STET v1.4 (11 APIs)
API Host: https://api.openbankproject.com
BankAccountsViewsCounterpartiesTransactionsForwarding the PSU consent (AISP)NOTE: This endpoint currently only returns example data.
In the mixed detailed consent on accounts
This consent replaces any prior consent that was previously sent by the AISP. Prerequisites
Business FlowThe PSU specifies to the AISP which of his/her accounts will be accessible and which functionalities should be available. The AISP forwards these settings to the ASPSP. The ASPSP answers by HTTP201 return code. Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Connector Methods:
Implemented in STETv1.4 by consentsPut
Retrieval of an account balances report (AISP)
This call returns a set of balances for a given PSU account that is specified by the AISP through an account resource Identification Prerequisites
Business flowThe AISP requests the ASPSP on one of the PSU's accounts.
Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Connector Methods:
Implemented in STETv1.4 by accountsBalancesGet
Retrieval of an account transaction set (AISP)
This call returns transactions for an account for a given PSU account that is specified by the AISP through an account resource identification. The request may use some filter parameter in order to restrict the query
The result may be subject to pagination (i.e. retrieving a partial result in case of having too many results) through a set of pages by the ASPSP. Thereafter, the AISP may ask for the first, next, previous or last page of results. Prerequisites
Business flowThe AISP requests the ASPSP on one of the PSU's accounts. It may specify some selection criteria. The ASPSP answers by a set of transactions that matches the query. The result may be subject to pagination in order to avoid an excessive result set. Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Implemented in STETv1.4 by accountsTransactionsGet
Retrieval of the PSU accounts (AISP)
This call returns all payment accounts that are relevant the PSU on behalf of whom the AISP is connected. Thanks to HYPERMEDIA, each account is returned with the links aiming to ease access to the relevant transactions and balances. The result may be subject to pagination (i.e. retrieving a partial result in case of having too many results) through a set of pages by the ASPSP. Thereafter, the AISP may ask for the first, next, previous or last page of results. Prerequisites
Business FlowThe TPP sends a request to the ASPSP for retrieving the list of the PSU payment accounts. The ASPSP computes the relevant PSU accounts and builds the answer as an accounts list. The result may be subject to pagination in order to avoid an excessive result set. Each payment account will be provided with its characteristics. Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Connector Methods:
Implemented in STETv1.4 by accountsGet
Retrieval of the identity of the end-user (AISP)NOTE: This endpoint currently only returns example data.
This call returns the identity of the PSU (end-user). Prerequisites
Business FlowThe AISP asks for the identity of the PSU. The ASPSP answers with the identity, i.e. first and last names of the end-user. Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Connector Methods:
Implemented in STETv1.4 by endUserIdentityGet
Retrieval of the trusted beneficiaries list (AISP)NOTE: This endpoint currently only returns example data.
This call returns all trusted beneficiaries that have been set by the PSU. Those beneficiaries can benefit from an SCA exemption during payment initiation. The result may be subject to pagination (i.e. retrieving a partial result in case of having too many results) through a set of pages by the ASPSP. Thereafter, the AISP may ask for the first, next, previous or last page of results. Prerequisites
Business FlowThe AISP asks for the trusted beneficiaries list. The ASPSP answers with a list of beneficiary details structure. Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Connector Methods:
Implemented in STETv1.4 by trustedBeneficiariesGet
Payment coverage check request (CBPII)NOTE: This endpoint currently only returns example data.
The CBPII can ask an ASPSP to check if a given amount can be covered by the liquidity that is available on a PSU cash account or payment card. Prerequisites
Business flowThe CBPII requests the ASPSP for a payment coverage check against either a bank account or a card primary identifier. The ASPSP answers with a structure embedding the original request and the result as a Boolean. Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Connector Methods:
Implemented in STETv1.4 by fundsConfirmationsPost
Confirmation of a payment request or a modification request (PISP)NOTE: This endpoint currently only returns example data.
The PISP confirms one of the following requests
The ASPSP answers with a status of the relevant request and the subsequent Credit Transfer. Prerequisites
Business flowOnce the PSU has been authenticated, it is the due to the PISP to confirm the Request to the ASPSP in order to complete the process flow. Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Connector Methods:
Implemented in STETv1.4 by paymentRequestConfirmationPost
Modification of a Payment/Transfer Request (PISP)NOTE: This endpoint currently only returns example data.
The PISP sent a Payment/Transfer Request through a POST command. Prerequisites
Business flowthe following cases can be applied:
Since the modification request needs a PSU authentication before committing, the modification request includes:
Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Connector Methods:
Implemented in STETv1.4 by paymentRequestPut
Payment request initiation (PISP)NOTE: This endpoint currently only returns example data.
The following use cases can be applied:
Data contentA payment request or a transfer request might embed several payment instructions having
Having at the same time multiple beneficiaries and multiple execution date might not be a relevant business case, although it is technically allowed.
Payment request can rely for execution on different payment instruments: - SEPA Credit Transfer (SCT) - Domestic Credit Transfer in a non Euro-currency - International payment The following table indicates how to use the different fields, depending on the payment instrument:
Prerequisites for all use cases
Business flowPayment Request use caseThe PISP forwards a payment request on behalf of a merchant.
Transfer Request use caseThe PISP forwards a transfer request on behalf of the owner of the account.
Standing Order Request use caseThe PISP forwards a Standing Order request on behalf of the owner of the account.
Authentication flows for all use casesAs the request posted by the PISP to the ASPSP needs a PSU authentication before execution, this request will include:
The ASPSP saves the request and answers to the PISP. The answer embeds:
Case of the PSU neither gives nor denies his/her consent, the Request shall expire and is then rejected to the PISP. The expiration delay is specified by each ASPSP. Redirect authentication approachWhen the chosen authentication approach within the ASPSP answers is set to "REDIRECT":
Decoupled authentication approachWhen the chosen authentication approach is "DECOUPLED":
Embedded authentication approachWhen the chosen authentication approach within the ASPSP answers is set to "EMBEDDED":
Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Connector Methods:
Implemented in STETv1.4 by paymentRequestsPost
Retrieval of a payment request (PISP)NOTE: This endpoint currently only returns example data.
The following use cases can be applied:
The PISP has sent a Request through a POST command. Prerequisites
Business flowThe PISP asks to retrieve the Payment/Transfer Request that has been saved by the ASPSP. The PISP uses the location link provided by the ASPSP in response of the posting of this request.
The status information must be available during at least 30 calendar days after the posting of the Payment Request. However, the ASPSP may increase this availability duration, based on its own rules. Authentication is Mandatory Typical Successful Response:
Headers:
Possible Errors:
Connector Methods:
Implemented in STETv1.4 by paymentRequestsGet
|