Denmark

Denmark

Enable "on this page" menu on doc section
On

Czech Republic

Czech Republic

Here is the list of Czech banks that you can initiate payments or 

retrieve data from using our Open Banking products: 

 

Enable "on this page" menu on doc section
On

Croatia

Croatia

Here is the list of Croatian banks that you can initiate payments or 

retrieve data from using our Open Banking products: 

 

Enable "on this page" menu on doc section
On

Bulgaria

Bulgaria

Here is the list of Bulgarian banks that you can initiate payments or 

retrieve data from using our Open Banking products: 

 

 

Enable "on this page" menu on doc section
On

Belgium

Belgium

Here is the list of Belgian banks that you can initiate payments or 

retrieve data from using our Open Banking products: 

 

Enable "on this page" menu on doc section
On

Austria

Austria

Enable "on this page" menu on doc section
On

Supported Countries

Supported Countries

 

We support payments and account data in 20 countries, 

covering at least 80% of payment accounts in each.

 

We are continually expanding our reach and updating our list.  

If you're interested in a specific country or bank not listed,  

please reach out to us - we're here to help!

 

As a registered user, you can jump straight to the country pages and 

check out the list of banks from which you can initiate payments or

retrieve data using our Open Banking products.

 

Not signed up yet? Just register here!

Map Image
 
Enable "on this page" menu on doc section
On

REST API V2 - 2.28.0

REST API V2 - 2.28.0

Version 2.27.0 to 2.28.0

What's New

No API added.

What's Changed

POST /issuers/{issuerId}/cards/declare-counterfeit-card
Request body :
  • Deleted property reasonCode (string)
  • Deleted property responseCode (string)
GET /issuers/{issuerId}/accounts/external-accounts/{issuerAccountExternalReference}
Response:
  • Changed property data (object Account)
    • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/accounts/{accountReference}
Response:
  • Changed property data (object Account)
    • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/contracts/external-contracts/{issuerContractExternalReference}/accounts
Response:
  • Changed property data (array)
    • Changed items (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/contracts/{contractReference}/accounts
Response:
  • Changed property data (array)
    • Changed items (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/customers/external-customers/{issuerCustomerExternalReference}/accounts
Response:
  • Changed property data (array)
    • Changed items (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/customers/{customerReference}/accounts
Response:
  • Changed property data (array)
    • Changed items (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/accounts/external-accounts/{issuerAccountExternalReference}/contract
Response:
  • Changed property data (object Contract)
    • Changed property accounts (array)
      • Changed items (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/accounts/external-accounts/{issuerAccountExternalReference}/corporate-contract
Response:
  • Changed property data (object Contract)
    • Changed property accounts (array)
      • Changed items (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/accounts/{accountReference}/contract
Response:
  • Changed property data (object Contract)
    • Changed property accounts (array)
      • Changed items (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/accounts/{accountReference}/corporate-contract
Response:
  • Changed property data (object Contract)
    • Changed property accounts (array)
      • Changed items (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/card-contracts/external-card-contracts/{issuerCardContractExternalReference}/contract
Response:
  • Changed property data (object Contract)
    • Changed property accounts (array)
      • Changed items (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/card-contracts/{cardContractReference}/contract
Response:
  • Changed property data (object Contract)
    • Changed property accounts (array)
      • Changed items (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/corporate-contracts/{contractReference}/corporate-employee-accounts/{accountReference}
Response:
  • Changed property data (object CorporateEmployeeAccount)
    • Changed property account (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/corporate-contracts/{contractReference}/corporate-employee-accounts/external-accounts/{issuerAccountExternalReference}
Response:
  • Changed property data (object CorporateEmployeeAccount)
    • Changed property account (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/corporate-contracts/external-contracts/{issuerContractExternalReference}/corporate-employee-accounts/external-accounts/{issuerAccountExternalReference}
Response:
  • Changed property data (object CorporateEmployeeAccount)
    • Changed property account (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/corporate-contracts/external-contracts/{issuerContractExternalReference}/corporate-employee-accounts/{accountReference}
Response:
  • Changed property data (object CorporateEmployeeAccount)
    • Changed property account (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/contracts/external-contracts/{issuerContractExternalReference}
Response:
  • Changed property data (object Contract)
    • Changed property accounts (array)
      • Changed items (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/contracts/{contractReference}
Response:
  • Changed property data (object Contract)
    • Changed property accounts (array)
      • Changed items (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/card-contracts/external-card-contracts/{issuerCardContractExternalReference}/corporate-contract
Response:
  • Changed property data (object CorporateContract)
    • Changed property rootAccount (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
    • Changed property corporateContractEntities (array)
      • Changed items (object CorporateContractEntity)
        • Changed property account (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
    • Changed property corporateEmployeeAccounts (array)
      • Changed items (object CorporateEmployeeAccount)
        • Changed property account (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/card-contracts/{cardContractReference}/corporate-contract
Response:
  • Changed property data (object CorporateContract)
    • Changed property rootAccount (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
    • Changed property corporateContractEntities (array)
      • Changed items (object CorporateContractEntity)
        • Changed property account (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
    • Changed property corporateEmployeeAccounts (array)
      • Changed items (object CorporateEmployeeAccount)
        • Changed property account (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/corporate-contracts/{contractReference}
Response:
  • Changed property data (object CorporateContract)
    • Changed property rootAccount (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
    • Changed property corporateContractEntities (array)
      • Changed items (object CorporateContractEntity)
        • Changed property account (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
    • Changed property corporateEmployeeAccounts (array)
      • Changed items (object CorporateEmployeeAccount)
        • Changed property account (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/corporate-contracts/external-contracts/{issuerContractExternalReference}
Response:
  • Changed property data (object CorporateContract)
    • Changed property rootAccount (object Account)
      • Deleted property externalAuthorizationsRestrictions (array)
    • Changed property corporateContractEntities (array)
      • Changed items (object CorporateContractEntity)
        • Changed property account (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
    • Changed property corporateEmployeeAccounts (array)
      • Changed items (object CorporateEmployeeAccount)
        • Changed property account (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
POST /search-contracts
Response:
  • Changed property data (array)
    • Changed items (object Contract)
      • Changed property accounts (array)
        • Changed items (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
POST /issuers/{issuerId}/contracts/search
Response:
  • Changed property data (array)
    • Changed items (object Contract)
      • Changed property accounts (array)
        • Changed items (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/customers/external-customers/{issuerCustomerExternalReference}/contracts
Response:
  • Changed property data (array)
    • Changed items (object Contract)
      • Changed property accounts (array)
        • Changed items (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/customers/{customerReference}/contracts
Response:
  • Changed property data (array)
    • Changed items (object Contract)
      • Changed property accounts (array)
        • Changed items (object Account)
          • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/companies/{customerReference}/corporate-contracts
Response:
  • Changed property data (array)
    • Changed items (object CorporateContract)
      • Changed property rootAccount (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
      • Changed property corporateContractEntities (array)
        • Changed items (object CorporateContractEntity)
          • Changed property account (object Account)
            • Deleted property externalAuthorizationsRestrictions (array)
      • Changed property corporateEmployeeAccounts (array)
        • Changed items (object CorporateEmployeeAccount)
          • Changed property account (object Account)
            • Deleted property externalAuthorizationsRestrictions (array)
GET /issuers/{issuerId}/companies/external-customers/{issuerCustomerExternalReference}/corporate-contracts
Response:
  • Changed property data (array)
    • Changed items (object CorporateContract)
      • Changed property rootAccount (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
      • Changed property corporateContractEntities (array)
        • Changed items (object CorporateContractEntity)
          • Changed property account (object Account)
            • Deleted property externalAuthorizationsRestrictions (array)
      • Changed property corporateEmployeeAccounts (array)
        • Changed items (object CorporateEmployeeAccount)
          • Changed property account (object Account)
            • Deleted property externalAuthorizationsRestrictions (array)
POST /search-corporate-contracts
Response:
  • Changed property data (array)
    • Changed items (object CorporateContract)
      • Changed property rootAccount (object Account)
        • Deleted property externalAuthorizationsRestrictions (array)
      • Changed property corporateContractEntities (array)
        • Changed items (object CorporateContractEntity)
          • Changed property account (object Account)
            • Deleted property externalAuthorizationsRestrictions (array)
      • Changed property corporateEmployeeAccounts (array)
        • Changed items (object CorporateEmployeeAccount)
          • Changed property account (object Account)
            • Deleted property externalAuthorizationsRestrictions (array)
 

What's Deleted

No API deleted.

Enable "on this page" menu on doc section
On

Getting Started with FIDO Server by Worldline

Prerequisites​

You need to keep your client_id and secret_id that was sent to you by mail.

If you lost your secret_id, please contact us to generate a new one for you.

There is two types of credentials with different scope. The firsts credentials you received are for the administrative scope, to manage your relying parties servers. You have to use these firsts credentials to create a relying party via API, and in response you will received second credentials related to your relying party with "service" scope that will enable you to configure it and handle your users via API. 

These credentials are needed for all interactions with the Fido Server by Worldline.

You also need the audience to access generate bearer tokens.

OAuth2 Server URL  : https://access.fido.worldline-solutions.com

Audience : https://my-wafl-api-gateway-6glqflxv.ew.gateway.dev  - to update 

API access and authentication

The FIDO Server by Worldline (also called WAFL Server) API uses the OAuth Client Credentials Flow to authenticate API calls.


Request tokens

Example using curl
curl --request POST \
    --url 'https://access.fido.dev.worldline-solutions.com/oauth2/token' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --header 'Authorization: Basic Base64Encode(concat('client_id', ':', 'client_secret'))' \
    --data 'grant_type=client_credentials' \
    --data 'audience=https://my-wafl-api-gateway-206w9c7e.ew.gateway.dev'
Parameters
  • grant_type : set this to your "client_credentials"
  • audience : the audiance for the token (see the prerequisites)
Response

If all goes well, you'll receive an HTTP 200 response with a payload containing access_token, and expires_in values:

{
  "access_token": "eyJz93a...k4laUWw",
  "expires_in": 3600
}
Access token lifetime

The lifetime of a token is set to 3600 seconds

Use the Worldline FIDO Server APIs

Declare your relying party server

Once you received your credentials by mail with the "admin" scope, you can declare your relying party server with the admin/relying-parties API, where you give the name of your relying party, and get the credentials with the "service" scope that you can configure in your relying party server to use the FIDO authentication service.

You also have to declare the origins of your relying party application with the admin/relying-parties/{id}/origins API.

Enable your users to register

You can use our Browser SDK to facilitate the integration of FIDO protocol into your web application and use the browser APIs.

The registration is a two steps action as it contains an initiation step to generate the challenge that will be used by the authenticator for cryptographic operations.

In the initiation step your relying party gives information about the registration like the username, friendlyName and authenticator properties. The Worldline FIDO server respond with a challenge to give to the authenticator.

The attestationBlob, response of the authenticator, is passed through the finalization step so that the Fido server complete the registration.   

Enable your users to authenticate

The authentication is also a two steps action as it contains an initiation step to generate the challenge that will be used by the authenticator for cryptographic operations.

The initiation step is where your relying party informs the server for which user you want to do an authentication. The response contains the challenge on which the authenticator will have to make cryptographic operations.

The result of these operations is passed through the finalization step in the assertionBlob where the Fido Server will do the authentication. 

Manage your users

Once your users are registered, you can list their authenticators, update the friendlyName of an authenticator (for the user to better identify his authenticator) and delete them via the /users APIs.

Enable "on this page" menu on doc section
On