/
Working with PSD2 XS2A API

Working with PSD2 XS2A API

Prerequisites

Create customer and fill SCA methods using Admin-Console (Working with Admin-Console ) or API (Working with internal API)

Embedded authentication

Create consent

Request example:

curl --location --request POST 'https://api.mockbank.io/v1/consents' \ --header 'Content-Type: application/json' \ --header 'X-Request-ID: 3d1afce9-f7fe-4b3a-89cb-cd03b7820b63' \ --header 'PSU-ID: {YOUR_CUSTOMER_USERNAME}' \ --data-raw '{ "access": { "allPsd2": "allAccounts" }, "frequencyPerDay": 0, "recurringIndicator": false, "validUntil": "2030-10-10" }'

Response example:

{ "consentStatus": "received", "consentId": "{CREATED_CONSENT_ID}", "_links": { "self": { "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}" }, "status": { "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/status" }, "startAuthorisation": { "href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations" } } }

Start authorisation

Request example:

curl --location --request POST 'https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations' \ --header 'PSU-ID: {YOUR_CUSTOMER_USERNAME}' \ --header 'X-Request-ID: e5b654ab-c95e-4014-be4f-1e043e714bca' \ --header 'Content-Type: application/json' \ --data-raw '{ "psuData": { "password": "{YOUR_CUSTOMER_PASSWORD}" } }'

Response example:

Choose SCA method

Request example:

Response example:

 

Finish SCA

Request example:

Response example:

Redirect approach

Create consent

Request example:

Response example:

 

Follow the “scaRedirect” link and use {YOUR_CUSTOMER_USERNAME} and {YOUR_CUSTOMER_PASSWORD} to log in:

Verify consent

Request example:

Response example:

 

Decoupled approach

It is similar to embedded approach. The only difference is when SCA method is being selected you need to use Admin-Console to approve or reject authorisation. No more authorisation updates required.

Create consent

Start authorisation

Choose decoupled method

Approve authorisation in Admin-Console

Verify SCA status

Request example:

Response example:

 

OAUTH 2.0 approach

Prerequisites

Set up Client id, Client secret, Redirect urls for your organisation using Admin-Console

Example:

 

Get authorisation code

Go to link

Authorise with {YOUR_CUSTOMER_USERNAME} and {YOUR_CUSTOMER_PASSWORD}

 

Confirm existing scopes

 

After that you will receive redirect to {YOUR_REDIRECT_URL}?code={AUTHORISATION_CODE}

Get Access Token

Example request:

Example response:

Get Accounts

Request example using Consent-ID:

Request example using access token:

Response example:

 

Get Transactions

Request example using Consent-ID

Request example using access token:

Response example:

 

Related content

Working with internal API
Working with internal API
More like this
Working with UK Open Banking API
Working with UK Open Banking API
More like this
Working with Admin-Console
Working with Admin-Console
Read with this
Connect MockBank via AISP
Connect MockBank via AISP
More like this