Batch payment order status API call flow (PISP)
API historyThis API allows to get actual status of initiated single or batch payment order.
Step 1: Use the access token with the scope PISP
Obtaining access token can be based on SCA by OAuth 2.0 Authorization code grant flow (SCA) or on OAuth 2.0 Client credentials grant flow (Token by secret). See Authorization API section.
Step 2: Get the batch payment order status
Initiate GET request for Batch payment order status with valid access token and BatchId of initiated bytch payment order:
Batch payment order status
Version1
|
URL LIVE
URL SANDBOX
|
GET https://api.csob.sk/pisp/api/v1/payments/{batchId}/batchStatus
GET https://api.csob.sk/pisp-test/api/v1/payments/{batchId}/batchStatus
|
Status of initiated batch payment order is exchanged between bank and third party provider, which is obliged to provide this status to the client in his application. Payment order status is available during payment order processing and 7 days after its final status. After this period, payment status will no longer exist for this service. Batch payment order status service will return only statuses of payment orders which are active or final status is no older than 7 days. On API Explorer web site there is a possibility to test the API online (Try it) and download API definition (WADL, Open API).
Request:
Header
Attributes structure |
Optionality |
Type |
Description |
Authorization |
Mandatory |
String |
Authorization is defined in RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage Access token from step 1 wit the scope PISP must be used. |
Request-ID |
Mandatory |
String |
A unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122). |
Correlation-ID |
Optional |
String |
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122). |
Process-ID |
Optional |
String |
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122). |
PSU–IP-Address |
Mandatory |
String |
Identifier of a customer’s IP address from which he/she is connected to the TPP infrastructure. It might be in the format of IPv4 o IPv6 address.ASPSP shall indicate which values are acceptable. |
PSU-Device-OS |
Mandatory |
String |
A customer’s device and/or operating system identification from which he/she is connected to the TPP infrastructure. |
PSU-User-Agent |
Mandatory |
String |
A customer’s web browser of other client device identification from which he/she is connected to the TPP infrastructure. Agent header field of the http request between PSU and TPP.) |
PSU-GeoLocation |
Optional |
String |
The GPS coordinates of the current customer’s location in the moment of connection to the TPP infrastructure. (Required GPS format: Latitude, Longitude) |
PSU-Last-Logged-Time |
Optional |
DateTime |
Last date and time when user was logged to TPP app (RFC3339 format). |
Body
Payload is empty
Response:
Header
Attributes structure |
Optionality |
Type |
Description |
Content-Type |
Mandatory |
String |
application/xml |
Response-ID |
Mandatory |
String |
An unique identifier of a particular request message. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Ifentifier (UUID) version 4 form (RFC4122). |
Correlation-ID |
Optional |
String |
A unique correlation identifier correlates the request and the response messages as a pair especially useful for audit logs. Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122). |
Process-ID |
Optional |
String |
Identifier of a business or technical process to what the set of requests and response pairs are organized (e.g. paging of transaction history should have same ProcessID). Although it may be arbitrary string, it is strongly recommended to use a Universally Unique Identifier (UUID) version 4 form (RFC4122). |
Body
XML response according to ISO20022 pain.002.001.03:
Definition: pain.002.001.03.CSOBv1.1.02.xlsx
Schema: pain.002.001.03.xsd
Example:
Request
GET https://api.csob.sk/pisp/api/v1/payments/SPID7xb4cmtkTAsES3fqw79fWQ54/batchStatus HTTP/1.1
Accept-Encoding: gzip,deflate
Authorization: nfLnmy5hGQrNKbPnfAasw2FDVw4fw6kWjVapMVa9zJw8emNvTU
Request-ID: 3898061222
Correlation-ID: 8167857239
Process-ID: 4210001133
PSU-IP-Address: 192.168.8.1
PSU-Device-OS: MAC
PSU-User-Agent: Safari
PSU-Geo-Location: 2.050279, 45.338591
PSU-Last-Logged-Time: 2022-02-18T11:58:04+01:00
Host: api.csob.sk
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
Response
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 1710
Content-Type: application/xml
Expires: -1
Response-ID: |3898061222.5b6a030f_5b6a0310_
Correlation-ID: 8167857239
Process-ID: 4210001133
Server-Process-ID: UqnN85Lf49UYzSby5qcxsu4uEGpwLrRs
Request-Context: appId=cid-v1:9bc136c9-7e98-4fa2-be98-5d03cc5fe907
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sat, 19 Feb 2022 10:58:10 GMT
<Document xmlns="urn:iso:std:iso:20022:tech:xsd:pain.002.001.03" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:iso:std:iso:20022:tech:xsd:pain.002.001.03 pain.002.001.03.xsd">
<CstmrPmtStsRpt>
<GrpHdr>
<MsgId>GPSD7xb4cmtkTAsES3fqw79fWQ54</MsgId>
<CreDtTm>2022-02-19T11:58:09+01:00</CreDtTm>
</GrpHdr>
<OrgnlGrpInfAndSts>
<OrgnlMsgId>PSD2API220219113637530</OrgnlMsgId>
<OrgnlMsgNmId>pain.001.001.03</OrgnlMsgNmId>
<GrpSts>ACSC</GrpSts>
</OrgnlGrpInfAndSts>
<OrgnlPmtInfAndSts>
<OrgnlPmtInfId>BULKID220219113637530</OrgnlPmtInfId>
<PmtInfSts>ACSC</PmtInfSts>
<TxInfAndSts>
<OrgnlInstrId>PAYORD220219113637530001</OrgnlInstrId>
<TxSts>ACSC</TxSts>
<AcctSvcrRef>D7xb4cmtkTAsES3fqw79fWQ54</AcctSvcrRef>
<OrgnlTxRef>
<Amt>
<InstdAmt Ccy="EUR">7.07</InstdAmt>
</Amt>
<ReqdExctnDt>2022-02-19</ReqdExctnDt>
<DbtrAcct>
<Id>
<IBAN>SK4075000000007777777777</IBAN>
</Id>
</DbtrAcct>
<CdtrAcct>
<Id>
<IBAN>SK8175000000002222222222</IBAN>
</Id>
</CdtrAcct>
</OrgnlTxRef>
</TxInfAndSts>
<TxInfAndSts>
<OrgnlInstrId>PAYORD220219113637530002</OrgnlInstrId>
<TxSts>ACSC</TxSts>
<AcctSvcrRef>X9smD4Elz4zvzE1Hr6uexfc54</AcctSvcrRef>
<OrgnlTxRef>
<Amt>
<InstdAmt Ccy="EUR">7.08</InstdAmt>
</Amt>
<ReqdExctnDt>2022-02-19</ReqdExctnDt>
<DbtrAcct>
<Id>
<IBAN>SK4075000000007777777777</IBAN>
</Id>
</DbtrAcct>
<CdtrAcct>
<Id>
<IBAN>SK3775000000005555555555</IBAN>
</Id>
</CdtrAcct>
</OrgnlTxRef>
</TxInfAndSts>
</OrgnlPmtInfAndSts>
</CstmrPmtStsRpt>
</Document>