PIS API specific documentation Sweden, Denmark and Norway
Changes from the previous version
This is the change log of the PIS API (domestic), allowing PSD2-regulated TPPs to initiate payments on behalf of the PSU, in this case the Nordea Business customer. The top most item is the latest change and the API changes described in it are relative to the version directly below. The current version of the API is 4.18.
Version 4.18
New status reason has been added: “RequiresSinglePaymentSigning” in the payments model for Sweden. Section Payment status description has been updated.
Version 4.17
New ENUM value has been added to the parameter “payment_status_reason” in the payments model. Section Payment status description has been updated.
Version 4.16
- Description of creditor name has been updated in Swaggers
Version 4.15
- Support for decoupled signing in Norway using Nordea ID app added.
- Support for the Confirmation of availability of funds has been added. Please refer to the Confirmation of availability of funds section.
- DKK instant/express payments flow is enhanced with additional validations
- Creditor message up to 140 characters length
- Creditor name is mandatory
- Amount limit for express payment
Version 4.14
PIS API Scenarios section updated.
Version 4.13
Support for the header parameter “X-Response-Scenarios” has been added to Sandbox. Please refer to the Mock signing page (Sandbox only).
Version 4.12
The parameter “auto_start_token” has been removed from the payment details.
Version 4.11
- Changes in decoupled payment signing in SE is described in the section “Decoupled signing - Sweden”
Version 4.10
- Support for recurring payments in NO has been added. Please refer to Recurring Payments section for more details.
- Payment model is enhanced with additional attribute “payment_status_reason”.
Version 4.9
Support for decoupled signing in Denmark using Nordea ID app added.
Version 4.8
Support for decoupled signing in SE for production API has been added.
Version 4.7
Support for second channel confirmation via SMS in Norway has been added. Please refer to Payments authorization flow and Payment status description.
Version 4.6
Support for 4 eyes confirmation rule in NO has been added. Please refer to Payments authorization flow.
Version 4.5
Support for recurring payments in DK has been added. Please refer to Recurring Payments section for more details
Version 4.4
Added decoupled payment signing flow for Swedish customers. This will provide an additional way of signing payments, in addition to the existing flow which requires TPPs to redirect customers to signing URL. In the newly added decoupled flow, the TPP will receive an auto_start_token form Nordea. TPP can use that to generate a QR code or open the Bank ID application on the customer’s smart-phone to enable them to sign payments. If the customer does not have or can not use a smart-phone then they can still be re-directed to the signing URL.
- In order to initiate the decouple signing flow, the consumer (TPP rather) needs to add “authentication_method”:“BANKID_SE” into the payments/confirm request body. In this case the response will hold a Nordea Bank signing URL and an auto_start_token.
- The auto_start_token can be used by TPP to generate a QR code or launch the BANKID mobile app https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/programstart, or generate a QR code https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/qrkoder to be used with the BANKID app.
- The signing url is to be used in case if it is not possible to use the decouple signing flow.
- Important: Decoupled signing flow for Swedish customers is valid only in Sandbox.
Version 4.3
Clarification that IBAN is not a valid account type for creditor account in domestic payments by Swedish, Norwegian and Danish business customers. See sections Nordea payment type field combinations and API Reference
Version 4.2
Initiate payment now allows for future dated payments by supplying a date as ‘requested_execution_date’ (optional, default is “today”). See swagger definition for limits. Urgency ‘Express’ should not be used with future dated payments. Confirmed payments in sandbox will remain in status ‘Confirmed’ until the requested execution date, but as sandbox is a session based, in-memory data base, this needs to be tested close to midnight.
New endpoints to support DELETE for removal of payments (designed for removal of recurring payments as well, but this function is still to come). Interfaces also work for future dated payments. The request have been defined to support deletion of a single payment, or a list of payments and the services return a list of paymentIds that where deleted and/or tpp_messages for those that were not.
/v4/payments/domestic/(DELETE - multiple, details supplied in body request)/v4/payments/domestic/<paymentId>(DELETE - single, details supplied in url)
Note: You can delete a single payment in both services at your own choice.
Version 4.1
For section Nordea payment type field combinations for Norway for both Domestic Account Transfer and KID Payments only BBAN NO debtor account type available at this stage.
KID payment will not be available in the first production release.
Swagger definition changes:
For Norway (NO) confirm multiple previously initiated payments - Success responses (200) and Error responses (400) updated for confirmation - order.
Version 4.0
Additional section related to Payment authorization flow related to 4 eyes principle added and described.
Sweden Currency pockets enable to hold several currency accounts under one account identifier. This indicates that specifying currency enables to use a corresponding pocket for payment purposes.
New field added end_to_end_identification which is specific parameter for business scope.
Although this is the first version of Nordea Business specific APIs, we have decided to use ‘v4’ to make it clear that the endpoints align closely to the ‘v4’ endpoints for personal customers in terms of interface definition and behaviour.
Overview
Payment Initiation Services (PIS) API consists of six endpoints for Sweden, Denmark and Norway domestic payments and six endpoints for Finland SEPA payments. The PIS API can be used to initiate payments, query payment details and status, confirm payments and delete payments. This API supports GET, POST, DELETE and PUT HTTP methods.
API endpoints
The PIS API contains the following endpoints for Sweden, Denmark and Norway:
| Endpoint | Supported HTTP Methods |
|---|---|
/payments/domestic | GET, POST, DELETE |
/payments/domestic/{paymentId} | GET, DELETE |
/payments/domestic/{paymentId}/confirm | PUT |
/payments/domestic/confirm | PUT |
The business/v4/payments/domestic endpoint have three uses, it can be used to initiate a payment, to get a list of unexecuted payments and to delete a list of selected payments. It supports GET, POST and DELETE methods. if POST method is used with a body it will initiate a new payment. The request body must contain payment details. If GET method is used it will return a list of pending payments. If DELETE method is used with a body specifying the payments to be deleted, it will delete all the selected payments. The return HTTP Codes are: 201 - successfully initiated payment, 200 - OK and a list of initiated payments and 200 - OK and a list of deleted payments. The response contains the payment details which include, for example, payment amount and creditor details among other things.
Here is a part of the JSON payload format which can be posted to this endpoint, “_type” is an internal defined representation of the account type.
{
…
"creditor": {
"account": {
"_type": "BBAN_SE",
"currency": "SEK",
"value": "13370233835"
}
…
}
After the payment is initiated by POST request to this endpoint, it will be available by doing GET request to this endpoint which returns a list of pending payments basing on agreement account specifics.
The business/v4/payments/domestic/{paymentId} endpoint can be used to query payment details by payment id, and it supports GET and DELETE HTTP methods. The payment id is returned when payment is initiated successfully, and it can be found from the response JSON by the name _id. Moreover, the payment status can be seen in the response by the name payment_status. The payment id is returned when the payment is successfully deleted and you can no longer query for the payment id. Full response examples of the endpoints can be seen on examples section below.
The business/v4/payments/domestic/confirm endpoint can be used to confirm payment or bulk confirmation of payments after the payment is initiated by issuing successful POST request to the /payments/domestic endpoint. This endpoint returns HTTP Code 200 on success. If the payment is already confirmed or otherwise in such a state that it can not be confirmed, the endpoint returns code 40. This endpoint supports only PUT HTTP method. Please be aware that processing multiple payments could subsequently result in multiple errors. Also note that if 4 payment_id’s are sent, and two of them return errors, the subsequent signing process will only include the two payments with no errors.
Note: Bulk confirmation of payments has not been finalized and behaviour in production may differ from Sandbox
In Sandbox: Note that the `payment_status` of a confirmed payment will be automatically updated after some time from Pending to Confirmed to Paid. To confirm the payment, calling the '/confirm' endpoint is sufficient for the decoupled countries (Sweden and Finland), whereas the additional countries (Denmark and Norway) requires activation of the signing url, but the flow is mocked for sandbox.
Payments authorization flow
Note that this is applicable only for Sweden, Denmark and Norway and is not available in sandbox APIs. It is described in the documentation as to be available in the production APIs.
Payment authorization flow is related to 4 eyes principle enabling customers to demand payment being authorized by more than one user. Should further authorization be required to be specified in the Netbank within the user permission specifics. Nordea’s Open Banking service will verify the payment instruction, return a payment identifier (payment _id) to the client and automatically initiate authentication of the payment service user making the request.
If only one user is required to authorize the payment then once the user’s authentication has been successfully completed the payment instruction will be passed for processing to Nordea’s payment engine and executed according to the payment scheme rules.
If the payment needs to follow additional confirmation the status of the payment will remain PendingConfirmation until sufficient number of users (maksimum of two from Business perspective) approve the payment.
At any stage of the process the client application can obtain status of the payment instruction’s progress which returns full details of the instruction and its current state. Payment model has been expanded with new, additional attribute: has_confirmation. Configuration of fields: status (PartiallyConfirmed) and has_confirmation determine, whether payment requires signing of the current user or not.
| Status | Has_confirmation | Details |
|---|---|---|
| PartiallyConfirmed | false | Payment is signed by other user. Current user can and should sign the payment. |
| PartiallyConfirmed | true | Payment is signed by current user. Another user’s signing is needed to execute the payment. Current user is not allowed to sign it again. |
Simplified diagram combination of both scenarios - single user authorization:
4 eyes confirmation principle authorization flow:
Second Channel Confirmation
Based on certain parameters, a payment may become eligible for a second channel confirmation. In such cases, when a customer confirms and signs a payment, Nordea will prompt the customer for a second channel (SMS) confirmation. A SMS will be sent to the registered phone number of the user, where the customer can confirm or reject the payment by replying to the SMS.
The payment model has been enhanced with additional attribute “requires_second_channel_confirmation” in the payment details. With the combination of the “Status” and “requires_second_channel_confirmation” values, the customer can identify the next steps as described below,
| Status | requires_second_channel_confirmation | Remarks |
|---|---|---|
| OnHold | true | The payment has been put on hold as it requires second channel confirmation. The customer should have received a SMS to confirm or reject the payment. |
| OnHold | false | The payment has been put on hold. The customer need to call the bank to proceed further. |
Key Notes:
- If the response is not received for a SMS notification within a configured time period (say 2 weeks), then the bank will no longer accept the response for that specific SMS notification. In such case, the customer needs to call the bank to release the payment.
- A limit has been set on the number of payments that can wait in the queue until it is confirmed. If there has been a configured number of SMS notifications (say 5 SMS notifications) sent per user with the registered phone number and not responded by the user, then no SMS notifications will be sent to that user until at least one payment in the queue is released i.e. if one OnHold payment is confirmed, then it opens up the queue for one more SMS notification.
- If the customer has utilized the full queue length (say 5) and has not responded to any of those during the configured time period (say 2 weeks), then the customer needs to call the bank to release the payments.
Second channel confirmation flow - single user authorization:
Second channel confirmation flow - 4 eye user authorization:
Nordea payment type field combinations
| Endpoint (/payments/.) | Nordea Type | FI | SE | DK | NO | Comments | debtor.account_type | creditor.account_type | .amount (mandatory, max. value) | .currency | .creditor.message | .name (of beneficiary | .reference.value | .reference_type |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| /domestic | Domestic account transfer | X | ”PGNR" | "BBAN_SE” | 99 999 999 999,99 | ”SEK” | optional (max. 12) | optional | N/A | N/A | ||||
| /domestic | Domestic account transfer | X | If reference is supplied, then message is not applicable, and vice versa. | ”BBAN_DK” or “IBAN" | "BBAN_DK” | 9 999 999 999,99 | ”DKK” | optional (max. 40) | N/A | optional | ”RF” | |||
| /domestic | Domestic account transfer (With/Without advice) | X | If comment is added, it is considered to be With advice. | ”BBAN_NO" | "BBAN_NO” | 9 999 999,99 | ”NOK” | optional, see comment (max. 140) | optional | N/A | N/A | |||
| /domestic | KID | X | ”BBAN_NO" | "BBAN_NO” | 9 999 999,99 | ”NOK” | N/A | mandatory | mandatory | ”OCR” | ||||
| /domestic | BankGiro | X | If OCR reference and value is supplied, then message is not applicable, and vice versa. Some accounts have OCR reference as mandatory as per request of the creditor. | ”PGNR" | "BGNR” | 99 999 999 999,99 | ”SEK” | optional (max. 150) | N/A | optional | ”OCR” | |||
| /domestic | PlusGiro | X | If OCR reference and value is supplied, then message is not applicable, and vice versa. Some accounts have OCR reference as mandatory as per request of the creditor. | ”PGNR" | "PGNR” | 99 999 999 999,99 | ”SEK” | optional (max. 25) | mandatory | optional | ”OCR” | |||
| /domestic | Giro | X | Transfer form for Denmark. | ”BBAN_DK” or “IBAN" | "GIRO_DK” | 9 999 999,99 | ”DKK” | only for 01, 73 and 75 (max. 105) | N/A | mandatory for 04, 15, 71 and 75 others N/A | ”01”, “04”, “15”, “71”, “73” or “75” | |||
| /sepa | SEPA | X | FI uses SEPA for domestic payments as well | ”IBAN" | "IBAN” | 999 999 999,99 | ”EUR” | optional (max. 140) | mandatory | mandatory | ”INVOICE” or “RF” |
Payment status description
| Payment Status | Description | (Re-)confirmable |
|---|---|---|
| PendingConfirmation | A payment was created. Confirmation step has not yet been started. | Y |
| PendingUserApproval | The PSU-signing process has started. | Y |
| UserApprovalFailed | Payment process failed.It’s possible to try again. See tpp_messages in response for further details. | Y |
| UserApprovalTimeout | A specific time frame is set for the signing process, in which the PSU needs to sign the payment. If timeline is exceeded the signing process expires and has to be restarted. | Y |
| UserApprovalCancelled | The PSU rejected signing the payment during the signing flow. | Y |
| Paid | The payment has been properly initiated, confirmed, signed and debited. | N |
| Confirmed | The payment has been properly initiated, confirmed, signed, but is pending final execution. Could be a future dated payment, or due to bulk clearing of payments (i.e. not instant). | N |
| Rejected | As stated the payment has been rejected. See the tpp_messages for further details. This payment cannot be (re-)confirmed. The attribute “payment_status_reason” will indicate “InsufficientFunds”, if the payment was rejected due to insufficient funds. The attribute “payment_status_reason” will indicate “PaymentDeclinedPsuShouldContactNordea ”, if the payment was rejected due to other bank checks, then the user needs to contact the bank to resolve the case. | N |
| LimitExceeded | The PSU, the account, or the channel has a limit that has been exceeded. This is technically (re-)confirmable, but it requires something has been changed, for instance the limit is raised or a new month has begun. | Y |
| PartiallyConfirmed | The payment is confirmed and signed by one user. It requires the co-signer to confirm and sign the payment. | N |
| OnHold | The payment is put on hold. It either requires a second channel confirmation via SMS or the customer needs to call the bank to proceed further. | N |
Note: For Sweden statuses ‘Confirmed’ and ‘Paid’ are not returned via GET domestic and GET domestic/:paymentId. Signed and executed payments should be treated as transactions and can be fetched via AIS.
Note: For Sweden the status reason: “RequiresSinglePaymentSigning” - will be assigned during the payment initiation to the payments that require extra controls on the Bank side (further referred as “Special payments”). Due to that, the payments with the given status reason won’t be allowed for the bulk confirmation. In case of including the payments with the given status reason in the bulk confirmation - the response will list the Special payments as the one that need to be signed separately - as a single payment using PUT method. The rest of the payments will be processed as usual - a signing link will be provided for the bulk authorization. The example of such scenario can be found under: PIS API examples Sweden in the bulk confirm payments section.
Note: When using the signing functionality for multiple payments, the PISP (Payment Initiation Service Provider) needs to ensure that the payer can view a list of the payees during the authentication. Upon request, the PISP needs to provide Nordea with relevant proof that this feature has been implemented.
Decoupled signing - Sweden
In Sweden, the PSU has the possibility to sign one or a set of payments in a decoupled way using the Bank ID mobile application. In that case, TPP is expected to pass the parameter authentication_method with value “BANKID_SE” while invoking Nordea Open Banking API end point PUT /confirm.
In the response to payment confirmation, TPP will no longer receive “auto_start_token”. Instead, “authentication_id” is given in the response. The TPP can get the qr_data by polling through the below end point by passing the autentication_id in the URL. Note that the access token is not required for polling.
GET /v4/payments/domestic/confirm/bankidse/{authentication_id}
In the response, TPP will be given the qr_data, auto_start_token and the status. TPP shall generate the QR code with the qr_data. The qr_data will keep changing every second, thus TPP needs to keep polling and update the QR code. Please see the examples section for better understanding. The status will give the state of signing as below,
| Status | Description |
|---|---|
| WAITING_FOR_USER | Awaiting user to start scanning the QR code |
| IN_PROGRESS | The user has scanned the QR code and is in the process of signing |
| SUCCESS | User has successfully signed the payment(s) |
| FAILED | User signing failed, need to reconfirm the payment |
Note: auto_start_token is also deprecated from payment details and payments list.
In sandbox:
- qr_data will be changing every second for 45 seconds
- After first 30 seconds, a new auto_start_token is generated and returned
- After that, for 15 seconds IN_PROGRESS status is returned, after which the payment is automatically signed
- For 6 hours, SUCCESS status is returned
Decoupled signing - Denmark and Norway
Decoupled signing is another possibility for PSU to sign payment using external authentication mobile application Nordea ID. PSU is able to choose signing option. If PSU has active Nordea ID for authorization in Nordea Business (logging, signing payments), he can also sign Payments initiated via Nordea OpenBanking API. In order to activate decoupled flow, TPP is obligated to send additional information during confirming step.
authentication_method must be sent as an additional parameter while invoking Nordea Open Banking API end point PUT /confirm. This attribute must indicate the value “MTA”, in order for Nordea to initiate decoupled signing via Nordea ID mobile application. If the parameter is sent with value “redirect”, or the parameter is not sent at all, the payment signing has to be done using the redirect URL by default.
It is possible to use decoupled flow for bulk confirmation. Parameter “authentication_method” is non-mandatory. When it is not provided, user is not going to get push notification to Nordea ID application. In case of PSU authorizing payment via Nordea ID app, TPP will not be informed from OpenBanking API by any instant notification. TPP must call GET payment details and verify the current status of the payment. If PSU decides to sign payment via Nordea ID application, TPP must call for payment status by itself.
From Denmark context, decoupled payment signing can be done only via Nordea ID. There is no decoupled flow with MitId, MitId can be used to sign a payment only by using the URL that is generated in redirect signing flow.
From Norway context, decoupled payment signing can be done only via Nordea ID. There is no decoupled flow with BankId, BankId can be used to sign a payment only by using the URL that is generated in redirect signing flow.
When user does confirm the payment using MTA, there is no callback sent to the TPP website, thus TPP has to check the status on their own in case of using this method. After about 10 minutes (subject to change without notice) status should be resolved to one of Confirmed or Paid in case of successful signing, UserApprovalCancelled in case used decided to cancel signing, UserApprovalFailed in case of technical issue with executing the payment and UserApprovalTimeout in case used have not taken any action before signing timeout have taken place.
Note: Please note that when MTA is successfully initiated, both signing link is sent back and user receives notification on their application. This makes it possible to make a decision in both places which may be different (like cancel in redirect URL and confirm in Nordea ID application). In case of different answers, confirming payment always takes precedence over cancelation of confirmation, i.e. if in any of the channels user confirms the payment it will be confirmed and executed.
Possible scenarios for MTA signing method:
| First event | Second event | Desired result | Notes |
|---|---|---|---|
| Payment confirmed in Nordea ID app | Redirect confirmation done | Payment is Confirmed (or Paid) | After redirect confirmation is done, error is presented on the callback. Error handling will be adjusted in next version of API |
| Payment cancelled in Nordea ID app | Redirect confirmation done | Payment is UserApprovalCancelled | |
| Payment confirmed in Nordea ID app | Payment cancelled in redirect flow | Payment is Confirmed (or Paid) | Same situation as in first scenario. More adjustments will be introduced in next version of API |
| Payment cancelled in Nordea ID app | Payment cancelled in redirect flow | Payment is UserApprovalCancelled | Status changes to UserApprovalCanceled immedietly after cancelling in Nordea ID app |
| Redirect confirmation done | Payment confirmed in Nordea ID app | Payment is Confirmed (or Paid) | Mobile app presents, that signing went OK, even tho it has been already signed by redirect flow |
| Redirect confirmation done | Payment cancelled in Nordea ID app | Payment is Confirmed (or Paid) | No error displayed in mobile app |
| Payment cancelled in redirect flow | Payment confirmed in Nordea ID app | Payment is UserApprovalCancelled | |
| Payment cancelled in redirect flow | Payment cancelled in Nordea ID app | Payment is UserApprovalCancelled |
Possible errors due to MTA signing method:
| HTTP status | Error | Details |
|---|---|---|
| 429 | TOO_MANY_REQUESTS | This error means that customer has already a pending confirmation on their mobile application and thus until these are answered, no other confirmation can be created. In this case, no signing link is provided and there is possibility to call PUT /confirm again with authentication_method other than MTA to try different way of signing or TPP can notify user to open their application and clear all the signing requests before trying MTA method again. |
| 500 | INTERNAL_SERVER_ERROR | This might occur for MTA signing flow in case MTA system is not available due to technical issues. TPP should either wait for a bit and try again, or they can try using other method such as “redirect” to allow signing by the user. |
Note: Do not poll for the status more often than once every 5 seconds as this is the timing interval for checking the users authorization.
Mock signing page (Sandbox only)
The Mock signing page offers TPP the possibility to experience the payment signing in Sandbox. When the signing URL is activated, the UI is being displayed - where the user can sign payment(s) by entering the user credentials. Additionally to that, the user is provided with various exceptional scenarios related to the payments confirmation process.
Specifications:
- Enabled only for redirect signing (decoupled signing is not in scope)
- User credentials are not real, but mocked. The implementation accepts any user ID and password in Sandbox
- Payment scenarios are mocked. Based on the scenarios specified, payment details are adjusted and shown in Sandbox:
- SecondChannelConfirmation
- InsufficientFunds
- 4eyesConfirmation
- Applicable only for 2-SCA payments flow (single SCA payments are not in scope)
- Countries in scope: DK, SE, NO
- Impacts the following endpoint (only in Sandbox):
- PUT /v4/payments/domestic/confirm
The new optional header parameter
TPP can use the new optional header parameter “X-Response-Scenarios” to specify the scenarios. Valid values for the scenarios are:
- AuthenticationWithUI
- AuthenticationSkipUI
- SecondChannelConfirmation
- InsufficientFunds
- 4eyesConfirmation
Please find the example below:
curl --location --request PUT '<host>/v4/payments/domestic/confirm' \
--header 'X-IBM-Client-Id: <client_id>' \
--header 'X-IBM-Client-Secret: <client_secret>' \
--header 'Signature: <signature>' \
--header 'X-Nordea-Originating-Host: <nordea_originating_host>' \
--header 'X-Nordea-Originating-Date: <nordea_originating_date>' \
--header 'Content-Type: application/json; charset=UTF' \
--header 'Digest: <digest>' \
--header 'X-Response-Scenarios: AuthenticationWithUI,SecondChannelConfirmation' \
--header 'Authorization: <token>' \
--data-raw '{
"payments_ids": [
"<payment_id>"
]
}'
Validation of the “X-Response-Scenarios” header parameter
The below describes the validations on the “X-Response-Scenarios” header parameter:
- If specified, “X-Response-Scenarios” must contain one of the valid values. If not, the request will be rejected with the following details:
{
"httpCode": "400",
"httpMessage": "Bad request",
"moreInformation": "Invalid response scenarios."
}
- If specified, “X-Response-Scenarios” must contain only one of the three values: “SecondChannelConfirmation”, “InsufficientFunds” and “4eyesConfirmation”. All three values cannot be specified together. If specified together, the request will be rejected with the following details:
{
"httpCode": "400",
"httpMessage": "Bad request",
"moreInformation": "Invalid response scenarios."
}
- If specified, “X-Response-Scenarios” must contain only one of the two values: “AuthenticationWithUI” and “AuthenticationSkipUI”. Both these values cannot be specified together. If specified together, the request will be rejected with the following details:
{
"httpCode": "400",
"httpMessage": "Bad request",
"moreInformation": "Invalid response scenarios."
}
Visualization of the Mock signing page
Please find the visualization of the Mock signing page below:
- The scenarios are shown with check boxes. If any of those scenarios was already mentioned in the header parameter “X-Response-Scenarios”, then the specified scenario is pre-selected on the UI
- The user still has the option to select additional scenario or uncheck the previously specified scenario
- If one scenario is checked, other scenarios are disabled
- The user credentials can be anything, no validations on the userId and password
PIS API scenarios (Sandbox only)
The following section describes the possible scenarios that can be experienced in Sandbox.
a) No scenario is specified
The given includes:
- No header is provided
- “AuthenticationSkipUI” is provided as an only value in the header
- “AuthenticationWithUI” is provided as an only value in the header but no scenarios selected on the signing page
- If the execution date is the current business date, then the payment status will be updated as “Paid”
- If the execution date is in the future, then the payment status will be updated as “Confirmed”
b) The “SecondChannelConfirmation” scenario
- The payment will be updated as stated below:
- payment_status = “OnHold”
- requires_second_channel_confirmation = “true”
- After 30 seconds:
- If the execution date is the current business date, then the payment status will be updated as “Paid”
- If the execution date is in the future, then the payment status will be updated as “Confirmed”
c) The “InsufficientFunds” scenario
- The payment will be updated as stated below:
- payment_status = “OnHold”
- payment_status_reason = “InsufficientFunds”
- After 30 seconds:
- payment_status = “Rejected”
- payment_status_reason = “InsufficientFunds”
d) The “4eyesConfirmation” scenario
- The payment will be updated as stated below:
- payment_status = “PartiallyConfirmed”
- signed_by_current_user = “true”
- After 30 seconds:
- If the execution date is the current business date, then the payment status will be updated as “Paid”
- If the execution date is in the future, then the payment status will be updated as “Confirmed”
Recurring payments
Note: Recurring payments for domestic transfer are not supported in SE
The recurring payments - sometimes also known as standing order - information consist of two additional values:
- For DK and FI:
countand therecurrence_type - For NO:
end_dateand therecurrence_type
DK and FI: The count has to be a minimum of 2, as the first payment is executed on the requested execution date as a normal payment, and creates another payment immediately afterwards. The number of payments remaining can be found in the count field if payment list or details are requested. It will decrease by 1 for each version of the payment that has been Paid. The normal maximum value for count is 98, but the number 9999 (four nines) is used to indicate an infinite series of identical payments that will not stop until deleted by the submitter. This special ‘count’ will not decrease with each Paid payment, and will continue to return the number 9999.
NO: Instead of count property, end_date is used. End_date cannot be set in the past. When end_date is not provided (or sent with value null), infinite series of identical payments that will not stop until deleted by the submitter will be triggered.
Note: If
end_dateis sent as null it will not be returned
Note: A simple way to find the next occurrence of the recurring payment in the payment list would be to add an
external_idwhen initiating the payment. Theexternal_idwill be present on all occurrences of this payment.
Note: Use
/deleteinterfaces to remove the next version of the payment (only_next_occurrence=TRUE), or removing the entire series (only_next_occurrence=FALSE).
| recurrence_type | SE | DK | NO | Description |
|---|---|---|---|---|
| DAILY | - | - | X | Every banking day |
| WEEKLY | - | X | X | Weekly, based on the day of the requested execution date (or the next banking day) |
| BIWEEKLY | - | X | - | Every 2 weeks on the weekday of the request execution date (or the next banking day) |
| MONTHLY_SAME_DAY | - | X | X | Monthly, based on the day of requested execution date (or the next banking day) |
| MONTHLY_EOM | - | X | - | Monthly on the last banking day of the month |
| QUARTERLY_SAME_DAY | - | X | X | Every 3 months on the requested execution date (or the next banking day) |
| QUARTERLY_EOM | - | X | - | Every 3 months on the the last banking day of the month |
| TRI_ANNUALLY_SAME_DAY | - | - | X | Every 4 months on the requested execution date (or the next banking day) |
| SEMI_ANNUALLY_SAME_DAY | - | X | X | Every 6 months on the requested execution date (or the next banking day) |
| SEMI_ANNUALLY_EOM | - | X | - | Every 6 months on the the last banking day of the month |
| YEARLY_SAME_DAY | - | X | X | Once a year on the requested execution date (or the next banking day) |
| YEARLY_EOM | - | X | - | Once a year on the the last banking day of the month |
| EVERY_MINUTE_SANDBOX_ONLY | - | X | X | Testing in Sandbox only! Every minute, a recurrence of the payment will be Paid and the next occurrence created until the counter reaches 0. |
In Sandbox: We have added EVERY_MINUTE_SANDBOX_ONLY to `recurrence_type` for you to test the `count` and `status` of the payments in the sandbox. As confirmed payments in sandbox automatically get `Paid` after a few seconds, the recurring payments will automatically run until the `count` reaches 0. Try calling 'Get Payments List' endpoint time-by-time to observe new payments being created. Please avoid using 9999/end_date = null too many times whilst testing, and EVERY_MINUTE_SANDBOX_ONLY is not accepted in production.
Confirmation of availability of funds
The given functionality gives TPP the possibility to confirm the availability of funds - so that TPP can decide to either further process, cancel and/or sign the payment or not.
Two new optional parameters have been added:
- “request_availability_of_funds” (request)
- “availability_of_funds” (response)
Countries in scope: DK, SE, NO.
Payment initiation
Sandbox:
- If 2SCA payment initiation endpoint is available and the request contains the new field: “request_availability_of_funds” set to “true” and Sandbox scenario is not being specified in request header - when the endpoint is invoked, then the payment initiation response will be returned with new field: “availability_of_funds” that is set based on the actual check that verifies the payment amount against the available balance on the account.
- If 2SCA payment initiation endpoint is available and the request contains the new field: “request_availability_of_funds” set to “true” and Sandbox scenario is specified as: “FundsAvailable” in request header - when the endpoint is invoked, then the payment initiation response will be returned with new field: “availability_of_funds” that is set to “true”.
- If 2SCA payment initiation endpoint is available and the request contains the new field: “request_availability_of_funds” set to “true” and Sandbox scenario is specified as: “FundsNotAvailable” in request header - when the endpoint is invoked, then the payment initiation response will be returned with new field: “availability_of_funds” that is set to “false”.
Production:
- If 2SCA payment initiation endpoint is available and the request contains the new field: “request_availability_of_funds” set to “true” - when the endpoint is invoked, then the payment initiation response will be returned with new field: “availability_of_funds” that is set based on the actual check that verifies the payment amount against the available balance on the account.
Get payment details
Sandbox:
- If 2SCA get payment details endpoint is available and the request contains the new field: “request_availability_of_funds” set to “true” and Sandbox scenario is not being specified in request header and payment status is not: “InsufficientFunds”, “Rejected”, “Paid” or “Unknown” - when the endpoint is invoked, then the get payment details response will be returned with new field: “availability_of_funds” that is set based on the actual check that verifies the payment amount against the available balance on the account.
- If 2SCA get payment details endpoint is available and the request contains the new field: “request_availability_of_funds” set to “true” and Sandbox scenario is specified as: “FundsAvailable” in request header and payment status is not: “InsufficientFunds”, “Rejected”, “Paid” or “Unknown” - when the endpoint is invoked, then the get payment details response will be returned with new field: “availability_of_funds” that is set to “true”.
- If 2SCA get payment details endpoint is available and the request contains the new field: “request_availability_of_funds” set to “true” and Sandbox scenario is specified as: “FundsNotAvailable” in request header and payment status is not: “InsufficientFunds”, “Rejected”, “Paid” or “Unknown” - when the endpoint is invoked, then the get payment details response will be returned with new field: “availability_of_funds” that is set to “false”.
Production:
- If 2SCA get payment details endpoint is available and the request contains the new field: “request_availability_of_funds” set to “true” and payment status is not: “InsufficientFunds”, “Rejected”, “Paid” or “Unknown” - when the endpoint is invoked, then the get payment details response will be returned with new field: “availability_of_funds” that is set based on the actual check that verifies the payment amount against the available balance on the account.
The examples of Confirmation of availability of funds can be found in this documentation under: PIS API examples Denmark section.
PIS API examples Denmark
Denmark: get list of payments
This example shows how to get list of pending payments.
This endpoint URL has the following form
https://api.nordeaopenbanking.com/business/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use GET since we want to get list of payments.
Here is an example request for Denmark:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/' -i -X GET \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
Here is a sample response for Denmark:
{
"group_header":
{
"message_identification": "icOWDBxgHec",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "4b30af6a-ec58-4bf1-a5a9-4d4b882ae2a7",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "23001546139529",
"_type": "BBAN_DK",
"currency": "DKK"
}
},
"creditor":
{
"account":
{
"value": "23001546147254",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "cred msg"
},
"amount": "7.12",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/business/v4/payments/domestic/4b30af6a-ec58-4bf1-a5a9-4d4b882ae2a7"
},
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/4b30af6a-ec58-4bf1-a5a9-4d4b882ae2a7/confirm"
}
],
"urgency": "standard"
}
]
}
}
Denmark: initiate a new payment
In this example, we initiate a new payment.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use POST since we create a new payment.
Here is an example request (domestic). The example contains Confirmation of availability of funds:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>' \
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"amount": "6.12",
"urgency":"standard",
"creditor": {
"account": {
"_type": "BBAN_DK",
"currency": "DKK",
"value": "23001546147254"
},
"message": "cred msg"
},
"currency": "DKK",
"debtor": {
"account": {
"_type": "BBAN_DK",
"currency": "DKK",
"value": "23001546139529"
},
"message": "Own message"
},
"external_id": "tpp_supplied_string",
"request_availability_of_funds": true
}
And the sample response looks like this (domestic):
{
"group_header":
{
"message_identification": "C4xs7V7iMj4",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "5a3f726e-1bd9-4d7f-a3e9-7c9c7e24e092",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "23001546139529",
"_type": "BBAN_DK",
"currency": "DKK"
}
},
"creditor":
{
"account":
{
"value": "23001546147254",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "cred msg"
},
"amount": "6.12",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/business/v4/payments/domestic/5a3f726e-1bd9-4d7f-a3e9-7c9c7e24e092"
},
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/5a3f726e-1bd9-4d7f-a3e9-7c9c7e24e092/confirm"
}
],
"urgency": "standard",
"availability_of_funds": false
}
}
Here is an example request (Giro):
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>' \
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
{
"externalId": "tpp_supplied_string",
"amount": "1.13",
"urgency": "standard",
"currency": "DKK",
"debtor": {
"account": {
"_type": "BBAN_DK",
"currency": "DKK",
"value": "20301544118028"
},
"message": "Own message"
},
"creditor": {
"account": {
"_type": "GIRO_DK",
"currency": "DKK",
"value": "80583079"
},
"reference": {
"_type": "71",
"value": "000000003097920"
},
}
}
And the response looks like this (Giro):
{
"group_header":
{
"message_identification": "J2Do7gUqGyI",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "93e88380-3ec9-432a-98af-ca8c0fa6c910",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "20301544118028",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "80583079",
"_type": "GIRO_DK",
"currency": "DKK"
},
"reference":
{
"value": "000000003097920",
"_type": "71"
}
},
"amount": "1.13",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/business/v4/payments/domestic/93e88380-3ec9-432a-98af-ca8c0fa6c910"
},
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/93e88380-3ec9-432a-98af-ca8c0fa6c910/confirm"
}
],
"urgency": "standard"
}
}
Here is an example request including recurrency:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>' \
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"amount": "6.12",
"urgency":"standard",
"creditor": {
"account": {
"_type": "BBAN_DK",
"currency": "DKK",
"value": "23001546147254"
},
"message": "cred msg"
},
"currency": "DKK",
"debtor": {
"account": {
"_type": "BBAN_DK",
"currency": "DKK",
"value": "23001546139529"
},
"message": "Own message"
},
"external_id": "tpp_supplied_string",
"recurring": {
"count": 10,
"recurrence_type": "WEEKLY"
}
}
And the sample response looks like this (recurring payment):
{
"group_header":
{
"message_identification": "C4xs7V7iMj4",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "5a3f726e-1bd9-4d7f-a3e9-7c9c7e24e092",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "23001546139529",
"_type": "BBAN_DK",
"currency": "DKK"
}
},
"creditor":
{
"account":
{
"value": "23001546147254",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "cred msg"
},
"amount": "6.12",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/business/v4/payments/domestic/5a3f726e-1bd9-4d7f-a3e9-7c9c7e24e092"
},
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/5a3f726e-1bd9-4d7f-a3e9-7c9c7e24e092/confirm"
}
],
"urgency": "standard",
"recurring": {
"count": 10,
"recurrence_type": "WEEKLY"
}
}
}
Note that the
payment_statusisPendingConfirmation, it means the payment confirming(signing) process has to be started by you the TPP.
Denmark: get payment information
This example shows how to query payment information.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Methods. Here we use GET to see the details of the payment.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}' -i -X GET \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks:
{
"group_header":
{
"message_identification": "5M_f4r-uZmw",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"_id": "93e88380-3ec9-432a-98af-ca8c0fa6c910",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "20301544118028",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "80583079",
"_type": "GIRO_DK",
"currency": "DKK"
},
"reference":
{
"value": "000000003097920",
"_type": "71"
}
},
"amount": "1.13",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/business/v4/payments/domestic/93e88380-3ec9-432a-98af-ca8c0fa6c910"
},
{
"rel": "signing",
"href": "https://...?client_id=...&code_challenge_method=S256&redirect_uri=https://...&response_type=code&code_challenge=...&scope=openid+ndf+agreement&state=paymentid..."
}
],
"urgency": "standard"
}
}
Here is an example request when Confirmation of availability of funds is used:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}?request_availability_of_funds=true'\
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks like with Confirmation of availability of funds:
{
"group_header":
{
"message_identification": "5M_f4r-uZmw",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"_id": "93e88380-3ec9-432a-98af-ca8c0fa6c910",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "20301544118028",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "80583079",
"_type": "GIRO_DK",
"currency": "DKK"
},
"reference":
{
"value": "000000003097920",
"_type": "71"
}
},
"amount": "1.13",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/business/v4/payments/domestic/93e88380-3ec9-432a-98af-ca8c0fa6c910"
},
{
"rel": "signing",
"href": "https://...?client_id=...&code_challenge_method=S256&redirect_uri=https://...&response_type=code&code_challenge=...&scope=openid+ndf+agreement&state=paymentid..."
}
],
"urgency": "standard",
"availability_of_funds": true
}
}
Denmark: bulk confirm payments
This example shows how to bulk confirm payments
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm
This endpoint supports only PUT HTTP Method.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed62e",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba940"
]
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "vGm8zaLpQww",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"response":
{
"payments": [
{
"_id": "11d55648-8c1d-45e2-951a-69c5aeaed62e",
"entry_date_time": "2020-01-09T13:14:50Z",
"debtor":
{
"account":
{
"value": "23001546139529",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "27861544318671",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/11d55648-8c1d-45e2-951a-69c5aeaed62e"
}
],
"planned_execution_date": "2020-01-09",
"urgency": "standard"
},
{
"_id": "5e6e2d6f-e2dd-4c71-b232-9dfbb88ba940",
"entry_date_time": "2020-01-09T13:15:02.525Z",
"debtor":
{
"account":
{
"value": "23001546139529",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "27861544318671",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/5e6e2d6f-e2dd-4c71-b232-9dfbb88ba940"
}
],
"planned_execution_date": "2020-01-09",
"urgency": "standard"
}
]
}
}
Here is an example request for DK decoupled signing using Nordea ID app:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed62e",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba940"
],
"authentication_method" = "MTA"
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "vGm8zaLpQww",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"response":
{
"payments": [
{
"_id": "11d55648-8c1d-45e2-951a-69c5aeaed62e",
"entry_date_time": "2020-01-09T13:14:50Z",
"debtor":
{
"account":
{
"value": "23001546139529",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "27861544318671",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/11d55648-8c1d-45e2-951a-69c5aeaed62e"
}
],
"planned_execution_date": "2020-01-09",
"urgency": "standard"
},
{
"_id": "5e6e2d6f-e2dd-4c71-b232-9dfbb88ba940",
"entry_date_time": "2020-01-09T13:15:02.525Z",
"debtor":
{
"account":
{
"value": "23001546139529",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "27861544318671",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/5e6e2d6f-e2dd-4c71-b232-9dfbb88ba940"
}
],
"planned_execution_date": "2020-01-09",
"urgency": "standard"
}
]
}
}
Denmark: delete single payment
This example shows how to delete a payment.
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Method. Here we use DELETE to delete the payment.
Here is an example request
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed88x"
],
"errors": []
}
Here is an example request for recurring payment, where only next occurrence is to be deleted:
Note: For payments which are not confirmed, always all occurrences will be deleted
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}?only_next_occurrence=true' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed88x"
],
"errors": []
}
Denmark: delete multiple payments
This example shows how to bulk delete payments
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use DELETE since we want to delete payments.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed88y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba88y"
]
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed88y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba88y"
],
"errors": []
}
Here is an example request for deletion of recurring payments:
Note: In order to determine ‘only_next_occurrence’ property, ‘payments’ element needs to be used instead of ‘payments_ids’. Please note that ‘payments’ and ‘payments_ids’ elements cannot be used together in the same request. Note: For payments which are not confirmed, always all occurrences will be deleted
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments": [
{
"payment_id": "11d55648-8c1d-45e2-951a-69c5aeaed88y",
"only_next_occurence": true
},
{
"payment_id": "5e6e2d6f-e2dd-4c71-b232-9dfbb88ba88y",
"only_next_occurence": false
}
]
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed88y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba88y"
],
"errors": []
}
PIS API examples Sweden
Sweden: get list of payments
This example shows how to get list of pending payments.
This endpoint URL has the following form
https://api.nordeaopenbanking.com/business/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use GET since we want to get list of payments.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/' -i -X GET \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
Here is the response (domestic):
{
"group_header":
{
"message_identification": "9Nj2wKmuGq0",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "22e8412b-4982-4c2d-ab6a-3dadd92a3a3c",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
}
},
"creditor":
{
"account":
{
"value": "32580077669",
"_type": "BBAN_SE",
"currency": "SEK"
},
"name": "Name"
},
"amount": "10.99",
"currency": "SEK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/business/v4/payments/domestic/22e8412b-4982-4c2d-ab6a-3dadd92a3a3c"
}
]
}
]
}
}
Another response example (BankGiro):
{
"group_header":
{
"message_identification": "uYC_cq0nmzE",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "350d852b-f087-40d7-9b12-08371a7dc201",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/350d852b-f087-40d7-9b12-08371a7dc201/confirm"
}
],
"amount": "12345678.12",
"currency": "SEK",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "51965770",
"_type": "BGNR",
"currency": "SEK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345",
"_type": "OCR"
}
}
},
{
"_id": "cd1ff779-94dd-4a53-ba84-7577e4b93b6e",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/cd1ff779-94dd-4a53-ba84-7577e4b93b6e/confirm"
}
],
"amount": "12345678.12",
"currency": "SEK",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "51965770",
"_type": "BGNR",
"currency": "SEK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345",
"_type": "OCR"
}
}
}
]
}
}
And another response example (PlusGiro):
{
"group_header":
{
"message_identification": "vmtBn6vi5z4",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "11cdad59-370a-4bec-8958-2f45d7786857",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/11cdad59-370a-4bec-8958-2f45d7786857/confirm"
}
],
"amount": "1.11",
"currency": "SEK",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "9366006",
"_type": "PGNR",
"currency": "SEK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345",
"_type": "OCR"
}
}
},
{
"_id": "9eddc658-d7c8-42d9-ae34-bb8d0a714a5c",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/9eddc658-d7c8-42d9-ae34-bb8d0a714a5c/confirm"
}
],
"amount": "1.11",
"currency": "SEK",
"debtor":
{
"account":
{
""value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "9366006",
"_type": "PGNR",
"currency": "SEK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345",
"_type": "OCR"
}
}
}
]
}
}
Another example to understand behaviour of auto_start_token and signing link (auto_start_token is deprecated in payment details)
{
"group_header":
{
"message_identification": "vmtBn6vi5z4",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "11cdad59-370a-4bec-8958-2f45d7786857",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"payment_status": "PendingUserApproval",
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"amount": "1.11",
"currency": "SEK",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "9366006",
"_type": "PGNR",
"currency": "SEK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345",
"_type": "OCR"
}
}
},
{
"_id": "9eddc658-d7c8-42d9-ae34-bb8d0a714a5c",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"payment_status": "PendingUserApproval",
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"auto_start_token":"0bae4e71-d3d9-4820-9b4c-5d423b049342",
"amount": "1.11",
"currency": "SEK",
"debtor":
{
"account":
{
""value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "9366006",
"_type": "PGNR",
"currency": "SEK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345",
"_type": "OCR"
}
}
}
]
}
}
If some of these payments were bulk confirmed together, then the signing link is common for all of those payments. If customer uses that signing link then they will sign all those payments together only.
In the above example both the payments were confirmed together. Therefore they have the same signing link. This means that these payments can only be signed together at once. Signing separately is not possible. If customer is keen on forgoing one of the payments then they will have to forgo both and make a new payment instead.
Sweden: initiate a new payment
In this example, we initiate a new payment.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use POST since we want to create a new payment.
And here is example request (domestic):
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"amount": "17.88",
"currency": "SEK",
"debtor": {
"account": {
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor": {
"account": {
"_type": "BBAN_SE",
"currency": "SEK",
"value": "41770042136"
},
"message": "creditor msg",
"name": "Beneficiary name"
},
"external_id": "tpp_supplied_string"
}
And the response looks like this:
{
"group_header":
{
"message_identification": "m3-1v7i7FiM",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "fab483a9-af20-4640-8372-1dac317ef994",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "41770042136",
"_type": "BBAN_SE",
"currency": "SEK"
},
"name": "Beneficiary name",
"message": "creditor msg"
},
"amount": "17.88",
"currency": "SEK",
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/business/v4/payments/domestic/fab483a9-af20-4640-8372-1dac317ef994"
},
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/fab483a9-af20-4640-8372-1dac317ef994/confirm"
}
]
}
}
Another example request (BankGiro):
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"amount":"224.50",
"currency": "SEK",
"debtor": {
"account": {
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own notes"
},
"creditor": {
"account": {
"value": "51965770",
"_type": "BGNR"
},
"name": "",
"reference": {
"value": "109939429740003",
"_type": "OCR"
}
},
"external_id": "tpp_supplied_string"
}
And the response looks like this (BankGiro):
{
"group_header":
{
"message_identification": "5DBziGqrzLs",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "fd7ed782-8a2a-417f-a428-c351addd4d2f",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own notes"
},
"creditor":
{
"account":
{
"value": "51965770",
"_type": "BGNR",
"currency": "SEK"
},
"reference":
{
"value": "109939429740003",
"_type": "OCR"
}
},
"amount": "224.5",
"currency": "SEK",
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/business/v4/payments/domestic/fd7ed782-8a2a-417f-a428-c351addd4d2f"
},
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/fd7ed782-8a2a-417f-a428-c351addd4d2f/confirm"
}
]
}
}
Another example request (PlusGiro):
{
"amount":"224.50",
"currency": "SEK",
"debtor": {
"account": {
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own notes"
},
"creditor": {
"account": {
"value": "9366006",
"_type": "PGNR"
},
"name": "",
"reference": {
"value": "109939429740003",
"_type": "OCR"
}
},
"external_id": "tpp_supplied_string"
}
And the response looks like this (PlusGiro):
{
"group_header":
{
"message_identification": "5DBziGqrzL8",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "fd7ed782-8a2a-417f-a428-c351addd4d2f",
"external_id": "tpp_supplied_string",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own notes"
},
"creditor":
{
"account":
{
"value": "9366006",
"_type": "PGNR",
"currency": "SEK"
},
"reference":
{
"value": "109939429740003",
"_type": "OCR"
}
},
"amount": "224.5",
"currency": "SEK",
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/business/v4/payments/domestic/fd7ed782-8a2a-417f-a428-c351addd4d2f"
},
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/fd7ed782-8a2a-417f-a428-c351addd4d2f/confirm"
}
]
}
}
Note that the
payment_statusisPendingConfirmation, it means the payment confirming(signing) process has to be started by you the TPP.
Sweden: get payment information
This example shows how to query payment information.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Methods. Here we use GET to see the details of the payment.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}' -i \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks like (domestic):
{
"group_header":
{
"message_identification": "MdwmEC_LdTY",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"_id": "93070920-0076-4a4d-ad0d-cd23a0e9d740",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/93070920-0076-4a4d-ad0d-cd23a0e9d740/confirm"
}
],
"amount": "1.11",
"currency": "SEK",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"name": "Beneficiary name",
"message": "Another"
}
}
}
And another example to understand behaviour of auto_start_token and signing link (auto_start_token is deprecated from payment details)
{
"group_header":
{
"message_identification": "MdwmEC_LdTY",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"_id": "93070920-0076-4a4d-ad0d-cd23a0e9d740",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingUserApproval",
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"amount": "1.11",
"currency": "SEK",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"name": "Beneficiary name",
"message": "Another"
}
}
}
If this payment was bulk confirmed with few other payments then the signing link is common for all of those payments. If customer uses that signing link then they will sign all those payments together only.
Sweden: bulk confirm payments
This example shows how to bulk confirm payments
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm
This endpoint supports only PUT HTTP Method.
Here is an example request when user opts for re-direct flow:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed99y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
]
}
And this is how the response looks like:
Note: Swedish bulk confirm service uses redirect signing url’s.
{
"group_header":
{
"message_identification": "vGm8zaLpQww",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"response":
{
"payments": [
{
"_id": "11d55648-8c1d-45e2-951a-69c5aeaed99y",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "SEK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/11d55648-8c1d-45e2-951a-69c5aeaed99y"
}
],
"planned_execution_date": "2020-01-09"
},
{
"_id": "5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "228361",
"_type": "PGNR",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "SEK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
}
],
"planned_execution_date": "2020-01-09"
}
]
}
}
Here is an example response with the “Special payment” (payment with status reason: “RequiresSinglePaymentSigning”):
Note: Currently available only in Production environment (not available in Sandbox as of now).
{
"group_header": {
"message_identification": "485c31bbe8c3a40e",
"creation_date_time": "2025-07-15T09:53:39.957147123Z",
"http_code": 200
},
"errors": [
{
"error": "PaymentCantBeSignedInBulk",
"error_description": "Payment cannot be signed in bulk. Please sign this payment as single payment in request",
"payment_id": "85d2b987-a6ea-4c90-96d5-8a87b48ba735"
}],
"_links": [ {
"rel": "signing",
"href": "https://nasa.nd.test.nordea.com?client_id=VLHFYbO3l7KYMxnOgpAZ&code_challenge_method=S256&redirect_uri=https://open.dev01.qaoneadr.local/business/v4/payments/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD04MmEyYTJhMC1lMzlmLTQ1NTEtYTU2YS04YjIzMTc3NTczYjQmc3RhdGVfaWQ9ODJhMmEyYTAtZTM5Zi00NTUxLWE1NmEtOGIyMzE3NzU3M2I0&signing_order_id=82a2a2a0-e39f-4551-a56a-8b23177573b4",
"signs_payment_ids": [
"85d2b987-a6ea-4c90-96d5-8a87b48ba736"
]
}],
"response": {
"payments": [
{
"_id": "85d2b987-a6ea-4c90-96d5-8a87b48ba736",
"entry_date_time": "2025-07-15T11:51:54.936128Z",
"debtor": {
"account": {
"value": "228379",
"_type": "PGNR",
"currency": "SEK"
},
"message": "message"
},
"creditor": {
"account": {
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"name": "Nordea",
"message": "SE Decouple"
},
"amount": "204",
"currency": "SEK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/85d2b987-a6ea-4c90-96d5-8a87b48ba736"
},
{
"rel": "signing",
"href": "https://nasa.nd.test.nordea.com?client_id=VLHFYbO3l7KYMxnOgpAZ&code_challenge_method=S256&redirect_uri=https://open.dev01.qaoneadr.local/business/v4/payments/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD04MmEyYTJhMC1lMzlmLTQ1NTEtYTU2YS04YjIzMTc3NTczYjQmc3RhdGVfaWQ9ODJhMmEyYTAtZTM5Zi00NTUxLWE1NmEtOGIyMzE3NzU3M2I0&signing_order_id=82a2a2a0-e39f-4551-a56a-8b23177573b4",
"signs_payment_ids": [
"85d2b987-a6ea-4c90-96d5-8a87b48ba736"
]
}
],
"planned_execution_date": "2025-07-15",
"urgency": "standard",
"requested_execution_date": "2025-07-15",
"signed_by_current_user": false,
"payment_type": "DOMESTIC",
"single_sca": false
}
]
}
}
Sweden: Confirm payments using BANKID_SE (authentication_method BANKID_SE):
Here is an example confirm request when user opts for decoupled flow for signing:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"8d332ab5-dde9-464c-a4fd-3ac162882cd4",
],
"authentication_method":"BAKNID_SE"
}
And this is how the response looks like when authentication_method is BANKID_SE:
Note: Swedish bulk confirm service uses redirect signing url and auto_start_token to launch the BankId mobile app.
{
"group_header": {
"message_identification": "zxndkmypaoh8dzdu",
"creation_date_time": "2024-01-10T11:37:42.305075809Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://sandbox-business-obh.esp.rs.dev01.qaoneadr.local/nasa-mock?client_id=dummy_client_id_se&code_challenge_method=S256&redirect_uri=https://sandbox-business-obh.esp.rs.dev01.qaoneadr.local/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD1kOTc5YzQxNC1hYzI4LTRkMTItOWMxMi01NzljOWMyNGY4ZGImc3RhdGVfaWQ9YjBjYzhkMDItMjc0ZC00YjA4LWFjNGQtOWJjNTU5M2Y4MWU3&signing_order_id=d979c414-ac28-4d12-9c12-579c9c24f8db",
"signs_payment_ids": [
"8d332ab5-dde9-464c-a4fd-3ac162882cd4"
]
}
],
"response": {
"payments": [
{
"_id": "8d332ab5-dde9-464c-a4fd-3ac162882cd4",
"entry_date_time": "2024-01-10T11:34:26.984503977Z",
"debtor": {
"account": {
"value": "9637042",
"_type": "PGNR",
"currency": "SEK"
}
},
"creditor": {
"account": {
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own message"
},
"amount": "1.49",
"currency": "SEK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/8d332ab5-dde9-464c-a4fd-3ac162882cd4"
},
{
"rel": "signing",
"href": "https://sandbox-business-obh.esp.rs.dev01.qaoneadr.local/nasa-mock?client_id=dummy_client_id_se&code_challenge_method=S256&redirect_uri=https://sandbox-business-obh.esp.rs.dev01.qaoneadr.local/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD1kOTc5YzQxNC1hYzI4LTRkMTItOWMxMi01NzljOWMyNGY4ZGImc3RhdGVfaWQ9YjBjYzhkMDItMjc0ZC00YjA4LWFjNGQtOWJjNTU5M2Y4MWU3&signing_order_id=d979c414-ac28-4d12-9c12-579c9c24f8db",
"signs_payment_ids": [
"8d332ab5-dde9-464c-a4fd-3ac162882cd4"
]
}
],
"planned_execution_date": "2024-01-11",
"requested_execution_date": "2024-01-11",
"payment_type": "DOMESTIC",
"single_sca": false
}
]
},
"authentication_id": "865fb11e8a0acf83a3cc14f447c255b83d42eb00252e6dbf4f76c4d84345d97a"
}
Example request for polling for qr_data using authentication_id:
This endpoint URL has the following form
https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm/bankidse/865fb11e8a0acf83a3cc14f447c255b83d42eb00252e6dbf4f76c4d84345d97a
This endpoint supports GET HTTP Method only.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm/bankidse/865fb11e8a0acf83a3cc14f447c255b83d42eb00252e6dbf4f76c4d84345d97a' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
The response looks like:
{
"group_header": {
"message_identification": "3s78ua4a7dpghasq",
"creation_date_time": "2024-01-10T11:39:30.574295555Z",
"http_code": 200
},
"response": {
"qr_data": "bankid.3bfea752478728fde16d0acc4e405864b33b8adfea4bdd129acdda984469eec7.18.DfBiVzc5q6YgHZym8qeiDwNA6UAKG2iIHSzwu73DrsJNWEYdzvivz1I3YvAdlfDX",
"auto_start_token": "44d20373-5046-49ff-bdb2-78c8d84ca9fd",
"status": "WAITING_FOR_USER"
}
}
Response when signing is in progress:
{
"group_header": {
"message_identification": "0d5br6f9fdnvd430",
"creation_date_time": "2024-01-10T11:38:28.401412168Z",
"http_code": 200
},
"response": {
"status": "IN_PROGRESS"
}
}
Response when signing is successful:
{
"group_header": {
"message_identification": "a1nprlpd8ioiel43",
"creation_date_time": "2024-01-10T11:40:13.954900423Z",
"http_code": 200
},
"response": {
"status": "SUCCESS"
}
}
Response when signing failed:
{
"group_header": {
"message_identification": "a1nprlpd6f9fdnvd",
"creation_date_time": "2024-01-10T11:42:15.894900423Z",
"http_code": 200
},
"response": {
"status": "FAILED"
}
}
Sweden: delete single payment
This example shows how to delete a payment.
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Method. Here we use DELETE to delete the payment.
Here is an example request
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed77x"
],
"errors": []
}
Sweden: delete multiple payments
This example shows how to bulk delete payments
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use DELETE since we want to delete payments.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed77y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba77y"
]
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed77y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba77y"
],
"errors": []
}
PIS API examples Norway
Norway: get list of payments
This example shows how to get list of pending payments.
This endpoint URL has the following form
https://api.nordeaopenbanking.com/business/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use GET since we want to get list of payments.
Here is an example request for Norway:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/' -i -X GET \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
Here is the response for Norway (domestic):
{
"group_header":
{
"message_identification": "L1Udq2Ut3Xk",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "522df97c-d0bd-49a1-9c95-6f45e0352c98",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/522df97c-d0bd-49a1-9c95-6f45e0352c98/confirm"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice"
}
},
{
"_id": "9fc14e1c-ff0b-41a3-b5ea-dd8fcda7258c",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/9fc14e1c-ff0b-41a3-b5ea-dd8fcda7258c/confirm"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60010502570",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice"
}
},
{
"_id": "8348a589-868c-4ff9-ada7-4b442134a899",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "UserApprovalTimeout",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/8348a589-868c-4ff9-ada7-4b442134a899/confirm"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60010502570",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice"
}
}
]
}
}
Here is the response for Norway (KID):
{
"group_header":
{
"message_identification": "L1Udq2Ut3Xk",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "9fc14e1c-ff0b-41a3-b5ea-dd8fcda7258c",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/v4/payments/domestic/9fc14e1c-ff0b-41a3-b5ea-dd8fcda7258c/confirm"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60010502570",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345-",
"_type": "OCR"
}
},
{
"_id": "157623d9-627c-4e34-86dc-318284f158af",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/157623d9-627c-4e34-86dc-318284f158af/confirm"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345-",
"_type": "OCR"
}
}
}
}
]
}
}
Norway: initiate a new payment
In this example, we initiate a new payment.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use POST since we create a new payment.
Here is an example request (domestic):
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
{
"amount": "1.13",
"urgency": "standard",
"currency": "NOK",
"debtor": {
"account": {
"_type": "BBAN_NO",
"currency": "NOK",
"value": "60301132843"
}
},
"creditor": {
"account": {
"_type": "BBAN_NO",
"currency": "NOK",
"value": "86011117948"
},
"message": "Some advice",
"name": "Beneficiary name"
},
"external_id": "tpp_supplied_string"
}
And the response looks like this (domestic):
{
"group_header":
{
"message_identification": "LZiyNqd8iQA",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "ba1c0234-396d-4f66-8b70-2ebc55f02400",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/ba1c0234-396d-4f66-8b70-2ebc55f02400/confirm"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
}
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice"
}
}
}
Here is an example request (KID):
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"amount": "1.13",
"urgency": "standard",
"currency": "NOK",
"debtor": {
"account": {
"_type": "BBAN_NO",
"currency": "NOK",
"value": "60301132843"
}
},
"creditor": {
"account": {
"_type": "BBAN_NO",
"currency": "NOK",
"value": "86011117948"
},
"name": "Beneficiary name",
"reference": {
"_type": "OCR",
"value": "12345-"
}
},
"external_id": "tpp_supplied_string"
}
And the response looks like this (KID):
{
"group_header":
{
"message_identification": "IYTjRQj4Vpw",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "f77243d4-5eb0-48a8-b2de-6cc1e162e648",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/f77243d4-5eb0-48a8-b2de-6cc1e162e648/confirm"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
}
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345-",
"_type": "OCR"
}
}
}
}
Here is an example request including recurrency:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
{
"amount": "1.13",
"urgency": "standard",
"currency": "NOK",
"debtor": {
"account": {
"_type": "BBAN_NO",
"currency": "NOK",
"value": "60301132843"
}
},
"creditor": {
"account": {
"_type": "BBAN_NO",
"currency": "NOK",
"value": "86011117948"
},
"message": "Some advice",
"name": "Beneficiary name"
},
"external_id": "tpp_supplied_string",
"recurring": {
"count": 10,
"recurrence_type": "WEEKLY"
}
}
And the response looks like this (recurring payment):
{
"group_header":
{
"message_identification": "LZiyNqd8iQA",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "ba1c0234-396d-4f66-8b70-2ebc55f02400",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/ba1c0234-396d-4f66-8b70-2ebc55f02400/confirm"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
}
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice",
"recurring": {
"count": 10,
"recurrence_type": "WEEKLY"
}
}
}
}
Note that the
payment_statusisPendingConfirmation, it means the payment confirming(signing) process has to be started by you the TPP.
Norway: get payment information
This example shows how to query payment information.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Methods. Here we use GET to see the details of the payment.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}' -i -X GET \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks (domestic):
{
"group_header":
{
"message_identification": "v_JC8lV2ceI",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response":
{
"_id": "522df97c-d0bd-49a1-9c95-6f45e0352c98",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "confirm",
"href": "/business/v4/payments/domestic/522df97c-d0bd-49a1-9c95-6f45e0352c98/confirm"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice"
}
}
}
The response looks like when the payment requires second channel confirmation:
{
"group_header": {
"message_identification": "336ced8c-ae55-4b72-b472-3c9281a19e76",
"creation_date_time": "2023-02-03T12:26:26.924491Z",
"http_code": 200
},
"response": {
"_id": "f3e8bdb7-0516-45d2-b3b5-91d0dac4800a",
"entry_date_time": "2023-02-03T12:15:05.02435Z",
"debtor": {
"account": {
"value": "60391641245",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "2ND CC CONFIRM -6"
},
"creditor": {
"account": {
"value": "60398620472",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Tx Acc Creditor PKK-6"
},
"amount": "50.99",
"currency": "NOK",
"payment_status": "OnHold",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/f3e8bdb7-0516-45d2-b3b5-91d0dac4800a"
}
],
"planned_execution_date": "2023-02-03",
"urgency": "standard",
"requested_execution_date": "2023-02-03",
"payment_type": "DOMESTIC",
"requires_second_channel_confirmation": true
}
}
Norway: bulk confirm payments
This example shows how to bulk confirm payments
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm
This endpoint supports only PUT HTTP Method.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed99y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
]
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "vGm8zaLpQww",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"response":
{
"payments": [
{
"_id": "11d55648-8c1d-45e2-951a-69c5aeaed99y",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "68520561173",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "60010503178",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "NOK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/11d55648-8c1d-45e2-951a-69c5aeaed99y"
}
],
"planned_execution_date": "2020-07-01",
"urgency": "standard"
},
{
"_id": "5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y",
"entry_date_time": "2020-07-01T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "68520561173",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "60010503178",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "NOK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
}
],
"planned_execution_date": "2020-07-01",
"urgency": "standard"
}
]
}
}
Here is an example request for NO decoupled signing using Nordea ID app:
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed10a",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba10a"
],
"authentication_method" = "MTA"
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "vGm8zaLpQww",
"creation_date_time": "2025-01-16T10:11:12.134Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"response":
{
"payments": [
{
"_id": "11d55648-8c1d-45e2-951a-69c5aeaed10a",
"entry_date_time": "2025-01-16T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "68520561173",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "60010503178",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "NOK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/11d55648-8c1d-45e2-951a-69c5aeaed10a"
}
],
"planned_execution_date": "2025-01-16",
"urgency": "standard"
},
{
"_id": "5e6e2d6f-e2dd-4c71-b232-9dfbb88ba10a",
"entry_date_time": "2025-01-16T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "68520561173",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "60010503178",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "NOK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/5e6e2d6f-e2dd-4c71-b232-9dfbb88ba10a"
}
],
"planned_execution_date": "2025-01-16",
"urgency": "standard"
}
]
}
}
Norway: delete single payment
This example shows how to delete a payment.
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Method. Here we use DELETE to delete the payment.
Here is an example request
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic/{paymentId}' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed66x"
],
"errors": []
}
Norway: delete multiple payments
This example shows how to bulk delete payments
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/business/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use DELETE since we want to delete payments.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/business/v4/payments/domestic' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed66y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba66y"
]
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2020-07-01T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed66y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba66y"
],
"errors": []
}