The NextGenPSD2 Framework Version 1.3 offers a modern, open, harmonised and interoperable set of Application Programming Interfaces (APIs) as the safest and most efficient way to provide data securely. The NextGenPSD2 Framework reduces XS2A complexity and costs, addresses the problem of multiple competing standards in Europe and, aligned with the goals of the Euro Retail Payments Board, enables European banking customers to benefit from innovative products and services ('Banking as a Service') by granting TPPs safe and secure (authenticated and authorised) access to their bank accounts and financial data.

Berlin Group is proposing three different models to provide PSU credentials to the API out of which the Redirect Flow is by far the most flexible and provides support for any type of strong customer authentication method already used by the ASPSP. All APIs provide support for the Redirect Flow.

Not every message defined in this API definition is necessary for all approaches. Furthermore this API definition does not differ between methods which are mandatory, conditional, or optional Therefore for a particular implementation of a Berlin Group PSD2 compliant API it is only necessary to support a certain subset of the methods defined in this API definition.

  

Some General Remarks Related to this version of the Open API Specification:
 

This API definition is based on the Implementation Guidelines of the Berlin Group PSD2 API.

This API definition contains the REST-API for requests from the TPP to the ASPSP.

According to the OpenAPI-Specification [https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.1.md]

"If in is "header" and the name field is "Accept", "Content-Type" or "Authorization", the parameter definition SHALL be ignored."

The element "Accept" will not be defined in this file at any place.

The elements "Content-Type" and "Authorization" are implicitly defined by the OpenApi tags "content" and "security".

   

Download Open API Document

Type

REST

Endpoints

Production, Development:
Production, Development:

https://sandbox.xs2a.ca-indosuez.lu/ca-indosuez/lu/bg
https://api.xs2a.ca-indosuez.lu/ca-indosuez/lu/bg

Security

clientID
X-Client-Id

clientSecret
X-Client-Secret

(Type: Client ID)
apiKey located in header

(Type: Client secret)
apiKey located in header

Retour en haut