Account transaction API call flow (AISP)
API historyThis guideline describes process how to call Account transaction AISP service.
Step 1: Use the access token based on Strong Customer Authentication (SCA) with the scope AISP
Obtaining access token based on SCA must be done by OAuth 2.0 Authorization code grant flow. See Authorization API/SCA section.
Step 2: Get account transactions
Initiate POST requests for Account transactions with valid access token, specific IBAN and filter parameters:
|
Account transaction
Version1
|
URL LIVE
URL SANDBOX
|
POST https://api.csob.sk/aisp/api/v1/accounts/transactions
POST https://api.csob.sk/aisp-test/api/v1/accounts/transactions
|
Account transaction can be downloaded 4 times a day without client. In this case, transaction history is limited to 90 days. When client is present, transaction history is not limited. Client presence is handled by „PSU-Last-Logged-Time“ atribute, where time no older than 1 hour means that client is present.
On API Explorer web site there is a possibility to test the API online (Try it) and download API definition (WADL, Open API).
Request:
Header
|
Attributes structure
|
Optionality
|
Type
|
Description
|
|
Content-Type
|
Mandatory
|
String
|
application/json;charset=UTF-8
|
|
Authorization
|
Mandatory
|
String
|
Authorization is defined in RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage
|
|
Request-ID
|
Mandatory
|
String
|
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
|
Correlation-ID
|
Optional
|
String
|
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
|
Process-ID
|
Optional
|
String
|
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
|
PSU–IP-Address
|
Mandatory
|
String
|
Identifier of a customer’s IP address from which he/she is connected to the TPP infrastructure. It might be in the format of IPv4 o IPv6 address.ASPSP shall indicate which values are acceptable.
|
|
PSU-Device-OS
|
Mandatory
|
String
|
A customer’s device and/or operating system identification from which he/she is connected to the TPP infrastructure.
|
|
PSU-User-Agent
|
Mandatory
|
String
|
A customer’s web browser of other client device identification from which he/she is connected to the TPP infrastructure. Agent header field of the http request between PSU and TPP.)
|
|
PSU-GeoLocation
|
Optional
|
String
|
The GPS coordinates of the current customer’s location in the moment of connection to the TPP infrastructure. (Required GPS format: Latitude, Longitude)
|
|
PSU-Last-Logged-Time
|
Optional
|
DateTime
|
Last date and time when user was logged to TPP app (RFC3339 format).
|
Body
|
Attributes structure
|
Optionality
|
Type
|
Description
|
|
iban
|
Mandatory
|
String [34]
|
International Bank Account Number (IBAN)
|
|
dateFrom
|
Optional
|
Date
|
The starting date of a date period for transaction history. Default value is actual day.
|
|
dateTo
|
Optional
|
Date
|
The end date of a date period for transaction history. ASPSPs provide transaction's history for at least 13 months. Default value is actual day.
|
|
pageSize
|
Optional
|
Integer
|
The number of records included in one page for displaying. Default value is 50 records. ASPSP has to supports max 100 records on page. Value must be multiple of 10.
|
|
page
|
Optional
|
Integer
|
The sequence number of a page in regard to page size for a record set. Because it starts at number 0, it should be considered as an offset from the beginning from a page set. Default value is 0.
|
|
status
|
Optional
|
Enum
|
Transaction status indicator is enumeration: - BOOK (booked transactions) - INFO (settled transactions) - ALL (all transactions) Default value is ALL
|
Response:
Header
|
Attributes structure
|
Optionality
|
Type
|
Description
|
|
Content-Type
|
Mandatory
|
String
|
application/json
|
|
Response-ID
|
Mandatory
|
String
|
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
|
Correlation-ID
|
Optional
|
String
|
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
|
Process-ID
|
Optional
|
String
|
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
Body
Attributes structure |
Optionality |
Type |
Description |
||||
Level 0 |
Level 1 |
Level 2 |
Level 3 |
Level 4 |
|||
pageCount |
Optional |
Number |
Number of pages in the selected range |
||||
| transactions | amount |
value |
Mandatory |
Number Float [12.2] |
Transaction amount value in account currency. Numeric value of the amount as a fractional number. |
||
amount |
currency |
Mandatory |
String [3] |
Transaction amount currency. Formated in Alphabetic codes from ISO 4712. |
|||
creditDebitIndicator |
Mandatory |
Enum |
Credit/Debit indicator is enumeration: - CRDT (Credit) - DBIT (Debit) |
||||
reversalIndicator |
Optional |
Boolean |
The flag determining that it is the reversal transaction for some previous one. |
||||
status |
Mandatory |
Enum |
The status of a transaction related to the query parameter 'transactionStatus'. Transaction status indicator is enumeration: - BOOK (booked transactions) - INFO (settled transactions |
||||
bookingDate |
Mandatory for booked tnx. |
Date |
Transaction booking date. The date of the execution of the transaction. |
||||
valueDate |
Mandatory |
Date |
Transaction value date. The requested date by a bank customer to execute the transaction |
||||
bankTransactionCode |
Optional |
String [11] |
The category code of the transaction type from the SBA's code list |
||||
transactionDetails |
references |
accountServicerReference |
Optional |
String [35] |
The unique identifier of the transaction generated by an ASPSP that it should be considered as an ASPSP reference |
||
transactionDetails |
references |
instructionIdentification |
Optional |
String [35] |
Technical identification of the payment generated by a client. |
||
transactionDetails |
references |
endToEndIdentification |
Mandatory in case this attribute is provided by client |
String [35] |
Unique identification defined by a requestor. *Mandatory in case this attribute is provided by client |
||
transactionDetails |
references |
transactionIdentification |
Optional |
String [35] |
The payment reference for related fees |
||
transactionDetails |
references |
mandateIdentification |
Mandatory for Direct debit tnx. |
String [35] |
The mandate reference as its reference number. *Mandatory for SEPA Direct debit. |
||
transactionDetails |
references |
chequeNumber |
Optional |
String [35] |
For card transactions, this is the card number in format **** **** **** 1111 |
||
transactionDetails |
counterValueAmount |
amount |
value |
Optional |
Number Float [12.2] |
Transaction amount value in account currency. |
|
transactionDetails |
counterValueAmount |
amount |
currency |
Optional |
String [3] |
Transaction amount currency. Formated in Alphabetic codes from ISO 4712. |
|
transactionDetails |
counterValueAmount |
currencyExchange |
exchangeRate |
Optional |
Number Float [12.2] |
The used exchange rate for conversion from the instructed currency to the target account currency. |
|
transactionDetails |
relatedParties |
debtor |
name |
Optional |
String [140] |
Name of the debtor |
|
transactionDetails |
relatedParties |
debtorAccount |
identification |
Optional |
String [34] |
Unique identification of the debtor account, usually IBAN. |
|
transactionDetails |
relatedParties |
creditor |
name |
Optional |
String [140] |
Name of the creditor |
|
transactionDetails |
relatedParties |
creditor |
identification |
Optional |
String [35] |
The creditor identifier (CID) in the direct debit transaction. |
|
transactionDetails |
relatedParties |
creditorAcccount |
identification |
Optional |
String [34] |
Unique identification of the creditor account, usually IBAN. |
|
transactionDetails |
relatedParties |
tradingParty |
name |
Optional |
String [140] |
Name of a third party. For card transaction, this is the name of merchant. |
|
transactionDetails |
relatedParties |
tradingParty |
identification |
Optional |
String [35] |
Unique identification of a third party. For card transaction, this is ID of merchant. |
|
transactionDetails |
relatedParties |
tradingParty |
merchantCode |
Optional |
String [4] |
A Merchant Category Code (MCC) coordinated by MasterCard and Visa. Not used in CSOB |
|
transactionDetails |
relatedAgents |
debtorAgent |
financialInstitutionIdentification |
Optional |
String [11] |
Corresponding identification of a debtor bank managing the account, usually Bank Identification Code (BIC). |
|
transactionDetails |
relatedAgents |
creditorAgent |
financialInstitutionIdentification |
Optional |
String [11] |
Corresponding identification of a creditor bank managing the account, usually Bank Identification Code (BIC). |
|
transactionDetails |
remittanceInformation |
Mandatory in case this attribute is provided by client |
String [140] |
The text aimed as the information for a receiver of the transaction. *Mandatory in case this attribute is provided by client |
|||
transactionDetails |
relatedDates |
acceptanceDateTime |
Optional |
Date |
Transaction entry date. The date of receiving the transaction in a bank. Not used in CSOB |
||
transactionDetails |
additionalTransactionInformation |
Optional |
String [140] |
Bank transaction description. |
|||
Example:
Request
POST https://api.csob.sk/aisp/api/v1/accounts/transactions HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: 7161edd82f168e8a2881eabb86f098ac18539de615b6c03c98ee908957f28053
Request-ID: 4038713818
Correlation-ID: 7718089000
Process-ID: 1314778459
PSU-IP-Address: 192.168.88.1
PSU-Device-OS: Windows
PSU-User-Agent: Chrome
PSU-Geo-Location: 2.050279, 45.338591
PSU-Last-Logged-Time: 2019-03-09T15:15:08+01:00
Content-Type: application/json;charset=UTF-8
Content-Length: 145
Host: api.csob.sk
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
{
"iban": "SK4075000000007777777777" ,
"dateFrom": "2018-11-30",
"dateTo": "2018-11-30",
"pageSize": 50,
"page": 0,
"status": "ALL"
}
Response
As of 19.6.2021 amount-value will be fixed from String ("amount": {"value": "3026.8",) to Float ("amount": {"value": 3026.8,) data type.
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: application/json
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server-Process-ID: N76dMNiecXGF6x7av94Lau7wdJvKpKLU
Process-ID: 1314778459
Correlation-ID: 7718089000
Response-ID: 4038713818
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sat, 09 Mar 2019 14:15:14 GMT
{
"pageCount": "1",
"transactions": [{
"amount": {
"value": "0.9",
"currency": "EUR"
},
"creditDebitIndicator": "DBIT",
"status": "INFO",
"valueDate": "2018-11-30",
"transactionDetails": {
"relatedParties": {
"debtorAccount": {
"identification": "SK4075000000007777777777"
}
},
"relatedAgents": {
"debtorAgent": {
"financialInstitutionIdentification": "CEKOSKBX"
}
}
}
},
{
"amount": {
"value": "11.07",
"currency": "EUR"
},
"creditDebitIndicator": "DBIT",
"status": "BOOK",
"bookingDate": "2018-11-30",
"valueDate": "2018-11-30",
"bankTransactionCode": "10000401003",
"transactionDetails": {
"references": {
"instructionIdentification": "/VS1234/SS567/KS8",
"endToEndIdentification": "/VS1234/SS567/KS8",
"transactionIdentification": "PD00002065"
},
"relatedParties": {
"debtorAccount": {
"identification": "SK4075000000007777777777"
},
"creditor": {
"name": "JRD2 s.r.o"
},
"creditorAccount": {
"identification": "SK3775000000005555555555"
},
"tradingParty": {
"name": "TPP, s.r.o.",
"identification": "12312301"
}
},
"relatedAgents": {
"debtorAgent": {
"financialInstitutionIdentification": "CEKOSKBX"
},
"creditorAgent": {
"financialInstitutionIdentification": "CEKOSKBX"
}
},
"remittanceInformation": "sprava pre prijemcu",
"additionalTransactionInformation": "Electronic outgoing payment "
}
}]
}