PIS API specific documentation Sweden, Denmark and Norway
Changes from the previous version
This is the change log of the PIS API (domestic), allowing PSD2-regulated TPPs to initiate payments on behalf of the PSU. The top most item is the latest change and the API changes described in it are relative to the version directly below.
Note: Version 3 has been removed.
Version 5.15
New authentication method BANKID_SE_DECOUPLED is added for SE Decoupled payment signing (only in Sandbox for now). When this new authentication is specified in Payment Confirm request, the response will only contain the bank_id_authentication_id parameter and not signing redirect url. Therefore, it is only possible to follow decoupled signing mechanism if the new authentication method is specified in request.
Version 5.14
- Domestic Payment v4 for PIS Personal has been deprecated.
- Added Cancelled and Stopped payment statuses.
Version 5.13
Changes made to Payment field combination table.
Version 5.12
All DK Domestic Payment created with urgency: express should have mandatory creditor name with maximum 70 characters allowed.
Version 5.11
Deprecated Code Calculator-CCALC as signing method for all Payment types (Household segment). (Only applicable to Sandbox for now, will be allowed in Production until 2025 Q3)
Version 5.10
Added recurring payments deletion rules.
Also added mocked scenario for Second channel confirmation (Applicable to both DK & NO Domestic Payment in Sandbox). Scenario name PaymentOnHold2CCYes & PaymentOnHold2CCNo.
Removed ‘BI-WEEKLY’ recurring frequency for NO Domestic Payments.
Version 5.9
Version 4 change log -texts have been removed.
The place of the chapter “Confirmation of Availability of Funds” has been removed.
“Confirmation of Availability of Funds” has been added to
- Payment Initiation
- Get Payment Details
Version 5.8
We will change our payment initiation and signing flows to support a new version of BankID. After the change we will remove the following optional field, “qr_data”.
Before this new version deployment response has been following: { “_id”:“12340843-1234-4351-b868-1bb6329c9153”, “auto_start_token”:“1234567b-78fc-9599-9156-833e7f77f60d”, “qr_data”:“bankid.12344aaa-4cd9-47a2-b1f3-123456b886f3.75.884220c6414abc12322dbf89aabbe9db2b8c9fa086f438a46cbfe9003b9ddeeee”, “status”:“IN_PROGRESS” }
After this new version deployment response will be following: { “_id”:“1234bf78-f527-4c6d-a14d-616886ac993f”, “auto_start_token”:“123abcdf-1234-4ee7-8966-2956a5fabce7”, “status”:“IN_PROGRESS” }
Payments with urgency ‘Express’ should now be supplied with mandatory creditor name and creditor message with maximum 140 characters in length. They will have amount limit of 100000 DKK. All such payments will be executed as Instant Payments.
Get details for Denmark was missing the request-example for the Confirmation of Availability of Funds.
Version 5.7
Added text to clarify the use of Creditor reference and Creditor message. It is not allowed to use both when initiating a Sepa credit transfer.
New scenario introduced for updating payments with decoupled signing to status Paid without having an actual mock flow. Scenario name PaymentDecoupledSigning.
Version 5.6
Authentication methods MTA_OFF and QR_RDR have been removed.
Version 5.5
Confirmation of Availability of Funds has been added to following endpoints
- / payments / domestic
- / payments / sepa
- / payments / cross-border-credit-transfers
- / payments / owntransfer
Two new optional fields have been added
- request_availability_of_funds
- availability_of_funds
Confirmation of Availability is available for version 5
Version 5.4
The formatting of the recurrence type -table corrected. The content should be shown now correct way. Added payment status PendingSecondConfirmation. See details in Payment status description list.
Version 5.3
Support for Animated QR code for Swedish customers using BANKID_SE.
- In order to initiate the decouple signing flow with Animated QR code, the consumer need to add
"authentication_method":"BANKID_SE"into thepayments/confirmrequest body. In this case the response will hold a new fieldbank_id_se_authentication_id. - Two New end-points had been introduced to get the QR code information
v4/payments/domestic/confirm/bankidse/{{bank_id_se_authentication_id}}andv5/payments/confirm/bankidse/{{bank_id_se_authentication_id}}. - The consumers need to implement a polling job every 2 or 3 seconds calling one of the aforementioned services with the new field
bank_id_se_authentication_id. - In the response there will be a new
qr_datafield which can be used to generate the QR, for information about QR https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/qrkoder.
Version 5.2
Added Decouple signing for Denmark, Now PSU in Denmark can sign the payments using Nordea ID app. In order to enable the decouple signing, the TPP need to provide the parameter “authentication_method”=“MTA_DK” during the confirmation step, then Nordea will automatically trigger the decouple signing for the user.
Version 5.1
Minor changes to the documentation.
Version 5.0
Added the new language parameter to the PUT /confirm service. The service consumer can use the new language parameter to determine which language is to be used in the signing page.
Overview
Payment Initiation Services (PIS) API consists of four endpoints. The PIS API can be used to initiate payments, query payment details, and status and confirm payments. This API supports GET, POST and PUT HTTP methods.
API endpoints
The PIS API contains the following endpoints:
| Endpoint | Supported HTTP Methods |
|---|---|
/payments/domestic | GET, POST, DELETE |
/payments/domestic/{paymentId} | GET, DELETE |
/payments/domestic/confirm | PUT |
The /payments/domestic endpoint has two uses, it can be used to initiate a payment and to get a list of pending payments. It supports GET and POST methods. if POST method is used with a body it will initiate a new payment. The request body must contain payment details. if GET method is used it will return a list of pending payments. The return HTTP Codes are: 201 - successfully initiated payment, 200 - OK and a list of initiated payments. The response contains the payment details which include, for example, payment amount and creditor details among other things.
Here is a part of the JSON payload format which can be posted to this endpoint, “_type” is an internal defined representation of the account type.
{
…
"creditor": {
"account": {
"_type": "BBAN_SE",
"currency": "SEK",
"value": "13370233835"
}
…
}
After the payment is initiated by POST request to this endpoint, it will be available by doing GET request to this endpoint which returns a list of pending payments.
The /payments/domestic/{paymentId} endpoint can be used to query payment details by payment id, and it supports only GET HTTP method. The payment id is returned when payment is initiated successfully, and it can be found from the response JSON by the name _id. Moreover, the payment status can be seen in the response by the name payment_status. Full response example of this endpoint can be seen on examples section below.
The /payments/domestic/confirm endpoint can be used for bulk confirmation of payments. The service also allows for individual payment confirmations. Please be aware that processing multiple payments could subsequently result in multiple errors. The post-signing redirect and decoupled solutions are the same as for the single confirmation endpoint. Also note that if 4 payment_id’s are sent, and two of them return errors, the subsequent signing process will only include the two payments with no errors.
In Sandbox: To confirm the payment, call the `/confirm` endpoint and subsequently activate the `signing_url` supplied. The received response is mocked and not valid for further processing. To mock the UI payment signing flow see PIS API Scenarios below.
PIS API Scenarios
The scenarios are implemented on PIS API to allow for easier testing of the applications. Developers can request a specific scenario (or list of scenarios) for certain API calls, for example, when confirming a transfer of funds the developer can request that the transaction processing to fail due to missing funds and the corresponding payment status will be represented in the payment details.
There are the following scenarios available in PIS API related to payment signing and execution.
PaymentSigningExpiresPaymentMissingFundsPaymentOnHoldPaymentDecoupledSigningPaymentOnHold2CCYes,PaymentOnHold2CCNo
PaymentSigningExpires scenario means that the user never signs the payment by MTA (Nordea code app). PaymentMissingFunds in this scenario payment is signed, but there are no funds available. PaymentOnHold in this scenario payment is signed, but the payment is put on hold by Nordea for some reason (for example, fraud). PaymentDecoupledSigning in this scenario the payment is signed automatically as there is no signing url to activate with decoupled signing. PaymentOnHold2CCYes in this scenario the payment status will be ‘OnHold’ due to second channel confirmation by the User, it will be ‘Paid’/‘Confirmed’ automatically after 60 seconds. PaymentOnHold2CCNo in this scenario the payment status will be ‘OnHold’ due to second channel confirmation by the User, it will be ‘Rejected’ automatically after 60 seconds.
There are the following scenarios available for adding a mock UI signing flow to the payment confirmation. Adding any of the UI scenarios to the confirmation flow, then calling /confirm is no longer adequate to sign the payment, The mock UI flow has to be followed. AuthenticationWithUI SigningWithUI
AuthenticationWithUI mimics the 2SCA flow and includes authentication before signing. SigningWithUI shows the mock signing screen only and mimics the 1SCA flow. The signing screen also has built in functionality to check a few scenarios whilst mock signing the payment.
There is additionally a scenario available for mocking the date being rolled. ExecutionDateRolling
ExecutionDateRolling rolls the planned_execution_date compared to the requested_execution_date to mimic that the payment cannot be processed the requested date.
Any scenario is specified either as part of request header or as a query parameter.
Note that the scenarios are available only in the sandbox APIs. They will never be available in the production APIs.
Use `X-Response-Scenarios` for header parameter or query parameter to request scenarios to be applied.
Nordea payment type field combinations
| Endpoint (/payments/.) | Nordea Type | FI | SE | DK | NO | Comments | debtor.account_type | creditor.account_type | .amount (mandatory, max. value) | .currency | .creditor.message | .name (of beneficiary | .reference.value | .reference_type |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| /domestic | Domestic account transfer | X | ”BBAN_SE” or “IBAN" | "BBAN_SE” or “IBAN” | 99 999 999 999,99 | ”SEK” | optional (max. 12) | optional | N/A | N/A | ||||
| /domestic | Domestic account transfer | X | If reference is supplied, then message is not applicable, and vice versa. | ”BBAN_DK” or “IBAN" | "BBAN_DK” or “IBAN” | 9 999 999 999,99 | ”DKK” | Standard: Max. 40 characters (DK) Express: Max. 140 characters (Only DK) | Mandatory for DK Payments with urgency: Express max. 70 characters. Optional for Standard | optional | ”RF” | |||
| /domestic | Domestic account transfer (With/Without advice) | X | If comment is added, it is considered to be With advice. | ”BBAN_NO” or “IBAN" | "BBAN_NO” or “IBAN” | 9 999 999,99 | ”NOK” | optional, see comment (max. 140) | optional | N/A | N/A | |||
| /domestic | KID | X | ”BBAN_NO” or “IBAN" | "BBAN_NO” or “IBAN” | 9 999 999,99 | ”NOK” | N/A | mandatory | mandatory | ”OCR” | ||||
| /domestic | BankGiro | X | If OCR reference and value is supplied, then message is not applicable, and vice versa. Some accounts have OCR reference as mandatory as per request of the creditor. | ”BBAN_SE” or “IBAN" | "BGNR” | 99 999 999 999,99 | ”SEK” | optional (max. 150) | N/A | optional | ”OCR” | |||
| /domestic | PlusGiro | X | If OCR reference and value is supplied, then message is not applicable, and vice versa. Some accounts have OCR reference as mandatory as per request of the creditor. | ”BBAN_SE” or “IBAN" | "PGNR” | 99 999 999 999,99 | ”SEK” | optional (max. 25) | mandatory | optional | ”OCR” | |||
| /domestic | Giro | X | Transfer form for Denmark. Note that debtor.message is mandatory for all Giro payments. | ”BBAN_DK” or “IBAN" | "GIRO_DK” | 9 999 999,99 | ”DKK” | only for 01, 73 and 75 (max. 105) | N/A | mandatory for 04, 15, 71 and 75 others N/A | ”01”, “04”, “15”, “71”, “73” or “75” | |||
| /SEPA | SEPA | X | FI uses SEPA for domestic payments as well. It is not allowed to use both Creditor reference and Creditor message when initiating a Sepa credit transfer. | ”IBAN" | "IBAN” | 999 999 999,99 | ”EUR” | optional (max. 140) | mandatory | mandatory | ”INVOICE” or “RF” | |||
| /domestic-credit-transfer | Single SCA domestic | X | X | X | There is no hard limit, but the payment will be rejected if fraud detection is required due to amount size (individual limits apply). Beneficiary name rules apply like on a normal domestic payment for each country. Beneficiary message is max. 40 characters for DK urgency: Standard max.140 for urgency: Express and only 12 for SE.Swedish GIRO payments as well as Norwegian KID payments have been added. | ”IBAN”,“BBAN_SE" | "IBAN”,“PGNR”,“BGNR” | N/A | ”SEK”/“DKK”/“NOK” | optional (max. 140) | Mandatory for Express max. 70 characters allowed | optional | ”OCR” | |
| /sepa-credit-transfer | Single SCA SEPA | X | SEPA | ”IBAN" | "IBAN” | N/A | ”EUR” | optional (max. 140) | mandatory | N/A | N/A |
Payment status description
| Payment Status | Description | Confirmable | Deletable |
|---|---|---|---|
| PendingConfirmation | A payment was created. Confirmation step has not yet been started. | Yes | Yes |
| PendingSecondConfirmation | The payment was already confirmed, but requires a second confirmation. The process activation is identical to PendingConfirmation, however this second confirmation require an individual second confirmation, so do not send more than one payment in the confirmation payment list request. Only apply to FI payments. | Yes | Yes |
| PendingUserApproval | The PSU-signing process has started. | No | Yes, but if you already redirected or supplied a signing url to the PSU, they will still be able to proceed with the signing flow, however the payment will NOT be executed. Please do what you can to make sure the PSU does not continue with the signing, if you decided to delete the payment. |
| OnHold | Payment was put on hold by bank, for example due to fraud suspicion. The PSU needs to contact the bank, or maybe reply a sms. | No | No |
| UserApprovalFailed | Payment process failed. It’s possible to try again. See tpp_messages in response for further details. | Yes | Yes |
| UserApprovalTimeout | A specific time frame is set for the signing process, in which the PSU needs to sign the payment. If timeline is exceeded the signing process expires and has to be restarted. This will also be the status in the user started the signing process, but did not complete it. | Yes | Yes |
| UserApprovalCancelled | The PSU deliberately rejected signing the payment during the signing flow. | Yes | Yes |
| Paid | The payment has been properly initiated, confirmed, signed and debited. Status Paid does not confirm receipt of payment by the payee. There can still be events that lead to a non-performance of the payment. For example, even after the payers account was debited, different types of mandatory monitoring may lead to a situation where a payment is not performed. | No | No |
| Confirmed | The payment has been properly initiated, confirmed, signed, but is pending final execution. Could be a future dated payment, or due to bulk clearing of payments (i.e. not instant). | No | Future dated can be deleted. If for today then no, but if the customer contacts the bank it can be stopped |
| Rejected | As stated the payment has been rejected. See the tpp_messages for further details. This payment cannot be (re-)confirmed. | No | No |
| InsufficientFunds | The PSU cannot fund this payment from the chosen account. | No | Yes |
| LimitExceeded | The PSU, the account, or the channel has a limit that has been exceeded. This is technically (re-)confirmable, but it requires something has been changed, for instance the limit is raised or a new month has begun. | Yes | Yes |
| Unknown | On rare occasions the core payment engine in Nordea returns a status that has not been mapped to any of the above payment statuses. It could be caused by the fact that some processes run in parallel in the core payment engine. Most of these statuses are likely to be changed in a matter of milliseconds. Please re-query the status again until one of the above statuses is received instead. | N/A | N/A |
| Cancelled | The payment was cancelled. | No | No |
| Stopped | The payment was stopped. | No | No |
Recurring payments
The recurring payments - sometimes also known as standing order - information consist of two additional values; the count and the recurrence_type.
Note: A simple way to find the next occurrence of the recurring payment in the payment list would be to add an
external_idwhen initiating the payment. Theexternal_idwill be present on all occurrences of this payment.
T7he count has to be a minimum of 2, as the first payment is executed on the requested execution date as a normal payment, and creates another payment immediately afterwards. The number of payments remaining can be found in the count field if payment list or details are requested. It will decrease by 1 for each version of the payment that has been Paid. The normal maximum value for count is 98, but the number 9999 (four nines) is used to indicate an infinite series of identical payments that will not stop until deleted by the submitter. This special ‘count’ will not decrease with each Paid payment, and will continue to return the number 9999.
Note: Use
/deleteinterfaces to remove the next version of the payment (only_next_occurrence=TRUE), or removing the entire series (only_next_occurrence=FALSE).
Recurring payments deleting rules:
- When deleting a pending recurring payment, this always deletes the entire series.
- When deleting a a recurring payment in Finland, this always deletes the entire series.
| recurrence_type | FI | SE | DK | NO | Description |
|---|---|---|---|---|---|
| DAILY | X | Every banking day | |||
| WEEKLY | X | X | Weekly, based on the day of the requested execution date (or the next banking day) | ||
| BIWEEKLY | X | Every 2 weeks on the weekday of the request execution date (or the next banking day). For Norway BIWEEKLY is only supported for the own account transfers. | |||
| MONTHLY_SAME_DAY | X | X | X | X | Monthly, based on the day of requested execution date (or the next banking day). For Sweden MONTHLY_SAME_DAY is not supported for the own account transfers. |
| MONTHLY_EOM | X | Monthly on the last banking day of the month | |||
| QUARTERLY_SAME_DAY | X | X | Every 3 months on the requested execution date (or the next banking day). | ||
| QUARTERLY_EOM | X | Every 3 months on the the last banking day of the month | |||
| TRI_ANNUALLY_SAME_DAY | X | Every 4 months on the requested execution date (or the next banking day) | |||
| SEMI_ANNUALLY_SAME_DAY | X | X | Every 6 months on the requested execution date (or the next banking day) | ||
| SEMI_ANNUALLY_EOM | X | Every 6 months on the the last banking day of the month | |||
| YEARLY_SAME_DAY | X | X | Once a year on the requested execution date (or the next banking day) | ||
| YEARLY_EOM | X | Once a year on the the last banking day of the month | |||
| EVERY_MINUTE_SANDBOX_ONLY | X | X | X | X | Testing in Sandbox only! Every minute, a recurrence of the payment will be Paid and the next occurrence created until the counter reaches 0. |
In Sandbox: We have added EVERY_MINUTE_SANDBOX_ONLY to `recurrence_type` for you to test the `count` and `status` of the payments in the sandbox. As confirmed payments in sandbox automatically gets `Paid` after a few second, the recurring payments will automatically run until the `count` reaches 0. Please avoid using 9999 too many times whilst testing, and EVERY_MINUTE_SANDBOX_ONLY is not accepted in production.
Confirmation of Availability of Funds
Confirmation of Availability of Funds has been added to this endpoint.
Two new optional fields have been added
- request_availability_of_funds
- availability_of_funds
Confirmation of Availability is available for version 5.
Payment initiation
If 2SCA initiation payment endpoint is available and the request contains the new field, request_availability_of_funds set to true and SBX scenario specified “FundsNotAvalable” in request header when the endpoint is invoked, then the payment initiation response is returned with new field availability_of_funds is set false.
If 2SCA initiation payment endpoint is available and the request contains the new field, request_availability_of_funds set to true and SBX scenario is not specified when the endpoint is invoked, then the payment initiation response returned with new field availability_of_funds is set true.
Get payment details
If 2SCA get payment details endpoint is available and SBX scenario is specified FundsNotAvailable and payment status is not Rejected or Executed, when the endpoint is invoked with query parameter request_availability_of_funds true, then the response of Get Payment Details is returned with funds info availability_of_funds set false.
If 2SCA get payment details endpoint is available and SBX scenario is not specified and payment status is not Rejected or Executed, when the endpoint is invoked with query parameter request_availability_of_funds true, then the response of Get Payment Details is returned with funds info availability_of_funds set true.
The examples for Payment initiation and Get payment details of Confirmation of Availability of Funds are updated in this documentation in Denmark examples.
PIS API examples Denmark
Denmark: get list of payments
This example shows how to get list of pending payments.
This endpoint URL has the following form
https://api.nordeaopenbanking.com/personal/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use GET since we want to get list of payments.
Here is an example request for Denmark:
$ curl 'https://api.nordeaopenbanking.com/personal/v5/payments/domestic-credit-transfers/' -i -X GET \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Digest: <digest>' \
Here is a sample response for Denmark:
{
"group_header":
{
"message_identification": "icOWDBxgHec",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "4b30af6a-ec58-4bf1-a5a9-4d4b882ae2a7",
"external_id": "tpp_supplied_string",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "23001546139529",
"_type": "BBAN_DK",
"currency": "DKK"
}
},
"creditor":
{
"account":
{
"value": "23001546147254",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "cred msg"
},
"amount": "7.12",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/4b30af6a-ec58-4bf1-a5a9-4d4b882ae2a7"
}
],
"urgency": "standard",
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
]
}
}
Denmark: initiate a new payment
In this example, we initiate a new payment.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v5/payments/domestic-credit-transfers/
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use POST since we create a new payment.
Here is an example request (domestic). The example contains Confirmation of Availability of Funds:
$ curl 'https://api.nordeaopenbanking.com/personal/v5/payments/domestic-credit-transfers/' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>' \
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"instructed_amount": {
"amount": 11,
"currency": "DKK"
},
"requested_execution_date": "2024-05-31",
"creditor": {
"account": {
"_type": "BBAN_DK",
"currency": "DKK",
"value": "30013001783718"
},
"message": "crd msg",
"name": "ben name"
},
"debtor": {
"account": {
"_type": "BBAN_DK",
"currency": "DKK",
"value": "20301544118028"
},
"message": "Message for debtor"
},
"external_id": "some id",
"urgency": "sameday"
"request_availability_of_funds": true
}
And the sample response looks like this (domestic):
"group_header": {
"message_identification": "438a06ce11001cd2bf4527b8f301ca2c",
"creation_date_time": "2024-05-31T06:23:13.822943626Z",
"http_code": 201
},
"response": {
"_id": "ca89cc0c-4bd0-4d94-b2fb-b32325a203f4",
"external_id": "some id",
"entry_date_time": "2024-05-31T06:23:13.822396014Z",
"debtor": {
"account": {
"currency": "DKK",
"value": "20301544118028",
"_type": "BBAN_DK"
},
"message": "Message for debtor"
},
"creditor": {
"account": {
"currency": "DKK",
"value": "30013001783718",
"_type": "BBAN_DK"
},
"message": "crd msg"
},
"instructed_amount": {
"amount": "11",
"currency": "DKK"
},
"payment_status": "PendingConfirmation",
"urgency": "sameday",
"requested_execution_date": "2024-05-31",
"planned_execution_date": "2024-05-31",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v5/payments/ca89cc0c-4bd0-4d94-b2fb-b32325a203f4"
}
]
"availability_of_funds": true
}
}
Here is an example request (Giro):
$ curl 'https://api.nordeaopenbanking.com/personal/v5/payments/domestic-credit-transfers/' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>' \
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
{
"externalId": "tpp_supplied_string",
"amount": "1.13",
"urgency": "standard",
"currency": "DKK",
"debtor": {
"account": {
"_type": "BBAN_DK",
"currency": "DKK",
"value": "20301544118028"
},
"message": "Own message"
},
"creditor": {
"account": {
"_type": "GIRO_DK",
"currency": "DKK",
"value": "80583079"
},
"reference": {
"_type": "71",
"value": "000000003097920"
},
}
}
And the response looks like this (Giro):
{
"group_header":
{
"message_identification": "J2Do7gUqGyI",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "93e88380-3ec9-432a-98af-ca8c0fa6c910",
"external_id": "tpp_supplied_string",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "20301544118028",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "80583079",
"_type": "GIRO_DK",
"currency": "DKK"
},
"reference":
{
"value": "000000003097920",
"_type": "71"
}
},
"amount": "1.13",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/93e88380-3ec9-432a-98af-ca8c0fa6c910"
}
],
"urgency": "standard",
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
}
Note that the
payment_statusisPendingConfirmation, it means the payment confirming(signing) process has to be started by you the TPP.
Denmark: get payment information
This example shows how to query payment information.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Methods. Here we use GET to see the details of the payment.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/{paymentId}' -i -X GET \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks:
{
"group_header":
{
"message_identification": "5M_f4r-uZmw",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response":
{
"_id": "93e88380-3ec9-432a-98af-ca8c0fa6c910",
"external_id": "tpp_supplied_string",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "20301544118028",
"_type": "BBAN_DK",
"currency": "DKK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "80583079",
"_type": "GIRO_DK",
"currency": "DKK"
},
"reference":
{
"value": "000000003097920",
"_type": "71"
}
},
"amount": "1.13",
"currency": "DKK",
"fee":
{
"_type": "domestic_transaction",
"currency_code": "DKK",
"country_code": "DK",
"value": "0"
},
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/93e88380-3ec9-432a-98af-ca8c0fa6c910"
},
{
"rel": "signing",
"href": "https://...?client_id=...&code_challenge_method=S256&redirect_uri=https://...&response_type=code&code_challenge=...&scope=openid+ndf+agreement&state=paymentid..."
}
],
"urgency": "standard",
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
Here is an example request when Confirmation of Availability of Funds is used:
$ curl -L -X GET 'https://api.nordeaopenbanking.com/personal/v5/payments/{paymentId}' ?request_availability_of_funds=true' \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks like with Confirmation of Availability of Funds:
{
"group_header": {
"message_identification": "36b4bfc5b423e3b10f3d380010859727",
"creation_date_time": "2024-06-13T07:28:47.671457062Z",
"http_code": 200
},
"response": {
"_id": "cd9ce3ea-71e7-4da4-8fdc-5e5ed96184a2",
"external_id": "TPP Unique ID",
"entry_date_time": "2024-06-13T07:26:14.909110718Z",
"debtor": {
"account": {
"currency": "DKK",
"value": "20301544118028",
"_type": "BBAN_DK"
},
"message": "some message"
},
"creditor": {
"account": {
"currency": "DKK",
"value": "23001546147254",
"_type": "BBAN_DK"
},
"reference": {
"value": "RF18539007547034",
"_type": "RF"
}
},
"instructed_amount": {
"amount": "0.63",
"currency": "DKK"
},
"transaction_fee": {
"_type": "domestic_transaction",
"country_code": "DK",
"total_fee_amount": {
"amount": "0",
"currency": "DKK"
}
},
"payment_status": "PendingConfirmation",
"requested_execution_date": "2024-06-13",
"planned_execution_date": "2024-06-13",
"charge_bearer": "shar",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v5/payments/cd9ce3ea-71e7-4da4-8fdc-5e5ed96184a2"
}
],
"availability_of_funds": true
}
}
Denmark: bulk confirm payments
This example shows how to bulk confirm payments
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v5/payments
This endpoint supports only PUT HTTP Method.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids": [
"e19d59cc-5bfb-4147-a935-f78b4319c89b",
"cc068b28-5485-43e9-8066-9de766a30aa9"
],
"redirect_url": "https://www.nordea.com",
"authentication_method":"",
"language":"en"
}
And this is how the response looks like:
{
"group_header": {
"message_identification": "d7326a390e8a496acbecaf7e7376b516",
"creation_date_time": "2024-05-31T07:37:44.132903619Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://api.nordeaopenbanking.com/personal/nasa-mock/pis/sign?client_id=dummy_client_id_dk&code_challenge_method=S256&redirect_uri=https://api.nordeaopenbanking.com&response_type=code&code_challenge=HEheEjqU61iWyA4CU82Wl_V3X3h2aj5rpWlpY3i_1xM&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD1lMTlkNTljYy01YmZiLTQxNDctYTkzNS1mNzhiNDMxOWM4OWImc3RhdGVfaWQ9ZTE5ZDU5Y2MtNWJmYi00MTQ3LWE5MzUtZjc4YjQzMTljODli&signing_order_id=e19d59cc-5bfb-4147-a935-f78b4319c89b&login_hint=null&X-Response-Scenarios=AuthenticationWithUI"
}
],
"response": {
"payments": [
{
"_id": "e19d59cc-5bfb-4147-a935-f78b4319c89b",
"external_id": "some id",
"entry_date_time": "2024-05-31T07:36:18.455384827Z",
"debtor": {
"account": {
"currency": "DKK",
"value": "20301544118028",
"_type": "BBAN_DK"
},
"message": "Message for debtor"
},
"creditor": {
"account": {
"currency": "DKK",
"value": "30013001783718",
"_type": "BBAN_DK"
},
"message": "crd msg"
},
"instructed_amount": {
"amount": "11",
"currency": "DKK"
},
"transaction_fee": {
"_type": "domestic_transaction",
"country_code": "DK",
"total_fee_amount": {
"amount": "0",
"currency": "DKK"
}
},
"payment_status": "PendingUserApproval",
"urgency": "sameday",
"requested_execution_date": "2024-05-31",
"planned_execution_date": "2024-05-31",
"charge_bearer": "shar",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v5/payments/e19d59cc-5bfb-4147-a935-f78b4319c89b"
}
]
},
{
"_id": "cc068b28-5485-43e9-8066-9de766a30aa9",
"external_id": "some id",
"entry_date_time": "2024-05-31T07:37:18.662774385Z",
"debtor": {
"account": {
"currency": "DKK",
"value": "20301544118028",
"_type": "BBAN_DK"
},
"message": "Message for debtor"
},
"creditor": {
"account": {
"currency": "DKK",
"value": "30013001783718",
"_type": "BBAN_DK"
},
"message": "crd msg"
},
"instructed_amount": {
"amount": "11",
"currency": "DKK"
},
"transaction_fee": {
"_type": "domestic_transaction",
"country_code": "DK",
"total_fee_amount": {
"amount": "0",
"currency": "DKK"
}
},
"payment_status": "PendingUserApproval",
"urgency": "sameday",
"requested_execution_date": "2024-05-31",
"planned_execution_date": "2024-05-31",
"charge_bearer": "shar",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v5/payments/cc068b28-5485-43e9-8066-9de766a30aa9"
}
]
}
]
}
}
Denmark: bulk confirm payments with decouple signing
This example shows how to bulk confirm payments
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic/confirm
This endpoint supports only PUT HTTP Method.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v5/payments' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids": [
"819c1237-a11b-4c36-9813-572d1c4585b7",
"dba025d1-aa42-4c57-b948-3ef8532ec606"
],
"redirect_url": "https://www.nordea.com",
"authentication_method":"MTA_DK",
"language":"en"
}
And this is how the response looks like:
{
"group_header": {
"message_identification": "b37a79d82c3a38130f6c4997aff79927",
"creation_date_time": "2024-05-31T07:48:01.799855977Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://api.nordeaopenbanking.com/personal/nasa-mock/pis/sign?client_id=dummy_client_id_dk&code_challenge_method=S256&redirect_uri=https://api.nordeaopenbanking.com&response_type=code&code_challenge=ElAS1khfg1rIt-_qEe4k2P5smiSndbsefJk7Spuw6To&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD04MTljMTIzNy1hMTFiLTRjMzYtOTgxMy01NzJkMWM0NTg1Yjcmc3RhdGVfaWQ9ODE5YzEyMzctYTExYi00YzM2LTk4MTMtNTcyZDFjNDU4NWI3&signing_order_id=819c1237-a11b-4c36-9813-572d1c4585b7&login_hint=MTA_DK&X-Response-Scenarios=AuthenticationWithUI"
}
],
"response": {
"payments": [
{
"_id": "819c1237-a11b-4c36-9813-572d1c4585b7",
"external_id": "some id",
"entry_date_time": "2024-05-31T07:42:21.406899814Z",
"debtor": {
"account": {
"currency": "DKK",
"value": "20301544118028",
"_type": "BBAN_DK"
},
"message": "Message for debtor"
},
"creditor": {
"account": {
"currency": "DKK",
"value": "30013001783718",
"_type": "BBAN_DK"
},
"message": "crd msg"
},
"instructed_amount": {
"amount": "11",
"currency": "DKK"
},
"transaction_fee": {
"_type": "domestic_transaction",
"country_code": "DK",
"total_fee_amount": {
"amount": "0",
"currency": "DKK"
}
},
"payment_status": "PendingUserApproval",
"urgency": "sameday",
"requested_execution_date": "2024-05-31",
"planned_execution_date": "2024-05-31",
"charge_bearer": "shar",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v5/payments/819c1237-a11b-4c36-9813-572d1c4585b7"
}
]
},
{
"_id": "dba025d1-aa42-4c57-b948-3ef8532ec606",
"external_id": "some id",
"entry_date_time": "2024-05-31T07:42:51.411480677Z",
"debtor": {
"account": {
"currency": "DKK",
"value": "20301544118028",
"_type": "BBAN_DK"
},
"message": "Message for debtor"
},
"creditor": {
"account": {
"currency": "DKK",
"value": "30013001783718",
"_type": "BBAN_DK"
},
"message": "crd msg"
},
"instructed_amount": {
"amount": "11",
"currency": "DKK"
},
"transaction_fee": {
"_type": "domestic_transaction",
"country_code": "DK",
"total_fee_amount": {
"amount": "0",
"currency": "DKK"
}
},
"payment_status": "PendingUserApproval",
"urgency": "sameday",
"requested_execution_date": "2024-05-31",
"planned_execution_date": "2024-05-31",
"charge_bearer": "shar",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v5/payments/dba025d1-aa42-4c57-b948-3ef8532ec606"
}
]
}
]
}
}
an example request with the language :
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids": [
"2f8a406c-fc2f-4826-901f-6366cdcd4334"
],
"redirect_url": "https://www.nordea.com",
"authentication_method": "MTA_DK",
"language": "da"
}
And this is how the response looks like, it will be the same response in either cases with/without decouple signing:
{
"group_header": {
"message_identification": "5acf19653636ff31eb585570647a5580",
"creation_date_time": "2024-05-31T07:52:56.670771508Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://api.nordeaopenbanking.com/personal/nasa-mock/pis/sign?client_id=dummy_client_id_dk&code_challenge_method=S256&redirect_uri=https://api.nordeaopenbanking.com&response_type=code&code_challenge=2K4HXk-XRO-ewNGAjwsTcDvF_vslqjL0AbURkxw54W8&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD0yZjhhNDA2Yy1mYzJmLTQ4MjYtOTAxZi02MzY2Y2RjZDQzMzQmc3RhdGVfaWQ9MmY4YTQwNmMtZmMyZi00ODI2LTkwMWYtNjM2NmNkY2Q0MzM0&signing_order_id=2f8a406c-fc2f-4826-901f-6366cdcd4334&login_hint=MTA_DK&X-Response-Scenarios=AuthenticationWithUI"
}
],
"response": {
"payments": [
{
"_id": "2f8a406c-fc2f-4826-901f-6366cdcd4334",
"external_id": "some id",
"entry_date_time": "2024-05-31T07:52:37.403461275Z",
"debtor": {
"account": {
"currency": "DKK",
"value": "20301544118028",
"_type": "BBAN_DK"
},
"message": "Message for debtor"
},
"creditor": {
"account": {
"currency": "DKK",
"value": "30013001783718",
"_type": "BBAN_DK"
},
"message": "crd msg"
},
"instructed_amount": {
"amount": "11",
"currency": "DKK"
},
"transaction_fee": {
"_type": "domestic_transaction",
"country_code": "DK",
"total_fee_amount": {
"amount": "0",
"currency": "DKK"
}
},
"payment_status": "PendingUserApproval",
"urgency": "sameday",
"requested_execution_date": "2024-05-31",
"planned_execution_date": "2024-05-31",
"charge_bearer": "shar",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v5/payments/2f8a406c-fc2f-4826-901f-6366cdcd4334"
}
]
}
]
}
}
Denmark: delete single payment
This example shows how to delete a payment.
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v5/payments
This endpoint supports GET and DELETE HTTP Method. Here we use DELETE to delete the payment.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v5/payments' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'\
-H 'Digest:<Digest>'
``` {
"payments": [
{"payment_id": "2f8a406c-fc2f-4826-901f-6366cdcd4334", "only_next_occurrence": "true"}
}
And here is how the response looks like:
{
"group_header": {
"message_identification": "75b7893497af1f29b19e98c9ffe137c2",
"creation_date_time": "2024-05-31T07:56:55.341477657Z",
"http_code": 200
},
"response": [
"2f8a406c-fc2f-4826-901f-6366cdcd4334"
]
"errors": [],
}
Denmark: delete multiple payments
This example shows how to bulk delete payments
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v5/payments
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use DELETE since we want to delete payments.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments": [
{ "payment_id": "91b0e5dc-b725-4cd5-b0e2-9f0d3cd75694", "only_next_occurrence": "true" }
,
{ "payment_id": "4691d4de-3355-47e6-a85c-7b6a4b1d2916", "only_next_occurrence": "true" }
]
}
And this is how the response looks like:
{
"group_header": {
"message_identification": "890a433ae25bbc8d40571762ea83c10a",
"creation_date_time": "2024-05-31T08:18:46.523544941Z",
"http_code": 200
},
"response": [
"91b0e5dc-b725-4cd5-b0e2-9f0d3cd75694",
"4691d4de-3355-47e6-a85c-7b6a4b1d2916"
],
"errors": []
}
PIS API examples Sweden
Sweden: get list of payments
This example shows how to get list of pending payments.
This endpoint URL has the following form
https://api.nordeaopenbanking.com/personal/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use GET since we want to get list of payments.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/' -i -X GET \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
Here is the response:
{
"group_header":
{
"message_identification": "uYC_cq0nmzE",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "350d852b-f087-40d7-9b12-08371a7dc201",
"external_id": "tpp_supplied_string",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/350d852b-f087-40d7-9b12-08371a7dc201"
}
],
"amount": "12345678.12",
"currency": "SEK",
"debtor":
{
"account":
{
"value": "41351300039",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "51965770",
"_type": "BGNR",
"currency": "SEK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345",
"_type": "OCR"
}
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
},
{
"_id": "cd1ff779-94dd-4a53-ba84-7577e4b93b6e",
"external_id": "tpp_supplied_string",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/cd1ff779-94dd-4a53-ba84-7577e4b93b6e"
}
],
"amount": "12345678.12",
"currency": "SEK",
"debtor":
{
"account":
{
"value": "41351300039",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "51965770",
"_type": "BGNR",
"currency": "SEK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345",
"_type": "OCR"
}
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
]
}
}
Sweden: initiate a new payment
In this example, we initiate a new payment.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use POST since we want to create a new payment.
And here is example request (domestic):
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"amount": "17.88",
"currency": "SEK",
"debtor": {
"account": {
"_type": "BBAN_SE",
"currency": "SEK",
"value": "18102357371"
},
"message": "Own message"
},
"creditor": {
"account": {
"_type": "BBAN_SE",
"currency": "SEK",
"value": "41770042136"
},
"message": "creditor msg",
"name": "Beneficiary name"
},
"external_id": "tpp_supplied_string"
}
And the response looks like this:
{
"group_header":
{
"message_identification": "m3-1v7i7FiM",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "fab483a9-af20-4640-8372-1dac317ef994",
"external_id": "tpp_supplied_string",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "18102357371",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "41770042136",
"_type": "BBAN_SE",
"currency": "SEK"
},
"name": "Beneficiary name",
"message": "creditor msg"
},
"amount": "17.88",
"currency": "SEK",
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/fab483a9-af20-4640-8372-1dac317ef994"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
}
Another example request (BankGiro):
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"amount":"224.50",
"currency": "SEK",
"debtor": {
"account": {
"value": "41351300039",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own notes"
},
"creditor": {
"account": {
"value": "51965770",
"_type": "BGNR"
},
"name": "",
"reference": {
"value": "109939429740003",
"_type": "OCR"
}
},
"external_id": "tpp_supplied_string"
}
And the response looks like this (BankGiro):
{
"group_header":
{
"message_identification": "5DBziGqrzLs",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "fd7ed782-8a2a-417f-a428-c351addd4d2f",
"external_id": "tpp_supplied_string",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "41351300039",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own notes"
},
"creditor":
{
"account":
{
"value": "51965770",
"_type": "BGNR",
"currency": "SEK"
},
"reference":
{
"value": "109939429740003",
"_type": "OCR"
}
},
"amount": "224.5",
"currency": "SEK",
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/fd7ed782-8a2a-417f-a428-c351addd4d2f"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
}
Another example request (PlusGiro):
{
"amount":"224.50",
"currency": "SEK",
"debtor": {
"account": {
"value": "41351300039",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own notes"
},
"creditor": {
"account": {
"value": "9366006",
"_type": "PGNR"
},
"name": "",
"reference": {
"value": "109939429740003",
"_type": "OCR"
}
},
"external_id": "tpp_supplied_string"
}
And the response looks like this (PlusGiro):
{
"group_header":
{
"message_identification": "5DBziGqrzL8",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "fd7ed782-8a2a-417f-a428-c351addd4d2f",
"external_id": "tpp_supplied_string",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "41351300039",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own notes"
},
"creditor":
{
"account":
{
"value": "9366006",
"_type": "PGNR",
"currency": "SEK"
},
"reference":
{
"value": "109939429740003",
"_type": "OCR"
}
},
"amount": "224.5",
"currency": "SEK",
"payment_status": "PendingConfirmation",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/fd7ed782-8a2a-417f-a428-c351addd4d2f"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
}
Note that the
payment_statusisPendingConfirmation, it means the payment confirming(signing) process has to be started by you the TPP.
Sweden: get payment information
This example shows how to query payment information.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Methods. Here we use GET to see the details of the payment.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/{paymentId}' -i \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks like (domestic):
{
"group_header":
{
"message_identification": "MdwmEC_LdTY",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response":
{
"_id": "93070920-0076-4a4d-ad0d-cd23a0e9d740",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/93070920-0076-4a4d-ad0d-cd23a0e9d740"
}
],
"amount": "1.11",
"currency": "SEK",
"debtor":
{
"account":
{
"value": "41770042136",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"name": "Beneficiary name",
"message": "Another"
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
}
Sweden: bulk confirm payments
This example shows how to bulk confirm payments
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic/confirm
This endpoint supports only PUT HTTP Method.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed99y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
]
}
And this is how the response looks like:
Note: Swedish bulk confirm service uses redirect signing url’s.
{
"group_header":
{
"message_identification": "vGm8zaLpQww",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"response":
{
"payments": [
{
"_id": "11d55648-8c1d-45e2-951a-69c5aeaed99y",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "41350000279",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "SEK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/11d55648-8c1d-45e2-951a-69c5aeaed99y"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
},
{
"_id": "5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "41351300039",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "SEK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
]
}
}
Here is an example request, with the authentication method BANKID_SE (Decouple signing):
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed99y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
],
"authentication_method":"BANKID_SE"
}
And this is how the response looks like:
Note: Swedish bulk confirm service uses redirect signing url and auto_start_token to launch the BankId mobile app.
{
"group_header":
{
"message_identification": "vGm8zaLpQww",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"auto_start_token": "0bae4e71-d3d9-4820-9b4c-5d423b049342",
"bank_id_se_authentication_id": "2b669a0d-1679-4b39-8777-45fc73318115",
"response":
{
"payments": [
{
"_id": "11d55648-8c1d-45e2-951a-69c5aeaed99y",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "41350000279",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "SEK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/11d55648-8c1d-45e2-951a-69c5aeaed99y"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
},
{
"_id": "5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "41351300039",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "13370233835",
"_type": "BBAN_SE",
"currency": "SEK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "SEK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
]
}
}
Here is an example request of the QR code info service, Animated QR code :
$ GET 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/confirm/bankidse/2b669a0d-1679-4b39-8777-45fc73318115 ' -i -X GET\
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
}
The response
{
"group_header": {
"message_identification": "c01bd1bf582ca835",
"creation_date_time": "2024-01-26T10:26:48.5214658Z",
"http_code": 200
},
"response": {
"auto_start_token": "387a3eb0-0c50-4a28-ad06-67841ea9b50a",
"_id": "2b669a0d-1679-4b39-8777-45fc73318115",
"bank_id_se_authentication_status": "IN_PROGRESS"
}
}
Sweden: delete single payment
This example shows how to delete a payment.
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Method. Here we use DELETE to delete the payment.
Here is an example request
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/{paymentId}' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed77x"
],
"errors": []
}
Sweden: delete multiple payments
This example shows how to bulk delete payments
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use DELETE since we want to delete payments.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments":[
{payment_id":"11d55648-8c1d-45e2-951a-69c5aeaed77y"},
{payment_id":"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba77y"}
]
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed77y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba77y"
],
"errors": []
}
PIS API examples Norway
Norway: get list of payments
This example shows how to get list of pending payments.
This endpoint URL has the following form
https://api.nordeaopenbanking.com/personal/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use GET since we want to get list of payments.
Here is an example request for Norway:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/' -i -X GET \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
Here is the response for Norway (domestic):
{
"group_header":
{
"message_identification": "L1Udq2Ut3Xk",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "522df97c-d0bd-49a1-9c95-6f45e0352c98",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/522df97c-d0bd-49a1-9c95-6f45e0352c98"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice"
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
},
{
"_id": "9fc14e1c-ff0b-41a3-b5ea-dd8fcda7258c",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/9fc14e1c-ff0b-41a3-b5ea-dd8fcda7258c"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60010502570",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice"
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
},
{
"_id": "8348a589-868c-4ff9-ada7-4b442134a899",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "UserApprovalTimeout",
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/8348a589-868c-4ff9-ada7-4b442134a899"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60010502570",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice"
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
]
}
}
Here is the response for Norway (KID):
{
"group_header":
{
"message_identification": "L1Udq2Ut3Xk",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response":
{
"payments": [
{
"_id": "9fc14e1c-ff0b-41a3-b5ea-dd8fcda7258c",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/9fc14e1c-ff0b-41a3-b5ea-dd8fcda7258c"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60010502570",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345-",
"_type": "OCR"
}
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
},
{
"_id": "157623d9-627c-4e34-86dc-318284f158af",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/157623d9-627c-4e34-86dc-318284f158af"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345-",
"_type": "OCR"
}
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
]
}
}
Norway: initiate a new payment
In this example, we initiate a new payment.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use POST since we create a new payment.
Here is an example request (domestic):
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
{
"amount": "1.13",
"urgency": "express",
"currency": "NOK",
"debtor": {
"account": {
"_type": "BBAN_NO",
"currency": "NOK",
"value": "60301132843"
}
},
"creditor": {
"account": {
"_type": "BBAN_NO",
"currency": "NOK",
"value": "86011117948"
},
"message": "Some advice",
"name": "Beneficiary name"
},
"external_id": "tpp_supplied_string"
}
And the response looks like this (domestic):
{
"group_header":
{
"message_identification": "LZiyNqd8iQA",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "ba1c0234-396d-4f66-8b70-2ebc55f02400",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/ba1c0234-396d-4f66-8b70-2ebc55f02400"
}
],
"amount": "1.13",
"urgency":"express"
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
}
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice"
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
}
Here is an example request (KID):
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic' -i -X POST \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"amount": "1.13",
"urgency": "standard",
"currency": "NOK",
"debtor": {
"account": {
"_type": "BBAN_NO",
"currency": "NOK",
"value": "60301132843"
}
},
"creditor": {
"account": {
"_type": "BBAN_NO",
"currency": "NOK",
"value": "86011117948"
},
"name": "Beneficiary name",
"reference": {
"_type": "OCR",
"value": "12345-"
}
},
"external_id": "tpp_supplied_string"
}
And the response looks like this (KID):
{
"group_header":
{
"message_identification": "IYTjRQj4Vpw",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 201
},
"response":
{
"_id": "f77243d4-5eb0-48a8-b2de-6cc1e162e648",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/f77243d4-5eb0-48a8-b2de-6cc1e162e648"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
}
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"reference":
{
"value": "12345-",
"_type": "OCR"
}
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
}
Note that the
payment_statusisPendingConfirmation, it means the payment confirming(signing) process has to be started by you the TPP.
Norway: get payment information
This example shows how to query payment information.
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Methods. Here we use GET to see the details of the payment.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/{paymentId}' -i -X GET \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks (domestic):
{
"group_header":
{
"message_identification": "v_JC8lV2ceI",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response":
{
"_id": "522df97c-d0bd-49a1-9c95-6f45e0352c98",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"external_id": "tpp_supplied_string",
"payment_status": "PendingConfirmation",
"_links": [
{
"rel": "self",
"href": "/personal/v4/payments/domestic/522df97c-d0bd-49a1-9c95-6f45e0352c98"
}
],
"amount": "1.13",
"currency": "NOK",
"debtor":
{
"account":
{
"value": "60301132843",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "86011117948",
"_type": "BBAN_NO",
"currency": "NOK"
},
"name": "Beneficiary name",
"message": "Some advice"
},
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11"
}
}
Norway: bulk confirm payments
This example shows how to bulk confirm payments
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic/confirm
This endpoint supports only PUT HTTP Method.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed99y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
]
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "vGm8zaLpQww",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"response":
{
"payments": [
{
"_id": "11d55648-8c1d-45e2-951a-69c5aeaed99y",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "68520561173",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "60010503178",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "NOK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/11d55648-8c1d-45e2-951a-69c5aeaed99y"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11",
"urgency": "standard"
},
{
"_id": "5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "68520561173",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "60010503178",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "NOK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11",
"urgency": "standard"
}
]
}
}
another example request with the decouple signing:
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/confirm' -i -X PUT \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments_ids":[
"11d55648-8c1d-45e2-951a-69c5aeaed99y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
],
"authentication_method": "MTA_NO"
}
And this is how the response looks like, it will be the same response in either cases with/without decouple signing:
{
"group_header":
{
"message_identification": "vGm8zaLpQww",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"errors": [],
"_links": [
{
"rel": "signing",
"href": "https://<nordeasigninghost>?client_id=y6mWwv2n5IbAVdZa5105&code_challenge_method=S256&redirect_uri=https://<your_host>/v4/payments/domestic/sign/callback&response_type=code&code_challenge=6v91dW6H4IIhD5Pw3g_yY3BZhycNsxoXTcQRT7yPgTQ&scope=openid+ndf+agreement&state=c2lnbmluZ19vcmRlcl9pZD00NzlhYTcxYi1lN2I3LTQ0ZDEtOTdhZS04OTgzNzFkNmQ4Mzkmc3RhdGVfaWQ9MzBmYTY4MTQtZTViMy00OWZmLWJkY2MtMWIzZWRlNjkzNDNk&signing_order_id=479aa71b-e7b7-44d1-97ae-898371d6d839"
}
],
"response":
{
"payments": [
{
"_id": "11d55648-8c1d-45e2-951a-69c5aeaed99y",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "68520561173",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "60010503178",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "NOK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/11d55648-8c1d-45e2-951a-69c5aeaed99y"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11",
"urgency": "standard"
},
{
"_id": "5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y",
"entry_date_time": "2021-11-11T10:11:12.134Z",
"debtor":
{
"account":
{
"value": "68520561173",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Own message"
},
"creditor":
{
"account":
{
"value": "60010503178",
"_type": "BBAN_NO",
"currency": "NOK"
},
"message": "Dummy mess"
},
"amount": "1.13",
"currency": "NOK",
"payment_status": "PendingUserApproval",
"tpp_messages": [],
"_links": [
{
"rel": "self",
"href": "/v4/payments/domestic/5e6e2d6f-e2dd-4c71-b232-9dfbb88ba99y"
}
],
"planned_execution_date": "2021-11-11",
"requested_execution_date": "2021-11-11",
"urgency": "standard"
}
]
}
}
Norway: delete single payment
This example shows how to delete a payment.
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic/{paymentId}
This endpoint supports GET and DELETE HTTP Method. Here we use DELETE to delete the payment.
Here is an example request
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic/{paymentId}' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature=\"<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
And here is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed66x"
],
"errors": []
}
Norway: delete multiple payments
This example shows how to bulk delete payments
Note: Not all payments are deletable (see payment status table for further information).
This endpoint URL has the following form:
https://api.nordeaopenbanking.com/personal/v4/payments/domestic
This endpoint supports GET, POST and DELETE HTTP Methods. Here we use DELETE since we want to delete payments.
Here is an example request:
$ curl 'https://api.nordeaopenbanking.com/personal/v4/payments/domestic' -i -X DELETE \
-H 'X-Nordea-Originating-Host: <host>' \
-H 'X-Nordea-Originating-Date: <now>' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <access_token>' \
-H 'digest: <generated_digest>' \
-H 'signature: keyId=\"<your_clientapp_keyid>\",algorithm=\"rsa-sha256\",headers=\"(request-target) x-nordea-originating-host x-nordea-originating-date\",signature="<generated_signature>"' \
-H 'X-IBM-Client-Id: <your_client_id>' \
-H 'X-IBM-Client-Secret: <your_client_secret>'
-H 'Content-Type: application/json; charset=UTF-8' \
-d '{
"payments":[
{payment_id":"11d55648-8c1d-45e2-951a-69c5aeaed66y"},
{payment_id":"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba66y"}
]
}
And this is how the response looks like:
{
"group_header":
{
"message_identification": "a42c1707dd444505",
"creation_date_time": "2021-11-11T10:11:12.134Z",
"http_code": 200
},
"response": [
"11d55648-8c1d-45e2-951a-69c5aeaed66y",
"5e6e2d6f-e2dd-4c71-b232-9dfbb88ba66y"
],
"errors": []
}