5.1.7 "updateConsent" interface

From CBI GLOBE Wiki
Revision as of 16:56, 14 March 2019 by Admin (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

This API manage the process of PSU identification, PSU authentication and explicit authorisation of transactions by using SCA or the transfer data for SCA checks by the ASPSP.

Input parameters

Attribute Description
operation-name Operation to execute. Accepted values are:

- updatePsuData
- transactionAuthorisation

psu-id The ID of the PSU in the ASPSP client interface. Mandatory if “psu-corporate-id” is valorized
psu-id-type Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
psu-corporate-id Identification of a Corporate, only used in a corporate context.
psu-corporate-id-type This is describing the type of the identification needed by the ASPSP to identify the PSU-Corporate-ID content.
consent-id Resource Identification of the related payment initiation.
tpp-signature-certificate This is a X509 certificate that the TPP uses for signing the request, in base64 encoding.

This certificate is in PEM format without the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----". Must be contained if a signature is contained, see above.

signature A signature of the request by the TPP on application level. This might be mandated by ASPSP.
digest Is contained if and only if the “Signature” element is contained in the header of the

request. The “digest” Header contains a Hash of the message body. The only hash algorithms that may be used to calculate the digest within the context of this specification are SHA-256 and SHA-512.

psuCredentials PSU Credentials on the ASPSP system.
authenticationMethodId The authentication method identifier as provided by the ASPSP.
scaAuthenticationData SCA authentication data, depending on the chosen authentication method.

Output parameters

Attribute Description
Result Code Result of the update consent.
Error Management Description of the type of error obtained in the event that the outcome is negative.
consentStatus The status of the consent established.
consentId Identification of the consent resource as it is used in the API structure.
psuCredentials PSU Credentials on the ASPSP system.
scaMethods Might be contained, if several authentication methods are available. (name, type).
chosenScaMethod A definition of the provided SCA method is contained, if only one authentication method is available, and if the Embedded SCA approach is chosen by the ASPSP.