Standing order list API call flow (AISP)

API history

This guideline describes process how to call Standing order list AISP service. Service returns list of standing orders from accounts to which the client has given a mandate to specific TPP.


Step 1: Use existing access token based on Strong Customer Authentication (SCA) with the scope AISP, see Authorization API/SCA section. Only Standing orders from accounts which were binded to this access token wil be returned.


Step 2: Get standing order list
Initiate POST request for Standing order list with valid access token:

Standing order list
Version1
URL LIVE
URL SANDBOX
POST https://api.csob.sk/aisp/api/v1/accounts/standingOrder
POST https://api.csob.sk/aisp-test/api/v1/accounts/standingOrder

Standing order list service can be called 4 times a day without client. Client presence is handled by „PSU-Last-Logged-Time“ atribute, where time no older than 1 hour means that client is present. On API Explorer web site there is a possibility to test the API online (Try it) and download API definition (WADL, Open API).


Request:

Header

Attributes structure
Optionality
Type
Description
Content-Type
Mandatory
String
application/json;charset=UTF-8
Authorization
Mandatory
String
Authorization is defined in RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage
Request-ID
Mandatory
String
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Correlation-ID
Optional
String
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Process-ID
Optional
String
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
PSU–IP-Address
Mandatory
String
Identifier of a customer’s IP address from which he/she is connected to the TPP infrastructure. It might be in the format of IPv4 o IPv6 address.
ASPSP shall indicate which values are acceptable.
PSU-Device-OS
Mandatory
String
A customer’s device and/or operating system identification from which he/she is connected to the TPP infrastructure.
PSU-User-Agent
Mandatory
String
A customer’s web browser of other client device identification from which he/she is connected to the TPP infrastructure. Agent header field of the http request between PSU and TPP.)
PSU-GeoLocation
Optional
String
The GPS coordinates of the current customer’s location in the moment of connection to the TPP infrastructure. (Required GPS format: Latitude, Longitude)
PSU-Last-Logged-Time
Optional
DateTime
Last date and time when user was logged to TPP app (RFC3339 format).

Body

Attributes structure
Optionality
Type
Description
iban
Mandatory
String [34]
International Bank Account Number (IBAN). If present, only standing orders from this account will be provided. If not present, standing orders from all accounts binded to used token will be provided.
pageSize
Optional
Integer
The number of records included in one page for displaying. Default value is 50 records. ASPSP has to supports max 100 records on page. Value must be multiple of 10.
page
Optional
Integer
The sequence number of a page in regard to page size for a record set. Because it starts at number 0, it should be considered as an offset from the beginning from a page set. Default value is 0.

Note: If no attribute is used, It is necessary to provide JSON empty object {}


Response:

Header

Attributes structure
Optionality
Type
Description
Content-Type
Mandatory
String
application/json
Response-ID
Mandatory
String
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Correlation-ID
Optional
String
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
Process-ID
Optional
String
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).

Body

Attributes structure
Optionality
Type
Description
Level 1
Level 2
Level 3
pageCount
Optional
Number
Number of pages.
standingOrders
orderId
Mandatory
String
OrderId is Unique reference, as assigned by the account servicing institution, to unambiguously identify the instruction (standing order)
debtor
name
Mandatory
String [70]
Debtor name (first name and surname in case of individual persons or company name)
debtor
iban
Mandatory
String [34]
Debtor account International Bank Account Number (IBAN).
creditor
name
Optional
String [70]
Creditor name (first name and surname in case of individual persons or company name)
creditor
addressLine1
Optional
String [35]
Creditor address. Usually street and building number.
creditor
addressLine2
Optional
String [35]
Creditor address. Usually PLZ, Town and Country.
creditor
iban
Mandatory
String [34]
Creditor account International Bank Account Number (IBAN).
instructedAmount
value
Mandatory
Number Float [9.2]
Transaction amount value in account currency. Numeric value of the amount as a fractional number.
instructedAmount
currency
Mandatory
String [3]
Transaction amount currency. Formated in Alphabetic codes from ISO 4712.
endToEndIdentification
Optional*
String [35]
Unique identification defined by a requestor (PSU).
*Mandatory in case this attribute is provided by client
remittanceInformation
Optional*
String [140]
The text aimed as the information for a receiver of the transaction.
*Mandatory in case this attribute is provided by client
standingOrderName
Optional
String [40]
Standing order name.
startDate
Optional
Date
Date of the first payment.
startDate and frequency are used for calculating the next processing day.
Example: 08.11.2019
Annualy (YEAR): every 8th day in November
semi-annually (SEMI): every 8th day in November, May
quarterly (QUTR): every 8th day in November, February, May, August
monthly (MNTH): every 8th day in month
weekly (WEEK): every Friday
daily (DAIL): every day
nextDate
Optional
Date
Date of the next payment generated from standing order.
endDate
Optional
Date
Expiry date of the standing order.
If it is not present, validity of standing order is not limited.
frequency
Mandatory
String
Frequency of the payment. Frequency and startDate are used for calculating the next processing day. For details, see startDay field.
Value: (DAIL, WEEK, MNTH, QUTR, SEMI, YEAR)


Example:

Request

POST https://api.csob.sk/aisp/api/v1/accounts/standingOrder HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: nfLnmy5hGQrNKbPnfAasw2FDVw4fw6kWjVapMVa9zJw8emNvTU
Request-ID: 2667147783
Correlation-ID: 9024321124
Process-ID: 7636230559
PSU-IP-Address: 192.168.88.1
PSU-Device-OS: Windows
PSU-User-Agent: Chrome
PSU-Geo-Location: 2.050279, 45.338591
PSU-Last-Logged-Time: 2021-03-04T09:55:54+01:00
Content-Type: application/json;charset=UTF-8
Content-Length: 121
Host: api.csob.sk
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

{
  "iban": "SK4075000000007777777777" ,
  "pageSize": 50,
  "page": 0
}

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: application/json
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server-Process-ID: jiCb9AFx3srEEsjChsiQyjCcM3vMYvg9
Process-ID: 7636230559
Correlation-ID: 9024321124
Response-ID: 2667147783
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 04 Mar 2021 08:55:58 GMT

{
    "pageCount": "1",
    "standingOrders": [{
        "orderId": "SO4gGLA3RxzfYtHHo4c",
        "debtor": {
            "name": "TPP COMPANY 2 S.R.O.",
            "iban": "SK4075000000007777777777"
        },
        "creditor": {
            "name": "JRD 2 s.r.o.",
            "addressLine1": "Pod kopcom 5",
            "addressLine2": "Sobrance",
            "iban": "SK8175000000002222222222"
        },
        "instructedAmount": {
            "value": 0.17,
            "currency": "EUR"
        },
        "endToEndIdentification": "/VS123456/SS654321/KS0308",
        "remittanceInformation": "Sprava pre prijemcu",
        "standingOrderName": "JRD 2 trvaly prikaz",
        "startDate": "2021-03-04",
        "nextDate": "2021-03-05",
        "endDate": "2021-05-10",
        "frequency": "DAIL"
    }]
}