--- swagger: "2.0" info: description: |- The AIS API implements the Account Information Service parts of the PSD2 specification, and provides the following services to authorised TPPs: * Accounts overview * Account balances * Account transactions * Accountdetails Access to the Account Information Service API is controlled through the general onboarding/enrollment flow. I.e. the API is only accessible to valid TPPs, who have completed the enrollment in order to upload and verify their qualified certificates. By accessing the API, you confirm that you already have status as an authorized TPP - or (for sandbox access only) that your application has been submitted to a local NCA and is pending approval. Only TPPs who can document their authorization status are elegible for support. The AIS API is part of the general PSD2 XS2A implementation and works in the same security context. In addition to the information contained below, all communication, headers and additional steps adhere to the general [security model and flows](https://apiportal.prod.bec.dk/openbanking/sandbox/security-model-and-flows). Refer to this link for up to date information on required security headers. The API is implemented against [Berlin Group XS2A version 1.3](https://www.berlin-group.org/psd2-access-to-bank-accounts). **Note about this version** This version of the AIS API now also supports testing of security, consent and SCA flows in sandbox with full security context. * The sandbox API works on (stateless) mocked account data, while SCA, security and consent flows are identical to production. * The security model for TPP enrollment and PSU authentication/authorization is implemented and enforced for **both** production and sandbox API **Access to API Endpoints** **Production and sandbox access:** Prior to calling the API the TPP must complete the (one-time) process for [Onboarding](https://apiportal.prod.bec.dk/openbanking/sandbox/start) on a per-bank basis. Separate API URL/host endpoints are required for each bank under the BEC Umbrella. Consult the [Environments section](https://apiportal.prod.bec.dk/openbanking/sandbox/environments) for information on URL schemas in production and sandbox environments. See list of included ASPSPs and their corresponding urls by following [this link](https://apiportal.prod.bec.dk/openbanking/sandbox/included-aspsps). The X-IBM-Client-Id attribute is not required in this version. title: PSD2 BG Account Information Service API (AIS) version: 1.0.4 contact: name: BEC PSD2 Support url: https://apiportal.prod.bec.dk/openbanking/sandbox/ email: psd2.support@bec.dk license: name: The API is made available to TPPs who have been authorised for the relevant roles by a NCA - or to TPPs applying to be authorised at a NCA with approval pending. x-ibm-name: psd2-bg-account-information-service-ais-api host: api.sandbox.openbanking.bec.dk basePath: /bg/openbanking/v1 tags: - name: Berlin Group, openbanking, AIS description: |- Account Information Service (AIS) offers the following services: * Accounts information * Account balance * Account details * Transactions list * Transaction details paths: /accounts: get: tags: - Berlin Group, openbanking, AIS description: Read the identifiers of the available payment account together with booking balance information, depending on the consent granted. operationId: getAccountsUsingGET produces: - application/json parameters: - name: X-Request-ID in: header type: string format: uuid required: true description: ID of the request (in UUID format), unique to the call (generated by the initiating party, who must ensure uniqueness). - name: Consent-ID in: header description: consent identifier for the request required: true type: string - name: withBalance in: query description: | If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. required: true type: boolean responses: 200: description: OK schema: $ref: '#/definitions/AccountsResponse' 401: description: Unauthorized 403: description: Forbidden 404: $ref: '#/responses/ERROR_404_RESOURCE_UNKNOWN' deprecated: false /accounts/{resourceId}: get: tags: - Berlin Group, openbanking, AIS description: Reads details about an account, with balances where required. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. The addressed details of this account depends then on the stored consent addressed by consentId. operationId: getAccountUsingGET produces: - application/json parameters: - name: X-Request-ID in: header type: string format: uuid required: true description: ID of the request (in UUID format), unique to the call (generated by the initiating party, who must ensure uniqueness). - name: resourceId in: path description: Unique identifier for the account required: true type: string - name: Consent-ID in: header description: consent identifier for the request required: true type: string - name: withBalance in: query description: | If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. required: true type: boolean responses: 200: description: OK schema: $ref: '#/definitions/AccountResponse' 401: description: Unauthorized 403: description: Forbidden 404: $ref: '#/responses/ERROR_404_RESOURCE_UNKNOWN' deprecated: false /accounts/{resourceId}/balances: get: tags: - Berlin Group, openbanking, AIS description: Reads balances data from a given account addressed by "resourceId". operationId: getBalanceUsingGET produces: - application/json parameters: - name: X-Request-ID in: header type: string format: uuid required: true description: ID of the request (in UUID format), unique to the call (generated by the initiating party, who must ensure uniqueness). - name: resourceId in: path description: Unique identifier for the account required: true type: string - name: Consent-ID in: header description: consent identifier for the request required: true type: string responses: 200: description: OK schema: $ref: '#/definitions/BalanceDetails' 401: description: Unauthorized 403: description: Forbidden 404: $ref: '#/responses/ERROR_404_RESOURCE_UNKNOWN' deprecated: false /accounts/{resourceId}/transactions: get: tags: - Berlin Group, openbanking, AIS description: Read transaction reports or transaction lists of a given account addressed by "resource-id", depending on the steering parameter "bookingStatus" together with balances. operationId: getTransactionsUsingGET parameters: - name: X-Request-ID in: header type: string format: uuid required: true description: ID of the request (in UUID format), unique to the call (generated by the initiating party, who must ensure uniqueness). - name: resourceId in: path description: Unique identifier for the account required: true type: string - name: Consent-ID in: header description: consent identifier for the request required: true type: string - name: bookingStatus in: query description: Permitted codes are "booked", "pending" and "both" "booked" shall be supported by the ASPSP.To support the "pending" and "both" feature is optional for the ASPSP, Error code if not supported in the online banking frontend. Currently only "booked" status is supported. required: false enum: - booked - pending - both type: string - name: dateFrom in: query description: 'Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is require. Example: 2018-12-24' required: true type: string - name: dateTo in: query description: 'End date (inclusive the data dateTo) of the transaction list, default is now if not given. Example: 2018-12-29' required: false type: string - name: deltaList in: query description: Delta List - not supported required: false type: string - name: entryReferenceFrom in: query description: Entry Reference From - not supported required: false type: string produces: - application/json responses: 200: description: OK schema: $ref: '#/definitions/TransactionsResponse' 400: $ref: '#/responses/ERROR_400_FORMAT_ERROR' 404: $ref: '#/responses/ERROR_404_RESOURCE_UNKNOWN' /accounts/{resourceId}/transactions/{transactionId}: get: tags: - Berlin Group, openbanking, AIS summary: Read details for a given transaction (transactionId) addressed by the account (resourceId). operationId: getTransactionUsingGET parameters: - name: X-Request-ID in: header type: string format: uuid required: true description: ID of the request (in UUID format), unique to the call (generated by the initiating party, who must ensure uniqueness). - name: resourceId in: path description: Unique identifier for the account required: true type: string - name: Consent-ID in: header description: consent identifier for the request required: true type: string - name: transactionId in: path description: transactionId for the account transaction required: true type: string produces: - application/json responses: 200: description: OK schema: $ref: '#/definitions/TransactionResponse' 400: $ref: '#/responses/ERROR_400_FORMAT_ERROR' 404: $ref: '#/responses/ERROR_404_RESOURCE_UNKNOWN' responses: ERROR_404_RESOURCE_UNKNOWN: description: The addressed resource is unknown relative to the TPP schema: $ref: '#/definitions/tppMessages' ERROR_400_FORMAT_ERROR: description: Parameter validation errors schema: $ref: '#/definitions/tppMessages' definitions: AccountDetails: description: | The ASPSP shall give at least one of the account reference identifiers: - iban - pan If the account is a multicurrency account currency code in "currency" is set to "XXX". type: object properties: resourceId: description: Unique identifier for the account type: string maxLength: 35 iban: $ref: '#/definitions/Iban' currency: type: string example: DKK description: The Currency code. This MUST be a valid ISO 4217 currency code. See the ASPSPs' documentation for details of supported currencies. minLength: 3 maxLength: 3 name: description: Name of the account given by the bank or the PSU in online-banking. type: string maxLength: 35 product: description: Product name of the bank for this account, proprietary definition. type: string maxLength: 35 bic: $ref: '#/definitions/bicfi' balances: type: array items: $ref: '#/definitions/Balance' _links: $ref: '#/definitions/AisLinks' AccountResponse: type: object properties: account: $ref: '#/definitions/AccountDetails' title: AccountResponse AccountsResponse: type: object properties: accounts: type: array items: $ref: '#/definitions/AccountDetails' title: AccountsResponse Amount: type: object required: - amount - currency properties: amount: type: number example: 5864.850000 description: |- The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot.: -?[0-9]{1,14}(\.[0-9]{1,3})? currency: type: string example: DKK description: The Currency code. This MUST be a valid ISO 4217 currency code. See the ASPSPs' documentation for details of supported currencies. minLength: 3 maxLength: 3 title: Amount description: Monetary Amount, including currency code and value Balance: description: | A single balance element type: object required: - balanceAmount - balanceType properties: balanceAmount: $ref: '#/definitions/Amount' balanceType: type: string enum: - closingBooked - expected - authorised - openingBooked - interimAvailable - forwardAvailable lastChangeDateTime: description: "This data element might be used to indicate e.g. with the expected or booked balance that no action is known \non the account, which is not yet booked.\n" type: string format: date-time title: Balance BalanceDetails: type: object properties: account: $ref: '#/definitions/AccountReference' balances: type: array items: $ref: '#/definitions/Balance' title: BalanceDetails AccountReference: type: object properties: iban: $ref: '#/definitions/Iban' resourceId: type: string title: AccountReference TransactionDetails: description: Transaction details type: object required: - transactionAmount properties: bankTransactionCode: type: string bookingDate: type: string format: date creditorAccount: $ref: '#/definitions/AccountReference' creditorName: type: string entryReference: type: string description: "Is the identification of the transaction as used e.g. for reference for deltafunction on application level. \nThe same identification as for example used within camt.05x messages.\n" maxLength: 35 mandateId: type: string transactionAmount: $ref: '#/definitions/Amount' transactionId: type: string valueDate: type: string format: date description: The Date at which assets become available to the account owner in case of a credit. title: TransactionDetails TransactionResponse: type: object properties: transactionsDetails: $ref: '#/definitions/TransactionDetails' title: TransactionResponse TransactionsReference: type: object properties: booked: type: array items: $ref: '#/definitions/TransactionDetails' pending: type: array items: $ref: '#/definitions/TransactionDetails' title: TransactionsReference TransactionsResponse: type: object properties: _links: $ref: '#/definitions/AisLinks' account: $ref: '#/definitions/AccountReference' transactions: $ref: '#/definitions/TransactionsReference' title: TransactionsResponse AisLinks: type: object properties: account: $ref: '#/definitions/Link' balances: $ref: '#/definitions/Link' self: $ref: '#/definitions/Link' transactions: $ref: '#/definitions/Link' title: AisLinks Link: type: object properties: href: type: string example: /v1/link/to/some/resource description: URL pointing to a resource title: Link description: Link to a resource Iban: type: string description: IBAN of an account [A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30} example: FR7612345987650123456789014 bicfi: description: | BICFI '[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}' type: string example: AAAADEBBXXX tppMessages: description: Error messages supplied for TPP type: object properties: tppMessages: type: array items: type: object properties: category: type: string code: type: string text: type: string x-ibm-configuration: testable: false enforced: true phase: realized produces: - application/json consumes: - application/json x-ibm-endpoints: - endpointUrl: https://api.sandbox.openbanking.bec.dk type: - development ...