TPP enroll create API call flow

API history

This API allows to assign technical identificators to third party, which is listed in register of competent authority and owns eIDAS certificate according to ETSI standard.


Step 1: Request to assign technical identificators

Initiate POST requests for assigning technical identificators with valid certificate:

TPP enroll create
Version1
URL LIVE
URL SANDBOX
POST https://api.csob.sk/enroll/enroll
POST https://api.csob.sk/enroll-test/enroll

Only authorized third parties are allowed to request for technical identificators. This third party must be in register of competent authority and own eIDAS certificate (QWAC/QSEAL) according to ETSI standard (ETSI TS 119 495). Third party name, licence number and scopes in certificate must be exactly the same as in register of competent authority. Other third parties wil be rejected. After succesful enroll, third party has to be approved on bank side. Confirmation email will be sent to the third party‘s email address specified in enroll request.
On API Explorer web site there is a possibility to test API online (Try it) and download API definition (WADL, Open API).


Request:

Attributes structure
Optionality
Type
Description
redirect_uris
Mandatory
Array of strings
A list of URLs to which the authentication flow is redirected at the end. The authorization request must contain just one of these registered URLs in the exact format
client_name
Mandatory
String
Third party name
client_type
Mandatory
String
OAuth defines two client types, based on their ability to authenticate securely with the authorization server (Confidential/Public). CSOB accepts confidential clients only.
client_name#en-US
Optional
String
Third party name in the appropriate language / encoding.
logo_uri
Optional
URI
Third party logo URL
contacts
Mandatory
Array of strings
E-mails as a contact to a responsible person at the third party side
scopes
Optional
Array of strings
Array of the required scopes by third party. At registration, scopes are validated against the content of the certificate used
licensenumber
Mandatory
String
License number assigned by national regulator


Response:

Attributes structure
Optionality
Type
Description
client_id
Mandatory
String
Client id assigned to the third party by the bank. This ID is needed in further communication with the bank
client_secret
Mandatory
String
Client secret issued by the bank for the third party
client_secret_ expires_at
Optional
DateTime
Value 0 always returned
api_key
Optional
String
Value "NOT_PROVIDED" always returned


Example:

Request

POST https://api.csob.sk/enroll/enroll HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 517
Host: api.csob.sk
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

{
  "redirect_uris": [
  "https://www.csob.sk/psd2tpp"
  ],
  "client_name": "PSD2 TPP a.s.",
  "logo_uri": "http://www.csob.sk/images/logo.jpg",
  "client_type": "Confidential",  
  "contacts": ["api@csob.sk"],
  "scopes": ["AISP","PIISP","PISP"],
  "licensenumber": "12312301"
}


Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: application/json
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server-Process-ID: Uay8r2qvz5wgTJSJHBEyKzDeBPVdncFP
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Fri, 05 Apr 2019 08:23:05 GMT

{
    "client_id": "TIDgjzKuS7k",
    "client_secret": "XxVMAk3UKiT8i58yQ353BzusnKCB5GQ6",
    "client_secret_expires_at": "0",
    "api_key": "NOT_PROVIDED"
}