TPP renew secret API call flow

API history

This API allows to renew assigned secret of authorized third party provider.

Step 1: Request to renew client secret

Initiate POST request to renew client secret with valid certificate and assigned Client ID:

TPP renew secret
Version1
URL LIVE
URL SANDBOX
POST https://api.csob.sk/enroll/enroll/{client_id}/renewSecret
POST https://api.csob.sk/enroll-test/enroll/{client_id}/renewSecret

Only authorized third parties which are approved on bank side are allowed to renew their client secret. TPP ID assigned by the bank must be in the URL of request. On API Explorer web site there is a possibility to test API online (Try it) and download API definition (WADL, Open API).

Request:

Payload is empty.

Response:

Attributes structure
Optionality
Type
Description
client_id
Mandatory
String
Client id assigned to the third party by the bank. This ID is needed in further communication with the bank
client_secret
Mandatory
String
Client secret issued by the bank for the third party
client_secret_ expires_at
Optional
DateTime
Value 0 always returned

Example:

Request

DPOST https://api.csob.sk/enroll/enroll/TIDgjzKuS7k/renewSecret HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Host: api.csob.sk
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)


Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: application/json
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server-Process-ID: icujTd6JgdwtfXHgkqe9h7jRQDR5C8uy
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Fri, 05 Apr 2019 15:08:02 GMT

{
    "client_id": "TIDgjzKuS7k",
    "client_secret": "rJiVbJivfmzzsgbepJLQzUJ26b3Qs6Lu",
    "client_secret_expires_at": "0"
}