Description

To access all AIS APIs, it is necessary to establish a consent between the TPP, the PSU and the ASPSP. To do that, you will have to proceed with an OAuth2 authorization which will provide you a time-limited access token associated to the established consent. This access token is mandatory to access all the AIS PSD2 APIs.

Consent Establishment
Establish AIS Consent
POST /berlingroup/v1/consents

Creates a consent resource at the ASPSP regarding access to accounts specified in this request. Specificities for this API are listed in the dedicated HowTo.

Create an authorization resource on a specific consent
POST /berlingroup/v1/consents/{consentId}/authorisations

Creates an authorisation sub-resource of the consent resource and start the authorization process.

The usage of this access method is only necessary if the TPP has asked to start the authorization process separately from the consent establishment (using the “TPP-Explicit-Authorisation-Preferred” Header)

Authorization request
GET /berlingroup/authorization/authorize

Requests an authorization from a PSU following the OAuth2 protocol. Details of the authentication workflow and user interfaces are described in the dedicated HowTo section.

Our specificities regarding the OAuth2 protocol are listed below.

response_type : code

code_challenge_method : S256

After successful authorization, the user will be redirected to the redirect URI provided in the request with the following parameters :

http://your_redirect_uri?code=authorization_code&state=test
Access Token Request
POST /berlingroup/authorization/token

Requests an access token using the authorization code retrieved from the PSU authorization. This Access Token can be refreshed and the duration for both tokens can be found in the HowTo dedicated to the specific implementation.

Consent Management
Retrieve the Consent
GET /berlingroup/v1/consents/{consentId}

Once granted an access token, the TPP can retrieve the consent resource using the API above.

Retrieve the Consent’s status
GET /berlingroup/v1/consents/{consentId}/status

Once granted an access token, the TPP can retrieve the consent's status using the API above.

Get the authorisations of a specific consent resource
GET /berlingroup/v1/consents/{consentId}/authorisations

Once granted an access token, the TPP can retrieve the list of all the autorisations linked to the consent resource using the API above.

Get an authorisation from a specific consent resource
GET /berlingroup/v1/consents/{consentId}/authorisations/{authorisationId}

Once granted an access token, the TPP can retrieve the status of an autorisation linked to the consent resource using the API above.

Delete a Consent resource
DELETE /berlingroup/v1/consents/{consentId}

The TPP can use this API to terminate a consent.