Paths
/account-requests
Create an account request
Create an account request
TPP client credential authorisation flow with the ASPSP
Create an Account Request
{
"schema": {
"title": "Account Request POST request",
"description": "Allows setup of an account access request",
"type": "object",
"properties": {
"Data": {
"title": "Data",
"description": "Allows setup of an account access request",
"type": "object",
"properties": {
"Permissions": {
"description": "Specifies the account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.",
"type": "array",
"items": {
"description": "Specifies the account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.",
"type": "string",
"enum": [
"ReadAccountsBasic",
"ReadAccountsDetail",
"ReadBalances",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail",
"ReadDirectDebits",
"ReadProducts",
"ReadStandingOrdersBasic",
"ReadStandingOrdersDetail",
"ReadTransactionsBasic",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadTransactionsDetail"
]
},
"minProperties": 1,
"additionalProperties": false
},
"ExpirationDateTime": {
"description": "Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended.",
"type": "string",
"format": "date-time"
},
"TransactionFromDateTime": {
"description": "Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.",
"type": "string",
"format": "date-time"
},
"TransactionToDateTime": {
"description": "Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.",
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"Permissions"
]
},
"Risk": {
"title": "Risk",
"type": "object",
"description": "The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.",
"properties": [],
"additionalProperties": false
}
},
"additionalProperties": false,
"required": [
"Data",
"Risk"
]
}
}The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
Header containig a detached JWS signature of the body of the payload.
Account Request resource successfully created
{
"schema": {
"title": "Account Request POST response",
"type": "object",
"properties": {
"Data": {
"title": "Data",
"type": "object",
"properties": {
"AccountRequestId": {
"description": "Unique identification as assigned to identify the account request resource.",
"type": "string",
"minLength": 1,
"maxLength": 128
},
"Status": {
"description": "Specifies the status of the account request resource.",
"type": "string",
"enum": [
"Authorised",
"AwaitingAuthorisation",
"Rejected",
"Revoked"
]
},
"CreationBad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/account-requests/{AccountRequestId}
Get an account request
Get an account request
TPP client credential authorisation flow with the ASPSP
Unique identification as assigned by the ASPSP to uniquely identify the account request resource.
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Account Request resource successfully retrieved
{
"schema": {
"title": "Account Request GET response",
"type": "object",
"properties": {
"Data": {
"title": "Data",
"type": "object",
"properties": {
"AccountRequestId": {
"description": "Unique identification as assigned to identify the account request resource.",
"type": "string",
"minLength": 1,
"maxLength": 128
},
"Status": {
"description": "Specifies the status of the account request resource.",
"type": "string",
"enum": [
"Authorised",
"AwaitingAuthorisation",
"Rejected",
"Revoked"
]
},
"CreationDBad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
Delete an account request
Delete an account request
TPP client credential authorisation flow with the ASPSP
Unique identification as assigned by the ASPSP to uniquely identify the account request resource.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
Account Request resource successfully deleted
Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/accounts
Get Accounts
Get a list of accounts
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Accounts successfully retrieved
{
"schema": {
"title": "Account GET response",
"type": "object",
"properties": {
"Data": {
"title": "Account",
"type": "array",
"items": {
"type": "object",
"title": "Account",
"description": "Account",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"Currency": {
"description": "Identification of the currency in which the account is held. Usage: Currency should only be used in case one and the same account number covers several currenBad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/accounts/{AccountId}
Get Account
Get an account
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
A unique identifier used to identify the account resource.
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Account resource successfully retrieved
{
"schema": {
"title": "Account GET response",
"type": "object",
"properties": {
"Data": {
"title": "Account",
"type": "array",
"items": {
"type": "object",
"title": "Account",
"description": "Account",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"Currency": {
"description": "Identification of the currency in which the account is held. Usage: Currency should only be used in case one and the same account number covers several currenBad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/accounts/{AccountId}/transactions
Get Account Transactions
Get transactions related to an account
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
A unique identifier used to identify the account resource.
The UTC ISO 8601 Date Time to filter transactions FROM - NB Time component is optional - set to 00:00:00 for just Date
The UTC ISO 8601 Date Time to filter transactions TO - NB Time component is optional - set to 00:00:00 for just Date
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Account Transactions successfully retrieved
{
"schema": {
"title": "Account Transactions GET response",
"type": "object",
"properties": {
"Data": {
"title": "Transaction",
"description": "Data Section of the Payload",
"type": "array",
"items": {
"type": "object",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"TransactionId": {
"description": "Unique identifier for the transaction within an servicing institution. This identifier is both unique and immutable.",
"type": "strinBad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/accounts/{AccountId}/beneficiaries
Get Account Beneficiaries
Get Beneficiaries related to an account
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
A unique identifier used to identify the account resource.
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Account Beneficiaries successfully retrieved
{
"schema": {
"title": "Beneficiaries GET response",
"type": "object",
"properties": {
"Data": {
"title": "Beneficiary",
"type": "array",
"items": {
"type": "object",
"title": "Beneficiary",
"description": "Beneficiary",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"BeneficiaryId": {
"description": "A unique and immutable identifier used to identify the beneficiary resource. This identifier has no meaning to the account owner.",
Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/accounts/{AccountId}/balances
Get Account Balances
Get Balances related to an account
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
A unique identifier used to identify the account resource.
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Account Beneficiaries successfully retrieved
{
"schema": {
"title": "Balances GET response",
"type": "object",
"properties": {
"Data": {
"title": "Balance",
"type": "array",
"items": {
"type": "object",
"title": "Balance",
"description": "Balance",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"Amount": {
"description": "Amount of money of the cash balance.",
"type": "object",
"properties": {
Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/accounts/{AccountId}/direct-debits
Get Account Direct Debits
Get Direct Debits related to an account
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
A unique identifier used to identify the account resource.
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Account Direct Debits successfully retrieved
{
"schema": {
"title": "Account GET response",
"type": "object",
"properties": {
"Data": {
"title": "DirectDebit",
"type": "array",
"items": {
"type": "object",
"title": "Direct Debit",
"description": "Direct Debit",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"DirectDebitId": {
"description": "A unique and immutable identifier used to identify the direct debit resource. This identifier has no meaning to the account owner.",
Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/accounts/{AccountId}/standing-orders
Get Account Standing Orders
Get Standing Orders related to an account
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
A unique identifier used to identify the account resource.
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Account Standing Orders successfully retrieved
{
"schema": {
"title": "Standing Orders GET response",
"type": "object",
"properties": {
"Data": {
"title": "StandingOrder",
"type": "array",
"items": {
"type": "object",
"title": "Standing Order",
"description": "Standing Order",
"properties": {
"AccountId": {
"description": "The date on which the first payment for a Standing Order schedule will be made.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"StandingOrderId": {
"description": "A unique and immutable identifier used to identify the standing order resource. This identifier has no meaning to the account owner.",
"type":Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/accounts/{AccountId}/product
Get Account Product
Get Product related to an account
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
A unique identifier used to identify the account resource.
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Account Product successfully retrieved
{
"schema": {
"title": "Product GET response",
"type": "object",
"properties": {
"Data": {
"title": "Product",
"type": "array",
"items": {
"type": "object",
"title": "Product",
"description": "Product",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"ProductIdentifier": {
"description": "Identifier within the parent organisation for the product. Must be unique in the organisation.",
"type": "string"
Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/standing-orders
Get Standing Orders
Get Standing Orders
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Standing Orders successfully retrieved
{
"schema": {
"title": "Standing Orders GET response",
"type": "object",
"properties": {
"Data": {
"title": "StandingOrder",
"type": "array",
"items": {
"type": "object",
"title": "Standing Order",
"description": "Standing Order",
"properties": {
"AccountId": {
"description": "The date on which the first payment for a Standing Order schedule will be made.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"StandingOrderId": {
"description": "A unique and immutable identifier used to identify the standing order resource. This identifier has no meaning to the account owner.",
"type":Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/direct-debits
Get Direct Debits
Get Direct Debits
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Direct Debits successfully retrieved
{
"schema": {
"title": "Account GET response",
"type": "object",
"properties": {
"Data": {
"title": "DirectDebit",
"type": "array",
"items": {
"type": "object",
"title": "Direct Debit",
"description": "Direct Debit",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"DirectDebitId": {
"description": "A unique and immutable identifier used to identify the direct debit resource. This identifier has no meaning to the account owner.",
Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/beneficiaries
Get Beneficiaries
Get Beneficiaries
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Beneficiaries successfully retrieved
{
"schema": {
"title": "Beneficiaries GET response",
"type": "object",
"properties": {
"Data": {
"title": "Beneficiary",
"type": "array",
"items": {
"type": "object",
"title": "Beneficiary",
"description": "Beneficiary",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"BeneficiaryId": {
"description": "A unique and immutable identifier used to identify the beneficiary resource. This identifier has no meaning to the account owner.",
Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/transactions
Get Transactions
Get Transactions
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
The UTC ISO 8601 Date Time to filter transactions FROM - NB Time component is optional - set to 00:00:00 for just Date
The UTC ISO 8601 Date Time to filter transactions TO - NB Time component is optional - set to 00:00:00 for just Date
Transactions successfully retrieved
{
"schema": {
"title": "Account Transactions GET response",
"type": "object",
"properties": {
"Data": {
"title": "Transaction",
"description": "Data Section of the Payload",
"type": "array",
"items": {
"type": "object",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"TransactionId": {
"description": "Unique identifier for the transaction within an servicing institution. This identifier is both unique and immutable.",
"type": "strinBad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/balances
Get Balances
Get Balances
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Balances successfully retrieved
{
"schema": {
"title": "Balances GET response",
"type": "object",
"properties": {
"Data": {
"title": "Balance",
"type": "array",
"items": {
"type": "object",
"title": "Balance",
"description": "Balance",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"Amount": {
"description": "Amount of money of the cash balance.",
"type": "object",
"properties": {
Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error
/products
Get Products
Get Products
OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU
The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.
The time when the PSU last logged in with the TPP.
The PSU's IP address if the PSU is currently logged in with the TPP.
An RFC4122 UID used as a correlation id.
An Authorisation Token as per https://tools.ietf.org/html/rfc6750
Products successfully retrieved
{
"schema": {
"title": "Products GET response",
"type": "object",
"properties": {
"Data": {
"title": "Product",
"type": "array",
"items": {
"type": "object",
"title": "Product",
"description": "Product",
"properties": {
"AccountId": {
"description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.",
"type": "string",
"minLength": 1,
"maxLength": 40
},
"ProductIdentifier": {
"description": "Identifier within the parent organisation for the product. Must be unique in the organisation.",
"type": "string"
Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error