Request correlation id.

This id must be a string generated by the TPP.

One of the main information of this registration is the TPP QSEALC certificate which will used by BPCE to verify the signature of all the DSP2 streams.

As registration requests must also provide a signature, the TPP must sign this request with the private key corresponding to the QSEALC certificate.

As TPP identification is not yet known at the time of this initial request, TPP has to provide the certificate in the body itself, in the first item of the keys table.

The certificate information will be retrieved from this form and will be used to verify the signature of the initial request and all future DSP2 requests.

Please note that a TPP agent cannot use directly this API set, reserved for the TPP acting on behalf of an agent (only the TPP certificate is authenticated). In case of agents, flows must also be signed with a TPP QSEALC valid certificate.

SHA256 body digest base64 encoded.

bearer access_token previously received.

String array.

It contains all URIs (scheme and authority according to RFC 3986, comma separated) that TPP can use in DSP2 redirect requests. Any URI used afterwards in PSD2 API but not provided in this registration process will be refused.

String.

JSON Web Token (JWT).

Not used.

String.

Value shall be "tls_client_auth".

Strings array.

Value shall be "client_credentials".

Strings array.

Value shall be “code”.

String.

This is the TPP unique legal name.

String.

TPP or agent Web page URI.

Not used.

String.

TPP or agent logo URI.

Not used.

String.

TPP scopes are comma separated, and possible values are :

“aisp” and/or “pisp” and/or “cbpii”

Example : “aisp”

Example : “aisp, pisp”

Note : the scope is also mandatory for agents. In that case, the values included in this field shall be the ones from the TPP.

String.

Data for mandatory contact details :

"contact": {

     "contact_name": "string",

     "email": "string",

     "phone_number": "string"

}

String.

URI that points to a human-readable terms of service document for the client.

Not used.

String.

URI that points to a human-readable policy document for the client.

Not used.

String.

URL referencing the client JSON Web Key (JWK) document containing the client public keys.

Not used.

String.

TPP National Authorization number according to ETSI specification on eIDAS certificates for PSD2 (OID = PSDXX-YYYYYYYY-ZZZZZZZZ, see “Eligibility” section).

String.

(*) Optional for a TPP / Mandatory (required) for an agent. This identifier is therefore left to the discretion of the TPP for an agent.

However, its format should comply with the ETSI specification on DSP2 eiDAS certificates with “AGT” suffix + a serial number, e.g. “AGTFR-ACPR-12345001”.

Note : in order to avoid rejection due to a duplicated alues, we strongly advise to base it on truncated OID TPP number (= no PSD prefix) before the serial number.

String.

Not used.

Object.

This object contains the following array and shall contain at least one public key (QSEALC) without the chain to the certification authority.

JWK objects array.

This array shall contain only one item (JWK).

String.

Key type. Value shall be "RSA".

String.

Key usage. Vallue shall be "sig".

String.

Value shall be "RS256".

String array.

Value shall be "verify".

String.

key id.

Not used.

Strings array.

Must not contain more than one item representing the QSEALC certificate in DER format based on 64.

Not used.

String.

SHA256 fingerprint of X509 DER certificate.

String.

Mandatory name of the TPP app OR brand name OR agent name which will be displayed to PSU (it can be different from the client_name). This parameter is dispayed in priority to PSU during SCA redirect process.

String. 

Not used.