Accessibility
➤ Prerequisites
In order to be able to use this API, all PSD2 TPP need to have a national EU agreement delivered by a NCA, as well as a Unique Reference Number of Organization Identifier (OID).
For any further information, ETSI international standard specifies this OID as described in « Eligibility » section.
This OID is also included in eIDAS certificates (QWAC & QSealC) used for PSD2 API access and mutual authentication process (between TPP and ASPSP).
➤ How to use this API ?
The POST /token method of this API is mandatory in first row and allows TPP to get a new client_id which will be used for the other API REGISTER methods.
The following entry points for the POST /token are as follows :
The generic client_id to be used to get the access token is "9d8711ec-f1b4-45e4-8072-2b3aa49793f0"
- Production Live : https://www.<codetab>.live.api.89C3.com/stet/psd2/oauth/token
The generic client_id to be used to get the access token is "PSD2_TPPRegister"
Please note that any valid value of one of ASPSP available on this 89C3 API Portal can be used, see product sheets per brand. Even if one ASPSP is used, the registration applies to all ASPSP.
➤ Example (sandbox)
POST https://www.17515.sandbox.api.89C3.com/stet/psd2/oauth/token
Header : Content-type : application/x-www-form-urlencoded; charset=utf-8
Params :
- client_id : 9d8711ec-f1b4-45e4-8072-2b3aa49793f0
- grant_type : client_credentials
- scope : manageRegistration
Note : TPP needs to use a TLS mutual authentication based on QWAC certificate with this POST /token method.
Response :
{
"access_token" : "KXyZabcdefghijklmopqrstuvw1234567890"
}
Once this temporary access token is received, the following API methods are available:
Method | Path | Description / Use case |
---|---|---|
POST | /register | 1 - Method to register an app or an agent |
PUT | /register/${client_id} | 2 - Method to change an app data |
GET | /register/${client_id} | 3 - Method to extract app data |
DELETE | /register/${client_id} | 4 - Method to remove an app |