Documentation - 89C3 API

/stet/psd2/v1.4.2/funds-confirmations

POST - fundsConfirmationsPost_v1.4.2

Abstract

Payment coverage check request (CBPII)

Description

The CBPII can ask an ASPSP to check if a given amount can be covered by the liquidity that is available on a PSU cash account or payment card. - The TPP has been registered by the Registration Authority for the CBPII role - The TPP and the PSU have a contract that has been registered by the ASPSP - At this step, the ASPSP has delivered an "Authorization Code", a "Resource Owner Password" or a "Client Credential" OAUTH2 access token to the TPP (cf. § 3.4.2). - Each ASPSP has to implement either the "Authorization Code"/"Resource Owner Password" or the "Client Credential" OAUTH2 access token model. - Doing this, it will edit the [security] section on this path in order to specify which model it has chosen - The TPP and the ASPSP have successfully processed a mutual check and authentication - The TPP has presented its OAUTH2 "Authorization Code", "Resource Owner Password" or "Client Credential" access token which allows the ASPSP to identify the relevant PSU. The CBPII requests the ASPSP for a payment coverage check against either a bank account or a card primary identifier. The ASPSP answers with a structure embedding the original request and the result as a Boolean.

Scopes

aisp
cbpii
extended_transaction_history

Parameters

Authorization (required)	string header Access token to be passed as a header
paymentCoverage (required)	PaymentCoverageRequestResource body Model Example { "paymentCoverageRequestId (string)": "Identification of the payment Coverage Request", "payee (string)": "The merchant where the card is accepted as information to the PSU.", "instructedAmount": "this amount is the payment account on wihich the request is processed. This amount must be positive.", "accountId": { "iban (string)": "ISO20022: International Bank Account Number (IBAN) - identification used internationally by financial institutions to uniquely identify the account of a customer. \n\nFurther specifications of the format and content of the IBAN can be found in the standard ISO 13616 \"Banking and related financial services - International Bank Account Number (IBAN)\" version 1997-10-01, or later revisions.\n", "other": { "identification (string)": "API: Identifier\n", "schemeName (string)": "Name of the identification scheme.\nPossible values for the scheme name, partially based on ISO20022 external code list, are the following:\n\| Code \| Name \| Description \|\n\| ---- \| ---- \| ----------- \|\n\| BANK \| BankPartyIdentification \| Unique and unambiguous assignment made by a specific bank or similar financial institution to identify a relationship as defined between the bank and its client. \|\n\| COID \| CountryIdentificationCode) : Country authority given organisation identification (e.g., corporate registration number) \|\n\| SREN \| SIREN \| The SIREN number is a 9 digit code assigned by INSEE, the French National Institute for Statistics and Economic Studies, to identify an organisation in France. \|\n\| SRET \| SIRET \| The SIRET number is a 14 digit code assigned by INSEE, the French National Institute for Statistics and Economic Studies, to identify an organisation unit in France. It consists of the SIREN number, followed by a five digit classification number, to identify the local geographical unit of that entity. \|\n\| NIDN \| NationalIdentityNumber \| Number assigned by an authority to identify the national identity number of a person. \|\nOther values are also permitted, for instance:\n\| Code \| Name \| Description \|\n\| ---- \| ---- \| ----------- \|\n\| OAUT \| OAUTH2 \| OAUTH2 access token that is owned by the PISP being also an AISP and that can be used in order to identify the PSU \|\n\| CPAN \| CardPan \| Card PAN \|\nEach implementation of the STET PSD2 API must specify in its own documentation which schemes can actually been used\n", "issuer (string)": "ISO20022: Entity that assigns the identification. this could a country code or any organisation name or identifier that can be recognized by both parties\n" }, "currency (string)": "Currency used for the account" } } `{ "paymentCoverageRequestId": "", "payee": "", "instructedAmount": "", "accountId": "" }` Click to set as parameter value parameters of a payment coverage request
PSU-IP-Address	string header IP address used by the PSU's terminal when connecting to the TPP
PSU-IP-Port	string header IP port used by the PSU's terminal when connecting to the TPP
PSU-HTTP-Method	string header Http method for the most relevant PSU’s terminal request to the TTP
PSU-Date	string header Timestamp of the most relevant PSU’s terminal request to the TTP
PSU-GEO-Location	string header Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP
PSU-User-Agent	string header "User-Agent" header field sent by the PSU terminal when connecting to the TPP
PSU-Referer	string header "Referer" header field sent by the PSU terminal when connecting to the TPP. Notice that an initial typo in RFC 1945 specifies that "referer" (incorrect spelling) is to be used. The correct spelling "referrer" can be used but might not be understood.
PSU-Accept	string header "Accept" header field sent by the PSU terminal when connecting to the TPP
PSU-Accept-Charset	string header "Accept-Charset" header field sent by the PSU terminal when connecting to the TPP
PSU-Accept-Encoding	string header "Accept-Encoding" header field sent by the PSU terminal when connecting to the TPP
PSU-Accept-Language	string header "Accept-Language" header field sent by the PSU terminal when connecting to the TPP
PSU-Device-ID	string header UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of installation identification this ID need to be unaltered until removal from device.
Digest	string header Digest of the body
Signature (required)	string header [http-signature of the request](https://datatracker.ietf.org/doc/draft-cavage-http-signatures/) The keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.
X-Request-ID (required)	string header Correlation header to be set in a request and retrieved in the relevant response

Return codes

200	payment coverage request
400	Invalid status value
401	Unauthorized, authentication failure.
403	Forbidden, authentication successful but access to resource is not allowed.
405	Method Not Allowed.
406	Not Acceptable.
408	Request Timeout.
429	Too many requests.
500	Internal server error.
503	Service unavailable.

Input

application/json

Output

application/hal+json; charset=utf-8

application/json; charset=utf-8

Available authentification

OAuth 2.0