Denizbank AG PSD2

API change history

Denizbank AG PSD2 API

Get consent

Returns the content of an account information consent object. This is returning the data for the TPP especially in cases, where the consent was directly managed between ASPSP and PSU e.g. in a re-direct SCA Approach.

Try it

Request

Request URL

Request parameters

  • string

    The unique identifier for a certain consent.

Request headers

  • string

    ID of the request, unique to the call, as determined by the initiating party

  • (optional)
    string

    Is contained if and only if the "Signature" element is contained in the header of the request.

  • (optional)
    string

    A signature of the request by the TPP on application level. This might be mandated by ASPSP.

  • (optional)
    string

    The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

  • (optional)
    string

    The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available

  • (optional)
    string

    The forwarded header field of the HTTP request between PSU and TPP, if available

  • (optional)
    string

    The forwarded header field of the HTTP request between PSU and TPP, if available

  • (optional)
    string

    The forwarded header field of the HTTP request between PSU and TPP, if available

  • (optional)
    string

    UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependent application installation. In case of an installation identification, this ID needs to be unaltered until removal from the device

  • (optional)
    string

    The forwarded Geo Location of the corresponding HTTP request between PSU and TPP if available

  • (optional)
    string

    The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP

  • (optional)
    string

    The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available

  • (optional)
    string

    The forwarded Agent header field of the HTTP request between PSU and TPP, if available

  • string
    Subscription key which provides access to this API. Found in your Profile.

Request body

Responses

200 OK

Ok

Representations

{
  "access": {
    "accounts": [
      {
        "iban": "string",
        "currency": "string",
        "maskedPan": "string",
        "msisdn": "string",
        "pan": "string"
      }
    ],
    "balances": [
      {
        "iban": "string",
        "currency": "string",
        "maskedPan": "string",
        "msisdn": "string",
        "pan": "string"
      }
    ],
    "transactions": [
      {
        "iban": "string",
        "currency": "string",
        "maskedPan": "string",
        "msisdn": "string",
        "pan": "string"
      }
    ]
  },
  "recurringIndicator": true,
  "validUntil": "string",
  "frequencyPerDay": 0,
  "lastActionDate": "string",
  "consentStatus": "string"
}
{
  "type": "object",
  "properties": {
    "access": {
      "type": "object",
      "properties": {
        "accounts": {
          "description": "Is asking for detailed account information.",
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "iban": {
                "description": "ISO 4217 Alpha 3 currency code",
                "type": "string"
              },
              "currency": {
                "type": "string"
              },
              "maskedPan": {
                "description": "Primary Account Number (PAN) of a card in a masked form.",
                "type": "string"
              },
              "msisdn": {
                "description": "An alias to access a payment account via a registered mobile phone number.",
                "type": "string"
              },
              "pan": {
                "description": "Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements.",
                "type": "string"
              }
            }
          }
        },
        "balances": {
          "description": "Is asking for balances of the addressed accounts.",
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "iban": {
                "description": "ISO 4217 Alpha 3 currency code",
                "type": "string"
              },
              "currency": {
                "type": "string"
              },
              "maskedPan": {
                "description": "Primary Account Number (PAN) of a card in a masked form.",
                "type": "string"
              },
              "msisdn": {
                "description": "An alias to access a payment account via a registered mobile phone number.",
                "type": "string"
              },
              "pan": {
                "description": "Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements.",
                "type": "string"
              }
            }
          }
        },
        "transactions": {
          "description": "Is asking for transactions of the addressed accounts.",
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "iban": {
                "description": "ISO 4217 Alpha 3 currency code",
                "type": "string"
              },
              "currency": {
                "type": "string"
              },
              "maskedPan": {
                "description": "Primary Account Number (PAN) of a card in a masked form.",
                "type": "string"
              },
              "msisdn": {
                "description": "An alias to access a payment account via a registered mobile phone number.",
                "type": "string"
              },
              "pan": {
                "description": "Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements.",
                "type": "string"
              }
            }
          }
        }
      }
    },
    "recurringIndicator": {
      "description": "\"true\", if the consent is for recurring access to the account data.\r\n\"false\", if the consent is for one access to the account data.",
      "type": "boolean"
    },
    "validUntil": {
      "format": "date-time",
      "description": "This parameter is requesting a valid until date for the requested consent. The content is the local ASPSP date in ISO-Date Format, e.g.",
      "type": "string"
    },
    "frequencyPerDay": {
      "format": "int32",
      "description": "This field indicates the requested maximum frequency for an access without PSU involvement per day. For a one-off access, this attribute is set to \"1\".\r\nThe frequency needs to be greater equal to one.\r\nIf not otherwise agreed bilaterally between TPP and ASPSP, the frequency is less equal to 4.",
      "type": "integer"
    },
    "lastActionDate": {
      "format": "date-time",
      "description": "This date is containing the date of the last action on the consent object either through the XS2A interface or the PSU/ASPSP interface having an impact on the status.",
      "type": "string"
    },
    "consentStatus": {
      "description": "This is the overall lifecycle status of the consent.\r\nValid values are:\r\n'received': The consent data have been received and are technically correct.The data is not authorised yet.\r\n'rejected': The consent data have been rejected e.g.since no successful authorisation has taken place.\r\n'valid': The consent is accepted and valid for GET account data calls and others as specified in the consent object.\r\n'revokedByPsu': The consent has been revoked by the PSU towards the ASPSP.\r\n'expired': The consent expired.\r\n'terminatedByTpp': The corresponding TPP has terminated the consent by applying the DELETE method to the consent resource.\r\nThe ASPSP might add further codes. These codes then shall be contained in the ASPSP's documentation of the XS2A interface and has to be added to this API definition as well.",
      "type": "string"
    }
  }
}
{
  "access": {
    "accounts": [
      {
        "iban": "string",
        "currency": "string",
        "maskedPan": "string",
        "msisdn": "string",
        "pan": "string"
      }
    ],
    "balances": [
      {
        "iban": "string",
        "currency": "string",
        "maskedPan": "string",
        "msisdn": "string",
        "pan": "string"
      }
    ],
    "transactions": [
      {
        "iban": "string",
        "currency": "string",
        "maskedPan": "string",
        "msisdn": "string",
        "pan": "string"
      }
    ]
  },
  "recurringIndicator": true,
  "validUntil": "string",
  "frequencyPerDay": 0,
  "lastActionDate": "string",
  "consentStatus": "string"
}
{
  "type": "object",
  "properties": {
    "access": {
      "type": "object",
      "properties": {
        "accounts": {
          "description": "Is asking for detailed account information.",
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "iban": {
                "description": "ISO 4217 Alpha 3 currency code",
                "type": "string"
              },
              "currency": {
                "type": "string"
              },
              "maskedPan": {
                "description": "Primary Account Number (PAN) of a card in a masked form.",
                "type": "string"
              },
              "msisdn": {
                "description": "An alias to access a payment account via a registered mobile phone number.",
                "type": "string"
              },
              "pan": {
                "description": "Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements.",
                "type": "string"
              }
            }
          }
        },
        "balances": {
          "description": "Is asking for balances of the addressed accounts.",
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "iban": {
                "description": "ISO 4217 Alpha 3 currency code",
                "type": "string"
              },
              "currency": {
                "type": "string"
              },
              "maskedPan": {
                "description": "Primary Account Number (PAN) of a card in a masked form.",
                "type": "string"
              },
              "msisdn": {
                "description": "An alias to access a payment account via a registered mobile phone number.",
                "type": "string"
              },
              "pan": {
                "description": "Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements.",
                "type": "string"
              }
            }
          }
        },
        "transactions": {
          "description": "Is asking for transactions of the addressed accounts.",
          "type": "array",
          "items": {
            "type": "object",
            "properties": {
              "iban": {
                "description": "ISO 4217 Alpha 3 currency code",
                "type": "string"
              },
              "currency": {
                "type": "string"
              },
              "maskedPan": {
                "description": "Primary Account Number (PAN) of a card in a masked form.",
                "type": "string"
              },
              "msisdn": {
                "description": "An alias to access a payment account via a registered mobile phone number.",
                "type": "string"
              },
              "pan": {
                "description": "Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements.",
                "type": "string"
              }
            }
          }
        }
      }
    },
    "recurringIndicator": {
      "description": "\"true\", if the consent is for recurring access to the account data.\r\n\"false\", if the consent is for one access to the account data.",
      "type": "boolean"
    },
    "validUntil": {
      "format": "date-time",
      "description": "This parameter is requesting a valid until date for the requested consent. The content is the local ASPSP date in ISO-Date Format, e.g.",
      "type": "string"
    },
    "frequencyPerDay": {
      "format": "int32",
      "description": "This field indicates the requested maximum frequency for an access without PSU involvement per day. For a one-off access, this attribute is set to \"1\".\r\nThe frequency needs to be greater equal to one.\r\nIf not otherwise agreed bilaterally between TPP and ASPSP, the frequency is less equal to 4.",
      "type": "integer"
    },
    "lastActionDate": {
      "format": "date-time",
      "description": "This date is containing the date of the last action on the consent object either through the XS2A interface or the PSU/ASPSP interface having an impact on the status.",
      "type": "string"
    },
    "consentStatus": {
      "description": "This is the overall lifecycle status of the consent.\r\nValid values are:\r\n'received': The consent data have been received and are technically correct.The data is not authorised yet.\r\n'rejected': The consent data have been rejected e.g.since no successful authorisation has taken place.\r\n'valid': The consent is accepted and valid for GET account data calls and others as specified in the consent object.\r\n'revokedByPsu': The consent has been revoked by the PSU towards the ASPSP.\r\n'expired': The consent expired.\r\n'terminatedByTpp': The corresponding TPP has terminated the consent by applying the DELETE method to the consent resource.\r\nThe ASPSP might add further codes. These codes then shall be contained in the ASPSP's documentation of the XS2A interface and has to be added to this API definition as well.",
      "type": "string"
    }
  }
}

400 Bad Request

Bad Request - The request was invalid

500 Internal Server Error

Internal Servor Error

Code samples

@ECHO OFF

curl -v -X GET "https://api-gateway.denizbank.at/PSD2/v1/consents/{consentId}"
-H "X-Request-ID: "
-H "Digest: "
-H "Signature: "
-H "TPP-Signature-Certificate: "
-H "PSU-Accept: "
-H "PSU-Accept-Charset: "
-H "PSU-Accept-Encoding: "
-H "PSU-Accept-Language: "
-H "PSU-Device-ID: "
-H "PSU-Geo-Location: "
-H "PSU-IP-Address: "
-H "PSU-IP-Port: "
-H "PSU-User-Agent: "
-H "Ocp-Apim-Subscription-Key: {subscription key}"

--data-ascii "{body}" 
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;

namespace CSHttpClientSample
{
    static class Program
    {
        static void Main()
        {
            MakeRequest();
            Console.WriteLine("Hit ENTER to exit...");
            Console.ReadLine();
        }
        
        static async void MakeRequest()
        {
            var client = new HttpClient();
            var queryString = HttpUtility.ParseQueryString(string.Empty);

            // Request headers
            client.DefaultRequestHeaders.Add("X-Request-ID", "");
            client.DefaultRequestHeaders.Add("Digest", "");
            client.DefaultRequestHeaders.Add("Signature", "");
            client.DefaultRequestHeaders.Add("TPP-Signature-Certificate", "");
            client.DefaultRequestHeaders.Add("PSU-Accept", "");
            client.DefaultRequestHeaders.Add("PSU-Accept-Charset", "");
            client.DefaultRequestHeaders.Add("PSU-Accept-Encoding", "");
            client.DefaultRequestHeaders.Add("PSU-Accept-Language", "");
            client.DefaultRequestHeaders.Add("PSU-Device-ID", "");
            client.DefaultRequestHeaders.Add("PSU-Geo-Location", "");
            client.DefaultRequestHeaders.Add("PSU-IP-Address", "");
            client.DefaultRequestHeaders.Add("PSU-IP-Port", "");
            client.DefaultRequestHeaders.Add("PSU-User-Agent", "");
            client.DefaultRequestHeaders.Add("Ocp-Apim-Subscription-Key", "{subscription key}");

            var uri = "https://api-gateway.denizbank.at/PSD2/v1/consents/{consentId}?" + queryString;

            var response = await client.GetAsync(uri);
        }
    }
}	
// // This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

public class JavaSample 
{
    public static void main(String[] args) 
    {
        HttpClient httpclient = HttpClients.createDefault();

        try
        {
            URIBuilder builder = new URIBuilder("https://api-gateway.denizbank.at/PSD2/v1/consents/{consentId}");


            URI uri = builder.build();
            HttpGet request = new HttpGet(uri);
            request.setHeader("X-Request-ID", "");
            request.setHeader("Digest", "");
            request.setHeader("Signature", "");
            request.setHeader("TPP-Signature-Certificate", "");
            request.setHeader("PSU-Accept", "");
            request.setHeader("PSU-Accept-Charset", "");
            request.setHeader("PSU-Accept-Encoding", "");
            request.setHeader("PSU-Accept-Language", "");
            request.setHeader("PSU-Device-ID", "");
            request.setHeader("PSU-Geo-Location", "");
            request.setHeader("PSU-IP-Address", "");
            request.setHeader("PSU-IP-Port", "");
            request.setHeader("PSU-User-Agent", "");
            request.setHeader("Ocp-Apim-Subscription-Key", "{subscription key}");


            // Request body
            StringEntity reqEntity = new StringEntity("{body}");
            request.setEntity(reqEntity);

            HttpResponse response = httpclient.execute(request);
            HttpEntity entity = response.getEntity();

            if (entity != null) 
            {
                System.out.println(EntityUtils.toString(entity));
            }
        }
        catch (Exception e)
        {
            System.out.println(e.getMessage());
        }
    }
}

<!DOCTYPE html>
<html>
<head>
    <title>JSSample</title>
    <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>

<script type="text/javascript">
    $(function() {
        var params = {
            // Request parameters
        };
      
        $.ajax({
            url: "https://api-gateway.denizbank.at/PSD2/v1/consents/{consentId}?" + $.param(params),
            beforeSend: function(xhrObj){
                // Request headers
                xhrObj.setRequestHeader("X-Request-ID","");
                xhrObj.setRequestHeader("Digest","");
                xhrObj.setRequestHeader("Signature","");
                xhrObj.setRequestHeader("TPP-Signature-Certificate","");
                xhrObj.setRequestHeader("PSU-Accept","");
                xhrObj.setRequestHeader("PSU-Accept-Charset","");
                xhrObj.setRequestHeader("PSU-Accept-Encoding","");
                xhrObj.setRequestHeader("PSU-Accept-Language","");
                xhrObj.setRequestHeader("PSU-Device-ID","");
                xhrObj.setRequestHeader("PSU-Geo-Location","");
                xhrObj.setRequestHeader("PSU-IP-Address","");
                xhrObj.setRequestHeader("PSU-IP-Port","");
                xhrObj.setRequestHeader("PSU-User-Agent","");
                xhrObj.setRequestHeader("Ocp-Apim-Subscription-Key","{subscription key}");
            },
            type: "GET",
            // Request body
            data: "{body}",
        })
        .done(function(data) {
            alert("success");
        })
        .fail(function() {
            alert("error");
        });
    });
</script>
</body>
</html>
#import <Foundation/Foundation.h>

int main(int argc, const char * argv[])
{
    NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
    
    NSString* path = @"https://api-gateway.denizbank.at/PSD2/v1/consents/{consentId}";
    NSArray* array = @[
                         // Request parameters
                         @"entities=true",
                      ];
    
    NSString* string = [array componentsJoinedByString:@"&"];
    path = [path stringByAppendingFormat:@"?%@", string];

    NSLog(@"%@", path);

    NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
    [_request setHTTPMethod:@"GET"];
    // Request headers
    [_request setValue:@"" forHTTPHeaderField:@"X-Request-ID"];
    [_request setValue:@"" forHTTPHeaderField:@"Digest"];
    [_request setValue:@"" forHTTPHeaderField:@"Signature"];
    [_request setValue:@"" forHTTPHeaderField:@"TPP-Signature-Certificate"];
    [_request setValue:@"" forHTTPHeaderField:@"PSU-Accept"];
    [_request setValue:@"" forHTTPHeaderField:@"PSU-Accept-Charset"];
    [_request setValue:@"" forHTTPHeaderField:@"PSU-Accept-Encoding"];
    [_request setValue:@"" forHTTPHeaderField:@"PSU-Accept-Language"];
    [_request setValue:@"" forHTTPHeaderField:@"PSU-Device-ID"];
    [_request setValue:@"" forHTTPHeaderField:@"PSU-Geo-Location"];
    [_request setValue:@"" forHTTPHeaderField:@"PSU-IP-Address"];
    [_request setValue:@"" forHTTPHeaderField:@"PSU-IP-Port"];
    [_request setValue:@"" forHTTPHeaderField:@"PSU-User-Agent"];
    [_request setValue:@"{subscription key}" forHTTPHeaderField:@"Ocp-Apim-Subscription-Key"];
    // Request body
    [_request setHTTPBody:[@"{body}" dataUsingEncoding:NSUTF8StringEncoding]];
    
    NSURLResponse *response = nil;
    NSError *error = nil;
    NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];

    if (nil != error)
    {
        NSLog(@"Error: %@", error);
    }
    else
    {
        NSError* error = nil;
        NSMutableDictionary* json = nil;
        NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
        NSLog(@"%@", dataString);
        
        if (nil != _connectionData)
        {
            json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
        }
        
        if (error || !json)
        {
            NSLog(@"Could not parse loaded json with error:%@", error);
        }
        
        NSLog(@"%@", json);
        _connectionData = nil;
    }
    
    [pool drain];

    return 0;
}
<?php
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
require_once 'HTTP/Request2.php';

$request = new Http_Request2('https://api-gateway.denizbank.at/PSD2/v1/consents/{consentId}');
$url = $request->getUrl();

$headers = array(
    // Request headers
    'X-Request-ID' => '',
    'Digest' => '',
    'Signature' => '',
    'TPP-Signature-Certificate' => '',
    'PSU-Accept' => '',
    'PSU-Accept-Charset' => '',
    'PSU-Accept-Encoding' => '',
    'PSU-Accept-Language' => '',
    'PSU-Device-ID' => '',
    'PSU-Geo-Location' => '',
    'PSU-IP-Address' => '',
    'PSU-IP-Port' => '',
    'PSU-User-Agent' => '',
    'Ocp-Apim-Subscription-Key' => '{subscription key}',
);

$request->setHeader($headers);

$parameters = array(
    // Request parameters
);

$url->setQueryVariables($parameters);

$request->setMethod(HTTP_Request2::METHOD_GET);

// Request body
$request->setBody("{body}");

try
{
    $response = $request->send();
    echo $response->getBody();
}
catch (HttpException $ex)
{
    echo $ex;
}

?>
########### Python 2.7 #############
import httplib, urllib, base64

headers = {
    # Request headers
    'X-Request-ID': '',
    'Digest': '',
    'Signature': '',
    'TPP-Signature-Certificate': '',
    'PSU-Accept': '',
    'PSU-Accept-Charset': '',
    'PSU-Accept-Encoding': '',
    'PSU-Accept-Language': '',
    'PSU-Device-ID': '',
    'PSU-Geo-Location': '',
    'PSU-IP-Address': '',
    'PSU-IP-Port': '',
    'PSU-User-Agent': '',
    'Ocp-Apim-Subscription-Key': '{subscription key}',
}

params = urllib.urlencode({
})

try:
    conn = httplib.HTTPSConnection('api-gateway.denizbank.at')
    conn.request("GET", "/PSD2/v1/consents/{consentId}?%s" % params, "{body}", headers)
    response = conn.getresponse()
    data = response.read()
    print(data)
    conn.close()
except Exception as e:
    print("[Errno {0}] {1}".format(e.errno, e.strerror))

####################################

########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64

headers = {
    # Request headers
    'X-Request-ID': '',
    'Digest': '',
    'Signature': '',
    'TPP-Signature-Certificate': '',
    'PSU-Accept': '',
    'PSU-Accept-Charset': '',
    'PSU-Accept-Encoding': '',
    'PSU-Accept-Language': '',
    'PSU-Device-ID': '',
    'PSU-Geo-Location': '',
    'PSU-IP-Address': '',
    'PSU-IP-Port': '',
    'PSU-User-Agent': '',
    'Ocp-Apim-Subscription-Key': '{subscription key}',
}

params = urllib.parse.urlencode({
})

try:
    conn = http.client.HTTPSConnection('api-gateway.denizbank.at')
    conn.request("GET", "/PSD2/v1/consents/{consentId}?%s" % params, "{body}", headers)
    response = conn.getresponse()
    data = response.read()
    print(data)
    conn.close()
except Exception as e:
    print("[Errno {0}] {1}".format(e.errno, e.strerror))

####################################
require 'net/http'

uri = URI('https://api-gateway.denizbank.at/PSD2/v1/consents/{consentId}')


request = Net::HTTP::Get.new(uri.request_uri)
# Request headers
request['X-Request-ID'] = ''
# Request headers
request['Digest'] = ''
# Request headers
request['Signature'] = ''
# Request headers
request['TPP-Signature-Certificate'] = ''
# Request headers
request['PSU-Accept'] = ''
# Request headers
request['PSU-Accept-Charset'] = ''
# Request headers
request['PSU-Accept-Encoding'] = ''
# Request headers
request['PSU-Accept-Language'] = ''
# Request headers
request['PSU-Device-ID'] = ''
# Request headers
request['PSU-Geo-Location'] = ''
# Request headers
request['PSU-IP-Address'] = ''
# Request headers
request['PSU-IP-Port'] = ''
# Request headers
request['PSU-User-Agent'] = ''
# Request headers
request['Ocp-Apim-Subscription-Key'] = '{subscription key}'
# Request body
request.body = "{body}"

response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
    http.request(request)
end

puts response.body