Version Control

Basics

Overview

File Payments allow a file of payments to be uploaded to an ASPSP for payment initiation.

The high-level flow for file-payments follow the flow for all other payment-order types (as described in the Basic > Overview Section of Payment Initiation API Specification) however, with an additional step to upload the file. The step for staging the payment-order consent is broken into two steps:

• POST metadata of the file-payment for payment initiation.

• POST the file of the file-payment for payment initiation.

Steps

Step 1: Agree File Payment-Order Initiation.

Step 2a: Setup File Payment-Order Consent (Metadata):

• The PISP connects to the ASPSP that services the PSU's payment account and creates a new file-payment-consent resource. This JSON message contains the Metadata of the file payments file. The ASPSP responds with a ConsentId.

• This step is carried out by making a POST request to the file-payment-consent resource.

Step 2b: Setup File Payment-Order Consent (Upload File):

• The PISP uploads the payment file to the file-payment-consent endpoint with ConsentId obtained in Step 2a.

• ASPSP verifies the payment file against the hash of payment file received in the file-payment-consent Metadata in Step 2a.

• ASPSP responds with 200 OK.

• This step completes the file-payment-consent creation.

Step 3: Authorise Consent.

Step 4: Create Payment-Order.

Step 5: Get Consent/Payment-Order/Payment-Details Status:

• A PISP may optionally request the Status of the file-payment-consent.

• A PISP may optionally request File uploaded to file-payment-consent, for verification.

• A PISP may optionally request the Status of the file-payment.

• A PISP may optionally request a report in a file format, on the status of the individual payments in file-payments, if the ASPSP makes this available.

• A PISP may optionally request the detail status of the individual payments in file-payments, if the ASPSP makes this available.

Sequence Diagram

Open

Endpoints

POST /file-payment-consents 

The API endpoint allows the PISP to ask an ASPSP to create a new file-payment-consent resource.

• The POST action indicates to the ASPSP that a file payment consent has been staged. At this point, the PSU may not have been identified by the ASPSP and the request payload may not contain any information of the account(s) that should be debited.

• The endpoint allows the PISP to send metadata of the consent (between PSU and PISP) to the ASPSP.

• The metadata of the consent must include the FileType of the request.

• The metadata of the consent must include the FileHash, which is a base64 encoding of a SHA256 hash of the file to be uploaded.

• The ASPSP creates the file-payment-consent resource and responds with a unique ConsentId to refer to the resource.

Status

The default Status is "AwaitingUpload" immediately after the file-payment-consent has been created.

POST /file-payment-consents/{ConsentId}/file

The API endpoint allows the PISP to upload a file to an ASPSP, against a file-payment-consent resource.

• The endpoint allows the PISP to send a copy of the consent (between PSU and PISP) to the ASPSP for the PSU to authorise. The PISP must upload the file against the ConsentId before redirecting the PSU to authorise the consent.

• The file structure must match the FileType in the file-payment-consent request.

• An ASPSP must confirm the hash of the file matches with the FileHash provided in the file-payment-consent Metadata.

• The metadata for the file-payment-consent must match the contents of the uploaded file:

  • If the content of the metadata does not match the content of the file, the ASPSP must reject the file-payment-consent.

• The file is sent in the HTTP request body.

• HTTP headers (e.g. Content-Type) are used to describe the file.

Status

The default Status is "AwaitingAuthorisation" immediately after the file has been uploaded.

GET /file-payment-consents/{ConsentId}

A PISP can optionally retrieve a payment consent resource that they have created to check its status. 

Status

Once the PSU authorises the payment-consent resource, the Status of the payment-consent resource will be updated with "Authorised".

If the PSU rejects the consent or the file-payment-consent has failed some other ASPSP validation, the Status will be set to "Rejected".

Once a file-payment has been successfully created using the file-payment-consent, the Status of the file-payment-consent will be set to "Consumed".

The available Status codes for the file-payment-consent resource are:

GET /file-payment-consents/{ConsentId}/file

The API endpoint allows the PISP to download a file (that had been uploaded against a file-payment-consent resource) from an ASPSP.

• The file is sent in the HTTP response body.

• HTTP headers (e.g. Content-Type) are used to describe the file.

POST /file-payments

Once the file-payment-consent has been authorised by the PSU, the PISP can proceed to submit the file-payment for processing:

• This is done by making a POST request to the file-payments endpoint.

• This request is an instruction to the ASPSP to begin the file payment journey. The PISP must submit the file payment immediately, however, there are some scenarios where the ASPSP may not stage the file payment immediately (e.g. busy periods at the ASPSP).

• The PISP must ensure that the Initiation section of the file-payment match the corresponding Initiation section of the file-payment-consent resource. If the two do not match, the ASPSP must not process the request and must respond with a 400 (Bad Request).

• Any operations on the file-payment resource will not result in a Status change for the file-payment resource.

The file-payments resource that is created successfully, must have one of the following Status codes:

GET /file-payments/{FilePaymentId}

A PISP can retrieve the file-payment to check its status.

Status

The file-payments resource must have one of the following Status codes:

GET /file-payments/{FilePaymentId}/report-file

The API endpoint allows the PISP to download a payment report file from an ASPSP.

• This endpoint enables ASPSP to return a report on the processing results of Payments in the file

• The file is sent in the HTTP response body.

• The file structure may match a payment execution report for the corresponding FileType in the file-payment-consent request.

• HTTP headers (e.g. Content-Type) are used to describe the file.

GET /file-payments/{FilePaymentId}/payment-details

A PISP can retrieve the Details of the underlying payment transaction(s) via this endpoint. This resource allows ASPSPs to return richer list of Payment Statuses, and if available payment scheme related statuses.

Status

The file-payments - payment-details must have one of the following PaymentStatusCode code-set enumerations:

State Model

Payment Order Consent

The state model for the file-payment-consent resource follows the generic consent state model. However, does not use the "Revoked" status, as the consent for a file-payment is not a long-lived consent.

Open

The definitions for the Status:

Payment Order

The state model for the file-payments resource describes the initiation status only. I.e., not the subsequent execution of the file-payments.

Open

The definitions for the Status: