--- swagger: "2.0" info: title: Periodic Payment Initiation API x-ibm-name: periodic-payment-initiation-api version: 1.0.0 contact: name: openbanking@dssbank.no license: name: Copyright © 2018-2019 LILLESANDS SPAREBANK. All rights reserved. url: https://openbanking.lillesands-sparebank.no/terms description: | [**Read the developer documentation before using this API** ](https://openbanking.lillesands-sparebank.no/portal-sandbox/documentation/) basePath: / tags: - name: /v1/periodic-payments schemes: - https paths: /v1/periodic-payments/norwegian-domestic-credit-transfers: post: tags: - /v1/periodic-payments summary: Create a new periodic-payment initiation request for payment product norwegian-domestic-credit-transfers. description: |- Creates a new periodic payment initiation request for one of the following products: See Bits _PSD2 appendix_ for additional details. > Sample Request Body ``` { "instructedAmount": { "amount": "100.23", "currency": "NOK" }, "creditorName": "Company 123", "creditorAccount": { "bban": "95360573002", "iban": "NO0995360573002", "currency": "NOK" }, "creditorAddress": { "street": "Street", "buildingNumber": "56", "postalCode": "7014", "city": "Trondheim", "country": "NO" }, "debtorAccount": { "bban": "95360573002", "iban": "NO0995360573002", "currency": "NOK" }, "ultimateDebtor": "Company CBA", "remittanceInformationUnstructured": "Kredittrente", "startDate": "2018-06-07", "executionRule": "preceeding", "endDate": "2020-06-07", "frequency": "Monthly", "dayOfExecution": "12" } ``` operationId: periodic-norwegian-domestic-credit-transfers consumes: - application/json;charset=utf-8 produces: - application/json;charset=utf-8 parameters: - in: body name: body description: payload required: true schema: $ref: '#/definitions/NorwegianDomesticCreditTransferPeriodicPayment' - $ref: '#/parameters/x-accept-fix' - $ref: '#/parameters/Accept' - $ref: '#/parameters/Accept-Charset' - $ref: '#/parameters/Accept-Encoding' - $ref: '#/parameters/Accept-Language' - $ref: '#/parameters/Host' - $ref: '#/parameters/X-Request-ID' - $ref: '#/parameters/TPP-Session-ID' - $ref: '#/parameters/TPP-Redirect-URI' - $ref: '#/parameters/TPP-Redirect-Preferred' - $ref: '#/parameters/Digest' - $ref: '#/parameters/TPP-Signature-Certificate' - $ref: '#/parameters/Signature' - $ref: '#/parameters/PSU-ID' - $ref: '#/parameters/PSU-Corporate-ID' - $ref: '#/parameters/PSU-IP-Address' - $ref: '#/parameters/PSU-IP-Port' - $ref: '#/parameters/PSU-User-Agent' - $ref: '#/parameters/PSU-Accept' - $ref: '#/parameters/PSU-Accept-Charset' - $ref: '#/parameters/PSU-Accept-Encoding' - $ref: '#/parameters/PSU-Accept-Language' - $ref: '#/parameters/PSU-HTTP-Method' - $ref: '#/parameters/PSU-Device-ID' - $ref: '#/parameters/PSU-Geo-Location' responses: 201: description: CREATED schema: $ref: '#/definitions/CreatePaymentResponse' 400: description: Bad Request schema: $ref: '#/definitions/Error' examples: FORMAT_ERROR: id: "5615873375" status: 400 system: ERA-PSD2 code: FORMAT_ERROR 401: description: Unauthorized schema: $ref: '#/definitions/Challenge' 403: description: Forbidden schema: $ref: '#/definitions/Error' examples: PRODUCT_INVALID: id: "5615873376" system: ERA-PSD2 status: 403 code: PRODUCT_INVALID 404: description: Not Found schema: $ref: '#/definitions/Error' examples: RESOURCE_UNKNOWN: id: "5615873376" system: ERA-PSD2 status: 404 code: RESOURCE_UNKNOWN 500: description: Internal Server Error schema: $ref: '#/definitions/Error' examples: SYSTEM_ERROR: id: "5615873378" system: ERA-PSD2 status: 500 code: SYSTEM_ERROR /v1/periodic-payments/{paymentProduct}/{paymentId}: get: tags: - /v1/periodic-payments summary: Get the details of an initiated periodic payment. description: See _XS2A Framework Implementation Guidelines, Section 5.5_ for additional details. operationId: getPeriodicPayment produces: - application/json;charset=utf-8 parameters: - name: paymentProduct in: path description: The product of the periodic payment that should be returned. required: true type: string enum: - norwegian-domestic-credit-transfers x-example: norwegian-domestic-credit-transfers - name: paymentId in: path description: The id of the periodic payment that should be returned. required: true type: string x-example: enc!!H6fD9HS7Y7peXJh1HqC34RFgGfF992bjabcRx5n== - $ref: '#/parameters/x-accept-fix' - $ref: '#/parameters/Accept' - $ref: '#/parameters/Accept-Charset' - $ref: '#/parameters/Accept-Encoding' - $ref: '#/parameters/Accept-Language' - $ref: '#/parameters/Host' - $ref: '#/parameters/X-Request-ID' - $ref: '#/parameters/TPP-Session-ID' - $ref: '#/parameters/TPP-Redirect-URI' - $ref: '#/parameters/TPP-Redirect-Preferred' - $ref: '#/parameters/TPP-Signature-Certificate' - $ref: '#/parameters/Signature' - $ref: '#/parameters/PSU-ID' - $ref: '#/parameters/PSU-Corporate-ID' - $ref: '#/parameters/PSU-IP-Address' - $ref: '#/parameters/PSU-IP-Port' - $ref: '#/parameters/PSU-User-Agent' - $ref: '#/parameters/PSU-Accept' - $ref: '#/parameters/PSU-Accept-Charset' - $ref: '#/parameters/PSU-Accept-Encoding' - $ref: '#/parameters/PSU-Accept-Language' - $ref: '#/parameters/PSU-HTTP-Method' - $ref: '#/parameters/PSU-Device-ID' - $ref: '#/parameters/PSU-Geo-Location' responses: 200: description: OK schema: $ref: '#/definitions/PeriodicPayment' 400: description: Bad Request schema: $ref: '#/definitions/Error' examples: FORMAT_ERROR: id: "5615873375" status: 400 system: ERA-PSD2 code: FORMAT_ERROR 401: description: Unauthorized schema: $ref: '#/definitions/Challenge' 403: description: Forbidden schema: $ref: '#/definitions/Error' examples: PRODUCT_INVALID: id: "5615873376" system: ERA-PSD2 status: 403 code: PRODUCT_INVALID 404: description: Not Found schema: $ref: '#/definitions/Error' examples: RESOURCE_UNKNOWN: id: "5615873376" system: ERA-PSD2 status: 404 code: RESOURCE_UNKNOWN 500: description: Internal Server Error schema: $ref: '#/definitions/Error' examples: SYSTEM_ERROR: id: "5615873378" system: ERA-PSD2 status: 500 code: SYSTEM_ERROR delete: tags: - /v1/periodic-payments summary: Initiates a Periodic Payment Cancellation Request. description: "If the periodic payment is not authorised this call is sufficient to cancel a payment. \nIf an authorisation of the payment cancellation is mandated a corresponding hyperlink will be contained in the response message.\nA authorisation is always mandated if the payment is previously authorised.\nSee _XS2A Framework Implementation Guidelines, Section 5.6_ for additional details.\n" operationId: deletePyamentRequest produces: - application/json;charset=utf-8 parameters: - name: paymentProduct in: path description: The product of the payment that should be returned. required: true type: string enum: - norwegian-domestic-credit-transfers x-example: norwegian-domestic-credit-transfers - name: paymentId in: path description: Id of the payment to authorise. required: true type: string - $ref: '#/parameters/x-accept-fix' - $ref: '#/parameters/Accept' - $ref: '#/parameters/Accept-Charset' - $ref: '#/parameters/Accept-Encoding' - $ref: '#/parameters/Accept-Language' - $ref: '#/parameters/Host' - $ref: '#/parameters/X-Request-ID' - $ref: '#/parameters/TPP-Session-ID' - $ref: '#/parameters/TPP-Redirect-URI' - $ref: '#/parameters/TPP-Redirect-Preferred' - $ref: '#/parameters/TPP-Signature-Certificate' - $ref: '#/parameters/Signature' - $ref: '#/parameters/PSU-ID' - $ref: '#/parameters/PSU-Corporate-ID' - $ref: '#/parameters/PSU-IP-Address' - $ref: '#/parameters/PSU-IP-Port' - $ref: '#/parameters/PSU-User-Agent' - $ref: '#/parameters/PSU-Accept' - $ref: '#/parameters/PSU-Accept-Charset' - $ref: '#/parameters/PSU-Accept-Encoding' - $ref: '#/parameters/PSU-Accept-Language' - $ref: '#/parameters/PSU-HTTP-Method' - $ref: '#/parameters/PSU-Device-ID' - $ref: '#/parameters/PSU-Geo-Location' responses: 202: description: ACCEPTED schema: $ref: '#/definitions/PaymentCancellation' 204: description: CREATED 400: description: Bad Request schema: $ref: '#/definitions/Error' examples: FORMAT_ERROR: id: "5615873375" status: 400 system: ERA-PSD2 code: FORMAT_ERROR 401: description: Unauthorized schema: $ref: '#/definitions/Challenge' 403: description: Forbidden schema: $ref: '#/definitions/Error' examples: PRODUCT_INVALID: id: "5615873376" system: ERA-PSD2 status: 403 code: PRODUCT_INVALID 404: description: Not Found schema: $ref: '#/definitions/Error' examples: RESOURCE_UNKNOWN: id: "5615873376" system: ERA-PSD2 status: 404 code: RESOURCE_UNKNOWN 405: description: Method Not Allowed schema: $ref: '#/definitions/Error' examples: SERVICE_INVALID: id: "5615873376" system: ERA-PSD2 status: 405 code: SERVICE_INVALID 409: description: Conflict schema: $ref: '#/definitions/Error' examples: STATUS_INVALID: id: "5615873376" system: ERA-PSD2 status: 409 code: STATUS_INVALID 500: description: Internal Server Error schema: $ref: '#/definitions/Error' examples: SYSTEM_ERROR: id: "5615873378" system: ERA-PSD2 status: 500 code: SYSTEM_ERROR /v1/periodic-payments/{paymentProduct}/{paymentId}/status: get: tags: - /v1/periodic-payments summary: Gets the status of an initiated periodic payment. description: See _XS2A Framework Implementation Guidelines, Section 5.4_ for additional details. operationId: getPeriodicPaymentStatus produces: - application/json;charset=utf-8 parameters: - name: paymentProduct in: path description: The product of the periodic payment that should be returned. required: true type: string enum: - norwegian-domestic-credit-transfers x-example: norwegian-domestic-credit-transfers - name: paymentId in: path description: The id of the periodic payment that should be returned. required: true type: string x-example: enc!!H6fD9HS7Y7peXJh1HqC34RFgGfF992bjabcRx5n== - $ref: '#/parameters/x-accept-fix' - $ref: '#/parameters/Accept' - $ref: '#/parameters/Accept-Charset' - $ref: '#/parameters/Accept-Encoding' - $ref: '#/parameters/Accept-Language' - $ref: '#/parameters/Host' - $ref: '#/parameters/X-Request-ID' - $ref: '#/parameters/TPP-Session-ID' - $ref: '#/parameters/TPP-Redirect-URI' - $ref: '#/parameters/TPP-Redirect-Preferred' - $ref: '#/parameters/TPP-Signature-Certificate' - $ref: '#/parameters/Signature' - $ref: '#/parameters/PSU-ID' - $ref: '#/parameters/PSU-Corporate-ID' - $ref: '#/parameters/PSU-IP-Address' - $ref: '#/parameters/PSU-IP-Port' - $ref: '#/parameters/PSU-User-Agent' - $ref: '#/parameters/PSU-Accept' - $ref: '#/parameters/PSU-Accept-Charset' - $ref: '#/parameters/PSU-Accept-Encoding' - $ref: '#/parameters/PSU-Accept-Language' - $ref: '#/parameters/PSU-HTTP-Method' - $ref: '#/parameters/PSU-Device-ID' - $ref: '#/parameters/PSU-Geo-Location' responses: 200: description: OK schema: $ref: '#/definitions/PaymentStatus' 400: description: Bad Request schema: $ref: '#/definitions/Error' examples: FORMAT_ERROR: id: "5615873375" status: 400 system: ERA-PSD2 code: FORMAT_ERROR 401: description: Unauthorized schema: $ref: '#/definitions/Challenge' 403: description: Forbidden schema: $ref: '#/definitions/Error' examples: PRODUCT_INVALID: id: "5615873376" system: ERA-PSD2 status: 403 code: PRODUCT_INVALID 404: description: Not Found schema: $ref: '#/definitions/Error' examples: RESOURCE_UNKNOWN: id: "5615873376" system: ERA-PSD2 status: 404 code: RESOURCE_UNKNOWN 500: description: Internal Server Error schema: $ref: '#/definitions/Error' examples: SYSTEM_ERROR: id: "5615873378" system: ERA-PSD2 status: 500 code: SYSTEM_ERROR /v1/periodic-payments/{paymentProduct}/{paymentId}/authorisations: post: tags: - /v1/periodic-payments summary: Starts the authorisation process of a payment. description: See the developer documentation for a detailed description on the flow. operationId: createAuthorization produces: - application/json;charset=utf-8 parameters: - name: paymentProduct in: path description: The product of the periodic payment that should be returned. required: true type: string enum: - norwegian-domestic-credit-transfers x-example: norwegian-domestic-credit-transfers - name: paymentId in: path description: The id of the periodic payment that should be returned. required: true type: string x-example: enc!!H6fD9HS7Y7peXJh1HqC34RFgGfF992bjabcRx5n== - $ref: '#/parameters/x-accept-fix' - $ref: '#/parameters/Accept' - $ref: '#/parameters/Accept-Charset' - $ref: '#/parameters/Accept-Encoding' - $ref: '#/parameters/Accept-Language' - $ref: '#/parameters/Host' - $ref: '#/parameters/X-Request-ID' - $ref: '#/parameters/TPP-Session-ID' - $ref: '#/parameters/TPP-Redirect-URI' - $ref: '#/parameters/TPP-Redirect-Preferred' - $ref: '#/parameters/TPP-Signature-Certificate' - $ref: '#/parameters/Signature' - $ref: '#/parameters/PSU-ID' - $ref: '#/parameters/PSU-Corporate-ID' - $ref: '#/parameters/PSU-IP-Address' - $ref: '#/parameters/PSU-IP-Port' - $ref: '#/parameters/PSU-User-Agent' - $ref: '#/parameters/PSU-Accept' - $ref: '#/parameters/PSU-Accept-Charset' - $ref: '#/parameters/PSU-Accept-Encoding' - $ref: '#/parameters/PSU-Accept-Language' - $ref: '#/parameters/PSU-HTTP-Method' - $ref: '#/parameters/PSU-Device-ID' - $ref: '#/parameters/PSU-Geo-Location' responses: 201: description: CREATED schema: $ref: '#/definitions/Authorization' 400: description: Bad Request schema: $ref: '#/definitions/Error' examples: FORMAT_ERROR: id: "5615873375" status: 400 system: ERA-PSD2 code: FORMAT_ERROR 401: description: Unauthorized schema: $ref: '#/definitions/Challenge' 404: description: Not Found schema: $ref: '#/definitions/Error' examples: RESOURCE_UNKNOWN: id: "5615873376" system: ERA-PSD2 status: 404 code: RESOURCE_UNKNOWN 500: description: Internal Server Error schema: $ref: '#/definitions/Error' examples: SYSTEM_ERROR: id: "5615873378" system: ERA-PSD2 status: 500 code: SYSTEM_ERROR /v1/periodic-payments/{paymentProduct}/{paymentId}/cancellation-authorisations: post: tags: - /v1/periodic-payments summary: Start the authorisation process of a periodic payment cancellation when needed. description: |- The cancellation flow is similar to a payment authorisation flow. See _XS2A Framework Implementation Guidelines, Section 7.1_ for additional details. operationId: createCancellationAuthorization produces: - application/json;charset=utf-8 parameters: - name: paymentProduct in: path description: The product of the periodic payment cancellation that should be authorised. required: true type: string enum: - norwegian-domestic-credit-transfers x-example: norwegian-domestic-credit-transfers - name: paymentId in: path description: Id of the periodic payment cancellation to authorise. required: true type: string x-example: enc!!H6fD9HS7Y7peXJh1HqC34RFgGfF992bjabcRx5n== - $ref: '#/parameters/x-accept-fix' - $ref: '#/parameters/Accept' - $ref: '#/parameters/Accept-Charset' - $ref: '#/parameters/Accept-Encoding' - $ref: '#/parameters/Accept-Language' - $ref: '#/parameters/Host' - $ref: '#/parameters/X-Request-ID' - $ref: '#/parameters/TPP-Session-ID' - $ref: '#/parameters/TPP-Redirect-URI' - $ref: '#/parameters/TPP-Redirect-Preferred' - $ref: '#/parameters/TPP-Signature-Certificate' - $ref: '#/parameters/Signature' - $ref: '#/parameters/PSU-ID' - $ref: '#/parameters/PSU-Corporate-ID' - $ref: '#/parameters/PSU-IP-Address' - $ref: '#/parameters/PSU-IP-Port' - $ref: '#/parameters/PSU-User-Agent' - $ref: '#/parameters/PSU-Accept' - $ref: '#/parameters/PSU-Accept-Charset' - $ref: '#/parameters/PSU-Accept-Encoding' - $ref: '#/parameters/PSU-Accept-Language' - $ref: '#/parameters/PSU-HTTP-Method' - $ref: '#/parameters/PSU-Device-ID' - $ref: '#/parameters/PSU-Geo-Location' responses: 201: description: CREATED schema: $ref: '#/definitions/Authorization' 400: description: Bad Request schema: $ref: '#/definitions/Error' examples: FORMAT_ERROR: id: "5615873375" status: 400 system: ERA-PSD2 code: FORMAT_ERROR 401: description: Unauthorized schema: $ref: '#/definitions/Challenge' 404: description: Not Found schema: $ref: '#/definitions/Error' examples: RESOURCE_UNKNOWN: id: "5615873376" system: ERA-PSD2 status: 404 code: RESOURCE_UNKNOWN 500: description: Internal Server Error schema: $ref: '#/definitions/Error' examples: SYSTEM_ERROR: id: "5615873378" system: ERA-PSD2 status: 500 code: SYSTEM_ERROR parameters: x-accept-fix: name: x-accept-fix in: header required: true type: string description: Set this to "amount-as-string", will make amounts be serialized as strings with the correct number of decimal points. Temporarily required , default serialization will be switched to string when all clients sends this header. x-example: amount-as-string Accept: name: Accept in: header type: string required: false description: Advertises which content types, expressed as MIME types, the client is able to understand. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the Content-Type response header. x-example: application/json Accept-Charset: name: Accept-Charset in: header type: string required: false description: Advertises which character set the client is able to understand. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice within the Content-Type response header. x-example: utf-8 Accept-Encoding: name: Accept-Encoding in: header required: false type: string description: Advertises which content encoding, usually a compression algorithm, the client is able to understand. Using content negotiation, the server selects one of the proposals, uses it and informs the client of its choice with the Content-Encoding response header. x-example: deflate, gzip;q=1.0, *;q=0.5 Accept-Language: name: Accept-Language in: header description: Advertises which natural languages the client is able to understand, and which locale variant is preferred. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the Content-Language response header. required: false type: string x-example: en-US,en;q=0.7,nb;q=0.3 Host: name: Host in: header type: string required: false description: The domain name of the server (for virtual hosting), and (optionally) the TCP port number on which the server is listening. x-example: http://lbxp02vip.unix.cosng.net:20100/secesb/rest/era-psd2 X-Request-ID: name: X-Request-ID in: header type: string required: true description: Request identifier, unique to the call, as determined by the TPP. x-example: 4eba4445-1a4b-47b8-bdd5-4e56ef026b19 TPP-Session-ID: name: TPP-Session-ID in: header type: string required: true description: TPP session identifier. x-example: b29f79d9-12ea-462b-ad8a-8ad38b8c57b7 TPP-Redirect-URI: name: TPP-Redirect-URI in: header type: string required: true description: URI of the TPP, where the transaction flow shalle be redirected to after a Redirect. x-example: http://httpbin.org/get TPP-Redirect-Preferred: name: TPP-Redirect-Preferred in: header type: string required: false description: Set to *false* to automatically trigger biometric authentication for mobile apps whenever available. Default is *true*. x-example: "false" Digest: name: Digest in: header type: string required: true description: "Base64 encoded sha256 or sha512 hash of the message body, used with the signature.\n>\nThe Digest header is defined by RFC3230 and sha256/sha512 si defined by RFC5843. " x-example: MIFFTzCCAzegAkIBAgMJANnQVDLqktJUMA0GCS....8WLZOabcX3YxNoH4k== TPP-Signature-Certificate: name: TPP-Signature-Certificate in: header type: string required: true description: The certificate used for signing the request in base64 encoding. x-example: MIFFTzCCAzegAkIBAgMJANnQVDLqktJUMA0GCS....8WLZOX3YxNoH4k== Signature: name: Signature in: header type: string required: true description: | HTTP Message Signature as specified by https://tools.ietf.org/html/draft-cavage-http-signatures-10 with requirements imposed by Berlin Group's NextGenPSD2 Framework. - *keyId* must be formatted as `keyId="SN=XXX,CA=YYY"` where `XXX` is the serial number of the signing certificate in hexadecimal encoding and `YYY` is the ful Distinguished Name of the Certificate Authority having certificate - *algorithm* must identify the same algorithm for the signature as presented in the signing certificate and should be `rsa-sha256` - *headers* must contain `date`, `digest`, `x-request-id`, `psu-id`, `psu-corporate-id`, and `tpp-redirect-uri` when available - *signature* must be computed as `Base64(RSA-SHA256(signingString))` If any values in the signature header is ISO-8859-1 or UTF-8 encoded you need to URL encode the signature header according to RFC 2047 which means MIME encoding the signature. Also the signature must be wrapped using this format: =?charset?encoding?encoded signature?= Example of this encoding: `=?utf-8?B?a2V5QTQsQ0E9Mi41LjQuOTc9IzB........jMTM1MDUzNDQ0ZTRmMmQ0NjUz?=` Java example of how to implement encoding: ``` if (charset.equals(StandardCharsets.UTF_8)) { signature = String.format("=?utf-8?B?%s?=", Base64.getEncoder().encodeToString(signature.getBytes(StandardCharsets.UTF_8))); } ``` x-example: keyId="SN=6AEB4444FBAAD267,CA=O=PSDNO-FSA-ABCA,L=Trondheim,C=NO", algorithm="rsa-sha256", headers="date x-request-id tpp-redirect-uri psu-id", signature="***************" PSU-ID: name: PSU-ID in: header type: string format: UUID required: true description: The PSU identifier. x-example: 49ae0cfe-6b72-4310-81f5-ad4eef897fe3 PSU-Corporate-ID: name: PSU-Corporate-ID in: header required: false type: string description: The PSU Corporate agreement identifier. x-example: aog5kNSbDNo2srEPAqsCGaR8LNCAfLVlKPzbwKZQJzI= PSU-IP-Address: name: PSU-IP-Address in: header description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. required: true type: string x-example: 153.110.241.229 PSU-IP-Port: name: PSU-IP-Port in: header description: The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. required: false type: string x-example: 443 PSU-User-Agent: name: PSU-User-Agent in: header description: The forwarded value for the User-Agent header field between the PSU and TPP, if available. required: false type: string x-example: Mozilla/5.0 (Windows NT 10.0; …) Gecko/20100101 Firefox/63.0 PSU-Accept: name: PSU-Accept in: header description: The forwarded value for the Accept header field between the PSU and TPP, if available. required: false type: string x-example: application/json PSU-Accept-Charset: name: PSU-Accept-Charset in: header description: The forwarded value for the Accept-Charset header field between the PSU and TPP, if available. required: false type: string x-example: utf-8 PSU-Accept-Encoding: name: PSU-Accept-Encoding in: header description: The forwarded value for the Accept-Encoding header field between the PSU and TPP, if available. required: false type: string x-example: gzip, deflate, br PSU-Accept-Language: name: PSU-Accept-Language in: header description: The forwarded value for the Accept-Language header field between the PSU and TPP, if available. required: false type: string x-example: en-US,en;q=0.7,nb;q=0.3 PSU-HTTP-Method: name: PSU-HTTP-Method in: header type: string enum: - GET - POST - PUT - PATCH - DELETE required: false description: The forwarded value for the HTTP method used between the PSU and TPP, if available. x-example: GET PSU-Device-ID: name: PSU-Device-ID in: header type: string format: UUID required: false description: The forwarded value of the device ID used by the PSU, if available. x-example: 35-67660-48540-8 PSU-Geo-Location: name: PSU-Geo-Location in: header description: The forwarded value of the Geo Location of the corresponding HTTP request between the PSU and TPP, if available. required: false type: string x-example: GEO:52.506931,13.144558 definitions: Link: type: object required: - href - verbs properties: href: type: string example: https://openbanking.lillesands-sparebank.no/ verbs: type: array items: type: string enum: - GET - PUT - POST - DELETE example: GET Error: type: object properties: id: type: string example: "5884127160" system: type: string example: ERA-PSD2 status: type: number example: 400 code: type: string example: ERROR_CODE message: type: string example: error message appears here Challenge: type: object properties: _links: type: object readOnly: true additionalProperties: $ref: '#/definitions/Link' example: _links: scaRedirect: href: https://openbanking.lillesands-sparebank.no/tap?route_secesb_id=1&flow=psd2&state=ca477daf-d824-4f0b-b405-6c8fc385dc0b&locale=no-NB, no; q=1.0 verbs: - GET Authorization: type: object properties: scaStatus: type: string example: STARTED enum: - RECEIVED - PSU_IDENTIFIED - PSU_AUTHENTICATED - SCA_METHOD_SELECTED - STARTED - FINALISED - FAILED - EXEMPTED _links: type: object additionalProperties: $ref: '#/definitions/Link' example: self: href: https://openbanking.lillesands-sparebank.no/ verbs: - GET PaymentCancellation: type: object properties: transactionStatus: type: string example: RCVD enum: - ACCP - ACSC - ACSP - ACTC - ACWC - ACWP - RCVD - PDNG - RJCT - CANC - PART _links: type: object additionalProperties: $ref: '#/definitions/Link' example: self: href: https://openbanking.lillesands-sparebank.no/ verbs: - GET AccountReference: type: object required: - currency properties: bban: type: string description: Identifier that uniquely identifies an individual account at a specific financial institution in a particular country and which includes a bank identifier of the financial institution servicing that account. minLength: 0 maxLength: 30 example: "95360573002" iban: type: string description: Expanded version of the basic bank account number (BBAN), structured as defined by ISO 13616-1:2007, intended for use internationally, which uniquely identifies an individual account at a specific financial institution, in a particular country. minLength: 0 maxLength: 34 example: NO0995360573002 currency: type: string description: ISO 4217 Alphabetic Currency Code. example: NOK enum: - AED - AFN - ALL - AMD - ANG - AOA - ARS - AUD - AWG - AZN - BAM - BBD - BDT - BGN - BHD - BIF - BMD - BND - BOB - BRL - BSD - BTN - BWP - BYR - BZD - CAD - CDF - CHF - CLP - CNY - COP - CRC - CUC - CUP - CVE - CZK - DJF - DKK - DOP - DZD - EGP - ERN - ETB - EUR - FJD - FKP - GBP - GEL - GGP - GHS - GIP - GMD - GNF - GTQ - GYD - HKD - HNL - HRK - HTG - HUF - IDR - ILS - IMP - INR - IQD - IRR - ISK - JEP - JMD - JOD - JPY - KES - KGS - KHR - KMF - KPW - KRW - KWD - KYD - KZT - LAK - LBP - LKR - LRD - LSL - LYD - MAD - MDL - MGA - MKD - MMK - MNT - MOP - MRO - MUR - MVR - MWK - MXN - MYR - MZN - NAD - NGN - NIO - NOK - NPR - NZD - OMR - PAB - PEN - PGK - PHP - PKR - PLN - PYG - QAR - RON - RSD - RUB - RWF - SAR - SBD - SCR - SDG - SEK - SGD - SHP - SLL - SOS - SPL - SRD - STD - SVC - SYP - SZL - THB - TJS - TMT - TND - TOP - TRY - TTD - TVD - TWD - TZS - UAH - UGX - USD - UYU - UZS - VEF - VND - VUV - WST - XAF - XCD - XDR - XOF - XPF - YER - ZAR - ZMW - ZWD Address: type: object required: - country properties: street: type: string minLength: 0 maxLength: 70 example: Street buildingNumber: type: string example: "56" postalCode: type: string example: "7014" city: type: string example: Trondheim country: type: string description: ISO 3166-1 Alpha-2 Country Code. minLength: 0 maxLength: 2 example: "NO" enum: - AF - AX - AL - DZ - AS - AD - AO - AI - AQ - AG - AR - AM - AW - AU - AT - AZ - BH - BS - BD - BB - BY - BE - BZ - BJ - BM - BT - BO - BQ - BA - BW - BV - BR - IO - BN - BG - BF - BI - KH - CM - CA - CV - KY - CF - TD - CL - CN - CX - CC - CO - KM - CG - CD - CK - CR - CI - HR - CU - CW - CY - CZ - DK - DJ - DM - DO - EC - EG - SV - GQ - ER - EE - ET - FK - FO - FJ - FI - FR - GF - PF - TF - GA - GM - GE - DE - GH - GI - GR - GL - GD - GP - GU - GT - GG - GN - GW - GY - HT - HM - VA - HN - HK - HU - IS - IN - ID - IR - IQ - IE - IM - IL - IT - JM - JP - JE - JO - KZ - KE - KI - KP - KR - KW - KG - LA - LV - LB - LS - LR - LY - LI - LT - LU - MO - MK - MG - MW - MY - MV - ML - MT - MH - MQ - MR - MU - YT - MX - FM - MD - MC - MN - ME - MS - MA - MZ - MM - NA - NR - NP - NL - NC - NZ - NI - NE - NG - NU - NF - MP - "NO" - OM - PK - PW - PS - PA - PG - PY - PE - PH - PN - PL - PT - PR - QA - RE - RO - RU - RW - BL - SH - KN - LC - MF - PM - VC - WS - SM - ST - SA - SN - RS - SC - SL - SG - SX - SK - SI - SB - SO - ZA - GS - SS - ES - LK - SD - SR - SJ - SZ - SE - CH - SY - TW - TJ - TZ - TH - TL - TG - TK - TO - TT - TN - TR - TM - TC - TV - UG - UA - AE - GB - US - UM - UY - UZ - VU - VE - VN - VG - VI - WF - EH - YE - ZM - ZW Amount: type: object required: - amount - currency properties: amount: type: string description: Note that even though the contract sets a precision of 18 and a scale of 5, the provided fraction digits must adhere to the minor units as defined in ISO 4217 for the provided currency code. example: "100.23" currency: type: string description: ISO 4217 alphabetic currency code. example: NOK enum: - AED - AFN - ALL - AMD - ANG - AOA - ARS - AUD - AWG - AZN - BAM - BBD - BDT - BGN - BHD - BIF - BMD - BND - BOB - BRL - BSD - BTN - BWP - BYR - BZD - CAD - CDF - CHF - CLP - CNY - COP - CRC - CUC - CUP - CVE - CZK - DJF - DKK - DOP - DZD - EGP - ERN - ETB - EUR - FJD - FKP - GBP - GEL - GGP - GHS - GIP - GMD - GNF - GTQ - GYD - HKD - HNL - HRK - HTG - HUF - IDR - ILS - IMP - INR - IQD - IRR - ISK - JEP - JMD - JOD - JPY - KES - KGS - KHR - KMF - KPW - KRW - KWD - KYD - KZT - LAK - LBP - LKR - LRD - LSL - LYD - MAD - MDL - MGA - MKD - MMK - MNT - MOP - MRO - MUR - MVR - MWK - MXN - MYR - MZN - NAD - NGN - NIO - NOK - NPR - NZD - OMR - PAB - PEN - PGK - PHP - PKR - PLN - PYG - QAR - RON - RSD - RUB - RWF - SAR - SBD - SCR - SDG - SEK - SGD - SHP - SLL - SOS - SPL - SRD - STD - SVC - SYP - SZL - THB - TJS - TMT - TND - TOP - TRY - TTD - TVD - TWD - TZS - UAH - UGX - USD - UYU - UZS - VEF - VND - VUV - WST - XAF - XCD - XDR - XOF - XPF - YER - ZAR - ZMW - ZWD PeriodicPayment: type: object required: - instructedAmount - creditorName - creditorAccount - debtorAccount - frequency - startDate properties: endToEndIdentification: type: string description: An optional end-to-end identification for diagnostic and audit purposes. minLength: 0 maxLength: 35 example: xxxx instructedAmount: $ref: '#/definitions/Amount' ultimateCreditor: type: string description: The ultimate creditor. minLength: 0 maxLength: 70 example: Company ABC creditorName: type: string description: The creditor's full name. minLength: 0 maxLength: 70 example: Company 123 creditorAgent: type: string description: The creditor's agent, otherwise known as BIC, BICFI or SWIFT. example: AAA100 creditorAccount: $ref: '#/definitions/AccountReference' creditorAddress: $ref: '#/definitions/Address' debtorAccount: $ref: '#/definitions/AccountReference' ultimateDebtor: type: string description: The ultimate debtor. minLength: 0 maxLength: 70 example: Company CBA remittanceInformationUnstructured: type: string description: Unstructured representation of remittance information. minLength: 1 maxLength: 140 example: Kredittrente purposeCode: type: string description: Supported subset of ISO 20022 ExternalPurpose1Code. example: SALA enum: - INVS - SALA - IDCP - CASH - CORT - INTC - PENS - SSBE - SUPP - TAXS - TREA - VATX - LOAN - OTHR startDate: type: string format: date description: startDate example: "2018-06-07" executionRule: type: string description: When to perform the transaction if the dayOfExecution falls on a bank holiday or weekend. pattern: ^(following|preceeding)$ example: preceeding enum: - following - preceeding endDate: type: string format: date description: endDate example: "2020-06-07" frequency: type: string description: ISO 20022 Frequency Code subset. enum: - Daily - Weekly - EveryTwoWeeks - Monthly - EveryTwoMonths - Quarterly - SemiAnnual - Annual example: Monthly dayOfExecution: type: string description: Day of month to execute the transaction. pattern: ^\d{1,2}$ example: "12" _links: type: object readOnly: true additionalProperties: $ref: '#/definitions/Link' example: self: href: https://openbanking.lillesands-sparebank.no/ verbs: - GET description: 'Follows the format to Payment, but includes properties related to recurring the Payment: startDate, endDate, executionRule, frequency, dayOfExecution.' NorwegianDomesticCreditTransferPeriodicPayment: type: object required: - instructedAmount - creditorName - creditorAccount - debtorAccount - frequency - startDate properties: instructedAmount: $ref: '#/definitions/Amount' creditorName: type: string description: The creditor's full name. minLength: 0 maxLength: 70 example: Company 123 creditorAccount: $ref: '#/definitions/AccountReference' creditorAddress: $ref: '#/definitions/Address' debtorAccount: $ref: '#/definitions/AccountReference' ultimateDebtor: type: string description: The ultimate debtor. minLength: 0 maxLength: 70 example: Company CBA remittanceInformationUnstructured: type: string description: Unstructured representation of remittance information. minLength: 1 maxLength: 140 example: Kredittrente purposeCode: type: string description: Supported subset of ISO 20022 ExternalPurpose1Code. example: SALA enum: - INVS - SALA - IDCP - CASH - CORT - INTC - PENS - SSBE - SUPP - TAXS - TREA - VATX - LOAN - OTHR startDate: type: string format: date description: startDate example: "2018-06-07" executionRule: type: string description: When to perform the transaction if the dayOfExecution falls on a bank holiday or weekend. pattern: ^(following|preceeding)$ example: preceeding enum: - following - preceeding endDate: type: string format: date description: endDate example: "2020-06-07" frequency: type: string description: ISO 20022 Frequency Code subset. enum: - Daily - Weekly - EveryTwoWeeks - Monthly - EveryTwoMonths - Quarterly - SemiAnnual - Annual example: Monthly dayOfExecution: type: string description: Day of month to execute the transaction. pattern: ^\d{1,2}$ example: "12" description: 'Follows the format to Payment, but includes properties related to recurring the Payment: startDate, endDate, executionRule, frequency, dayOfExecution.' CreatePaymentResponse: type: object required: - paymentId - transactionStatus properties: paymentId: type: string example: enc!!H6fD9HS7Y7peXJh1HqC34RFgGfF992bjabcRx5n== transactionStatus: type: string example: RCVD enum: - ACCP - ACSC - ACSP - ACTC - ACWC - ACWP - RCVD - PDNG - RJCT - CANC - PART transactionFees: $ref: '#/definitions/Amount' transactionFeeIndicator: type: boolean description: Advertises whether or not there are fees involved with this transaction as shown by the ASPSP in their public price list or as agreed between ASPSP and PSU. example: false tppMessages: type: array description: messages to the TPP on operational issues. items: $ref: '#/definitions/TppMessageInformation' psuMessage: type: string description: Text to be displayed to the PSU minLength: 0 maxLength: 512 example: 'Preliminary calculated countervalue in NOK: 642.63' _links: type: object description: A collection of hyperlinks. additionalProperties: $ref: '#/definitions/Link' example: self: href: https://openbanking.lillesands-sparebank.no/ verbs: - GET PaymentStatus: type: object required: - transactionStatus properties: transactionStatus: type: string example: RCVD enum: - ACCP - ACSC - ACSP - ACTC - ACWC - ACWP - RCVD - PDNG - RJCT - CANC - PART _links: type: object description: A collection of hyperlinks. additionalProperties: $ref: '#/definitions/Link' example: self: href: https://openbanking.lillesands-sparebank.no/ verbs: - GET TppMessageInformation: type: object required: - category - code properties: category: type: string example: ERROR enum: - ERROR - WARNING code: type: string example: SYSTEM_ERROR enum: - SYSTEM_ERROR - BAD_REQUEST - FORBIDDEN - NOT_FOUND - CONFLICT - HTTP_HEADER_REQUIRED - QUERY_PARAMETER_REQUIRED - SCA_NOT_FOUND - SCA_EXPIRED - SCA_INVALID - FORMAT_ERROR - RESOURCE_UNKNOWN - PSU_CREDENTIALS_INVALID - CONSENT_UNKNOWN - CONSENT_INVALID - CONSENT_EXPIRED - ACCESS_EXCEEDED - PRODUCT_UNKNOWN - PRODUCT_INVALID - KID_MISSING - KID_INVALID - PAYMENT_FAILED - EXECUTION_DATE_INVALID path: type: string example: /v1/payments/norwegian-domestic-credit-transfers text: type: string minLength: 0 maxLength: 512 example: Example text x-ibm-configuration: enforced: true testable: true phase: realized x-ibm-endpoints: - endpointUrl: https://openbanking.lillesands-sparebank.no/api-sandbox type: - production - development ...