TSB: invalid_request_object error

Description

Hi,

In both AIS and PIS scenarios, the initiation call succeeds, but we immediately receive an error callback after the user is redirected to the bank. The error callback contains the following parameters: error=invalid_request_object&error_description=The+Request+Object+is+invalid

please advise.

URL:
https://apis.tsb.co.uk/apis/open-banking/v3.1/auth/oauth2/authorize?response_type=code%20id_token&client_id=8f3066c4-0216-43f5-be40-cb664e4695d8&redirect_uri=https%3A%2F%2Fauth.dev.token.io%2Fcallback&scope=openid+payments&state=c4372fd6-f971-4752-91d6-014891f8c3c5&request=eyJraWQiOiJnRlAtOUZtOE1Kc2d2bW45QWdzc2U4QmxJRE0iLCJhbGciOiJQUzI1NiJ9.eyJzdWIiOiJhYzJmMTkzMi0yN2FiLTQwN2QtOGJjOC0xMDEyYTBkYzM5OGUiLCJpc3MiOiI4ZjMwNjZjNC0wMjE2LTQzZjUtYmU0MC1jYjY2NGU0Njk1ZDgiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsIm5vbmNlIjoiY2E4OTNiZWItYzAxMC00MDE2LThjMDYtZWRkZDJlMDNiNzBjIiwiY2xpZW50X2lkIjoiOGYzMDY2YzQtMDIxNi00M2Y1LWJlNDAtY2I2NjRlNDY5NWQ4IiwiYXVkIjoiaHR0cHM6XC9cL2FwaXMudHNiLmNvLnVrXC9hcGlzXC9vcGVuLWJhbmtpbmdcL3YzLjFcL2F1dGhcL29hdXRoMlwvdG9rZW4iLCJzY29wZSI6Im9wZW5pZCBwYXltZW50cyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJvcGVuYmFua2luZ19pbnRlbnRfaWQiOnsiZXNzZW50aWFsIjp0cnVlLCJ2YWx1ZSI6ImFjMmYxOTMyLTI3YWItNDA3ZC04YmM4LTEwMTJhMGRjMzk4ZSJ9LCJhY3IiOnsiZXNzZW50aWFsIjpmYWxzZSwidmFsdWUiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSJ9fX0sInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9hdXRoLmRldi50b2tlbi5pb1wvY2FsbGJhY2siLCJzdGF0ZSI6ImM0MzcyZmQ2LWY5NzEtNDc1Mi05MWQ2LTAxNDg5MWY4YzNjNSIsImV4cCI6MTU3MDQ5OTUwOCwiaWF0IjoxNTcwNDk2NTA4LCJqdGkiOiJkNmMzZDdlZi02MWNmLTQ1NjQtYTZhNi1kYTJiYTdhODdhZDQifQ.MXtz6mEJlvlYlGHiiWI_Fbi7RCzJI-9W2sH3wXe0NTSpCEZ-mU_oJ5_Z6jZBZcFxffYIse4FGtNVoJPFRp9UiJBGe6HO4SQEG1MuMEsFZcFVFUMoEnWxYf8_BHm6nJH1onR5AodDPUyWIxTA5fR3A13-4JerQF0X6ijcSfGUa0tdDelP83NJ8xAJoz4OAwW-5LO5kscE04KQIEtE1RuOyCW5bceCKC52mp72hgAYwqU-rh_SuwdQ2Vw3nqXK-AVTlLOeosaNhBjjH7FoqRerWjJIKeY2vFcVEG3xKsxs-ySoHM2Ldfpof7U8y5OQpDklQia4RlM1cpHZI5yIkF81kw&nonce=ca893beb-c010-4016-8c06-eddd2e03b70c

Payment Initiation (UTC timestamp):
01:01:46.293 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - --> POST https://apis.tsb.co.uk/apis/open-banking/v3.1/auth/oauth2/token
01:01:46.293 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Content-Type: application/x-www-form-urlencoded
01:01:46.293 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Content-Length: 895
01:01:46.293 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Accept: application/json
01:01:46.293 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient -
01:01:46.293 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - grant_type=client_credentials&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJraWQiOiJnRlAtOUZtOE1Kc2d2bW45QWdzc2U4QmxJRE0iLCJhbGciOiJQUzI1NiJ9.eyJzdWIiOiI4ZjMwNjZjNC0wMjE2LTQzZjUtYmU0MC1jYjY2NGU0Njk1ZDgiLCJhdWQiOiJodHRwczpcL1wvYXBpcy50c2IuY28udWtcL2FwaXNcL29wZW4tYmFua2luZ1wvdjMuMVwvYXV0aFwvb2F1dGgyXC90b2tlbiIsImlzcyI6IjhmMzA2NmM0LTAyMTYtNDNmNS1iZTQwLWNiNjY0ZTQ2OTVkOCIsImV4cCI6MTU3MDQ5Njg2NiwiaWF0IjoxNTcwNDk2NTA2LCJqdGkiOiIyMjY0ZWFjZC00NmJlLTQ0NGEtYmY4Zi04Mzk5MmFlNmQ4NDcifQ.WHusG49HEalXV8FRwQcWWsyYrfggRPHGjjNj1M3a3KsGZ2LnaClEjBcK9q4E7DRRVEJtpsCnVS4frk_-FU4aVN5dhNhrlzvF0Io8XJL8S53_Njug-By-fFld46uksgFFz1JchmbCqHwNTpLkekg7xaOjrkpZ86rZIZglx8TenY8W5z3I6kVlnieX4Z07BKRfpdl_PpGZGZFsHhVd685wVUBcsoapsRp7VvKQy23mKLywii8goP68QIe_8_3bA3Cbpj11kK_glEEzVNncfCxJ9NlLkySyC0JySh1eF2hzA2wKXNLaKYW5gB8ywCBxo5RN8WdxzNEPiT8n4pRRgPEHyA&scope=payments
01:01:46.293 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - --> END POST (895-byte body)
01:01:46.771 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - <-- 200 OK https://apis.tsb.co.uk/apis/open-banking/v3.1/auth/oauth2/token (478ms)
01:01:46.771 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Pragma: no-cache
01:01:46.771 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Cache-Control: no-store
01:01:46.771 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Content-Type: application/json;charset=UTF-8
01:01:46.771 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Date: Tue, 08 Oct 2019 01:01:46 GMT
01:01:46.772 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Server: server
01:01:46.772 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient -
01:01:46.772 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpCl ent - {
"access_token":"5d2025c3-b771-405c-a385-e1dd1ccaa725",
"token_type":"Bearer",
"expires_in":600,
"scope":"payments"
}
01:01:46.772 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - <-- END HTTP (131-byte body)
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - --> POST https://apis.tsb.co.uk/apis/open-banking/v3.1/pisp/domestic-payment-consents
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Content-Type: application/json; charset=UTF-8
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Content-Length: 389
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Accept: application/json
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Authorization: Bearer 5d2025c3-b771-405c-a385-e1dd1ccaa725
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - x-fapi-financial-id: 0015800001ZEZ3hAAH
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - x-idempotency-key: 2759ba63-9fff-46e1-9eca-7e17e32edab4
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - x-jws-signature: eyJhbGciOiJQUzI1NiIsImtpZCI6ImdGUC05Rm04TUpzZ3ZtbjlBZ3NzZThCbElETSIsImN0eSI6ImFwcGxpY2F0aW9uL2pzb24iLCJ0eXAiOiJKT1NFIiwiaHR0cDovL29wZW5iYW5raW5nLm9yZy51ay9pc3MiOiIwMDE1ODAwMDAxMDNVQW5BQU0vWFdtNFRMbHVIRmdJR2NnamtWQVlSIiwiaHR0cDovL29wZW5iYW5raW5nLm9yZy51ay90YW4iOiJvcGVuYmFua2luZy5vcmcudWsiLCJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCIsImh0dHA6Ly9vcGVuYmFua2luZy5vcmcudWsvaXNzIiwiaHR0cDovL29wZW5iYW5raW5nLm9yZy51ay9pYXQiLCJodHRwOi8vb3BlbmJhbmtpbmcub3JnLnVrL3RhbiJdLCJodHRwOi8vb3BlbmJhbmtpbmcub3JnLnVrL2lhdCI6MTU3MDQ5NjUwNn0..raRIJ1W4NEJQ48MorRKCGXGwnTDiV6ZZ1nwSHJdyCt0QT6QJJ20S3fCdmwst7cK1uYdpq1lc1q6u6x5PJ9J7-pHy6grWQCGXDWF4DbZWo68HHmnFoRO0BDGrevEn-QWsiWAMpYm5qJs9fuJh4Sjeh0djV9sCX0uSm76XYa9MYnCVUAzY4jByRLzheMx72HZlzhenoVNzVoaWTK-S2RWmkk5JL64irbRKF31FFiNZyDqwr94huKv70eb4-GaguNZFjI9WwIszz9aFooJt-Be-GkPoS5grM8zj08KnMpznIUQjFKCjdbNFrh4shmTWZmkOp5S55PQFz8tsilMoc1vE0A
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient -
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - {"Data":{"Initiation":{"InstructionIdentification":"lh7kku82o7e0q8zcva","EndToEndIdentification":"lh7kku82o7e0q8zcva","InstructedAmount":{"Amount":"5.99","Currency":"GBP"},"CreditorAccount":{"SchemeName":"UK.OBIE.SortCodeAccountNumber","Identification":"23697207628161","Name":"Southside"},"RemittanceInformation":{"Reference":"lh7kku82o7e0q8zcva"}}},"Risk":{"PaymentContextCode":"Other"}}
01:01:46.777 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - --> END POST (389-byte body)
01:01:47.443 [qtp80389986-31] [] INFO io.token.http.HttpService - Incoming request: Path=/_/status, Method=GET, Headers={Accept-Encoding: gzip, Connection: close, Host: 100.96.9.59:10209, User-Agent: kube-probe/1.14}, Query={null}
01:01:48.374 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - <-- 201 Created https://apis.tsb.co.uk/apis/open-banking/v3.1/pisp/domestic-payment-consents (1596ms)
01:01:48.374 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - x-fapi-interaction-id: 41c98c9c-036b-4a65-bbee-32953bd5ba7b
01:01:48.374 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - x-jws-signature: ew0KICAia2lkIjogIk5BeWlHVkM2WkszaDRlbXVrUlg2TDB3dl9PYyIsDQogICJhbGciOiAiUlMyNTYiLA0KICAiYjY0IjogZmFsc2UsDQogICJodHRwOi8vb3BlbmJhbmtpbmcub3JnLnVrL2lzcyI6ICJDPVVLLCBTVD1FbmdsYW5kLCBMPUxvbmRvbiwgTz1BY21lIEx0ZC4iLA0KICAiaHR0cDovL29wZW5iYW5raW5nLm9yZy51ay90YW4iOiAib3BlbmJhbmtpbmcub3JnLnVrIiwNCiAgImh0dHA6Ly9vcGVuYmFua2luZy5vcmcudWsvaWF0IjogMTU4MzQ5ODMyOTgNCn0..sv59F8UoFhAUwYJiIOXJJb8rWz6BAfxN3NdlmY-fNlcnZxmGh-aBVFLQEq8yxGaIrg0whtq-Lfz59AHnHF-9IbLdyfNB_VSQGuWka7Jx6Vnyd8tr0ny86ZeSrWIDtt2B_A_kUhZxxZ7BfdrmbODLQjaUygrqPT1mw_X9ChIyM5QzRdq5KnWuTIRq2vzOdSbzn5Dovb3MG-FYqyxtQXI7SV9ZBYSTJYuOUnhv93NCcQHVXmm6U_g7jZUF3AFsEBsIm80SAxUD1YAHoNcOkq-D4IRMAOa202wOhj9D3rRRGlDwLO96Rgp3ECSYd2OsDDRqxOcLkn0obUA28MwWH_1o1A
01:01:48.374 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Content-Type: application/json;charset=UTF-8
01:01:48.374 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Date: Tue, 08 Oct 2019 01:01:48 GMT
01:01:48.374 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - Server: server
01:01:48.374 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient -
01:01:48.374 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - {"Data":{"ConsentId":"ac2f1932-27ab-407d-8bc8-1012a0dc398e","CreationDateTime":"2019-10-08T02:01:48.01+01:00","Status":"AwaitingAuthorisation","StatusUpdateDateTime":"2019-10-08T02:01:48.01+01:00","Charges":[],"Initiation":{"CreditorAccount":{"Identification":"23697207628161","Name":"Southside","SchemeName":"UK.OBIE.SortCodeAccountNumber"},"InstructionIdentification":"lh7kku82o7e0q8zcva","EndToEndIdentification":"lh7kku82o7e0q8zcva","InstructedAmount":{"Amount":"5.99","Currency":"GBP"},"RemittanceInformation":{"Reference":"lh7kku82o7e0q8zcva"}}},"Risk":{"PaymentContextCode":"Other"},"Links":{"Self":"https://apis.tsb.co.uk/apis/open-banking/v3.1/pisp/domestic-payment-consents/ac2f1932-27ab-407d-8bc8-1012a0dc398e"},"Meta":{}}
01:01:48.374 [rpc-server-165] [ttid=GiU8plURvPEoLXKT] INFO okhttp3.OkHttpClient - <-- END HTTP (733-byte body)

Technical Impact

None

Workaround

None

Resolution Notes

None

Impact Assessment

None

Status

Assignee

Unassigned

Reporter

Service Desk

Reference

None

Service Desk Reference

OBSD-11392

ASPSP

Query Type

Read/Write

TPP Impact

None

TPP

OB Environment

Production

Business Impact Severity

None

Share

Yes
Configure