Accessibility

➤ Prerequisites

In order to be able to use this API, all PSD2 TPP need to have a national EU agreement delivered by a NCA, as well as a Unique Reference Number of Organization Identifier (OID).

For any further information, ETSI international standard specifies this OID as described in « Eligibility » section.

This OID is also included in eIDAS certificates (QWAC & QSealC) used for PSD2 API access and mutual authentication process (between TPP and ASPSP).

 

➤ How to use this API ?

The POST /token method of this API is mandatory in first row and allows TPP to get a new client_id which will be used for the other API REGISTER methods.

The following entry points for the POST /token are as follows :

The generic client_id to be used to get the access token is "9d8711ec-f1b4-45e4-8072-2b3aa49793f0"

 

The generic client_id to be used to get the access token is "PSD2_TPPRegister"

 

Please note that any valid value of one of ASPSP available on this 89C3 API Portal can be used, see product sheets per brand. Even if one ASPSP is used, the registration applies to all ASPSP.

 

➤ Example (sandbox)

POST https://www.17515.sandbox.api.89C3.com/stet/psd2/oauth/token

Header : Content-type : application/x-www-form-urlencoded; charset=utf-8

Params :

  • client_id : 9d8711ec-f1b4-45e4-8072-2b3aa49793f0
  • grant_type : client_credentials
  • scope : manageRegistration

 

Note : TPP needs to use a TLS mutual authentication based on QWAC certificate with this POST /token method.

 

Response :

{

"access_token" : "KXyZabcdefghijklmopqrstuvw1234567890"

}

 

Once this temporary access token is received, the following API methods are available:

MethodPathDescription / Use case
POST /register 1 - Method to register an app or an agent
PUT /register/${client_id} 2 - Method to change an app data
GET /register/${client_id} 3 - Method to extract app data
DELETE /register/${client_id} 4 - Method to remove an app