Confirm a payment initiation request
➤ Use case
This mandated method allows the PISP :
- Either to confirm a payment initiation request previously sent to the ASPSP for a given PSU through a POST / paymentRequests request
- Or to confirm the cancellation of a payment initiation request sent to the ASPSP for a given PSU through a POST / paymentRequests request, when the payment has not been executed yet
The only implemented methode is POST /payment-requests/{paymentRequestResourceId}/o-confirmation also known as "reinforced" authentification mode. It has to be used following a PIS operations validated by the PSU, and bnot yeat cleared.
Please note that a cancellation operation doesn't need to be confirmed.
➤ Prerequisites
In order to be able to use this request, the TPP needs to fulfill eligibility criterias as "PISP" role (see "Eligibility" section), and muts get OAuth access token (see use case "Overview" > "Retrieve a Token").
The PISP has already sent a request which has been temporarly stored, the ASPSP has given back a link to this saved request.
➤ Request
The entry point depends on bank code parameter (<bkcode>) used for requesting the access token.
The list of current available bank institutions in sandbox is detailed below (see overall <bkcode> in "Limits" section).
For example, the following URL to be used in production is the following :
➤ Mandated parameters
The mandated parameter is paymentRequestResourceId.
The structure of the body and mandated fields are described in STET specifications :
- nounce => challenge to be sent back by the TPP
- psuAuthenticationFactor => authentification factor
The TPP can extract the payment inititation information using the method GET /stet/psd2/v1.4.2/payment-requests/{paymentRequestResourceId} with :
- Data paymentInformationStatus shall be ACSP
- Data transactionStatus (in the creditTransferTransaction object) shall have the value PDNG
➤ Returned Result
If all data are correct, a HTTP 200 will be returned, as well as the ressourceId & SCA authentication mode & consent URL (urlConsent_approval_URL) & nounce.
Please note that :
- data paymentRequestResourceId is included as a paramter inside consent URL sent back during the payment initiation
- same as nounce