[OBIE-801] Halifax - http response code 403 with error UK.OBIE.Reauthenticate - JIRA

Halifax - http response code 403 with error UK.OBIE.Reauthenticate

Description

We have been refreshing the following consent since we were authorised to access the data in 26/06/2019 (which means consent does not expire until around 24/09/2019). Also note that we do call the account-access-consents endpoint and this is returning a status of Authorised.

Today we started seeing "{\"error\":{\"statusCode\":403,\"message\":\"UK.OBIE.Reauthenticate\"}}" returned on either the Accounts or Transactions endpoints.

Below are 4 attempts at different times throughout today to get the data:

First try, error is on the /Accounts endpoint:
2019-09-03 07:37:28.955 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a
Message: Request Headers: "Accept: application/json
Authorization: Bearer xxxxxxxxx
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

2019-09-03 07:37:29.327 +01:00
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a
Message: RESPONSE OK
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: 14769e3d5d6e0a29046dae7a
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"291-LoP5L36+Lz/APz8GBOtCcg5dHok\"
x-fapi-interaction-id: dc5f3997-24bd-4967-ad67-3d9e76141ee5
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 06:37:29 GMT
Connection: keep-alive
Content-Type: application/json
"
"{\"Data\":{\"ConsentId\":\"87ad2ccc-1892-4188-aa11-284cc1137a1a\",\"Status\":\"Authorised\",\"EntitlementAccessCode\":\"4f1f430f-efb4-4e6a-b0c5-90c13d5f54c8\",\"CreationDateTime\":\"2019-06-26T13:55:55Z\",\"TransactionFromDateTime\":\"2014-06-26T00:00:00Z\",\"StatusUpdateDateTime\":\"2019-06-26T13:57:13Z\",\"Permissions\":[\"ReadAccountsDetail\",\"ReadBalances\",\"ReadStandingOrdersDetail\",\"ReadDirectDebits\",\"ReadTransactionsDetail\",\"ReadTransactionsCredits\",\"ReadTransactionsDebits\",\"ReadProducts\"]},\"Risk\":{},\"Links\":{\"Self\":\"https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a\"},\"Meta\":{\"TotalPages\":1}}"

2019-09-03 07:37:29.328 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts
Message: Request Headers: "Authorization: Bearer xxxxxxxx
Accept: application/json
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

**********ERROR HAPPENS ON ACCOUNTS ENDPOINT**********:
2019-09-03 07:37:29.690 +01:00
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts
Message: RESPONSE Forbidden
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: 7a2ad7fd5d6e0a2900cccb06
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"3f-s97tWYbzKWXFrzrVEgXw6juF0KU\"
x-fapi-interaction-id: 4ab4bfe4-6cc8-4cad-85d3-fdd72a7a1094
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 06:37:29 GMT
Connection: keep-alive
Content-Type: application/json
"
"{\"error\":{\"statusCode\":403,\"message\":\"UK.OBIE.Reauthenticate\"}}"

----------------------------
Second try also errors on the /accounts endpoint:
2019-09-03 12:02:09.060 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a
Message: Request Headers: "Accept: application/json
Authorization: Bearer xxxxxx
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

2019-09-03 12:02:10.108
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a
CustomerId:
Message: RESPONSE OK
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: 14769e3d5d6e4831014c9643
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"291-LoP5L36+Lz/APz8GBOtCcg5dHok\"
x-fapi-interaction-id: a7c2b1e3-3493-41cb-a694-3d9e761442b7
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 11:02:10 GMT
Connection: keep-alive
Content-Type: application/json
"
"{\"Data\":{\"ConsentId\":\"87ad2ccc-1892-4188-aa11-284cc1137a1a\",\"Status\":\"Authorised\",\"EntitlementAccessCode\":\"4f1f430f-efb4-4e6a-b0c5-90c13d5f54c8\",\"CreationDateTime\":\"2019-06-26T13:55:55Z\",\"TransactionFromDateTime\":\"2014-06-26T00:00:00Z\",\"StatusUpdateDateTime\":\"2019-06-26T13:57:13Z\",\"Permissions\":[\"ReadAccountsDetail\",\"ReadBalances\",\"ReadStandingOrdersDetail\",\"ReadDirectDebits\",\"ReadTransactionsDetail\",\"ReadTransactionsCredits\",\"ReadTransactionsDebits\",\"ReadProducts\"]},\"Risk\":{},\"Links\":{\"Self\":\"https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a\"},\"Meta\":{\"TotalPages\":1}}"

2019-09-03 12:02:10.112 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts
Message: Request Headers: "Authorization: Bearer xxxxxxxx
Accept: application/json
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

**********ERROR HAPPENS ON ACCOUNTS ENDPOINT**********:
2019-09-03 12:02:10.704 +01:00
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts
Message: RESPONSE Forbidden
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: ec730e025d6e483209138631
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"3f-s97tWYbzKWXFrzrVEgXw6juF0KU\"
x-fapi-interaction-id: d337af13-b077-4f2f-b1c7-020e73ecfeb6
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 11:02:10 GMT
Connection: keep-alive
Content-Type: application/json
"
"{\"error\":{\"statusCode\":403,\"message\":\"UK.OBIE.Reauthenticate\"}}"

----------------------------- Third try gets successful responses from /accounts and /accounts/{accountId}/balances but returns the forbidden error on the /accounts/{accountId}/transactions endpoint:
2019-09-03 15:37:47.821 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a
Message: Request Headers: "Accept: application/json
Authorization: Bearer xxxxxxxx
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

2019-09-03 15:37:48.147 +01:00
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a
Message: RESPONSE OK
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: 7a2ad7fd5d6e7abb09036ce1
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"291-LoP5L36+Lz/APz8GBOtCcg5dHok\"
x-fapi-interaction-id: 825e519f-2790-47b1-ade4-fdd72a7a9c4c
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 14:37:48 GMT
Connection: keep-alive
Content-Type: application/json
"
"{\"Data\":{\"ConsentId\":\"87ad2ccc-1892-4188-aa11-284cc1137a1a\",\"Status\":\"Authorised\",\"EntitlementAccessCode\":\"4f1f430f-efb4-4e6a-b0c5-90c13d5f54c8\",\"CreationDateTime\":\"2019-06-26T13:55:55Z\",\"TransactionFromDateTime\":\"2014-06-26T00:00:00Z\",\"StatusUpdateDateTime\":\"2019-06-26T13:57:13Z\",\"Permissions\":[\"ReadAccountsDetail\",\"ReadBalances\",\"ReadStandingOrdersDetail\",\"ReadDirectDebits\",\"ReadTransactionsDetail\",\"ReadTransactionsCredits\",\"ReadTransactionsDebits\",\"ReadProducts\"]},\"Risk\":{},\"Links\":{\"Self\":\"https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a\"},\"Meta\":{\"TotalPages\":1}}"

2019-09-03 15:37:48.158 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts
Message: Request Headers: "Authorization: Bearer xxxxxxx
Accept: application/json
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

2019-09-03 15:37:48.585 +01:00
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts
Message: RESPONSE OK
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: 14769e3d5d6e7abc0926b9d1
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"190-wpLtCRY1/6zks3HdHASOeJSHSJ0\"
x-fapi-interaction-id: d9df667c-bdb1-4bd0-a6ab-3d9e7614dc0a
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 14:37:48 GMT
Connection: keep-alive
Content-Type: application/json
"
"[Sensitive Data Hidden]"

2019-09-03 15:37:48.631 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts/642f484e-3d87-3f06-8b21-4122c7f10c67/balances
Message: Request Headers: "Authorization: Bearer xxxxxxxx
Accept: application/json
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

2019-09-03 15:37:49.167 +01:00
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts/642f484e-3d87-3f06-8b21-4122c7f10c67/balances
Message: RESPONSE OK
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: ec730e025d6e7abc08c260e4
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"23e-FXD63Y5Qp6ul9urtR+S7SUKm5ls\"
x-fapi-interaction-id: 1119782d-cba9-4063-b6d5-020e73ec404c
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 14:37:49 GMT
Connection: keep-alive
Content-Type: application/json
"
"[Sensitive Data Hidden]"

2019-09-03 15:37:49.172 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts/642f484e-3d87-3f06-8b21-4122c7f10c67/transactions?fromBookingDateTime=2019-06-04T23:00:00
Message: Request Headers: "Authorization: Bearer xxxxxxxx
Accept: application/json
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

**********ERROR HAPPENS ON TRANSACTIONS ENDPOINT**********:
2019-09-03 15:37:49.542 +01:00
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts/642f484e-3d87-3f06-8b21-4122c7f10c67/transactions?fromBookingDateTime=2019-06-04T23:00:00
Message: RESPONSE Forbidden
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: 7a2ad7fd5d6e7abd09037031
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"3f-s97tWYbzKWXFrzrVEgXw6juF0KU\"
x-fapi-interaction-id: 86591c55-09ca-47a5-98a1-fdd72a7a3dbc
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 14:37:49 GMT
Connection: keep-alive
Content-Type: application/json
"
"{\"error\":{\"statusCode\":403,\"message\":\"UK.OBIE.Reauthenticate\"}}"

------------------------------------------ Final try of the day gets successful responses from /accounts and /accounts/{accountId}/balances but returns the forbidden error on the /accounts/{accountId}/transactions endpoint:

2019-09-03 18:07:56.220 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a
Message: Request Headers: "Accept: application/json
Authorization: Bearer xxxxxxx
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

2019-09-03 18:07:56.719 +01:00
HttpConnectRwesponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a
Message: RESPONSE OK
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: 9c584b875d6e9dec07ae6bb1
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"291-LoP5L36+Lz/APz8GBOtCcg5dHok\"
x-fapi-interaction-id: 34727a22-cbbc-46a6-ac26-874b589c253b
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 17:07:56 GMT
Connection: keep-alive
Content-Type: application/json
"
"{\"Data\":{\"ConsentId\":\"87ad2ccc-1892-4188-aa11-284cc1137a1a\",\"Status\":\"Authorised\",\"EntitlementAccessCode\":\"4f1f430f-efb4-4e6a-b0c5-90c13d5f54c8\",\"CreationDateTime\":\"2019-06-26T13:55:55Z\",\"TransactionFromDateTime\":\"2014-06-26T00:00:00Z\",\"StatusUpdateDateTime\":\"2019-06-26T13:57:13Z\",\"Permissions\":[\"ReadAccountsDetail\",\"ReadBalances\",\"ReadStandingOrdersDetail\",\"ReadDirectDebits\",\"ReadTransactionsDetail\",\"ReadTransactionsCredits\",\"ReadTransactionsDebits\",\"ReadProducts\"]},\"Risk\":{},\"Links\":{\"Self\":\"https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/account-access-consents/87ad2ccc-1892-4188-aa11-284cc1137a1a\"},\"Meta\":{\"TotalPages\":1}}"

2019-09-03 18:07:56.722 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts
Message: Request Headers: "Authorization: Bearer xxxxxxx
Accept: application/json
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

2019-09-03 18:07:57.145 +01:00
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts
Message: RESPONSE OK
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: 7a2ad7fd5d6e9dec09106cd1
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"190-wpLtCRY1/6zks3HdHASOeJSHSJ0\"
x-fapi-interaction-id: 8af2ea87-d041-4ea2-b532-fdd72a7a7877
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 17:07:57 GMT
Connection: keep-alive
Content-Type: application/json
"
"[Sensitive Data Hidden]"

2019-09-03 18:07:57.181 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts/642f484e-3d87-3f06-8b21-4122c7f10c67/balances
Message: Request Headers: "Authorization: Bearer xxxxxx
Accept: application/json
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

2019-09-03 18:07:57.652 +01:00
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts/642f484e-3d87-3f06-8b21-4122c7f10c67/balances
Message: RESPONSE OK
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: ec730e025d6e9ded08cf6904
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"23e-mb8gVYgUmrM/Y0B8Gwozg6b2DP8\"
x-fapi-interaction-id: 383a55b4-a9db-4a43-ba80-020e73ec6d38
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 17:07:57 GMT
Connection: keep-alive
Content-Type: application/json
"
"[Sensitive Data Hidden]"

2019-09-03 18:07:57.656 +01:00
HttpConnectRequest: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts/642f484e-3d87-3f06-8b21-4122c7f10c67/transactions?fromBookingDateTime=2019-06-04T23:00:00
Message: Request Headers: "Authorization: Bearer xxxxxxx
Accept: application/json
x-fapi-financial-id: 0015800000jfPKvAAM
"
Request Body: ""

**********ERROR HAPPENS ON TRANSACTIONS ENDPOINT**********:
2019-09-03 18:07:57.973 +01:00
HttpConnectResponse: [GET] https://secure-api.halifax.co.uk/prod01/lbg/hfx/open-banking/v3.1/aisp/accounts/642f484e-3d87-3f06-8b21-4122c7f10c67/transactions?fromBookingDateTime=2019-06-04T23:00:00
Message: RESPONSE Forbidden
"X-Backside-Transport: OK OK
X-Global-Transaction-ID: 14769e3d5d6e9ded064375f7
User-Agent: IBM-APIConnect/5.0
Vary: Origin
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, proxy-revalidate, no-cache
Pragma: no-cache
ETag: W/\"3f-s97tWYbzKWXFrzrVEgXw6juF0KU\"
x-fapi-interaction-id: 9dc6a10d-843d-4604-823a-3d9e76141a13
X-RateLimit-Limit: name=rate-limit,200;
X-RateLimit-Remaining: name=rate-limit,199;
Access-Control-Allow-Headers: x-lbg-transaction-info
Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID, x-lbg-transaction-info, WWW-Authenticate
Date: Tue, 03 Sep 2019 17:07:57 GMT
Connection: keep-alive
Content-Type: application/json
"
"{\"error\":{\"statusCode\":403,\"message\":\"UK.OBIE.Reauthenticate\"}}"

Technical Impact

None

Workaround

None

Resolution Notes

None

Impact Assessment

None

Status

Assignee

Unassigned

Reporter

Beejal Nagar

Reference

None

Service Desk Reference

OBSD-10673

ASPSP

Query Type

None

TPP Impact

Medium

TPP

OB Environment

Production

Business Impact Severity

None

Share

Yes