Documentation
Our APIs are developed according to the Berlin Group standard (NextGenPSD2 Framework).
Here you will find an overview of the documentation that we have available.
| Name documentation | Location | Version | Versiondate | Status |
|---|---|---|---|---|
| API PIS (PDF) | Website | v1.3 | 2019-09-12 | Final* |
| API PIS (PDF) | Website | v1.2 | 2019-08-02 | Expired |
| API AIS (PDF) | Website | v1.4 | 2019-09-12 | Final* |
| API AIS (PDF) | Website | v1.3 | 2019-08-02 | Expired |
| API CAF (PDF) | Website | v1.0 | 2019-09-12 | Final |
| Sandbox Manual (PDF) | Website | v5.0 | 2019-08-02 | Final |
| Sandbox Manual (PDF) | Website | v1.1 | 2019-07-05 | Expired |
| Sandbox Postmanfiles | Website | v5.0 | 2019-08-02 | Final |
| Sandbox Postmanfiles | Website | v1.1 | 2019-07-05 | Expired |
* PIS/AIS: change log included in Final version.
In building its APIs, de Volksbank adheres to the standard of the Berlin Group as a guideline. The open standard authorisation protocol that de Volksbank supports is the OAuth2 protocol (SCA Approach = REDIRECT).
We presently have the following APIs live:
AIS APIs
We currently offer the following endpoints, in accordance with the Berlin Group (NextGenPSD2 XS2A Framework Implementation Guidelines, v1.3):
- Post Consents This concerns receiving the consent data of the customer. For this, the authorisation of the Payment Service User is obtained via the 'OAuth2 SCA Approach'. After your application has made it through the 'SCA approach’, the authorisation code can be exchanged for access tokens. With the access tokens, the following three “Get Account endpoints” can be requested for a specific customer approval:
- Get Accounts
- Get Balances
- Get Transactions
After the consent is initiated to us and authorized by the PSU (refer to Post Consents) you can do the following consent related API calls to us:
• Get Consent Status With this endpoint you can request information about the status of a consent.
• Manage Consent Services With this API you can request for the details of a given consent (endpoint Get Consent) or to delete a consent given by the PSU (endpoint Delete Consent).
PIS APIs
With the following APIs, in accordance with the Berlin Group standard (NextGenPSD2 XS2A Framework Implementation Guideline v1.3), you can request a single SEPA Credit Transfer (SCT) for initiating and executing:
- Payment initiation request;
- Authorization request;
- Access token request: access token and refresh token based on an authorization code;
- New access token request: new access and refresh tokens based on a refresh token;
- Payment execution request for deferred and recurring payments;
- Payment status services for one time direct, deferred and recurring payments.
After your payment initiation request, you first need to obtain the authorization of the Payment Service User via the OAuth2 SCA Approach. The customer must authorize the initiation of a single SEPA Credit Transfer under one of the following three 'payment types': One Time Direct, Planned (Deferred payment) or Recurring. With this authorization the customer also gives the bank permission to execute the SCT as soon as the bank has received the payment order from you. For all these payment types, the initiative to execute a payment order lies with your organization. So, the scheduling of a to be executed payment order or payment orders does not take place at de Volksbank's brands.
Please note with a Recurring payment, the amount and the beneficiary of each SCT assignment submitted must always be the same. After the customer has given authorization, your application receives an authorization code. The application must exchange this with us for an access token. With this access token your application can send a payment execution request for a deferred or recurring payment or do a payment status request to us. With the payment status request you can retrieve the most recent status of the initiated single payment order.
CAF APIs
We offer the following endpoints, in accordance with the Berlin Group (NextGenPSD2 XS2A Framework Implementation Guidelines, v1.3):
- Funds confirmation consent request;
- Authorization request;
- Access token request: access token and refresh token based on an authorization code;
- New access token request: new access and refresh tokens based on a refresh token;
- Funds confirmation.
Sandbox APIs
On our Developer Portal we offer nine Sandbox APIs:
- Sandbox SNS Bank Consent Services
This is a copy of our production API SNS Bank Consent Services. - Sandbox SNS Bank Consent Status Services
This is a copy of our production API SNS Bank Consent Status Services. - Sandbox SNS Bank Manage Consent Services
This is a copy of our production API SNS Bank Manage Consent Services. - Sandbox SNS Bank Account Information Services
This is a copy of our production API SNS Bank Account Information Services. - Sandbox SNS Bank Payment Initiation Services.
This is a copy of our production API SNS Bank Payment Initiation Services. - Sandbox SNS Bank Payment Execution Services
This is a copy of our production API SNS Bank Payment Execution Services. - Sandbox SNS Bank Payment Status Services
This is a copy of our production API SNS Bank Payment Status Services. - Sandbox Funds Confirmation Consent Services
This is a copy of our production API SNS Bank Funds Confirmation Consent Services. - Sandbox Funds Confirmation Services
This is a copy of our production API SNS Bank Funds Confirmation Services.
To give you a kick-start, we provided a Sandbox User Manual and a zip file that contains a Postman collection. This can be helpfull by replacing the variable values with valid content.
Roadmap
De Volksbank will continue to build on its APIs in 2019. For example, in the coming period we will have the following on our backlog:
| October 2019 | Endpoints Agended and Periodic Payments (including Cancelation), with scheduling on side of de Volksbank, will be implemented. |
