Overview
PSD2 Compliant XS2A Payment services (PSD 2) - Directive (EU) 2015/2366 API based on Berlin Group NextGenPSD2 XS2A Specification v1.3 (BGS).
SCA Approach
We use REDIRECT SCA approach with implicit start of the authorisation process (detailed description and schemes can be found in page 54 for payments and page 108 for consents of BGS document). Implicit process means that we automatically create authorisation resource and return this information in the response.
Consent Model
We let PSU to choose what he allows in the consent, so information passed in the consent works only as a reference to mark checkboxes. In case consent information contains accounts that do not belong to user or does not exist in the system, or overall consent is passed without accounts, then checkbox’s will not be marked for the PSU after he logs into the application.
Differences From Berlin Group Standard
Different Versioning Approach
Instead of path versioning that is mentioned in the BGS documentation, we use header versioning. More information about this can be found later in the document (API Versioning).
Optional parameters
Get account transactions endpoint uses two optional parameters for paging:
-
pageSize– sets record count per page; -
page– sets which page is displayed;
Differences in responses
Get account transactions endpoint uses different response structure. Instead of returning two lists (pending and booked) in the response, we simply return a single list with additional boolean parameter peding in the transaction record, where value of true indicates that transaction is pending and value of false that is booked.
API Versioning
Current API version: 1
API uses X-API-Version header parameter to determine current API version. If this parameter is not passed, the system will return 404 Not Found error.
Version header usage can be found in examples. We use only major version of API, so all changes that does not break backward compatibility does not increase version number. New API version is added on when non backward compatible changes are made:
-
Adding restrictive logic (e.g. making fields mandatory, business validation logic);
-
Removing fields;
-
Removing endpoints;
Upcoming major API versions are instantly released to production and will run in parallel with old version. Old version will be available for at least 6 months before removal.
All upcoming documentation will be provided in the documentation page, so it is advisable to check this page once a month.
1. Account Information Service (AIS)
1.1. Get accounts
GET /api/public/accounts
Read the identifiers of the available payment account together with booking balance information, depending on the consent granted.
1.1.1. Path parameters
No parameters.
1.1.2. Query parameters
No parameters.
1.1.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
Consent-ID |
String |
false |
ID of the corresponding consent object as returned by an Account Information Consent Request. |
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
1.1.4. Request fields
No request body.
1.1.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
1.1.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
Unique identification of corresponding resource. |
|
|
International Bank Account Number. |
|
|
Account’s currency. |
|
|
Account name. |
|
|
This parameter not supported. Support might be implemented in the future. |
|
|
Account status. |
|
|
A link to the account resource itself. |
|
|
A link to the resource providing the balance of a dedicated account. |
|
|
A link to the resource providing the transaction history of a dedicated account. |
1.1.7. Example request
GET /api/public/accounts HTTP/1.1
Accept: application/hal+json
X-Request-ID: ad0b813d-5d1e-4aa0-898f-cc6ca45ebb84
X-API-Version: 1
Consent-ID: 09c7895e-56ab-4187-8ca9-a89870e53a85
Host: psd2.nano.lt1.1.8. Example response
HTTP/1.1 200 OK
X-Request-ID: ad0b813d-5d1e-4aa0-898f-cc6ca45ebb84
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 2186
{
"accounts" : [ {
"resourceId" : "b4b921f9-2c91-3f60-9940-057b9b2cc410",
"iban" : "LT053570010000000226",
"currency" : "EUR",
"name" : "My first account",
"product" : "ACC_INT_SAVER",
"status" : "enabled",
"_links" : {
"self" : {
"href" : "http://localhost/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410"
},
"balances" : {
"href" : "http://localhost/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/balances"
},
"transactions" : {
"href" : "http://localhost/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?dateFrom={dateFrom}&page=0&pageSize=0{&bookingStatus,dateTo}",
"templated" : true
}
}
}, {
"resourceId" : "b78cb40c-1eba-3b1e-8b2b-08575dd70447",
"iban" : "LT323570010000000031",
"currency" : "EUR",
"name" : "My second account",
"product" : "ACC_INT_SAVER",
"status" : "enabled",
"_links" : {
"self" : {
"href" : "http://localhost/api/public/accounts/b78cb40c-1eba-3b1e-8b2b-08575dd70447"
},
"balances" : {
"href" : "http://localhost/api/public/accounts/b78cb40c-1eba-3b1e-8b2b-08575dd70447/balances"
},
"transactions" : {
"href" : "http://localhost/api/public/accounts/b78cb40c-1eba-3b1e-8b2b-08575dd70447/transactions?dateFrom={dateFrom}&page=0&pageSize=0{&bookingStatus,dateTo}",
"templated" : true
}
}
}, {
"resourceId" : "1d29fc2b-ef87-39dd-b604-78f5a1d072dd",
"iban" : "LT323570010000000031",
"currency" : "USD",
"name" : "My second account",
"product" : "ACC_INT_SAVER",
"status" : "enabled",
"_links" : {
"self" : {
"href" : "http://localhost/api/public/accounts/1d29fc2b-ef87-39dd-b604-78f5a1d072dd"
},
"balances" : {
"href" : "http://localhost/api/public/accounts/1d29fc2b-ef87-39dd-b604-78f5a1d072dd/balances"
},
"transactions" : {
"href" : "http://localhost/api/public/accounts/1d29fc2b-ef87-39dd-b604-78f5a1d072dd/transactions?dateFrom={dateFrom}&page=0&pageSize=0{&bookingStatus,dateTo}",
"templated" : true
}
}
} ]
}1.2. Get account
GET /api/public/accounts/{accountId}
Reads details about an account, with balances where required. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.
1.2.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
accountId |
String |
false |
This identification is denoting the addressed account. The accountId is retrieved by using a "Read Account List" call. The accountId is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent. |
1.2.2. Query parameters
No parameters.
1.2.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
Consent-ID |
String |
false |
ID of the corresponding consent object as returned by an Account Information Consent Request. |
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
1.2.4. Request fields
No request body.
1.2.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
1.2.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
Unique identification of corresponding resource. |
|
|
International Bank Account Number. |
|
|
Account’s currency. |
|
|
Account name. |
|
|
This parameter not supported. Support might be implemented in the future. |
|
|
Account status. |
|
|
A link to the account resource itself. |
|
|
A link to the resource providing the balance of a dedicated account. |
|
|
A link to the resource providing the transaction history of a dedicated account. |
1.2.7. Example request
GET /api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410 HTTP/1.1
Accept: application/hal+json
X-Request-ID: 079df1cd-45f4-45e1-b91c-648f5f68c7e9
X-API-Version: 1
Consent-ID: 09c7895e-56ab-4187-8ca9-a89870e53a85
Host: psd2.nano.lt1.2.8. Example response
HTTP/1.1 200 OK
X-Request-ID: 079df1cd-45f4-45e1-b91c-648f5f68c7e9
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 737
{
"account" : {
"resourceId" : "b4b921f9-2c91-3f60-9940-057b9b2cc410",
"iban" : "LT053570010000000226",
"currency" : "EUR",
"name" : "My first account",
"product" : "ACC_INT_SAVER",
"status" : "enabled",
"_links" : {
"self" : {
"href" : "http://localhost/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410"
},
"balances" : {
"href" : "http://localhost/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/balances"
},
"transactions" : {
"href" : "http://localhost/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?dateFrom={dateFrom}&page=0&pageSize=0{&bookingStatus,dateTo}",
"templated" : true
}
}
}
}1.3. Get account balances
GET /api/public/accounts/{accountId}/balances
Read account balances. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.
1.3.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
accountId |
String |
false |
This identification is denoting the addressed account. The accountId is retrieved by using a "Read Account List" call. The accountId is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent. |
1.3.2. Query parameters
No parameters.
1.3.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
Consent-ID |
String |
false |
ID of the corresponding consent object as returned by an Account Information Consent Request. |
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
1.3.4. Request fields
No request body.
1.3.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
1.3.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
International Bank Account Number. |
|
|
Account’s currency. |
|
|
Balance amount currency. |
|
|
Balance amount value. |
|
|
Balance type. Must be one of [closingBooked, expected, openingBooked, interimAvailable, forwardAvailable, nonInvoiced]. |
|
|
Reference date of the balance. |
1.3.7. Example request
GET /api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/balances HTTP/1.1
Accept: application/hal+json
X-Request-ID: 3fe76377-54cd-4ec8-9748-8e42448b96e6
X-API-Version: 1
Consent-ID: 09c7895e-56ab-4187-8ca9-a89870e53a85
Host: psd2.nano.lt1.3.8. Example response
HTTP/1.1 200 OK
X-Request-ID: 3fe76377-54cd-4ec8-9748-8e42448b96e6
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 286
{
"balances" : [ {
"account" : {
"iban" : "LT053570010000000226",
"currency" : "EUR"
},
"balanceAmount" : {
"currency" : "EUR",
"amount" : "1950.30"
},
"balanceType" : "closingBooked",
"referenceDate" : "2018-11-27T13:54:03.946"
} ]
}1.4. Get account transactions
GET /api/public/accounts/{accountId}/transactions
Read account transactions. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.
1.4.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
accountId |
String |
false |
This identification is denoting the addressed account. The accountId is retrieved by using a "Read Account List" call. The accountId is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent. |
1.4.2. Query parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
bookingStatus |
String |
true |
Available values: "booked", "pending" and "both". Must be one of [booked, pending, both]. Default value: 'both'. |
dateFrom |
Object |
false |
Starting date (inclusive the date dateFrom) of the transaction list. |
dateTo |
Object |
true |
End date (inclusive the data dateTo) of the transaction list, default is "now" if not give. |
page |
Integer |
true |
Default value: '1'. |
pageSize |
Integer |
true |
Default value: '25'. |
1.4.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
Consent-ID |
String |
false |
ID of the corresponding consent object as returned by an Account Information Consent Request. |
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
1.4.4. Request fields
No request body.
1.4.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
1.4.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
International Bank Account Number. |
|
|
Account’s currency. |
|
|
Internal identification number. |
|
|
Unique end to end identity. |
|
|
The Date when an entry is posted to an account on the ASPSPs books. |
|
|
The Date at which assets become available to the account owner in case of a credit. |
|
|
The amount of the transaction as billed to the account (currency). |
|
|
The amount of the transaction as billed to the account (value). |
|
|
Name of the creditor if a "Debited" transaction. |
|
|
Creditor International Bank Account Number. |
|
|
Creditor International Bank Account currency. |
|
|
Name of ultimate creditor. |
|
|
Name of the debtor if a "Credited" transaction. |
|
|
Debtor International Bank Account Number. |
|
|
Debtor International Bank Account currency. |
|
|
Name of ultimate debtor. |
|
|
Unstructured remittance reference. |
|
|
Reference as contained in the structured remittance reference structure (without the surrounding XML structure). |
|
|
Bank transaction code as used by the ASPSP and using the sub elements of this structured code defined by ISO20022. |
|
|
Transaction status flag. "True" means that transaction is still "pending". "False" means that transaction has been processed. |
|
|
A link to the account transactions resource itself. |
|
|
Navigation link for paginated account transactions (first page). |
|
|
Navigation link for paginated account transactions (previous page). |
|
|
Navigation link for paginated account transactions (next page). |
|
|
Navigation link for paginated account transactions (last page). |
1.4.7. Example request
GET /api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?dateFrom=2018-09-01&dateTo=2018-11-27&page=1&pageSize=2&bookingStatus=both HTTP/1.1
Accept: application/hal+json
X-Request-ID: 99f2adbe-8546-4cf8-953a-92ff840a23ae
X-API-Version: 1
Consent-ID: 09c7895e-56ab-4187-8ca9-a89870e53a85
Host: psd2.nano.lt1.4.8. Example response
HTTP/1.1 200 OK
X-Request-ID: 99f2adbe-8546-4cf8-953a-92ff840a23ae
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 2479
{
"account" : {
"iban" : "LT053570010000000226",
"currency" : "EUR"
},
"transactions" : [ {
"transactionId" : "00016236",
"endToEndId" : "TEST_END_TO_END_ID",
"bookingDate" : "2018-09-14T12:33:40.811",
"valueDate" : "2018-09-13",
"transactionAmount" : {
"currency" : "EUR",
"amount" : "134.40"
},
"creditorName" : "TEST_CREDITOR_NAME",
"creditorAccount" : {
"iban" : "LT053570010000000226",
"currency" : "EUR"
},
"ultimateCreditor" : "TEST_ULTIMATE_CREDITOR",
"debtorName" : "TEST_DEBTOR_NAME",
"ultimateDebtor" : "TEST_ULTIMATE_DEBTOR",
"remittanceInformationUnstructured" : "Internal transfer",
"remittanceInformationStructured" : "TEST_REMITTANCE_INFORMATION_STRUCTURED",
"bankTransactionCode" : "INTERNAL_TRANSFER.TRANSFER",
"pending" : false
}, {
"transactionId" : "00016237",
"bookingDate" : "2018-09-14T12:41:26.59",
"valueDate" : "2018-09-14",
"transactionAmount" : {
"currency" : "EUR",
"amount" : "50.30"
},
"creditorName" : "Jayme Bame",
"creditorAccount" : {
"iban" : "LT323570010000000031",
"currency" : "EUR"
},
"ultimateCreditor" : "TEST_ULTIMATE_CREDITOR",
"debtorName" : "Vina Herbert",
"debtorAccount" : {
"iban" : "LT053570010000000226",
"currency" : "EUR"
},
"ultimateDebtor" : "TEST_ULTIMATE_DEBTOR",
"remittanceInformationUnstructured" : "For you",
"bankTransactionCode" : "INTERNAL_TRANSFER.TRANSFER",
"pending" : false
} ],
"_links" : {
"self" : {
"href" : "http://localhost/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?bookingStatus=both&dateFrom=2018-09-01&dateTo=2018-11-27&pageSize=2&page=2"
},
"first" : {
"href" : "http://localhost/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?bookingStatus=both&dateFrom=2018-09-01&dateTo=2018-11-27&pageSize=2&page=1"
},
"prev" : {
"href" : "http://localhost/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?bookingStatus=both&dateFrom=2018-09-01&dateTo=2018-11-27&pageSize=2&page=1"
},
"next" : {
"href" : "http://localhost/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?bookingStatus=both&dateFrom=2018-09-01&dateTo=2018-11-27&pageSize=2&page=3"
},
"last" : {
"href" : "http://localhost/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?bookingStatus=both&dateFrom=2018-09-01&dateTo=2018-11-27&pageSize=2&page=9"
}
}
}1.5. Create account consent
POST /api/public/consents
This method create a consent resource, defining access rights to dedicated accounts.
1.5.1. Path parameters
No parameters.
1.5.2. Query parameters
No parameters.
1.5.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
TPP-Redirect-URI |
String |
false |
URI of the TPP, where the transaction flow shall be redirected to after a Redirect. |
TPP-Nok-Redirect-URI |
String |
false |
If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method. |
1.5.4. Request fields
| Path | Type | Optional | Description |
|---|---|---|---|
access |
Object |
false |
Requested access services. |
access.accounts |
Array[Object] |
true |
Is asking for detailed account information. |
access.accounts[].iban |
String |
false |
Must match the regular expression |
access.accounts[].currency |
String |
true |
Must match the regular expression |
access.accounts[].resourceId |
String |
false |
Unique identification of corresponding resource. |
access.balances |
Array[Object] |
true |
Is asking for balances of the addressed accounts. |
access.balances[].iban |
String |
false |
Must match the regular expression |
access.balances[].currency |
String |
true |
Must match the regular expression |
access.balances[].resourceId |
String |
false |
Unique identification of corresponding resource. |
access.transactions |
Array[Object] |
true |
Is asking for transactions of the addressed accounts. |
access.transactions[].iban |
String |
false |
Must match the regular expression |
access.transactions[].currency |
String |
true |
Must match the regular expression |
access.transactions[].resourceId |
String |
false |
Unique identification of corresponding resource. |
recurringIndicator |
Boolean |
false |
True, if the consent is for recurring access to the account data. false, if the consent is for one access to the account data. |
validUntil |
Object |
false |
This parameter is requesting a valid until date for the requested consent. The content is the local ASPSP date in ISODate Format, e.g. 2017-10-30. javax.validation.constraints.FutureOrPresent. |
frequencyPerDay |
Integer |
false |
This field indicates the requested maximum frequency for an access per day. For a one-off access, this attribute is set to "1". javax.validation.constraints.Positive. |
combinedServiceIndicator |
Boolean |
false |
If true indicates that a payment initiation service will be addressed in the same "session". |
1.5.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
|
Location of the created resource. |
|
SCA approach. |
1.5.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
ID of the corresponding consent object as returned by an Account Information Consent Request. |
|
|
Consent status. Must be one of [received, rejected, valid, revokedByPsu, expired, terminatedByTpp]. |
|
|
The link to the consent initiation resource created by this request. This link can be used to retrieve the resource data. |
|
|
The link to retrieve status of the consent initiation. |
|
|
The link to retrieve the scaStatus of the corresponding authorisation sub-resource. |
|
|
In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browser. |
1.5.7. Example request
POST /api/public/consents HTTP/1.1
Content-Type: application/json;charset=UTF-8
Accept: application/hal+json
X-Request-ID: 5a9266e3-1e69-43e1-8c33-2786ae3f42c2
X-API-Version: 1
TPP-Redirect-URI: https://client.nano.com/consent=09c7895e-56ab-4187-8ca9-a89870e53a85&status=ok
TPP-Nok-Redirect-URI: https://client.nano.com/consent=09c7895e-56ab-4187-8ca9-a89870e53a85&status=nok
Host: psd2.nano.lt
Content-Length: 725
{
"access" : {
"accounts" : [ {
"iban" : "LT053570010000000226",
"currency" : "EUR"
}, {
"iban" : "LT323570010000000031",
"currency" : "EUR"
}, {
"iban" : "LT323570010000000031",
"currency" : "USD"
} ],
"balances" : [ {
"iban" : "LT323570010000000031",
"currency" : "EUR"
}, {
"iban" : "LT323570010000000031",
"currency" : "USD"
} ],
"transactions" : [ {
"iban" : "LT053570010000000226",
"currency" : "EUR"
}, {
"iban" : "LT323570010000000031",
"currency" : "EUR"
} ]
},
"recurringIndicator" : false,
"validUntil" : "2024-12-19",
"frequencyPerDay" : 4,
"combinedServiceIndicator" : false
}1.5.8. Example response
HTTP/1.1 201 Created
X-Request-ID: 5a9266e3-1e69-43e1-8c33-2786ae3f42c2
Location: http://localhost/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85
ASPSP-SCA-Approach: REDIRECT
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 998
{
"consentId" : "09c7895e-56ab-4187-8ca9-a89870e53a85",
"consentStatus" : "received",
"_links" : {
"self" : {
"href" : "http://localhost/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85"
},
"status" : {
"href" : "http://localhost/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/status"
},
"scaStatus" : {
"href" : "http://localhost/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/authorisations/b084c799-1234-4f32-bc40-42228a90f66c"
},
"scaRedirect" : {
"href" : "http://localhost/authorisation/09c7895e-56ab-4187-8ca9-a89870e53a85/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJydCI6IkNPTlNFTlQiLCJ0bmEiOiJURVNUIiwiaXNzIjoiVklBIFBheW1lbnRzIFVBQiIsIm5vayI6InRlc3QiLCJyaWQiOiIwOWM3ODk1ZS01NmFiLTQxODctOGNhOS1hODk4NzBlNTNhODUiLCJvayI6InRlc3QiLCJleHAiOjE1NTM1Mjk5NTgsImFpZCI6ImIwODRjNzk5LTEyMzQtNGYzMi1iYzQwLTQyMjI4YTkwZjY2YyIsImlhdCI6MTU1MzUyNzI1OCwidGlkIjoiVEVTVCJ9.6YLlFG6EiDg0q9dXpEPes1ofqBS_qpRndSe54COHma8"
}
}
}1.6. Delete account consent
DELETE /api/public/consents/{consentId}
The TPP can delete an account information consent object if needed.
1.6.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
consentId |
String |
false |
ID of the corresponding consent object as returned by an Account Information Consent Request. |
1.6.2. Query parameters
No parameters.
1.6.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
1.6.4. Request fields
No request body.
1.6.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
1.6.6. Response fields
No response body.
1.6.7. Example request
DELETE /api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85 HTTP/1.1
Accept: application/hal+json
X-Request-ID: 76865f0f-d8d5-4f6a-840a-923c1c525a57
X-API-Version: 1
Host: psd2.nano.lt1.6.8. Example response
HTTP/1.1 204 No Content
X-Request-ID: 76865f0f-d8d5-4f6a-840a-923c1c525a571.7. Get account consent
GET /api/public/consents/{consentId}
Returns the content of an account information consent object.
1.7.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
consentId |
String |
false |
ID of the corresponding consent object as returned by an Account Information Consent Request. |
1.7.2. Query parameters
No parameters.
1.7.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
1.7.4. Request fields
No request body.
1.7.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
1.7.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
Requested access services. |
|
|
International Bank Account Number. |
|
|
International Bank Account currency. |
|
|
Unique identification of corresponding resource. |
|
|
International Bank Account Number. |
|
|
International Bank Account currency. |
|
|
Unique identification of corresponding resource. |
|
|
International Bank Account Number. |
|
|
International Bank Account currency. |
|
|
Unique identification of corresponding resource. |
|
|
This parameter is requesting a valid until date for the requested consent. The content is the local ASPSP date in ISODate Format, e.g. 2017-10-30. |
|
|
This field indicates the requested maximum frequency for an access per day. For a one-off access, this attribute is set to "1" |
|
|
true, if the consent is for recurring access to the account data false, if the consent is for one access to the account data. |
|
|
If true indicates that a payment initiation service will be addressed in the same "session". Currently not supported. |
|
|
Consent status. Must be one of [received, rejected, valid, revokedByPsu, expired, terminatedByTpp]. |
|
|
The link to the consent initiation resource created by this request. This link can be used to retrieve the resource data. |
|
|
The link to retrieve status of the consent initiation. |
|
|
The link to retrieve the scaStatus of the corresponding authorisation sub-resource. |
1.7.7. Example request
GET /api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85 HTTP/1.1
Accept: application/hal+json
X-Request-ID: 8b19ba73-af98-49d4-9088-121a6210ecb2
X-API-Version: 1
Host: psd2.nano.lt1.7.8. Example response
HTTP/1.1 200 OK
X-Request-ID: 8b19ba73-af98-49d4-9088-121a6210ecb2
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 1605
{
"access" : {
"accounts" : [ {
"iban" : "LT053570010000000226",
"currency" : "EUR",
"resourceId" : "b4b921f9-2c91-3f60-9940-057b9b2cc410"
}, {
"iban" : "LT323570010000000031",
"currency" : "EUR",
"resourceId" : "b78cb40c-1eba-3b1e-8b2b-08575dd70447"
}, {
"iban" : "LT323570010000000031",
"currency" : "USD",
"resourceId" : "1d29fc2b-ef87-39dd-b604-78f5a1d072dd"
} ],
"balances" : [ {
"iban" : "LT323570010000000031",
"currency" : "EUR",
"resourceId" : "b78cb40c-1eba-3b1e-8b2b-08575dd70447"
}, {
"iban" : "LT323570010000000031",
"currency" : "USD",
"resourceId" : "1d29fc2b-ef87-39dd-b604-78f5a1d072dd"
} ],
"transactions" : [ {
"iban" : "LT053570010000000226",
"currency" : "EUR",
"resourceId" : "b4b921f9-2c91-3f60-9940-057b9b2cc410"
}, {
"iban" : "LT323570010000000031",
"currency" : "EUR",
"resourceId" : "b78cb40c-1eba-3b1e-8b2b-08575dd70447"
} ]
},
"validUntil" : "2024-12-19",
"frequencyPerDay" : 4,
"recurringIndicator" : false,
"combinedServiceIndicator" : false,
"consentStatus" : "valid",
"_links" : {
"self" : {
"href" : "http://localhost/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85"
},
"status" : {
"href" : "http://localhost/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/status"
},
"scaStatus" : {
"href" : "http://localhost/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/authorisations/b084c799-1234-4f32-bc40-42228a90f66c"
}
}
}1.8. Get account consent status
GET /api/public/consents/{consentId}/status
Read the status of an account information consent resource.
1.8.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
consentId |
String |
false |
ID of the corresponding consent object as returned by an Account Information Consent Request. |
1.8.2. Query parameters
No parameters.
1.8.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
1.8.4. Request fields
No request body.
1.8.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
1.8.6. Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
consentStatus |
String |
false |
Must be one of [received, rejected, valid, revokedByPsu, expired, terminatedByTpp]. |
1.8.7. Example request
GET /api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/status HTTP/1.1
Accept: application/hal+json
X-Request-ID: 379352e5-bb24-49bf-ba3f-edbf66a71c8b
X-API-Version: 1
Host: psd2.nano.lt1.8.8. Example response
HTTP/1.1 200 OK
X-Request-ID: 379352e5-bb24-49bf-ba3f-edbf66a71c8b
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 31
{
"consentStatus" : "valid"
}1.9. Get account consent authorisation status
GET /api/public/consents/{consentId}/authorisations/{authorisationId}
Reads status of an SCA process.
1.9.1. Path parameters
| Parameter | Description |
|---|---|
|
ID of the corresponding consent object as returned by an Account Information Consent Request. |
|
ID of the authorisation sub-resource. |
1.9.2. Query parameters
No parameters.
1.9.3. Request headers
No headers.
1.9.4. Request fields
No request body.
1.9.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
1.9.6. Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
scaStatus |
String |
true |
Must be one of [received, psuIdentified, psuAuthenticated, started, finalised, failed, exempted]. |
1.9.7. Example request
GET /api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/authorisations/b084c799-1234-4f32-bc40-42228a90f66c HTTP/1.1
Accept: application/hal+json
X-Request-ID: a522e7ca-34b3-4675-a78e-a8f8c58cf32b
X-API-Version: 1
Host: psd2.nano.lt1.9.8. Example response
HTTP/1.1 200 OK
X-Request-ID: a522e7ca-34b3-4675-a78e-a8f8c58cf32b
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 30
{
"scaStatus" : "received"
}2. Confirmation of Funds Service
Confirmation of Funds Service returns a confirmation of funds request at the ASPSP.
2.1. Check availability of funds
POST /api/public/funds-confirmations
Creates a confirmation of funds request at the ASPSP. Checks whether a specific amount is available at point of time of the request on an account linked to a given tuple card issuer(TPP)/card number, or addressed by IBAN and TPP respectively.
2.1.1. Path parameters
No parameters.
2.1.2. Query parameters
No parameters.
2.1.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
Consent-ID |
String |
false |
ID of the corresponding consent object as returned by an Fund Confirmation Consent Request. |
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
2.1.4. Request fields
| Path | Type | Description |
|---|---|---|
|
|
International Bank Account Number. |
|
|
This parameter not supported. Support might be implemented in the future. |
|
|
Transaction amount to be checked within the funds check mechanism. |
|
|
Transaction amount currency. |
2.1.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
2.1.6. Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
fundsAvailable |
Boolean |
true |
True if sufficient funds are available at the time of the request, false otherwise. |
2.1.7. Example request
POST /api/public/funds-confirmations HTTP/1.1
Content-Type: application/json;charset=UTF-8
X-Request-ID: 62adb99d-5a20-4c7c-85a1-1680e19dc897
Consent-ID: 0da4b182-23a3-476f-8608-87773586ff8a
X-API-Version: 1
Host: psd2.nano.lt
Content-Length: 160
{
"account" : {
"iban" : "LT323570010000000031",
"currency" : "EUR"
},
"instructedAmount" : {
"currency" : "EUR",
"amount" : "10.50"
}
}2.1.8. Example response
HTTP/1.1 200 OK
X-Request-ID: 62adb99d-5a20-4c7c-85a1-1680e19dc897
Content-Type: application/json;charset=UTF-8
Content-Length: 29
{
"fundsAvailable" : true
}2.2. Create fund consent
POST /api/public/consents/confirmation-of-funds
This method create a consent resource, defining confirmation of funds access rights to dedicated account.
2.2.1. Path parameters
No parameters.
2.2.2. Query parameters
No parameters.
2.2.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
TPP-Redirect-URI |
String |
false |
URI of the TPP, where the transaction flow shall be redirected to after a Redirect. |
TPP-Nok-Redirect-URI |
String |
false |
If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method. |
2.2.4. Request fields
| Path | Type | Description |
|---|---|---|
|
|
Account resource. |
|
|
International Bank Account Number. |
|
|
If not provided, consent will be valid for all current and future currencies. |
|
|
Additional information about the registration process for the PSU, e.g. a reference to the TPP / PSU contract. |
2.2.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
|
Location of the created resource. |
|
SCA approach. |
2.2.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
ID of the corresponding consent object as returned by an Fund Confirmation Consent Request. |
|
|
Consent status. Must be one of [received, rejected, valid, revokedByPsu, expired, terminatedByTpp]. |
|
|
The link to the consent initiation resource created by this request. This link can be used to retrieve the resource data. |
|
|
The link to retrieve status of the consent initiation. |
|
|
The link to retrieve the scaStatus of the corresponding authorisation sub-resource. |
|
|
In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browser. |
2.2.7. Example request
POST /api/public/consents/confirmation-of-funds HTTP/1.1
Content-Type: application/json;charset=UTF-8
Accept: application/hal+json
X-Request-ID: 9f8c4386-c376-4934-bad3-c177e0040b81
X-API-Version: 1
TPP-Redirect-URI: https://client.nano.com/consent=0da4b182-23a3-476f-8608-87773586ff8a&status=ok
TPP-Nok-Redirect-URI: https://client.nano.com/consent=0da4b182-23a3-476f-8608-87773586ff8a&status=nok
Host: psd2.nano.lt
Content-Length: 146
{
"account" : {
"iban" : "LT053570010000000226",
"currency" : "EUR"
},
"registrationInformation" : "Test registration information"
}2.2.8. Example response
HTTP/1.1 201 Created
X-Request-ID: 9f8c4386-c376-4934-bad3-c177e0040b81
Location: http://localhost/api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a
ASPSP-SCA-Approach: REDIRECT
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 1071
{
"consentId" : "0da4b182-23a3-476f-8608-87773586ff8a",
"consentStatus" : "received",
"_links" : {
"self" : {
"href" : "http://localhost/api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a"
},
"status" : {
"href" : "http://localhost/api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a/status"
},
"scaStatus" : {
"href" : "http://localhost/api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a/authorisations/7dd19f80-0be4-4fc4-880e-f20e8f2f541a"
},
"scaRedirect" : {
"href" : "http://localhost/authorisation/0da4b182-23a3-476f-8608-87773586ff8a/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJydCI6IkZVTkRfQ09OU0VOVCIsInRuYSI6IlRFU1QiLCJpc3MiOiJWSUEgUGF5bWVudHMgVUFCIiwibm9rIjoidGVzdCIsInJpZCI6IjBkYTRiMTgyLTIzYTMtNDc2Zi04NjA4LTg3NzczNTg2ZmY4YSIsIm9rIjoidGVzdCIsImV4cCI6MTU1MzUyOTk1OCwiYWlkIjoiN2RkMTlmODAtMGJlNC00ZmM0LTg4MGUtZjIwZThmMmY1NDFhIiwiaWF0IjoxNTUzNTI3MjU4LCJ0aWQiOiJURVNUIn0.xY5b7_o8BypkHmNU3jUqiDk5ijDnCD8_SVF3v5Ky86w"
}
}
}2.3. Delete fund consent
DELETE /api/public/consents/confirmation-of-funds/{consentId}
The TPP can delete a confirmation of funds consent object if needed.
2.3.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
consentId |
String |
false |
ID of the corresponding consent object as returned by Fund Confirmation Consent Request. |
2.3.2. Query parameters
No parameters.
2.3.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
2.3.4. Request fields
No request body.
2.3.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
2.3.6. Response fields
No response body.
2.3.7. Example request
DELETE /api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a HTTP/1.1
Accept: application/hal+json
X-Request-ID: 710d6b62-9ad0-49d7-99b0-7b8e3b54c158
X-API-Version: 1
Host: psd2.nano.lt2.3.8. Example response
HTTP/1.1 204 No Content
X-Request-ID: 710d6b62-9ad0-49d7-99b0-7b8e3b54c1582.4. Get fund consent
GET /api/public/consents/confirmation-of-funds/{consentId}
Returns the content of a confirmation of funds consent object.
2.4.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
consentId |
String |
false |
ID of the corresponding consent object as returned by Fund Confirmation Consent Request. |
2.4.2. Query parameters
No parameters.
2.4.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
2.4.4. Request fields
No request body.
2.4.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
2.4.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
Account resource. |
|
|
Unique identification of corresponding resource. |
|
|
International Bank Account Number. |
|
|
International Bank Account currency. |
|
|
Consent status. Must be one of [received, rejected, valid, revokedByPsu, expired, terminatedByTpp]. |
|
|
Additional information about the registration process for the PSU, e.g. a reference to the TPP / PSU contract. |
|
|
The link to the consent initiation resource created by this request. This link can be used to retrieve the resource data. |
|
|
The link to retrieve status of the consent initiation. |
|
|
The link to retrieve the scaStatus of the corresponding authorisation sub-resource. |
2.4.7. Example request
GET /api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a HTTP/1.1
Accept: application/hal+json
X-Request-ID: 8c588686-f83f-472f-ada0-513b595165ba
X-API-Version: 1
Host: psd2.nano.lt2.4.8. Example response
HTTP/1.1 200 OK
X-Request-ID: 8c588686-f83f-472f-ada0-513b595165ba
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 724
{
"account" : {
"iban" : "LT053570010000000226",
"currency" : "EUR",
"resourceId" : "b4b921f9-2c91-3f60-9940-057b9b2cc410"
},
"consentStatus" : "valid",
"registrationInformation" : "Test registration information",
"_links" : {
"self" : {
"href" : "http://localhost/api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a"
},
"status" : {
"href" : "http://localhost/api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a/status"
},
"scaStatus" : {
"href" : "http://localhost/api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a/authorisations/7dd19f80-0be4-4fc4-880e-f20e8f2f541a"
}
}
}2.5. Get fund consent status
GET /api/public/consents/confirmation-of-funds/{consentId}/status
Read the status of a confirmation of funds consent resource.
2.5.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
consentId |
String |
false |
ID of the corresponding consent object as returned by Fund Confirmation Consent Request. |
2.5.2. Query parameters
No parameters.
2.5.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
2.5.4. Request fields
No request body.
2.5.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
2.5.6. Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
consentStatus |
String |
false |
Must be one of [received, rejected, valid, revokedByPsu, expired, terminatedByTpp]. |
2.5.7. Example request
GET /api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a/status HTTP/1.1
Accept: application/hal+json
X-Request-ID: 620200ff-387a-44c6-a89d-32ea1cd88dc3
X-API-Version: 1
Host: psd2.nano.lt2.5.8. Example response
HTTP/1.1 200 OK
X-Request-ID: 620200ff-387a-44c6-a89d-32ea1cd88dc3
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 31
{
"consentStatus" : "valid"
}2.6. Get fund consent authorisation status
GET /api/public/consents/confirmation-of-funds/{consentId}/authorisations/{authorisationId}
Reads status of an SCA process.
2.6.1. Path parameters
| Parameter | Description |
|---|---|
|
ID of the corresponding consent object as returned by an Fund Confirmation Consent Request. |
|
ID of the authorisation sub-resource. |
2.6.2. Query parameters
No parameters.
2.6.3. Request headers
No headers.
2.6.4. Request fields
No request body.
2.6.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
2.6.6. Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
scaStatus |
String |
true |
Must be one of [received, psuIdentified, psuAuthenticated, started, finalised, failed, exempted]. |
2.6.7. Example request
GET /api/public/consents/confirmation-of-funds/0da4b182-23a3-476f-8608-87773586ff8a/authorisations/7dd19f80-0be4-4fc4-880e-f20e8f2f541a HTTP/1.1
Accept: application/hal+json
X-Request-ID: db3a8603-796e-4fc4-b979-c958b3baa219
X-API-Version: 1
Host: psd2.nano.lt2.6.8. Example response
HTTP/1.1 200 OK
X-Request-ID: db3a8603-796e-4fc4-b979-c958b3baa219
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 30
{
"scaStatus" : "received"
}3. Payment Initiation Service (PIS)
The Payment Initiation Service (PIS) offers the following services:
-
Initiation and update of a payment request
-
Status information of a payment
3.1. Initiate payment
POST /api/public/payments/sepa-credit-transfers
Create a payment initiation resource addressable under {paymentId}. This is the first step in the API to initiate the related payment.
3.1.1. Path parameters
No parameters.
3.1.2. Query parameters
No parameters.
3.1.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
TPP-Redirect-URI |
String |
false |
URI of the TPP, where the transaction flow shall be redirected to after a Redirect. |
TPP-Nok-Redirect-URI |
String |
false |
If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method. |
PSU-IP-Address |
String |
false |
The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. |
3.1.4. Request fields
| Path | Type | Description |
|---|---|---|
|
|
Debtor International Bank Account Number. Parameter is optional. Possibility to choose debtor account after authorization. |
|
|
Debtor International Bank Account currency. |
|
|
Creditor International Bank Account Number. |
|
|
Creditor International Bank Account currency. |
|
|
Name of the creditor if a "Debited" transaction. |
|
|
Credit institution name. |
|
|
Creditor institution code. e.g. (DEMOLT22XXX). |
|
|
Unstructured remittance reference. |
|
|
Instructed amount currency |
|
|
Instructed amount value |
3.1.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
|
Location of the created resource. |
|
SCA approach. |
3.1.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
Resource identification of the generated payment initiation resource. |
|
|
Transaction Status of the payment resource. Status values are defined in the ISO20022. |
|
|
The link to the payment initiation resource created by this request. This link can be used to retrieve the resource data. |
|
|
The link to retrieve status of the payment initiation. |
|
|
The link to retrieve the scaStatus of the corresponding authorisation sub-resource. |
|
|
In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browser. |
3.1.7. Example request
POST /api/public/payments/sepa-credit-transfers HTTP/1.1
Content-Type: application/json;charset=UTF-8
Accept: application/hal+json
X-Request-ID: 36611c0e-ee6d-4059-b910-06456f2c86e8
X-API-Version: 1
TPP-Redirect-URI: https://client.nano.com/payment=c8a325bc-1ed4-4c0b-bb25-474ae2ed8392&status=ok
TPP-Nok-Redirect-URI: https://client.nano.com/payment=c8a325bc-1ed4-4c0b-bb25-474ae2ed8392&status=nok
PSU-IP-Address: 88.119.96.5
Host: psd2.nano.lt
Content-Length: 348
{
"debtorAccount" : {
"iban" : "LT323570010000000031",
"currency" : "EUR"
},
"creditorAccount" : {
"iban" : "LT237300010131568793",
"currency" : "EUR"
},
"creditorName" : "Jonas Jonaitis",
"remittanceInformationUnstructured" : "Test payment",
"instructedAmount" : {
"currency" : "EUR",
"amount" : "10.50"
}
}3.1.8. Example response
HTTP/1.1 201 Created
X-Request-ID: 36611c0e-ee6d-4059-b910-06456f2c86e8
Location: http://localhost/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392
ASPSP-SCA-Approach: REDIRECT
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 1063
{
"paymentId" : "c8a325bc-1ed4-4c0b-bb25-474ae2ed8392",
"transactionStatus" : "RCVD",
"_links" : {
"self" : {
"href" : "http://localhost/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392"
},
"status" : {
"href" : "http://localhost/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/status"
},
"scaStatus" : {
"href" : "http://localhost/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/authorisations/11118716-fc53-4d47-8022-dc77cb1c65c"
},
"scaRedirect" : {
"href" : "http://localhost/authorisation/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJydCI6IlBBWU1FTlQiLCJ0bmEiOiJURVNUIiwiaXNzIjoiVklBIFBheW1lbnRzIFVBQiIsIm5vayI6InRlc3QiLCJyaWQiOiJjOGEzMjViYy0xZWQ0LTRjMGItYmIyNS00NzRhZTJlZDgzOTIiLCJvayI6InRlc3QiLCJleHAiOjE1NTM1MzAxMTEsImFpZCI6IjExMTE4NzE2LWZjNTMtNGQ0Ny04MDIyLWRjNzdjYjFjNjVjMiIsImlhdCI6MTU1MzUyNzQxMSwidGlkIjoiVEVTVCJ9.xe3Y05W4C4IWKepLscPgvm-qimopLoG0GXE97spTrD4"
}
}
}3.2. Get payment
GET /api/public/payments/sepa-credit-transfers/{paymentId}
Read the details of an initiated payment.
3.2.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
paymentId |
String |
false |
ID of the corresponding payment initiation object as returned by an Payment Initiation Request. |
3.2.2. Query parameters
No parameters.
3.2.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
3.2.4. Request fields
No request body.
3.2.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
3.2.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
Debtor International Bank Account Number. |
|
|
Debtor International Bank Account currency. |
|
|
Creditor International Bank Account Number. |
|
|
Creditor International Bank Account currency. |
|
|
Name of the creditor if a "Debited" transaction. |
|
|
Credit institution name. |
|
|
Creditor institution code. e.g. (DEMOLT22XXX). |
|
|
Unstructured remittance reference. |
|
|
Instructed amount currency |
|
|
Instructed amount value |
|
|
Fee amount currency |
|
|
Fee amount value |
|
|
Transaction Status of the payment resource. Status values are defined in the ISO20022. |
|
|
The link to the payment initiation resource created by this request. This link can be used to retrieve the resource data. |
|
|
The link to retrieve status of the payment initiation. |
|
|
The link to retrieve the scaStatus of the corresponding authorisation sub-resource. |
3.2.7. Example request
GET /api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392 HTTP/1.1
Accept: application/hal+json
X-Request-ID: 8b500364-30ec-4341-89f9-b44abe691976
X-API-Version: 1
Host: psd2.nano.lt3.2.8. Example response
HTTP/1.1 200 OK
X-Request-ID: 8b500364-30ec-4341-89f9-b44abe691976
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 960
{
"debtorAccount" : {
"iban" : "LT323570010000000031",
"currency" : "EUR"
},
"creditorAccount" : {
"iban" : "LT237300010131568793",
"currency" : "EUR"
},
"creditorName" : "Jonas Jonaitis",
"creditorInstitutionName" : "Swedbank, AB",
"creditorInstitutionCode" : "HABALT22XXX",
"remittanceInformationUnstructured" : "Test payment",
"instructedAmount" : {
"currency" : "EUR",
"amount" : "10.50"
},
"transactionStatus" : "RCVD",
"_links" : {
"self" : {
"href" : "http://localhost/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392"
},
"status" : {
"href" : "http://localhost/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/status"
},
"scaStatus" : {
"href" : "http://localhost/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/authorisations/11118716-fc53-4d47-8022-dc77cb1c65c"
}
}
}3.3. Get payment status
GET /api/public/payments/sepa-credit-transfers/{paymentId}/status
Read the transaction status of the payment.
3.3.1. Path parameters
| Parameter | Type | Optional | Description |
|---|---|---|---|
paymentId |
String |
false |
ID of the corresponding payment initiation object as returned by an Payment Initiation Request. |
3.3.2. Query parameters
No parameters.
3.3.3. Request headers
| Header | Type | Optional | Description |
|---|---|---|---|
X-Request-ID |
Object |
false |
ID of the request, unique to the call, as determined by the initiating party. |
3.3.4. Request fields
No request body.
3.3.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
3.3.6. Response fields
| Path | Type | Description |
|---|---|---|
|
|
Transaction Status of the payment resource. Status values are defined in the ISO20022. |
3.3.7. Example request
GET /api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/status HTTP/1.1
Accept: application/hal+json
X-Request-ID: c0eb69e5-51dc-4fb4-bddd-8ef6db6e4ca8
X-API-Version: 1
Host: psd2.nano.lt3.3.8. Example response
HTTP/1.1 200 OK
X-Request-ID: c0eb69e5-51dc-4fb4-bddd-8ef6db6e4ca8
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 34
{
"transactionStatus" : "RCVD"
}3.4. Get payment authorisation status
GET /api/public/payments/sepa-credit-transfers/{paymentId}/authorisations/{authorisationId}
Reads status of an SCA process.
3.4.1. Path parameters
| Parameter | Description |
|---|---|
|
Resource identification of the related payment initiation resource. |
|
ID of the authorisation sub-resource. |
3.4.2. Query parameters
No parameters.
3.4.3. Request headers
No headers.
3.4.4. Request fields
No request body.
3.4.5. Response headers
| Name | Description |
|---|---|
|
ID of the request, unique to the call, as determined by the initiating party. |
3.4.6. Response fields
| Path | Type | Optional | Description |
|---|---|---|---|
scaStatus |
String |
true |
Must be one of [received, psuIdentified, psuAuthenticated, started, finalised, failed, exempted]. |
3.4.7. Example request
GET /api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/authorisations/11118716-fc53-4d47-8022-dc77cb1c65c HTTP/1.1
Accept: application/hal+json
X-Request-ID: e542ed86-4c77-4f5f-ba63-bf5b07461d86
X-API-Version: 1
Host: psd2.nano.lt3.4.8. Example response
HTTP/1.1 200 OK
X-Request-ID: e542ed86-4c77-4f5f-ba63-bf5b07461d86
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 30
{
"scaStatus" : "received"
}HTTP Response Codes
The HTTP response code is communicating the success or failure of a TPP request message. The 4XX HTTP response codes should only be given if the current request cannot be fulfilled, e.g. a payment initiation cannot be posted or account transactions cannot be retrieved. A request to get the status of an existing payment or a consent usually returns HTTP response code 200 since the actual request to retrieve the status succeeded, regardless if that payment or consent state is set to failure or not.
This specification supports the following HTTP response codes:
| Status code | Description |
|---|---|
|
PUT, GET Response Codes The POST for a Funds request will also return 200 since it does not create a new resource. DELETE Response Code where a payment resource has been cancelled successfully and no further cancellation authorisation is required. |
|
POST response code where Payment Initiation or Consent Request was correctly performed. |
|
DELETE response code where a consent resource was successfully deleted. The code indicates that the request was performed, but no content was returned. |
|
Validation error occurred. This code will cover malformed syntax in request or incorrect data in payload. |
|
The TPP or the PSU is not correctly authorized to perform the request. Retry the request with correct authentication information. |
|
Returned if the resource that was referenced in the path exists but cannot be accessed by the TPP or the PSU. This code should only be used for non-sensitive id references as it will reveal that the resource exists even though it cannot be accessed. |
|
Returned if the resource or endpoint that was referenced in the path does not exist or cannot be referenced by the TPP or the PSU. When in doubt if a specific id in the path is sensitive or not, use the HTTP response code 404 instead of the HTTP response code 403. |
|
This code is only sent when the HTTP method (PUT, POST, DELETE, GET etc.) is not supported on a specific endpoint. It has nothing to do with the consent, payment or account information data model. |
|
The ASPSP cannot generate the content that the TPP specified in the Accept header. |
|
The server is still working correctly, but an individual request has timed out. |
|
The TPP has supplied a media type which the ASPSP does not support. |
|
The TPP has exceeded the number of requests allowed by the consent or by the RTS. |
|
Internal server error occurred. |
|
The ASPSP server is currently unavailable. Generally, this is a temporary state. |
Additional Error Information
In RFC7807, a standardised definition of reporting error information is described. In the following, requirements of how to use this standardised error information reporting in the context of the PSD2 XS2A interface are defined.
Response Code
The HTTP response code is 4xx or 5xx as defined in HTTP Response Codes for response codes in case of errors.
Response Header
| Attribute | Type | Condition | Description |
|---|---|---|---|
Content-Type |
String |
Mandatory |
The string |
Response Body
| Attribute | Type | Condition | Description |
|---|---|---|---|
type |
String |
Mandatory |
A URI reference RFC3986 that identifies the problem type. |
title |
String |
Optional |
Short human readable description of error type. |
detail |
String |
Optional |
Detailed human readable text specific to this instance of the error. |
code |
Mandatory |
Message code to explain the nature of the underlying error. |
|
additionalErrors |
Array |
Optional |
Used if more than one error is to be communicated. |
Example
{
"code": "RESOURCE_UNKNOWN",
"title": "The addressed resource is unknown relative to the TPP.",
"description": "Requested account not found.",
"type": "https://psd2.nano.lt/api#RESOURCE_UNKNOWN",
"additionalErrors": null
}HTTP Error Codes
PSD2 fallback
The Fallback solution is a set of API-s as a alternative for exiting Nano PSD2 solution. PSD2 Fallback is based on Nano Internet Banking API It contains the following functions:
authenticating TPPs based on QWAC certificates limiting access to respective functions based on the TPP role customer authentication and authorization using Nano IB supported security means m-signature, Vasco Digipass, SMS+password fetching customer accounts information for AISP initiating payments for PISPs
The Fallback solution does not have:
customer consent management fetching funds confirmation information for PIISPs agent features are not supported
List of endpoints:
psd-fallback/auth/login psd-fallback/auth/logout psd-fallback/auth/resend psd-fallback/operations/(:id)/confirmation psd-fallback/operations/(:id)/resend psd-fallback/payments psd-fallback/payments/validate/turnover psd-fallback/classifiers/institutions/(:id) psd-fallback/payment-entries
Note in order to execute payment using UI-API services, after user authentication it is mandatory to perform /ui-api/parties/self action