PSD2 BERLIN 1.5

# Summary
The **NextGenPSD2** *Framework Version 1.3.11* offers a modern, open, harmonised and interoperable set of
Application Programming Interfaces (APIs) as the safest and most efficient way to provide data securely.
The NextGenPSD2 Framework reduces XS2A complexity and costs, addresses the problem of multiple competing standards
in Europe and, aligned with the goals of the Euro Retail Payments Board,
enables European banking customers to benefit from innovative products and services ('Banking as a Service')
by granting TPPs safe and secure (authenticated and authorised) access to their bank accounts and financial data.

The possible Approaches are:
* OAuth SCA Approach
* Decoupled SCA Approach

Not every message defined in this API definition is necessary for all approaches.
Furthermore this API definition does not differ between methods which are mandatory, conditional, or optional.
Therefore for a particular implementation of a Berlin Group PSD2 compliant API it is only necessary to support
a certain subset of the methods defined in this API definition.

**Please have a look at the implementation guidelines if you are not sure
which message has to be used for the approach you are going to use.**

## Some General Remarks Related to this version of the OpenAPI Specification:
* **This API definition is based on the Implementation Guidelines of the Berlin Group PSD2 API.**
It is not a replacement in any sense.
The main specification is (at the moment) always the Implementation Guidelines of the Berlin Group PSD2 API.
* **This API definition contains the REST-API for requests from the PISP to the ASPSP.**
* **This API definition contains the messages for all different approaches defined in the Implementation Guidelines.**
* According to the OpenAPI-Specification [https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.1.md]

"If in is "header" and the name field is "Accept", "Content-Type" or "Authorization", the parameter definition SHALL be ignored."

The element "Accept" will not be defined in this file at any place.

The elements "Content-Type" and "Authorization" are implicitly defined by the OpenApi tags "content" and "security".

* There are several predefined types which might occur in payment initiation messages,
but are not used in the standard JSON messages in the Implementation Guidelines.
Therefore they are not used in the corresponding messages in this file either.
We added them for the convenience of the user.
If there is a payment product, which needs these fields, one can easily use the predefined types.
But the ASPSP need not to accept them in general.

* **We omit the definition of all standard HTTP header elements (mandatory/optional/conditional)
except they are mentioned in the Implementation Guidelines.**
Therefore the implementer might add these in his own realisation of a PSD2 comlient API in addition to the elements defined in this file.

## General Remarks on Data Types

The Berlin Group definition of UTF-8 strings in context of the PSD2 API has to support at least the following characters

a b c d e f g h i j k l m n o p q r s t u v w x y z

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

#BOI-REMARK: The Hebrew alphabt must be supported as part of the character set
א ב ג ד ה ו ז ח ט י כ ך ל מ ם נ ן ס ע פ ף צ ץ ק ר ש ת

0 1 2 3 4 5 6 7 8 9

/ - ? : ( ) . , ' +

Space

There is currently no content classified with this term.

Subscribe to RSS - PSD2 BERLIN 1.5