Contains Single cards data
Endpoints url
discount sandbox
https://mtls-api-nonprod.discountbank.co.il/devapi/cert
discount prod
https://mtls-api.discountbank.co.il/prod/d
mercantile sandbox
https://mtls-api-nonprod.mercantile.co.il/devapi/cert
mercantile prod
https://mtls-api.mercantile.co.il/prod/d
Summary
As before, specific card reconciliation accounts (called "card accounts" in [XS2A-IG]) can be addressed in a consent request by identifying the card account by its corresponding masked PAN. Please note that the card accounts are providing card information in an
accumulated way. In addition, this specification adds to this consent model, that a masked PAN is addressing a single card. It is up to the ASPSP if this consent grants access
- to the single card identified by the masked PAN,
- the card account identified by the masked PAN or
- both, delivering these information on the related endpoints /card-accounts or /cards. The ASPSP's respective decision must be documented by the ASPSP. Additionally, a card account or single cards can be addressed by an Account Access Object containing an identifier of the reconciliation account accompanied by the specification of the cashAccountType to Type "CARD" (see Section 6.3). A consent of this type will grant the respective access to both,
- all cards reconciled through this account and
- the related card account, if the ASPSP supports the corresponding endpoints at all. As a third / fourth way to establish a card specific consent, the TPP can request a bank-offered consent or a global consent but restricting the requested access to a certain cashAccountType - e.g. CARD. A consent of this type will grant the respective access to both
- cards and
- card accounts, if the ASPSP supports the related endpoints at all. BOI-REMARK: In the Israeli market there is no need in explicit consent for requesting account/card owner data.
Not supported query parameters
Read Card Balances: dateFrom
Read Card Transaction List: dateFrom, dateTo, deltaList
- parameters:
- Authorization:
- description: Is contained only, if an OAuth2 based SCA was performed in the corresponding mandate transaction or if OAuth2 has been used in a pre-step.
- in: header
- name: Authorization
- required: false
- type: string
- Digest:
- description: Is contained if and only if the "Signature" element is contained in the header of the request.
- in: header
- maxLength: 1024
- name: Digest
- required: true
- type: string
- x-example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=
- PSU-IP-Address_optional:
- description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
- format: ipv4
- in: header
- name: PSU-IP-Address
- required: false
- type: string
- x-example: 192.168.8.78
- Signature:
- description: A signature of the request by the TPP on application level. This might be mandated by ASPSP.
- in: header
- maxLength: 4096
- name: Signature
- required: true
- type: string
- x-example: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))"
- TPP-Signature-Certificate:
- description: The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.
- format: byte
- in: header
- name: TPP-Signature-Certificate
- required: true
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- format: uuid
- in: header
- name: X-Request-ID
- required: true
- type: string
- x-example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- bookingStatus:
- description: Permitted codes are * "booked", * "pending", * "both", "booked" shall be supported by the ASPSP. To support the "pending" and "both" feature is optional for the ASPSP, Error code if not supported in the online banking frontend. If supported, "both" means to request transaction reports of transaction of bookingStatus either "pending" or "booked". BOI-REMARK: "pending" must be supported by the API provider if supported in the online banking frontend.
- enum:
- 0: booked
- 1: pending
- 2: both
- in: query
- name: bookingStatus
- required: true
- type: string
- cardId_PATH:
- description: This identification is denoting the addressed card. The card-id is retrieved by using a "Read Card List" call. The card-id is the "resourceId" attribute of the card structure. Its value is constant at least throughout the lifecycle of a given consent.
- in: path
- name: card-id
- required: true
- type: string
- consentId_HEADER_mandatory:
- description: Identification of the corresponding consent as granted by the PSU.
- in: header
- name: Consent-ID
- required: true
- type: string
- dateFrom:
- description: Conditional: Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required and if bookingStatus does not equal "information". For booked transactions, the relevant date is the booking date. For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP. Optional: For card balances. This parameter is ignored by the ASPSP if it is not supported. Requests in addition to the balances of the current accounting period all booked balances at the end of previous accounting periods (e.g. monthly periods) from the provided date on if still retrievable under the given consent. Note: The accounting period for card balances is the invoicing period of the related card. This parameter is ignored by the ASPSP if it is not supported. A TPP may not include both parameters "dateFrom" and "valueDateFrom" in one request. BOI REMARK: The parameter "dateFrom" may only be used, if it is supported by the ASPSP. The ASPSP must support at least one of the query parameters "dateFrom" and "valueDateFrom". This parameter is relevant only for differed debit card or credit card. If this parameter is empty, the TPP will get the balances for the last cycle (closing booked) and the balances for the current cycle (interim booked). The earliest date can be 12 month prior to "now".
- format: date
- in: query
- name: dateFrom
- required: false
- type: string
- dateTo:
- description: End date (inclusive the data dateTo) of the transaction list, default is "now" if not given. Might be ignored if a delta function is used. For booked transactions, the relevant date is the booking date. For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP.
- format: date
- in: query
- name: dateTo
- required: false
- type: string
- deltaList:
- description: This data attribute is indicating that the AISP is in favour to get all transactions after the last report access for this PSU on the addressed account. This is another implementation of a delta access-report. This delta indicator might be rejected by the ASPSP if this function is not supported. Optional if supported by API provider
- in: query
- name: deltaList
- type: boolean
- valueDateFrom:
- description: Conditional if supported by API provider. Requests in addition to the balances of the current accounting period all balances at the end of previous accounting periods (e.g. monthly periods) with payment due date starting from the provided date on if still retrievable under the given consent. A TPP may not include both parameters "dateFrom" and "valueDateFrom" in one request. Note: The accounting period is the invoicing period of the related card. This parameter is ignored by the ASPSP if it is not supported. BOI REMARK: The earliest date can be 12 month prior to "now". In case of exception from the minimum value a message code PERIOD_INVALID should returned.
- format: date
- in: query
- name: valueDateFrom
- required: false
- type: string
- valueDateTo:
- description: End date (inclusive the data dateTo) of the transaction list with regards to element "valueDate", default is "now" if not given. "valueDateTo" must not be included in the request, if parameter "valueDateFrom" is not included. The parameter "valueDateTo" may only be used, if it is supported by the ASPSP. The ASPSP must support if it supports query parameter "valueDateFrom".
- format: date
- in: query
- name: valueDateTo
- required: false
- type: string
- Authorization:
- responses:
- BAD_REQUEST_400:
- description: Bad Request
- headers:
- Location:
- description: Location of the created resource.
- format: url
- required: false
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- Location:
- schema:
- $ref: #/definitions/Error400_NG
- FORBIDDEN_403:
- description: Forbidden
- headers:
- Location:
- description: Location of the created resource.
- format: url
- required: false
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- Location:
- schema:
- $ref: #/definitions/Error403_NG
- INTERNAL_SERVER_ERROR_500:
- description: Internal Server Error
- headers:
- Location:
- description: Location of the created resource.
- format: url
- required: false
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- Location:
- METHOD_NOT_ALLOWED_405:
- description: Method Not Allowed
- headers:
- Location:
- description: Location of the created resource.
- format: url
- required: false
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- Location:
- schema:
- $ref: #/definitions/Error405_NG
- NOT_FOUND_404:
- description: Not found
- headers:
- Location:
- description: Location of the created resource.
- format: url
- required: false
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- Location:
- schema:
- $ref: #/definitions/Error404_NG
- OK_200_CARDBALANCES:
- description: OK
- headers:
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- X-Request-ID:
- schema:
- $ref: #/definitions/readCardBalancesResponse-200_json
- OK_200_CARDDETAILS:
- description: OK
- headers:
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- X-Request-ID:
- schema:
- $ref: #/definitions/readCardDetailsResponse-200_json
- OK_200_CARDS:
- description: OK
- headers:
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- X-Request-ID:
- schema:
- $ref: #/definitions/readCardListResponse-200_json
- OK_200_CARDTRANSACTIONS:
- description: OK
- headers:
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- X-Request-ID:
- schema:
- $ref: #/definitions/readCardTransactionsResponse-200_json
- REQUEST_TIMEOUT_408:
- description: Request Timeout
- headers:
- Location:
- description: Location of the created resource.
- format: url
- required: false
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- Location:
- SERVICE_UNAVAILABLE_503:
- description: Service Unavailable
- headers:
- Location:
- description: Location of the created resource.
- format: url
- required: false
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- Location:
- UNAUTHORIZED_401:
- description: Unauthorized
- headers:
- Location:
- description: Location of the created resource.
- format: url
- required: false
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- Location:
- schema:
- $ref: #/definitions/Error401_NG
- UNSUPPORTED_MEDIA_TYPE_415:
- description: Unsupported Media Type
- headers:
- Location:
- description: Location of the created resource.
- format: url
- required: false
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- Location:
- BAD_REQUEST_400:
- examples:
- readCardBalancesResponse-200_json_Example1:
- description: Read card balances. Example on current balance only
- value:
- balances:
- 0:
- balanceAmount:
- amount: 5654.22
- currency: EUR
- balanceType: interimAvailable
- creditLimitIncluded: true
- balanceAmount:
- 1:
- balanceAmount:
- amount: 4355.78
- currency: EUR
- balanceType: interimBooked
- balanceAmount:
- 0:
- card:
- maskedPan: 525412xxxxxx3241
- balances:
- readCardBalancesResponse-200_json_Example2:
- description: Read card balances. Example on booked balances of the past requested in addition
- value:
- balances:
- 0:
- balanceAmount:
- amount: 5654.22
- currency: EUR
- balanceType: interimAvailable
- creditLimitIncluded: true
- balanceAmount:
- 1:
- balanceAmount:
- amount: 4355.78
- currency: EUR
- balanceType: interimBooked
- balanceAmount:
- 2:
- balanceAmount:
- amount: 2255.45
- currency: EUR
- balanceType: closingBooked
- referenceDate: 2020-06-30
- balanceAmount:
- 3:
- balanceAmount:
- amount: 1234.56
- currency: EUR
- balanceType: closingBooked
- referenceDate: 2020-07-31
- balanceAmount:
- 4:
- balanceAmount:
- amount: 234.01
- currency: EUR
- balanceType: closingBooked
- referenceDate: 2020-08-31
- balanceAmount:
- 0:
- card:
- maskedPan: 525412xxxxxx3241
- balances:
- readCardDetailsResponse-200_json_Example1:
- description: Read card details.
- value:
- card:
- _links:
- self:
- href: /v1/cards/4d9a81b3-a47d-4130-8765-a9c0ff861b99
- transactions:
- href: /v1/cards/4d9a81b3-a47d-4130-8765-a9c0ff861b99/transactions
- self:
- balances:
- 0:
- balanceAmount:
- amount: 1390.10
- currency: EUR
- balanceType: interimBooked
- balanceAmount:
- 1:
- balanceAmount:
- amount: 3609.90
- currency: EUR
- balanceType: interimAvailable
- creditLimitIncluded: true
- balanceAmount:
- 0:
- creditLimit:
- amount: 5000
- currency: EUR
- currency: EUR
- maskedPan: 525412xxxxxx3241
- name: Main
- product: Basic Credit Card
- resourceId: 4d9a81b3-a47d-4130-8765-a9c0ff861b99
- status: enabled
- _links:
- card:
- readCardDetailsResponse-200_json_Example2:
- description: Read card details.
- value:
- card:
- _links:
- self:
- href: /v1/cards/4d9a81b3-a47d-4130-8765-a9c0ff861b99
- transactions:
- href: /v1/cards/4d9a81b3-a47d-4130-8765-a9c0ff861b99/transactions
- self:
- balances:
- 0:
- balanceAmount:
- amount: 1390.10
- currency: EUR
- balanceType: interimBooked
- balanceAmount:
- 1:
- balanceAmount:
- amount: 3155.17
- currency: EUR
- balanceType: interimAvailable
- creditLimitIncluded: true
- balanceAmount:
- 2:
- balanceAmount:
- amount: 500.20
- currency: USD
- balanceType: interimBooked
- balanceAmount:
- 3:
- balanceAmount:
- amount: 3470.69
- currency: EUR
- balanceType: interimAvailable
- creditLimitIncluded: true
- balanceAmount:
- 0:
- creditLimit:
- amount: 5000
- currency: EUR
- currency: XXX
- maskedPan: 525412xxxxxx3241
- name: Main
- product: Basic Credit Card
- resourceId: 4d9a81b3-a47d-4130-8765-a9c0ff861b99
- status: enabled
- _links:
- card:
- readCardListResponse-200_json_Example:
- description: Read card list.
- value:
- cards:
- 0:
- balances:
- 0:
- balanceAmount:
- amount: 1390.10
- currency: EUR
- balanceType: interimBooked
- balanceAmount:
- 1:
- balanceAmount:
- amount: 3609.90
- currency: EUR
- balanceType: interimAvailable
- creditLimitIncluded: true
- balanceAmount:
- 0:
- creditLimit:
- amount: 5000
- currency: EUR
- currency: EUR
- maskedPan: 525412xxxxxx3241
- name: Main
- product: Basic Credit Card
- resourceId: 4d9a81b3-a47d-4130-8765-a9c0ff861b99
- status: enabled
- balances:
- 1:
- balances:
- 0:
- balanceAmount:
- amount: 559.10
- currency: EUR
- balanceType: interimBooked
- balanceAmount:
- 1:
- balanceAmount:
- amount: 4440.90
- currency: EUR
- balanceType: interimAvailable
- creditLimitIncluded: true
- balanceAmount:
- 0:
- creditLimit:
- amount: 5000
- currency: EUR
- currency: EUR
- maskedPan: 525412xxxxxx3242
- name: PartnerCard
- product: Basic Credit Card
- resourceId: 4d9a81b3-a47d-4130-8765-a9c0ff861b98
- status: enabled
- balances:
- 0:
- cards:
- readCardTransactionsResponse-200_json_Example:
- description: Read card transaction list.
- value:
- card:
- maskedPan: 525412xxxxxx3241
- cardTransactions:
- _links:
- card:
- href: /v1/cards/4d9a81b3-a47d-4130-8765-a9c0ff861b99
- card:
- booked:
- 0:
- bookingDate: 2017-10-26
- cardAcceptorAddress:
- city: STOCKHOLM
- country: SE
- cardTransactionId: 201710020036959
- grandTotalAmount:
- amount: 2566.70
- currency: EUR
- invoiced: false
- proprietaryBankTransactionCode: INSTALMENT
- transactionAmount:
- amount: 256.67
- currency: EUR
- transactionDate: 2017-10-25
- transactionDetails: WIFIMARKET.SE
- valueDate: 2017-11-01
- 1:
- bookingDate: 2017-10-26
- cardAcceptorAddress:
- city: STOCKHOLM
- country: SE
- cardTransactionId: 201710020091863
- invoiced: false
- originalAmount:
- amount: 99
- currency: SEK
- proprietaryBankTransactionCode: PURCHASE
- transactionAmount:
- amount: 10.72
- currency: EUR
- transactionDate: 2017-10-25
- transactionDetails: ICA SUPERMARKET SKOGHA
- valueDate: 2017-11-01
- 0:
- pending:
- _links:
- card:
- readCardBalancesResponse-200_json_Example1:
- headers:
- Location:
- description: Location of the created resource.
- format: url
- required: false
- type: string
- X-Request-ID:
- description: ID of the request, unique to the call, as determined by the initiating party.
- example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
- format: uuid
- required: true
- type: string
- Location:
Paths
/v1.7/cards/{card-id}/balances
Read card balances.
Read detailed balance information about the addressed card by "card-id". For a given card, an optional parameter "dateFrom" defines the begin of a period from which to obtain available balance related information.Please note, that the current credit line of a given card might be tighter than what a response to this request will suggest due to general credit limits on the card account and transactions by other cards to the same card account.
This identification is denoting the addressed card. The card-id is retrieved by using a "Read Card List" call. The card-id is the "resourceId" attribute of the card structure. Its value is constant at least throughout the lifecycle of a given consent.
Conditional if supported by API provider. Requests in addition to the balances of the current accounting period all balances at the end of previous accounting periods (e.g. monthly periods) with payment due date starting from the provided date on if still retrievable under the given consent. A TPP may not include both parameters "dateFrom" and "valueDateFrom" in one request.Note: The accounting period is the invoicing period of the related card.This parameter is ignored by the ASPSP if it is not supported. BOI REMARK: The earliest date can be 12 month prior to "now".In case of exception from the minimum value a message code PERIOD_INVALID should returned.
ID of the request, unique to the call, as determined by the initiating party.
{
"x-example": "99391c7e-ad88-49ec-a2ad-99ddcb1f7721"
}Identification of the corresponding consent as granted by the PSU.
Is contained only, if an OAuth2 based SCA was performed in the corresponding mandate transaction or if OAuth2 has been used in a pre-step.
This field is not verified
A signature of the request by the TPP on application level. This field is not verified.
The certificate used for signing the request, in base64 encoding. The certificate is eIDAS Qseal certificate must contain the same O + OU that exsists in the eIDAS Qwac certificate.
The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
application/problem+json
Bad Request
Unauthorized
Forbidden
Not found
Method Not Allowed
Request Timeout
Unsupported Media Type
Internal Server Error
Service Unavailable
/v1.7/cards
/v1.7/cards/{card-id}/transactions
getCardTransactionList
Reads transactions of a given card addressed by "card-id".
This identification is denoting the addressed card. The card-id is retrieved by using a "Read Card List" call. The card-id is the "resourceId" attribute of the card structure. Its value is constant at least throughout the lifecycle of a given consent.
Conditional if supported by API provider. Requests in addition to the balances of the current accounting period all balances at the end of previous accounting periods (e.g. monthly periods) with payment due date starting from the provided date on if still retrievable under the given consent. A TPP may not include both parameters "dateFrom" and "valueDateFrom" in one request.Note: The accounting period is the invoicing period of the related card.This parameter is ignored by the ASPSP if it is not supported. BOI REMARK: The earliest date can be 12 month prior to "now".In case of exception from the minimum value a message code PERIOD_INVALID should returned.
End date (inclusive the data dateTo) of the transaction list, default is "now" if not given. Might be ignored if a delta function is used.For booked transactions, the relevant date is the booking date. For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP.
Permitted codes are * "booked"
{
"enum": [
"booked",
"pending",
"both"
]
}ID of the request, unique to the call, as determined by the initiating party.
{
"x-example": "99391c7e-ad88-49ec-a2ad-99ddcb1f7721"
}Identification of the corresponding consent as granted by the PSU.
Is contained only, if an OAuth2 based SCA was performed in the corresponding mandate transaction or if OAuth2 has been used in a pre-step.
This field is not verified
A signature of the request by the TPP on application level. This field is not verified.
The certificate used for signing the request, in base64 encoding. The certificate is eIDAS Qseal certificate must contain the same O + OU that exsists in the eIDAS Qwac certificate.
The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
application/problem+json
Bad Request
Unauthorized
Forbidden
Not found
Method Not Allowed
Request Timeout
Unsupported Media Type
Internal Server Error
Service Unavailable
/v1.7/cards/{card-id}
readCardDetails
Reads details about a card. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. The addressed details of this account depends then on the stored consent addressed by consentId, respectively the OAuth2 access token.
This identification is denoting the addressed card. The card-id is retrieved by using a "Read Card List" call. The card-id is the "resourceId" attribute of the card structure. Its value is constant at least throughout the lifecycle of a given consent.
ID of the request, unique to the call, as determined by the initiating party.
{
"x-example": "99391c7e-ad88-49ec-a2ad-99ddcb1f7721"
}Identification of the corresponding consent as granted by the PSU.
Is contained only, if an OAuth2 based SCA was performed in the corresponding mandate transaction or if OAuth2 has been used in a pre-step.
This field is not verified
A signature of the request by the TPP on application level. This field is not verified.
The certificate used for signing the request, in base64 encoding. The certificate is eIDAS Qseal certificate must contain the same O + OU that exsists in the eIDAS Qwac certificate.
The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
application/problem+json
Bad Request
Unauthorized
Forbidden
Not found
Method Not Allowed
Request Timeout
Unsupported Media Type
Internal Server Error
Service Unavailable
Definitions
Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 400.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAll"
},
"additionalErrors": {
"description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
"items": {
"description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
"properties": {
"code": {
"$ref": "#\/definitions\/MessageCode400"
},
"detail": {
"$ref": "#\/definitions\/tppErrorDetail"
},
"title": {
"$ref": "#\/definitions\/tppErrorTitle"
}
},
"required": [
"code"
],
"type": "object"
},
"type": "array"
},
"code": {
"$ref": "#\/definitions\/MessageCode400"
},
"detail": {
"description": "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
"maxLength": 500,
"type": "string"
},
"title": {
"description": "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n",
"maxLength": 70,
"type": "string"
},
"type": {
"description": "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
"format": "uri",
"maxLength": 70,
"type": "string"
}
},
"required": [
"type",
"code"
],
"type": "object"
}
NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 400.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAll"
},
"tppMessages": {
"items": {
"$ref": "#\/definitions\/tppMessage400"
},
"type": "array"
}
},
"type": "object"
}
Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 401.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAll"
},
"additionalErrors": {
"description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
"items": {
"description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
"properties": {
"code": {
"$ref": "#\/definitions\/MessageCode401"
},
"detail": {
"$ref": "#\/definitions\/tppErrorDetail"
},
"title": {
"$ref": "#\/definitions\/tppErrorTitle"
}
},
"required": [
"code"
],
"type": "object"
},
"type": "array"
},
"code": {
"$ref": "#\/definitions\/MessageCode401"
},
"detail": {
"description": "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
"maxLength": 500,
"type": "string"
},
"title": {
"description": "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n",
"maxLength": 70,
"type": "string"
},
"type": {
"description": "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
"format": "uri",
"maxLength": 70,
"type": "string"
}
},
"required": [
"type",
"code"
],
"type": "object"
}
NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAll"
},
"tppMessages": {
"items": {
"$ref": "#\/definitions\/tppMessage401"
},
"type": "array"
}
},
"type": "object"
}
Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 403.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAll"
},
"additionalErrors": {
"description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
"items": {
"description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
"properties": {
"code": {
"$ref": "#\/definitions\/MessageCode403"
},
"detail": {
"$ref": "#\/definitions\/tppErrorDetail"
},
"title": {
"$ref": "#\/definitions\/tppErrorTitle"
}
},
"required": [
"code"
],
"type": "object"
},
"type": "array"
},
"code": {
"$ref": "#\/definitions\/MessageCode403"
},
"detail": {
"description": "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
"maxLength": 500,
"type": "string"
},
"title": {
"description": "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n",
"maxLength": 70,
"type": "string"
},
"type": {
"description": "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
"format": "uri",
"maxLength": 70,
"type": "string"
}
},
"required": [
"type",
"code"
],
"type": "object"
}
NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 403.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAll"
},
"tppMessages": {
"items": {
"$ref": "#\/definitions\/tppMessage403"
},
"type": "array"
}
},
"type": "object"
}
Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 404.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAll"
},
"additionalErrors": {
"description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
"items": {
"description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
"properties": {
"code": {
"$ref": "#\/definitions\/MessageCode404"
},
"detail": {
"$ref": "#\/definitions\/tppErrorDetail"
},
"title": {
"$ref": "#\/definitions\/tppErrorTitle"
}
},
"required": [
"code"
],
"type": "object"
},
"type": "array"
},
"code": {
"$ref": "#\/definitions\/MessageCode404"
},
"detail": {
"description": "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
"maxLength": 500,
"type": "string"
},
"title": {
"description": "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n",
"maxLength": 70,
"type": "string"
},
"type": {
"description": "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
"format": "uri",
"maxLength": 70,
"type": "string"
}
},
"required": [
"type",
"code"
],
"type": "object"
}
NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAll"
},
"tppMessages": {
"items": {
"$ref": "#\/definitions\/tppMessage404"
},
"type": "array"
}
},
"type": "object"
}
Standardised definition of reporting error information according to [RFC7807] in case of a HTTP error code 405.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAll"
},
"additionalErrors": {
"description": "Array of Error Information Blocks.\n\nMight be used if more than one error is to be communicated\n",
"items": {
"description": "This is a data element to support the declaration of additional errors in the context of [RFC7807].",
"properties": {
"code": {
"$ref": "#\/definitions\/MessageCode405"
},
"detail": {
"$ref": "#\/definitions\/tppErrorDetail"
},
"title": {
"$ref": "#\/definitions\/tppErrorTitle"
}
},
"required": [
"code"
],
"type": "object"
},
"type": "array"
},
"code": {
"$ref": "#\/definitions\/MessageCode405"
},
"detail": {
"description": "Detailed human readable text specific to this instance of the error. \nXPath might be used to point to the issue generating the error in addition.\nRemark for Future: In future, a dedicated field might be introduced for the XPath.\n",
"maxLength": 500,
"type": "string"
},
"title": {
"description": "Short human readable description of error type. \nCould be in local language. \nTo be provided by ASPSPs.\n",
"maxLength": 70,
"type": "string"
},
"type": {
"description": "A URI reference [RFC3986] that identifies the problem type. \nRemark For Future: These URI will be provided by NextGenPSD2 in future.\n",
"format": "uri",
"maxLength": 70,
"type": "string"
}
},
"required": [
"type",
"code"
],
"type": "object"
}
NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 405.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAll"
},
"tppMessages": {
"items": {
"$ref": "#\/definitions\/tppMessage405"
},
"type": "array"
}
},
"type": "object"
}
Message codes defined for HTTP Error code 400 (BAD_REQUEST).
{
"enum": [
"FORMAT_ERROR",
"PARAMETER_NOT_CONSISTENT",
"PARAMETER_NOT_SUPPORTED",
"SERVICE_INVALID",
"RESOURCE_UNKNOWN",
"RESOURCE_EXPIRED",
"RESOURCE_BLOCKED",
"TIMESTAMP_INVALID",
"PERIOD_INVALID",
"SCA_METHOD_UNKNOWN",
"SCA_INVALID",
"CONSENT_UNKNOWN"
],
"type": "string"
}
Message codes defined for HTTP Error code 401 (UNAUTHORIZED).
{
"enum": [
"CERTIFICATE_INVALID",
"ROLE_INVALID",
"CERTIFICATE_EXPIRED",
"CERTIFICATE_BLOCKED",
"CERTIFICATE_REVOKE",
"CERTIFICATE_MISSING",
"SIGNATURE_INVALID",
"SIGNATURE_MISSING",
"CORPORATE_ID_INVALID",
"PSU_CREDENTIALS_INVALID",
"CONSENT_INVALID",
"CONSENT_EXPIRED",
"TOKEN_UNKNOWN",
"TOKEN_INVALID",
"TOKEN_EXPIRED"
],
"type": "string"
}
Message codes defined for HTTP Error code 403 (FORBIDDEN).
{
"enum": [
"CONSENT_UNKNOWN",
"SERVICE_BLOCKED",
"RESOURCE_UNKNOWN",
"RESOURCE_EXPIRED"
],
"type": "string"
}
Message codes defined for HTTP Error code 404 (NOT FOUND).
{
"enum": [
"RESOURCE_UNKNOWN"
],
"type": "string"
}
Message codes defined for HTTP Error code 405 (METHOD NOT ALLOWED).
{
"enum": [
"SERVICE_INVALID"
],
"type": "string"
}
Links to the card / card account, which can be directly used for retrieving account information from this dedicated account.
Links to "balances" and/or "cardTransactions"
These links are only supported, when the corresponding consent has been already granted.
{
"additionalProperties": {
"$ref": "#\/definitions\/hrefType"
},
"properties": {
"balances": {
"$ref": "#\/definitions\/hrefType"
},
"card": {
"$ref": "#\/definitions\/hrefType"
},
"cardTransactions": {
"$ref": "#\/definitions\/hrefType"
},
"transactions": {
"$ref": "#\/definitions\/hrefType"
}
},
"type": "object"
}
A _link object with all availabel link types.
{
"additionalProperties": {
"$ref": "#\/definitions\/hrefType"
},
"properties": {
"account": {
"$ref": "#\/definitions\/hrefType"
},
"balances": {
"$ref": "#\/definitions\/hrefType"
},
"cardAccount": {
"$ref": "#\/definitions\/hrefType"
},
"cardTransactions": {
"$ref": "#\/definitions\/hrefType"
},
"first": {
"$ref": "#\/definitions\/hrefType"
},
"last": {
"$ref": "#\/definitions\/hrefType"
},
"next": {
"$ref": "#\/definitions\/hrefType"
},
"previous": {
"$ref": "#\/definitions\/hrefType"
},
"scaOAuth": {
"$ref": "#\/definitions\/hrefType"
},
"scaStatus": {
"$ref": "#\/definitions\/hrefType"
},
"self": {
"$ref": "#\/definitions\/hrefType"
},
"status": {
"$ref": "#\/definitions\/hrefType"
},
"transactionDetails": {
"$ref": "#\/definitions\/hrefType"
},
"transactions": {
"$ref": "#\/definitions\/hrefType"
}
},
"type": "object"
}
{
"additionalProperties": {
"$ref": "#\/definitions\/hrefType"
},
"properties": {
"card": {
"$ref": "#\/definitions\/hrefType"
},
"cardAccount": {
"$ref": "#\/definitions\/hrefType"
},
"first": {
"$ref": "#\/definitions\/hrefType"
},
"last": {
"$ref": "#\/definitions\/hrefType"
},
"next": {
"$ref": "#\/definitions\/hrefType"
},
"previous": {
"$ref": "#\/definitions\/hrefType"
}
},
"type": "object"
}
{
"additionalProperties": {
"$ref": "#\/definitions\/hrefType"
},
"properties": {
"first": {
"$ref": "#\/definitions\/hrefType"
},
"last": {
"$ref": "#\/definitions\/hrefType"
},
"next": {
"$ref": "#\/definitions\/hrefType"
},
"previous": {
"$ref": "#\/definitions\/hrefType"
}
},
"type": "object"
}
Requested access services for a consent.
{
"properties": {
"accounts": {
"description": "Is asking for detailed account information. \n\nIf the array is empty in a request, the TPP is asking for an accessible account list. \nThis may be restricted in a PSU\/ASPSP authorization dialogue. \nIf the array is empty, also the arrays for balances, additionalInformation sub attributes or transactions shall be empty, if used.\n",
"items": {
"$ref": "#\/definitions\/accountReference"
},
"type": "array"
},
"additionalInformation": {
"$ref": "#\/definitions\/additionalInformationAccess"
},
"allPsd2": {
"description": "Optional if supported by API provider.\n\nOnly the value \"allAccounts\" is admitted.\n",
"enum": [
"allAccounts"
],
"type": "string"
},
"availableAccounts": {
"description": "Optional if supported by API provider.\n\nThe values \"allAccounts\" and \"allAccountsWithOwnerName\" are admitted. \nThe support of the \"allAccountsWithOwnerName\" value by the ASPSP is optional.\n",
"enum": [
"allAccounts"
],
"type": "string"
},
"availableAccountsWithBalance": {
"description": "Optional if supported by API provider. \nOnly the value \"allAccounts\" is admitted.\n",
"enum": [
"allAccounts"
],
"type": "string"
},
"balances": {
"description": "Is asking for balances of the addressed accounts.\n\nIf the array is empty in the request, the TPP is asking for the balances of all accessible account lists. \nThis may be restricted in a PSU\/ASPSP authorization dialogue. \nIf the array is empty, also the arrays for accounts, additionalInformation sub attributes or transactions shall be empty, if used.\n",
"items": {
"$ref": "#\/definitions\/accountReference"
},
"type": "array"
},
"restrictedTo": {
"description": "If the TPP requests access to accounts via availableAccounts (List of available accounts), global \nor bank driven consents, the TPP may include this element to restrict access to the referred \naccount types. Absence of the element is interpreted as \"no restriction\" (therefore access to \naccounts of all types is requested). The element may only occur, if each of the elements \n - accounts \n - balances \n - transactions \nis either not present or contains an empty array. \n BOI-REMARK:\n This attribute have to be supported by the API Provider. \n \n In detailed consent model this field have to be empty or not presented.\n",
"items": {
"$ref": "#\/definitions\/cashAccountType"
},
"type": "array"
},
"transactions": {
"description": "Is asking for transactions of the addressed accounts. \n\nIf the array is empty in the request, the TPP is asking for the transactions of all accessible account lists.\nThis may be restricted in a PSU\/ASPSP authorization dialogue.\nIf the array is empty, also the arrays for accounts, additionalInformation sub attributes or balances shall be empty, if used.\n",
"items": {
"$ref": "#\/definitions\/accountReference"
},
"type": "array"
}
},
"type": "object"
}
Reference to an account by either
- IBAN, of a payment accounts, or
- BBAN, for payment accounts if there is no IBAN, or
- the Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements, or
- the Primary Account Number (PAN) of a card in a masked form, or
- an alias to access a payment account via a registered mobile phone number (MSISDN)
{
"properties": {
"bban": {
"$ref": "#\/definitions\/bban"
},
"cashAccountType": {
"$ref": "#\/definitions\/cashAccountType"
},
"currency": {
"$ref": "#\/definitions\/currencyCode"
},
"iban": {
"$ref": "#\/definitions\/iban"
},
"maskedPan": {
"$ref": "#\/definitions\/maskedPan"
},
"msisdn": {
"$ref": "#\/definitions\/msisdn"
}
},
"required": [
"maskedPan"
],
"type": "object"
}
Account status. The value is one of the following:
- "enabled": card / card account is available
- "deleted": card / card account is terminated
- "blocked": card / card account is blocked e.g. for legal reasons If this field is not used, than the card / card account is available in the sense of this specification. BOI-REMARK: "blocked" e.g. for legal reasons or suspended.
{
"enum": [
"enabled",
"deleted",
"blocked"
],
"type": "string"
}
Optional if supported by API provider.
Is asking for additional information as added within this structured object. The usage of this data element requires at least one of the entries "accounts", "transactions" or "balances" also to be contained in the object. If detailed accounts are referenced, it is required in addition that any account addressed within the additionalInformation attribute is also addressed by at least one of the attributes "accounts", "transactions" or "balances".
{
"properties": {
"ownerName": {
"description": "Is asking for account owner name of the accounts referenced within. \nIf the array is empty in the request, the TPP is asking for the account \nowner name of all accessible accounts. \nThis may be restricted in a PSU\/ASPSP authorization dialogue. \nIf the array is empty, also the arrays for accounts, balances or transactions shall be empty, if used.\nThe ASPSP will indicate in the consent resource after a successful authorisation, \nwhether the ownerName consent can be accepted by providing the accounts on which the ownerName will \nbe delivered. \nThis array can be empty.\n",
"items": {
"$ref": "#\/definitions\/accountReference"
},
"type": "array"
},
"trustedBeneficiaries": {
"description": "Optional if supported by API provider.\nIs asking for the trusted beneficiaries related to the accounts referenced within and related to the PSU.\nIf the array is empty in the request, the TPP is asking for the lists of trusted beneficiaries of all accessible accounts. \nThis may be restricted in a PSU\/ASPSP authorization dialogue by the PSU if also the account lists addressed \nby the tags �accounts�, �balances� or �transactions� are empty.\nThe ASPSP will indicate in the consent resource after a successful authorisation, \nwhether the trustedBeneficiaries consent can be accepted by providing the accounts on which the list of trusted beneficiaries will be delivered. \nThis array can be empty.\n",
"items": {
"$ref": "#\/definitions\/accountReference"
},
"type": "array"
}
},
"type": "object"
}
{
"example": {
"buildingnNumber": "89",
"country": "FR",
"postCode": "75000",
"streetName": "rue blue",
"townName": "Paris"
},
"properties": {
"buildingNumber": {
"type": "string"
},
"country": {
"$ref": "#\/definitions\/countryCode"
},
"postCode": {
"type": "string"
},
"streetName": {
"maxLength": 70,
"type": "string"
},
"townName": {
"type": "string"
}
},
"required": [
"country"
],
"type": "object"
}
{
"example": {
"amount": "123",
"currency": "EUR"
},
"properties": {
"amount": {
"$ref": "#\/definitions\/amountValue"
},
"currency": {
"$ref": "#\/definitions\/currencyCode"
}
},
"required": [
"currency",
"amount"
],
"type": "object"
}
The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot.
Example: Valid representations for EUR with up to two decimals are:
- 1056
- 5768.2
- -1.50
- 5877.78
{
"example": "5877.78",
"pattern": "^-?[0-9]{1,14}(\\.[0-9]{1,3})?$",
"type": "string"
}
Authorization by OAuth2 based Protocol.
{
"type": "string"
}
A single balance element.
{
"properties": {
"balanceAmount": {
"$ref": "#\/definitions\/amount"
},
"balanceType": {
"$ref": "#\/definitions\/balanceType"
},
"creditLimitIncluded": {
"description": "A flag indicating if the credit limit of the corresponding account \nis included in the calculation of the balance, where applicable.\n",
"example": false,
"type": "boolean"
},
"lastChangeDateTime": {
"description": "This data element might be used to indicate e.g. with the expected or booked balance that no action is known \non the account, which is not yet booked.\n",
"format": "date-time",
"type": "string"
},
"lastCommittedTransaction": {
"description": "\"entryReference\" of the last commited transaction to support the TPP in identifying whether all \nPSU transactions are already known.\n",
"maxLength": 35,
"type": "string"
},
"referenceDate": {
"description": "Reference date of the balance.",
"format": "date",
"type": "string"
}
},
"required": [
"balanceAmount",
"balanceType",
"creditLimitIncluded",
"referenceDate"
],
"type": "object"
}
The specific card account balances associated to this card / card account. In the context of a response to a "cards" endpoint, each balance that indicates that credit limit is included must respect all applicable credit limits relevant for this card ( cp. Section 6.6)
{
"items": {
"$ref": "#\/definitions\/balance"
},
"type": "array"
}
The following balance types are defined:
"closingBooked": Balance of the account at the end of the pre-agreed account reporting period. It is the sum of the opening booked balance at the beginning of the period and all entries booked to the account during the pre-agreed account reporting period.
For card-accounts and cards, this is composed of
- invoiced, but not yet paid entries For cards the account entries are booking entries from the card processor or invoices paid by the PSU.
BOI-REMARK for future: For cards , this is composed of entries at the closing time of the accounting period, which have to be invoiced. i.e. invoiced and paid entries at the closing time of the accounting period.
"expected": Balance composed of booked entries and pending items known at the time of calculation, which projects the end of day balance if everything is booked on the account and no other entry is posted.
For card accounts, this is composed of:
- invoiced, but not yet paid entries
- not yet invoiced but already booked entries and
- pending items (not yet booked)
For card-accounts:
"money to spend with the value of a pre-approved credit limit on the card account"
"openingBooked": Book balance of the account at the beginning of the account reporting period. It always equals the closing book balance from the previous report.
"interimAvailable": Available balance calculated in the course of the account ?servicer?s business day, at the time specified, and subject to further changes during the business day. The interim balance is calculated on the basis of booked credit and debit items during the calculation time/period specified.
For card-accounts, this is composed of:
- invoiced, but not yet paid entries
- not yet invoiced but already booked entries
For cards, this is composed of
- invoiced, but not yet paid entries
- not yet invoiced but already booked entries
- pending items (not yet booked)
"interimBooked": Balance calculated in the course of the account servicer's business day, at the time specified, and subject to further changes during the business day. The interim balance is calculated on the basis of booked credit and debit items during the calculation time/period specified.
BOI REMARK for future: For cards, this time period consists of the accounting period of the related card, e.g. thie interim booked items during a month. i.e. invoiced, but not yet paid entries.
- "forwardAvailable": Forward available balance of money that is at the disposal of the account owner on the date specified.
- "nonInvoiced": Only for card accounts, to be checked yet.
{
"enum": [
"closingBooked",
"expected",
"openingBooked",
"interimAvailable",
"interimBooked",
"forwardAvailable",
"nonInvoiced"
],
"type": "string"
}
Basic Bank Account Number (BBAN) Identifier.
This data element can be used in the body of the consent request. Message for retrieving account access consent from this account. This data elements is used for payment accounts which have no IBAN. ISO20022: Basic Bank Account Number (BBAN).
Identifier used nationally by financial institutions, i.e., in individual countries, generally as part of a National Account Numbering Scheme(s), which uniquely identifies the account of a customer.
{
"example": "BARC12345612345678",
"pattern": "^[a-zA-Z0-9]{1,30}$",
"type": "string"
}
The date when an entry is posted to an account on the ASPSPs books.
{
"format": "date",
"type": "string"
}
Merchant phone number It consists of a "+" followed by the country code (from 1 to 3 characters) then a "-" and finally, any combination of numbers, "(", ")", "+" and "-" (up to 30 characters). pattern according to ISO20022 +[0-9]{1,3}-[0-9()+\-]{1,30}
{
"pattern": "^\\+[0-9]{1,3}\\-[0-9()+\\-]{1,30}$",
"type": "string"
}
Card account details.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksAccountDetails"
},
"balances": {
"$ref": "#\/definitions\/balanceList"
},
"creditLimit": {
"$ref": "#\/definitions\/amount"
},
"currency": {
"$ref": "#\/definitions\/currencyCode"
},
"details": {
"description": "Specifications that might be provided by the ASPSP:\n - characteristics of the account\n - characteristics of the relevant card\n BOI REMARK:\n For example\n - charactaristic of the creditLimit level.\n - charactaristic of the monthly billing date.\n",
"maxLength": 1000,
"type": "string"
},
"displayName": {
"$ref": "#\/definitions\/displayName"
},
"maskedPan": {
"$ref": "#\/definitions\/maskedPan"
},
"name": {
"description": "Name of the card \/ card account, as assigned by the ASPSP, \nin agreement with the account owner in order to provide an additional means of identification of the account.\n",
"maxLength": 70,
"type": "string"
},
"ownerName": {
"$ref": "#\/definitions\/ownerName"
},
"product": {
"description": "Product Name of the Bank for this card \/ card account, proprietary definition.\n",
"maxLength": 35,
"type": "string"
},
"resourceId": {
"description": "This is the data element to be used in the path when retrieving data from a dedicated account.\nThis shall be filled, if addressable resource are created by the ASPSP on the \/card-accounts endpoint.\n",
"type": "string"
},
"status": {
"$ref": "#\/definitions\/accountStatus"
},
"usage": {
"description": "Specifies the usage of the card \/ card account:\n * PRIV: private personal card \/ card account\n * ORGA: professional card \/ card account\n",
"enum": [
"PRIV",
"ORGA"
],
"maxLength": 4,
"type": "string"
}
},
"required": [
"maskedPan",
"currency"
],
"type": "object"
}
Only Booked transactions are supported JSON based card account report.
This card account report contains transactions resulting from the query parameters.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksCardAccountReport"
},
"booked": {
"$ref": "#\/definitions\/cardTransactionList"
},
"pending": {
"$ref": "#\/definitions\/cardTransactionList"
}
},
"required": [
"_links"
],
"type": "object"
}
This identification is denoting the addressed card.
{
"type": "string"
}
Card transaction information.
{
"properties": {
"acceptorTransactionDateTime": {
"description": "Timestamp of the actual card transaction within the acceptance system",
"format": "date-time",
"type": "string"
},
"bookingDate": {
"$ref": "#\/definitions\/bookingDate"
},
"cardAcceptorAddress": {
"$ref": "#\/definitions\/address"
},
"cardAcceptorId": {
"maxLength": 35,
"type": "string"
},
"cardAcceptorPhone": {
"$ref": "#\/definitions\/cardAcceptorPhone"
},
"cardTransactionId": {
"$ref": "#\/definitions\/cardTransactionId"
},
"currencyExchange": {
"$ref": "#\/definitions\/reportExchangeRateList"
},
"grandTotalAmount": {
"allOf": [
{
"$ref": "#\/definitions\/amount"
},
{
"description": "Total amount of the instalment including charges, insurance and taxes in addition to the funded amount.\n"
}
]
},
"invoiced": {
"type": "boolean"
},
"markupFee": {
"$ref": "#\/definitions\/amount"
},
"markupFeePercentage": {
"example": "0.3",
"type": "string"
},
"maskedPAN": {
"$ref": "#\/definitions\/maskedPan"
},
"merchantCategoryCode": {
"$ref": "#\/definitions\/merchantCategoryCode"
},
"originalAmount": {
"$ref": "#\/definitions\/amount"
},
"proprietaryBankTransactionCode": {
"$ref": "#\/definitions\/proprietaryBankTransactionCode"
},
"terminalId": {
"$ref": "#\/definitions\/terminalId"
},
"transactionAmount": {
"$ref": "#\/definitions\/amount"
},
"transactionDate": {
"$ref": "#\/definitions\/transactionDate"
},
"transactionDetails": {
"maxLength": 1000,
"type": "string"
},
"valueDate": {
"description": "The Date at which assets become available to the account owner in case of a credit, or cease to be available to the account owner in case of a debit entry. For card transactions this is the payment due date of related booked transactions of a card.",
"format": "date",
"type": "string"
}
},
"required": [
"transactionAmount"
],
"type": "object"
}
Unique end to end identity.
{
"maxLength": 35,
"type": "string"
}
Array of transaction details.
{
"items": {
"$ref": "#\/definitions\/cardTransaction"
},
"type": "array"
}
ExternalCashAccountType1Code from ISO 20022 or Type "CARD". The API provider may restrict the accepted values further (e.g. only "CARD" and "CACC" may be supported). The TPP includes this element, if the account reference may identify several accounts of different types, but the TPP only requests access to a specific type (e.g. card accounts).
BOI Remark:Savings: SVGS for saving accounts Loan: "LOAN" for loan accounts If the cashAccountType is not present, it indicates the cashAccountType
- "Card Account" in case of the account identification being provided as a maskedPan
- "Current Account" (CACC) otherwise. In case the TPP requests access for several types with same identifiers, the TPP will send the same identifier multiple times for each cashAccountType.
{
"enum": [
"CACC",
"CARD"
],
"type": "string"
}
This shall be contained if the push notification is about establishing a consent
{
"type": "string"
}
ISO 3166 ALPHA2 country code.
{
"example": "SE",
"pattern": "^[A-Z]{2}$",
"type": "string"
}
ISO 4217 Alpha 3 currency code. BOI-REMARK: Card/Account currency.
{
"example": "EUR",
"pattern": "^[A-Z]{3}$",
"type": "string"
}
Name of the card / card account as defined by the PSU within online channels.
{
"maxLength": 70,
"type": "string"
}
Link to a resource.
{
"example": "\/v1\/payments\/sepa-credit-transfers\/1234-wertiq-983",
"type": "string"
}
Link to a resource.
{
"properties": {
"href": {
"$ref": "#\/definitions\/hrefEntry"
}
},
"type": "object"
}
IBAN of an account.
{
"example": "FR7612345987650123456789014",
"pattern": "^[A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30}$",
"type": "string"
}
Primary Account Number (PAN) of the card in masked form. In the context of a response to a "/card-accounts" endpoint, this is the PAN of the main card; in the context of a "/cards" endpoint, this identifies the specific card for that the information is presented. This data element can be used in the body of the Consent Request Message for retrieving account access consent from this card.
{
"example": "123456xxxxxx1234",
"maxLength": 35,
"type": "string"
}
Merchant category code.
{
"maxLength": 4,
"minLength": 4,
"type": "string"
}
Mobile phone number.
{
"example": "+49 170 1234567",
"maxLength": 35,
"type": "string"
}
In cases where the specifically defined criteria (IBAN, BBAN, MSISDN) are not provided to identify an instance of the respective account type (e.g. a savings account), the ASPSP shall include a proprietary ID of the respective account that uniquely identifies the account for this ASPSP.
{
"properties": {
"identification": {
"description": "Proprietary identification of the account.",
"maxLength": 35,
"type": "string"
},
"issuer": {
"description": "Issuer of the identification.",
"maxLength": 35,
"type": "string"
},
"schemeNameCode": {
"description": "An entry provided by an external ISO code list.",
"type": "string"
},
"schemeNameProprietary": {
"description": "A scheme name defined in a proprietary way.",
"maxLength": 35,
"type": "string"
}
},
"required": [
"identification"
],
"type": "object"
}
Name of the legal account owner. If there is more than one owner, then e.g. two names might be noted here.
For a corporate account, the corporate name is used for this attribute. Even if supported by the ASPSP, the provision of this field might depend on the fact whether an explicit consent to this specific additional account information has been given by the PSU.
{
"example": "John Doe",
"maxLength": 140,
"type": "string"
}
Proprietary bank transaction code as used within a community or within an ASPSP e.g. for MT94x based transaction reports.
{
"maxLength": 35,
"type": "string"
}
Balances of the cards.
{
"properties": {
"balances": {
"$ref": "#\/definitions\/balanceList"
},
"card": {
"$ref": "#\/definitions\/accountReference"
}
},
"required": [
"card",
"balances"
],
"type": "object"
}
Details of the card.
{
"properties": {
"card": {
"$ref": "#\/definitions\/cardAccountDetails"
}
},
"required": [
"card"
],
"type": "object"
}
Descriptions of the accessible cards.
{
"properties": {
"cards": {
"items": {
"$ref": "#\/definitions\/cardAccountDetails"
},
"type": "array"
}
},
"required": [
"cards"
],
"type": "object"
}
Transactions of the cards.
{
"properties": {
"_links": {
"$ref": "#\/definitions\/_linksPagination"
},
"balances": {
"$ref": "#\/definitions\/balanceList"
},
"card": {
"$ref": "#\/definitions\/accountReference"
},
"cardTransactions": {
"$ref": "#\/definitions\/cardAccountReport"
}
},
"required": [
"card",
"cardTransactions"
],
"type": "object"
}
Exchange Rate.
{
"properties": {
"contractIdentification": {
"maxLength": 35,
"type": "string"
},
"exchangeRate": {
"type": "string"
},
"quotationDate": {
"format": "date",
"type": "string"
},
"sourceCurrency": {
"$ref": "#\/definitions\/currencyCode"
},
"targetCurrency": {
"$ref": "#\/definitions\/currencyCode"
},
"unitCurrency": {
"$ref": "#\/definitions\/currencyCode"
}
},
"required": [
"sourceCurrency",
"exchangeRate",
"unitCurrency",
"targetCurrency",
"quotationDate"
],
"type": "object"
}
Array of exchange rates.
{
"items": {
"$ref": "#\/definitions\/reportExchangeRate"
},
"type": "array"
}
Identification of the Terminal, where the card has been used.
{
"maxLength": 35,
"type": "string"
}
Detailed human readable text specific to this instance of the error. XPath might be used to point to the issue generating the error in addition. Remark for Future: In future, a dedicated field might be introduced for the XPath.
{
"maxLength": 500,
"type": "string"
}
Short human readable description of error type. Could be in local language. To be provided by ASPSPs.
{
"maxLength": 70,
"type": "string"
}
{
"properties": {
"category": {
"$ref": "#\/definitions\/tppMessageCategory"
},
"code": {
"$ref": "#\/definitions\/MessageCode400"
},
"path": {
"type": "string"
},
"text": {
"$ref": "#\/definitions\/tppMessageText"
}
},
"required": [
"category",
"code"
],
"type": "object"
}
{
"properties": {
"category": {
"$ref": "#\/definitions\/tppMessageCategory"
},
"code": {
"$ref": "#\/definitions\/MessageCode401"
},
"path": {
"type": "string"
},
"text": {
"$ref": "#\/definitions\/tppMessageText"
}
},
"required": [
"category",
"code"
],
"type": "object"
}
{
"properties": {
"category": {
"$ref": "#\/definitions\/tppMessageCategory"
},
"code": {
"$ref": "#\/definitions\/MessageCode403"
},
"path": {
"type": "string"
},
"text": {
"$ref": "#\/definitions\/tppMessageText"
}
},
"required": [
"category",
"code"
],
"type": "object"
}
{
"properties": {
"category": {
"$ref": "#\/definitions\/tppMessageCategory"
},
"code": {
"$ref": "#\/definitions\/MessageCode404"
},
"path": {
"type": "string"
},
"text": {
"$ref": "#\/definitions\/tppMessageText"
}
},
"required": [
"category",
"code"
],
"type": "object"
}
{
"properties": {
"category": {
"$ref": "#\/definitions\/tppMessageCategory"
},
"code": {
"$ref": "#\/definitions\/MessageCode405"
},
"path": {
"type": "string"
},
"text": {
"$ref": "#\/definitions\/tppMessageText"
}
},
"required": [
"category",
"code"
],
"type": "object"
}
Category of the TPP message category.
{
"enum": [
"ERROR",
"WARNING"
],
"type": "string"
}
Additional explaining text to the TPP.
{
"maxLength": 500,
"type": "string"
}
Date of the actual card transaction.
{
"format": "date",
"type": "string"
}