How to use AIS APIs?

Create Consent – Account

In order to retrieve a user’s account data, explicit consent has to be created and confirmed by the user. User’s account data are provided only for valid consents.

Prerequisite: Authorization flow

Begin with an oauth/authorize request, during which the Payment Service User (PSU) is redirected to their bank’s login page. The PSU logs into their bank account and selects the IBAN they wish to use (if multiple IBANs are available). After the selection is made, an authorization code will be redirected to the URL you have provided.

Using the obtained authorization code, call the oauth/token endpoint to retrieve the access_token. The access_token is a JWT token. The sub claim within this token contains the IBAN selected by the PSU. We support only one IBAN per consent. 

With the valid access_token and the IBAN information, you can proceed to call the POST /consents endpoint to initiate the consent creation process.

For more information, see section API authorization and authentication
 


.

By following the below listed steps a valid consent would be created:

1st step: POST /consents– Create consent

This method creates a consent resource that defines access rights to dedicated accounts associated with a given PSU-ID. For details, please refer to the description of the call parameters. After a successful consent creation (POST Create Consent), the TPP must redirect the PSU to the authorization server using the URL provided in the response. This redirect enables the PSU to complete Strong Customer Authentication (SCA) and confirm the consent authorization.

Important: Consent can be created to obtain account data, transaction data, and/or balance data with a single method.

  • To obtain account data only, "accounts" must contain valid account identifiers.

  • To obtain transaction data, both "accounts" and "transactions" must contain valid account identifiers.

  • To obtain balance data, both "accounts" and "balances" must contain valid account identifiers.

2nd step: GET /consents/{consentId}/status – Consent status request

This method retrieves the current status of an account information consent resource. When the response returns "consentStatus": "valid", it indicates that the consent was successfully authorized by the PSU and can be used in further flows for retrieving account data. 

Optional methods:

  • GET /consents/{consentId} – Get Consent Request
  • DELETE/consents/{consentId} – Delete Consent
  • GET /consents/{consentId}/authorisations – Get Consent Authorisation Sub-Resources Request
  • GET /consents/{consentId}/authorisations/{authorisationId} – Read the SCA status of the consent authorisation

create consent

Get Account List and/or Account Details

Prerequisite: A valid consent (see Create consent) with a valid IBAN included in "accounts" during consent creation. 

Steps to get account data details:

1st step: GET /accounts – Read Account List

Retrieve the identifiers (resource ID) of available payment account along with booking balance information, depending on the consent granted. This method requires the consentId to be provided as a header parameter and will return the account authorized by that consent.

2nd step: GET /accounts/{account-id} – Read Account Details

Retrieve detailed information about a specific account identified by account-id, which is obtained from the Read Account List method. This includes balances where applicable.

Get Account Transaction List and/or Transaction details

Prerequisite: A valid consent (see Create consent) with valid IBAN included in both "accounts" and "transactions" during the consent creation. 

Steps to get transaction list and details data:

1st step: GET /accounts – Read Account List

Retrieve the identifiers (resource ID) of the available payment account along with booking balance information, depending on the consent granted. This method requires the consentId to be provided as a header parameter, which determines the account returned.

2nd step: GET /accounts/{account-id}/transactions – Read Transaction List

Retrieve transaction reports or transaction lists for the specified account (account-id), optionally filtered by the query parameter "bookingStatus", along with balances.

Important: The Read Transaction List call supports query parameters that can be used to narrow down the returned data. Please refer to the API specifications for details.

Transaction list requests are limited to a period of 90 days from the time the request is made. However, during the first 5 minutes of an AIS consent lifecycle, any GET /transactions request is not subject to this limitation. After this initial period, requests for transactions older than 90 days will be rejected.

3rd step: GET /accounts/{account-id}/transactions/{transactionId} – Read Transaction Details

Retrieve detailed information for a specific transaction identified by transactionId within the given account (account-id). This call returns transaction details in JSON format and is only available for transactions reported in that format.
 

transactions

Read Account Balances

Prerequisite: A valid consent (see Create consent) with a valid IBAN included in both "accounts" and "balances" fields during the consent creation. 

Steps to get balance data:

1st step:  GET /accounts – Read Account List

Retrieve the identifiers (resource ID) of the available payment account along with booking balance information, depending on the consent granted. This method requires a consentId to be provided as a header parameter, which determines the account returned.

2nd step:  GET /accounts/{account-id}/balances – Read Balance

Retrieve account balance data for the specified account identified by account-id.