Table of Contents | ||
---|---|---|
|
...
Version | Date | Author | Comments |
---|---|---|---|
3.0-draft1 | OB R/W API Team | First draft of v3 Changes to align with the structure of Accounts & Transactions API
| |
3.0-draft2 | OB R/W API Team |
| |
3.0-draft3 | OB R/W API Team | Draft 3 changes:
| |
3.0-draft4 | OB R/W API Team | Errata:
Draft 4 Changes:
| |
3.0-draft5 | OB R/W API Team | Draft 5 Changes:
| |
3.0-draft6/rc1 | OB R/W API Team | Draft6 Changes:
| |
3.0-draft7 | OB R/W API Team | Draft7 Changes:
Errata
| |
3.0-RC2 | OB R/W API Team | RC2 Changes:
| |
3.0-RC3 | OB R/W API Team | RC3 Changes:
| |
3.0 | OB R/W API Team | This is the baseline version. No change from RC3. Swagger URLs updated to point to latest stable version. |
Overview
This Payment Initiation API Specification describes the flows and payloads for initiating a general payment-order.
...
- A PISP must use a payment-order consent ConsentId within the same version to create the payment-order resource (in that version)
- E.g., A v3 payment-order consent can only be used to create a payment-order resource in v3.
- An ASPSP must not allow a PISP to use a ConsentId from a previous version to create Payment Order in a newer version, and vice versa
...
- A PISP must refer to the ASPSP's online Developer Portal for guidelines on accessibility of a payment-order resource in a newer version
- A PISP must not access the payment-order resource types introduced in a newer version, on an older version endpoint
- E.g., an international-payment created in v3, that is accessed via the v1 payment-submissions endpoint
- A PISP must not access the payment-order resource created in a newer version on an older version endpoint
- E.g., for a domestic-payment resource created in v3, access via the v1 payment-submissions endpoint is not permitted
- An ASPSP must document the behaviour on the accessibility of a payment-order resource in a newer version on ASPSP's online Developer Portal
- An ASPSP must allow access to the payment-order resource created in a previous version on a newer version endpoint (depending on an ASPSP's legal requirement for data retention):
- E.g., a payment-submission created in v1, must be accessible as a v3 domestic-payment, with sensible defaults for additional fields introduced in v3 (e.g., if an ASPSP must make payment resources available for 7 years).
- In the case where a payment-order type is same, but the structure is changed in a newer version - sensible defaults may be used, with ASPSP's Developer Portal clearly specifying the behaviour.
- E.g., a new field StatusUpdateDateTime was introduced in v3 - an ASPSPs must populate with this with the last status update time - as the StatusUpdateDateTime is a mandatory field
...
PISPs must use a client credentials grant to obtain a token to make POST requests to the payment-order consent endpoints. In the specification, this grant type is referred to as "Client Credentials".
PISPs must use grant using a redirect or decoupled flow to obtain a token to make POST requests to the payment-order resource endpoints. In the specification, this grant type is referred to as "Authorization Code".
...
The ASPSP responds with a ConsentId. This is the intent-id that is used when initiating the authorization code grant (as described in the Trust Framework).
...
The Swagger Specification for Payment Initiation APIs can be downloaded from the following links:
Data Model
Reused Classes
OBRisk1
...
Generated | Identifier | Business Description |
---|---|---|
Merchant/PISP Sent in API Payload | EndToEndIdentification | The EndToEndIdentification reference is a reference that can be populated by the debtor (or merchant in the ecommerce space). This reference is important to the debtor (could be an internal reference Id against the transaction), it Is NOT the reference information that will be primarily populated on the statement of the creditor (beneficiary). |
Merchant/PISP Sent in API Payload | InstructionIdentification | PISP generates the InstructionIdentification which is a unique transaction Id and passes it to the ASPSP (this is mandatory), but this doesn’t have to go any further in the payment flow. The flow of this identifier needs to align with payment scheme rules. The expectation is that this is unique indefinitely across all time periods. The PISP can ensure this is indefinitely unique by including a date or date time element to the field, or by inserting a unique Id. |
Merchant/PISP Sent in API Payload | RemittanceInformation | The RemittanceInformation is the reference information that creditor (or beneficiary) will need to reconcile (e.g. Invoice 123). |
ASPSP / API System | ConsentId | Unique identification as assigned by the ASPSP to uniquely identify the payment-order consent resource. |
ASPSP / API System | Payment Order Id | Unique identification as assigned by the ASPSP to uniquely identify the payment-order resource. DomesticPaymentId DomesticScheduledPaymentId DomesticStandingOrderId InternationalPaymentId InternationalScheduledPaymentId |
ASPSP / Payment Scheme | Scheme Payment ID | This is generated by the ASPSP to uniquely identify a payment through a processing scheme. In the case of FPS - this is the FPID. |
...
Code Class | Name | Definition |
---|---|---|
OBExternalPaymentContext1Code | BillPayment | The context of the payment initiation is a bill payment. |
OBExternalPaymentContext1Code | EcommerceGoods | The context of the payment initiation is a for goods via an ecommerce channel. |
OBExternalPaymentContext1Code | EcommerceServices | The context of the payment initiation is a for services via an ecommerce channel. |
OBExternalPaymentContext1Code | PartyToParty | The context of the payment initiation is a party to party payment. |
OBExternalPaymentContext1Code | Other | The context of the payment initiation is of an other type. |
OBTransactionIndividualStatus1Code | AcceptedSettlementCompleted | Settlement on the debtor's account has been completed. PISPs must not use this status as confirmation that settlement is complete on the creditor's account. |
OBTransactionIndividualStatus1Code | AcceptedSettlementInProcess | All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution. |
OBTransactionIndividualStatus1Code | Pending | Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed. |
OBTransactionIndividualStatus1Code | Rejected | Payment initiation or individual transaction included in the payment initiation has been rejected. |
OBExternalConsentStatus1Code | AwaitingAuthorisation | The consent resource is awaiting PSU authorisation. |
OBExternalConsentStatus1Code | Rejected | The consent resource has been rejected. |
OBExternalConsentStatus1Code | Authorised | The consent resource has been successfully authorised. |
OBExternalConsentStatus1Code | Consumed | The consented action has been successfully completed. This does not reflect the status of the consented action. |
OBChargeBearerType1Code | BorneByCreditor | All transaction charges are to be borne by the creditor. |
OBChargeBearerType1Code | BorneByDebtor | All transaction charges are to be borne by the debtor. |
OBChargeBearerType1Code | FollowingServiceLevel | Charges are to be applied following the rules agreed in the service level and/or scheme. |
OBChargeBearerType1Code | Shared | In a credit transfer context, means that transaction charges on the sender side are to be borne by the debtor, transaction charges on the receiver side are to be borne by the creditor. In a direct debit context, means that transaction charges on the sender side are to be borne by the creditor, transaction charges on the receiver side are to be borne by the debtor. |
OBExternalAuthorisation1Code | Any | Any authorisation type is requested. |
OBExternalAuthorisation1Code | Multiple | Multiple authorisation type is requested. |
OBExternalAuthorisation1Code | Single | Single authorisation type is requested. |
OBExternalStatus1Code | InitiationCompleted | The payment-order initiation has been completed. |
OBExternalStatus1Code | InitiationFailed | The payment-order initiation has failed. |
OBExternalStatus1Code | InitiationPending | The payment-order initiation is pending. |
OBExternalStatus2Code | Authorised | The multiple authorisation flow has been fully authorised. |
OBExternalStatus2Code | AwaitingFurtherAuthorisation | The multiple authorisation flow is awaiting further authorisation. |
OBExternalStatus2Code | Rejected | The multiple authorisation flow has been rejected. |
OBExchangeRateType2Code | Actual | Exchange rate is the actual rate. |
OBExchangeRateType2Code | Agreed | Exchange rate is the agreed rate between the parties. |
OBExchangeRateType2Code | Indicative | Exchange rate is the indicative rate. |
OBPriority2Code | Normal | Priority is normal. |
OBPriority2Code | Urgent | Priority is urgent. |
OBAddressTypeCode | Business | Address is the business address. |
OBAddressTypeCode | Correspondence | Address is the address where correspondence is sent. |
OBAddressTypeCode | DeliveryTo | Address is the address to which delivery is to take place. |
OBAddressTypeCode | MailTo | Address is the address to which mail is sent. |
OBAddressTypeCode | POBox | Address is a postal office (PO) box. |
OBAddressTypeCode | Postal | Address is the complete postal address. |
OBAddressTypeCode | Residential | Address is the home address. |
OBAddressTypeCode | Statement | Address is the address where statements are sent. |
...