Create sandbox agreements
POST/v1/sandbox/agreements
Only used to manage agreements for corporate customers.
Create agreement for customer. Engagements are the connection between accounts and customers.
When granting consent in test a corporate customer will first select an agreement before granting consent to accounts registered on that agreement.
Engagements must have both the role "REGISTER" and "VIEW" to be available for granting consent in the sandbox environment.
Note that the field "customer" in engagement points to the PSU which should see the accounts when granting consent in the PSD2 Sandbox. However the field "account" in the engagement should not be owned by the same PSU, this should be owned by the customer created as the corporation which the PSU is a member of. Also note that the field "owner" in agreement is also the corporation which the PSU is a member of.
Request
Header Parameters
- keyId must be formatted as
keyId="SN=XXX,CA=YYY"
whereXXX
is the serial number of the signing certificate in hexadecimal encoding andYYY
is the full Distinguished Name of the Certificate Authority having certificate - algorithm must identify the same algorithm for the signature as presented in the signing certificate and should be
rsa-sha256
- headers must contain
date
,digest
,x-request-id
,psu-id
,psu-corporate-id
, andtpp-redirect-uri
when available - signature must be computed as
Base64(RSA-SHA256(signingString))
Advertises what type of data is actually sent.
Advertises which content types, expressed as MIME types, the client is able to understand. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the Content-Type response header.
Advertises which character set the client is able to understand. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice within the Content-Type response header.
Advertises which content encoding, usually a compression algorithm, the client is able to understand. Using content negotiation, the server selects one of the proposals, uses it and informs the client of its choice with the Content-Encoding response header.
Advertises which natural languages the client is able to understand, and which locale variant is preferred. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the Content-Language response header.
The domain name of the server (for virtual hosting), and (optionally) the TCP port number on which the server is listening.
Request identifier, unique to the call, as determined by the TPP.
Base64 encoded sha256 or sha512 hash of the message body, used with the signature.
The Digest header is defined by RFC3230 and sha256/sha512 si defined by RFC5843.
The certificate used for signing the request in base64 encoding.
HTTP Message Signature as specified by https://tools.ietf.org/html/draft-cavage-http-signatures-10 with requirements imposed by Berlin Group's NextGenPSD2 Framework.
If any values in the Signature header is ISO-8859-1 or UTF-8 encoded you need to URL encode the Signature header according to RFC 2047 which means MIME encoding the signature.
Also the signature must be wrapped using this format: =?charset?encoding?encoded signature?=
Example of this encoding: =?utf-8?B?a2V5QTQsQ0E9Mi41LjQuOTc9IzB........jMTM1MDUzNDQ0ZTRmMmQ0NjUz?=
Java example of how to implement encoding:
if (charset.equals(StandardCharsets.UTF_8)) {
Signature = String.format("=?utf-8?B?%s?=", Base64.getEncoder().encodeToString(signature.getBytes(StandardCharsets.UTF_8)));
}
- application/json
Body
required
Array [
]
engagements
object[]
required
account
object
required
Possible values: [OWNER
, DISPOSAL
, VIEW
, REGISTER
, APPROVE
, INTERNAL_TRANSFER
, SALARY
]
Responses
- 201
- application/json
- Schema
- Example (from schema)
- application/json;charset=utf-8
Schema
Array [
]
engagements
object[]
required
account
object
required
Possible values: [OWNER
, DISPOSAL
, VIEW
, REGISTER
, APPROVE
, INTERNAL_TRANSFER
, SALARY
]
_links
object
required
self
object
required
engagements
object
required
{
"id": "enc!!oHc4g0K00_s2115LNqycmoQWN8tluC1Apmivegog7Ix3EpASoZ-Doe3mR7tuLEyvRbS7CdzKM1FnHYKx4KTKyA==",
"name": "Testavtale",
"engagements": [
{
"id": "enc!!s5D4NqQEMBHkWZB-bKMJPBtBfr5D6qhsKNsOQ1um5jHiJdEThVowZHquX20B7jNGop831hQj_9sXLqAVwls9OA==",
"customer": "01085800481",
"owner": 999999991,
"account": {
"bban": "90412263056",
"iban": "NO2390412263056"
},
"roles": [
"VIEW",
"REGISTER"
],
"accessRights": false,
"paymentRights": false,
"transferRights": false,
"registerLimit": 0,
"approvalLimit": 0
}
],
"_links": {
"self": {
"href": "/v1/sandbox/agreements/enc!!oHc4g0K00_s2115LNqycmoQWN8tluC1Apmivegog7Ix3EpASoZ-Doe3mR7tuLEyvRbS7CdzKM1FnHYKx4KTKyA==",
"verbs": [
"GET",
"DELETE"
]
},
"engagements": {
"href": "/v1/sandbox/agreements/enc!!oHc4g0K00_s2115LNqycmoQWN8tluC1Apmivegog7Ix3EpASoZ-Doe3mR7tuLEyvRbS7CdzKM1FnHYKx4KTKyA==/engagements",
"verbs": [
"POST",
"DELETE"
]
}
}
}
{
"id": "enc!!oHc4g0K00_s2115LNqycmoQWN8tluC1Apmivegog7Ix3EpASoZ-Doe3mR7tuLEyvRbS7CdzKM1FnHYKx4KTKyA==",
"name": "Testavtale",
"owner": "999999991",
"engagements": [
{
"id": "enc!!s5D4NqQEMBHkWZB-bKMJPBtBfr5D6qhsKNsOQ1um5jHiJdEThVowZHquX20B7jNGop831hQj_9sXLqAVwls9OA==",
"customer": "01085800481",
"account": {
"bban": "90412263056",
"iban": "NO2390412263056"
},
"roles": [
"VIEW",
"REGISTER"
],
"accessRights": false,
"paymentRights": false,
"transferRights": false,
"registerLimit": 0,
"approvalLimit": 0
}
],
"_links": {
"self": {
"href": "/v1/sandbox/agreements/enc!!oHc4g0K00_s2115LNqycmoQWN8tluC1Apmivegog7Ix3EpASoZ-Doe3mR7tuLEyvRbS7CdzKM1FnHYKx4KTKyA==",
"verbs": [
"GET",
"DELETE"
]
},
"engagements": {
"href": "/v1/sandbox/agreements/enc!!oHc4g0K00_s2115LNqycmoQWN8tluC1Apmivegog7Ix3EpASoZ-Doe3mR7tuLEyvRbS7CdzKM1FnHYKx4KTKyA==/engagements",
"verbs": [
"POST",
"DELETE"
]
}
}
}