Versions Compared

Old Version 15

changes.mady.by.user Viktor Nazarov

Saved on

compared with

New Version 16

changes.mady.by.user Viktor Nazarov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

3 banks / endpoints

Table of content

Table of Contents
Note

Prerequisites

Create customer and fill SCA methods using Admin-Console (Working with Admin-Console ) or API (Working with internal API)

Embedded authentication

Create consent

Request example:

Code Block
curl --location --request POST 'https://api.mockbank.io/v1/consents' \
--header 'Content-Type: application/json' \
--header 'X-Request-ID: 3d1afce9-f7fe-4b3a-89cb-cd03b7820b63' \
--header 'PSU-ID: {YOUR_CUSTOMER_EMAIL}' \
--data-raw '{
  "access": {
    "allPsd2": "allAccounts"
    },
  "frequencyPerDay": 0,
  "recurringIndicator": false,
  "validUntil": "2030-10-10"
}'

Response example:

Code Block
{
    "consentStatus": "received",
    "consentId": "{CREATED_CONSENT_ID}",
    "_links": {
        "self": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}"
        },
        "status": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/status"
        },
        "startAuthorisation": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations"
        }
    }
}

Start authorisation

Request example:

Code Block
curl --location --request POST 'https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations' \
--header 'PSU-ID: {YOUR_CUSTOMER_EMAIL}' \
--header 'X-Request-ID: e5b654ab-c95e-4014-be4f-1e043e714bca' \
--header 'Content-Type: application/json' \
--data-raw '{
    "psuData": {
        "password": "{YOUR_CUSTOMER_PASSWORD}"
    }
}'

Response example:

Code Block
{
    "scaStatus": "psuAuthenticated",
    "authorisationId": "{CREATED_AUTHORISATION_ID}",
    "scaMethods": [
        {
            "authenticationType": "SMS",
            "authenticationMethodId": "smstaniphonex",
            "authenticationVersion": "0",
            "name": "Verify by Phone",
            "explanation": "Send SMS to +489********34",
            "decoupled": false
        },
        {
            "authenticationType": "APP",
            "authenticationMethodId": "vaultappcheck",
            "authenticationVersion": "0",
            "name": "Verify by App",
            "explanation": "Please check your app",
            "decoupled": true
        }
    ],
    "_links": {
        "updatePsuAuthentication": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations/{CREATED_AUTHORISATION_ID}"
        },
        "scaStatus": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations/{CREATED_AUTHORISATION_ID}"
        }
    }
}

Choose SCA method

Request example:

Code Block
curl --location --request PUT 'https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations/{CREATED_AUTHORISATION_ID}' \
--header 'PSU-ID: {YOUR_CUSTOMER_EMAIL}' \
--header 'X-Request-ID: 652d39c2-f0e4-4d24-bf05-25bcc11e064a' \
--header 'Content-Type: application/json' \
--data-raw '
{
    "authenticationMethodId": "smstaniphonex"
}'

Response example:

Code Block
{
    "scaMethods": [
        {
            "authenticationType": "SMS",
            "authenticationMethodId": "smstaniphonex",
            "authenticationVersion": "0",
            "name": "Verify by Phone",
            "explanation": "Send SMS to +489********34",
            "decoupled": false
        },
        {
            "authenticationType": "APP",
            "authenticationMethodId": "vaultappcheck",
            "authenticationVersion": "0",
            "name": "Verify by App",
            "explanation": "Please check your app",
            "decoupled": true
        }
    ],
    "_links": {
        "scaStatus": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations/{CREATED_AUTHORISATION_ID}"
        },
        "authoriseTransaction": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations/{CREATED_AUTHORISATION_ID}"
        }
    },
    "scaStatus": "scaMethodSelected",
    "authorisationId": "{CREATED_AUTHORISATION_ID}"
}

Finish SCA

Request example:

Code Block
curl --location --request PUT 'https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations/{CREATED_AUTHORISATION_ID}' \
--header 'PSU-ID: {YOUR_CUSTOMER_EMAIL}' \
--header 'X-Request-ID: 59339c1d-f7f1-4112-bc18-8419a34c66f7' \
--header 'Content-Type: application/json' \
--data-raw '{

    "scaAuthenticationData": "123321"

}'

Response example:

Code Block
{
    "scaMethods": [
        {
            "authenticationType": "SMS",
            "authenticationMethodId": "smstaniphonex",
            "authenticationVersion": "0",
            "name": "Verify by Phone",
            "explanation": "Send SMS to +489********34",
            "decoupled": false
        },
        {
            "authenticationType": "APP",
            "authenticationMethodId": "vaultappcheck",
            "authenticationVersion": "0",
            "name": "Verify by App",
            "explanation": "Please check your app",
            "decoupled": true
        }
    ],
    "_links": {
        "scaStatus": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations/{CREATED_AUTHORISATION_ID}"
        }
    },
    "scaStatus": "finalised",
    "authorisationId": "{CREATED_AUTHORISATION_ID}"
}

Redirect approach

Create consent

Request example:

Code Block
curl --location --request POST 'https://api.mockbank.io/v1/consents' \
--header 'Content-Type: application/json' \
--header 'X-Request-ID: b1c7e088-180c-49fc-8f45-889ad8b9381e' \
--header 'PSU-ID: {YOUR_CUSTOMER_EMAIL}' \
--header 'TPP-Redirect-Preferred: true' \
--header 'TPP-Redirect-URI: {YOUR_REDIRECT_URL_ON_SUCCESS}' \
--header 'TPP-Nok-Redirect-URI: {YOUR_REDIRECT_URL_ON_FAIL}' \
--data-raw '{
  "access": {
    "allPsd2": "allAccounts"
    },
  "frequencyPerDay": 0,
  "recurringIndicator": false,
  "validUntil": "2030-10-10"
}'

Response example:

Code Block
{
    "consentStatus": "received",
    "consentId": "{CREATED_CONSENT_ID}",
    "_links": {
        "scaRedirect": {
            "href": "https://https://app.mockbank.io/sca/login?redirectId={REDIRECT_ID}&consentId={CREATED_CONSENT_ID}&internalRequestId={INTERNAL_REQUEST_ID}"
        },
        "self": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}"
        },
        "status": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/status"
        }
    }
}

Follow the “scaRedirect” link and use {YOUR_CUSTOMER_EMAIL} and {YOUR_CUSTOMER_PASSWORD} to log in:

Verify consent

Request example:

Code Block
curl --location --request GET 'https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/status' \
--header 'Content-Type: application/json' \
--header 'X-Request-ID: 860892f8-e91e-417e-8a7b-ca0ef9e1f7ee' \
--header 'PSU-ID: {YOUR_CUSTOMER_EMAIL}'

Response example:

Code Block
{
    "consentStatus": "received"
}

Decoupled approach

Info

It is similar to embedded approach. The only difference is when SCA method is being selected you need to use Admin-Console to approve or reject authorisation. No more authorisation updates required.

Create consent

Code Block
curl --location --request POST 'https://api.mockbank.io/v1/consents' \
--header 'Content-Type: application/json' \
--header 'X-Request-ID: 3d1afce9-f7fe-4b3a-89cb-cd03b7820b63' \
--header 'PSU-ID: {YOUR_CUSTOMER_EMAIL}' \
--data-raw '{
  "access": {
    "allPsd2": "allAccounts"
    },
  "frequencyPerDay": 0,
  "recurringIndicator": false,
  "validUntil": "2030-10-10"
}'

Start authorisation

Code Block
curl --location --request POST 'https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations' \
--header 'PSU-ID: {YOUR_CUSTOMER_EMAIL}' \
--header 'X-Request-ID: e5b654ab-c95e-4014-be4f-1e043e714bca' \
--header 'Content-Type: application/json' \
--data-raw '{
    "psuData": {
        "password": "{YOUR_CUSTOMER_PASSWORD}"
    }
}'

Choose decoupled method

Code Block
{
    "_links": {
        "scaStatus": {
            "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations/{CREATED_AUTHORISATION_ID}"
        }
    },
    "scaStatus": "scaMethodSelected",
    "authorisationId": "{CREATED_AUTHORISATION_ID}"
}

Approve authorisation in Admin-Console

Verify SCA status

Request example:

Code Block
curl --location --request GET 'https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations/{CREATED_AUTHORISATION_ID}' \
--header 'PSU-ID: {YOUR_CUSTOMER_EMAIL}' \
--header 'X-Request-ID: 6c4a8bef-4d5e-43e4-9889-3e01ae57158c'

Response example:

Code Block
{
    "scaStatus": "finalised"
}

OAUTH 2.0 approach

Note

Prerequisites

Set up Client id, Client secret, Redirect urls for your organisation using Admin-Console

Example:

Get authorisation code

Go to link

Code Block
https://oauth.mockbank.io/oauth/authorize?client_id={YOUR_CLIENT_ID}&response_type=code&redirect_uri={YOUR_REDIRECT_URL}

Authorise with {YOUR_CUSTOMER_EMAIL} and {YOUR_CUSTOMER_PASSWORD}

Confirm existing scopes

After that you will receive redirect to {YOUR_REDIRECT_URL}?code={AUTHORISATION_CODE}

Get Access Token

Example request:

Code Block
curl --location --request POST 'https://oauth.mockbank.io/oauth/token' \
--header 'Authorization: Basic {YOUR_CLIENTID_CLIENT_SECRET}' \
--form 'redirect_uri={YOUR_REDIRECT_URL}' \
--form 'code={AUTHORISATION_CODE}' \
--form 'grant_type=authorization_code'

Example response:

Code Block
{
    "access_token": "{ACCESS_TOKEN}",
    "token_type": "bearer",
    "refresh_token": "{REFRESH_TOKEN}",
    "expires_in": 3649,
    "scope": "balances accounts transactions"
}

Get Accounts

Get Transactions