Versions Compared

Old Version 4

changes.mady.by.user Beejal Nagar

Saved on

compared with

New Version Current

changes.mady.by.user John Heaton-Armstrong

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
outlinetrue
stylenone

...

VersionDateAuthorComments
2.0.0 draft-0.0.1 Open Banking Read/Write API TeamThis is the initial draft version.
2.0.0 draft-0.0.2 Open Banking Read/Write API TeamUpdated draft.
2.0-draft-3 Open Banking Read/Write API Team

Updated draft. 

Removed all common elements

2.0-rc1 Open Banking Read/Write API Team

Incorporate PCA and BCA Data model changes

Account type related changes
New Statements related endpoints

2.0-rc2 Open Banking Read/Write API Team

Account and Transaction Info API restructure.

Section 4.6 - Removed rate limiting, and clarification on behaviour.

Updates:

  • Clarified behaviour for ReadPAN permission code based on feedback
  • Separated ReadParty and ReadPartyPSU permission codes - and specified behaviour
  • Added the access to /accounts/{AccountId}/statements/{StatementId}/file to the ReadStatementsDetail permission - as this may leak sensitive information
  • Removed AccountType filter as an optional field in the account-request object
  • Removed GDPR reference for TPPs attempting to access APIs after consent has been revoked
  • Clarified that AISPs must call the DELETE operation on the account-request resource (before confirming consent revocation with the PSU) to indicate to the ASPSP that the PSU has revoked consent
  • Clarified that the only resource that relates specifically to the CMA Order is the products resource (with the BCA and PCA objects)
2.0-rc3 Open Banking Read/Write API Team

This is the initial draft version for rc3

Updates:

  • Clarified that the permissions array must contain either ReadAccountsBasic or ReadAccountsDetail
  • Added OBReadTransaction2/Data/Transaction/CreditorAccount and OBReadTransaction2/Data/Transaction/DebtorAccount to the ReadTransactionsDetail permission restrictions
  • Clarified that combinations of permissions codes that are not allowed must be rejected with a 400 response code - this includes permission codes that are not supported by the ASPSP
  • Errata fix - specified /direct-debits endpoint as Optional and /accounts/{AccountId}/direct-debits as Conditional
  • Referred definition of mandatory, conditional or optional in the Endpoints section to the Principles section
  • Errata - typo fixed regarding ReadPAN permission code - from "The ASPSP takes a legal view to respond with only the PAN in the clear" to "The ASPSP takes a legal view to respond with only the masked PAN"
  • Errata - reference to Personal vs. Business account selection in Basics / Overview was accidentally kept in the rc3 spec (but was rejected by TDA)
2.0.0 Open Banking Read/Write API TeamThis is the baseline version. No changes from v2.0-rc3.

Overview

This specification describes the Account Information and Transaction API flows and payloads.

...

Permission - Detail CodesData Element NameOccurrenceXPath
ReadAccountsDetailAccount0..1OBReadAccount2/Data/Account/Account
ReadAccountsDetailServicer0..1OBReadAccount2/Data/Account/Servicer
ReadBeneficiariesDetailCreditorAgent0..1OBReadBeneficiary2/Data/Beneficiary/CreditorAgent
ReadBeneficiariesDetailCreditorAccount0..1OBReadBeneficiary2/Data/Beneficiary/CreditorAccount
ReadStandingOrdersDetailCreditorAgent0..1OBReadStandingOrder2/Data/StandingOrder/CreditorAgent
ReadStandingOrdersDetailCreditorAccount0..1OBReadStandingOrder2/Data/StandingOrder/CreditorAccount
ReadTransactionsDetailTransactionInformation0..1OBReadTransaction2/Data/Transaction/TransactionInformation
ReadTransactionsDetailBalance0..1OBReadTransaction2/Data/Transaction/Balance
ReadTransactionsDetailMerchantDetails0..1OBReadTransaction2/Data/Transaction/MerchantDetails
ReadTransactionsDetailCreditorAccount0..1

OBReadTransaction2/Data/Transaction/CreditorAccount

ReadTransactionsDetailDebtorAccount0..1OBReadTransaction2/Data/Transaction/DebtorAccount
ReadStatementsDetailStatementAmount0..*OBReadStatement1/Data/Statement/StatementAmount
ReadScheduledPaymentsDetailCreditorAgent0..1OBReadScheduledPayment1/Data/ScheduledPayment/CreditorAgent
ReadScheduledPaymentsDetailCreditorAccount0..1OBReadScheduledPayment1/Data/ScheduledPayment/CreditorAccount

In addition the ReadStatementsDetail is required to access the statement file download via: /accounts/{AccountId}/statements/{StatementId}/file

...

  • The camt.052 header section and trailer sections have been removed - as these are not required for a RESTful API
  • Resources have been identified, and payload structures have been designed for these resources - rather than a full message (i.e., camt.052) that encompasses all resources in a report format. This has meant we've designed separate endpoints and payloads to cover:
    • accounts
    • balances
    • beneficiaries
    • direct-debits
    • offers
    • party
    • products
    • standing-orders
    • statements
    • transactions
    • scheduled-payments
  • New payloads have been designed for beneficiaries, direct-debits, standing-orders, and products resources - as these are not in the ISO 20022 standard (or the camt.052 message)
  • A DateTime element has been used instead of a complex choice element of Date and DateTime (across all API endpoints). Where time elements do not exist in ASPSP systems - the expectation is the time portion of the DateTime element will be defaulted to 00:00:00+00:00
  • Variations for the accounts structure include: 
    • Standardised inline with the Payment API account structures
    • Contains elements to identify an account Nickname, SecondaryIdentification
  • Variations for the balances structure include:
    • Adding a Type into the CreditLine section - to allow for multiple credit line types affecting the available balance
    • DateTime element has been specified instead of a complex choice of Date and DateTime

  • Variations for the transactions structure include:

    • Renaming "entry" to "transaction" for consistency - as this is the language used in the CMA Order, and PSD2

    • DateTime elements used instead of a complex choice of Date and DateTime

    • Flattening of the structure for BankTransactionCode and ProprietaryBankTransactionCode

    • Additional information for an AddressLine, MerchantDetails, and a running Balance

...

  • JSON: 
    Github link macro
    linkhttps://githubraw.githubusercontent.com/OpenBankingUK/account-info-api-spec/blob/master/dist/v2.0-rc3.0/account-info-swagger.json
  • YAML: 
    Github link macro
    linkhttps://githubraw.githubusercontent.com/OpenBankingUK/account-info-api-spec/blob/master/dist/v2.0-rc3.0/account-info-swagger.yaml