Overview

Resources

1. Account Information Service (AIS)

1.1. Get accounts

GET /api/public/accounts

Read the identifiers of the available payment account together with booking balance information, depending on the consent granted.

1.1.1. Path parameters

No parameters.

1.1.2. Query parameters

Parameter Type Optional Description

withBalance

Boolean

true

If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP.

Default value: 'false'.

1.1.3. Request headers

Header Type Optional Description

Consent-ID

String

false

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

1.1.4. Request fields

No request body.

1.1.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

1.1.6. Response fields

Path Type Optional Description

accounts

Array[Object]

true

accounts[].resourceId

String

true

accounts[].iban

String

true

accounts[].currency

String

true

accounts[].name

String

true

accounts[].product

String

true

accounts[].status

String

true

Must be one of [enabled, deleted, blocked].

Relation Description

self

A link to the account resource itself.

balances

A link to the resource providing the balance of a dedicated account.

transactions

A link to the resource providing the transaction history of a dedicated account.

1.1.8. Example request

GET /api/public/accounts HTTP/1.1
X-Request-ID: 685e146d-d1d7-4f3a-bb43-a07df74191b0
Host: psd2.nano.lt
Consent-ID: 09c7895e-56ab-4187-8ca9-a89870e53a85
Accept: application/hal+json
X-API-Version: 1

1.1.9. Example response

HTTP/1.1 200 OK
X-Request-ID: 685e146d-d1d7-4f3a-bb43-a07df74191b0
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 2204

{
  "accounts" : [ {
    "resourceId" : "b4b921f9-2c91-3f60-9940-057b9b2cc410",
    "iban" : "LT053570010000000226",
    "currency" : "EUR",
    "name" : "My first account",
    "product" : "ACC_INT_SAVER",
    "status" : "enabled",
    "_links" : {
      "self" : {
        "href" : "/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410{?withBalance}",
        "templated" : true
      },
      "balances" : {
        "href" : "/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/balances"
      },
      "transactions" : {
        "href" : "/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?dateFrom={dateFrom}&page=0&pageSize=0{&bookingStatus,withBalance,dateTo}",
        "templated" : true
      }
    }
  }, {
    "resourceId" : "b78cb40c-1eba-3b1e-8b2b-08575dd70447",
    "iban" : "LT323570010000000031",
    "currency" : "EUR",
    "name" : "My second account",
    "product" : "ACC_INT_SAVER",
    "status" : "enabled",
    "_links" : {
      "self" : {
        "href" : "/api/public/accounts/b78cb40c-1eba-3b1e-8b2b-08575dd70447{?withBalance}",
        "templated" : true
      },
      "balances" : {
        "href" : "/api/public/accounts/b78cb40c-1eba-3b1e-8b2b-08575dd70447/balances"
      },
      "transactions" : {
        "href" : "/api/public/accounts/b78cb40c-1eba-3b1e-8b2b-08575dd70447/transactions?dateFrom={dateFrom}&page=0&pageSize=0{&bookingStatus,withBalance,dateTo}",
        "templated" : true
      }
    }
  }, {
    "resourceId" : "1d29fc2b-ef87-39dd-b604-78f5a1d072dd",
    "iban" : "LT323570010000000031",
    "currency" : "USD",
    "name" : "My second account",
    "product" : "ACC_INT_SAVER",
    "status" : "enabled",
    "_links" : {
      "self" : {
        "href" : "/api/public/accounts/1d29fc2b-ef87-39dd-b604-78f5a1d072dd{?withBalance}",
        "templated" : true
      },
      "balances" : {
        "href" : "/api/public/accounts/1d29fc2b-ef87-39dd-b604-78f5a1d072dd/balances"
      },
      "transactions" : {
        "href" : "/api/public/accounts/1d29fc2b-ef87-39dd-b604-78f5a1d072dd/transactions?dateFrom={dateFrom}&page=0&pageSize=0{&bookingStatus,withBalance,dateTo}",
        "templated" : true
      }
    }
  } ]
}

1.2. Get account

GET /api/public/accounts/{accountId}

Reads details about an account, with balances where required. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.

1.2.1. Path parameters

Parameter Type Optional Description

accountId

String

false

This identification is denoting the addressed account. The accountId is retrieved by using a "Read Account List" call. The accountId is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

1.2.2. Query parameters

Parameter Type Optional Description

withBalance

Boolean

true

If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP.

Default value: 'false'.

1.2.3. Request headers

Header Type Optional Description

Consent-ID

String

false

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

1.2.4. Request fields

No request body.

1.2.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

1.2.6. Response fields

Path Type Optional Description

account

Object

true

account.resourceId

String

true

account.iban

String

true

account.currency

String

true

account.name

String

true

account.product

String

true

account.status

String

true

Must be one of [enabled, deleted, blocked].

Relation Description

self

A link to the account resource itself.

balances

A link to the resource providing the balance of a dedicated account.

transactions

A link to the resource providing the transaction history of a dedicated account.

1.2.8. Example request

GET /api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410 HTTP/1.1
Host: psd2.nano.lt
X-Request-ID: 7eb5a50d-5280-489d-b2f2-72120bc86158
Consent-ID: 09c7895e-56ab-4187-8ca9-a89870e53a85
Accept: application/hal+json
X-API-Version: 1

1.2.9. Example response

HTTP/1.1 200 OK
X-Request-ID: 7eb5a50d-5280-489d-b2f2-72120bc86158
Content-Type: application/hal+json;charset=UTF-8
Content-Length: 743

{
  "account" : {
    "resourceId" : "b4b921f9-2c91-3f60-9940-057b9b2cc410",
    "iban" : "LT053570010000000226",
    "currency" : "EUR",
    "name" : "My first account",
    "product" : "ACC_INT_SAVER",
    "status" : "enabled",
    "_links" : {
      "self" : {
        "href" : "/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410{?withBalance}",
        "templated" : true
      },
      "balances" : {
        "href" : "/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/balances"
      },
      "transactions" : {
        "href" : "/api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?dateFrom={dateFrom}&page=0&pageSize=0{&bookingStatus,withBalance,dateTo}",
        "templated" : true
      }
    }
  }
}

1.3. Get account balances

GET /api/public/accounts/{accountId}/balances

Read account balances. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.

1.3.1. Path parameters

Parameter Type Optional Description

accountId

String

false

This identification is denoting the addressed account. The accountId is retrieved by using a "Read Account List" call. The accountId is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

1.3.2. Query parameters

No parameters.

1.3.3. Request headers

Header Type Optional Description

Consent-ID

String

false

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

1.3.4. Request fields

No request body.

1.3.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

1.3.6. Response fields

Path Type Optional Description

balances

Array[Object]

true

balances[].account

Object

false

balances[].account.iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

balances[].account.currency

String

true

Must match the regular expression ^[A-Z]{3}$.

balances[].balanceAmount

Object

false

balances[].balanceAmount.currency

String

true

ISO 4217 Alpha 3 currency code.

Must match the regular expression ^[A-Z]{3}$.

balances[].balanceAmount.amount

String

true

Transaction amount to be checked within the funds check mechanism. The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot.

Must have at most 14 integral digits and 2 fractional digits.

balances[].balanceType

String

false

Must be one of [closingBooked, expected, openingBooked, interimAvailable, forwardAvailable, nonInvoiced].

balances[].referenceDate

String

true

1.3.7. Example request

GET /api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/balances HTTP/1.1
X-Request-ID: b9a32fd1-ea62-4ce1-8331-26f47156d4b2
Host: psd2.nano.lt
Consent-ID: 09c7895e-56ab-4187-8ca9-a89870e53a85
Accept: application/hal+json
X-API-Version: 1

1.3.8. Example response

HTTP/1.1 200 OK
X-Request-ID: b9a32fd1-ea62-4ce1-8331-26f47156d4b2
Content-Length: 286
Content-Type: application/hal+json;charset=UTF-8

{
  "balances" : [ {
    "account" : {
      "iban" : "LT053570010000000226",
      "currency" : "EUR"
    },
    "balanceAmount" : {
      "currency" : "EUR",
      "amount" : "1950.30"
    },
    "balanceType" : "closingBooked",
    "referenceDate" : "2018-11-27T13:54:03.946"
  } ]
}

1.4. Get account transactions

GET /api/public/accounts/{accountId}/transactions

Read account transactions. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.

1.4.1. Path parameters

Parameter Type Optional Description

accountId

String

false

This identification is denoting the addressed account. The accountId is retrieved by using a "Read Account List" call. The accountId is the "id" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

1.4.2. Query parameters

Parameter Type Optional Description

bookingStatus

String

true

Available values : "booked", "pending" and "both".

Must be one of [booked, pending, both].

Default value: 'both'.

withBalance

Boolean

true

Default value: 'false'.

dateFrom

Object

false

dateTo

Object

true

End date (inclusive the data dateTo) of the transaction list, default is now if not give.

page

Integer

true

Default value: '1'.

pageSize

Integer

true

Default value: '25'.

1.4.3. Request headers

Header Type Optional Description

Consent-ID

String

false

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

1.4.4. Request fields

No request body.

1.4.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

1.4.6. Response fields

Path Type Optional Description

account

Object

true

account.iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

account.currency

String

true

Must match the regular expression ^[A-Z]{3}$.

transactions

Array[Object]

true

transactions[].transactionId

String

true

transactions[].endToEndId

String

true

transactions[].bookingDate

String

true

transactions[].valueDate

String

true

transactions[].transactionAmount

Object

true

transactions[].transactionAmount.currency

String

true

ISO 4217 Alpha 3 currency code.

Must match the regular expression ^[A-Z]{3}$.

transactions[].transactionAmount.amount

String

true

Transaction amount to be checked within the funds check mechanism. The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot.

Must have at most 14 integral digits and 2 fractional digits.

transactions[].creditorName

String

true

transactions[].creditorAccount

Object

true

transactions[].creditorAccount.iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

transactions[].creditorAccount.currency

String

true

Must match the regular expression ^[A-Z]{3}$.

transactions[].ultimateCreditor

String

true

transactions[].debtorName

String

true

transactions[].debtorAccount

Object

true

transactions[].debtorAccount.iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

transactions[].debtorAccount.currency

String

true

Must match the regular expression ^[A-Z]{3}$.

transactions[].ultimateDebtor

String

true

transactions[].remittanceInformationUnstructured

String

true

transactions[].remittanceInformationStructured

String

true

transactions[].bankTransactionCode

String

true

transactions[].pending

Boolean

true

Relation Description

self

Navigation link for paginated account reports.

first

Navigation link for paginated account reports.

next

Navigation link for paginated account reports.

previous

Navigation link for paginated account reports.

last

Navigation link for paginated account reports.

1.4.8. Example request

GET /api/public/accounts/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?dateFrom=2018-09-01&dateTo=2018-11-27&page=1&pageSize=2&bookingStatus=both HTTP/1.1
Host: psd2.nano.lt
Consent-ID: 09c7895e-56ab-4187-8ca9-a89870e53a85
X-Request-ID: 7d1de89f-a7ef-4aff-9991-7f77e00c167f
Accept: application/hal+json
X-API-Version: 1

1.4.9. Example response

HTTP/1.1 200 OK
Content-Type: application/hal+json;charset=UTF-8
X-Request-ID: 7d1de89f-a7ef-4aff-9991-7f77e00c167f
Content-Length: 2009

{
  "account" : {
    "iban" : "LT053570010000000226",
    "currency" : "EUR"
  },
  "transactions" : [ {
    "transactionId" : "00016236",
    "endToEndId" : null,
    "bookingDate" : "2018-09-14T12:33:40.811",
    "valueDate" : "2018-09-14",
    "transactionAmount" : {
      "currency" : "EUR",
      "amount" : "134.40"
    },
    "creditorName" : null,
    "creditorAccount" : {
      "iban" : "LT053570010000000226",
      "currency" : "EUR"
    },
    "ultimateCreditor" : null,
    "debtorName" : null,
    "debtorAccount" : null,
    "ultimateDebtor" : null,
    "remittanceInformationUnstructured" : "Internal transfer",
    "remittanceInformationStructured" : null,
    "bankTransactionCode" : "INTERNAL_TRANSFER.TRANSFER",
    "pending" : false
  }, {
    "transactionId" : "00016237",
    "endToEndId" : null,
    "bookingDate" : "2018-09-14T12:41:26.59",
    "valueDate" : "2018-09-14",
    "transactionAmount" : {
      "currency" : "EUR",
      "amount" : "50.30"
    },
    "creditorName" : "Jayme Bame",
    "creditorAccount" : {
      "iban" : "LT323570010000000031",
      "currency" : "EUR"
    },
    "ultimateCreditor" : null,
    "debtorName" : "Vina Herbert",
    "debtorAccount" : {
      "iban" : "LT053570010000000226",
      "currency" : "EUR"
    },
    "ultimateDebtor" : null,
    "remittanceInformationUnstructured" : "For you",
    "remittanceInformationStructured" : null,
    "bankTransactionCode" : "INTERNAL_TRANSFER.TRANSFER",
    "pending" : false
  } ],
  "_links" : {
    "self" : {
      "href" : "/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?bookingStatus=both&dateFrom=2018-09-01&dateTo=2018-11-27&pageSize=2&page=1"
    },
    "next" : {
      "href" : "/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?bookingStatus=both&dateFrom=2018-09-01&dateTo=2018-11-27&pageSize=2&page=2"
    },
    "last" : {
      "href" : "/b4b921f9-2c91-3f60-9940-057b9b2cc410/transactions?bookingStatus=both&dateFrom=2018-09-01&dateTo=2018-11-27&pageSize=2&page=9"
    }
  }
}

POST /api/public/consents

This method create a consent resource, defining access rights to dedicated accounts.

1.5.1. Path parameters

No parameters.

1.5.2. Query parameters

No parameters.

1.5.3. Request headers

Header Type Optional Description

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

TPP-ID

String

false

ID of the corresponding third party payment service provider.

TPP-Redirect-URI

String

false

URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

TPP-Nok-Redirect-URI

String

false

If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

1.5.4. Request fields

Path Type Optional Description

access

Object

false

Requested access services.

access.accounts

Array[Object]

true

Is asking for detailed account information.

If the array is empty, the TPP is asking for an accessible account list. This may be restricted in a PSU/ASPSP authorisation dialogue. If the array is empty, also the arrays for balances or transactions shall be empty, if used.

access.accounts[].iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

access.accounts[].currency

String

true

Must match the regular expression ^[A-Z]{3}$.

access.accounts[].resourceId

String

false

access.balances

Array[Object]

true

Is asking for balances of the addressed accounts.

If the array is empty, the TPP is asking for the balances of all accessible account lists. This may be restricted in a PSU/ASPSP authorisation dialogue. If the array is empty, also the arrays for accounts or transactions shall be empty, if used.

access.balances[].iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

access.balances[].currency

String

true

Must match the regular expression ^[A-Z]{3}$.

access.balances[].resourceId

String

false

access.transactions

Array[Object]

true

Is asking for transactions of the addressed accounts.

If the array is empty, the TPP is asking for the transactions of all accessible account lists. This may be restricted in a PSU/ASPSP authorisation dialogue. If the array is empty, also the arrays for accounts or balances shall be empty, if used.

access.transactions[].iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

access.transactions[].currency

String

true

Must match the regular expression ^[A-Z]{3}$.

access.transactions[].resourceId

String

false

recurringIndicator

Boolean

false

True, if the consent is for recurring access to the account data. false, if the consent is for one access to the account data.

validUntil

String

false

This parameter is requesting a valid until date for the requested consent. The content is the local ASPSP date in ISODate Format, e.g. 2017-10-30.

Must be in the future or the present.

frequencyPerDay

Integer

false

This field indicates the requested maximum frequency for an access per day. For a one-off access, this attribute is set to "1".

Must be positive.

combinedServiceIndicator

Boolean

false

If true indicates that a payment initiation service will be addressed in the same "session".

1.5.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

Location

Location of the created resource.

ASPSP-SCA-Approach

SCA approach.

1.5.6. Response fields

Path Type Optional Description

consentId

String

true

consentStatus

String

true

Must be one of [received, rejected, valid, revokedByPsu, expired, terminatedByTpp].

Relation Description

self

The link to the consent initiation resource created by this request. This link can be used to retrieve the resource data.

status

The link to retrieve status of the consent initiation.

scaStatus

The link to retrieve the scaStatus of the corresponding authorisation sub-resource.

scaRedirect

In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browser.

1.5.8. Example request

POST /api/public/consents HTTP/1.1
TPP-Nok-Redirect-URI: https://client.nano.com/consent=09c7895e-56ab-4187-8ca9-a89870e53a85&status=nok
Host: psd2.nano.lt
TPP-Redirect-URI: https://client.nano.com/consent=09c7895e-56ab-4187-8ca9-a89870e53a85&status=ok
X-Request-ID: 8d9a527e-9741-4eb7-b294-38a28fbc6ab3
Content-Length: 914
TPP-ID: 8e2a4b09-7ef1-4447-84c7-1a9b4043f6e6
Content-Type: application/json;charset=UTF-8
Accept: application/hal+json
X-API-Version: 1

{
  "access" : {
    "accounts" : [ {
      "iban" : "LT053570010000000226",
      "currency" : "EUR",
      "resourceId" : null
    }, {
      "iban" : "LT323570010000000031",
      "currency" : "EUR",
      "resourceId" : null
    }, {
      "iban" : "LT323570010000000031",
      "currency" : "USD",
      "resourceId" : null
    } ],
    "balances" : [ {
      "iban" : "LT323570010000000031",
      "currency" : "EUR",
      "resourceId" : null
    }, {
      "iban" : "LT323570010000000031",
      "currency" : "USD",
      "resourceId" : null
    } ],
    "transactions" : [ {
      "iban" : "LT053570010000000226",
      "currency" : "EUR",
      "resourceId" : null
    }, {
      "iban" : "LT323570010000000031",
      "currency" : "EUR",
      "resourceId" : null
    } ]
  },
  "recurringIndicator" : false,
  "validUntil" : "2019-11-21",
  "frequencyPerDay" : 4,
  "combinedServiceIndicator" : false
}

1.5.9. Example response

HTTP/1.1 201 Created
ASPSP-SCA-Approach: REDIRECT
X-Request-ID: 8d9a527e-9741-4eb7-b294-38a28fbc6ab3
Content-Type: application/hal+json;charset=UTF-8
Location: https://psd2.nano.lt/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85
Content-Length: 1014

{
  "consentId" : "09c7895e-56ab-4187-8ca9-a89870e53a85",
  "consentStatus" : "received",
  "_links" : {
    "self" : {
      "href" : "https://psd2.nano.lt/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85"
    },
    "status" : {
      "href" : "https://psd2.nano.lt/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/status"
    },
    "scaStatus" : {
      "href" : "https://psd2.nano.lt/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/authorisations/b084c799-1234-4f32-bc40-42228a90f66c"
    },
    "scaRedirect" : {
      "href" : "https://psd2.nano.lt/authorisation/09c7895e-56ab-4187-8ca9-a89870e53a85/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJydCI6IkNPTlNFTlQiLCJ0bmEiOiJURVNUIiwiaXNzIjoiVklBIFBheW1lbnRzIFVBQiIsIm5vayI6InRlc3QiLCJyaWQiOiIwOWM3ODk1ZS01NmFiLTQxODctOGNhOS1hODk4NzBlNTNhODUiLCJvayI6InRlc3QiLCJleHAiOjE1NTM1Mjk5NTgsImFpZCI6ImIwODRjNzk5LTEyMzQtNGYzMi1iYzQwLTQyMjI4YTkwZjY2YyIsImlhdCI6MTU1MzUyNzI1OCwidGlkIjoiVEVTVCJ9.6YLlFG6EiDg0q9dXpEPes1ofqBS_qpRndSe54COHma8"
    }
  }
}

DELETE /api/public/consents/{consentId}

The TPP can delete an account information consent object if needed.

1.6.1. Path parameters

Parameter Type Optional Description

consentId

String

false

ID of the corresponding consent object as returned by an Account Information Consent Request.

1.6.2. Query parameters

No parameters.

1.6.3. Request headers

Header Type Optional Description

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

1.6.4. Request fields

No request body.

1.6.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

1.6.6. Response fields

No response body.

1.6.7. Example request

DELETE /api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85 HTTP/1.1
Host: psd2.nano.lt
X-Request-ID: 4834fdf7-28ad-40da-bebc-5a1bd2ca7b0f
Accept: application/hal+json
X-API-Version: 1

1.6.8. Example response

HTTP/1.1 204 No Content
X-Request-ID: 4834fdf7-28ad-40da-bebc-5a1bd2ca7b0f

GET /api/public/consents/{consentId}

Returns the content of an account information consent object.

1.7.1. Path parameters

Parameter Type Optional Description

consentId

String

false

ID of the corresponding consent object as returned by an Account Information Consent Request.

1.7.2. Query parameters

No parameters.

1.7.3. Request headers

Header Type Optional Description

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

1.7.4. Request fields

No request body.

1.7.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

1.7.6. Response fields

Path Type Optional Description

access

Object

true

access.accounts

Array[Object]

true

Is asking for detailed account information.

If the array is empty, the TPP is asking for an accessible account list. This may be restricted in a PSU/ASPSP authorisation dialogue. If the array is empty, also the arrays for balances or transactions shall be empty, if used.

access.accounts[].iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

access.accounts[].currency

String

true

Must match the regular expression ^[A-Z]{3}$.

access.accounts[].resourceId

String

false

access.balances

Array[Object]

true

Is asking for balances of the addressed accounts.

If the array is empty, the TPP is asking for the balances of all accessible account lists. This may be restricted in a PSU/ASPSP authorisation dialogue. If the array is empty, also the arrays for accounts or transactions shall be empty, if used.

access.balances[].iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

access.balances[].currency

String

true

Must match the regular expression ^[A-Z]{3}$.

access.balances[].resourceId

String

false

access.transactions

Array[Object]

true

Is asking for transactions of the addressed accounts.

If the array is empty, the TPP is asking for the transactions of all accessible account lists. This may be restricted in a PSU/ASPSP authorisation dialogue. If the array is empty, also the arrays for accounts or balances shall be empty, if used.

access.transactions[].iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

access.transactions[].currency

String

true

Must match the regular expression ^[A-Z]{3}$.

access.transactions[].resourceId

String

false

validUntil

String

true

frequencyPerDay

Integer

true

recurringIndicator

Boolean

true

combinedServiceIndicator

Boolean

true

consentStatus

String

true

Must be one of [received, rejected, valid, revokedByPsu, expired, terminatedByTpp].

Relation Description

self

The link to the consent initiation resource created by this request. This link can be used to retrieve the resource data.

status

The link to retrieve status of the consent initiation.

scaStatus

The link to retrieve the scaStatus of the corresponding authorisation sub-resource.

1.7.8. Example request

GET /api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85 HTTP/1.1
Host: psd2.nano.lt
Accept: application/hal+json
X-Request-ID: d1061ac0-62e5-4c3f-84b2-bd9669ef609a
X-API-Version: 1

1.7.9. Example response

HTTP/1.1 200 OK
Content-Length: 1617
Content-Type: application/hal+json;charset=UTF-8
X-Request-ID: d1061ac0-62e5-4c3f-84b2-bd9669ef609a

{
  "access" : {
    "accounts" : [ {
      "iban" : "LT053570010000000226",
      "currency" : "EUR",
      "resourceId" : "b4b921f9-2c91-3f60-9940-057b9b2cc410"
    }, {
      "iban" : "LT323570010000000031",
      "currency" : "EUR",
      "resourceId" : "b78cb40c-1eba-3b1e-8b2b-08575dd70447"
    }, {
      "iban" : "LT323570010000000031",
      "currency" : "USD",
      "resourceId" : "1d29fc2b-ef87-39dd-b604-78f5a1d072dd"
    } ],
    "balances" : [ {
      "iban" : "LT323570010000000031",
      "currency" : "EUR",
      "resourceId" : "b78cb40c-1eba-3b1e-8b2b-08575dd70447"
    }, {
      "iban" : "LT323570010000000031",
      "currency" : "USD",
      "resourceId" : "1d29fc2b-ef87-39dd-b604-78f5a1d072dd"
    } ],
    "transactions" : [ {
      "iban" : "LT053570010000000226",
      "currency" : "EUR",
      "resourceId" : "b4b921f9-2c91-3f60-9940-057b9b2cc410"
    }, {
      "iban" : "LT323570010000000031",
      "currency" : "EUR",
      "resourceId" : "b78cb40c-1eba-3b1e-8b2b-08575dd70447"
    } ]
  },
  "validUntil" : "2019-11-21",
  "frequencyPerDay" : 4,
  "recurringIndicator" : false,
  "combinedServiceIndicator" : false,
  "consentStatus" : "valid",
  "_links" : {
    "self" : {
      "href" : "https://psd2.nano.lt/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85"
    },
    "status" : {
      "href" : "https://psd2.nano.lt/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/status"
    },
    "scaStatus" : {
      "href" : "https://psd2.nano.lt/api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/authorisations/b084c799-1234-4f32-bc40-42228a90f66c"
    }
  }
}

GET /api/public/consents/{consentId}/status

Read the status of an account information consent resource.

1.8.1. Path parameters

Parameter Type Optional Description

consentId

String

false

ID of the corresponding consent object as returned by an Account Information Consent Request.

1.8.2. Query parameters

No parameters.

1.8.3. Request headers

Header Type Optional Description

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

1.8.4. Request fields

No request body.

1.8.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

1.8.6. Response fields

Path Type Optional Description

consentStatus

String

false

Must be one of [received, rejected, valid, revokedByPsu, expired, terminatedByTpp].

1.8.7. Example request

GET /api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/status HTTP/1.1
X-Request-ID: ff72ab23-fce5-493a-8cb9-2068c9ac9ecb
Host: psd2.nano.lt
Accept: application/hal+json
X-API-Version: 1

1.8.8. Example response

HTTP/1.1 200 OK
Content-Length: 31
X-Request-ID: ff72ab23-fce5-493a-8cb9-2068c9ac9ecb
Content-Type: application/hal+json;charset=UTF-8

{
  "consentStatus" : "valid"
}

GET /api/public/consents/{consentId}/authorisations/{authorisationId}

Read the SCA status of a authorisation sub-resource.

1.9.1. Path parameters

Parameter Type Optional Description

consentId

String

false

authorisationId

String

false

ID of the authorisation sub-resource.

1.9.2. Query parameters

No parameters.

1.9.3. Request headers

Header Type Optional Description

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

1.9.4. Request fields

No request body.

1.9.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

1.9.6. Response fields

Path Type Optional Description

scaStatus

String

true

Must be one of [received, psuIdentified, psuAuthenticated, started, finalised, failed, exempted].

1.9.7. Example request

GET /api/public/consents/09c7895e-56ab-4187-8ca9-a89870e53a85/authorisations/b084c799-1234-4f32-bc40-42228a90f66c HTTP/1.1
Host: psd2.nano.lt
X-Request-ID: 83b9b3ac-d596-446d-8577-ee63d9c810a9
Accept: application/hal+json
X-API-Version: 1

1.9.8. Example response

HTTP/1.1 200 OK
Content-Length: 30
Content-Type: application/hal+json;charset=UTF-8
X-Request-ID: 83b9b3ac-d596-446d-8577-ee63d9c810a9

{
  "scaStatus" : "received"
}

2. Confirmation of Funds Service

Confirmation of Funds Service returns a confirmation of funds request at the ASPSP.

2.1. Check availability of funds

POST /api/public/funds-confirmations

Creates a confirmation of funds request at the ASPSP. Checks whether a specific amount is available at point of time of the request on an account linked to a given tuple card issuer(TPP)/card number, or addressed by IBAN and TPP respectively.

2.1.1. Path parameters

No parameters.

2.1.2. Query parameters

No parameters.

2.1.3. Request headers

Header Type Optional Description

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

2.1.4. Request fields

Path Type Optional Description

account

String

false

PSU’s account IBAN.

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

instructedAmount

Object

false

Transaction amount to be checked within the funds check mechanism.

instructedAmount.currency

String

true

ISO 4217 Alpha 3 currency code.

Must match the regular expression ^[A-Z]{3}$.

instructedAmount.amount

String

true

Transaction amount to be checked within the funds check mechanism. The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot.

Must have at most 14 integral digits and 2 fractional digits.

2.1.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

2.1.6. Response fields

Path Type Optional Description

fundsAvailable

Boolean

true

True if sufficient funds are available at the time of the request, false otherwise.

2.1.7. Example request

POST /api/public/funds-confirmations HTTP/1.1
Host: psd2.nano.lt
X-Request-ID: 0aed3672-d80f-4162-a4c2-23458ddaa0e0
Content-Length: 117
Content-Type: application/json;charset=UTF-8
X-API-Version: 1

{
  "account" : "LT323570010000000031",
  "instructedAmount" : {
    "currency" : "EUR",
    "amount" : "10.50"
  }
}

2.1.8. Example response

HTTP/1.1 200 OK
X-Request-ID: 0aed3672-d80f-4162-a4c2-23458ddaa0e0
Content-Length: 29
Content-Type: application/json;charset=UTF-8

{
  "fundsAvailable" : true
}

3. Payment Initiation Service (PIS)

The Payment Initiation Service (PIS) offers the following services:

  • Initiation and update of a payment request

  • Status information of a payment

3.1. Initiate payment

POST /api/public/payments/sepa-credit-transfers

Create a payment initiation resource addressable under {paymentId}. This is the first step in the API to initiate the related payment.

3.1.1. Path parameters

No parameters.

3.1.2. Query parameters

No parameters.

3.1.3. Request headers

Header Type Optional Description

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

TPP-ID

String

false

ID of the corresponding third party payment service provider.

TPP-Redirect-URI

String

false

URI of the TPP, where the transaction flow shall be redirected to after a Redirect.

TPP-Nok-Redirect-URI

String

false

If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

PSU-IP-Address

String

false

The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.

3.1.4. Request fields

Path Type Optional Description

debtorAccount

Object

false

debtorAccount.iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

debtorAccount.currency

String

true

Must match the regular expression ^[A-Z]{3}$.

creditorAccount

Object

false

creditorAccount.iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

creditorAccount.currency

String

true

Must match the regular expression ^[A-Z]{3}$.

creditorName

String

false

creditorInstitutionName

String

true

creditorInstitutionCode

String

true

remittanceInformationUnstructured

String

false

instructedAmount

Object

false

instructedAmount.currency

String

true

ISO 4217 Alpha 3 currency code.

Must match the regular expression ^[A-Z]{3}$.

instructedAmount.amount

String

true

Transaction amount to be checked within the funds check mechanism. The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot.

Must have at most 14 integral digits and 2 fractional digits.

3.1.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

Location

Location of the created resource.

ASPSP-SCA-Approach

SCA approach.

3.1.6. Response fields

Path Type Optional Description

paymentId

String

false

Resource identification of the generated payment initiation resource.

transactionStatus

String

false

Must be one of [ACCP, ACSC, ACSP, ACTC, ACWC, ACWP, RCVD, PDNG, RJCT, CANC].

Relation Description

self

The link to the payment initiation resource created by this request. This link can be used to retrieve the resource data.

status

The link to retrieve status of the payment initiation.

scaStatus

The link to retrieve the scaStatus of the corresponding authorisation sub-resource.

scaRedirect

In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browser.

3.1.8. Example request

POST /api/public/payments/sepa-credit-transfers HTTP/1.1
TPP-Redirect-URI: https://client.nano.com/payment=c8a325bc-1ed4-4c0b-bb25-474ae2ed8392&status=ok
Host: psd2.nano.lt
TPP-ID: 689d52e4-b2d0-491a-90dc-7b8a33589607
Content-Length: 418
PSU-IP-Address: 88.119.96.5
Content-Type: application/json;charset=UTF-8
X-Request-ID: ccb5ba69-0483-4f0b-9583-8128fffca5cf
Accept: application/hal+json
TPP-Nok-Redirect-URI: https://client.nano.com/payment=c8a325bc-1ed4-4c0b-bb25-474ae2ed8392&status=nok
X-API-Version: 1

{
  "debtorAccount" : {
    "iban" : "LT323570010000000031",
    "currency" : null
  },
  "creditorAccount" : {
    "iban" : "LT237300010131568793",
    "currency" : null
  },
  "creditorName" : "Jonas Jonaitis",
  "creditorInstitutionName" : null,
  "creditorInstitutionCode" : null,
  "remittanceInformationUnstructured" : "Test payment",
  "instructedAmount" : {
    "currency" : "EUR",
    "amount" : "10.50"
  }
}

3.1.9. Example response

HTTP/1.1 201 Created
ASPSP-SCA-Approach: REDIRECT
Content-Length: 999
Location: /api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392
Content-Type: application/hal+json;charset=UTF-8
X-Request-ID: ccb5ba69-0483-4f0b-9583-8128fffca5cf

{
  "paymentId" : "c8a325bc-1ed4-4c0b-bb25-474ae2ed8392",
  "transactionStatus" : "RCVD",
  "_links" : {
    "self" : {
      "href" : "/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392"
    },
    "status" : {
      "href" : "/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/status"
    },
    "scaStatus" : {
      "href" : "/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/authorisations/11118716-fc53-4d47-8022-dc77cb1c65c"
    },
    "scaRedirect" : {
      "href" : "/authorisation/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJydCI6IlBBWU1FTlQiLCJ0bmEiOiJURVNUIiwiaXNzIjoiVklBIFBheW1lbnRzIFVBQiIsIm5vayI6InRlc3QiLCJyaWQiOiJjOGEzMjViYy0xZWQ0LTRjMGItYmIyNS00NzRhZTJlZDgzOTIiLCJvayI6InRlc3QiLCJleHAiOjE1NTM1MzAxMTEsImFpZCI6IjExMTE4NzE2LWZjNTMtNGQ0Ny04MDIyLWRjNzdjYjFjNjVjMiIsImlhdCI6MTU1MzUyNzQxMSwidGlkIjoiVEVTVCJ9.xe3Y05W4C4IWKepLscPgvm-qimopLoG0GXE97spTrD4"
    }
  }
}

3.2. Get payment

GET /api/public/payments/sepa-credit-transfers/{paymentId}

Read the details of an initiated payment.

3.2.1. Path parameters

Parameter Type Optional Description

paymentId

String

false

ID of the corresponding payment initiation object as returned by an Payment Initiation Request.

3.2.2. Query parameters

No parameters.

3.2.3. Request headers

Header Type Optional Description

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

3.2.4. Request fields

No request body.

3.2.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

3.2.6. Response fields

Path Type Optional Description

debtorAccount

Object

false

debtorAccount.iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

debtorAccount.currency

String

true

Must match the regular expression ^[A-Z]{3}$.

creditorAccount

Object

false

creditorAccount.iban

String

false

Must match the regular expression ^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$.

creditorAccount.currency

String

true

Must match the regular expression ^[A-Z]{3}$.

creditorName

String

false

creditorInstitutionName

String

false

creditorInstitutionCode

String

false

remittanceInformationUnstructured

String

false

instructedAmount

Object

true

instructedAmount.currency

String

true

ISO 4217 Alpha 3 currency code.

Must match the regular expression ^[A-Z]{3}$.

instructedAmount.amount

String

true

Transaction amount to be checked within the funds check mechanism. The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot.

Must have at most 14 integral digits and 2 fractional digits.

feeAmount

Object

true

feeAmount.currency

String

true

ISO 4217 Alpha 3 currency code.

Must match the regular expression ^[A-Z]{3}$.

feeAmount.amount

String

true

Transaction amount to be checked within the funds check mechanism. The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot.

Must have at most 14 integral digits and 2 fractional digits.

transactionStatus

String

false

Must be one of [ACCP, ACSC, ACSP, ACTC, ACWC, ACWP, RCVD, PDNG, RJCT, CANC].

Relation Description

self

The link to the payment initiation resource created by this request. This link can be used to retrieve the resource data.

status

The link to retrieve status of the payment initiation.

scaStatus

The link to retrieve the scaStatus of the corresponding authorisation sub-resource.

3.2.8. Example request

GET /api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392 HTTP/1.1
Host: psd2.nano.lt
X-Request-ID: 1060d678-f0d9-4560-8035-8c59895715f5
Accept: application/hal+json
X-API-Version: 1

3.2.9. Example response

HTTP/1.1 200 OK
Content-Type: application/hal+json;charset=UTF-8
X-Request-ID: 1060d678-f0d9-4560-8035-8c59895715f5
Content-Length: 932

{
  "debtorAccount" : {
    "iban" : "LT323570010000000031",
    "currency" : null
  },
  "creditorAccount" : {
    "iban" : "LT237300010131568793",
    "currency" : null
  },
  "creditorName" : "Jonas Jonaitis",
  "creditorInstitutionName" : "Swedbank, AB",
  "creditorInstitutionCode" : "HABALT22XXX",
  "remittanceInformationUnstructured" : "Test payment",
  "instructedAmount" : {
    "currency" : "EUR",
    "amount" : "10.50"
  },
  "feeAmount" : null,
  "transactionStatus" : "RCVD",
  "_links" : {
    "self" : {
      "href" : "/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392"
    },
    "status" : {
      "href" : "/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/status"
    },
    "scaStatus" : {
      "href" : "/api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/authorisations/11118716-fc53-4d47-8022-dc77cb1c65c"
    }
  }
}

3.3. Get payment status

GET /api/public/payments/sepa-credit-transfers/{paymentId}/status

Read the transaction status of the payment.

3.3.1. Path parameters

Parameter Type Optional Description

paymentId

String

false

ID of the corresponding payment initiation object as returned by an Payment Initiation Request.

3.3.2. Query parameters

No parameters.

3.3.3. Request headers

Header Type Optional Description

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

3.3.4. Request fields

No request body.

3.3.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

3.3.6. Response fields

Path Type Optional Description

transactionStatus

String

false

Must be one of [ACCP, ACSC, ACSP, ACTC, ACWC, ACWP, RCVD, PDNG, RJCT, CANC].

3.3.7. Example request

GET /api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/status HTTP/1.1
Host: psd2.nano.lt
X-Request-ID: 1add659e-ed10-42bc-8801-2faf8a54409c
Accept: application/hal+json
X-API-Version: 1

3.3.8. Example response

HTTP/1.1 200 OK
Content-Type: application/hal+json;charset=UTF-8
X-Request-ID: 1add659e-ed10-42bc-8801-2faf8a54409c
Content-Length: 34

{
  "transactionStatus" : "RCVD"
}

3.4. Get payment authorisation status

GET /api/public/payments/sepa-credit-transfers/{paymentId}/authorisations/{authorisationId}

Read the SCA status of a authorisation sub-resource.

3.4.1. Path parameters

Parameter Type Optional Description

paymentId

String

false

authorisationId

String

false

ID of the authorisation sub-resource.

3.4.2. Query parameters

No parameters.

3.4.3. Request headers

Header Type Optional Description

X-Request-ID

Object

false

ID of the request, unique to the call, as determined by the initiating party.

3.4.4. Request fields

No request body.

3.4.5. Response headers

Name Description

X-Request-ID

ID of the request, unique to the call, as determined by the initiating party.

3.4.6. Response fields

Path Type Optional Description

scaStatus

String

true

Must be one of [received, psuIdentified, psuAuthenticated, started, finalised, failed, exempted].

3.4.7. Example request

GET /api/public/payments/sepa-credit-transfers/c8a325bc-1ed4-4c0b-bb25-474ae2ed8392/authorisations/11118716-fc53-4d47-8022-dc77cb1c65c HTTP/1.1
X-Request-ID: 3e6b84b0-fc5a-4f2f-a0c0-1d41d6ee2f3e
Host: psd2.nano.lt
Accept: application/hal+json
X-API-Version: 1

3.4.8. Example response

HTTP/1.1 200 OK
X-Request-ID: 3e6b84b0-fc5a-4f2f-a0c0-1d41d6ee2f3e
Content-Length: 30
Content-Type: application/hal+json;charset=UTF-8

{
  "scaStatus" : "received"
}

HTTP Response Codes

The HTTP response code is communicating the success or failure of a TPP request message. The 4XX HTTP response codes should only be given if the current request cannot be fulfilled, e.g. a payment initiation cannot be posted or account transactions cannot be retrieved. A request to get the status of an existing payment or a consent usually returns HTTP response code 200 since the actual request to retrieve the status succeeded, regardless if that payment or consent state is set to failure or not.

This specification supports the following HTTP response codes:

Status code Description

200 OK

PUT, GET Response Codes

The POST for a Funds request will also return 200 since it does not create a new resource.

DELETE Response Code where a payment resource has been cancelled successfully and no further cancellation authorisation is required.

201 Created

POST response code where Payment Initiation or Consent Request was correctly performed.

204 No Content

DELETE response code where a consent resource was successfully deleted. The code indicates that the request was performed, but no content was returned.

400 Bad Request

Validation error occurred. This code will cover malformed syntax in request or incorrect data in payload.

401 Unauthorized

The TPP or the PSU is not correctly authorized to perform the request. Retry the request with correct authentication information.

403 Forbidden

Returned if the resource that was referenced in the path exists but cannot be accessed by the TPP or the PSU. This code should only be used for non-sensitive id references as it will reveal that the resource exists even though it cannot be accessed.

404 Not found

Returned if the resource or endpoint that was referenced in the path does not exist or cannot be referenced by the TPP or the PSU. When in doubt if a specific id in the path is sensitive or not, use the HTTP response code 404 instead of the HTTP response code 403.

405 Method Not Allowed

This code is only sent when the HTTP method (PUT, POST, DELETE, GET etc.) is not supported on a specific endpoint. It has nothing to do with the consent, payment or account information data model.

406 Not Acceptable

The ASPSP cannot generate the content that the TPP specified in the Accept header.

408 Request Timeout

The server is still working correctly, but an individual request has timed out.

415 Unsupported Media Type

The TPP has supplied a media type which the ASPSP does not support.

429 Too Many Requests

The TPP has exceeded the number of requests allowed by the consent or by the RTS.

500 Internal Server Error

Internal server error occurred.

503 Service Unavailable

The ASPSP server is currently unavailable. Generally, this is a temporary state.

Additional Error Information

In RFC7807, a standardised definition of reporting error information is described. In the following, requirements of how to use this standardised error information reporting in the context of the PSD2 XS2A interface are defined.

Response Code

The HTTP response code is 4xx or 5xx as defined in HTTP Response Codes for response codes in case of errors.

Response Header

Attribute Type Condition Description

Content-Type

String

Mandatory

The string application/problem+json is used.

Response Body

Attribute Type Condition Description

type

String

Mandatory

A URI reference RFC3986 that identifies the problem type.

title

String

Optional

Short human readable description of error type.

detail

String

Optional

Detailed human readable text specific to this instance of the error.

code

Message Code

Mandatory

Message code to explain the nature of the underlying error.

additionalErrors

Array

Optional

Used if more than one error is to be communicated.

Example

{
    "code": "RESOURCE_UNKNOWN",
    "title": "The addressed resource is unknown relative to the TPP.",
    "description": "Requested account not found.",
    "type": "https://psd2.nano.lt/api#RESOURCE_UNKNOWN",
    "additionalErrors": null
}

HTTP Error Codes

Message Code

HTTP Response Code

Description

CERTIFICATE_INVALID

401

The contents of the signature/corporate seal certificate are not matching PSD2 general PSD2 or attribute requirements.

CERTIFICATE_EXPIRED

401

Signature/corporate seal certificate is expired.

CERTIFICATE_BLOCKED

401

Signature/corporate seal certificate has been blocked by the ASPSP.

CERTIFICATE_REVOKED

401

Signature/corporate seal certificate has been revoked by QSTP.

CERTIFICATE_MISSING

401

Signature/corporate seal certificate was not available in the request but is mandated for the corresponding.

SIGNATURE_INVALID

401

Application layer eIDAS Signature for TPP authentication is not correct.

SIGNATURE_MISSING

401

Application layer eIDAS Signature for TPP authentication is mandated by the ASPSP but is missing.

FORMAT_ERROR

400

Format of certain request fields are not matching the XS2A requirements. An explicit path to the corresponding field might be added in the return message.

PARAMETER_NOT_CONSISTENT

400

Parameters submitted by TPP are not consistent.

PARAMETER_NOT_SUPPORTED

400

The parameter is not supported.

CONSENT_UNKNOWN

403 (if path), 400 (if payload)

The Consent-ID cannot be matched by the ASPSP relative to the TPP.

CONSENT_INVALID

401

The consent was created by this TPP but is not valid for the addressed service/resource.

CONSENT_EXPIRED

401

The consent was created by this TPP but has expired and needs to be renewed.

RESOURCE_UNKNOWN

404 (if account-id path), 403 (if other resource in path)

The addressed resource is unknown relative to the TPP.

RESOURCE_EXPIRED

403 (if path), 400 (if payload)

The addressed resource is associated with the TPP but has expired, not addressable anymore.

STATUS_INVALID

409

The addressed resource does not allow additional authorisation.

PAYMENT_FAILED

400

The payment initiation POST request failed during the initial process. Additional information may be provided by the ASPSP.