➤ Functional Limits

Limits of this API version   

• Apply only to active and eligible online accessible payment accounts in euro currrency (the determining criterion for the purposes of that categorisation lies in the ability to perform daily payment transactions from such an account managed by the central backend IT system, source of data sent back thru APIs) 

• Use AISP-mix model (PUT /consent method is mandatory for sending customer consent to ASPSP) 

• Use only authentication with redirect mode (Strong Customer Authentication required and handled by the bank which IS NOT an obstacle according to French national competent authority 

Note : TPP are not allowed to send to ASPSP the PSU credentials, and only ASPSP SCA redirect screens can be used (no embeding process as clarified by European Banking Authority based on articles PSD2 #95.5 & RTS #31)

• Access to the list of trusted beneficiaries using GET /trustedBeneficiaries is NOT available (feature not implemented in BTP Banque online banking service)

• Access to customer account holder identity (first name and last name) is NOT available

• Transaction history data depth is aligned on online banking services (62-day period max for small professionals/entrepreneurs segments, 90-day period max for large professionals & corporates, limited to 500 operations, no paginations managed by the API in both cases)

• "aisp extended_transaction_history" mode is NOT supported

• Access to payment account is done only using IBAN as main parameter

• There are no rate limits if the PSU-IP-ADDRESS is supplied, otherwise limited to 4 calls (see PSD2 regulations) :

  • per calendar day (00h00 - 23h59:59:999)
  • per TPP OID
  • per ASPSP end point
  • per PSU ID
  • per IBAN
  • per API AIS method ( /!\  /transactions method with or without dateFrom / dateTo parameters is considered as one method)

• The optional STET data "entryReference" applies only to PRO customer segments (see the functional perimeter in use case "Get transactions history")

Note : as this data is issued on the spot via API, the search using "entryReferenceFrom" and/or "entryReferenceto" parameters is NOT supported

 Limits related to eligible payment accounts

Apply to the following customer segments : 

• Professionals & corporates (using direct access "BTP Net" online banking and an account starting with 08 with electronic funds transfers and direct debits activated) have the status of "legal entity". In this case, the payment account is called "current account"

Limits related to SCA means compliant with this API

• Professional PSU equiped with password + SMS OTP and/or CAP reader

• Corporate PSU equiped with password + SMS OTP and/or CAP reader and/or physical token TurboSign

Note : if the PSU is only equiped with a physical token, this SCA mean can't be used on his/her mobile/smartphone

 ➤ From test to live data

According to PDS2 regulation, the data set available thru this dev portal, Try-it mode and sandbox are based on fictive data (or non-real ones).These data are described in the use case "Test our API".

In order to access to live data, please use first our API Register (see the product data sheet www.api.89c3.com/en/component/bpceportal/products/543/usecases/533).

Note : a weekly slot is reserved for a programmed maintenance (all IT infrastructure incl'd backends and API gateways) Monday morning from midnight to 06:00 am, and could generate some perturbations during this period (same for some banking batch processes initiated at the beginning or at the end of the day/month/quarter/year).

For live operations, the parameter "bankcode" allows TPP to send API requests to the right ASPSP backend thru a dedicated « endpoint » www.<bkcode>.live.api.89c3.com(or www.<bkcode>.live.api.btp-banque.fr aligned on direct access domain name www.btp-banque.fr). Once chosen, this entry point shall also be used for all subsequent requests.