDate

The date when an entry is posted to an account on the ASPSPs books.

{
    "format": "date",
    "type": "string"
}

bulkPaymentInitiationWithStatusResponse

Generic JSON response body consistion of the corresponding bulk payment initation JSON body together with an optional transaction status field.

{
    "properties": {
        "acceptorTransactionDateTime": {
            "format": "date-time",
            "type": "string"
        },
        "batchBookingPreferred": {
            "$ref": "#\/definitions\/batchBookingPreferred"
        },
        "debtorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "paymentInformationId": {
            "maxLength": 35,
            "type": "string"
        },
        "payments": {
            "description": "A list of generic JSON bodies payment initations for bulk payments via JSON.\n\nNote: Some fields from single payments do not occcur in a bulk payment element\n",
            "items": {
                "$ref": "#\/definitions\/paymentInitiationBulkElement_json"
            },
            "type": "array"
        },
        "requestedExecutionDate": {
            "format": "date",
            "type": "string"
        },
        "tppMessage": {
            "description": "Messages to the TPP on operational issues.",
            "items": {
                "$ref": "#\/definitions\/tppMessageGeneric"
            },
            "type": "array"
        },
        "transactionStatus": {
            "$ref": "#\/definitions\/transactionStatus"
        }
    },
    "required": [
        "payments",
        "debtorAccount"
    ],
    "type": "object"
}

bulkPaymentInitiation_json

Generic Body for a bulk payment initation via JSON.

paymentInformationId is contained in code but commented since it is n.a. and not all ASPSP are able to support this field now. In a later version the field will be mandatory.

{
    "properties": {
        "batchBookingPreferred": {
            "$ref": "#\/definitions\/batchBookingPreferred"
        },
        "debtorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "payments": {
            "description": "A list of generic JSON bodies payment initations for bulk payments via JSON.\n\nNote: Some fields from single payments do not occcur in a bulk payment element\n",
            "items": {
                "$ref": "#\/definitions\/paymentInitiationBulkElement_json"
            },
            "type": "array"
        },
        "requestedExecutionDate": {
            "format": "date",
            "type": "string"
        },
        "requestedExecutionTime": {
            "format": "date-time",
            "type": "string"
        }
    },
    "required": [
        "payments",
        "debtorAccount"
    ],
    "type": "object"
}

cardAcceptorPhone

Merchant phone number It consists of a "+" followed by the country code (from 1 to 3 characters) then a "-" and finally, any combination of numbers, "(", ")", "+" and "-" (up to 30 characters). pattern according to ISO20022 +[0-9]{1,3}-[0-9()+\-]{1,30}

{
    "pattern": "^\\+[0-9]{1,3}\\-[0-9()+\\-]{1,30}$",
    "type": "string"
}

cardAccountDetails

Card account details.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAccountDetails"
        },
        "balances": {
            "$ref": "#\/definitions\/balanceList"
        },
        "creditLimit": {
            "$ref": "#\/definitions\/amount"
        },
        "currency": {
            "$ref": "#\/definitions\/currencyCode"
        },
        "details": {
            "description": "Specifications that might be provided by the ASPSP:\n  - characteristics of the account\n  - characteristics of the relevant card\n",
            "maxLength": 1000,
            "type": "string"
        },
        "displayName": {
            "$ref": "#\/definitions\/displayName"
        },
        "maskedPan": {
            "$ref": "#\/definitions\/maskedPan"
        },
        "name": {
            "description": "Name of the account, as assigned by the ASPSP,\nin agreement with the account owner in order to provide an additional means of identification of the account.\n",
            "maxLength": 70,
            "type": "string"
        },
        "ownerName": {
            "$ref": "#\/definitions\/ownerName"
        },
        "product": {
            "description": "Product Name of the Bank for this account, proprietary definition.\n",
            "maxLength": 35,
            "type": "string"
        },
        "resourceId": {
            "description": "This is the data element to be used in the path when retrieving data from a dedicated account.\nThis shall be filled, if addressable resource are created by the ASPSP on the \/card-accounts endpoint.\n",
            "type": "string"
        },
        "status": {
            "$ref": "#\/definitions\/accountStatus"
        },
        "usage": {
            "description": "Specifies the usage of the account:\n  * PRIV: private personal account\n  * ORGA: professional account\n",
            "enum": [
                "PRIV",
                "ORGA"
            ],
            "maxLength": 4,
            "type": "string"
        }
    },
    "required": [
        "maskedPan",
        "currency"
    ],
    "type": "object"
}

cardAccountList

List of card accounts with details.

{
    "properties": {
        "cardAccounts": {
            "items": {
                "$ref": "#\/definitions\/cardAccountDetails"
            },
            "type": "array"
        }
    },
    "required": [
        "cardAccounts"
    ],
    "type": "object"
}

cardAccountReport

JSON based card account report.

This card account report contains transactions resulting from the query parameters.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksCardAccountReport"
        },
        "booked": {
            "$ref": "#\/definitions\/cardTransactionList"
        },
        "pending": {
            "$ref": "#\/definitions\/cardTransactionList"
        }
    },
    "required": [
        "booked",
        "_links"
    ],
    "type": "object"
}

cardAccountsTransactionsResponse200

Body of the JSON response for a successful read card account transaction list request. This card account report contains transactions resulting from the query parameters.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksPagination"
        },
        "balances": {
            "$ref": "#\/definitions\/balanceList"
        },
        "cardAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "cardTransactions": {
            "$ref": "#\/definitions\/cardAccountReport"
        }
    },
    "required": [
        "cardAccount"
    ],
    "type": "object"
}

cardTransaction

Card transaction information.

{
    "properties": {
        "acceptorTransactionDateTime": {
            "description": "Timestamp of the actual card transaction within the acceptance system",
            "format": "date-time",
            "type": "string"
        },
        "bookingDate": {
            "$ref": "#\/definitions\/bookingDate"
        },
        "cardAcceptorAddress": {
            "$ref": "#\/definitions\/address"
        },
        "cardAcceptorId": {
            "maxLength": 35,
            "type": "string"
        },
        "cardAcceptorPhone": {
            "$ref": "#\/definitions\/cardAcceptorPhone"
        },
        "cardTransactionId": {
            "$ref": "#\/definitions\/cardTransactionId"
        },
        "currencyExchange": {
            "$ref": "#\/definitions\/reportExchangeRateList"
        },
        "grandTotalAmount": {
            "allOf": [
                {
                    "$ref": "#\/definitions\/amount"
                },
                {
                    "description": "Total amount of the instalment including charges, insurance and taxes in addition to the funded amount.\n"
                }
            ]
        },
        "invoiced": {
            "type": "boolean"
        },
        "markupFee": {
            "$ref": "#\/definitions\/amount"
        },
        "markupFeePercentage": {
            "example": "0.3",
            "type": "string"
        },
        "maskedPAN": {
            "$ref": "#\/definitions\/maskedPan"
        },
        "merchantCategoryCode": {
            "$ref": "#\/definitions\/merchantCategoryCode"
        },
        "originalAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "proprietaryBankTransactionCode": {
            "$ref": "#\/definitions\/proprietaryBankTransactionCode"
        },
        "terminalId": {
            "$ref": "#\/definitions\/terminalId"
        },
        "transactionAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "transactionDate": {
            "$ref": "#\/definitions\/transactionDate"
        },
        "transactionDetails": {
            "maxLength": 1000,
            "type": "string"
        },
        "valueDate": {
            "description": "The Date at which assets become available to the account owner in case of a credit, or cease to be available to the account owner in case of a debit entry. For card transactions this is the payment due date of related booked transactions of a card. BOI Remarks - this fiels is mandatory for non pending transactions.",
            "format": "date",
            "type": "string"
        }
    },
    "required": [
        "transactionAmount"
    ],
    "type": "object"
}

cardTransactionId

Unique end to end identity.

{
    "maxLength": 35,
    "type": "string"
}

cardTransactionList

Array of transaction details.

{
    "items": {
        "$ref": "#\/definitions\/cardTransaction"
    },
    "type": "array"
}

cashAccountType

ExternalCashAccountType1Code from ISO 20022.

{
    "enum": [
        "CACC",
        "CARD",
        "LOAN",
        "SVGS"
    ],
    "type": "string"
}

combinedServiceIndicator

If "true" indicates that a payment initiation service will be addressed in the same "session".

{
    "example": false,
    "type": "boolean"
}

consentAccountReference

Reference to an account by either

IBAN, of a payment accounts, or
PAN of a card in a masked form, or
an alias to access a payment account via a registered mobile phone number (MSISDN).

BOI-REMARK: The currency of the account is needed, where the currency is an account charactaristic identifying certain sub-accounts under one external identifier like an IBAN. Once the currency wasn't defined, a specific IBAN includes all the currencies relates to this IBAN.

{
    "properties": {
        "bban": {
            "$ref": "#\/definitions\/bban"
        },
        "cashAccountType": {
            "$ref": "#\/definitions\/cashAccountType"
        },
        "currency": {
            "$ref": "#\/definitions\/consentCurrencyCode"
        },
        "iban": {
            "$ref": "#\/definitions\/iban"
        },
        "maskedPan": {
            "$ref": "#\/definitions\/maskedPan"
        },
        "msisdn": {
            "$ref": "#\/definitions\/msisdn"
        },
        "other": {
            "$ref": "#\/definitions\/otherType"
        }
    },
    "type": "object"
}

consentCurrencyCode

In the Israeli market there are 3 options for currency code in post consent for CACC-

"ILS" - consent just for the ILS local currency.
"ILY" - consent just for all foreign currencies.
empty [] - consent for all currencies.

If the user want a multicurrency consent, this field should be empty.

{
    "enum": [
        "ILS",
        "ILY"
    ],
    "example": "ILS",
    "type": "string"
}

consentId

ID of the corresponding consent object as returned by an account information consent request.

{
    "maxLength": 512,
    "type": "string"
}

consentInformationResponse-200_json

Body of the JSON response for a successfull get consent request.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksGetConsent"
        },
        "access": {
            "$ref": "#\/definitions\/accountAccess"
        },
        "consentStatus": {
            "$ref": "#\/definitions\/consentStatus"
        },
        "frequencyPerDay": {
            "$ref": "#\/definitions\/frequencyPerDay"
        },
        "lastActionDate": {
            "$ref": "#\/definitions\/lastActionDate"
        },
        "recurringIndicator": {
            "$ref": "#\/definitions\/recurringIndicator"
        },
        "validUntil": {
            "$ref": "#\/definitions\/validUntil"
        }
    },
    "required": [
        "access",
        "recurringIndicator",
        "validUntil",
        "frequencyPerDay",
        "lastActionDate",
        "consentStatus"
    ],
    "type": "object"
}

well-known

{
    "properties": {
        "issuer": {
            "type": "object",
            "example": "https:\/\/mtls-api-nonprod.discountbank.co.il"
        },
        "authorization_endpoint": {
            "type": "string",
            "example": "https:\/\/api-nonprod.discountbank.co.il\/devapi\/cert\/consent\/authorize"
        },
        "token_endpoint": {
            "type": "string",
            "example": "https:\/\/mtls-api-nonprod.discountbank.co.il\/devapi\/cert\/consent\/token"
        },
        "response_types_supported": {
            "type": "array",
            "items": {
                "type": "string"
            },
            "example": "[\"code\" ]"
        }
    },
    "additionalProperties": false
}

well-known-response

{
    "properties": {
        "response": {
            "$ref": "#\/definitions\/well-known",
            "example": "{     \"response\": {         \"issuer\": \"https:\/\/mtls-api-prod.discountbank.co.il\",         \"authorization_endpoint\":\"https:\/\/api-prod.discountbank.co.il\/devapi\/d\/consent\/authorize\",         \"token_endpoint\":\"https:\/\/mtls-api-prod.discountbank.co.il\/devapi\/d\/consent\/token\",         \"response_types_supported\": [ \"code\"]     } }"
        }
    },
    "additionalProperties": false
}

well-known-payment

{
    "properties": {
        "issuer": {
            "type": "object",
            "example": "https:\/\/mtls-api-nonprod.discountbank.co.il"
        },
        "authorization_endpoint": {
            "type": "string",
            "example": "https:\/\/api-nonprod.discountbank.co.il\/devapi\/cert\/payment\/authorize"
        },
        "token_endpoint": {
            "type": "string",
            "example": "https:\/\/mtls-api-nonprod.discountbank.co.il\/devapi\/cert\/payment\/token"
        },
        "response_types_supported": {
            "type": "array",
            "items": {
                "type": "string"
            },
            "example": "[\"code\" ]"
        }
    },
    "additionalProperties": false
}

well-known-payment-response

{
    "properties": {
        "response": {
            "$ref": "#\/definitions\/well-known",
            "example": "{     \"issuer\": \"https:\/\/mtls-api-nonprod.discountbank.co.il\",     \"authorization_endpoint\": \"https:\/\/api-nonprod.discountbank.co.il\/development\/cert-dev\/payment\/authorize\",     \"token_endpoint\": \"https:\/\/mtls-api-nonprod.discountbank.co.il\/development\/cert-dev\/payment\/token\",     \"response_types_supported\": [         \"code\"     ] }"
        }
    },
    "additionalProperties": false
}

consentStatus

This is the overall lifecycle status of the consent. BOI-REMARK: Any further codes should be cordinated in advance with BOI.

Valid values are:

'received': The consent data have been received and are technically correct. The data is not authorised yet.
'rejected': The consent data have been rejected e.g. since no successful authorisation has taken place.
'valid': The consent is accepted and valid for GET account data calls and others as specified in the consent object.
'revokedByPsu': The consent has been revoked by the PSU towards the ASPSP.
'expired': The consent expired.
'terminatedByTpp': The corresponding TPP has terminated the consent by applying the DELETE method to the consent resource.
'partiallyAuthorised': The consent is due to a multi-level authorisation, some but not all mandated authorisations have been performed yet.
'suspendedByASPSP' : The consent has been suspended by the ASPSP, according to requirements that are detailed in BOI's directive.

The ASPSP might add further codes. These codes then shall be contained in the ASPSP's documentation of the XS2A interface and has to be added to this API definition as well.

{
    "enum": [
        "received",
        "rejected",
        "valid",
        "revokedByPsu",
        "expired",
        "terminatedByTpp",
        "partiallyAuthorised",
        "suspendedByASPSP"
    ],
    "type": "string"
}

consentStatusResponse-200

Body of the JSON response for a successful get status request for a consent.

{
    "properties": {
        "consentStatus": {
            "$ref": "#\/definitions\/consentStatus"
        },
        "psuMessage": {
            "$ref": "#\/definitions\/psuMessageText"
        }
    },
    "required": [
        "consentStatus"
    ],
    "type": "object"
}

consents

Content of the body of a consent request.

{
    "properties": {
        "access": {
            "$ref": "#\/definitions\/accountAccess"
        },
        "combinedServiceIndicator": {
            "description": "If \"true\" indicates that a payment initiation service will be addressed in the same \"session\".\n",
            "example": false,
            "type": "boolean"
        },
        "frequencyPerDay": {
            "$ref": "#\/definitions\/frequencyPerDay"
        },
        "recurringIndicator": {
            "$ref": "#\/definitions\/recurringIndicator"
        },
        "validUntil": {
            "$ref": "#\/definitions\/validUntil"
        }
    },
    "required": [
        "access",
        "recurringIndicator",
        "validUntil",
        "frequencyPerDay",
        "combinedServiceIndicator"
    ],
    "type": "object"
}

consentsResponse-201

Body of the JSON response for a successful consent request.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksConsents"
        },
        "consentId": {
            "$ref": "#\/definitions\/consentId"
        },
        "consentStatus": {
            "$ref": "#\/definitions\/consentStatus"
        },
        "psuMessage": {
            "$ref": "#\/definitions\/psuMessageText"
        }
    },
    "required": [
        "consentStatus",
        "consentId",
        "_links"
    ],
    "type": "object"
}

countryCode

ISO 3166 ALPHA2 country code.

{
    "example": "SE",
    "pattern": "^[A-Z]{2}$",
    "type": "string"
}

creditorAgentName

Creditor agent name.

{
    "example": "Creditor Agent Name",
    "maxLength": 140,
    "type": "string"
}

creditorId

Identification of Creditors, e.g. a SEPA Creditor ID.

{
    "example": "Creditor Id 5678",
    "maxLength": 35,
    "type": "string"
}

creditorName

Creditor name.

{
    "example": "Creditor Name",
    "maxLength": 70,
    "type": "string"
}

creditorNameAndAddress

Creditor Name and Address in a free text field.

{
    "example": "Max Masters, Main Street 1, 12345 City, Example Country",
    "maxLength": 140,
    "type": "string"
}

currencyCode

ISO 4217 Alpha 3 currency code. BOI REMARK - XXX for multicurrency account.

{
    "example": "EUR",
    "pattern": "^[A-Z]{3}$",
    "type": "string"
}

dayOfExecution

Day of execution as string.

This string consists of up two characters. Leading zeroes are not allowed.

31 is ultimo of the month.

{
    "enum": [
        "1",
        "2",
        "3",
        "4",
        "5",
        "6",
        "7",
        "8",
        "9",
        "10",
        "11",
        "12",
        "13",
        "14",
        "15",
        "16",
        "17",
        "18",
        "19",
        "20",
        "21",
        "22",
        "23",
        "24",
        "25",
        "26",
        "27",
        "28",
        "29",
        "30",
        "31"
    ],
    "maxLength": 2,
    "type": "string"
}

debtorId

Debtor Id.

{
    "example": "Debtor Id 1234",
    "maxLength": 35,
    "type": "string"
}

debtorName

Debtor name.

{
    "example": "Debtor Name",
    "maxLength": 70,
    "type": "string"
}

displayName

Name of the account as defined by the PSU within online channels.

{
    "maxLength": 70,
    "type": "string"
}

endDate

The last applicable day of execution. If not given, it is an infinite standing order.

{
    "format": "date",
    "type": "string"
}

entryDetails

Might be used by the ASPSP to transport details about transactions within a batch.

{
    "items": {
        "$ref": "#\/definitions\/EntryDetailsElement"
    },
    "type": "array"
}

entryReference

Is the identification of the transaction as used e.g. for reference for deltafunction on application level. The same identification as for example used within camt.05x messages.

{
    "maxLength": 35,
    "type": "string"
}

executionRule

"following" or "preceding" supported as values. This data attribute defines the behaviour when recurring payment dates falls on a weekend or bank holiday. The payment is then executed either the "preceding" or "following" working day. ASPSP might reject the request due to the communicated value, if rules in Online-Banking are not supporting this execution rule.

{
    "enum": [
        "following",
        "preceding"
    ],
    "type": "string"
}

frequencyCode

The following codes from the "EventFrequency7Code" of ISO 20022 are supported:

"Daily"
"Weekly"
"EveryTwoWeeks"
"Monthly"
"EveryTwoMonths"
"Quarterly"
"SemiAnnual"
"Annual"
"MonthlyVariable"

{
    "enum": [
        "Daily",
        "Weekly",
        "EveryTwoWeeks",
        "Monthly",
        "EveryTwoMonths",
        "Quarterly",
        "SemiAnnual",
        "Annual",
        "MonthlyVariable"
    ],
    "type": "string"
}

frequencyPerDay

This field indicates the requested maximum frequency for an access without PSU involvement per day. For a one-off access, this attribute is set to "1".

The frequency needs to be greater equal to one.

If not otherwise agreed bilaterally between TPP and ASPSP, the frequency is less equal to 4.

{
    "enum": [
        100
    ],
    "example": 100,
    "type": "integer"
}

fundsAvailable

Equals true if sufficient funds are available at the time of the request, false otherwise.

This datalemenet is allways contained in a confirmation of funds response.

This data element is contained in a payment status response, if supported by the ASPSP, if a funds check has been performed and if the transactionStatus is "ACTC", "ACWC" or "ACCP".

{
    "type": "boolean"
}

hrefEntry

Link to a resource.

{
    "example": "\/v1\/payments\/sepa-credit-transfers\/1234-wertiq-983",
    "type": "string"
}

hrefType

Link to a resource.

{
    "properties": {
        "href": {
            "$ref": "#\/definitions\/hrefEntry"
        }
    },
    "type": "object"
}

iban

IBAN of an account.

{
    "example": "FR7612345987650123456789014",
    "pattern": "^[A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30}$",
    "type": "string"
}

lastActionDate

This date is containing the date of the last action on the consent object either through the XS2A interface or the PSU/ASPSP interface having an impact on the status.

{
    "example": "2018-07-01",
    "format": "date",
    "type": "string"
}

maskedPan

Masked Primary Account Number.

{
    "example": "123456xxxxxx1234",
    "maxLength": 35,
    "type": "string"
}

merchantCategoryCode

Merchant category code.

{
    "maxLength": 4,
    "minLength": 4,
    "type": "string"
}

monthsOfExecution

The format is following the regular expression \d{1,2}. The array is restricted to 11 entries. The values contained in the array entries shall all be different and the maximum value of one entry is 12. This attribute is contained if and only if the frequency equals "MonthlyVariable". Example: An execution on January, April and October each year is addressed by ["1", "4", "10"].

{
    "items": {
        "enum": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12"
        ],
        "maxLength": 2,
        "type": "string"
    },
    "maxItems": 11,
    "type": "array"
}

msisdn

Mobile phone number.

{
    "example": "+49 170 1234567",
    "maxLength": 35,
    "type": "string"
}

otherType

In cases where the specifically defined criteria (IBAN, BBAN, MSISDN) are not provided to identify an instance of the respective account type (e.g. a savings account), the ASPSP shall include a proprietary ID of the respective account that uniquely identifies the account for this ASPSP.

{
    "properties": {
        "identification": {
            "description": "Proprietary identification of the account.",
            "maxLength": 35,
            "type": "string"
        },
        "issuer": {
            "description": "Issuer of the identification.",
            "maxLength": 35,
            "type": "string"
        },
        "schemeNameCode": {
            "description": "An entry provided by an external ISO code list.",
            "maxLength": 35,
            "type": "string"
        },
        "schemeNameProprietary": {
            "description": "A scheme name defined in a proprietary way.",
            "maxLength": 35,
            "type": "string"
        }
    },
    "required": [
        "identification"
    ],
    "type": "object"
}

ownerName

Name of the legal account owner. If there is more than one owner, then e.g. two names might be noted here.

For a corporate account, the corporate name is used for this attribute. Even if supported by the ASPSP, the provision of this field might depend on the fact whether an explicit consent to this specific additional account information has been given by the PSU.

{
    "example": "John Doe",
    "maxLength": 140,
    "type": "string"
}

paymentId

Resource identification of the generated payment initiation resource.

{
    "example": "1234-wertiq-983",
    "type": "string"
}

paymentInitationRequestResponse-201

Body of the response for a successful payment initiation request.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksPaymentInitiation"
        },
        "currencyConversionFee": {
            "$ref": "#\/definitions\/amount"
        },
        "estimatedInterbankSettlementAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "estimatedTotalAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "paymentId": {
            "$ref": "#\/definitions\/paymentId"
        },
        "psuMessage": {
            "$ref": "#\/definitions\/psuMessageText"
        },
        "tppMessages": {
            "items": {
                "$ref": "#\/definitions\/tppMessage201PaymentInitiation"
            },
            "type": "array"
        },
        "transactionFeeIndicator": {
            "$ref": "#\/definitions\/transactionFeeIndicator"
        },
        "transactionFees": {
            "$ref": "#\/definitions\/amount"
        },
        "transactionStatus": {
            "$ref": "#\/definitions\/transactionStatus"
        }
    },
    "required": [
        "transactionStatus",
        "paymentId",
        "_links"
    ],
    "type": "object"
}

paymentInitiationBulkElement_json

Generic body for a bulk payment initation entry.

The bulk entry type is a type which follows the JSON formats for the supported products for single payments excluding the data elements (if supported):

debtorAccount
requestedExecutionDate,
requestedExecutionTime. These data elements may not be contained in any bulk entry.

This data object can be used to represent valid bulk payment initiations entry for the following JSON based payment product, which where defined in the Implementation Guidelines:

masav
zahav
FP

For the convenience of the implementer additional which are already predefinded in the Implementation Guidelines are included (but commented in source code), such that an ASPSP may add them easily.

Take care: Since the format is intended to fit for all payment products there are additional conditions which are NOT covered by this specification. Please check the Implementation Guidelines for detailes.

The following data element are depending on the actual payment product available (in source code):

Address

</td></tr>

Data Element	Type	masav	zahav	fp
endToEndIdentification	Max35Text	optional	optional	optional
debtorAccount	Account Reference	mandatory	mandatory	mandatory
debtorId	Max35Text	n.a.	n.a.	n.a.
ultimateDebtor	Max70Text	n.a.	n.a.	n.a.
instructedAmount	Amount	mandatory	mandatory	mandatory
CurrencyOfTransfer	CurrencyCode	n.a.	n.a.	n.a.
exchangeRateInformation	Payment Exchange Rate	n.a.	n.a.	n.a.
creditorAccount	Account Reference	mandatory	mandatory	mandatory
creditorAgent	BICFI	optional	optional	optional
creditorAgentName	Max140Text	n.a.	n.a.	n.a.
creditorName	Max70Text	mandatory	mandatory	mandatory
creditorId	Max35Text	n.a.	n.a.	n.a.
creditorAddress	optional	optional	optional
creditorNameAndAddress	Max140Text	n.a.	n.a.	n.a.
ultimateCreditor	Max70Text	n.a.	n.a.	n.a.
purposeCode	Purpose Code	n.a.	n.a.	n.a.
chargeBearer	Charge Bearer	n.a.	n.a.	n.a.
serviceLevel	Service Level Code	n.a.	n.a.	n.a.
remittanceInformationUnstructured	Max28Text	mandatory	mandatory	mandatory
remittanceInformationUnstructuredArray	Array of Max140Text	n.a.	n.a.	n.a.
remittanceInformationStructured	Remmitance	n.a.	n.a.	n.a.
requestedExecutionDate	ISODate	n.a.	n.a.	n.a.
requestedExecutionTime	ISODateTime	n.a.	n.a.	n.a.

IMPORTANT: In this API definition the following holds:

All data elements mentioned above are defined, but some of them are commented,

i.e. they are only visible in the source code and can be used by uncommenting them.

Data elements which are mandatory in the table above for all payment products are set to be mandatory in this specification.
Data elements which are indicated in the table above as n.a. for all payment products are commented in the source code.
Data elements which are indicated to be option, conditional or mandatory for at least one payment product in the table above are set to be optional in the s specification except the case where all are definde to be mandatory.
Data element which are inticated to be n.a. can be used by the ASPS if needed. In this case uncomment tthe the relatetd lines in the source code.
If one uses this data types for some payment products he has to ensure that the used data type is valid according to the underlying payment product, e.g. by some appropriate validations.

{
    "properties": {
        "creditorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "creditorAddress": {
            "$ref": "#\/definitions\/address"
        },
        "creditorAgent": {
            "$ref": "#\/definitions\/bicfi"
        },
        "creditorAgentName": {
            "$ref": "#\/definitions\/creditorAgentName"
        },
        "creditorName": {
            "$ref": "#\/definitions\/creditorName"
        },
        "endToEndIdentification": {
            "maxLength": 35,
            "type": "string"
        },
        "instructedAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "remittanceInformationUnstructured": {
            "$ref": "#\/definitions\/remittanceInformationUnstructured"
        }
    },
    "required": [
        "instructedAmount",
        "creditorAccount",
        "creditorName"
    ],
    "type": "object"
}

paymentInitiationCancelResponse-202

Body of the response for a successful cancel payment request.

{
    "properties": {
        "transactionStatus": {
            "$ref": "#\/definitions\/transactionStatus"
        }
    },
    "required": [
        "transactionStatus"
    ],
    "type": "object"
}

paymentInitiationStatusResponse-200_json

Body of the response for a successful payment initiation status request in case of an JSON based endpoint. Remark: If the PSU does not complete a required SCA within the required timeframe the payment resource's status must be set to "RJCT". Particularly, if a multi-level-SCA is required and the number of successful SCAs during the required timeframe is insufficient, the status must also be set to "RJCT".

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksPaymentInitiationStatus"
        },
        "fundsAvailable": {
            "$ref": "#\/definitions\/fundsAvailable"
        },
        "psuMessage": {
            "$ref": "#\/definitions\/psuMessageText"
        },
        "tppMessage": {
            "description": "Messages to the TPP on operational issues.",
            "items": {
                "$ref": "#\/definitions\/tppMessageGeneric"
            },
            "type": "array"
        },
        "transactionStatus": {
            "$ref": "#\/definitions\/transactionStatus"
        }
    },
    "required": [
        "transactionStatus"
    ],
    "type": "object"
}

paymentInitiationWithStatusResponse

Generic JSON response body consistion of the corresponding payment initation JSON body together with an optional transaction status field.

{
    "properties": {
        "creditorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "creditorAddress": {
            "$ref": "#\/definitions\/address"
        },
        "creditorAgent": {
            "$ref": "#\/definitions\/bicfi"
        },
        "creditorName": {
            "$ref": "#\/definitions\/creditorName"
        },
        "debtorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "endToEndIdentification": {
            "maxLength": 35,
            "type": "string"
        },
        "instructedAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "remittanceInformationUnstructured": {
            "$ref": "#\/definitions\/remittanceInformationUnstructured"
        },
        "tppMessage": {
            "description": "Messages to the TPP on operational issues.",
            "items": {
                "$ref": "#\/definitions\/tppMessageGeneric"
            },
            "type": "array"
        },
        "transactionStatus": {
            "$ref": "#\/definitions\/transactionStatus"
        }
    },
    "required": [
        "debtorAccount",
        "instructedAmount",
        "creditorAccount",
        "creditorName"
    ],
    "type": "object"
}

paymentInitiation_json

Generic Body for a payment initation via JSON.

This generic JSON body can be used to represent valid payment initiations for the following JSON based payment product, which where defined in the Implementation Guidelines:

masav
zahav
FP

For the convenience of the implementer additional which are already predefinded in the Implementation Guidelines are included (but commented in source code), such that an ASPSP may add them easily.

The following data element are depending on the actual payment product available (in source code):

Address

</td></tr>

Data Element	Type	masav	zahav	fp
endToEndIdentification	Max35Text	optional	optional	optional
debtorAccount	Account Reference	mandatory	mandatory	mandatory
debtorId	Max35Text	n.a.	n.a.	n.a.
ultimateDebtor	Max70Text	n.a.	n.a.	n.a.
instructedAmount	Amount	mandatory	mandatory	mandatory
CurrencyOfTransfer	CurrencyCode	n.a.	n.a.	n.a.
exchangeRateInformation	Payment Exchange Rate	n.a.	n.a.	n.a.
creditorAccount	Account Reference	mandatory	mandatory	mandatory
creditorAgent	BICFI	optional	optional	optional
creditorAgentName	Max140Text	n.a.	n.a.	n.a.
creditorName	Max70Text	mandatory	mandatory	mandatory
creditorId	Max35Text	n.a.	n.a.	n.a.
creditorAddress	optional	optional	optional
creditorNameAndAddress	Max140Text	n.a.	n.a.	n.a.
ultimateCreditor	Max70Text	n.a.	n.a.	n.a.
purposeCode	Purpose Code	n.a.	n.a.	n.a.
chargeBearer	Charge Bearer	n.a.	n.a.	n.a.
serviceLevel	Service Level Code	n.a.	n.a.	n.a.
remittanceInformationUnstructured	Max140Text	mandatory	mandatory	mandatory
remittanceInformationUnstructuredArray	Array of Max140Text	n.a.	n.a.	n.a.
remittanceInformationStructured	Remmitance	n.a.	n.a.	n.a.
requestedExecutionDate	ISODate	n.a.	n.a.	n.a.
requestedExecutionTime	ISODateTime	n.a.	n.a.	n.a.

IMPORTANT: In this API definition the following holds:

All data elements mentioned above are defined, but some of them are commented,

i.e. they are only visible in the source code and can be used by uncommenting them.

Data elements which are mandatory in the table above for all payment products are set to be mandatory in this specification.
Data elements which are indicated in the table above as n.a. for all payment products are commented in the source code.
Data elements which are indicated to be option, conditional or mandatory for at least one payment product in the table above are set to be optional in the s specification except the case where all are definde to be mandatory.
Data element which are inticated to be n.a. can be used by the ASPS if needed. In this case uncomment tthe the relatetd lines in the source code.
If one uses this data types for some payment products he has to ensure that the used data type is valid according to the underlying payment product, e.g. by some appropriate validations.

{
    "properties": {
        "creditorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "creditorAddress": {
            "$ref": "#\/definitions\/address"
        },
        "creditorAgent": {
            "$ref": "#\/definitions\/bicfi"
        },
        "creditorAgentName": {
            "$ref": "#\/definitions\/creditorAgentName"
        },
        "creditorName": {
            "$ref": "#\/definitions\/creditorName"
        },
        "debtorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "endToEndIdentification": {
            "maxLength": 35,
            "type": "string"
        },
        "instructedAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "remittanceInformationUnstructured": {
            "$ref": "#\/definitions\/remittanceInformationUnstructured"
        }
    },
    "required": [
        "debtorAccount",
        "instructedAmount",
        "creditorAccount",
        "creditorName",
        "remittanceInformationUnstructured"
    ],
    "type": "object"
}

periodicPaymentInitiationWithStatusResponse

Generic JSON response body consistion of the corresponding periodic payment initation JSON body together with an optional transaction status field.

{
    "properties": {
        "creditorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "creditorAddress": {
            "$ref": "#\/definitions\/address"
        },
        "creditorAgent": {
            "$ref": "#\/definitions\/bicfi"
        },
        "creditorName": {
            "$ref": "#\/definitions\/creditorName"
        },
        "dayOfExecution": {
            "$ref": "#\/definitions\/dayOfExecution"
        },
        "debtorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "endDate": {
            "$ref": "#\/definitions\/endDate"
        },
        "endToEndIdentification": {
            "maxLength": 35,
            "type": "string"
        },
        "executionRule": {
            "$ref": "#\/definitions\/executionRule"
        },
        "frequency": {
            "$ref": "#\/definitions\/frequencyCode"
        },
        "instructedAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "remittanceInformationUnstructured": {
            "$ref": "#\/definitions\/remittanceInformationUnstructured"
        },
        "startDate": {
            "$ref": "#\/definitions\/startDate"
        },
        "tppMessage": {
            "description": "Messages to the TPP on operational issues.",
            "items": {
                "$ref": "#\/definitions\/tppMessageGeneric"
            },
            "type": "array"
        },
        "transactionStatus": {
            "$ref": "#\/definitions\/transactionStatus"
        }
    },
    "required": [
        "debtorAccount",
        "instructedAmount",
        "creditorAccount",
        "creditorName",
        "startDate",
        "frequency"
    ],
    "type": "object"
}

periodicPaymentInitiation_json

Generic Body for a periodic payment initation via JSON.

This generic JSON body can be used to represent valid periodic payment initiations for the following JSON based payment product, which where defined in the Implementation Guidelines:

masav
zahav
FP

For the convenience of the implementer additional which are already predefinded in the Implementation Guidelines are included (but commented in source code), such that an ASPSP may add them easily.

The following data element are depending on the actual payment product available (in source code):

Address

</td></tr>

Data Element	Type	masav	zahav	fp
endToEndIdentification	Max35Text	optional	optional	optional
debtorAccount	Account Reference	mandatory	mandatory	mandatory
debtorId	Max35Text	n.a.	n.a.	n.a.
ultimateDebtor	Max70Text	n.a.	n.a.	n.a.
instructedAmount	Amount	mandatory	mandatory	mandatory
CurrencyOfTransfer	CurrencyCode	n.a.	n.a.	n.a.
exchangeRateInformation	Payment Exchange Rate	n.a.	n.a.	n.a.
creditorAccount	Account Reference	mandatory	mandatory	mandatory
creditorAgent	BICFI	optional	optional	optional
creditorAgentName	Max140Text	n.a.	n.a.	n.a.
creditorName	Max70Text	mandatory	mandatory	mandatory
creditorId	Max35Text	n.a.	n.a.	n.a.
creditorAddress	optional	optional	optional
creditorNameAndAddress	Max140Text	n.a.	n.a.	n.a.
ultimateCreditor	Max70Text	n.a.	n.a.	n.a.
purposeCode	Purpose Code	n.a.	n.a.	n.a.
chargeBearer	Charge Bearer	n.a.	n.a.	n.a.
serviceLevel	Service Level Code	n.a.	n.a.	n.a.
remittanceInformationUnstructured	Max140Text	mandatory	mandatory	mandatory
remittanceInformationUnstructuredArray	Array of Max140Text	n.a.	n.a.	n.a.
remittanceInformationStructured	Remmitance	n.a.	n.a.	n.a.
requestedExecutionDate	ISODate	n.a.	n.a.	n.a.
requestedExecutionTime	ISODateTime	n.a.	n.a.	n.a.

IMPORTANT: In this API definition the following holds:

All data elements mentioned above are defined, but some of them are commented,

i.e. they are only visible in the source code and can be used by uncommenting them.

Data elements which are mandatory in the table above for all payment products are set to be mandatory in this specification.
Data elements which are indicated in the table above as n.a. for all payment products are commented in the source code.
Data elements which are indicated to be option, conditional or mandatory for at least one payment product in the table above are set to be optional in the s specification except the case where all are definde to be mandatory.
Data element which are inticated to be n.a. can be used by the ASPS if needed. In this case uncomment tthe the relatetd lines in the source code.
If one uses this data types for some payment products he has to ensure that the used data type is valid according to the underlying payment product, e.g. by some appropriate validations.

{
    "properties": {
        "creditorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "creditorAddress": {
            "$ref": "#\/definitions\/address"
        },
        "creditorAgent": {
            "$ref": "#\/definitions\/bicfi"
        },
        "creditorName": {
            "$ref": "#\/definitions\/creditorName"
        },
        "dayOfExecution": {
            "$ref": "#\/definitions\/dayOfExecution"
        },
        "debtorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "endDate": {
            "$ref": "#\/definitions\/endDate"
        },
        "endToEndIdentification": {
            "maxLength": 35,
            "type": "string"
        },
        "executionRule": {
            "$ref": "#\/definitions\/executionRule"
        },
        "frequency": {
            "$ref": "#\/definitions\/frequencyCode"
        },
        "instructedAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "monthsOfExecution": {
            "$ref": "#\/definitions\/monthsOfExecution"
        },
        "remittanceInformationUnstructured": {
            "$ref": "#\/definitions\/remittanceInformationUnstructured"
        },
        "startDate": {
            "$ref": "#\/definitions\/startDate"
        }
    },
    "required": [
        "debtorAccount",
        "instructedAmount",
        "creditorAccount",
        "creditorName",
        "startDate",
        "frequency"
    ],
    "type": "object"
}

proprietaryBankTransactionCode

Proprietary bank transaction code as used within a community or within an ASPSP e.g. for MT94x based transaction reports.

{
    "maxLength": 35,
    "type": "string"
}

psuMessageText

Text to be displayed to the PSU.

{
    "maxLength": 500,
    "type": "string"
}

purposeCode

ExternalPurpose1Code from ISO 20022.

Values from ISO 20022 External Code List ExternalCodeSets_1Q2018 June 2018.

{
    "enum": [
        "BKDF",
        "BKFE",
        "BKFM",
        "BKIP",
        "BKPP",
        "CBLK",
        "CDCB",
        "CDCD",
        "CDCS",
        "CDDP",
        "CDOC",
        "CDQC",
        "ETUP",
        "FCOL",
        "MTUP",
        "ACCT",
        "CASH",
        "COLL",
        "CSDB",
        "DEPT",
        "INTC",
        "LIMA",
        "NETT",
        "BFWD",
        "CCIR",
        "CCPC",
        "CCPM",
        "CCSM",
        "CRDS",
        "CRPR",
        "CRSP",
        "CRTL",
        "EQPT",
        "EQUS",
        "EXPT",
        "EXTD",
        "FIXI",
        "FWBC",
        "FWCC",
        "FWSB",
        "FWSC",
        "MARG",
        "MBSB",
        "MBSC",
        "MGCC",
        "MGSC",
        "OCCC",
        "OPBC",
        "OPCC",
        "OPSB",
        "OPSC",
        "OPTN",
        "OTCD",
        "REPO",
        "RPBC",
        "RPCC",
        "RPSB",
        "RPSC",
        "RVPO",
        "SBSC",
        "SCIE",
        "SCIR",
        "SCRP",
        "SHBC",
        "SHCC",
        "SHSL",
        "SLEB",
        "SLOA",
        "SWBC",
        "SWCC",
        "SWPT",
        "SWSB",
        "SWSC",
        "TBAS",
        "TBBC",
        "TBCC",
        "TRCP",
        "AGRT",
        "AREN",
        "BEXP",
        "BOCE",
        "COMC",
        "CPYR",
        "GDDS",
        "GDSV",
        "GSCB",
        "LICF",
        "MP2B",
        "POPE",
        "ROYA",
        "SCVE",
        "SERV",
        "SUBS",
        "SUPP",
        "TRAD",
        "CHAR",
        "COMT",
        "MP2P",
        "ECPG",
        "ECPR",
        "ECPU",
        "EPAY",
        "CLPR",
        "COMP",
        "DBTC",
        "GOVI",
        "HLRP",
        "HLST",
        "INPC",
        "INPR",
        "INSC",
        "INSU",
        "INTE",
        "LBRI",
        "LIFI",
        "LOAN",
        "LOAR",
        "PENO",
        "PPTI",
        "RELG",
        "RINP",
        "TRFD",
        "FORW",
        "FXNT",
        "ADMG",
        "ADVA",
        "BCDM",
        "BCFG",
        "BLDM",
        "BNET",
        "CBFF",
        "CBFR",
        "CCRD",
        "CDBL",
        "CFEE",
        "CGDD",
        "CORT",
        "COST",
        "CPKC",
        "DCRD",
        "DSMT",
        "DVPM",
        "EDUC",
        "FACT",
        "FAND",
        "FCPM",
        "FEES",
        "GOVT",
        "ICCP",
        "IDCP",
        "IHRP",
        "INSM",
        "IVPT",
        "MCDM",
        "MCFG",
        "MSVC",
        "NOWS",
        "OCDM",
        "OCFG",
        "OFEE",
        "OTHR",
        "PADD",
        "PTSP",
        "RCKE",
        "RCPT",
        "REBT",
        "REFU",
        "RENT",
        "REOD",
        "RIMB",
        "RPNT",
        "RRBN",
        "RVPM",
        "SLPI",
        "SPLT",
        "STDY",
        "TBAN",
        "TBIL",
        "TCSC",
        "TELI",
        "TMPG",
        "TPRI",
        "TPRP",
        "TRNC",
        "TRVC",
        "WEBI",
        "ANNI",
        "CAFI",
        "CFDI",
        "CMDT",
        "DERI",
        "DIVD",
        "FREX",
        "HEDG",
        "INVS",
        "PRME",
        "SAVG",
        "SECU",
        "SEPI",
        "TREA",
        "UNIT",
        "FNET",
        "FUTR",
        "ANTS",
        "CVCF",
        "DMEQ",
        "DNTS",
        "HLTC",
        "HLTI",
        "HSPC",
        "ICRF",
        "LTCF",
        "MAFC",
        "MARF",
        "MDCS",
        "VIEW",
        "CDEP",
        "SWFP",
        "SWPP",
        "SWRS",
        "SWUF",
        "ADCS",
        "AEMP",
        "ALLW",
        "ALMY",
        "BBSC",
        "BECH",
        "BENE",
        "BONU",
        "CCHD",
        "COMM",
        "CSLP",
        "GFRP",
        "GVEA",
        "GVEB",
        "GVEC",
        "GVED",
        "GWLT",
        "HREC",
        "PAYR",
        "PEFC",
        "PENS",
        "PRCP",
        "RHBS",
        "SALA",
        "SSBE",
        "LBIN",
        "LCOL",
        "LFEE",
        "LMEQ",
        "LMFI",
        "LMRK",
        "LREB",
        "LREV",
        "LSFL",
        "ESTX",
        "FWLV",
        "GSTX",
        "HSTX",
        "INTX",
        "NITX",
        "PTXP",
        "RDTX",
        "TAXS",
        "VATX",
        "WHLD",
        "TAXR",
        "B112",
        "BR12",
        "TLRF",
        "TLRR",
        "AIRB",
        "BUSB",
        "FERB",
        "RLWY",
        "TRPT",
        "CBTV",
        "ELEC",
        "ENRG",
        "GASB",
        "NWCH",
        "NWCM",
        "OTLC",
        "PHON",
        "UBIL",
        "WTER"
    ],
    "type": "string"
}

readAccountBalanceResponse-200

Body of the response for a successful read balance for an account request.

{
    "properties": {
        "account": {
            "$ref": "#\/definitions\/accountReference"
        },
        "balances": {
            "$ref": "#\/definitions\/balanceList"
        }
    },
    "required": [
        "account",
        "balances"
    ],
    "type": "object"
}

readCardAccountBalanceResponse-200

Body of the response for a successful read balance for a card account request.

{
    "properties": {
        "balances": {
            "$ref": "#\/definitions\/balanceList"
        },
        "cardAccount": {
            "$ref": "#\/definitions\/accountReference"
        }
    },
    "required": [
        "balances"
    ],
    "type": "object"
}

recurringIndicator

"true", if the consent is for recurring access to the account data.

"false", if the consent is for one access to the account data. BOI Remarks: If false it means that the consent is valid for two hours from the moment of sending GET call (except get consent request and get consent status).

{
    "example": false,
    "type": "boolean"
}

remittanceInformationUnstructured

Unstructured remittance information.

{
    "example": "Ref Number Merchant",
    "maxLength": 140,
    "type": "string"
}

remittanceInformationUnstructuredArray

Array of unstructured remittance information.

{
    "example": [
        "Ref Number Merchant",
        "Some Other Text"
    ],
    "items": {
        "$ref": "#\/definitions\/remittanceInformationUnstructured"
    },
    "type": "array"
}

reportExchangeRate

Exchange Rate.

{
    "properties": {
        "contractIdentification": {
            "maxLength": 35,
            "type": "string"
        },
        "exchangeRate": {
            "type": "string"
        },
        "quotationDate": {
            "format": "date",
            "type": "string"
        },
        "sourceCurrency": {
            "$ref": "#\/definitions\/currencyCode"
        },
        "targetCurrency": {
            "$ref": "#\/definitions\/currencyCode"
        },
        "unitCurrency": {
            "$ref": "#\/definitions\/currencyCode"
        }
    },
    "required": [
        "sourceCurrency",
        "exchangeRate",
        "unitCurrency",
        "targetCurrency",
        "quotationDate"
    ],
    "type": "object"
}

reportExchangeRateList

Array of exchange rates.

{
    "items": {
        "$ref": "#\/definitions\/reportExchangeRate"
    },
    "type": "array"
}

scaAuthenticationData

SCA authentication data, depending on the chosen authentication method. If the data is binary, then it is base64 encoded.

{
    "type": "string"
}

scaStatus

This data element is containing information about the status of the SCA method applied.

The following codes are defined for this data type.

'received': An authorisation or cancellation-authorisation resource has been created successfully.
'psuIdentified': The PSU related to the authorisation or cancellation-authorisation resource has been identified.
'psuAuthenticated': The PSU related to the authorisation or cancellation-authorisation resource has been identified and authenticated e.g. by a password or by an access token.
'unconfirmed': SCA is technically successfully finalised by the PSU, but the authorisation resource needs a confirmation command by the TPP yet.
'started': The addressed SCA routine has been started.
'finalised': The SCA routine has been finalised successfully (including a potential confirmation command). This is a final status of the authorisation resource.
'failed': The SCA routine failed. This is a final status of the authorisation resource.
'exempted': SCA was exempted for the related transaction, the related authorisation is successful. This is a final status of the authorisation resource.

{
    "enum": [
        "received",
        "psuIdentified",
        "psuAuthenticated",
        "started",
        "unconfirmed",
        "finalised",
        "failed",
        "exempted"
    ],
    "example": "psuAuthenticated",
    "type": "string"
}

scaStatusAuthorisationConfirmation

This data element is containing information about the status of the SCA method in an authorisation confirmation response.

The following codes are defined for this data type.

'finalised': if the transaction authorisation and confirmation was successfule.
'failed': if the transaction authorisation or confirmation was not successful.

{
    "enum": [
        "finalised",
        "failed"
    ],
    "type": "string"
}

scaStatusResponse

Body of the JSON response with SCA Status.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksAll"
        },
        "psuMessage": {
            "$ref": "#\/definitions\/psuMessageText"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/scaStatus"
        },
        "tppMessage": {
            "description": "Messages to the TPP on operational issues.",
            "items": {
                "$ref": "#\/definitions\/tppMessageGeneric"
            },
            "type": "array"
        },
        "trustedBeneficiaryFlag": {
            "$ref": "#\/definitions\/trustedBeneficiaryFlag"
        }
    },
    "required": [
        "scaStatus"
    ],
    "type": "object"
}

selectPsuAuthenticationMethod

Content of the body of a Select PSU authentication method request

{
    "properties": {
        "authenticationMethodId": {
            "$ref": "#\/definitions\/authenticationMethodId"
        }
    },
    "required": [
        "authenticationMethodId"
    ],
    "type": "object"
}

selectPsuAuthenticationMethodResponse

Body of the JSON response for a successful select PSU authentication method request.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksSelectPsuAuthenticationMethod"
        },
        "currencyConversionFees": {
            "$ref": "#\/definitions\/amount"
        },
        "estimatedInterbankSettlementAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "estimatedTotalAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "psuMessage": {
            "$ref": "#\/definitions\/psuMessageText"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/scaStatus"
        },
        "transactionFees": {
            "$ref": "#\/definitions\/amount"
        }
    },
    "required": [
        "scaStatus"
    ],
    "type": "object"
}

standingOrderDetails

Details of underlying standing orders.

{
    "properties": {
        "endDate": {
            "$ref": "#\/definitions\/endDate"
        },
        "executionRule": {
            "$ref": "#\/definitions\/executionRule"
        },
        "frequency": {
            "$ref": "#\/definitions\/frequencyCode"
        },
        "startDate": {
            "$ref": "#\/definitions\/startDate"
        },
        "withinAMonthFlag": {
            "description": "This element is only used in case of frequency equals \"Monthly\".\n\nIf this element equals false it has no effect.\nIf this element equals true, then the execution rule is overruled if the day of execution would fall into a different month using the execution rule.\n\nExample: executionRule equals \"preceding\", dayOfExecution equals \"02\" and the second of a month is a Sunday.\nIn this case, the transaction date would be on the last day of the month before.\n This would be overruled if withinAMonthFlag equals true and the payment is processed on Monday the third of the Month.\nRemark: This attribute is rarely supported in the market.\n",
            "type": "boolean"
        }
    },
    "required": [
        "startDate",
        "frequency"
    ],
    "type": "object"
}

startDate

The first applicable day of execution starting from this date is the first payment.

{
    "format": "date",
    "type": "string"
}

startScaprocessResponse

Body of the JSON response for a Start SCA authorisation request.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksStartScaProcess"
        },
        "authorisationId": {
            "$ref": "#\/definitions\/authorisationId"
        },
        "psuMessage": {
            "$ref": "#\/definitions\/psuMessageText"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/scaStatus"
        }
    },
    "required": [
        "scaStatus",
        "authorisationId",
        "_links"
    ],
    "type": "object"
}

terminalId

Identification of the Terminal, where the card has been used.

{
    "maxLength": 35,
    "type": "string"
}

tppErrorDetail

Detailed human readable text specific to this instance of the error. XPath might be used to point to the issue generating the error in addition. Remark for Future: In future, a dedicated field might be introduced for the XPath.

{
    "maxLength": 500,
    "type": "string"
}

tppErrorTitle

Short human readable description of error type. Could be in local language. To be provided by ASPSPs.

{
    "maxLength": 70,
    "type": "string"
}

tppMessage201PaymentInitiation

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode201PaymentInitiation"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage2XX

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode2XX"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage400_AIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode400_AIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage400_PIIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode400_PIIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage400_PIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode400_PIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage400_SBS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode400_SBS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage401_AIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode401_AIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage401_PIIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode401_PIIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage401_PIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode401_PIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage401_SBS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode401_SBS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage403_AIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode403_AIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage403_PIIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode403_PIIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage403_PIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode403_PIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage403_SBS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode403_SBS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage404_AIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode404_AIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage404_PIIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode404_PIIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage404_PIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode404_PIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage404_SBS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode404_SBS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage405_AIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode405_AIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage405_PIIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode405_PIIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage405_PIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode405_PIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage405_PIS_CANC

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode405_PIS_CANC"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage405_SBS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode405_SBS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage406_AIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode406_AIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage409_AIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode409_AIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage409_PIIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode409_PIIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage409_PIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode409_PIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage409_SBS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode409_SBS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessage429_AIS

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode429_AIS"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessageCategory

Category of the TPP message category.

{
    "enum": [
        "ERROR",
        "WARNING"
    ],
    "type": "string"
}

tppMessageGeneric

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessageInitiationStatusResponse-200

{
    "properties": {
        "category": {
            "$ref": "#\/definitions\/tppMessageCategory"
        },
        "code": {
            "$ref": "#\/definitions\/MessageCode200InitiationStatus"
        },
        "path": {
            "type": "string"
        },
        "text": {
            "$ref": "#\/definitions\/tppMessageText"
        }
    },
    "required": [
        "category",
        "code"
    ],
    "type": "object"
}

tppMessageText

Additional explaining text to the TPP.

{
    "maxLength": 500,
    "type": "string"
}

transactionAuthorisation

Content of the body of a transaction authorisation request

{
    "properties": {
        "scaAuthenticationData": {
            "$ref": "#\/definitions\/scaAuthenticationData"
        }
    },
    "required": [
        "scaAuthenticationData"
    ],
    "type": "object"
}

transactionDate

Date of the actual card transaction.

{
    "format": "date",
    "type": "string"
}

transactionDetailsBody

Transaction details.

{
    "properties": {
        "transactionDetails": {
            "$ref": "#\/definitions\/transactions"
        }
    },
    "required": [
        "transactionDetails"
    ],
    "type": "object"
}

transactionFeeIndicator

If equals 'true', the transaction will involve specific transaction cost as shown by the ASPSP in their public price list or as agreed between ASPSP and PSU. If equals 'false', the transaction will not involve additional specific transaction costs to the PSU unless the fee amount is given specifically in the data elements transactionFees and/or currencyConversionFees. If this data element is not used, there is no information about transaction fees unless the fee amount is given explicitly in the data element transactionFees and/or currencyConversionFees.

{
    "type": "boolean"
}

transactionId

This identification is given by the attribute transactionId of the corresponding entry of a transaction list.

{
    "example": "3dc3d5b3-7023-4848-9853-f5400a64e80f",
    "type": "string"
}

transactionList

Array of transaction details.

{
    "items": {
        "$ref": "#\/definitions\/transactions"
    },
    "type": "array"
}

transactionStatus

The transaction status is filled with codes of the ISO 20022 data table:

'ACCC': 'AcceptedSettlementCompleted' - Settlement on the creditor's account has been completed.
'ACCP': 'AcceptedCustomerProfile' - Preceding check of technical validation was successful. Customer profile check was also successful.
'ACSC': 'AcceptedSettlementCompleted' - Settlement on the debtor�s account has been completed.

Usage: this can be used by the first agent to report to the debtor that the transaction has been completed.

Warning: this status is provided for transaction status reasons, not for financial information. It can only be used after bilateral agreement.
'ACSP': 'AcceptedSettlementInProcess' - All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution.
'ACTC': 'AcceptedTechnicalValidation' - Authentication and syntactical and semantical validation are successful.
'ACWC': 'AcceptedWithChange' - Instruction is accepted but a change will be made, such as date or remittance not sent.
'ACWP': 'AcceptedWithoutPosting' - Payment instruction included in the credit transfer is accepted without being posted to the creditor customer�s account.
'RCVD': 'Received' - Payment initiation has been received by the receiving agent.
'PDNG': 'Pending' - Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed.
'RJCT': 'Rejected' - Payment initiation or individual transaction included in the payment initiation has been rejected.
'CANC': 'Cancelled' Payment initiation has been cancelled before execution Remark: This codeis accepted as new code by ISO20022.
'ACFC': 'AcceptedFundsChecked' - Preceding check of technical validation and customer profile was successful and an automatic funds check was positive . Remark: This code is accepted as new code by ISO20022.
'PATC': 'PartiallyAcceptedTechnical' Correct The payment initiation needs multiple authentications, where some but not yet all have been performed. Syntactical and semantical validations are successful. Remark: This code is accepted as new code by ISO20022.
'PART': 'PartiallyAccepted' - A number of transactions have been accepted, whereas another number of transactions have not yet achieved 'accepted' status. Remark: This code may be used only in case of bulk payments. It is only used in a situation where all mandated authorisations have been applied, but some payments have been rejected.

{
    "enum": [
        "ACCC",
        "ACCP",
        "ACSC",
        "ACSP",
        "ACTC",
        "ACWC",
        "ACWP",
        "RCVD",
        "PDNG",
        "RJCT",
        "CANC",
        "ACFC",
        "PATC",
        "PART"
    ],
    "example": "ACCP",
    "type": "string"
}

transactions

Transaction details.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksTransactionDetails"
        },
        "additionalInformation": {
            "$ref": "#\/definitions\/additionalInformation"
        },
        "additionalInformationStructured": {
            "$ref": "#\/definitions\/additionalInformationStructured"
        },
        "balanceAfterTransaction": {
            "$ref": "#\/definitions\/balance"
        },
        "bankTransactionCode": {
            "$ref": "#\/definitions\/bankTransactionCode"
        },
        "batchIndicator": {
            "description": "If this indicator equals true, then the related entry is a batch entry.\n",
            "type": "boolean"
        },
        "batchNumberOfTransactions": {
            "description": "Shall be used if and only if the batchIndicator is contained and equals true.\n",
            "type": "integer"
        },
        "bookingDate": {
            "$ref": "#\/definitions\/bookingDate"
        },
        "checkId": {
            "description": "Identification of a Cheque.",
            "maxLength": 35,
            "type": "string"
        },
        "creditorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "creditorAgent": {
            "$ref": "#\/definitions\/bicfi"
        },
        "creditorId": {
            "$ref": "#\/definitions\/creditorId"
        },
        "creditorName": {
            "$ref": "#\/definitions\/creditorName"
        },
        "currencyExchange": {
            "$ref": "#\/definitions\/reportExchangeRateList"
        },
        "debtorAccount": {
            "$ref": "#\/definitions\/accountReference"
        },
        "debtorAgent": {
            "$ref": "#\/definitions\/bicfi"
        },
        "debtorName": {
            "$ref": "#\/definitions\/debtorName"
        },
        "endToEndId": {
            "description": "Unique end to end identity.",
            "maxLength": 35,
            "type": "string"
        },
        "entryDetails": {
            "$ref": "#\/definitions\/entryDetails"
        },
        "entryReference": {
            "$ref": "#\/definitions\/entryReference"
        },
        "mandateId": {
            "description": "Identification of Mandates, e.g. a SEPA Mandate ID.",
            "maxLength": 35,
            "type": "string"
        },
        "proprietaryBankTransactionCode": {
            "$ref": "#\/definitions\/proprietaryBankTransactionCode"
        },
        "purposeCode": {
            "$ref": "#\/definitions\/purposeCode"
        },
        "remittanceInformationUnstructured": {
            "$ref": "#\/definitions\/remittanceInformationUnstructured"
        },
        "remittanceInformationUnstructuredArray": {
            "$ref": "#\/definitions\/remittanceInformationUnstructuredArray"
        },
        "transactionAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "transactionId": {
            "$ref": "#\/definitions\/transactionId"
        },
        "ultimateCreditor": {
            "$ref": "#\/definitions\/ultimateCreditor"
        },
        "ultimateDebtor": {
            "$ref": "#\/definitions\/ultimateDebtor"
        },
        "valueDate": {
            "description": "The Date at which assets become available to the account owner in case of a credit, or cease to be available to the account owner in case of a debit entry. **Usage:** If entry status is pending and value date is present, then the value date refers to an expected\/requested value date.",
            "format": "date",
            "type": "string"
        }
    },
    "required": [
        "transactionAmount"
    ],
    "type": "object"
}

transactionsResponse-200_json

Body of the JSON response for a successful read transaction list request. This account report contains transactions resulting from the query parameters.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksPagination"
        },
        "account": {
            "$ref": "#\/definitions\/accountReference"
        },
        "balances": {
            "$ref": "#\/definitions\/balanceList"
        },
        "transactions": {
            "$ref": "#\/definitions\/accountReport"
        }
    },
    "required": [
        "account",
        "transactions"
    ],
    "type": "object"
}

trustedBeneficiaryFlag

Additional Service: Trusted Benificiaries Within this data element, the ASPSP might optionally communicate towards the TPP whether the creditor was part of the related trusted beneficiary list. This attribute is only contained in case of a final scaStatus.

{
    "example": false,
    "type": "boolean"
}

ultimateCreditor

Ultimate creditor.

{
    "example": "Ultimate Creditor",
    "maxLength": 70,
    "type": "string"
}

ultimateDebtor

Ultimate debtor.

{
    "example": "Ultimate Debtor",
    "maxLength": 70,
    "type": "string"
}

updatePsuAuthenticationResponse

Body of the JSON response for a successful update PSU authentication request.

{
    "properties": {
        "authorisationId": {
            "$ref": "#\/definitions\/authorisationId"
        },
        "currencyConversionFees": {
            "$ref": "#\/definitions\/amount"
        },
        "estimatedInterbankSettlementAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "estimatedTotalAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "psuMessage": {
            "$ref": "#\/definitions\/psuMessageText"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/scaStatus"
        },
        "transactionFees": {
            "$ref": "#\/definitions\/amount"
        }
    },
    "required": [
        "scaStatus"
    ],
    "type": "object"
}

updatePsuIdenticationResponse

Body of the JSON response for a successful update PSU identification request.

{
    "properties": {
        "_links": {
            "$ref": "#\/definitions\/_linksUpdatePsuIdentification"
        },
        "currencyConversionFees": {
            "$ref": "#\/definitions\/amount"
        },
        "estimatedInterbankSettlementAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "estimatedTotalAmount": {
            "$ref": "#\/definitions\/amount"
        },
        "psuMessage": {
            "$ref": "#\/definitions\/psuMessageText"
        },
        "scaStatus": {
            "$ref": "#\/definitions\/scaStatus"
        },
        "transactionFees": {
            "$ref": "#\/definitions\/amount"
        }
    },
    "required": [
        "_links",
        "scaStatus"
    ],
    "type": "object"
}

validUntil

This parameter is defining a valid until date (including the mentioned date) for the requested consent. The content is the local ASPSP date in ISO-Date format, e.g. 2017-10-30.

Future dates might get adjusted by ASPSP.

If a maximal available date is requested, a date in far future is to be used: "9999-12-31".

In both cases the consent object to be retrieved by the get consent request will contain the adjusted date.

{
    "example": "2020-12-31",
    "format": "date",
    "type": "string"
}