Skip to content
API Reference
/
/
Update basket authorisati...

Aritma Banking API (1.0.0)

API versioning

Over time there will be introduced changes to the API as we continuously introduce improvements. You have the option to use a specific version or the most recent version, supported versions are available in the response header api-supported-versions.

Use a specific version of the API by specifying the api-version header, for example api-version: 1.0. If you don't specify the header, the latest version will be used. If a version has been scheduled to be removed, it will be reported through the api-deprecated-versions header, for example api-deprecated-versions: 1.0, 1.1.

Idempotency

The API supports idempotency for safely retrying POST requests without accidentally performing the operation twice. To perform an idempotent request, specify the Idempotency-Key: UUID header with a value on UUID format, example: Idempotency-Key: 5bfa15da-0969-46a3-820d-be0ec7a16c24.

The idempotency works by storing the status code and body of the first response made for the idempotency key for a short timespan, regardless of whether if succeeds or fails. Subsequent request with the same key returns the response of the previous response. The presence of response header Idempotent-Replayed: true indicates that a previous response has been returned. Note that the replayed responses for created resources would change from status 201 to 200 ok, indicating that no resource was created.

Download OpenAPI description
banking-openapi.json
banking-openapi.yaml
Languages
Servers
Mock server
https://developer.aritma.com/_mock/apis/banking/v4/openapi/banking-openapi
https://banking.zdata.io/api

Accounts

Read account information. Provides access to account lists, account details, balances and transaction information.

Operations

Banks

Access information about the available banks.

Operations

Consents

Obtaining a consent is the first thing you need to do in order to access bank information.

Start by sending a request to the create consent endpoint which will return a link you can redirect the user to. When the user visits the link, we will gather the necessary information needed to obtain a consent linked to the chosen bank.

When a consent has been obtained you can use it to access data through the available endpoints, keep in mind that a consent can potentially be withdrawn by the user at any point.

Operations

Payments

Operations

SigningBaskets

A signing basket groups multiple payments for authorisation with a single SCA operation. The basket can contain both bulk payments and individual payment lines, each with different authorisation requirements. Payments are exported to bank as soon as their authorisation requirements are fulfilled, even if other payments in the basket are still pending.

Operations

Get signing basket

Request

Security
Api access(Required scopes:
services.banking
api
)
Path
basketIdstringrequired

Resource identifier of the signing basket.

Example: 4f0d36c610d44e60af3c244259aa7779
Headers
PSU-IP-Addressstring

IP Address of the PSU.

api-versionstring
No request payload

Responses

OK

Bodyapplication/json
transactionStatusstring(BasketTransactionStatus)
Enum ValueDescription
acsp

AcceptedSettlementInProcess - All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution.

actc

AcceptedTechnicalValidation - Authentication and syntactical and semantical validation are successful.

acwc

AcceptedWithChange - Instruction is accepted but a change will be made, such as date or remittance not sent.

rcvd

Received - Payment initiation has been received by the receiving agent.

rjct

Rejected - Payment initiation or individual transaction included in the payment initiation has been rejected.

basketIdstring

Resource identifier of the signing basket.

Example: "4f0d36c610d44e60af3c244259aa7779"
paymentIdsArray of strings

Resource identifiers of the payments included in the signing basket.

Example: ["p1pbb64b18233714bf38204314e3faa03bc"]
consentIdsArray of strings

Resource identifiers of the consents included in the signing basket.

Example: ["1E5EFC3B-635E-4973-A605-41D7F0D6D7B3"]
_linksobject(PaymentInitiationLinks)

Links related to a payment initiation, including authorisation links.

Response
application/json
{
  "transactionStatus": "acsp",
  "basketId": "4f0d36c610d44e60af3c244259aa7779",
  "paymentIds": [
    "p1pbb64b18233714bf38204314e3faa03bc"
  ],
  "consentIds": [
    "1E5EFC3B-635E-4973-A605-41D7F0D6D7B3"
  ],
  "_links": {
    "self": {},
    "status": {},
    "startAuthorization": {},
    "scaRedirect": {}
  }
}

Cancel signing basket

Request

Security
Api access(Required scopes:
services.banking
api
)
Path
basketIdstringrequired

Resource identifier of the signing basket to cancel.

Example: 4f0d36c610d44e60af3c244259aa7779
Headers
PSU-IP-Addressstring

IP Address of the PSU.

api-versionstring
No request payload

Responses

Accepted

Response
No content

Get signing basket status

Request

Security
Api access(Required scopes:
services.banking
api
)
Path
basketIdstringrequired

Resource identifier of the signing basket.

Example: 4f0d36c610d44e60af3c244259aa7779
Headers
PSU-IP-Addressstring

IP Address of the PSU.

api-versionstring
No request payload

Responses

OK

Bodyapplication/json
transactionStatusstring(BasketTransactionStatus)
Enum ValueDescription
acsp

AcceptedSettlementInProcess - All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution.

actc

AcceptedTechnicalValidation - Authentication and syntactical and semantical validation are successful.

acwc

AcceptedWithChange - Instruction is accepted but a change will be made, such as date or remittance not sent.

rcvd

Received - Payment initiation has been received by the receiving agent.

rjct

Rejected - Payment initiation or individual transaction included in the payment initiation has been rejected.

Response
application/json
{
  "transactionStatus": "acsp"
}

Start basket authorisation

Request

The PSU will be redirected to complete SCA for all payments in the basket.

Security
Api access(Required scopes:
services.banking
api
)
Path
basketIdstringrequired

Resource identifier of the signing basket.

Example: 4f0d36c610d44e60af3c244259aa7779
Headers
TPP-Redirect-URIstring(uri)

The URI to redirect the PSU to after authorisation.

PSU-IP-Addressstring

IP Address of the PSU.

api-versionstring
Bodyapplication/json

Authentication method selection.

authenticationMethodIdnull or string

Identification used for later authentication method selection.

authenticationMethodAcrValuesnull or string

Acr values used for later authentication method selection.

application/json
{
  "authenticationMethodId": null,
  "authenticationMethodAcrValues": null
}

Responses

Created

Bodyapplication/json
scaStatusstring

Status of the SCA.

Example:

  • received
  • psuIdentified
  • psuAuthenticated
  • scaMethodSelected
  • unconfirmed
  • started
  • finalised
  • failed
  • exempted
Example: "started"
authorizationIdstring

Resource identification of the related SCA.

Example: "auth9000"
_linksobject(PaymentAuthorizationLinks)
Response
application/json
{
  "scaStatus": "started",
  "authorizationId": "auth9000",
  "_links": {
    "scaRedirect": {},
    "scaOauth": {},
    "confirmation": {},
    "self": {}
  }
}

Update basket authorisation

Request

Called after the PSU has completed the redirect SCA flow.

Security
User access(Required scopes:
services.banking
)
Path
basketIdstringrequired

Resource identifier of the signing basket.

Example: 4f0d36c610d44e60af3c244259aa7779
authorizationIdstringrequired

Resource identifier of the authorisation sub-resource.

Example: auth9000
Headers
PSU-IP-Addressstring

IP Address of the PSU.

api-versionstring
No request payload

Responses

OK

Bodyapplication/json
scaStatusstring

Status of the SCA.

Example:

  • received
  • psuIdentified
  • psuAuthenticated
  • scaMethodSelected
  • unconfirmed
  • started
  • finalised
  • failed
  • exempted
Example: "started"
authorizationIdstring

Resource identification of the related SCA.

Example: "auth9000"
_linksobject(PaymentAuthorizationLinks)
Response
application/json
{
  "scaStatus": "started",
  "authorizationId": "auth9000",
  "_links": {
    "scaRedirect": {},
    "scaOauth": {},
    "confirmation": {},
    "self": {}
  }
}

Create signing basket

Request

The basket can contain bulk payments and individual payment lines with different authorisation requirements. Payments are exported as soon as their requirements are fulfilled.

Security
Api access(Required scopes:
services.banking
api
)
Headers
TPP-Redirect-URIstring(uri)

The URI to redirect the PSU to after authorisation.

PSU-IP-Addressstring

IP Address of the PSU.

Consent-IDstring

The consent id. Should be set unless a specific Subscription-Id is used.

Channel-Typestring(BankingChannel)

The banking channel.

Enum"unspecified""openBanking""psd2"
Example: unspecified
Subscription-Idstring^[A-Za-z0-9_-]+$

Id of the subscription to use. Only supported for Channel-Type openBanking.

Resource-Group-Namestring^[A-Za-z0-9_-]+$

Name of the resource group to use in the specified subscription. Only supported for Channel-Type openBanking

ScopesArray of strings

Resource scopes to use, mutually exclusive with subscriptionId.

  • /: Use all resources available.
  • /subscriptions/7fdf00601dfb: Use all resources in subscription 7fdf00601dfb.
  • /subscriptions/7fdf00601dfb/resource-groups/my-company: Use all resources within subscription 7fdf00601dfb and resource-group my-company.
Example: /subscriptions/7fdf00601dfb/resource-groups/my-company
api-versionstring
Bodyapplication/json

The signing basket containing the payment identifiers to group.

paymentIdsArray of stringsnon-emptyrequired

Resource identifiers of the payments to include in the signing basket.

Example: ["p1pbb64b18233714bf38204314e3faa03bc"]
application/json
{
  "paymentIds": [
    "p1pbb64b18233714bf38204314e3faa03bc"
  ]
}

Responses

Created

Bodyapplication/json
transactionStatusstring(BasketTransactionStatus)
Enum ValueDescription
acsp

AcceptedSettlementInProcess - All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution.

actc

AcceptedTechnicalValidation - Authentication and syntactical and semantical validation are successful.

acwc

AcceptedWithChange - Instruction is accepted but a change will be made, such as date or remittance not sent.

rcvd

Received - Payment initiation has been received by the receiving agent.

rjct

Rejected - Payment initiation or individual transaction included in the payment initiation has been rejected.

basketIdstring

Resource identifier of the signing basket.

Example: "4f0d36c610d44e60af3c244259aa7779"
paymentIdsArray of strings

Resource identifiers of the payments included in the signing basket.

Example: ["p1pbb64b18233714bf38204314e3faa03bc"]
consentIdsArray of strings

Resource identifiers of the consents included in the signing basket.

Example: ["1E5EFC3B-635E-4973-A605-41D7F0D6D7B3"]
_linksobject(PaymentInitiationLinks)

Links related to a payment initiation, including authorisation links.

Response
application/json
{
  "transactionStatus": "acsp",
  "basketId": "4f0d36c610d44e60af3c244259aa7779",
  "paymentIds": [
    "p1pbb64b18233714bf38204314e3faa03bc"
  ],
  "consentIds": [
    "1E5EFC3B-635E-4973-A605-41D7F0D6D7B3"
  ],
  "_links": {
    "self": {},
    "status": {},
    "startAuthorization": {},
    "scaRedirect": {}
  }
}