Confirmation of Funds API specific documentation
Overview
The Confirmation of Funds API specification describes the flow and functionality that allows PSD2-regulated TPPs (Client) with the role Card Based Payment Instrument Issuer (CBPII) to get a Y/N response whether Resource Owner (Customer/PSU) has enough funds on their account for a particular payment amount. The Client prior to request confirmation of funds must allow Resource Owner to provide explicit consent to Nordea that Resource Owner has also provided consent to the TPP (Client) for identified account and period. Unlike AIS the consent given to Nordea and Client is “ongoing” and does not expiry after 90 days. However Resource Owner should have possibility to enter expiry date for this consent. Thus, authentication (which consent provisioning is part of) does not need to occur after the initial set up for the specific Client has been completed.
How it works
To be able to perform the Confirmation of Funds service the Client CBPII should get access token which is the result of the Confirmation of Funds Access Authorization service described API Reference. One of the result of access authorization process is establishing consent on a payment account between Resource Owner and Nordea to allow dedicated Client using Confirmation of Funds requests. In the next step Client performs Confirmation of Funds request as such described in this chapter.
Confirmation of Funds API Endpoints
The Confirmation of Funds API for Denmark, Finland, Norway and Sweden has the following endpoint:
| Endpoint | Supported HTTP Methods |
|---|---|
/funds-confirmation | POST |
Confirmation of Funds Flow
The framework has four roles:
- Resource Owner - payment account holder with Nordea (PSU, customer).
- Client - TPP, owner of the Client Application consuming Nordea’s Open Banking API.
- Nordea Open Banking (API).
- Nordea User Interface, enabling the Resource Owner to authenticate themselves and if requested by the TPP, to select accounts for which the agreed access should apply.
The following diagram illustrates how the whole flow works including both phases:
- establish consent - Confirmation of Funds Access Authorization API
- perform Confirmation of Funds service using access token received in Confirmation of Funds Access Authorization API
Confirmation of Funds example
Following cURL command can be used to fetch Confirmation of Funds response after correct Application ID, Client Secret and Access Token are substituted in it:
This endpoint URL has the following form:
POST /funds-confirmation HTTP/1.1This endpoint supports POST HTTP method.
The following cURL can be used to fetch Confirmation of Funds from this endpoint.
$ curl 'https://api.nordeaopenbanking.com/personal/v1/funds-confirmation' -i \
...
other Header data omitted
...
-H 'Authorization: Bearer <ACCESS_TOKEN>'
...
other Header data omitted
...
-H 'X-IBM-Client-Id: <Client ID>'
-H 'X-IBM-Client-Secret: <Client Secret>'
{
"payment" : {
"currency" : "EUR",
"amount" : 100
},
"debtor": {
"account": {
"type": "IBAN",
"value": "FI135XXXXXXXXX0081",
"currency": "EUR"
},
}
...Here is the response for the query above:
{
"funds_confirmation": true | false
} Mock data for Sandbox API test
To test Confirmation of Funds API use the following mock data:
| iban | bban | Currency | Available balance |
|---|---|---|---|
| DK6120301544118028 | 20301544118028 | DKK | 210.15 |
| DK3420301544117544 | 20301544117544 | DKK | 0.00 |
| DK3820301544111555 | 20301544111555 | DKK | 123.60 |
| FI9513783500000209 | EUR | 0.00 | |
| FI6593857450293470 | EUR | -1145.32 | |
| FI3110473500007783 | EUR | 123.60 | |
| NO2260301132843 | 60301132843 | NOK | 8702.38 |
| NO2860010503178 | 60010503178 | NOK | 0.00 |
| NO2160010662675 | 60010662675 | NOK | 123.60 |
| SE8030000000041351300039 | 41351300039 | SEK | 91655.91 |
| SE2730000000032704620016 | 32704620016 | SEK | -1145.32 |