Consents
Authorisation statuses
The current stage of the authorisation lifecycle is represented in
scaStatus
field. The status of the authorisation can be one of the following:
| Name | Description |
|---|---|
| accepted | An authorisation or cancellation-authorisation resource has been created successfully on Salt Edge PSD2 Compliance's side and was sent to ASPSP. |
| received | An authorisation or cancellation-authorisation resource has been created successfully on ASPSP's side. |
| psuIdentified | The PSU related to the authorisation or cancellation-authorisation resource has been identified. |
| psuAuthenticated | The PSU related to the authorisation or cancellation-authorisation resource has been identified and authenticated e.g. by a password or by an access token. |
| scaMethodSelected | The PSU/TPP has selected the related SCA routine. If the SCA method is chosen implicitly since only one SCA method is available, then this is the first status to be reported instead of "received". |
| started | The addressed SCA routine has been started. |
| unconfirmed | SCA is technically successfully finalised by the PSU, but the authorisation resource needs a confirmation command by the TPP yet. |
| finalised | The SCA routine has been finalised successfully (including a potential confirmation command). This is a final status of the authorisation resource. |
| failed | The SCA routine failed. This is a final status of the authorisation resource. |
| exempted | SCA was exempted for the related transaction, the related authorisation is successful. This is a final status of the authorisation resource. |
×
![]()
Consent statuses
The current stage of a consent lifecycle is represented in
consentStatus
field. The status of a consent can be one of the following:
| Name | Description |
|---|---|
| accepted | The consent data has been received on Salt Edge PSD2 Compliance's side. The data is not received on ASPSP's side yet. |
| received | The consent data has been received on ASPSP's side and are technically correct. The data is not authorised yet. |
| valid | The consent is accepted and valid for GET account data calls and others as specified in the consent object. |
| partiallyAuthorised | The consent is due to a multi-level authorisation, some but not all mandated authorisations have been performed yet. |
| rejected | The consent data has been rejected e.g. since no successful authorisation has taken place. |
| revokedByPsu | The consent has been revoked by the PSU towards the ASPSP. |
| expired | The consent has expired. |
| terminatedByTpp | The corresponding TPP has terminated the consent by applying the DELETE method to the consent resource. |
×
![]()
Authorisation
This method returns the SCA status of a consent initiation's authorisation subresource.
CURL
curl -i \
-H "Content-Type: application/json" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 414" \
-H "Psu-Corporate-ID: 4142" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/consents/:consent_id/authorisations/:authorisation_id"Example of response
Request
GET
/:provider_code/api/berlingroup/v1/consents/:consent_id/authorisations/:authorisation_id
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Request parameters
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| ConsentUnknown | 401 | The Consent-ID cannot be matched by the ASPSP relative to the TPP. |
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
| ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
×
![]()
Status
Read the status of an account information consent resource.
CURL
curl -i \
-H "Content-Type: application/json" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 531" \
-H "Psu-Corporate-ID: 511" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/consents/:consent_id/status"Example of response
Request
GET
/:provider_code/api/berlingroup/v1/consents/:consent_id/status
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Request parameters
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| ConsentUnknown | 401 | The Consent-ID cannot be matched by the ASPSP relative to the TPP. |
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
| ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
×
![]()
Show
Returns the content of an account information consent object. This returns the data for the TPP especially in cases, where the consent was directly managed between ASPSP and PSU e.g. in a redirect SCA Approach.
CURL
curl -i \
-H "Content-Type: application/json" \
-H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 421" \
-H "Psu-Corporate-ID: 653" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/consents/:consent_id"Example of response
Request
GET
/:provider_code/api/berlingroup/v1/consents/:consent_id
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Request parameters
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| ConsentUnknown | 401 | The Consent-ID cannot be matched by the ASPSP relative to the TPP. |
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
| ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
×
![]()
Create
This method creates a consent resource, defining access rights to dedicated accounts of a given PSU-ID. These accounts are addressed explicitly in the method as parameters as a core function.
CURL
curl -i \
-H "TPP-Redirect-URI: https://www.link.to/tpp/redirect/uri" \
-H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 535" \
-H "Psu-Corporate-ID: 4111" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-H "Content-Type: application/json" \
-H "TPP-Redirect-Preferred: false" \
-d '{
"recurringIndicator": true,
"frequencyPerDay": 2,
"validUntil": "2019-12-27",
"access": {
"allPsd2": "allAccounts"
}
}' \
-X POST "/:provider_code/api/berlingroup/v1/consents"Example of parameters
Example of response
Request
POST
/:provider_code/api/berlingroup/v1/consents
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
TPP-Redirect-Preferred
|
boolean, required | If it equals "true", the TPP prefers a redirect over an embedded SCA approach. If it equals "false", the TPP prefers not to be redirected for SCA. The ASPSP will then choose between the Embedded or the Decoupled SCA approach, depending on the choice of the SCA procedure by the TPP/PSU. If the parameter is not used, the ASPSP will choose the SCA approach to be applied depending on the SCA method chosen by the TPP/PSU. Can raise: BadRequest |
TPP-Redirect-URI
|
string, optional | URI of the TPP, where the transaction flow shall be redirected to after a Redirect. Mandated for the Redirect SCA Approach, specifically when TPP-Redirect-Preferred equals "true". It is strongly recommended to add a unique identifier for validation purposes on TPP side. |
Request parameters
Response
Upon successful request, 201 status code will be returned.
Related Errors
| Class | Code | Description |
|---|---|---|
| RequestFormatInvalid | 400 | Request format is wrong. Details are stored in error_message
|
| BadRequest | 400 | Given value is invalid. |
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
×
![]()
Destroy
This method deletes a consent.
CURL
curl -i \
-H "Content-Type: application/json" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 531" \
-H "Psu-Corporate-ID: 511" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-d '{}' \
-X DELETE "/:provider_code/api/berlingroup/v1/consents/:consent_id"Example of response
Request
DELETE
/:provider_code/api/berlingroup/v1/consents/:consent_id
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Request parameters
Response
Upon successful request, 204 status code will be returned.
Related Errors
| Class | Code | Description |
|---|---|---|
| ConsentUnknown | 401 | The Consent-ID cannot be matched by the ASPSP relative to the TPP. |
| ConsentExpired | 401 | The consent was created by this TPP but has expired and needs to be renewed. |
| ConsentInvalid | 401 | The consent was created by this TPP but is not valid for the addressed service/resource. |
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
| AccessDenied | 403 | Action you want to perform is not allowed. More in error_message
|
×
![]()
Accounts
Account statuses
The current stage of a account lifecycle is represented in
status
field. The status of a account can be one of the following:
| Name | Description |
|---|---|
| enabled | Account is available. |
| deleted | Account is terminated. |
| blocked | Account is blocked e.g. for legal reasons. |
×
![]()
Transactions
Read transaction reports or transaction lists of a given account addressed by account_id, depending on the steering parameter bookingStatus together with balances.
CURL
curl -i \
-H "Consent-Id: 42" \
-H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 53" \
-H "Psu-Corporate-ID: 432" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-H "Content-Type: application/json" \
-d '{
"dateFrom": "2018-09-11",
"dateTo": "2019-09-11",
"bookingStatus": "both"
}' \
-X GET "/:provider_code/api/berlingroup/v1/accounts/:account_id/transactions"Example of parameters
{"dateFrom":"2018-09-11","dateTo":"2019-09-11","bookingStatus":"both"}
Example of response
Request
GET
/:provider_code/api/berlingroup/v1/accounts/:account_id/transactions
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Consent-Id
|
string, required | ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied |
Request parameters
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| FormatError | 400 | Invalid input. More info in error_message
|
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
| ConsentUnknown | 401 | The Consent-ID cannot be matched by the ASPSP relative to the TPP. |
| ConsentExpired | 401 | The consent was created by this TPP but has expired and needs to be renewed. |
| ConsentInvalid | 401 | The consent was created by this TPP but is not valid for the addressed service/resource. |
| AccessDenied | 403 | Action you want to perform is not allowed. More in error_message
|
| ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
×
![]()
Show
Reads details about an account, with balances where required. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. The addressed details of this account depends on the stored consent addressed by consentId.
CURL
curl -i \
-H "Consent-Id: 34" \
-H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 41" \
-H "Psu-Corporate-ID: 412" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-H "Content-Type: application/json" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/accounts/:account_id"Example of response
Request
GET
/:provider_code/api/berlingroup/v1/accounts/:account_id
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Consent-Id
|
string, required | ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied |
Request parameters
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
| ConsentUnknown | 401 | The Consent-ID cannot be matched by the ASPSP relative to the TPP. |
| ConsentExpired | 401 | The consent was created by this TPP but has expired and needs to be renewed. |
| ConsentInvalid | 401 | The consent was created by this TPP but is not valid for the addressed service/resource. |
| AccessDenied | 403 | Action you want to perform is not allowed. More in error_message
|
| ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
×
![]()
Index
Read the identifiers of the available payment account together with booking balance information, depending on the consent granted.
It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. The addressed list of accounts depends on the PSU ID and the stored consent addressed by consentId.
Returns all identifiers of the accounts, to which an account access has been granted to through the /consents endpoint by the PSU. In addition, relevant information about the accounts and hyperlinks to corresponding account information resources are provided if a related consent has been already granted.
Remark: Note that the /consents endpoint optionally offers to grant an access on all available payment accounts of a PSU. In this case, this endpoint will deliver the information about all available payment accounts of the PSU at this ASPSP.
CURL
curl -i \
-H "Consent-Id: 32" \
-H "X-Request-ID: cc5a8022-5e71-460e-82fa-ab0be1997a54" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 541" \
-H "Psu-Corporate-ID: 4124" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-H "Content-Type: application/json" \
-d '{
"withBalance": true
}' \
-X GET "/:provider_code/api/berlingroup/v1/accounts"Example of parameters
{"withBalance":true}
Example of response
Request
GET
/:provider_code/api/berlingroup/v1/accounts
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Consent-Id
|
string, required | ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied |
Request parameters
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
| ConsentUnknown | 401 | The Consent-ID cannot be matched by the ASPSP relative to the TPP. |
| ConsentExpired | 401 | The consent was created by this TPP but has expired and needs to be renewed. |
| ConsentInvalid | 401 | The consent was created by this TPP but is not valid for the addressed service/resource. |
| AccessDenied | 403 | Action you want to perform is not allowed. More in error_message
|
×
![]()
Balances
Reads account data from a given account addressed by account_id.
CURL
curl -i \
-H "Consent-Id: 42" \
-H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 53" \
-H "Psu-Corporate-ID: 432" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-H "Content-Type: application/json" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/accounts/:account_id/balances"Example of response
Request
GET
/:provider_code/api/berlingroup/v1/accounts/:account_id/balances
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Consent-Id
|
string, required | ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied |
Request parameters
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
| ConsentUnknown | 401 | The Consent-ID cannot be matched by the ASPSP relative to the TPP. |
| ConsentExpired | 401 | The consent was created by this TPP but has expired and needs to be renewed. |
| ConsentInvalid | 401 | The consent was created by this TPP but is not valid for the addressed service/resource. |
| AccessDenied | 403 | Action you want to perform is not allowed. More in error_message
|
| ResourceUnknown | 404 | The addressed resource is unknown relative to the TPP. |
×
![]()
Refresh Data
Refresh statuses
The current stage of an Account Refresh process lifecycle is represented in
status
field. The status of an Account Refresh process can be one of the following:
| Name | Description |
|---|---|
| notInitiated | The Account Refresh process is not initiated yet. |
| processing | The Account Refresh process is in progress. |
| fetching | The Account data fetching is in progress. |
| fetchingFinished | The Account Refresh process is successfully finished. |
| fetchingFailed | The Account Refresh process failed. |
| partiallyFailed | The Account Refresh process is finished, but not all data was sent from the ASPSP to Salt Edge PSD2 Compliance. |
×
![]()
Refresh
This endpoint is responsible for starting the process of refreshing account information data on Salt Edge PSD2 Compliance Solution side. Due to asynchronous nature of this action, TPP has to poll the status of this process using Accounts RefreshStatus endpoint.
CURL
curl -i \
-H "Consent-Id: 34" \
-H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 41" \
-H "Psu-Corporate-ID: 412" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-H "Content-Type: application/json" \
-d '{
"initiatedByCustomer": false
}' \
-X POST "/:provider_code/api/berlingroup/v1/accounts/refresh"Example of parameters
{"initiatedByCustomer":false}
Example of response
{"status":"partiallyFailed","_links":{"refreshStatus":{"href":"/demobank/api/berlingroup/v1/accounts/refresh/status"}}}
Request
POST
/:provider_code/api/berlingroup/v1/accounts/refresh
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Consent-Id
|
string, required | ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied |
Request parameters
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
| ConsentUnknown | 401 | The Consent-ID cannot be matched by the ASPSP relative to the TPP. |
| ConsentExpired | 401 | The consent was created by this TPP but has expired and needs to be renewed. |
| ConsentInvalid | 401 | The consent was created by this TPP but is not valid for the addressed service/resource. |
| AccessDenied | 403 | Action you want to perform is not allowed. More in error_message
|
| ActionNotAllowed | 406 | You're not allowed to perform this action. This might be a rate limit, configuration problem or parameters incompatibility. |
| AccessExceeded | 429 | Exceeded the number of requests for this action. |
| AccessExceeded | 429 | Exceeded the number of requests for this action. |
×
![]()
Refresh Status
This endpoint is responsible for returning the current status of fetching account information process.
CURL
curl -i \
-H "Consent-Id: 34" \
-H "X-Request-ID: 9b45fa6c-ff61-4e73-aec8-5e805388ce7f" \
-H "Digest: SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" \
-H "Date: Wed, 18 Dec 2019 11:25:59 GMT" \
-H "Psu-ID: 41" \
-H "Psu-Corporate-ID: 412" \
-H "TPP-Signature-Certificate: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVBakNDQXVvQ0FRQXdEUVlKS29aSWh2Y05BUUVMQlFBd1d6RVhNQlVHQTFVRVlRd09WSEJ3VTJGc2RGUmwKYzNRd01EQXhJREFlQmdOVkJBTU1GMk5sY25SVFNVZE9VMEZNVkZSRlUxUWdWMlZpSUVOQk1SRXdEd1lEVlFRSwpEQWhUWVd4MFZHVnpkREVMTUFrR0ExVUVCaE1DVWs4d0hoY05NVGt4TWpFNE1URXlOVFU1V2hjTk1qRXhNakUzCk1URXlOVFU1V2pDQmpURVdNQlFHQTFVRUF3d05jMkZzZEMxMFpYTjBMbU52YlRFUk1BOEdBMVVFQ2d3SVUyRnMKZEZSbGMzUXhDekFKQmdOVkJBWVRBbEpQTVJJd0VBWURWUVFJREFsQ2RXTjFjbVZ6ZEdreEVqQVFCZ05WQkFjTQpDVUoxWTNWeVpYTjBhVEVXTUJRR0ExVUVDUXdOUVd4aVlTQkpkV3hwWVNBM05URVRNQkVHQTFVRVlRd0thV1JsCmJuUnBabWxsY2pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2dXNEo5K0hGY0wKUVVwTEk0c1pCSm5RaGdRYUpYRGxwVDI4NWxlOGVEcTdUalpnYXpLcU05RkJydzRBRURxUmxYR3Znd2luSkY2Mgowd3VJcSs3cGpPWFBQdytZOVhRQnBTa2p1cmJ5aEpPZjhiNlVqTFBMQnVBd09rRk52N0prbHdLeXFmazRHRzROCmdrOGRVYTFjS05MY1gzNzdwdno0Q0hZalBraGlLY0xqQVJ4TFRJYkdtejlZQVQvQWszbDdCRkRkV2owQnJrR2oKV2RGelJWV3FjdHA0NjVvWEZXZTZ3QmlybEplK1JEZ2hnQWRUQWlQR1J3WHV4dmRiSW5SOHZ2b0RJNTJHRXVzaApGWUNZd28zdWFVSVR5Z3hOZEJyWjVOaVpLaCtybjVVNW4zM0pETm9OV2hCVUUwMUwvaFYzUHlleHBKVHltaURQCjZTUFJKM0ZMR3RrQ0F3RUFBYU9Cb2pDQm56QU1CZ05WSFJNRUJUQURBUUgvTUE0R0ExVWREd0VCL3dRRUF3SUIKQmpBZEJnTlZIUTRFRmdRVUtwUGZ5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dId1lEVlIwakJCZ3dGb0FVS3BQZgp5MTlSQUJQS3J2YnNNUnRXM3lHSU1mb3dQd1lJS3dZQkJRVUhBUU1FTXd3eGRHVnpkRkJUVUY5QlNTNHVMbUZsCk9EVTBNalE1TFdaaVpEQXROREV4WmkxaU0ySXdMV0poWkRFNE5Ea3hNelptWmpBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUFacHEvdmF5T3ZSS3dKd1dPQnpTMzhoUHA4TjVnRTlqd2J6dkxCTUhvZERXZk11ZTA5SzFweUI3KwpQdU1rZjNOT0tVSERMWDhob0xiZ0dWVlY0S1lqRndGa203cWY0OTZNTWE0VnZBRWNPeUJkM0pGVWcyeGIxVlN4Cjk0OWVCaVdGcGtaSVNZZUNxNXJ4UWFNeHJJVm9OZjhaSjVOT2V3aU1DM0ZYM3duVGw2VG9yUW1lQUU5MnhuMEQKdnZ6ZUJ4YlFqdTdjQlh3SDFPaGdUamx0YTM1WE1ESjhXbGo4TWZRR0YvZThIZFIrS014WWU5SWNROHN1UjdBVQpGRGkyaUJsMlVQc3dCa0FqMHJRVlY2U2psNWdVSm95K0FJaGZBYXE2cUxSQnJ1NGJTbE44TnVpY2RTRkZ3eHZ1ClEwOVl1U3U3djQ2a1R3ZUxpNnZJZGQxaUxUc05Ndz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" \
-H "Signature: Signature keyId="SN=0,DN=/organizationIdentifier=TppSaltTest000/CN=certSIGNSALTTEST Web CA/O=SaltTest/C=RO",algorithm="rsa-sha256",headers="digest date x-request-id",signature="Fys106OY/uMk1Tnh4MEvHsUKdJIOX9fw+am3NrqrxFOLIl1BGlcu1+UJhDBHlc3/rkRn0++5AAbkXzqUL8kqm1RVILoRzSg+tr75PUTM5RlIgCli8QtHZrpZtfzb7tEoHqa8zo1SmiopI/bQchQrjdhWu9xIC0TUuMfiD8f6TdH2QpbkXi25uXTQl8wB4qt2dAb4k76lkDM4x29JVmoZkWq28R/kVkPWGJrU7mS2viUUhgofdNzL2vaSd2g7FPrr/E03U/KYU0k047ucCbv1Z4ozdaSJljuyzj0Iq4O04Ztj6oaV8yhnr3LY8aKj1JO9tRy1gpSidxCAqDz90iE9LQ=="" \
-H "Content-Type: application/json" \
-d '{}' \
-X GET "/:provider_code/api/berlingroup/v1/accounts/refresh/status"Example of response
Request
GET
/:provider_code/api/berlingroup/v1/accounts/refresh/status
Headers
| Header | Type | Description |
|---|---|---|
X-Request-ID
|
string, required | ID of the request, unique to the call, as determined by the initiating party. |
Digest
|
string, required | Contains a Hash of the message body, if the message does not contain a body, the "Digest" header must contain the hash of an empty string - "". Can raise: CertificateMissing, CertificateInvalid, SignatureInvalid, SignatureMissing |
Date
|
datetime, required | Endpoint request execution date. |
Psu-ID
|
string, optional | Client ID of the PSU in the ASPSP client interface. |
Psu-Corporate-ID
|
string, optional | Only used in a corporate context. If provided, specific corporate accounts will be returned. |
PSU-Device-ID
|
string, optional | UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device. |
PSU-User-Agent
|
string, optional | The forwarded Agent header field of the HTTP request between PSU and TPP, if available. |
PSU-Geo-Location
|
string, optional | The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available. |
Psu-IP-Address
|
string, optional | The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. If not available, the TPP shall use the IP Address used by the TPP when submitting this request. |
TPP-Signature-Certificate
|
string, required | The certificate used for signing the request, in base64 encoding that should comply with RFC 4648 (No line feeds). Can raise: CertificateMissing, CertificateInvalid |
Signature
|
string, required | A signature of the request by the TPP on application level. This might be mandated by ASPSP. Can raise: CertificateMissing, CertificateInvalid, SignatureMissing, SignatureInvalid |
Content-Type
|
string, required | The media type of the body of the request. Allowed values: application/json |
Consent-Id
|
string, required | ID of the corresponding consent object as returned by an Account Information Consent Request. Can raise: ConsentUnknown, ConsentExpired, ConsentInvalid, AccessDenied |
Request parameters
Response
Upon successful request, 200 status code will be returned. See ‘Related Errors’ table for other possibilities.
Related Errors
| Class | Code | Description |
|---|---|---|
| CertificateMissing | 401 | This request cannot be performed without Certificate header. |
| CertificateInvalid | 401 | Given certificate is invalid. |
| SignatureInvalid | 401 | Given signature is invalid. |
| SignatureMissing | 401 | This request cannot be performed without Signature header. |
| ConsentUnknown | 401 | The Consent-ID cannot be matched by the ASPSP relative to the TPP. |
| ConsentExpired | 401 | The consent was created by this TPP but has expired and needs to be renewed. |
| ConsentInvalid | 401 | The consent was created by this TPP but is not valid for the addressed service/resource. |
| AccessDenied | 403 | Action you want to perform is not allowed. More in error_message
|
×
![]()
Codes
Icelandic Purpose
Icelandic Purpose codes describe purpose of the transaction using Icelandic text keys.
| Code | Description Icelandic | Description English |
|---|---|---|
| 03 | Millifært | Transferred |
| 04 | Laun | Wages |
| 07 | Innheimt | Collected |
| 17 | Skuldabréf | Bonds |
| 18 | Stofnlán | Stofnlán |
| 21 | Kostnaður | Cost |
| 26 | Þóknun | Commission |
| 37 | Reikningur | Account |
| 44 | Leiðrétting | Correction |
| 50 | Lögfræðingur | Lawyer |
| 66 | Lífeyrissjóður | Pension fund |
| 68 | Borgun hf. | Borgun hf. |
| 72 | Skuldabréfalán | Debenture (Skuldabréfalán) |
| 79 | Skuldabréf | Bonds |
| 82 | Orlof | Vacation pay |
| 87 | VISA | VISA |
| 93 | Þjónustugjald | Service charge |
| A6 | Húsbréf | Housing bonds (IBH) |
| AG | Bifreiðatryggingar | Auto insurance |
| AH | Bifreiðagjöld | Vehicle tax |
| AI | Barnagæsla | Child care |
| AJ | Skólagjöld | Tuition fees |
| AL | Meðlag | Child support |
| AZ | Námskeið | Courses |
| BP | Útgjaldareikningur | Expense account |
| DJ | Staðgreiðsluskattur | Withholding tax on wages |
| DN | Tryggingargjald | Soc. insurance fee |
| DS | Lækniskostnaður | Medical expenses |
| EF | Húsfélag | Residents' association |
| G7 | Árgjald | Annual fee |
| G8 | Áskrift | Subscription |
| HI | Innborgun eiganda | Deposit from owner |
| K1 | Ýmislegt | Miscellaneous |
| K2 | Félagslíf | Social activities |
| K3 | Heilsurækt | Gym and fitness |
| KD | Leiga | Rent |
| KE | Sími | Phone |
| KF | Opinber gjöld | Public levies |
| KH | Félagsgjöld | Club membership fees |
| KN | Virðisaukaskattur | VAT |
| KP | Blöð og tímarit | Newspapers and periodicals |
| KY | Framkvæmdasjóður | Development Fund (Framkvæmdasjóður) |
| L2 | Sparnaður | Savings |
| LG | Góðgerðarmál | Charities |
| M4 | Æfingagjöld | Training fee |
| MB | Styrkir | Grants |
| R0 | Rafmagn og hiti | Electricity and heat |
| R1 | Fasteignagjöld | Property taxes |
| R2 | Tryggingar | Insurance |
| R4 | Viðhald | Maintenance |
| R9 | Annar rekstrar kostn. | Other operating costs |
| RH | Hiti | Heating |
| RK | Brunatrygging | Fire insurance |
| RL | Húseigendatrygging | Homeowners' insurance |
| RR | Rafmagn | Electricity |
| RU | Matarkostnaður | Food cost |
| TH | Tómstundastarf | Organised leisure activities |
| TK | Kaskótrygging | CDW |
| U7 | Greiðsluþjónusta | Payment %service |
×
![]()
Central Bank Purpose
Regulatory payments codes that categorize foreign payments
| Code | Description Icelandic | Description English |
|---|---|---|
| 091 | Skip og flugvélar | Vessels and aircraft |
| 092 | Viðgerðir og endurbætur skipa og flugvéla | Repair and refurbishment of vessels and aircraft |
| 094 | Gegnumflutningur á vörum | Goods in transit |
| 099 | Önnur vöruviðskipti | Other goods transactions |
| 101 | Ferðagjaldeyrir | FX for travellers |
| 103 | Ferðaþjónusta | Travel industry |
| 111 | Námskostnaður | Study expenses |
| 112 | Sjúkrakostnaður | Medical expenses |
| 123 | Erlend greiðslukort | Foreign credit cards |
| 201 | Flugrekstur | Airline operations |
| 202 | Flugþjónusta og leiguflug | Air services and charter flights |
| 211 | Skiparekstur | Vessel operations |
| 214 | Skipaþjónusta og leiguskip | Ocean transport and leased vessels |
| 251 | Erlend líftrygging | Foreign life insurance |
| 252 | Aðrar erlendar tryggingar (Tryggingar) | Other foreign insurance (Insurance) |
| 265 | Innlend tryggingarfélög | Domestic insurance companies |
| 301 | Fjarskiptaþjónusta | Telecommunication services |
| 302 | Póst og hraðsendingarþjónusta | Postal and courier services |
| 305 | Tölvu- og upplýsingaþjónusta | Computer and IT services |
| 311 | Utanríkisþjónusta | Foreign service |
| 312 | Erlend sendiráð | Foreign embassies |
| 321 | Íslenskir verktakar | Icelandic contractors |
| 322 | Erlendir verktakar | Foreign contractors |
| 331 | Sérleyfisgjöld og þóknanir | Concession and license fees and commissions |
| 341 | Fjármálaþjónusta (Bankinn) | Financial services (the bank) |
| 350 | Ýmis viðskiptaþjónusta (Þjónusta) | Miscellaneous business services (Services) |
| 360 | Menningar- og skemmtiefni | Culture and entertainment |
| 401 | Skattar, skaðabætur og sektir | Taxes, damages and fines |
| 407 | Gjafir, styrkir, arfur, happdrætti (Gjafir og styrkir) | Gifts, grants, inheritances, lotteries |
| 412 | Framlög opinberra aðila | Contributions from public bodies |
| 421 | Vinnulaun án búferlaflutninga | Salary excluding moving expenses |
| 422 | Framlög einstaklinga | Contributions from individuals |
| 430 | Eignayfirfærslur vegna búferlaflutninga (Framfærsla) | Transfer of assets due to change of residence (cost of living) |
| 501 | Fasteignir erlendis (kaup eða fasteignalán) | Real estate overseas (purchase or housing mortgage) |
| 502 | Fasteignir á Íslandi | Real estate in Iceland (additional payment or prepayment) |
| 505 | Tekjur af fasteignum | Income from real estate |
| 511 | Fjárfesting í atvinnurekstri erlendis | Business investment abroad |
| 512 | Fjárfesting í atvinnurekstri á Íslandi | Business investment in IcelandBusiness investment in Iceland |
| 521 | Erlend hlutabréf | Foreign equities |
| 522 | Innlend hlutabréf | Domestic equities |
| 525 | Arðgreiðslur (Arðgreiðslur til erlendra aðila) | Dividends (Dividends paid to non-residents) |
| 551 | Markaðsbréf í útlöndum | Market securities abroad |
| 552 | Markaðsbréf á Íslandi | Market securities in Iceland |
| 553 | Afleiður | Derivatives |
| 555 | Ávöxtun markaðsbréfa (vextir) | Return on market securities (dividend and interest) |
| 580 | Erlendir bankareikningar | Foreign bank accounts |
| 601 | Gjaldfrestur á innflutningi | Postponement of import duties |
| 620 | Lánveiting til erlendra aðila | Loans to non-residents |
| 626 | Skuldaskipti - SWAP Millifært | Debt swaps - SWAP |
| 635 | Vaxtagreiðslur (Vextir og verðbætur af ISK reikning) | Interest payments (Interest and indexation) |
| 641 | Kaup- eða eignaleiga | Asset leasing or purchasing |
| 699 | Fjármagnshreyfingar milli innlendra aðila | Capital movements between domestic parties |
| 701 | Fjárfesting erlendis | Investment abroad |
| 702 | Erlend fjárfesting á Íslandi | Foreign investment in Iceland |
| 711 | Erlend verðbréf | Foreign securities |
| 712 | Innlend verðbréf | Domestic securities |
| 721 | Stutt erlend lán | Short-term foreign loans |
| 722 | Löng erlend lán | Long-term foreign loans |
| 729 | Kaup- eða eignaleiga | Asset leasing or purchasing |
| 730 | Lánveiting til erlendra banka | Loans to foreign banks |
| 731 | Lánveiting til annarra erlendra aðila | Loans to other non-residents |
| 740 | Skuldaskipti - ISK | Debt swaps - ISK |
| 741 | Skuldaskipti - ERL | Debt swaps - FX |
| 770 | Arðgreiðslur | Dividends |
| 771 | Ávöxtun verðbréfa | Return on securities |
| 775 | Vaxtagreiðslur | Interest payments |
| 780 | Annar fjármagnskostnaður | Other financial expense |
| 801 | Innlend greiðslukortafyrirtæki | Domestic credit card companies |
| 810 | Hraðsendingarþjónusta á gjaldeyrisviðskiptum | Urgent delivery of FX transactions |
| 812 | Erlendar lánastofnanir á Íslandi | Foreign credit institutions in Iceland |
| 821 | Millifærslur innlendra banka | Transfers of domestic banks |
| 822 | Millibankalán | Interbank loans |
| 823 | Millibankaviðskipti | Interbank transactions |
| 891 | IG-reikningar innlendra aðila | Foreign currency accounts of domestic parties in Iceland |
| 893 | Gjaldeyrisreikningar erlendra aðila | Foreign currency accounts of non-resident |
| 895 | ISK-innstæður erlendra aðila | ISK deposits of non-residents |
| 899 | Millifærslur milli erlendra banka | Transfers between foreign banks |
×
![]()