/stet/psd2/v1/funds-confirmations

POST - fundsConfirmationsPost

Abstract

Payment coverage check request (PIISP)

Description

Description

The PIISP can ask an ASPSP to check if a given amount can be covered by the liquidity that is available on a PSU cash account or payment card.

Prerequisites

  • The TPP has been registered by the Registration Authority for the PIISP role
  • The TPP and the PSU have a contract that has been registered by the ASPSP
    • At this step, the ASPSP has delivered an "Authorization Code", a "Resource Owner Password" or a "Client Credential" OAUTH2 access token to the TPP (cf. § 3.4.2).
    • Each ASPSP has to implement either the "Authorization Code"/"Resource Owner Password" or the "Client Credential" OAUTH2 access token model.
    • Doing this, it will edit the [security] section on this path in order to specify which model it has chosen
  • The TPP and the ASPSP have successfully processed a mutual check and authentication
  • The TPP has presented its OAUTH2 "Authorization Code" or "Resource Owner Password" access token which allows the ASPSP to identify the relevant PSU.

Business flow

The PIISP requests the ASPSP for a payment coverage check against either a bank account or a card primary identifier. The ASPSP answers with a structure embedding the original request and the result as a Boolean.

Scopes

  • aisp
  • extended_transaction_history
  • piisp

Parameters

Authorization (required)
string
header
Access token to be passed as a header
paymentCoverage (required)
PaymentCoverageRequestResource
body
parameters of a payment coverage request
PSU-IP-Address
string
header
IP address used by the PSU's terminal when connecting to the TPP
PSU-IP-Port
string
header
IP port used by the PSU's terminal when connecting to the TPP
PSU-HTTP-Method
string
header
Http method for the most relevant PSU’s terminal request to the TTP
PSU-Date
string
header
Timestamp of the most relevant PSU’s terminal request to the TTP
PSU-GEO-Location
string
header
Geographical location of the PSU as provided by the PSU mobile terminal if any to the TPP
PSU-User-Agent
string
header
"User-Agent" header field sent by the PSU terminal when connecting to the TPP
PSU-Referer
string
header
"Referer" header field sent by the PSU terminal when connecting to the TPP. Notice that an initial typo in RFC 1945 specifies that "referer" (incorrect spelling) is to be used. The correct spelling "referrer" can be used but might not be understood.
PSU-Accept
string
header
"Accept" header field sent by the PSU terminal when connecting to the TPP
PSU-Accept-Charset
string
header
"Accept-Charset" header field sent by the PSU terminal when connecting to the TPP
PSU-Accept-Encoding
string
header
"Accept-Encoding" header field sent by the PSU terminal when connecting to the TPP
PSU-Accept-Language
string
header
"Accept-Language" header field sent by the PSU terminal when connecting to the TPP
PSU-Device-ID
string
header
UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of installation identification this ID need to be unaltered until removal from device.
Digest
string
header
Digest of the body
Signature (required)
string
header
http-signature of the request (cf. https://datatracker.ietf.org/doc/draft-cavage-http-signatures/) The keyId must specify the way to get the relevant qualified certificate. It is requested that this identifier is an URL aiming to provide the relevant Qualified Certificate.
X-Request-ID (required)
string
header
Correlation header to be set in a request and retrieved in the relevant response

Return codes

200 payment coverage request
400 Bad Request
401 Unauthorized
403 Forbidden
405 Method Not Allowed
406 Not Acceptable
408 Request Timeout
429 Too Many Requests
500 Internal Server Error
503 Service Unavailable

Input

application/json

Output

application/hal+json; charset=utf-8

application/json; charset=utf-8

Available authentification

OAuth 2.0