Implementation Guide: Danske

Owned by Chris Michael (Unlicensed)
Last updated: Aug 31, 2021 by Jennifer Fearon (Unlicensed)
6 min read

This page has been created and maintained by the relevant ASPSP, and OBIE takes no liability for the completeness nor accuracy of this data.

Note to ASPSP: Please indicate which brands this applies to and/or duplicate this page per brand if relevant.


ASPSPDanske
BrandDanske
Date13/03/2019
Developer portal (s)https://developers.danskebank.com/

Announcements

Over the last few months, we have received extensive feedback from the TPP community on our Open Banking journey. As a result, we are delivering improvements to our journeys, making them easier and simpler for our customers to interact with. Specifically, we are making the following improvements:

Improvement

Delivery date

Displaying Data clusters – replay of consent: Remove the first consent page thereby removing one of the replays of consent.


Delivered 30 November 2018

Displaying Data clusters – replay of consent: Amend the last screen in the process flow.  Remove the data cluster points below each heading to make the process more streamlined for the consumer and no repeat of information. (subject to Legal approval).


Delivered 30 November 2018

Danske Bank will be performing updates to their certificates on 5 February between the hours of 20:00  and 24:00 CET.

 

The impact of this change will be that third parties who pin certificates, will need to update the pins on the certificates to ensure users of the service are not impacted. There are no further impacts to third parties who do not pin their certificates.

 

If there are any questions in regards to the change, please reach out to Danske Bank.


Delivered 5 February.

Upgrading all our APIs to Version 3.1 of the OBIE specification. Subject to successful completion of the OBIE live proving process and migration of all TPPs currently using V1.1 to a newer version, we plan to decommission Version 1.1 of our AIS endpoints by 25th June 2019. We will work directly with impacted TPPs to ensure a smooth transition. From the 15th March, defect fixing on Accounts Information V1.1 will be limited to critical and security-related items only, and we encourage you to only use Account Information V2.0 or V3.1 for new registrations.  

 Enabling a series of additional features:

  • PIS functionality for future dated payments and standing orders
  • A one-step AIS refresh journey for both personal and business customers
  • Confirmation of Funds functionality for CBPII
  • Multi-authorisation functionality for small business customers
  • Developer portal now live

Delivered 13 March 2019

Danske Bank are accepting requests signed with PS256 algorithm in addition to continuing to support requests signed with RS256. Our own ID Tokens will be signed with PS256 from 6am 14 March 2019.



Delivered 14 March 2019

 Due to a recent increase in 401 errors and following investigation, 2 actions have been identified.

1.      We require re-authorization when 90 days from initial authorization have passed, the resource endpoint called will return a 401 error requiring the TPP to re-authorize

2.      If the TPP requests transaction information for more than 90 days, and 30 minutes have passed since the last re-authorization we will return a 401 requiring re-authorization, this requirement having been reviewed by Danske legal team arises from PSD/RTS requirements.

Due to the implementations outlined above any consents are already receiving a 401 error, they need to be re-authorized if the TPP wants to continue using them, the 401 error will not go away. 

This decision was a result of TDA workshop, here you can see the voting decision and outcome https://openbanking.atlassian.net/wiki/spaces/WOR/pages/748748804/173

 
 with immediate effect. 
A reminder that we will be deprecating V1.1 AIS endpoints on the 25 June.  
25 June 2019 
 New PISP customer Journey screens to be implemented 4 July, authentication and verification will be displayed on same screen reducing the number of screens.  
 4 July 2019
We are currently in the design phase for App to App with deployment scheduled for 13 Sept 2019.  We will update our Developer portal with appropriate documentation and are in conversations with OBIE seeking TPP support with testing.  
13 Sept 2019
 Our new Open Banking App to App will be live for TPPs and customers to use on 13th September 2019. Please feel free to download our guide here. It includes more information on how the service will work and additional FAQs for TPPs.App to App Guide.pdf13 Sept 2019

Removal of old endpoints – 3 months’ notice

In order to comply with Open Banking specification v3.1.2 and certify conformance, we made changes to our endpoints as described below.   We are now informing you that from 10 December 2019 we will be removing the old endpoints and will require all TPPs to switch to the new correct endpoints.

The URL should be in format [participant-path-prefix]/open-banking/[version]/[resource-group]/[resource]/[resource-id]/[sub-resource] where we were missing the [resources-group] part, which is defined as The resource-group identifies the group of endpoints, according to the PSD2 role used to access the API (as "aisp", "pisp" or "cbpii"), we have since added the correct endpoints.

For awareness:  We have now fully removed AISP v1.1 endpoints so you will now see error message “404 not found” displayed.


Should you have any questions please refer to our developer portal
10th Dec 2019
 

Full Chain validation would be waived at Danske bank side for QSEAL certificates hosted on Open banking UK.

Issue with eIDAS (QWAC/QSEAL) certificate support:

  1. There is a known issue that is impacting the usage of QWAC/QSEAL with Danske Bank APIs
  2. Next release planned for 21st Jan should fix this issue.

QWAC/QSEAL usage:

  • For already on-boarded TPP, it is not required to do the dynamic registration again
  • QWAC/QSEAL certificate need to be uploaded and assigned to the respective Software Statement in Open Banking Directory

Note on DELETE/Re-Register:

  • Danske Bank currently doesn’t offer a DELETE API endpoint
  • Please raise a DELETE request through the Support Team open.banking@danskebank.co.uk

21st Jan 2020

Decommission of v1.1 AIS and v2 PIS -

 Please note that from the 23 July 2020 we will decommission v1.1 PIS and v2.0 AIS endpoints 


23 July 2020 
Waiver 007 -   
  1. from 16th of June Danske Bank will not include the b64 claim in the header, and any TPPs using Danske must do the same. In other case Danske will reject signature.

16 June 2020
V3.1.4 - Danske will be live with 3.1.4 specification 16 June 2020 
16 June 2020 
V3.1.5 - Danske are planning to go live with v3.1.5 of specifications from 24 Sep 2020 

24 Sep 2020 

V3.1.6 - Danske will be live with 3.1.6 specifications from December 2020
10 Dec 2020

V3.1.7 - Danske will be live with 3.1.7 specifications from June 2021


10 June 2021
V3.1.8 - danske will be live with 3.1.8 specifications from September 2021
23 September 2021

Change to Production:

Improvement
Delivery date
Currently our Meta.Links structure is relative, e.g. /account-requests/urn:accounts:v2:1388fe11-76c7-4cd5-9fcb-7c25d5281077. We are planning to change it to absolute, e.g. https://obp-api.danskebank.com/open-banking/v2.0/account-requests/urn:accounts:v2:1388fe11-76c7-4cd5-9fcb-7c25d5281077. This change affects only v2 version and has no impact on v1 version20 Feb 2019
Launched Confirmation of funds PISP.  Extended product scope, extending to savings and credit cards. 18 June 2019

After 6 July release Danske OB APIs:

  • Support MTLS authn
  • Support OBWAC/OBSeal certs
  • Support QWACs/QSeal certs

TPP need to manage their certificates with the OB Directory.

Reregistration is not required.

6 July 2019

Please note that the following Licence Agreement requirements are now in place

For all TPPs wanting to use Danske Bank logo’s on their websites, documentation or communications we require you to sign and return the Trademark Licence agreement to open.banking@danskebank.co.uk The documentation is located on our developer portal https://developers.danskebank.com/#  this document contains the brand guidelines and official logo’s for you to use once we are in receipt of your signed Licence agreement.

06 September 2019

 Danske Bank release: 12 September

Changes introduced:

o Implementation of v3.1.2 specification;

o Trusted Beneficiary (P8); Article 10 only – please refer to Danske Bank transparency calendar for more information

o International Payments (P10);

o Bacs, Chaps and File Payments (P11);

o some production bug fixes;

12 September 2019

 Creditor information for international payments

Short summary:

Creditor name, town, country and address are mandatory fields for creating international payments through Danske e-channels. They are used by backend systems to differentiate between domestic and cross-border transfers.

IP v3.1.2 and ISP v3.1.2:

 Sandbox: 16 January 2020

Production: 19 March 2020

FAPI Conformance

28 July 2020

v3.1.7 release

Changelog:

  • Payment Initiation API – adjusted Debtor object in payment initiation responses.
  • Payment Initiation API – adjusted CountrySubDivision field type in Risk block.
  • Accounts and Transactions API – adjusted scope of parameters in GET /accounts/ response for accounts that were switched.
  • Accounts and Transactions API – UK Open Banking only, adjusted length of Party.Name parameter in GET /party/ response.
  • Account and Transactions API - UK Open Banking only, GET/balance updates.
  • Update of API versions from 3.1.6 to 3.1.7
  • Various adjustments and fixes in API definition descriptions.
10 June 2021
v3.1.8 release

Danske Banks wishes to inform about v3.1.8 release on 23rd of September 2021. The new version is now available in our Sandbox.

Changelog:

  • OBReadTransaction6/Data/Transaction/Status is extended with status Rejected

  • Updated version numbers

23 September 2021

On-boarding

Supports dynamic client registration (Y/N)Y
Instructions for manual onboardingManual onboarding is not supported
OIDC .well-known endpoint

https://obp-auth.danskebank.com/open-banking/private/.well-known/openid-configuration

https://obp-auth.danskebank.com/open-banking/business/.well-known/openid-configuration


Notes on testing
Other on-boarding notes

redirect_uris MUST match or be a subset of the software_redirect_uris claim in the SSA

Documentation URL


https://danskebank.com/openbanking/OBS/ToS

https://danskebank.com/openbanking/OBS/Policy

Account Information API

Note to ASPSP: Please add a column per brand if relevant

Swagger version
Base URI
General variances to specification 
Non-functional limitations
RefAreaFieldAvailable (Y/N)Exception/Notes (inc details on classification codes, field limits, and field formats)





















Payment Initiation API

Swagger version
Base URI
General variances to specification
Non-functional limitations
RefAreaFieldAvailable (Y/N)Exception/Notes (inc details on classification codes, field limits, and field formats)















Open Data API

Swagger versionv2.2.1
Base URI

https://obp-data.danskebank.com/open-banking/v2.2/atms

https://obp-data.danskebank.com/open-banking/v2.2/branches

https://obp-data.danskebank.com/open-banking/v2.2/personal-current-accounts

https://obp-data.danskebank.com/open-banking/v2.2/business-current-accounts

https://obp-data.danskebank.com/open-banking/v2.2/unsecured-sme-loans

General variances to specification 
Non-functional limitations
RefAreaFieldAvailable (Y/N)Exception/Notes (inc details on classification codes, field limits, and field formats)