We're updating the issue view to help you get more done. 

Unauthorized response when I attempt to Submit a payment for HSBC (v1.1)

Description

Using Payment v1.1, I can successfully set up a payment, but when I submit the payment in the next step it returns 'Unauthorized' here are the logs, first the successful setup, then the failing submission:

2019-08-08 13:16:40.098 +01:00 [INF] Request:
2019-08-08 13:16:40.100 +01:00 [INF] Method: POST, RequestUri: 'https://private.api.hsbc.com/open-banking/v1.1/payments', Version: 2.0, Content: System.Net.Http.StringContent, Headers:
{
Authorization: Bearer 06442b97-62a9-4cb1-92b1-59d10a4b0c19
x-idempotency-key: f25611101f83e18591fec1a288cfa6a3
x-fapi-financial-id: 0015800000jeox1AAA
ax-fapi-customer-last-logged-time: Thu, 08 Aug 2019 12:16:40 GMT
x-fapi-customer-ip-address: 127.0.0.1
Content-Type: application/json
}
2019-08-08 13:16:40.105 +01:00 [INF] {"Risk":{"PaymentContextCode":"PersonToPerson"},"Data":{"Initiation":{"InstructionIdentification":"f25611101f83e18591fec1a288cfa6a3","EndToEndIdentification":"3e7bb08903a143d4ae279fa9e26f6058","InstructedAmount":{"Amount":"5.00","Currency":"GBP"},"CreditorAccount":{"SchemeName":"SortCodeAccountNumber","Identification":"60201836666742","Name":"Jacob Salter"},"RemittanceInformation":{"Reference":"First payment ever!"}}}
2019-08-08 13:16:41.354 +01:00 [INF] Response:
2019-08-08 13:16:41.354 +01:00 [INF] StatusCode: 201, ReasonPhrase: 'Created', Version: 1.1, Content: System.Net.Http.HttpConnection+HttpConnectionResponseContent, Headers:
{
Server: nginx
Date: Thu, 08 Aug 2019 12:16:43 GMT
Connection: keep-alive
x-amzn-RequestId: 616e7767-b9d6-11e9-8a95-497251351ea1
x-amz-apigw-id: eGfakH6WjoEF_fQ=
x-fapi-interaction-id: 784d0339-3577-4416-b5a0-9cbc3fe71c3b
X-Amzn-Trace-Id: Root=1-5d4c12aa-0000f24454770490a5a79018;Sampled=1
X-Cache: Miss from cloudfront
Via: 1.1 6ae76e708e65e8ea2ad8717a249dc305.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAN50-C2
X-Amz-Cf-Id: RpkwgVd_KKAln-UXFJrooIYAFmvAOdBG8v8Wi3hYMVFLU-NVovfrPQ==
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
Content-Length: 652
}
2019-08-08 13:16:41.361 +01:00 [INF] {"Data":{"Initiation":{"InstructionIdentification":"f25611101f83e18591fec1a288cfa6a3","EndToEndIdentification":"3e7bb08903a143d4ae279fa9e26f6058","InstructedAmount":{"Amount":"5.00","Currency":"GBP"},"CreditorAccount":{"SchemeName":"SortCodeAccountNumber","Identification":"60201836666742","Name":"Jacob Salter"},"RemittanceInformation":{"Reference":"First payment ever!"}},"PaymentId":"49dfc115-f343-4bb8-ad1a-97d833a8fd4f","Status":"AcceptedTechnicalValidation","CreationDateTime":"2019-08-08T12:16:43.080Z"},"Risk":{"PaymentContextCode":"PersonToPerson"},"Meta":{},"Links":{"Self":"/open-banking/v1.1/payments/49dfc115-f343-4bb8-ad1a-97d833a8fd4f"}}
2019-08-08 13:16:41.365 +01:00 [INF] Received HTTP response after 1270.7471ms - "Created"
2019-08-08 13:16:41.371 +01:00 [VRB] Response Headers:
Server: nginx
Date: Thu, 08 Aug 2019 12:16:43 GMT
Connection: keep-alive
x-amzn-RequestId: 616e7767-b9d6-11e9-8a95-497251351ea1
x-amz-apigw-id: eGfakH6WjoEF_fQ=
x-fapi-interaction-id: 784d0339-3577-4416-b5a0-9cbc3fe71c3b
X-Amzn-Trace-Id: Root=1-5d4c12aa-0000f24454770490a5a79018;Sampled=1
X-Cache: Miss from cloudfront
Via: 1.1 6ae76e708e65e8ea2ad8717a249dc305.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAN50-C2
X-Amz-Cf-Id: RpkwgVd_KKAln-UXFJrooIYAFmvAOdBG8v8Wi3hYMVFLU-NVovfrPQ==
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
Content-Length: 652

2019-08-08 13:17:28.194 +01:00 [INF] Request:
2019-08-08 13:17:28.195 +01:00 [INF] Method: POST, RequestUri: 'https://private.api.hsbc.com/open-banking/v1.1/payment-submissions', Version: 2.0, Content: System.Net.Http.StringContent, Headers:
{
Authorization: Bearer 1b8dc95b-8fa7-4477-8477-40672fb4b88a
x-idempotency-key: f25611101f83e18591fec1a288cfa6a3
x-fapi-financial-id: 0015800000jeox1AAA
ax-fapi-customer-last-logged-time: Thu, 08 Aug 2019 12:17:26 GMT
x-fapi-customer-ip-address: 127.0.0.1
Content-Type: application/json
}
2019-08-08 13:17:28.205 +01:00 [INF] {"Links":{"Self":"/open-banking/v1.1/payments/49dfc115-f343-4bb8-ad1a-97d833a8fd4f"},"Meta":{"TotalPages":0},"Risk":{"PaymentContextCode":"PersonToPerson"},"Data":{"PaymentId":"49dfc115-f343-4bb8-ad1a-97d833a8fd4f","Status":"AcceptedTechnicalValidation","CreationDateTime":"2019-08-08T12:16:43Z","Initiation":{"InstructionIdentification":"f25611101f83e18591fec1a288cfa6a3","EndToEndIdentification":"3e7bb08903a143d4ae279fa9e26f6058","InstructedAmount":{"Amount":"5.00","Currency":"GBP"},"CreditorAccount":{"SchemeName":"SortCodeAccountNumber","Identification":"60201836666742","Name":"Jacob Salter"},"RemittanceInformation":{"Reference":"First payment ever!"}}}
2019-08-08 13:17:28.387 +01:00 [INF] Response:
2019-08-08 13:17:28.387 +01:00 [INF] StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.HttpConnection+HttpConnectionResponseContent, Headers:
{
Server: nginx
Date: Thu, 08 Aug 2019 12:17:30 GMT
Connection: keep-alive
x-amzn-RequestId: 7e169679-b9d6-11e9-99be-61f4bc90c66b
x-amz-apigw-id: eGfiFF_djoEFmXg=
X-Amzn-Trace-Id: Root=1-5d4c12da-73ee6c083ddcb0626f9b42ee;Sampled=1
X-Cache: Error from cloudfront
Via: 1.1 ebc9ade6c37ef5f6de2db7d8efd24568.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAN50-C1
X-Amz-Cf-Id: 2hPYIxtgyvyf9CaIpda7rBrGpYlqi3dzj40IE4uoqyNPAh2usVgIxw==
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json; charset=UTF-8
Content-Length: 30
}
2019-08-08 13:17:28.393 +01:00 [INF] {"description":"Unauthorized"}
2019-08-08 13:17:28.394 +01:00 [INF] Received HTTP response after 206.3169ms - "Unauthorized"
2019-08-08 13:17:28.395 +01:00 [VRB] Response Headers:
Server: nginx
Date: Thu, 08 Aug 2019 12:17:30 GMT
Connection: keep-alive
x-amzn-RequestId: 7e169679-b9d6-11e9-99be-61f4bc90c66b
x-amz-apigw-id: eGfiFF_djoEFmXg=
X-Amzn-Trace-Id: Root=1-5d4c12da-73ee6c083ddcb0626f9b42ee;Sampled=1
X-Cache: Error from cloudfront
Via: 1.1 ebc9ade6c37ef5f6de2db7d8efd24568.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAN50-C1
X-Amz-Cf-Id: 2hPYIxtgyvyf9CaIpda7rBrGpYlqi3dzj40IE4uoqyNPAh2usVgIxw==
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json; charset=UTF-8
Content-Length: 30

Technical Impact

None

Workaround

None

Resolution Notes

None

Impact Assessment

None

Status

Assignee

Unassigned

Reporter

Beejal Nagar

Reference

None

Service Desk Reference

OBSD-10169

ASPSP

Query Type

Read/Write

TPP Impact

High

Business Impact Severity

None

Share

Yes