This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Account and Transaction API for UK
This document explains the Account Information and Transaction API flows along with the payloads. The Account Information Service Provider (AISP) can use the API endpoints described here to do the following.
- Register a resource to retrieve account information by creating an account access consent. This registers data that the customer (PSU) has consented to provide to the AISP such as data permissions, expiration and historical period allowed for transactions/statements
- Subsequently, retrieve account and transaction data
Basic flow
The diagram below provides a general outline of an account information request and flow using the Account Info APIs.
- Request account information  - The PSU consents to allow an AISP(in this case a TPP) to access account information data.Â
Create account request - The AISP connects to the ASPSP that services the PSU's accounts and creates an account-access-consent resource. This informs the ASPSP that one of its PSUs is granting access to account and transaction information to an AISP.  Â
The AISP makes a POST request to ASPSP's /account-access-consents endpoint
The ASPSP responds with an identifier for the resource (the ConsentId). The account-access-consent resource will include the following fields which describe the data that the PSU has consented with the AISP:
Permissions - a list of data clusters that have been consented for access
Expiration Date - an optional expiration for when the AISP will no longer have access to the PSU's data
- Transaction Validity Period - the From/To date range which specifies a historical period for transactions and statements which may be accessed by the AISP
An AISP can be a broker for data to other parties, so it is valid for a PSU to have multiple account-access-consents for the same accounts, with different consent/authorisation parameters agreed
Authorise consent - The AISP requests the PSU to authorise the consent. The ASPSP uses the redirection flow for this.
In a redirection flow, the AISP redirects the PSU to the ASPSP
The redirect includes the ConsentId generated in the previous step
This allows the ASPSP to correlate the account-access-consent that was setup
The ASPSP authenticates the PSU
The ASPSP updates the state of the account-access-consent resource internally to indicate that the account access consent has been authorised
Once the consent has been authorised, the PSU is redirected back to the AISP
Request Data - The AISP makes a GET request the relevant resource. The unique AccountIds that are valid for the account-access-consent will be returned with a call to GET /accounts. This will always be the first call once an AISP has a valid access token.
Sequence Diagram
Endpoints
To access account information and transaction data, you can use the following available API endpoints:
Endpoint Name | Supported Version | Resource | Endpoint URL | Mandatory/Optional |
---|---|---|---|---|
Account Access Consents | v3.0, v3.1, v3.1.1 | account-access-consents | POST /account-access-consents GET /account-access-consents/{ConsentId} DELETEÂ /account-access-consents/{ConsentId} | Mandatory Mandatory Mandatory |
Accounts | v3.0, v3.1, v3.1.1 | accounts | GET /accounts GETÂ /accounts/{AccountId} | Mandatory Mandatory |
Balances | v3.0, v3.1, v3.1.1 | balances | GET /accounts/{AccountId}/balances GET /balances | Mandatory Optional |
Transactions | v3.0, v3.1, v3.1.1 | transactions | GETÂ /accounts/{AccountId}/transactions GET /transactions | Mandatory Optional |
Beneficiaries | v3.0, v3.1, v3.1.1 | beneficiaries | GETÂ /accounts/{AccountId}/beneficiaries GET /beneficiaries | Conditional Optional |
Direct Debits | v3.0, v3.1, v3.1.1 | direct-debits | GET /accounts/{AccountId}/direct-debits GET /direct-debits | Conditional Optional |
Standing Orders | v3.0, v3.1, v3.1.1 | standing-orders | GETÂ /accounts/{AccountId}/standing-orders GETÂ /standing-orders | Conditional Optional |
Products | v3.0, v3.1, v3.1.1 | products | GETÂ /accounts/{AccountId}/product GET /products | Conditional Optional |
Offers | v3.0, v3.1, v3.1.1 | offers | GETÂ /accounts/{AccountId}/offers GET /offers | Conditional Optional |
Party | v3.0, v3.1 | party | GETÂ /accounts/{AccountId}/party GET /party | Conditional Conditional |
Parties | v3.1.1 | parties | GET /accounts/{AccountId}/parties GET /accounts/{AccountId}/party GET /party | Conditional Conditional Conditional |
Scheduled Payments | v3.0, v3.1, v3.1.1 | scheduled-payments | GET /accounts/{AccountId}/scheduled-payments GET /scheduled-payments | Conditional Optional |
Statements | v3.0, v3.1, v3.1.1 | statements | GET /accounts/{AccountId}/statements GET /accounts/{AccountId}/statements/{StatementId} GET /accounts/{AccountId}/statements/{StatementId}/file GET /accounts/{AccountId}/statements/{StatementId}/transactions GET /statements | Conditional Conditional Optional Conditional Optional |