Account transaction API call flow (AISP)

API history

This guideline describes process how to call Account transaction AISP service.


Step 1: Use the access token based on Strong Customer Authentication (SCA) with the scope AISP
Obtaining access token based on SCA must be done by OAuth 2.0 Authorization code grant flow. See Authorization API/SCA section.


Step 2: Get account transactions
Initiate POST requests for Account transactions with valid access token, specific IBAN and filter parameters:

Account transaction
Version1
URL LIVE
URL SANDBOX
POST https://api.csob.sk/aisp/api/v1/accounts/transactions
POST https://api.csob.sk/aisp-test/api/v1/accounts/transactions

Account transaction can be downloaded 4 times a day without client. In this case, transaction history is limited to 90 days. When client is present, transaction history is not limited. Client presence is handled by „Last login time“ atribute, where time no older than 1 hour means that client is present.
On API Explorer web site there is a possibility to test the API online (Try it) and download API definition (WADL, Open API).


Request:

Header

Attributes structure
Optionality
Type
Description
Content-Type
Mandatory
String
application/json or application/xml
Authorization
Mandatory
String
Authorization is defined in RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage
Request-ID
Mandatory
String
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Correlation-ID
Optional
String
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Process-ID
Optional
String
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
PSU–IP-Address
Mandatory
String
Identifier of a customer’s IP address from which he/she is connected to the TPP infrastructure. It might be in the format of IPv4 o IPv6 address.
ASPSP shall indicate which values are acceptable.
PSU-Device-OS
Mandatory
String
A customer’s device and/or operating system identification from which he/she is connected to the TPP infrastructure.
PSU-User-Agent
Mandatory
String
A customer’s web browser of other client device identification from which he/she is connected to the TPP infrastructure. Agent header field of the http request between PSU and TPP.)
PSU-GeoLocation
Optional
String
The GPS coordinates of the current customer’s location in the moment of connection to the TPP infrastructure. (Required GPS format: Latitude, Longitude)
PSU-Last-Logged-Time
Optional
DateTime
Last date and time when user was logged to TPP app (RFC3339 format).

Body

Attributes structure
Optionality
Type
Description
iban
Mandatory
String [34]
International Bank Account Number (IBAN)
dateFrom
Optional
Date
The starting date of a date period for transaction history. Default value is actual day.
dateTo
Optional
Date
The end date of a date period for transaction history. ASPSPs provide transaction's history for at least 13 months. Default value is actual day.
pageSize
Optional
Integer
The number of records included in one page for displaying. Default value is 50 records. ASPSP has to supports max 100 records on page. Value must be multiple of 10.
page
Optional
Integer
The sequence number of a page in regard to page size for a record set. Because it starts at number 0, it should be considered as an offset from the beginning from a page set. Default value is 0.
status
Optional
Enum
Transaction status indicator is enumeration: - BOOK (booked transactions) - INFO (settled transactions) - ALL (all transactions) Default value is ALL


Response:

Header

Attributes structure
Optionality
Type
Description
Content-Type
Mandatory
String
application/json or application/xml
Response-ID
Mandatory
String
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Correlation-ID
Optional
String
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Process-ID
Optional
String
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).

Body

Attributes structure
Optionality
Type
Description
Level 0
Level 1
Level 2
Level 3
Level 4
page Count
Optional
Number
Number of pages in the selected range
Transaction
amount
value
Mandatory
Number Float [12.2]
Transaction amount value in account currency. Numeric value of the amount as a fractional number.
amount
currency
Mandatory
String [3]
Transaction amount currency. Formated in Alphabetic codes from ISO 4712.
credit Debit Indicator
Mandatory
Enum
Credit/Debit indicator is enumeration:
- CRDT (Credit)
- DBIT (Debit)
reversal Indicator
Optional
Boolean
The flag determining that it is the reversal transaction for some previous one.
status
Mandatory
Enum
The status of a transaction related to the query parameter 'transactionStatus'. Transaction status indicator is enumeration:
- BOOK (booked transactions)
- INFO (settled transactions
booking Date
Mandatory for booked tnx.
Date
Transaction booking date. The date of the execution of the transaction.
value Date
Mandatory
Date
Transaction value date. The requested date by a bank customer to execute the transaction
bank Trans action Code
Optional
String [11]
The category code of the transaction type from the SBA's code list
transaction Details
references
account Servicer Reference
Optional
String [35]
The unique identifier of the transaction generated by an ASPSP that it should be considered as an ASPSP reference
transaction Detailst
references
instruction Identification
Optional
String [35]
Technical identification of the payment generated by a client.
transaction Details
references
end To End Identification
Mandatory in case this attribute is provided by client
String [35]
Unique identification defined by a requestor.
*Mandatory in case this attribute is provided by client
transaction Details
references
transaction Identification
Optional
String [35]
The payment reference for related fees
transaction Details
references
mandate Identification
Mandatory for Direct debit tnx.
String [35]
The mandate reference as its reference number.
*Mandatory for SEPA Direct debit.
transaction Details
references
cheque Number
Optional
String [35]
For card transactions, this is the card number in format **** **** **** 1111
transaction Details
counter ValueAmount
amount
value
Optional
Number Float [12.2]
Transaction amount value in account currency.
transaction Details
counter ValueAmount
amount
currency
Optional
String [3]
Transaction amount currency. Formated in Alphabetic codes from ISO 4712.
transaction Details
counter ValueAmount
currency Exchange
exchange Rate
Optional
Number Float [12.2]
The used exchange rate for conversion from the instructed currency to the target account currency.
transaction Details
related Parties
debtor
name
Optional
String [140]
Name of the debtor
transaction Details
related Parties
debtor Account
identification
Optional
String [34]
Unique identification of the debtor account, usually IBAN.
transaction Details
related Parties
creditor
name
Optional
String [140]
Name of the creditor
transaction Details
related Parties
creditor
identification
Optional
String [35]
The creditor identifier (CID) in the direct debit transaction.
transaction Details
related Parties
credi tor Acccount
identification
Optional
String [34]
Unique identification of the creditor account, usually IBAN.
transaction Details
related Parties
trading Party
name
Optional
String [140]
Name of a third party. For card transaction, this is the name of merchant.
transaction Details
related Parties
trading Party
identification
Optional
String [35]
Unique identification of a third party. For card transaction, this is ID of merchant.
transaction Details
related Parties
trading Party
merchant Code
Optional
String [4]
A Merchant Category Code (MCC) coordinated by MasterCard and Visa.
Not used in CSOB
transaction Details
related Agents
debtor Agent
financial Institution Identification
Optional
String [11]
Corresponding identification of a debtor bank managing the account, usually Bank Identification Code (BIC).
Not used in CSOB
transaction Details
related Agents
creditor Agent
financial Institution Identification
String [11]
Corresponding identification of a creditor bank managing the account, usually Bank Identification Code (BIC).
transaction Details
remittance Information
Mandatory in case this attribute is provided by client
String [140]
The text aimed as the information for a receiver of the transaction.
*Mandatory in case this attribute is provided by client
transaction Details
Detailsrelated Dates
acceptance Date Time
Optional
Date
Transaction entry date. The date of receiving the transaction in a bank.
Not used in CSOB
transaction Details
additional Transaction Information
Optional
String [140]
Bank transaction description.


Example:

Request

POST https://api.csob.sk/aisp/api/v1/accounts/transactions HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: 7161edd82f168e8a2881eabb86f098ac18539de615b6c03c98ee908957f28053
Request-ID: 4038713818
Correlation-ID: 7718089000
Process-ID: 1314778459
PSU-IP-Address: 192.168.88.1
PSU-Device-OS: Windows
PSU-User-Agent: Chrome
PSU-Geo-Location: 2.050279, 45.338591
PSU-Last-Logged-Time: 2019-03-09T15:15:08+01:00
Content-Type: application/json
Content-Length: 145
Host: api.csob.sk
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

{
  "iban": "SK4075000000007777777777" ,
  "dateFrom": "2018-11-30",
  "dateTo": "2018-11-30",
  "pageSize": 50,
  "page": 0,
  "status": "ALL"
}

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: application/json
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server-Process-ID: N76dMNiecXGF6x7av94Lau7wdJvKpKLU
Process-ID: 1314778459
Correlation-ID: 7718089000
Response-ID: 4038713818
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sat, 09 Mar 2019 14:15:14 GMT

{
    "pageCount": "1",
    "transactions": [{
        "amount": {
            "value": "0.9",
            "currency": "EUR"
        },
        "creditDebitIndicator": "DBIT",
        "status": "INFO",
        "valueDate": "2018-11-30",
        "transactionDetails": {
            "relatedParties": {
                "debtorAccount": {
                    "identification": "SK4075000000007777777777"
                }
            },
            "relatedAgents": {
                "debtorAgent": {
                    "financialInstitutionIdentification": "CEKOSKBX"
                }
            }
        }
    },
    {
        "amount": {
            "value": "11.07",
            "currency": "EUR"
        },
        "creditDebitIndicator": "DBIT",
        "status": "BOOK",
        "bookingDate": "2018-11-30",
        "valueDate": "2018-11-30",
        "bankTransactionCode": "10000401003",
        "transactionDetails": {
            "references": {
                "instructionIdentification": "/VS1234/SS567/KS8",
                "endToEndIdentification": "/VS1234/SS567/KS8",
                "transactionIdentification": "PD00002065"
            },
            "relatedParties": {
                "debtorAccount": {
                    "identification": "SK4075000000007777777777"
                },
                "creditor": {
                    "name": "JRD2 s.r.o"
                },
                "creditorAccount": {
                    "identification": "SK3775000000005555555555"
                },
                "tradingParty": {
                    "name": "TPP, s.r.o.",
                    "identification": "12312301"
                }
            },
            "relatedAgents": {
                "debtorAgent": {
                    "financialInstitutionIdentification": "CEKOSKBX"
                },
                "creditorAgent": {
                    "financialInstitutionIdentification": "CEKOSKBX"
                }
            },
            "remittanceInformation": "sprava pre prijemcu",
            "additionalTransactionInformation": "Electronic outgoing payment "
        }
    }]
}