Download Transactions

If the banks supports paginated response but the number of transactions is considered too high or if the bank provides the response in CAMT format, it might be possible that the GET transactions response contains a download link only.

Using the link you can download the list of transactions in JSON format. If the bank provides the transactions in a non-JSON format, the transactions are converted to JSON by Worldline.

Processing flow for this scenario is similar to described in “Redirect flow with Date filter only” section with addition of GET /download/transactions API.

Account holder's (PSU) consent is needed to access their bank accounts details. In the Redirect Authorisation approach, the browser session of the account holder is redirected from your software / Worldline Bank Selection Interface to mock bank. In that case the mock bank provides all the pages required for authentication (usually username, password). After that the account holder is redirected to Worldline Open Banking Service and from there back to your software.

Take the following steps to complete this scenario.

Step - 1 : Get the list of connected banks

  • Call Reach API (GET /aspsp) to obtain a list of supported banks. 
  • Check API response of a record with ASPSP ID = "20102" and Name = "Account information redirect + Download transactions".
  • Details and Options section provide a list of API endpoints  and mandatory fields that need to be used for successful account data request towards the mock bank using redirect mode of authorisation .
  • Remark: Details of reach information provided in the sandbox environment are limited and for informational purpose to give you an idea about how reach information looks like. 

Step - 2 : Initiate consent

  • Call the POST /consents API to obtain account holder's consent. 
  • In response of POST /consents, you will receive consent ID, a redirect link to authorise the consent and a link to call GET /consent/status API to get the status of the consent.
  • You will can choose various combination of permissions to access account data:      
    • "Accounts" - Only list of accounts can be retrieved. Balances and transaction details cannot be requested.
    • "Accounts", "Balances" - You can only request accounts and balances details for requested accounts.
    • "Accounts", "Transactions" - You can request list of accounts and transaction details for requested accounts.
    • "Accounts", "Balances", "Transactions" -You can request list of accounts, balances and transaction details for requested accounts. 
    • If there's no permissions provided in request, by default "Accounts", "Balances", "Transactions" permission will be used.
  • If "OwnerName" indicator set to "true" in consents request, you can receive actual owner name (if supported and provided by the mock bank) in the response of GET /accounts API.
  • "TransactionFromDateTime" and "TransactionToDateTime" can be provided in POST /consents request, so that you could access a list of transactions within a specific time period only.
  • Currently below fields are being ignored in POST /consents request in the sandbox environment but supported in live environment:
    • ValidUntilDate,
    • FrequencyPerDay,
    • RecurringIndicatior,
    • CombinedServiceIndicator,
    • PreferredScaMethod
  • If GET /consents/status endpoint has been called before user provides their approval, you will receive consent status = "Open" from the mock bank in response.

Step - 3 : Authorise or reject the consent

  • With the redirect link received in response of POST /consents, the account holder is redirected to the login page of mock bank. 
  • On this login page, the account holder can provide dummy (any) credential details as the log in page is for example purpose only.
  • Once the account holder provides their dummy credentials, they are redirected to a page with "Approve" & "Deny" buttons to authorise or reject the data access.
  • Once the account holder clicks on Approve or Deny button, the consent is created with an appropriate status and the account holder is redirected back to your software.
  • Remark : Mock bank pages were created for the testing purpose only. The actual implementation depends on bank's PSD2 implementation.

Step - 4 : Get consent status

  • Call the GET /consents/status API to get the latest consent status from the mock bank.
  • If consent is authorised by the account holder, you will receive consent status = "Authorised".
  • If consent is denied by the account holder, you will receive consent status = "Rejected" as a final consent status.

Step - 5 : Get list of accounts

  • Once the consent is authorised by the customer (PSU), call the GET /accounts API to obtain list of accounts.

Step - 6 : Get transaction details

  • Call the GET /transactions API to retrieve transactions details of respective account. 
  • In response, you will receive GET /download/transactions API link.

Step - 7 : Download transactions

  • Call the GET /download/transactions API link  and  receive the list of transactions in JSON format.

Sequence Diagram

AIS Download Transactions
Enable "on this page" menu on doc section
On