Page Comparison

This document explains the flow of events related to the Payment Information Service (PIS) that a Payment Initiation Service Provider (PISP) tries. For the Berlin specific solution, the PIS is exposed as an API resource in NextGenPSD2XS2AFramework - 1.3.3 of WSO2 Open Banking. In the Payment Information Service;

...

Table of Content Zone

maxLevel	3
location	top

Multiexcerpt include

SpaceWithExcerpt	OB140
MultiExcerptName	CommonStep
PageWithExcerpt	Accounts Information Service Provider Flow v1.3

Step 9 - Initiate a payment

In this step, the TPP creates a request to get the consent of the PSU before a transaction is executed.

Expand

title	Click here to see how it is done...

POST /{payment-service}/{payment-product} - Initiate payment request

The TPP initiates a payment request to the ASPSP. The request body can be sent as a JSON body or pain.001 XML. The type of the request body is determined by the payment-service type and payment-product type.

Expand

title	Click here to see how it is done...

Below mentioned are the available values for payment-service and payment-product types:
Payment service type:
1. 1. Single payment
  2. Bulk payment
  3. Periodic payment
Payment product type:
1. 1. sepa-credit-transfers
  2. instant-sepa-credit-transfers
  3. target-2-payments
  4. cross-border-credit-transfers

According to the payment-service and payment-product chose, the request body changes as follows:

Localtabgroup

Localtab

title	Single payment

Code Block

{ 
"instructedAmount": 
	{ 
	"currency": "EUR", 
	"amount": "123.50" 
	}, 
	"debtorAccount": 
		{ 
		"iban": "DE40100100103307118608" 
		}, 
"creditorName": "Merchant123", 
"creditorAccount": 
	{ 
	"iban": "DE02100100109307118603" 
	}, 
"remittanceInformationUnstructured": "Ref Number Merchant" 
}

Localtab

title	Bulk Payment

Code Block

{
    "batchBookingPreferred": true,
    "debtorAccount": {"iban": "DE40100100103307118608"},
    "requestedExecutionDate": "2020-08-01",
    "payments":
    [
        {
          "instructedAmount": {
            "currency": "EUR",
            "amount": "123.50"
          },
          "debtorAccount": {
            "iban": "DE40100100103307118608"
          },
          "creditorName": "Merchant123",
          "creditorAccount": {
            "iban": "DE02100100109307118603"
          },
          "remittanceInformationUnstructured": "Ref Number Merchant"
        },
        {
         
          "instructedAmount": {
            "currency": "EUR",
            "amount": "250.50"
          },
          "debtorAccount": {
            "iban": "DE40100100103307764533"
          },
          "creditorName": "Merchant124",
          "creditorAccount": {
            "iban": "DE02100100109307118603"
          },
          "remittanceInformationUnstructured": "Ref Number Merchant"
        }
    ]
}

Localtab

title	Periodic payment

Code Block

{    "instructedAmount": {
        "currency": "EUR",
        "amount": "123"
        },
         
    "debtorAccount": {
        "iban": "DE40100100103307118608"
        },
    "creditorName": "Merchant123",
    "creditorAccount": {
        "iban": "DE23100120020123456789"
        },
    "remittanceInformationUnstructured": "Ref Number Abonnement",
    "startDate": "2020-03-01",
    "executionRule": "latest",
    "frequency": "monthly",
    "dayOfExecution": "01"
}

Use the following sample cURL command to execute the request:

Code Block

curl -k -X POST "https://<WSO2_OB_APIM_HOST>:8243/XS2A/1.3.3/payments/instant-sepa-credit-transfers" -H "accept: application/json" -H "X-Request-ID: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721" -H "Digest: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=" -H "Signature: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" " -H "PSU-ID: PSU-1234" -H "PSU-IP-Address: 192.168.8.78" -H "PSU-IP-Port: 1234" -H "PSU-Device-ID: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555" -H "PSU-Geo-Location: GEO:52.506931;13.144558" -H "Content-Type: application/json" -H "Authorization: Bearer 2990b23b-6973-33d2-a550-42c62d2a5bdf" -H "TPP-Explicit-Authorisation-Preferred: false" -d "{\"instructedAmount\":{\"currency\":\"EUR\",\"amount\":\"123.50\"},\"debtorAccount\":{\"iban\":\"DE40100100103307118608\"},\"creditorName\":\"Merchant123\",\"creditorAccount\":{\"iban\":\"DE02100100109307118603\"},\"remittanceInformationUnstructured\":\"Ref Number Merchant\"}"

Anchor

	authorisationFlow
	authorisationFlow

Info

The header parameter, TPP-Explicit-Authorisation-Preferred returns a boolean value.

false	If `"TPP-Explicit-Authorisation-Preferred: false"`, the authorisation flow is implicit. When the authorisation is implicit, The TPP generates the authorisation URL to authorise a particular payment. The TPP uses the well-known URL in the response of the payment initiation.
true	If `"TPP-Explicit-Authorisation-Preferred: true"` , the authorisation flow is explicit. When the authorisation is explicit, the TPP generates the authorisation URL to authorise a particular payment. The TPP uses the well-known URL upon initiating an authorisation for payment when invoking `POST /{payment-service}/{payment-product}/{paymentId}/authorisations` API resource.

For more information on authorisation, see Authorise the payment.

Anchor

	SampleResponseofPaymentInitiation
	SampleResponseofPaymentInitiation

The TPP implicitly generates the authorisation URL using the well-known URL under scaOAuth link in the response. See Step 10 - Authorise the payment for more information on the authorisation URL.

Sample response for the payment-initiation request differs according to the chosen payment-service as follows:

Localtabgroup

Localtab

title	Single payment

Code Block

{
"transactionStatus":"RCVD",
"paymentId":"8bb4e51b-9f3f-4d78-b834-a616d7ecc6d3",
"transactionFees":
	{
	"amount":"0"
	},
"scaMethods":
[
	{
	"authenticationType":"SMS_OTP",
	"authenticationMethodId":"sms-otp",
	"name":"sms-otp","explanation":"SMS based one time password"
	}
],
"chosenScaMethod":	
	{
	"authenticationType":"SMS_OTP",
	"authenticationMethodId":"sms-otp",
	"name":"sms-otp","explanation":"SMS based one time password"
	},
"challengeData":{},
"tppMessages":[],
"_links":
	{
	"scaStatus":
	{
	"href":"/payments/sepa-credit-transfers/8bb4e51b-9f3f-4d78-b834-a616d7ecc6d3/authorisations/b76501e3-663e-482d-b97e-4edc224a36d7"
	},
"scaOAuth":
	{
	"href":"https://<WSO2_OB_APIM_HOST>:8243/.well-known/openid-configuration"
	},
"self":
	{
	"href":"https://<WSO2_OB_APIM_HOST>:8243/xs2a/1.3.3/payments/sepa-credit-transfers/8bb4e51b-9f3f-4d78-b834-a616d7ecc6d3"
	},
"status":
	{
	"href":"/payments/sepa-credit-transfers/8bb4e51b-9f3f-4d78-b834-a616d7ecc6d3/status"
	}
}
}

Localtab

title	Bulk payment

Code Block

{
"transactionStatus":"RCVD",
"paymentId":"ffe3586e-1bfa-41da-b24b-8c70c95c8c30",
"transactionFees":
	{
	"amount":"0"
	},
"scaMethods":[
	{
	"authenticationType":"SMS_OTP",
	"authenticationMethodId":"sms-otp",
	"name":"sms-otp",
	"explanation":"SMS based one time password"
	}],
"chosenScaMethod":
	{
	"authenticationType":"SMS_OTP",
	"authenticationMethodId":"sms-otp",
	"name":"sms-otp","explanation":"SMS based one time password"
	},
"challengeData":{},
"tppMessages":[],
"_links":
	{
	"scaStatus":
		{
		"href":"/bulk-payments/sepa-credit-transfers/ffe3586e-1bfa-41da-b24b-8c70c95c8c30/authorisations/fcf1d697-0f50-4259-8b47-c5be90c35017"
		},
	"scaOAuth":
		{
		"href":"https://<WSO2_OB_APIM_HOST>:8243/.well-known/openid-configuration"
		},
	"self":
		{
		"href":"https://<WSO2_OB_APIM_HOST>:8243/xs2a/1.3.3/bulk-payments/sepa-credit-transfers/ffe3586e-1bfa-41da-b24b-8c70c95c8c30"
		},
	"status":
		{
		"href":"/bulk-payments/sepa-credit-transfers/ffe3586e-1bfa-41da-b24b-8c70c95c8c30/status"
		}
	}
}

Localtab

title	Periodic payment

Code Block

{
"transactionStatus":"RCVD",
"paymentId":"afe5c5c5-d6ee-46dd-998a-b7b2ac6ad47d",
"transactionFees":
	{
	"amount":"0"
	},
"scaMethods":[
	{
	"authenticationType":"SMS_OTP",
	"authenticationMethodId":"sms-otp",
	"name":"sms-otp",
	"explanation":"SMS based one time password"
	}],
"chosenScaMethod":
	{
	"authenticationType":"SMS_OTP",
	"authenticationMethodId":"sms-otp",
	"name":"sms-otp",
	"explanation":"SMS based one time password"
	},
"challengeData":{},
"tppMessages":[],
"_links":
	{
	"scaStatus":
		{
		"href":"/periodic-payments/sepa-credit-transfers/afe5c5c5-d6ee-46dd-998a-b7b2ac6ad47d/authorisations/b2a438fb-a9af-4808-9655-4eb378e538bf"
		},
	"scaOAuth":
		{
		"href":"https://<WSO2_OB_APIM_HOST>:8243/.well-known/openid-configuration"
		},
	"self":
		{
		"href":"https://<WSO2_OB_APIM_HOST>:8243/xs2a/1.3.3/periodic-payments/sepa-credit-transfers/afe5c5c5-d6ee-46dd-998a-b7b2ac6ad47d"
		},
	"status":
		{
		"href":"/periodic-payments/sepa-credit-transfers/afe5c5c5-d6ee-46dd-998a-b7b2ac6ad47d/status"
		}
	}
}

Tip

Users can call the following API resources once the PSU initiates the payment.

Expand

title	Click here to find the consent related API calls that can be invoked after the paymen-initiation...

GET /{payment-service}/{payment-product}/{paymentId} - Get payment information

The TPP invokes this API resource to get the content of a payment object. A sample request and response are given below:

Localtabgroup

Localtab

title	Sample Request

Code Block

title	Sample Request Body

{


}

Use the following cURL command to invoke the API resource:

Code Block

curl -k -X GET "https://<WSO2_OB_APIM_HOST>:8243/XS2A/1.3.3/payments/sepa-credit-transfers/1234-wertiq-983" -H "accept: application/json" -H "X-Request-ID: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721" -H "Digest: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=" -H "Signature: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" " -H "PSU-IP-Address: 192.168.8.78" -H "PSU-IP-Port: 1234" -H "PSU-Device-ID: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555" -H "PSU-Geo-Location: GEO:52.506931;13.144558" -H "Authorization: Bearer accf4063-980c-3f1e-be67-8fbac5d34167"

Localtab

title	Sample Response

Code Block

{
"transactionStatus":"RCVD",
"paymentId":"54bb01bc-6e52-4a37-ac09-04c6a9652d3a",
"transactionFees":
	{
	"amount":"0"
	},
"scaMethods":[{}],
"chosenScaMethod":{},
"challengeData":{},
"tppMessages":[],
"_links":
	{
	"self":{"href":"https://<WSO2_OB_APIM_HOST>:8243/xs2a/1.3.3/payments/sepa-credit-transfers/54bb01bc-6e52-4a37-ac09-04c6a9652d3a"
	},
"status":
	{
	"href":"/payments/sepa-credit-transfers/54bb01bc-6e52-4a37-ac09-04c6a9652d3a/status"
	}
}
}

GET /{payment-service}/{payment-product}/{paymentId}/status - Payment Initiation status request

The TPP checks the status of a particular payment-initiation request using the sample request given below:

Localtabgroup

Localtab

title	Sample Request

Code Block

curl -k -X GET "https://<WSO2_OB_APIM_HOST>:8243/XS2A/1.3.3/payments/sepa-credit-transfers/1234-wertiq-983/status" -H "accept: application/json" -H "X-Request-ID: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721" -H "Digest: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=" -H "Signature: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" " -H "PSU-IP-Address: 192.168.8.78" -H "PSU-IP-Port: 1234" -H "PSU-Device-ID: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555" -H "PSU-Geo-Location: GEO:52.506931;13.144558" -H "Authorization: Bearer accf4063-980c-3f1e-be67-8fbac5d34167"

Localtab

title	Sample Response

Code Block
{ "transactionStatus": "ACCP", "fundsAvailable": true }

Step 10 - Authorise the payment

WSO2 Open Banking v1.4.0 for Berlin Implementation supports both implicit and explicit authorization flows for transaction authorization. In both cases, TPP generates the authorization URL using the well-known configuration that is received from the ASPSP as scaOAuth link in the response.

Implicit authorisation

In this approach, ASPSP creates authorization sub resources for a particular transaction after the payment consent is received and replies with the well-known configuration of the Key Manager (WSO2_OB_KM) in the links section of the response, generated for the payment-initiation request. Then the TPP generates the authorization URL using the well-known URL. The PSU goes through the authorisation flow with that authorisation URL.

Explicit authorisation

In this approach, the TPP initiates the authorization flow by invoking POST /{payment-service}/{payment-product}/{paymentId}/authorisations API resource. At this point, the ASPSP creates authorization sub resources for the transaction and reply back with the well-known configuration of the Key Manager ( WSO2_OB_KM ) in the links section of the response. Then the TPP has to generate the authorization URL using which later the PSU uses to go through the authorization flow.

Expand

title	Click here to see how it is done...

The TPP invokes POST /{payment-service}/{payment-product}/{paymentId}/authorisations API resource to authorise a particular payment.
The TPP generates the authorisation URL using the well-known URL under scaOAuth link in the response.

POST /{payment-service}/{payment-product}/{paymentId}/authorisations - Initiate an authorisation for a payment

The TPP can authorise the particular payment using the sample request given below. In this case, the TPP is creating an authorisation subresource, that the PSU can use to authorise.

Localtabgroup

Localtab

title	Sample Request

Code Block

title	Sample Request Body

{
<!-- This is an empty request body -->
}

Use the following cURL command to generate an authorization request:

Code Block

curl -k -X POST "https://<WSO2_OB_APIM_HOST>:8243/XS2A/1.3.3/payments/sepa-credit-transfers/1234-wertiq-983/authorisations" -H "accept: application/json" -H "X-Request-ID: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721" -H "PSU-ID: PSU-1234" -H "Digest: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=" -H "Signature: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" " -H "PSU-IP-Address: 192.168.8.78" -H "PSU-IP-Port: 1234" -H "PSU-Device-ID: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555" -H "PSU-Geo-Location: GEO:52.506931;13.144558" -H "Content-Type: application/json" -H "Authorization: Bearer accf4063-980c-3f1e-be67-8fbac5d34167"

Localtab

title	Sample Response

Code Block
{ "scaStatus":"received", "authorisationId":"c12e0250-838d-4d30-b802-57bbfe3dff2b", "_links": { "scaOAuth": { "href":"https://<WSO2_OB_APIM_HOST>:8243/.well-known/openid-configuration" } } }

Tip

Users can call the following API resources once the PSU authorises the payment.

Expand

title	Click here to find the consent related API calls that can be invoked after the paymen-initiation...

GET /{payment-service}/{payment-product}/{paymentId}/authorisations - Get payment authorisation subresource's request

The TPP can invoke this API resource to get all the authorisation sub-resources that have been created. Sample request and response looks as follows:

Localtabgroup

Localtab

title	Sample Request

Code Block

curl -k -X GET "https://<WSO2_OB_APIM_HOST>:8243/XS2A/1.3.3/payments/sepa-credit-transfers/1234-wertiq-983/authorisations" -H "accept: application/json" -H "X-Request-ID: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721" -H "Digest: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=" -H "Signature: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" " -H "PSU-IP-Address: 192.168.8.78" -H "PSU-IP-Port: 1234" -H "PSU-Device-ID: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555" -H "PSU-Geo-Location: GEO:52.506931;13.144558" -H "Authorization: Bearer accf4063-980c-3f1e-be67-8fbac5d34167"

Localtab

title	Sample Response

 Code Block
{
  "authorisationIds": [
    "123auth456"
  ]
}

GET /{payment-service}/{payment-product}/{paymentId}/authorisations/{authorisationId} - Read the SCA status of the authorisation request

TPP can check the SCA status of a particular subresource that was created when authorising a payment. Sample request and response look as follows:

Localtabgroup

Localtab

title	Sample Request

Code Block

curl -k -X GET "https://<WSO2_OB_APIM_HOST>:8243/XS2A/1.3.3/payments/sepa-credit-transfers/1234-wertiq-983/authorisations/123auth456" -H "accept: application/json" -H "X-Request-ID: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721" -H "Digest: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=" -H "Signature: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" " -H "PSU-IP-Address: 192.168.8.78" -H "PSU-IP-Port: 1234" -H "PSU-Device-ID: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555" -H "PSU-Geo-Location: GEO:52.506931;13.144558" -H "Authorization: Bearer accf4063-980c-3f1e-be67-8fbac5d34167"

Localtab

title	Sample Response

Code Block
{ "scaStatus": "psuAuthenticated" }

Authorisation URL

The TPP uses the well-known URL regardless of the authorisation followed (Implicit/Explicit) to authorise payments as below:

Expand

title	Click here to see how it is done...

Anchor

	authorisationURL
	authorisationURL

The open banking solution sends the authorisation URL that was generated under scaOAuth link of the response. The response the TPP uses differs according to the authorisation as follows:

Implicit authorisation	The response the TPP gets when initiating a payment.
Explicit authorisation	The response the TPP gets when invoking `POST /{payment-service}/{payment-product}/{paymentId}/authorisations` API resource.

A sample well-known URL under scaOAuth parameter looks as below:

Code Block
{ "scaOAuth": { "href":"https://<WSO2_OB_APIM_HOST>:8243/.well-known/openid-configuration" } }

Paste the authorisation URL in the browser. The format for the authorisation URL looks as follows:

Code Block

title	Sample URL Format

https://<WSO2_OB_APIM_HOST>:8243/authorize/?scope=YOUR_SCOPES&response_type=code&redirect_uri=REDIRECT_URI&state=DYNAMICALLY_SET_VALUE&code_challenge_method=YOUR_CODE_CHALLENGE_METHOD&client_id=ORGANIZATION_ID&code_challenge=YOUR_CODE_CHALLENGE

Use the following table to find the descriptions for the parameters:

Parameter	Description
`scope`	This is the reference to the consent resource for account access. It is in the form of `pis:<consentId>`
`response_type`	`code` is recommended.
`redirect_uri`	The TPP's URI that the OAuth2 server redirects the PSU's user agent after the authorisation.
`state`	Prevents XSRF attacks by TPP setting a dynamic value.
`code_challenge_method`	Code verifier transformation method. It is recommended in the Berlin specification to use `S256.`
`client_id`	As provided in the eIDAS certificate, the organization_Identifier must contain the following information in it: - "PSD" as 3 character legal person identity type reference - 2 character ISO 3166 country code representing the NCA country - hyphen-minus "-" and - 2-8 character NCA identifier (A-Z uppercase only, no separator - hyphen-minus "-" - PSP identifier (authorization number as specified by NCA)
`code_challenge`	This is used to avoid code injection attacks using the PKCE challenge in the cryptographic RFC 7636. Go to https://tools.ietf.org/html/rfc7636 for more information on the cryptographic RFC 7636.

The authorisation URL points to a web interface as follows:

Upon the user approving or denying the payment consent, the user can invoke consent/authorization API resource of the authentication endpoint. By invoking this API resource, the user retrieves the consent approval/denial, that is displayed on the consent web-app.

Cancel a payment

The cancellation of payment can happen in the following ways:

TPP directly cancels a payment.
TPP sends a payment cancellation request and based on the ASPSP requirements the PSU then authorizes the cancellation.

To define the cancellation method, configure the AuthorizeCancellation property in the <WSO2_OB_KM_HOME>/repository/conf/finance/open-banking.xml.

If the value is set to true, to cancel the payment, PSU authorization is required.
If set to false, the TPP is able to cancel the payment directly.
Code Block
language xml
<Berlin> <AuthorizeCancellation>false</AuthorizeCancellation> </Berlin>

The TPP initiates the cancellation of the payment request as follows:

Expand

title	Click here to see how it is done...

DELETE /{payment-service}/{payment-product}/{paymentId} - Payment cancellation

The sample request and response looks as follows for the payment cancellation:

Localtabgroup

Localtab

title	Sample Request

Code Block

curl -k -X DELETE "https://<WSO2_OB_APIM_HOST>:8243/XS2A/1.3.3/payments/sepa-credit-transfers/1234-wertiq-983" -H "accept: application/json" -H "X-Request-ID: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721" -H "Digest: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=" -H "Signature: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" " -H "PSU-IP-Address: 192.168.8.78" -H "PSU-IP-Port: 1234" -H "PSU-Device-ID: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555" -H "PSU-Geo-Location: GEO:52.506931;13.144558" -H "Authorization: Bearer accf4063-980c-3f1e-be67-8fbac5d34167"

Localtab

title	Sample Response

Code Block
If the user executes the above-mentioned request, it generates no response.

Authorise a cancellation of payment

The TPP can authorise a cancellation for an already cancelled payment.

Expand

title	Click here to see how it is done...

POST /{payment-service}/{payment-product}/{paymentId}/cancellation-authorisations - Start the authorisation process for the cancellation of the addressed payment

Creates an authorisation subresource and start the authorisation process of the cancellation of the addressed payment. Sample request and response are as follows:

Localtabgroup

Localtab

title	Sample Request

Code Block

curl -k -X POST "https://<WSO2_OB_APIM_HOST>:8243/XS2A/1.3.3/payments/sepa-credit-transfers/123auth456/cancellation-authorisations" -H "accept: application/json" -H "X-Request-ID: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721" -H "Digest: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=" -H "Signature: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" " -H "PSU-ID: PSU-1234" -H "PSU-IP-Address: 192.168.8.78" -H "PSU-IP-Port: 1234" -H "PSU-Device-ID: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555" -H "PSU-Geo-Location: GEO:52.506931;13.144558" -H "Authorization: Bearer accf4063-980c-3f1e-be67-8fbac5d34167"

Localtab

title	Sample Request

Code Block

{
  "scaStatus": "psuAuthenticated",
  "authorisationId": "123auth456",
  "scaMethods": [
    {
      "authenticationType": "SMS_OTP",
      "authenticationVersion": "string",
      "authenticationMethodId": "myAuthenticationID",
      "name": "SMS OTP on phone +49160 xxxxx 28",
      "explanation": "Detailed information about the SCA method for the PSU."
    }
  ],
  "chosenScaMethod": {
    "authenticationType": "SMS_OTP",
    "authenticationVersion": "string",
    "authenticationMethodId": "myAuthenticationID",
    "name": "SMS OTP on phone +49160 xxxxx 28",
    "explanation": "Detailed information about the SCA method for the PSU."
  },
  "challengeData": {
    "image": "string",
    "data": [
      "string"
    ],
    "imageLink": "string",
    "otpMaxLength": 0,
    "otpFormat": "characters",
    "additionalInformation": "string"
  },
  "_links": {
    "scaRedirect": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    },
    "scaOAuth": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    },
    "updatePsuIdentification": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    },
    "startAuthorisationWithPsuAuthentication": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    },
    "startAuthorisationWithEncryptedPsuAuthentication": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    },
    "selectAuthenticationMethod": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    },
    "authoriseTransaction": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    },
    "scaStatus": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    },
    "additionalProp1": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    },
    "additionalProp2": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    },
    "additionalProp3": {
      "href": "/payments/sepa-credit-transfers/1234-wertiq-983"
    }
  },
  "psuMessage": "string"
}

Tip

If the PSU authorisation is required, the TPP calls the following API resources once the PSU authorises the cancellation of a payment.

Expand

title	Click here to see how it is done...

GET /{payment-service}/{payment-product}/{paymentId}/cancellation-authorisations - Retrieves a list of authorised cancellation subresources

The TPP invokes this API resource to retrieve a list authorised cancellation subresources.

Localtabgroup

Localtab

title	Sample Request

Code Block

curl -k -X GET "https://<WSO2_OB_APIM_HOST>:8243/XS2A/1.3.3/payments/sepa-credit-transfers/1234-wertiq-983/cancellation-authorisations" -H "accept: application/json" -H "X-Request-ID: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721" -H "Digest: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=" -H "Signature: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" " -H "PSU-IP-Address: 192.168.8.78" -H "PSU-IP-Port: 1234" -H "PSU-Device-ID: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555" -H "PSU-Geo-Location: GEO:52.506931;13.144558" -H "Authorization: Bearer accf4063-980c-3f1e-be67-8fbac5d34167"

Localtab

title	Sample Response

Code Block
{ "cancellationIds": ["123auth456"] }

GET /{payment-service}/{payment-product}/{paymentId}/cancellation-authorisations/{cancellationId} - Reads the SCA status of the payment cancellation's authorisation resource

The TPP invokes this API resource to check the SCA status of a payment cancellation's authorisation subresource.

Localtabgroup

Localtab

title	Sample Request

Code Block

curl -k -X GET "https://<WSO2_OB_APIM_HOST>:8243/XS2A/1.3.3/payments/sepa-credit-transfers/1234-wertiq-983/cancellation-authorisations/123auth456" -H "accept: application/json" -H "X-Request-ID: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721" -H "Digest: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=" -H "Signature: keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))" " -H "PSU-IP-Address: 192.168.8.78" -H "PSU-IP-Port: 1234" -H "PSU-Device-ID: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555" -H "PSU-Geo-Location: GEO:52.506931;13.144558" -H "Authorization: Bearer accf4063-980c-3f1e-be67-8fbac5d34167"

Localtab

title	Sample Response

Code Block
{ "scaStatus": "psuAuthenticated" }

Versions Compared

Old Version 62

New Version 63

Key

Step 9 - Initiate a payment

POST /{payment-service}/{payment-product} - Initiate payment request

GET /{payment-service}/{payment-product}/{paymentId} - Get payment information

GET /{payment-service}/{payment-product}/{paymentId}/status - Payment Initiation status request

Step 10 - Authorise the payment

Implicit authorisation

Explicit authorisation

POST /{payment-service}/{payment-product}/{paymentId}/authorisations - Initiate an authorisation for a payment

GET /{payment-service}/{payment-product}/{paymentId}/authorisations - Get payment authorisation subresource's request

GET /{payment-service}/{payment-product}/{paymentId}/authorisations/{authorisationId} - Read the SCA status of the authorisation request

Authorisation URL

Cancel a payment

DELETE /{payment-service}/{payment-product}/{paymentId} - Payment cancellation

Authorise a cancellation of payment

POST /{payment-service}/{payment-product}/{paymentId}/cancellation-authorisations - Start the authorisation process for the cancellation of the addressed payment

GET /{payment-service}/{payment-product}/{paymentId}/cancellation-authorisations - Retrieves a list of authorised cancellation subresources

GET /{payment-service}/{payment-product}/{paymentId}/cancellation-authorisations/{cancellationId} - Reads the SCA status of the payment cancellation's authorisation resource