Documentation
Our APIs are developed according to the Berlin Group standard (NextGenPSD2 Framework).
Here you will find an overview of the documentation that we have available.
| Name documentation | Location | Version | Versiondate | Status |
|---|---|---|---|---|
| API PIS (PDF) | Website | v1.0 | 2019-04-04 | Final |
| API AIS (PDF) | Website | v1.1 | 2019-04-23 | Final |
| API AIS (PDF) | Website | v1.0 | 2019-01-21 | Final |
| Sandbox Manual (PDF) | Website | v1.0 | 2019-03-27 | Final |
| Sandbox Postmanfiles | Website | v1.0 | 2019-03-27 | Final |
In building its APIs, de Volksbank adheres to the standard of the Berlin Group as a guideline. The open standard authorisation protocol that de Volksbank supports is the OAuth2 protocol (SCA Approach = REDIRECT).
Our APIs are still under development. We presently have the following APIs live:
AIS APIs
We currently offer the following endpoints, in accordance with the Berlin Group (NextGenPSD2 XS2A Framework Implementation Guidelines, v1.3):
- Post Consents This concerns receiving the consent data of the customer. For this, the authorisation of the Payment Service User is obtained via the 'OAuth2 SCA Approach'. After your application is made through the 'SCA approach’, the authorisation code can be exchanged for access tokens. With the access tokens, the following 3 “Get Account endpoints” can be requested for a specific customer approval:
- Get Accounts
- Get Balances
- Get Transactions
PIS API
With the following APIs, in accordance with the Berlin Group standard (NextGenPSD2 XS2A Framework Implementation Guideline v1.3), you can request a single ‘SEPA Credit Transfer (SCT) for initiating and executing:
- Payment initiation request;
- Authorization request;
- Access token request: access token and refresh token based on an authorization code;
- New access token request: new access and refresh tokens based on a refresh token;
- Payment execution request for deferred and recurring payments.
After your initiation request, you first need to obtain the authorisation of the Payment Service User via the OAuth2 SCA Approach. The customer must authorise the initiation of a single SEPA Credit Transfer under one of the following 3 'payment types': One Time Direct, Planned (Deferred payment) or Recurring. With this authorisation the customer also gives the bank permission to execute the SCT as soon as the bank has received the payment order. With all these payment types, the initiative to initiate a payment order lies with your organisation. So, the scheduling of a payment order or payment orders does not take place at de Volksbank's brands.
With a Recurring payment, the amount and the beneficiary of each SCT assignment submitted must always be the same. After the customer has given authorisation, your application receives an authorisation code, the application must exchange this with us for an access token. With the access token your application can send an SCT order to the bank.
Sandbox APIs
On our Developer Portal we offer three Sandbox APIs:
- Sandbox SNS Bank Consent
This is a copy of our production API SNS Bank Consent. - Sandbox SNS Bank Account Information Services
This is a copy of our production API SNS Bank Account Information Services. - Sandbox SNS Bank Payment
This is copy of our production API SNS Bank Payment Initiation Services.
To give you a kick-start, we provided a Sandbox User Manual and a zip file that contains a Postman collection. This can be helpfull by replacing the variable values with valid content.
Roadmap
De Volksbank will continue to build on its APIs in 2019. For example, in the coming period we will have the following on our backlog:
| May 2019 | Optimized error messages and GET PIS status request in accordance with the Berlin Group NextGenPSD2 Implementation Guideline v.1.3. |
