Standing order list API call flow (AISP)
API historyThis guideline describes process how to call Standing order list AISP service. Service returns list of standing orders from accounts to which the client has given a mandate to specific TPP.
Step 1: Use existing access token based on Strong Customer Authentication (SCA) with the scope AISP, see Authorization API/SCA section. Only Standing orders from accounts which were binded to this access token wil be returned.
Step 2: Get standing order list
Initiate POST request for Standing order list with valid access token:
|
Standing order list
Version1
|
URL LIVE
URL SANDBOX
|
POST https://api.csob.sk/aisp/api/v1/accounts/standingOrder
POST https://api.csob.sk/aisp-test/api/v1/accounts/standingOrder
|
Standing order list service can be called 4 times a day without client. Client presence is handled by „PSU-Last-Logged-Time“ atribute, where time no older than 1 hour means that client is present. On API Explorer web site there is a possibility to test the API online (Try it) and download API definition (WADL, Open API).
Request:
Header
|
Attributes structure
|
Optionality
|
Type
|
Description
|
|
Content-Type
|
Mandatory
|
String
|
application/json;charset=UTF-8
|
|
Authorization
|
Mandatory
|
String
|
Authorization is defined in RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage
|
|
Request-ID
|
Mandatory
|
String
|
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
|
Correlation-ID
|
Optional
|
String
|
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
|
Process-ID
|
Optional
|
String
|
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
|
PSU–IP-Address
|
Mandatory
|
String
|
Identifier of a customer’s IP address from which he/she is connected to the TPP infrastructure. It might be in the format of IPv4 o IPv6 address.ASPSP shall indicate which values are acceptable.
|
|
PSU-Device-OS
|
Mandatory
|
String
|
A customer’s device and/or operating system identification from which he/she is connected to the TPP infrastructure.
|
|
PSU-User-Agent
|
Mandatory
|
String
|
A customer’s web browser of other client device identification from which he/she is connected to the TPP infrastructure. Agent header field of the http request between PSU and TPP.)
|
|
PSU-GeoLocation
|
Optional
|
String
|
The GPS coordinates of the current customer’s location in the moment of connection to the TPP infrastructure. (Required GPS format: Latitude, Longitude)
|
|
PSU-Last-Logged-Time
|
Optional
|
DateTime
|
Last date and time when user was logged to TPP app (RFC3339 format).
|
Body
|
Attributes structure
|
Optionality
|
Type
|
Description
|
|
iban
|
Mandatory
|
String [34]
|
International Bank Account Number (IBAN). If present, only standing orders from this account will be provided. If not present, standing orders from all accounts binded to used token will be provided.
|
|
pageSize
|
Optional
|
Integer
|
The number of records included in one page for displaying. Default value is 50 records. ASPSP has to supports max 100 records on page. Value must be multiple of 10.
|
|
page
|
Optional
|
Integer
|
The sequence number of a page in regard to page size for a record set. Because it starts at number 0, it should be considered as an offset from the beginning from a page set. Default value is 0.
|
Note: If no attribute is used, It is necessary to provide JSON empty object {}
Response:
Header
|
Attributes structure
|
Optionality
|
Type
|
Description
|
|
Content-Type
|
Mandatory
|
String
|
application/json
|
|
Response-ID
|
Mandatory
|
String
|
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
|
Correlation-ID
|
Optional
|
String
|
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
|
Process-ID
|
Optional
|
String
|
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122).
|
Body
Attributes structure |
Optionality |
Type |
Description |
||
Level 1 |
Level 2 |
Level 3 |
|||
pageCount |
Optional |
Number |
Number of pages. |
||
standingOrders |
orderId |
Mandatory |
String |
OrderId is Unique reference, as assigned by the account servicing institution, to unambiguously identify the instruction (standing order) |
|
debtor |
name |
Mandatory |
String [70] |
Debtor name (first name and surname in case of individual persons or company name) |
|
debtor |
iban |
Mandatory |
String [34] |
Debtor account International Bank Account Number (IBAN). |
|
creditor |
name |
Optional |
String [70] |
Creditor name (first name and surname in case of individual persons or company name) |
|
creditor |
addressLine1 |
Optional |
String [35] |
Creditor address. Usually street and building number. |
|
creditor |
addressLine2 |
Optional |
String [35] |
Creditor address. Usually PLZ, Town and Country. |
|
creditor |
iban |
Mandatory |
String [34] |
Creditor account International Bank Account Number (IBAN). |
|
instructedAmount |
value |
Mandatory |
Number Float [9.2] |
Transaction amount value in account currency. Numeric value of the amount as a fractional number. |
|
instructedAmount |
currency |
Mandatory |
String [3] |
Transaction amount currency. Formated in Alphabetic codes from ISO 4712. |
|
endToEndIdentification |
Optional* |
String [35] |
Unique identification defined by a requestor (PSU).*Mandatory in case this attribute is provided by client |
||
remittanceInformation |
Optional* |
String [140] |
The text aimed as the information for a receiver of the transaction.*Mandatory in case this attribute is provided by client |
||
standingOrderName |
Optional |
String [40] |
Standing order name. |
||
startDate |
Optional |
Date |
Date of the first payment.startDate and frequency are used for calculating the next processing day. Example: 08.11.2019Annualy (YEAR): every 8th day in Novembersemi-annually (SEMI): every 8th day in November, Mayquarterly (QUTR): every 8th day in November, February, May, Augustmonthly (MNTH): every 8th day in monthweekly (WEEK): every Fridaydaily (DAIL): every day |
||
nextDate |
Optional |
Date |
Date of the next payment generated from standing order. |
||
endDate |
Optional |
Date |
Expiry date of the standing order.If it is not present, validity of standing order is not limited. |
||
frequency |
Mandatory |
String |
Frequency of the payment. Frequency and startDate are used for calculating the next processing day. For details, see startDay field.Value: (DAIL, WEEK, MNTH, QUTR, SEMI, YEAR) |
||
Example:
Request
POST https://api.csob.sk/aisp/api/v1/accounts/standingOrder HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: nfLnmy5hGQrNKbPnfAasw2FDVw4fw6kWjVapMVa9zJw8emNvTU
Request-ID: 2667147783
Correlation-ID: 9024321124
Process-ID: 7636230559
PSU-IP-Address: 192.168.88.1
PSU-Device-OS: Windows
PSU-User-Agent: Chrome
PSU-Geo-Location: 2.050279, 45.338591
PSU-Last-Logged-Time: 2021-03-04T09:55:54+01:00
Content-Type: application/json;charset=UTF-8
Content-Length: 121
Host: api.csob.sk
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
{
"iban": "SK4075000000007777777777" ,
"pageSize": 50,
"page": 0
}
Response
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: application/json
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server-Process-ID: jiCb9AFx3srEEsjChsiQyjCcM3vMYvg9
Process-ID: 7636230559
Correlation-ID: 9024321124
Response-ID: 2667147783
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 04 Mar 2021 08:55:58 GMT
{
"pageCount": "1",
"standingOrders": [{
"orderId": "SO4gGLA3RxzfYtHHo4c",
"debtor": {
"name": "TPP COMPANY 2 S.R.O.",
"iban": "SK4075000000007777777777"
},
"creditor": {
"name": "JRD 2 s.r.o.",
"addressLine1": "Pod kopcom 5",
"addressLine2": "Sobrance",
"iban": "SK8175000000002222222222"
},
"instructedAmount": {
"value": 0.17,
"currency": "EUR"
},
"endToEndIdentification": "/VS123456/SS654321/KS0308",
"remittanceInformation": "Sprava pre prijemcu",
"standingOrderName": "JRD 2 trvaly prikaz",
"startDate": "2021-03-04",
"nextDate": "2021-03-05",
"endDate": "2021-05-10",
"frequency": "DAIL"
}]
}