/stet/psd2/v1/payment-requests/{paymentRequestResourceId}
GET - paymentRequestsGet
Abstract
Retrieval of a payment request (PISP)
Description
Description
The following use cases can be applied:- retrieval of a payment request on behalf of a merchant
- retrieval of a transfer request on behalf of the account's owner
- retrieval of a standing-order request on behalf of the account's owner
The ASPSP has registered the Request, updated if necessary the relevant identifiers in order to avoid duplicates and returned the location of the updated Request.
The PISP gets the Request that might have been updated with the resource identifiers, the status of the Payment/Transfer Request and the status of the subsequent credit transfer.
Prerequisites
- The TPP has been registered by the Registration Authority for the PISP role
- The TPP was provided with an OAUTH2 "Client Credential" access token by the ASPSP (cf. § 3.4.3).
- The TPP has previously posted a Request which has been saved by the ASPSP (cf. § 4.5.3)
- The ASPSP has answered with a location link to the saved Payment/Transfer Request (cf. § 4.5.4)
- The TPP and the ASPSP have successfully processed a mutual check and authentication
- The TPP has presented its "OAUTH2 Client Credential" access token
Business flow
The PISP asks to retrieve the Payment/Transfer Request that has been saved by the ASPSP. The PISP uses the location link provided by the ASPSP in response of the posting of this request.The ASPSP returns the previously posted Payment/Transfer Request which is enriched with:
- The resource identifiers given by the ASPSP
- The status information of the Payment Request and of the subsequent credit transfer
Scopes
- pisp
Parameters
| Authorization (required) | string header Access token to be passed as a header |
| paymentRequestResourceId (required) | string path Identification of the Payment Request Resource |
| PSU-IP-Address | string header IP address used by the PSU's terminal when connecting to the TPP |
| PSU-IP-Port | string header IP port used by the PSU's terminal when connecting to the TPP |
| PSU-HTTP-Method | string header Http method for the most relevant PSU’s terminal request to the TTP |
| PSU-Date | string header Timestamp of the most relevant PSU’s terminal request to the TTP |
| PSU-GEO-Location | string header Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP |
| PSU-User-Agent | string header "User-Agent" header field sent by the PSU terminal when connecting to the TPP
|
| PSU-Referer | string header "Referer" header field sent by the PSU terminal when connecting to the TPP.
Notice that an initial typo in RFC 1945 specifies that "referer" (incorrect spelling) is to be used. The correct spelling "referrer" can be used but might not be understood.
|
| PSU-Accept | string header "Accept" header field sent by the PSU terminal when connecting to the TPP
|
| PSU-Accept-Charset | string header "Accept-Charset" header field sent by the PSU terminal when connecting to the TPP
|
| PSU-Accept-Encoding | string header "Accept-Encoding" header field sent by the PSU terminal when connecting to the TPP
|
| PSU-Accept-Language | string header "Accept-Language" header field sent by the PSU terminal when connecting to the TPP
|
| PSU-Device-ID | string header UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.
UUID identifies either a device or a device dependant application installation.
In case of installation identification this ID need to be unaltered until removal from device.
|
| Digest | string header Digest of the body |
| Signature (required) | string header http-signature of the request (cf. https://datatracker.ietf.org/doc/draft-cavage-http-signatures/)
The keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.
|
| X-Request-ID (required) | string header Correlation header to be set in a request and retrieved in the relevant response
|
Return codes
| 200 | Retrieval of the previously posted Payment Request |
| 400 | Bad Request |
| 401 | Unauthorized |
| 403 | Forbidden |
| 404 | Not Found |
| 405 | Method Not Allowed |
| 406 | Not Acceptable |
| 408 | Request Timeout |
| 429 | Too Many Requests |
| 500 | Internal Server Error |
| 503 | Service Unavailable |
Output
application/hal+json; charset=utf-8
application/json; charset=utf-8
Available authentification
OAuth 2.0