Working with PSD2 XS2A API

Prerequisites

Create customer and fill SCA methods using Admin-Console (https://jrholding.atlassian.net/wiki/spaces/MPD/pages/679149583 ) or API (https://jrholding.atlassian.net/wiki/spaces/MPD/pages/685899802)

Embedded authentication

Request example:

curl --location --request POST 'https://api.mockbank.io/v1/consents' \ --header 'Content-Type: application/json' \ --header 'X-Request-ID: 3d1afce9-f7fe-4b3a-89cb-cd03b7820b63' \ --header 'PSU-ID: {YOUR_CUSTOMER_USERNAME}' \ --data-raw '{ "access": { "allPsd2": "allAccounts" }, "frequencyPerDay": 0, "recurringIndicator": false, "validUntil": "2030-10-10" }'

Response example:

{ "consentStatus": "received", "consentId": "{CREATED_CONSENT_ID}", "_links": { "self": { "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}" }, "status": { "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/status" }, "startAuthorisation": { "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations" } } }

Start authorisation

Request example:

curl --location --request POST 'https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations' \ --header 'PSU-ID: {YOUR_CUSTOMER_USERNAME}' \ --header 'X-Request-ID: e5b654ab-c95e-4014-be4f-1e043e714bca' \ --header 'Content-Type: application/json' \ --data-raw '{ "psuData": { "password": "{YOUR_CUSTOMER_PASSWORD}" } }'

Response example:

Choose SCA method

Request example:

Response example:

 

Finish SCA

Request example:

Response example:

Redirect approach

Create consent

Request example:

Response example:

 

Follow the “scaRedirect” link and use {YOUR_CUSTOMER_USERNAME} and {YOUR_CUSTOMER_PASSWORD} to log in:

Request example:

Response example:

 

Decoupled approach

It is similar to embedded approach. The only difference is when SCA method is being selected you need to use Admin-Console to approve or reject authorisation. No more authorisation updates required.

Create consent

Start authorisation

Choose decoupled method

Approve authorisation in Admin-Console

Verify SCA status

Request example:

Response example:

 

OAUTH 2.0 approach

Prerequisites

Set up Client id, Client secret, Redirect urls for your organisation using Admin-Console

Example:

 

Get authorisation code

Go to link

Authorise with {YOUR_CUSTOMER_USERNAME} and {YOUR_CUSTOMER_PASSWORD}

 

Confirm existing scopes

 

After that you will receive redirect to {YOUR_REDIRECT_URL}?code={AUTHORISATION_CODE}

Get Access Token

Example request:

Example response:

Get Accounts

Request example using Consent-ID:

Request example using access token:

Response example:

 

Get Transactions

Request example using Consent-ID

Request example using access token:

Response example: