Accounts v2.0.0

Owned by Chris Michael (Unlicensed)
Feb 27, 2018
7 min read

Version Control

VersionDateAuthorComments
2.0-rc2Open Banking Read/Write API Team

This is the first Release Candidate with Split from One Page Specification

Updates:

  • Minor wording clarification on usage of GET /accounts
  • Added ChargeCard as an AccountSubType
  • Added definitions for AccountType and AccountSubType enumerations
  • Clarified that SortCodeAccountNumber behaviour is only specified for Domestic UK accounts
  • Modified usage examples:
    • Removed references to x-jws-signature
    • Updated link URLs
    • Updated mandatory fields
    • Name-spaced AccountRequestIds in usage examples - as IntentIds are name-spaced in other usage examples. ASPSPs may construct the IntentId as they wish.
  • Additional guidance for ReadAccountsDetail permission
2.0-rc3 Open Banking Read/Write API TeamThis is the initial version for release candidate 3
2.0.0Open Banking Read/Write API TeamThis is the baseline version. No changes from v2.0-rc3.

Endpoints

Endpoints for the resource - and available methods.


Resource
HTTP Operation
Endpoint
Mandatory?
Scope
Grant Type
Idempotent
Parameters
Request Object
Response Object
1accountsGET

GET /accounts

Mandatory

accountsAuthorization Code
Pagination
OBReadAccount2
2accountsGETGET /accounts/{AccountId}MandatoryaccountsAuthorization Code


OBReadAccount2

GET /accounts

First Step

The first step for an AISP after an account-request is authorised - is to call the GET /accounts endpoint. 

An AISP will be given the full list of accounts (the AccountId(s)) that the PSU has authorised the AISP to access. The AccountId(s) returned may then be used to retrieve other resources for a specific AccountId. The selection of authorised accounts happens only at the ASPSP's interface.

GET /accounts/{AccountId}

An AISP may retrieve the account information resources for the AccountId (which is retrieved in the call to GET /accounts).

Data Model

The OBReadAccount2 object will be used for the call to:

  • GET /accounts/{AccountId}
  • GET /accounts

Resource Definition

This resource represents the account to which credit and debit entries are made.

Each account resource will have a unique and immutable AccountId.

UML Diagram

Notes:

  • The Account and Servicer  structure has been designed to:
    • Reflect the DebtorAccount and DebtorAgent (and similarly for CreditorAccount and CreditorAgent) structures in the PISP use case
    • Having a SchemeName for the Account and Servicer blocks means we can be flexible to accommodate multiple types of accounts
  • For Domestic UK accounts:
    • Where "SortCodeAccountNumber" is specified as the SchemeName in the Account identification section, the Identification field must be populated with the 6 digit Sort Code and 8 digit Account Number (a 14 digit field); and the Servicer section must not be populated
    • Where the "IBAN" is specified as the SchemeName in the Account identification section, the Identification field must be populated with the full IBAN; and the Servicer section may be populated with the "BICFI" as the SchemeName
    • Where the "PAN" is specified as the SchemeName in the Account identification section, the Identification field must be populated with the primary PAN linked to the account. An ASPSP may choose to mask digits returned in the Identification field.
  • The SecondaryIdentification element may be used for the roll number for building societies.

Permission Codes

The resource differs depending on the permissions (ReadAccountsBasic and ReadAccountsDetail) used to access resource. In the event the resource is accessed with both ReadAccountsBasic and ReadAccountsDetail, the most detailed level (ReadAccountsDetail) must be used.

  • These objects must not be returned without the ReadAccountsDetail permission:
    • OBReadAccount2/Data/Account/Account
    • OBReadAccount2/Data/Account/Servicer
  • If the ReadAccountsDetail is granted by the PSU:
    • OBReadAccount2/Data/Account/Account must be returned (1..n)
    • OBReadAccount2/Data/Account/Servicer may be returned if applicable to the account and ASPSP (0..1)

Data Dictionary

NameOccurrenceXPathEnhancedDefinitionClassCodesPattern
OBReadAccount2
OBReadAccount2
OBReadAccount2

Data1..1OBReadAccount2/Data
OBReadDataAccount2

Account0..nOBReadAccount2/Data/AccountUnambiguous identification of the account to which credit and debit entries are made.OBAccount2

AccountId1..1OBReadAccount2/Data/Account/AccountIdA unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.Max40Text

Currency1..1OBReadAccount2/Data/Account/CurrencyIdentification of the currency in which the account is held.

Usage: Currency should only be used in case one and the same account number covers several currencies
and the initiating party needs to identify which currency needs to be used for settlement on the account.		ActiveOrHistoricCurrencyCode
^[A-Z]{3,3}$
AccountType1..1OBReadAccount2/Data/Account/AccountTypeSpecifies the type of account (personal or business).OBExternalAccountType1CodeBusiness
Personal
AccountSubType1..1OBReadAccount2/Data/Account/AccountSubTypeSpecifies the sub type of account (product family group).OBExternalAccountSubType1CodeChargeCard
CreditCard
CurrentAccount
EMoney
Loan
Mortgage
PrePaidCard
Savings
Description0..1OBReadAccount2/Data/Account/DescriptionSpecifies the description of the account type.Max35Text

Nickname0..1OBReadAccount2/Data/Account/NicknameThe nickname of the account, assigned by the account owner in order to provide an additional means of identification of the account.Max70Text

Account0..nOBReadAccount2/Data/Account/AccountProvides the details to identify an account.OBCashAccount2

SchemeName1..1OBReadAccount2/Data/Account/Account/SchemeNameName of the identification scheme, in a coded form as published in an external list.OBExternalAccountIdentification3CodeIBAN
PAN
SortCodeAccountNumber
Identification1..1OBReadAccount2/Data/Account/Account/IdentificationIdentification assigned by an institution to identify an account. This identification is known by the account owner.Max34Text

Name0..1OBReadAccount2/Data/Account/Account/NameName of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account.

Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.		Max70Text

SecondaryIdentification0..1OBReadAccount2/Data/Account/Account/SecondaryIdentificationThis is secondary identification of the account, as assigned by the account servicing institution.
This can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).		Max34Text

Servicer0..1OBReadAccount2/Data/Account/ServicerParty that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account.OBBranchAndFinancialInstitutionIdentification2

SchemeName1..1OBReadAccount2/Data/Account/Servicer/SchemeNameName of the identification scheme, in a coded form as published in an external list.OBExternalFinancialInstitutionIdentification2CodeBICFI
Identification1..1OBReadAccount2/Data/Account/Servicer/IdentificationUnique and unambiguous identification of the servicing institution.Max35Text

Enumerations

This section gives the definitions for enumerations used.

Code ClassName Definition 
OBExternalAccountIdentification3CodeIBANAn identifier used internationally by financial institutions to uniquely identify the account of a customer at a financial institution, as described in the latest edition of the international standard ISO 13616. "Banking and related financial services - International Bank Account Number (IBAN)".
OBExternalAccountIdentification3CodeSortCodeAccountNumberSort Code and Account Number - identifier scheme used in the UK by financial institutions to identify the account of a customer. The identifier is the concatenation of the 6 digit UK sort code and 8 digit account number.
The regular expression for this identifier is: ^[0-9]{6}[0-9]{8}$
OBExternalAccountIdentification3CodePAN

Primary Account Number (PAN) of the card, or card number.

OBExternalFinancialInstitutionIdentification2CodeBICFIValid BICs for financial institutions are registered by the ISO 9362 Registration Authority in the BIC directory, and consist of eight (8) or eleven (11) contiguous characters.
OBExternalAccountType1CodeBusinessAccount type is for business.
OBExternalAccountType1CodePersonalAccount type is for personal.
OBExternalAccountSubType1CodeChargeCardAccount sub-type is a Charge Card.
OBExternalAccountSubType1CodeCreditCardAccount sub-type is a Credit Card.
OBExternalAccountSubType1CodeCurrentAccountAccount sub-type is a Current Account.
OBExternalAccountSubType1CodeEMoneyAccount sub-type is an EMoney.
OBExternalAccountSubType1CodeLoanAccount sub-type is a Loan.
OBExternalAccountSubType1CodeMortgageAccount sub-type is a Mortgage.
OBExternalAccountSubType1CodePrePaidCardAccount sub-type is a PrePaid Card.
OBExternalAccountSubType1CodeSavingsAccount sub-type is a Savings.

Usage Examples

Bulk - Detail Permission

The call to GET /accounts is the first step after an account-request is authorised. This will allow the AISP to discover which accounts (and AccountId values) are associated with the authorisation of consent.

In this scenario AccountId 22289 has a building society roll number; and AccountId 31820 does not.

The ReadAccountsDetail permission has been granted.

Request

Get Accounts Request
GET /accounts HTTP/1.1
Authorization: Bearer Az90SAOJklae
x-fapi-financial-id: OB/2017/001
x-fapi-customer-last-logged-time: Sun, 10 Sep 2017 19:43:31 UTC
x-fapi-customer-ip-address: 104.25.212.99
x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d
Accept: application/json

Response

Get Accounts Response
HTTP/1.1 200 OK
x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d
Content-Type: application/json

{
  "Data": {
    "Account": [
      {
        "AccountId": "22289",
        "Currency": "GBP",
        "AccountType": "Personal",
        "AccountSubType": "CurrentAccount",
        "Nickname": "Bills",
        "Account": {
          "SchemeName": "SortCodeAccountNumber",
          "Identification": "80200110203345",
          "Name": "Mr Kevin",
          "SecondaryIdentification": "00021"
        }
      },
      {
        "AccountId": "31820",
        "Currency": "GBP",
        "AccountType": "Personal",
        "AccountSubType": "CurrentAccount",
        "Nickname": "Household",
        "Account": {
          "SchemeName": "SortCodeAccountNumber",
          "Identification": "80200110203348",
          "Name": "Mr Kevin"
        }
      }
    ]
  },
  "Links": {
    "Self": "https://api.alphabank.com/open-banking/v2.0/accounts/"
  },
  "Meta": {
    "TotalPages": 1
  }
}

Specific Account - Detail Permission

An AISP may also retrieve the account resource details specifically for AccountId 22289.

The ReadAccountsDetail permission has been granted.

Request

Get Accounts Request
GET /accounts/22289 HTTP/1.1
Authorization: Bearer Az90SAOJklae
x-fapi-financial-id: OB/2017/001
x-fapi-customer-last-logged-time: Sun, 10 Sep 2017 19:43:31 UTC
x-fapi-customer-ip-address: 104.25.212.99
x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d
Accept: application/json

Response

Get Accounts Response
HTTP/1.1 200 OK
x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d
Content-Type: application/json

{
  "Data": {
    "Account": [
      {
        "AccountId": "22289",
        "Currency": "GBP",
        "AccountType": "Personal",
        "AccountSubType": "CurrentAccount",
        "Nickname": "Bills",
        "Account": {
          "SchemeName": "SortCodeAccountNumber",
          "Identification": "80200110203345",
          "Name": "Mr Kevin",
          "SecondaryIdentification": "00021"
        }
      }
    ]
  },
  "Links": {
    "Self": "https://api.alphabank.com/open-banking/v2.0/accounts/22289"
  },
  "Meta": {
    "TotalPages": 1
  }
}

Bulk - Basic Permission

The ReadAccountsBasic permission has been granted.

Request

Get Accounts Request
GET /accounts HTTP/1.1
Authorization: Bearer Az90SAOJklae
x-fapi-financial-id: OB/2017/001
x-fapi-customer-last-logged-time:  Sun, 10 Sep 2017 19:43:31 UTC
x-fapi-customer-ip-address: 104.25.212.99
x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d
Accept: application/json

Response

Get Accounts Response
HTTP/1.1 200 OK
x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d
Content-Type: application/json

{
  "Data": {
    "Account": [
      {
        "AccountId": "22289",
        "Currency": "GBP",
        "AccountType": "Personal",
        "AccountSubType": "CurrentAccount",
        "Nickname": "Bills"
      },
      {
        "AccountId": "31820",
        "Currency": "GBP",
        "AccountType": "Personal",
        "AccountSubType": "CurrentAccount",
        "Nickname": "Household"
      }
    ]
  },
  "Links": {
    "Self": "https://api.alphabank.com/open-banking/v2.0/accounts/"
  },
  "Meta": {
    "TotalPages": 1
  }
}

© Open Banking Limited 2019 | https://www.openbanking.org.uk/open-licence | https://www.openbanking.org.uk