

Account and Transaction API

Info

Some content in this documentation is subject to the MIT Open Licence. For further information, see Copyright and Licence.

Introduction¶

This page explains the flow of the Account Information and Transaction API by OBIE. The Account Information Service Provider (AISP) can use the API endpoints described here to do the following:

Register a resource to retrieve account information by creating an account access consent. This registers data that the customer (PSU) has consented to provide to the AISP such as data permissions, expiration, and historical period allowed for transactions/statements.
Subsequently, retrieve account and transaction data.

Basic flow¶

See the below diagram describing the basic accounts information flow:

uk accounts information flow

The PSU requests to access account information data using an AISP solution (A third-party provider). The AISP connects to the ASPSP that services the PSU's accounts and creates an account-access-consent resource. This informs the ASPSP that one of its PSUs is granting access to account and transaction information to an AISP. In this case, the AISP makes a POST request to ASPSP's /account-access-consents endpoint. The ASPSP responds with an identifier for the resource (the ConsentId). The account-access-consent resource will include the following fields which describe the data that the PSU has consented with the AISP:

Permissions - a list of data clusters that have been consented for access
Expiration Date - an optional expiration for when the AISP will no longer have access to the PSU's data
Transaction Validity Period - the From/To date range which specifies a historical period for transactions and statements which may be accessed by the AISP

The AISP acts as a mediator for data to other parties, so it is valid for a PSU to have multiple account-access-consents for the same accounts, with different consent/authorisation parameters agreed. The AISP requests the PSU to authorise the consent. The ASPSP uses the redirection flow for this.

In a redirection flow, the AISP redirects the PSU to the ASPSP
The redirect includes ConsentId generated in the previous step
This allows the ASPSP to correlate the account-access-consent that was setup
The ASPSP authenticates the PSU
The ASPSP updates the state of the account-access-consent resource internally to indicate that the account access consent has been authorised
Once the consent has been authorised, the PSU is redirected back to the AISP

Once the PSU authorises the consent for the TPP to access account information, the AISP makes an API call to the ASPSP to retrieve account information. When the ASPSP provides account information, the TPP can expose the information via the AISP solution.

For more information, see Account and Transaction API Flow.

Endpoints¶

To access account information and transaction data, you can use the following available API endpoints:

Endpoint Name	Supported Version	Resource	Endpoint URL	Mandatory/Optional
Account Access Consents	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`account-access-consents`	`POST /account-access-consents`	Mandatory
			`GET /account-access-consents/{ConsentId}`	Mandatory
			`DELETE /account-access-consents/{ConsentId}`	Mandatory
Accounts	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`accounts`	`GET /accounts`	Mandatory
Accounts	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`accounts`	`GET /accounts/{AccountId}`	Mandatory
Balances	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`balances`	`GET /accounts/{AccountId}/balances`	Mandatory
Balances	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`balances`	`GET /balances`	Optional
Transactions	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`transactions`	`GET /accounts/{AccountId}/transactions`	Mandatory
Transactions	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`transactions`	`GET /transactions`	Optional
Beneficiaries	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`beneficiaries`	`GET /accounts/{AccountId}/beneficiaries`	Conditional
Beneficiaries	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`beneficiaries`	`GET /beneficiaries`	Optional
Direct Debits	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`direct-debits`	`GET /accounts/{AccountId}/direct-debits`	Conditional
Direct Debits	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`direct-debits`	`GET /direct-debits`	Optional
Standing Orders	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`standing-orders`	`GET /accounts/{AccountId}/standing-orders`	Conditional
Standing Orders	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`standing-orders`	`GET /standing-orders`	Optional
Products	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`products`	`GET /accounts/{AccountId}/product`	Conditional
Products	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`products`	`GET /products`	Optional
Offers	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`offers`	`GET /accounts/{AccountId}/offers`	Conditional
Offers	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`offers`	`GET /offers`	Optional
Party	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`party`	`GET /accounts/{AccountId}/parties`	Conditional
			`GET /accounts/{AccountId}/party`	Conditional
			`GET /party`	Conditional
Parties	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`parties`	`GET /accounts/{AccountId}/parties`	Conditional
			`GET /accounts/{AccountId}/party`	Conditional
			`GET /party`	Conditional
Scheduled Payments	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`scheduled-payments`	`GET /accounts/{AccountId}/scheduled-payments`	Conditional
Scheduled Payments	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`scheduled-payments`	`GET /scheduled-payments`	Optional
Statements	v3.1.5 v3.1.6 v3.1.8 v3.1.9 v3.1.10	`statements`	`GET /accounts/{AccountId}/statements`	Conditional
			`GET /accounts/{AccountId}/statements/{StatementId}`	Conditional
			`GET /accounts/{AccountId}/statements/{StatementId}/file`	Optional
			`GET /accounts/{AccountId}/statements/{StatementId}/transactions`	Conditional
			`GET /statements`	Optional

Top