Test the API in Sandbox Try-it

Sandbox / Try-it scheme

image cinematique try it

The user calls the API via a form (TRY-IT - on the right of the screen) in which he will select an application, an authentication token, an Owner resource and enter the parameters defined in the request. STET. Those marked with a star are mandatory.

Once the parameters have been entered, the user can start the execution of the query. It will get either valid information or an error.

The user can chain requests.

Overview of the Oauth2 token generation screen

 

image APP Authentication

This screen is accessible when editing the application (TPP PISP our example) and it allows you to generate or edit an Oauth2 token that you will select in the Try-It execution form

Here is the description of the different parameters for initiating a payment request:

ParamètreDescriptionType de donnéesType de paramètreObligatoire
Authorization* Access token to be supplied as header string Header yes
PSU-IP-Address

IP address used by the PSU when connecting to the TPPIP address used by the PSU when connecting to the TPP
* mandatory if the client is connected but not entered in the event of batch access

string Header no*
PSU-IP-Port IP port used by the PSU when connecting to the TPP string Header no
PSU-HTTP-Method Http method used during the most relevant request made by the PSU to the TTP string Header no
PSU-Date Timestamp used during the most relevant request made by the PSU to the TTP strings Header no
PSU-GEO-Location Geographical location of the PSU provided by the PSU mobile terminal to the TPP if it exists string Header no
PSU-User-Agent "User-Agent" header sent by the PSU when connecting to the TPP string Header no
PSU-Referer

Header "Referer" sent by the PSU when connecting to the TPP. It should be noted that inHeader "Referer" sent by the PSU when connecting to the TPP.

It should be noted that in previous specifications of RFC 1945 we recommend the name "referer" (misspelled).
The name "referrer" can be used at the risk of not being understood

string Header no
PSU-Accept "Accept" header sent by the PSU to the TPP during the connection string Header no
PSU-Accept-Charset "Accept-Charset" header sent by the PSU to the TPP upon connection string Header no
PSU-Accept-Encoding "Accept-Encoding" header sent by the PSU to the TPP during the connection string Header no
PSU-Accept-Language "Accept-Language" header sent by the PSU to the TPP upon connection string Header no
PSU-Device-ID UUID (Universally Unique Identifier) ​​of the device used by the PSU, if available string Header no
Digest* request data string Body yes
Signature*

Http signature of the request (see https://datatracker.ietf.org/doc/draft-cavage-http-signatures/) The keyId part of the header should have the following format keyId = "SN = XXX, CA = YYYYYYYYYYYYYYYYY" "XXX" is the serial number in hexadecimal without any prefix (like 0x, of the QSEAL certificate whose private key was used to sign it

"YYYYYYYYYYYYYYYY" is the issuer DN, full name of the certification authority having issued this HTTP400 certificate which will be returned by the server in the event of an invalid or absent signature

string Header yes
X-Request-ID* Correlation header to configure in the request and to be retrieved in the response to it string Header

yes

 

Overview of the Try-It execution form

 

image formulaire haut try it

For the parameters of data type "body", it is possible to copy and paste an example in the form (on the right of the screen) thanks to the small blue magnifying glass present in the description of the parameters in input of the request, in just changing the specific values:

image loupe pour coller exple

This magnifying glass deploys a window with the swagger model as well as an example:

 

image test exemple

Then just click on the pink arrow at the bottom of this window so that the data in the example feeds the Try-It window located on the right. Note, the example comes from STET, we point out that it contains an error in the schemeName codes used.

After the mandatory parameters have been entered, the request can be submitted via the "Execute" button. The result is then visible under the execute button::

RESULT

Status code : 201 

 {
  "appliedAuthenticationApproach": "REDIRECT",
  "_links": {
    "consentApproval": {
      "href": "TPPPISPurlConsentApproval/psuId.html?resourceId=0000000180-1551358254000131359238543&nonce=Id-2ed9775ce61639e9a3c94ecc",
      "templated": null
    }
  }
}

 

It is also possible to view the data returned in the header by scrolling down the Header window :

image bandeau résultat try it

access-control-allow-origin: https://sandbox.api.89c3
access-control-expose-headers: x-correlationid
cache-control: no-cache, no-store, max-age=0, must-revalidate, public
connection: close
content-length: 218
content-type: application/hal+json;charset=utf-8
date: Thu, 13 March 2019 12:50:53 GMT
expires: 0
max-forwards: 5
pragma: no-cache
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains;
via: 1.0 bilmwsg011.dom101.mapres ()
x-content-type-options: nosniff
x-correlationid: Id-2ed9775ce61639e9a3c94ecc 0
x-frame-options: SAMEORIGIN, DENY
x-nonce: Id-2ed9775ce61639e9a3c94ecc
x-xss-protection: 1; mode=block