This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Confirmation of Funds API for UK
Confirmation of Funds API is newly introduced in WSO2 Open Banking v3.0. The Confirmation of Funds API allows users to create a funds confirmation consent request, and manage the funds confirmation consents by checking and revoking the status. The Card Based Payment Instrument Issuer (CBPII) must request to create the resource to create a funds confirmation consent request.
Endpoints for the API allows the Card Based Payment Instrument Issuer (CBPII) to:
- Request fund confirmation by creating a funds confirmation consent resource with an Account Servicing Payment Service Provider (ASPSP). There must be an agreement between the Customer (PSU) and ASPSP. It consists of an expiration date for the funds consent granted by the PSU to the CBPII.
- Confirm the funds that are available from time to time. Funds can only be confirmed against the currency of the account.
The sections below describe the following:
Basic flow
The diagram below shows the request flow of the Confirmation of Funds API. It is assumed that the CBPII has issued a PSU a card and that the PSU would like to use the card adhering to PSD2.
- Initiate funds confirmation - PSU commits to give explicit consent to the ASPSP to respond to the CBPII for the confirmation of funds request.
- Create funds confirmation consent - The CBPII requests to create a
funds-confirmation-consent
resource by connecting to the ASPSP that supports the PSU's funds. TheConsentId
(Consent identifier) is generated by the ASPSP to respond to the resource. - Agree funds confirmation consent - The CBPII requests the PSU to provide consent. The ASPSP carries out the agreement of consent in a decoupled or a redirect flow.
- Currently, WSO2 Open Banking supports the redirect flow. Thereby, the CBPII redirects the PSU to the ASPSP. In the redirect flow:
- The ASPSP can co-relate the
funds confirmation consent
resource created by the CBPII using theConsentID
generated in step 2. - The ASPSP authenticates the PSU.
- The PSU grants explicit consent to the ASPSP to respond to the confirmation of funds request.
- The ASPSP updates the
funds-confirmation-consent
resource internally to authorise the resource. - Once the consent is authorised, the PSU is redirected back to the CBPII.
- The ASPSP can co-relate the
- In a decoupled flow, the PSU must authorise the consent from an authentication device. This request is made by the ASPSP to the PSU.
- The decoupled flow is initiated by the CBPII calling a back-channel authorisation request.
- The request has a hint that indicates that the PSU is paired with a to-be-authorised consent.
- The ASPSP authenticates the PSU.
- The PSU grants explicit consent to the ASPSP to respond to the confirmation of funds request.
- The ASPSP updates the
funds-confirmation-consent
resource internally to authorize the resource. - Once the consent is authorised, the ASPSP can make a callback to the PISP to provide an access token.
- Currently, WSO2 Open Banking supports the redirect flow. Thereby, the CBPII redirects the PSU to the ASPSP. In the redirect flow:
- Initiate card payment - A card payment is directly or indirectly initiated by the PSU.
- Confirm funds - The CBPII requests to create a
funds-confirmation
resource by connecting to the ASPSP where the PSU's account is supported.- This indicates to the ASPSP that the PSU would confirm that the payments are available for the specific payment account.
- The ASPSP responds with a boolean (YES/NO) to the
funds-confirmation-consent
resource. - The step is carried out in a POST request to the
funds-confirmation
endpoint with an authorisation code grant. - The payload will include these fields, which describe the data that the PSU has consented with the CBPII:
Amount
- the amount to be confirmed available.ConsentId
- an ID that relates the request to afunds-confirmation-consent
, and specific account with the ASPSP. This ID must match the intent identifier.
- Get Funds Confirmation Consent Status - The CBPII checks the status of
funds-confirmation-consent
resourceconsentId
. This step is carried out by a GET request to thefunds-confirmation-consents
endpoint with the client credentials grant.
Sequence diagram
Endpoints
To access confirmation on consents and funds data, you can use the following available API endpoints:
Endpoint Name | Supported Version | Resource | Endpoint URL | Mandatory/Optional |
---|---|---|---|---|
Funds Confirmation Consent | v3.0, v3.1, v3.1.1 | funds-confirmation-consent | POST /funds-confirmation-consents GET /funds-confirmation-consents/{ConsentId} DELETE /funds-confirmation-consents/{ConsentId} | Mandatory Mandatory Mandatory |
Funds Confirmation | v3.0, v3.1, v3.1.1 | funds-confirmation | POST /funds-confirmations | Mandatory |