PIS (v1.0)

Download OpenAPI specification:Download

API Support: info-api@abanca.com

Authentication

BearerAuthOAuth

Bearer Token. Is required, if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session.

Security scheme type: HTTP
HTTP Authorization Scheme bearer

Payment Initiation Service (PIS)

The Decription for Payment Initiation Service (PIS) offers the following. services:

  • Initiation and update of a payment request
  • Status information of a payment
  • Cancellation of a payment initiation

Payment initiation request

This method is used to initiate a payment at NovoBanco platform.

Variants of Payment Initiation Requests

This method to initiate a payment initiation can be sent with either a JSON body .

There are the following payment products:

  • Payment products with payment information in JSON format:
    • sepa-credit-transfers
    • target-2-payments
    • cross-boder-credit-transfers

Furthermore the request body depends on the payment-service

  • payments: A single payment initiation request.

    In case of a JSON there are several JSON payment blocks contained in a joining list.

  • periodic-payments: Create a standing order initiation resource for recurrent i.e. periodic payments addressable under {paymentId} with all data relevant for the corresponding payment product and the execution of the standing order contained in a JSON body. For periodic-payments, only sepa-credit-transfers are supported as payment-product.

This is the first step in the API to initiate the related recurring/periodic payment.

SCA Processes

SCA processing, i.e. independent from the number of authorisations needed for the execution of payments. Authorisations resources are created in implicit mode.

Authorizations:
path Parameters
payment-service
required
string
Enum:"payments" "periodic-payments"

Payment service:

Possible values are:

  • payments
  • periodic-payments
payment-product
required
string
Enum:"sepa-credit-transfers" "target-2-payments" "cross-border-credit-transfers"

The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The following payment products are supported:

  • sepa-credit-transfers
  • target-2-payments
  • cross-border-credit-transfers
header Parameters
X-Request-ID
required
string <uuid>
Example: {X-Request-ID}

ID of the request, unique to the call, as determined by the initiating party.

Digest
string
Example: SHA-256%3Dhl1%2FEps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A%3D

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature
required
string
Example: keyId%3D%22SN%3D9FA1%2CCA%3DCN%3DD-TRUST%2520CA%25202-1%25202015%2CO%3DD-Trust%2520GmbH%2CC%3DDE%22%2Calgorithm%3D%22rsa-sha256%22%2C%20headers%3D%22Digest%20X-Request-ID%20PSU-ID%20TPP-Redirect-URI%20Date%22%2C%20signature%3D%22Base64%28RSA-SHA256%28signing%20string%29%29%22%0A

A signature of the request by the TPP on application level.

TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-ID
string
Example: {PSU-ID}

UserName of GoABANCA.

PSU-ID-Type
string
Example: {PSU-ID-Type}

Not supported.

PSU-Corporate-ID
string
Example: {PSU-Corporate-ID}

Only used in a corporate context. 'CIF'.

PSU-Corporate-ID-Type
string
Example: {PSU-Corporate-ID-Type}

Only used in a corporate context. Only 'CIF' value supported

Consent-ID
string (consentId)
Example: {Consent-ID}

This data element may be contained, if the payment initiation transaction is part of a session, i.e. combined AIS/PIS service. This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

PSU-IP-Address
required
string <ipv4>
Example: {PSU-IP-Address}

The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.

TPP-Redirect-Preferred
string
Enum:"true" "false"

If it equals "true", the TPP prefers a redirect over an embedded SCA approach. If it equals "false", the TPP prefers not to be redirected for SCA. SCA approach, depending on the choice of the SCA procedure by the TPP/PSU.

TPP-Redirect-URI
string <uri>

URI of the TPP, where the transaction flow shall be redirected to after a Redirect. Mandated for the Redirect SCA Approach (including OAuth2 SCA approach), specifically when TPP-Redirect-Preferred equals "true". It is recommended to always use this header field.

TPP-Nok-Redirect-URI
string <uri>

If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method.

TPP-Explicit-Authorisation-Preferred
string
Enum:"true" "false"

If it equals "true", the TPP prefers to start the authorisation process separately, This preference will be ignored by the bank.

PSU-IP-Port
string
Example: {PSU-IP-Port}

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string
Enum:"GET" "POST" "PUT" "PATCH" "DELETE"

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID
string <uuid>
Example: {PSU-Device-ID}

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.

PSU-Geo-Location
string(GEO:)[0-9]{1,3}\.[-][0-9]{6}\,[-][0-9]{1,3}\.[0-9]{6}
Example: {PSU-Geo-Location}

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Request Body schema: application/json

JSON request body for a payment inition request message There are the following payment-products supported:

  • "sepa-credit-transfers" with JSON-Body
  • "target-2-payments" with JSON-Body
  • "cross-border-credit-transfers" with JSON-Body

There are the following payment-services supported:

  • "payments"
  • "periodic-payments"
One of
  • paymentInitiationSct_json
  • paymentInitiationTarget2_json
  • paymentInitiationCrossBorder_json
  • periodicPaymentInitiationSct_json
endToEndIdentification
string <= 35 characters
debtorAccount
required
object (accountReference)

Reference to an account by either

  • IBAN, of a payment accounts.
instructedAmount
required
object (amount)
creditorAccount
required
object (accountReference)

Reference to an account by either

  • IBAN, of a payment accounts.
creditorAgent
string (bicfi) [A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}

BICFI

creditorName
required
string (creditorName) <= 70 characters

Creditor Name

creditorAddress
object (address)
remittanceInformationUnstructured
string (remittanceInformationUnstructured) <= 140 characters

Unstructured remittance information

purposeCode
string (purposeCode)
Enum:"BKDF" "BKFE" "BKFM" "BKIP" "BKPP" "CBLK" "CDCB" "CDCD" "CDCS" "CDDP" "CDOC" "CDQC" "ETUP" "FCOL" "MTUP" "ACCT" "CASH" "COLL" "CSDB" "DEPT" "INTC" "LIMA" "NETT" "BFWD" "CCIR" "CCPC" "CCPM" "CCSM" "CRDS" "CRPR" "CRSP" "CRTL" "EQPT" "EQUS" "EXPT" "EXTD" "FIXI" "FWBC" "FWCC" "FWSB" "FWSC" "MARG" "MBSB" "MBSC" "MGCC" "MGSC" "OCCC" "OPBC" "OPCC" "OPSB" "OPSC" "OPTN" "OTCD" "REPO" "RPBC" "RPCC" "RPSB" "RPSC" "RVPO" "SBSC" "SCIE" "SCIR" "SCRP" "SHBC" "SHCC" "SHSL" "SLEB" "SLOA" "SWBC" "SWCC" "SWPT" "SWSB" "SWSC" "TBAS" "TBBC" "TBCC" "TRCP" "AGRT" "AREN" "BEXP" "BOCE" "COMC" "CPYR" "GDDS" "GDSV" "GSCB" "LICF" "MP2B" "POPE" "ROYA" "SCVE" "SERV" "SUBS" "SUPP" "TRAD" "CHAR" "COMT" "MP2P" "ECPG" "ECPR" "ECPU" "EPAY" "CLPR" "COMP" "DBTC" "GOVI" "HLRP" "HLST" "INPC" "INPR" "INSC" "INSU" "INTE" "LBRI" "LIFI" "LOAN" "LOAR" "PENO" "PPTI" "RELG" "RINP" "TRFD" "FORW" "FXNT" "ADMG" "ADVA" "BCDM" "BCFG" "BLDM" "BNET" "CBFF" "CBFR" "CCRD" "CDBL" "CFEE" "CGDD" "CORT" "COST" "CPKC" "DCRD" "DSMT" "DVPM" "EDUC" "FACT" "FAND" "FCPM" "FEES" "GOVT" "ICCP" "IDCP" "IHRP" "INSM" "IVPT" "MCDM" "MCFG" "MSVC" "NOWS" "OCDM" "OCFG" "OFEE" "OTHR" "PADD" "PTSP" "RCKE" "RCPT" "REBT" "REFU" "RENT" "REOD" "RIMB" "RPNT" "RRBN" "RVPM" "SLPI" "SPLT" "STDY" "TBAN" "TBIL" "TCSC" "TELI" "TMPG" "TPRI" "TPRP" "TRNC" "TRVC" "WEBI" "ANNI" "CAFI" "CFDI" "CMDT" "DERI" "DIVD" "FREX" "HEDG" "INVS" "PRME" "SAVG" "SECU" "SEPI" "TREA" "UNIT" "FNET" "FUTR" "ANTS" "CVCF" "DMEQ" "DNTS" "HLTC" "HLTI" "HSPC" "ICRF" "LTCF" "MAFC" "MARF" "MDCS" "VIEW" "CDEP" "SWFP" "SWPP" "SWRS" "SWUF" "ADCS" "AEMP" "ALLW" "ALMY" "BBSC" "BECH" "BENE" "BONU" "CCHD" "COMM" "CSLP" "GFRP" "GVEA" "GVEB" "GVEC" "GVED" "GWLT" "HREC" "PAYR" "PEFC" "PENS" "PRCP" "RHBS" "SALA" "SSBE" "LBIN" "LCOL" "LFEE" "LMEQ" "LMFI" "LMRK" "LREB" "LREV" "LSFL" "ESTX" "FWLV" "GSTX" "HSTX" "INTX" "NITX" "PTXP" "RDTX" "TAXS" "VATX" "WHLD" "TAXR" "B112" "BR12" "TLRF" "TLRR" "AIRB" "BUSB" "FERB" "RLWY" "TRPT" "CBTV" "ELEC" "ENRG" "GASB" "NWCH" "NWCM" "OTLC" "PHON" "UBIL" "WTER"

ExternalPurpose1Code from ISO 20022. Values from ISO 20022 External Code List ExternalCodeSets_1Q2018 June 2018.

Responses

201

CREATED

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

post /v1/{payment-service}/{payment-product}

Production server

https://apiserv.novobanco.es/psd2/v1/{payment-service}/{payment-product}

sandbox

https://api.novobanco.es/psd2/sandbox/pis/v1/{payment-service}/{payment-product}

Request samples

Content type
application/json
Example
Copy
Expand all Collapse all
{
  • "instructedAmount":
    {
    },
  • "debtorAccount":
    {
    },
  • "creditorName": "Comercio",
  • "creditorAccount":
    {
    },
  • "remittanceInformationUnstructured": "Compra en Comercio"
}

Response samples

Content type
application/json
Example

Response in case of an OAuth2 SCA approach

Copy
Expand all Collapse all
{
  • "transactionStatus": "RCVD",
  • "paymentId": "1a96345a-248e-11e9-ab14-d663bd873d93",
  • "_links":
    {
    }
}

Get Payment Information

Returns the content of a payment object

Authorizations:
path Parameters
payment-service
required
string
Enum:"payments" "periodic-payments"

Payment service:

Possible values are:

  • payments
  • periodic-payments
payment-product
required
string
Enum:"sepa-credit-transfers" "target-2-payments" "cross-border-credit-transfers"

The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The following payment products are supported:

  • sepa-credit-transfers
  • target-2-payments
  • cross-border-credit-transfers
paymentId
required
string (paymentId)
Example: 1a96345a-248e-11e9-ab14-d663bd873d93

Resource identification of the generated payment initiation resource.

header Parameters
X-Request-ID
required
string <uuid>
Example: {X-Request-ID}

ID of the request, unique to the call, as determined by the initiating party.

Digest
string
Example: SHA-256%3Dhl1%2FEps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A%3D

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature
string
Example: keyId%3D%22SN%3D9FA1%2CCA%3DCN%3DD-TRUST%2520CA%25202-1%25202015%2CO%3DD-Trust%2520GmbH%2CC%3DDE%22%2Calgorithm%3D%22rsa-sha256%22%2C%20headers%3D%22Digest%20X-Request-ID%20PSU-ID%20TPP-Redirect-URI%20Date%22%2C%20signature%3D%22Base64%28RSA-SHA256%28signing%20string%29%29%22%20%20%20%20%20%20%0A

A signature of the request by the TPP on application level.

TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-IP-Address
string <ipv4>
Example: {PSU-IP-Address}

The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.

PSU-IP-Port
string
Example: {PSU-IP-Port}

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string
Enum:"GET" "POST" "PUT" "PATCH" "DELETE"

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID
string <uuid>
Example: {PSU-Device-ID}

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.

PSU-Geo-Location
string(GEO:)[0-9]{1,3}\.[-][0-9]{6}\,[-][0-9]{1,3}\.[0-9]{6}
Example: {PSU-Geo-Location}

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Responses

200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

get /v1/{payment-service}/{payment-product}/{paymentId}

Production server

https://apiserv.novobanco.es/psd2/v1/{payment-service}/{payment-product}/{paymentId}

sandbox

https://api.novobanco.es/psd2/sandbox/pis/v1/{payment-service}/{payment-product}/{paymentId}

Response samples

Content type
application/json
Example
Copy
Expand all Collapse all
{
  • "instructedAmount":
    {
    },
  • "debtorAccount":
    {
    },
  • "creditorName": "Comercio",
  • "creditorAccount":
    {
    },
  • "remittanceInformationUnstructured": "Compra en Comercio"
}

Payment Cancellation Request

This method initiates the cancellation of a payment. Depending on the payment-service and the payment-product. This TPP call might be sufficient to cancel a payment. If an authorisation of the payment cancellation is needed, a corresponding hyperlink will be contained in the response message. Cancels the addressed payment with resource identification paymentId if applicable to the payment-service, payment-product and received in product related timelines (e.g. before end of business day for scheduled payments of the last business day before the scheduled execution day).

The response to this DELETE command will tell the TPP whether the

  • access method was rejected
  • access method was successful, or
  • access method is generally applicable, but further authorisation processes are needed.
Authorizations:
path Parameters
payment-service
required
string
Enum:"payments" "periodic-payments"

Payment service:

Possible values are:

  • payments
  • periodic-payments
payment-product
required
string
Enum:"sepa-credit-transfers" "cross-border-credit-transfers"

The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The following payment products are supported:

  • sepa-credit-transfers
  • cross-border-credit-transfers
paymentId
required
string (paymentId)
Example: 1a96345a-248e-11e9-ab14-d663bd873d93

Resource identification of the generated payment initiation resource.

header Parameters
X-Request-ID
required
string <uuid>
Example: {X-Request-ID}

ID of the request, unique to the call, as determined by the initiating party.

Digest
string
Example: SHA-256%3Dhl1%2FEps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A%3D

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature
required
string
Example: keyId%3D%22SN%3D9FA1%2CCA%3DCN%3DD-TRUST%2520CA%25202-1%25202015%2CO%3DD-Trust%2520GmbH%2CC%3DDE%22%2Calgorithm%3D%22rsa-sha256%22%2C%20headers%3D%22Digest%20X-Request-ID%20PSU-ID%20TPP-Redirect-URI%20Date%22%2C%20signature%3D%22Base64%28RSA-SHA256%28signing%20string%29%29%22%0A

A signature of the request by the TPP on application level.

TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-IP-Address
string <ipv4>
Example: {PSU-IP-Address}

The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.

PSU-IP-Port
string
Example: {PSU-IP-Port}

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string
Enum:"GET" "POST" "PUT" "PATCH" "DELETE"

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID
string <uuid>
Example: {PSU-Device-ID}

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.

PSU-Geo-Location
string(GEO:)[0-9]{1,3}\.[-][0-9]{6}\,[-][0-9]{1,3}\.[0-9]{6}
Example: {PSU-Geo-Location}

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Responses

202

Received

204

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

delete /v1/{payment-service}/{payment-product}/{paymentId}

Production server

https://apiserv.novobanco.es/psd2/v1/{payment-service}/{payment-product}/{paymentId}

sandbox

https://api.novobanco.es/psd2/sandbox/pis/v1/{payment-service}/{payment-product}/{paymentId}

Response samples

Content type
application/json
Example
Copy
Expand all Collapse all
{
  • "transactionStatus": "ACTC",
  • "_links":
    {}
}

Payment initiation status request

Check the transaction status of a payment initiation.

Authorizations:
path Parameters
payment-service
required
string
Enum:"payments" "periodic-payments"

Payment service:

Possible values are:

  • payments
  • periodic-payments
payment-product
required
string
Enum:"sepa-credit-transfers" "target-2-payments" "cross-border-credit-transfers"

The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The following payment products are supported:

  • sepa-credit-transfers
  • target-2-payments
  • cross-border-credit-transfers
paymentId
required
string (paymentId)
Example: 1a96345a-248e-11e9-ab14-d663bd873d93

Resource identification of the generated payment initiation resource.

header Parameters
X-Request-ID
required
string <uuid>
Example: {X-Request-ID}

ID of the request, unique to the call, as determined by the initiating party.

Digest
string
Example: SHA-256%3Dhl1%2FEps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A%3D

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature
string
Example: keyId%3D%22SN%3D9FA1%2CCA%3DCN%3DD-TRUST%2520CA%25202-1%25202015%2CO%3DD-Trust%2520GmbH%2CC%3DDE%22%2Calgorithm%3D%22rsa-sha256%22%2C%20headers%3D%22Digest%20X-Request-ID%20PSU-ID%20TPP-Redirect-URI%20Date%22%2C%20signature%3D%22Base64%28RSA-SHA256%28signing%20string%29%29%22%20%20%20%20%20%20%0A

A signature of the request by the TPP on application level.

TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-IP-Address
string <ipv4>
Example: {PSU-IP-Address}

The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.

PSU-IP-Port
string
Example: {PSU-IP-Port}

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string
Enum:"GET" "POST" "PUT" "PATCH" "DELETE"

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID
string <uuid>
Example: {PSU-Device-ID}

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.

PSU-Geo-Location
string(GEO:)[0-9]{1,3}\.[-][0-9]{6}\,[-][0-9]{1,3}\.[0-9]{6}
Example: {PSU-Geo-Location}

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Responses

200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

get /v1/{payment-service}/{payment-product}/{paymentId}/status

Production server

https://apiserv.novobanco.es/psd2/v1/{payment-service}/{payment-product}/{paymentId}/status

sandbox

https://api.novobanco.es/psd2/sandbox/pis/v1/{payment-service}/{payment-product}/{paymentId}/status

Response samples

Content type
application/json
Example
Copy
Expand all Collapse all
{
  • "transactionStatus": "ACCP"
}

Get Payment Initiation Authorisation Sub-Resources Request

Read a list of all authorisation subresources IDs which have been created.

This function returns an array of hyperlinks to all generated authorisation sub-resources.

Authorizations:
path Parameters
payment-service
required
string
Enum:"payments" "periodic-payments"

Payment service:

Possible values are:

  • payments
  • periodic-payments
payment-product
required
string
Enum:"sepa-credit-transfers" "target-2-payments" "cross-border-credit-transfers"

The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The following payment products are supported:

  • sepa-credit-transfers
  • target-2-payments
  • cross-border-credit-transfers
paymentId
required
string (paymentId)
Example: 1a96345a-248e-11e9-ab14-d663bd873d93

Resource identification of the generated payment initiation resource.

header Parameters
X-Request-ID
required
string <uuid>
Example: {X-Request-ID}

ID of the request, unique to the call, as determined by the initiating party.

Digest
string
Example: SHA-256%3Dhl1%2FEps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A%3D

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature
string
Example: keyId%3D%22SN%3D9FA1%2CCA%3DCN%3DD-TRUST%2520CA%25202-1%25202015%2CO%3DD-Trust%2520GmbH%2CC%3DDE%22%2Calgorithm%3D%22rsa-sha256%22%2C%20headers%3D%22Digest%20X-Request-ID%20PSU-ID%20TPP-Redirect-URI%20Date%22%2C%20signature%3D%22Base64%28RSA-SHA256%28signing%20string%29%29%22%20%20%20%20%20%20%0A

A signature of the request by the TPP on application level.

TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-IP-Address
string <ipv4>
Example: {PSU-IP-Address}

The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.

PSU-IP-Port
string
Example: {PSU-IP-Port}

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string
Enum:"GET" "POST" "PUT" "PATCH" "DELETE"

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID
string <uuid>
Example: {PSU-Device-ID}

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.

PSU-Geo-Location
string(GEO:)[0-9]{1,3}\.[-][0-9]{6}\,[-][0-9]{1,3}\.[0-9]{6}
Example: {PSU-Geo-Location}

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Responses

200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

get /v1/{payment-service}/{payment-product}/{paymentId}/authorisations

Production server

https://apiserv.novobanco.es/psd2/v1/{payment-service}/{payment-product}/{paymentId}/authorisations

sandbox

https://api.novobanco.es/psd2/sandbox/pis/v1/{payment-service}/{payment-product}/{paymentId}/authorisations

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "authorisationIds":
    [
    ]
}

Read the SCA Status of the payment authorisation

This method returns the SCA status of a payment initiation's authorisation sub-resource.

Authorizations:
path Parameters
payment-service
required
string
Enum:"payments" "periodic-payments"

Payment service:

Possible values are:

  • payments
  • periodic-payments
payment-product
required
string
Enum:"sepa-credit-transfers" "target-2-payments" "cross-border-credit-transfers"

The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT). The following payment products are supported:

  • sepa-credit-transfers
  • target-2-payments
  • cross-border-credit-transfers
paymentId
required
string (paymentId)
Example: 1a96345a-248e-11e9-ab14-d663bd873d93

Resource identification of the generated payment initiation resource.

authorisationId
required
string (authorisationId)
Example: 3696e0c8-248e-11e9-ab14-d663bd873d93

Resource identification of the related SCA.

header Parameters
X-Request-ID
required
string <uuid>
Example: {X-Request-ID}

ID of the request, unique to the call, as determined by the initiating party.

Digest
string
Example: SHA-256%3Dhl1%2FEps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A%3D

Is contained if and only if the "Signature" element is contained in the header of the request.

Signature
string
Example: keyId%3D%22SN%3D9FA1%2CCA%3DCN%3DD-TRUST%2520CA%25202-1%25202015%2CO%3DD-Trust%2520GmbH%2CC%3DDE%22%2Calgorithm%3D%22rsa-sha256%22%2C%20headers%3D%22Digest%20X-Request-ID%20PSU-ID%20TPP-Redirect-URI%20Date%22%2C%20signature%3D%22Base64%28RSA-SHA256%28signing%20string%29%29%22%20%20%20%20%20%20%0A

A signature of the request by the TPP on application level.

TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

PSU-IP-Address
string <ipv4>
Example: {PSU-IP-Address}

The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.

PSU-IP-Port
string
Example: {PSU-IP-Port}

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string
Enum:"GET" "POST" "PUT" "PATCH" "DELETE"

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
PSU-Device-ID
string <uuid>
Example: {PSU-Device-ID}

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID need to be unaltered until removal from device.

PSU-Geo-Location
string(GEO:)[0-9]{1,3}\.[-][0-9]{6}\,[-][0-9]{1,3}\.[0-9]{6}
Example: {PSU-Geo-Location}

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Responses

200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

get /v1/{payment-service}/{payment-product}/{paymentId}/authorisations/{authorisationId}

Production server

https://apiserv.novobanco.es/psd2/v1/{payment-service}/{payment-product}/{paymentId}/authorisations/{authorisationId}

sandbox

https://api.novobanco.es/psd2/sandbox/pis/v1/{payment-service}/{payment-product}/{paymentId}/authorisations/{authorisationId}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "scaStatus": "psuAuthenticated"
}