Displaying Data clusters – replay of consent: Remove the first consent page thereby removing one of the replays of consent.

Displaying Data clusters – replay of consent: Amend the last screen in the process flow.  Remove the data cluster points below each heading to make the process more streamlined for the consumer and no repeat of information. (subject to Legal approval).

Danske Bank will be performing updates to their certificates on 5 February between the hours of 20:00  and 24:00 CET.

The impact of this change will be that third parties who pin certificates, will need to update the pins on the certificates to ensure users of the service are not impacted. There are no further impacts to third parties who do not pin their certificates.

If there are any questions in regards to the change, please reach out to Danske Bank.

Upgrading all our APIs to Version 3.1 of the OBIE specification. Subject to successful completion of the OBIE live proving process and migration of all TPPs currently using V1.1 to a newer version, we plan to decommission Version 1.1 of our AIS endpoints by 25^th June 2019. We will work directly with impacted TPPs to ensure a smooth transition. From the 15^th March, defect fixing on Accounts Information V1.1 will be limited to critical and security-related items only, and we encourage you to only use Account Information V2.0 or V3.1 for new registrations.  

 Enabling a series of additional features:

• PIS functionality for future dated payments and standing orders
• A one-step AIS refresh journey for both personal and business customers
• Confirmation of Funds functionality for CBPII
• Multi-authorisation functionality for small business customers
• Developer portal now live

Danske Bank are accepting requests signed with PS256 algorithm in addition to continuing to support requests signed with RS256. Our own ID Tokens will be signed with PS256 from 6am 14 March 2019.

 Due to a recent increase in 401 errors and following investigation, 2 actions have been identified.

1.      We require re-authorization when 90 days from initial authorization have passed, the resource endpoint called will return a 401 error requiring the TPP to re-authorize

2.      If the TPP requests transaction information for more than 90 days, and 30 minutes have passed since the last re-authorization we will return a 401 requiring re-authorization, this requirement having been reviewed by Danske legal team arises from PSD/RTS requirements.

Due to the implementations outlined above any consents are already receiving a 401 error, they need to be re-authorized if the TPP wants to continue using them, the 401 error will not go away. 

This decision was a result of TDA workshop, here you can see the voting decision and outcome https://openbanking.atlassian.net/wiki/spaces/WOR/pages/748748804/173

Removal of old endpoints – 3 months’ notice

In order to comply with Open Banking specification v3.1.2 and certify conformance, we made changes to our endpoints as described below.   We are now informing you that from 10 December 2019 we will be removing the old endpoints and will require all TPPs to switch to the new correct endpoints.

The URL should be in format [participant-path-prefix]/open-banking/[version]/[resource-group]/[resource]/[resource-id]/[sub-resource] where we were missing the [resources-group] part, which is defined as The resource-group identifies the group of endpoints, according to the PSD2 role used to access the API (as "aisp", "pisp" or "cbpii"), we have since added the correct endpoints.

For awareness:  We have now fully removed AISP v1.1 endpoints so you will now see error message “404 not found” displayed.

Full Chain validation would be waived at Danske bank side for QSEAL certificates hosted on Open banking UK.

Issue with eIDAS (QWAC/QSEAL) certificate support:

1. There is a known issue that is impacting the usage of QWAC/QSEAL with Danske Bank APIs
2. Next release planned for 21^st Jan should fix this issue.

QWAC/QSEAL usage:

• For already on-boarded TPP, it is not required to do the dynamic registration again
• QWAC/QSEAL certificate need to be uploaded and assigned to the respective Software Statement in Open Banking Directory

Note on DELETE/Re-Register:

• Danske Bank currently doesn’t offer a DELETE API endpoint
• Please raise a DELETE request through the Support Team open.banking@danskebank.co.uk

Decommission of v1.1 AIS and v2 PIS -

 Please note that from the 23 July 2020 we will decommission v1.1 PIS and v2.0 AIS endpoints 

1. from 16^th of June Danske Bank will not include the b64 claim in the header, and any TPPs using Danske must do the same. In other case Danske will reject signature.

24 Sep 2020 

V3.1.7 - Danske will be live with 3.1.7 specifications from June 2021