Working with PSD2 XS2A API
- Andrei Galitski
- Viktor Nazarov
Introduction
3 banks / endpoints
Table of content
- 1 Introduction
- 1.1 Prerequisites
- 1.2 Embedded authentication
- 1.2.1 Create consent
- 1.2.2 Start authorisation
- 1.2.3 Choose SCA method
- 1.2.4 Finish SCA
- 1.3 Redirect approach
- 1.3.1 Verify consent
- 1.4 Decoupled approach
- 1.4.1 Create consent
- 1.4.2 Start authorisation
- 1.4.3 Choose decoupled method
- 1.4.4 Approve authorisation in Admin-Console
- 1.4.5 Verify SCA status
- 1.5 OAUTH 2.0 approach
- 1.5.1 Prerequisites
- 1.5.2 Get authorisation code
- 1.5.3 Get Access Token
- 1.6 Get Accounts
- 1.7 Get Transactions
Prerequisites
Create customer and fill SCA methods using Admin-Console (Working with Admin-Console ) or API (Working with internal API)
Embedded authentication
Create consent
Request example:
curl --location --request POST 'https://api.mockbank.io/v1/consents' \
--header 'Content-Type: application/json' \
--header 'X-Request-ID: 3d1afce9-f7fe-4b3a-89cb-cd03b7820b63' \
--header 'PSU-ID: {YOUR_CUSTOMER_USERNAME}' \
--data-raw '{
"access": {
"allPsd2": "allAccounts"
},
"frequencyPerDay": 0,
"recurringIndicator": false,
"validUntil": "2030-10-10"
}'Response example:
{
"consentStatus": "received",
"consentId": "{CREATED_CONSENT_ID}",
"_links": {
"self": {
"href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}"
},
"status": {
"href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/status"
},
"startAuthorisation": {
"href": "https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations"
}
}
}Start authorisation
Request example:
curl --location --request POST 'https://api.mockbank.io/v1/consents/{CREATED_CONSENT_ID}/authorisations' \
--header 'PSU-ID: {YOUR_CUSTOMER_USERNAME}' \
--header 'X-Request-ID: e5b654ab-c95e-4014-be4f-1e043e714bca' \
--header 'Content-Type: application/json' \
--data-raw '{
"psuData": {
"password": "{YOUR_CUSTOMER_PASSWORD}"
}
}'Response example:
Choose SCA method
Request example:
Response example:
Finish SCA
Request example:
Response example:
Redirect approach
Create consent
Request example:
Response example:
Follow the “scaRedirect” link and use {YOUR_CUSTOMER_USERNAME} and {YOUR_CUSTOMER_PASSWORD} to log in:
Verify consent
Request example:
Response example:
Decoupled approach
It is similar to embedded approach. The only difference is when SCA method is being selected you need to use Admin-Console to approve or reject authorisation. No more authorisation updates required.
Create consent
Start authorisation
Choose decoupled method
Approve authorisation in Admin-Console
Verify SCA status
Request example:
Response example:
OAUTH 2.0 approach
Prerequisites
Set up Client id, Client secret, Redirect urls for your organisation using Admin-Console
Example:
Get authorisation code
Go to link
Authorise with {YOUR_CUSTOMER_USERNAME} and {YOUR_CUSTOMER_PASSWORD}
Confirm existing scopes
After that you will receive redirect to {YOUR_REDIRECT_URL}?code={AUTHORISATION_CODE}
Get Access Token
Example request:
Example response:
Get Accounts
Request example using Consent-ID:
Request example using access token:
Response example:
Get Transactions
Request example using Consent-ID
Request example using access token:
Response example: