Account transaction API call flow (AISP)

API history

This guideline describes process how to call Account transaction AISP service.


Step 1: Use the access token based on Strong Customer Authentication (SCA) with the scope AISP
Obtaining access token based on SCA must be done by OAuth 2.0 Authorization code grant flow. See Authorization API/SCA section.


Step 2: Get account transactions
Initiate POST requests for Account transactions with valid access token, specific IBAN and filter parameters:

Account transaction
Version1
URL LIVE
URL SANDBOX
POST https://api.csob.sk/aisp/api/v1/accounts/transactions
POST https://api.csob.sk/aisp-test/api/v1/accounts/transactions

Account transaction can be downloaded 4 times a day without client. In this case, transaction history is limited to 90 days. When client is present, transaction history is not limited. Client presence is handled by „Last login time“ atribute, where time no older than 1 hour means that client is present.
On API Explorer web site there is a possibility to test the API online (Try it) and download API definition (WADL, Open API).


Request:

Header

Attributes structure
Optionality
Type
Description
Content-Type
Mandatory
String
application/json
Authorization
Mandatory
String
Authorization is defined in RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage
Request-ID
Mandatory
String
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Correlation-ID
Optional
String
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Process-ID
Optional
String
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
PSU–IP-Address
Mandatory
String
Identifier of a customer’s IP address from which he/she is connected to the TPP infrastructure. It might be in the format of IPv4 o IPv6 address.
ASPSP shall indicate which values are acceptable.
PSU-Device-OS
Mandatory
String
A customer’s device and/or operating system identification from which he/she is connected to the TPP infrastructure.
PSU-User-Agent
Mandatory
String
A customer’s web browser of other client device identification from which he/she is connected to the TPP infrastructure. Agent header field of the http request between PSU and TPP.)
PSU-GeoLocation
Optional
String
The GPS coordinates of the current customer’s location in the moment of connection to the TPP infrastructure. (Required GPS format: Latitude, Longitude)
PSU-Last-Logged-Time
Optional
DateTime
Last date and time when user was logged to TPP app (RFC3339 format).

Body

Attributes structure
Optionality
Type
Description
iban
Mandatory
String [34]
International Bank Account Number (IBAN)
dateFrom
Optional
Date
The starting date of a date period for transaction history. Default value is actual day.
dateTo
Optional
Date
The end date of a date period for transaction history. ASPSPs provide transaction's history for at least 13 months. Default value is actual day.
pageSize
Optional
Integer
The number of records included in one page for displaying. Default value is 50 records. ASPSP has to supports max 100 records on page. Value must be multiple of 10.
page
Optional
Integer
The sequence number of a page in regard to page size for a record set. Because it starts at number 0, it should be considered as an offset from the beginning from a page set. Default value is 0.
status
Optional
Enum
Transaction status indicator is enumeration: - BOOK (booked transactions) - INFO (settled transactions) - ALL (all transactions) Default value is ALL


Response:

Header

Attributes structure
Optionality
Type
Description
Content-Type
Mandatory
String
application/json
Response-ID
Mandatory
String
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Correlation-ID
Optional
String
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Process-ID
Optional
String
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).

Body

Attributes structure
Optionality
Type
Description
Level 0
Level 1
Level 2
Level 3
Level 4
pageCount
Optional
Number
Number of pages in the selected range
transaction
amount
value
Mandatory
Number Float [12.2]
Transaction amount value in account currency. Numeric value of the amount as a fractional number.
amount
currency
Mandatory
String [3]
Transaction amount currency. Formated in Alphabetic codes from ISO 4712.
creditDebitIndicator
Mandatory
Enum
Credit/Debit indicator is enumeration:
- CRDT (Credit)
- DBIT (Debit)
reversalIndicator
Optional
Boolean
The flag determining that it is the reversal transaction for some previous one.
status
Mandatory
Enum
The status of a transaction related to the query parameter 'transactionStatus'. Transaction status indicator is enumeration:
- BOOK (booked transactions)
- INFO (settled transactions
bookingDate
Mandatory for booked tnx.
Date
Transaction booking date. The date of the execution of the transaction.
valueDate
Mandatory
Date
Transaction value date. The requested date by a bank customer to execute the transaction
bankTransactionCode
Optional
String [11]
The category code of the transaction type from the SBA's code list
transactionDetails
references
accountServicerReference
Optional
String [35]
The unique identifier of the transaction generated by an ASPSP that it should be considered as an ASPSP reference
transactionDetails
references
instructionIdentification
Optional
String [35]
Technical identification of the payment generated by a client.
transactionDetails
references
endToEndIdentification
Mandatory in case this attribute is provided by client
String [35]
Unique identification defined by a requestor.
*Mandatory in case this attribute is provided by client
transactionDetails
references
transactionIdentification
Optional
String [35]
The payment reference for related fees
transactionDetails
references
mandateIdentification
Mandatory for Direct debit tnx.
String [35]
The mandate reference as its reference number.
*Mandatory for SEPA Direct debit.
transactionDetails
references
chequeNumber
Optional
String [35]
For card transactions, this is the card number in format **** **** **** 1111
transactionDetails
counterValueAmount
amount
value
Optional
Number Float [12.2]
Transaction amount value in account currency.
transactionDetails
counterValueAmount
amount
currency
Optional
String [3]
Transaction amount currency. Formated in Alphabetic codes from ISO 4712.
transactionDetails
counterValueAmount
currencyExchange
exchangeRate
Optional
Number Float [12.2]
The used exchange rate for conversion from the instructed currency to the target account currency.
transactionDetails
relatedParties
debtor
name
Optional
String [140]
Name of the debtor
transactionDetails
relatedParties
debtorAccount
identification
Optional
String [34]
Unique identification of the debtor account, usually IBAN.
transactionDetails
relatedParties
creditor
name
Optional
String [140]
Name of the creditor
transactionDetails
relatedParties
creditor
identification
Optional
String [35]
The creditor identifier (CID) in the direct debit transaction.
transactionDetails
relatedParties
creditorAcccount
identification
Optional
String [34]
Unique identification of the creditor account, usually IBAN.
transactionDetails
relatedParties
tradingParty
name
Optional
String [140]
Name of a third party. For card transaction, this is the name of merchant.
transactionDetails
relatedParties
tradingParty
identification
Optional
String [35]
Unique identification of a third party. For card transaction, this is ID of merchant.
transactionDetails
relatedParties
tradingParty
merchantCode
Optional
String [4]
A Merchant Category Code (MCC) coordinated by MasterCard and Visa.
Not used in CSOB
transactionDetails
relatedAgents
debtorAgent
financialInstitutionIdentification
Optional
String [11]
Corresponding identification of a debtor bank managing the account, usually Bank Identification Code (BIC).
transactionDetails
relatedAgents
creditorAgent
financialInstitutionIdentification
Optional
String [11]
Corresponding identification of a creditor bank managing the account, usually Bank Identification Code (BIC).
transactionDetails
remittanceInformation
Mandatory in case this attribute is provided by client
String [140]
The text aimed as the information for a receiver of the transaction.
*Mandatory in case this attribute is provided by client
transactionDetails
relatedDates
acceptanceDateTime
Optional
Date
Transaction entry date. The date of receiving the transaction in a bank.
Not used in CSOB
transactionDetails
additionalTransactionInformation
Optional
String [140]
Bank transaction description.


Example:

Request

POST https://api.csob.sk/aisp/api/v1/accounts/transactions HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: 7161edd82f168e8a2881eabb86f098ac18539de615b6c03c98ee908957f28053
Request-ID: 4038713818
Correlation-ID: 7718089000
Process-ID: 1314778459
PSU-IP-Address: 192.168.88.1
PSU-Device-OS: Windows
PSU-User-Agent: Chrome
PSU-Geo-Location: 2.050279, 45.338591
PSU-Last-Logged-Time: 2019-03-09T15:15:08+01:00
Content-Type: application/json
Content-Length: 145
Host: api.csob.sk
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

{
  "iban": "SK4075000000007777777777" ,
  "dateFrom": "2018-11-30",
  "dateTo": "2018-11-30",
  "pageSize": 50,
  "page": 0,
  "status": "ALL"
}

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: application/json
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server-Process-ID: N76dMNiecXGF6x7av94Lau7wdJvKpKLU
Process-ID: 1314778459
Correlation-ID: 7718089000
Response-ID: 4038713818
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sat, 09 Mar 2019 14:15:14 GMT

{
    "pageCount": "1",
    "transactions": [{
        "amount": {
            "value": "0.9",
            "currency": "EUR"
        },
        "creditDebitIndicator": "DBIT",
        "status": "INFO",
        "valueDate": "2018-11-30",
        "transactionDetails": {
            "relatedParties": {
                "debtorAccount": {
                    "identification": "SK4075000000007777777777"
                }
            },
            "relatedAgents": {
                "debtorAgent": {
                    "financialInstitutionIdentification": "CEKOSKBX"
                }
            }
        }
    },
    {
        "amount": {
            "value": "11.07",
            "currency": "EUR"
        },
        "creditDebitIndicator": "DBIT",
        "status": "BOOK",
        "bookingDate": "2018-11-30",
        "valueDate": "2018-11-30",
        "bankTransactionCode": "10000401003",
        "transactionDetails": {
            "references": {
                "instructionIdentification": "/VS1234/SS567/KS8",
                "endToEndIdentification": "/VS1234/SS567/KS8",
                "transactionIdentification": "PD00002065"
            },
            "relatedParties": {
                "debtorAccount": {
                    "identification": "SK4075000000007777777777"
                },
                "creditor": {
                    "name": "JRD2 s.r.o"
                },
                "creditorAccount": {
                    "identification": "SK3775000000005555555555"
                },
                "tradingParty": {
                    "name": "TPP, s.r.o.",
                    "identification": "12312301"
                }
            },
            "relatedAgents": {
                "debtorAgent": {
                    "financialInstitutionIdentification": "CEKOSKBX"
                },
                "creditorAgent": {
                    "financialInstitutionIdentification": "CEKOSKBX"
                }
            },
            "remittanceInformation": "sprava pre prijemcu",
            "additionalTransactionInformation": "Electronic outgoing payment "
        }
    }]
}