5.1.7 "updateConsent" interface

From CBI GLOBE Wiki
Revision as of 10:37, 6 March 2019 by Admin (talk | contribs)

This API manage the process of PSU identification, PSU authentication and explicit authorisation of transactions by using SCA or the transfer data for SCA checks by the ASPSP.

Input parameters

Attribute Description
operation-name Operation to execute. Accepted values are:

- updatePsuData
- transactionAuthorisation

psu-id The ID of the PSU in the ASPSP client interface. Mandatory if “psu-corporate-id” is valorized
psu-id-type Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
psu-corporate-id Identification of a Corporate, only used in a corporate context.
psu-corporate-id-type This is describing the type of the identification needed by the ASPSP to identify the PSU-Corporate-ID content.
consent-id Resource Identification of the related payment initiation.
tpp-registration-number A unique registration number for TPP identification
tpp-signature-certificate This is a X509 certificate that the TPP uses for signing the request, in base64 encoding.

This certificate is in PEM format without the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----". Must be contained if a signature is contained, see above.

signature A signature of the request by the TPP on application level. This might be mandated by ASPSP.
digest Is contained if and only if the “Signature” element is contained in the header of the

request. The “digest” Header contains a Hash of the message body. The only hash algorithms that may be used to calculate the digest within the context of this specification are SHA-256 and SHA-512.

tpp-role The third party payment service provider can have one or more of the following roles:

AISP (Account Information Service Provider)
PISP (Payment Initiation Service Provider)
PIISP (Payment Instrument Issuing Service Provider)

aspsp-code The account servicing payment service provider code
psuCredentials PSU Credentials on the ASPSP system.
authenticationMethodId The authentication method identifier as provided by the ASPSP.
scaAuthenticationData SCA authentication data, depending on the chosen authentication method.

Output parameters

Attribute Description
Result Code Result of the update consent.
Error Management Description of the type of error obtained in the event that the outcome is negative.
consentStatus The status of the consent established.
consentId Identification of the consent resource as it is used in the API structure.
psuCredentials PSU Credentials on the ASPSP system.
scaMethods Might be contained, if several authentication methods are available. (name, type).
chosenScaMethod A definition of the provided SCA method is contained, if only one authentication method is available, and if the Embedded SCA approach is chosen by the ASPSP.