The authorization of payments depends greatly on the approach chosen by the ASPSP. In the standard Redirect Approach with implicit start of authorization, no further endpoint needs to be called by the Initiating Party. There is a redirection of the PSU’s browser to the ASPSP, which will handle all steps for authorization without involving the Initiating Party.
However, the ASPSP might require an explicit start of authorization for the Redirect Approach as well. In that case, the endpoint POST Authorizations must be used. In the Decoupled Approach, the authorization must also be started explicitly; usually, for that, the identification of the PSU is required. Therefore, the POST Identification endpoint must be called.
For the Embedded Approach, data has to be added to the authorization by multiple requests to the PUT Authorization endpoint.
These endpoints are defined for Scheduled Payments, Periodic Payments and Bulk Payments separately, but the endpoint definition differs only in the path of the endpoint. All other parameters are identical
POST Payment Identification
Endpoint: POST /payments/{paymentId}/identification
Endpoint: POST /periodic-payments/{paymentId}/identification
Endpoint: POST /scheduled-payments/{paymentId}/identification
Endpoint: POST /bulk-payments/{paymentId}/identification
This API is used to start an authorization process explicitly in the Decoupled Approach, where the PSU identification isn’t given in the POST payment already.
Data model
| Request | Response |
 |  |
POST Authorisations
Endpoint: POST /payments/{paymentId}/authorisations
Endpoint: POST /periodic-payments/{paymentId}/authorisations
Endpoint: POST /scheduled-payments/{paymentId}/authorisations
Endpoint: POST /bulk-payments/{paymentId}/authorisations
This endpoint is used to explicitly start an authorization process, which is required by some ASPSPs. It is also used in Multi-Authorization scenarios (supported as an extended service) and in the Embedded Approach.
In the Multi-Authorization scenario, this endpoint will have to be used for each individual authorization, since the ASPSP requires an explicit start of authorization for each of the individual authorizations to be carried out by multiple PSUs for the same payment.
Data model
| Request | Response (click to enlarge) |
 |  |
PUT Authorisations
Endpoint: PUT /payments/{paymentId}/authorisations/{authorisationId}
Endpoint: PUT /periodic-payments/{paymentId}/authorisations/{authorisationId}
Endpoint: PUT /scheduled-payments/{paymentId}/authorisations/{authorisationId}
Endpoint: PUT /bulk-payments/{paymentId}/authorisations/{authorisationId}
This endpoint is used in the Embedded Approach to provide the required information according to the necessary steps driven by the ASPSP due to the Links section.
Data model
| Request | Response (click to enlarge) |
 |  |