OP PSD2 Payment Initiation Service API (2.0)

Download OpenAPI specification:Download

PSD2 support: tpp-support@op.fi



OP PSD2 Payment Initiation Service API (PIS) allows Third-Party Providers (TPP) to create and submit SEPA payments. Read more about PSD2 regulation and our APIs.

Using this API requires authenticating the client application, and end user authentication and authorization.

Please note that calling OP's PSD2 APIs with Postman is not supported at this time.

Go to the full workflow for PSD2 PIS API V2 >

Terminology

  • AISP: Account Information Service Provider
  • ASPSP: Account Servicing Payment Service Provider
  • PISP: Payment Initiation Service Provider
  • PSP: Payment Service Provider
  • PSU: Payment Service User
  • TPP: Third-Party Provider accessing the API

Sandbox

PSD2 APIs are available in sandbox free of charge for both licensed and unlicensed developers. See full details for sandbox access.

Production access

Following the regulation, using PSD2 APIs is free of charge also in production. However, a Third-Party Provider has to apply for an AISP/PISP licence from a financial authority (e.g. FIN-FSA in Finland) and obtain valid QWAC and QSEAL certificates. See full details for production access.

Access to business accounts

Only the account holder, i.e. the company, can grant TPPs the right to access the company's business accounts. However, technically the company representative, i.e. the business user, is the actor who in practice confirms with their banking codes the access to business accounts for the TPP.

As the business user is not the holder of the account, the user needs an additional access right from the account holder in order to be able to confirm the requests sent by authorized TPPs.

Instructions for the additional access right registration are available at op.fi in Finnish, Swedish, and English.

After this registration, the business user is able to confirm or reject the requests sent by TPPs.

SEPA payments

OP PSD2 PIS API supports the initiation of SEPA payments. A payment is considered a SEPA payment when:

  • the currency of the payment is Euro,
  • payee’s account number is in IBAN format, and
  • the payee’s account holding bank is located inside the EU/ETA area.

SEPA payment processing in OP PSD2 PIS API:

  1. SEPA payment initiation starts with Create SEPA payment request.
  2. Payment is then submitted using Submit SEPA payment request.
  3. SEPA payments can be initiated as immediate, scheduled or recurring payments.
  4. Payments can be bundled together for authorization with single SCA.

Bundle payment authorization:

  • Authorization bundle can contain multiple payments to be authorized with single SCA.
  • Bundle can contain immediate, scheduled and recurring SEPA payments.
  • Payments are bundled together by using the same authorizationId provided by the first payment in the bundle.
  • Regardless of the type of SEPA payment (immediate, recurring or scheduled), the Payment Services User (PSU) can confirm the payments in one go.

Immediate SEPA payments:

  • Immediate SEPA payments are processed immediately after their submission.
  • TPP is provided immediate feedback if the payment was successfully debited to payer account.
  • TPP may also be provided feedback if the payment has been credited to payee account.
  • Payment must be submitted immediately after authorization. For future dated payments use scheduled SEPA payments.

Scheduled and recurring SEPA payments:

  • Scheduled and recurring payments are submitted for later processing by the bank at their respective due dates.
  • TPP can fetch the payment status at any time.

SEPA payment schedule:

  • SEPA payments can be initiated and submitted at any point of time on any calendar day, even on non-banking days except for possible maintenance breaks in the OP PSD2 PIS API.
  • After the payment has been submitted to the OP PSD2 PIS API, the payment can be processed instantly and debited from the payer’s account or deferred to be processed at a later due date. Payment may be rejected later when sent to the receiving bank.
  • If the payee holds an account in OP, the payment will be credited to the payee’s account almost immediately.
  • Payment status can be requested at any point of time on any calendar day.
  • Future dated payments are processed according to OP's normal processing schedule.

PISP can revoke the payment in three ways:

  • by deleting SEPA payment before it is authorized for single payment transaction (including also recurring payment)
  • by revoking authorization (bundle) before it is authorized for payment bundle
  • by cancelling via SCA after it is authorized and before it is submitted for processing for immediate payments or before its due date for scheduled and recurring payments.

PSU can revoke payments in two ways:

  • by requesting PISP to revoke the payment in the above mentioned ways
  • by cancelling the payment in OP's online channels (mobile and web).

Note: PISP also acting as PSP and using their own name and account number as payee must provide the ultimatePayee field. For everyone else this is optional.

Create SEPA payment

header Parameters
Authorization
required
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage. Represents the Client Application, obtained via Client Credentials Grant.

x-idempotency-key
required
string <= 40 characters ^(?!\s)(.*)(\S)$

Every payment will be created only once per x-idempotency-key.

x-api-key
string

API Key

x-jws-signature
string

A detached JWS signature of the body of the payload. This is required for exemption flow and will be always checked when given. Signature is created using your QSealC.

x-fapi-customer-last-logged-time
string^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Fe...

The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 full dates. An example: Sun, 10 Sep 2017 19:43:31 UTC

x-fapi-customer-ip-address
string

The PSU's IP address if the PSU is currently logged in with the TPP.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-customer-user-agent
string

Indicates the user-agent that the PSU is using.

Request Body schema: application/json; charset=utf-8
One of
required
FinnishReference (string) or CrossBorderReference (string)
required
MonetaryEuroAmount (string)

Amount of the payment, value 0,01 - 999 999 999,99 euros

required
object (SepaPayee)

Payee details. For non-domestic payments (i.e. IBAN not starting with FI) address and country are required.

authorizationId
string

Authorization bundle ID. Used to bundle several payments to one authorization. Foreign payments cannot be bundled with SEPA payments.

object

Payer element is used to define the debit account. If the debit account is not given in the request, then the PSU must choose the debit account from an account list presented by the ASPSP on the authentication and authorization. PSU always has the option to change the debit account during authorization flow.

message
string <= 140 characters

Message for the payee and payer's account statement

ownMessage
string <= 20 characters

Message for the payer's account statement. This is not transmitted to the payee.

payerReference
string <= 35 characters

Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain.

object

Payer identification such as Business ID (Y-tunnus).

ultimatePayee
string <= 70 characters

Name of the ultimate payee, aka the ultimate creditor. Ultimate payee information is required when the PISP acts as PSP and the payee contains the PSP name and account number.

originalPayer
string <= 70 characters

Name of the original payer, aka the ultimate debtor

Responses

Request samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string"
}

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "archiveId": "string",
  • "status": "Unauthorized"
}

Get SEPA payment details

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-sandbox-scenario
string

Sandbox-only parameter for simulating error conditions. Supported values are:

  • InsufficientFunds: Simulates condition where payer account has insufficient funds during submission of payment.
  • PaymentSystemUnavailable: Simulates error condition where payment submission ends up in SubmissionPending state.
  • PaymentFail: Simulates payment submission failure due to unspecified reason.
  • PaymentFail=Reason: Simulates payment submission failure due to one of following reasons:
    • AccountClosed: The payer account is closed and cannot be debited from.
    • InvalidPayee: The payee account is unusable and cannot be credited to.
    • LimitExceeded: Account withdrawal limit exceeded.
  • PaymentRejected: Simulates condition where accepted payment is later rejected. Payment status updates on GET payment.
  • PaymentDebited: Simulates condition where accepted payment is successfully processed and transitions to debited. Payment status updates on GET payment.
  • PaymentCredited: Simulates condition where payment is debited from payer account and credited to payee account. This simulates successful SEPA Instant Credit Transfer and immediately credited OP-OP transfer.
  • PaymentAccepted: Simulates condition where payment in SubmissionPending is verified to be processed and awaits confirmation of being debited from payer account.

Responses

Request samples

curl -X GET https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/sepa-payments/{paymentId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'x-sandbox-scenario: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "archiveId": "string",
  • "status": "Unauthorized"
}

Delete SEPA payment

Deleting payment after it is authorized requires separate SCA approval from PSU.

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X DELETE https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/sepa-payments/{paymentId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "archiveId": "string",
  • "status": "Unauthorized"
}

Submit SEPA payment

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-sandbox-scenario
string

Sandbox-only parameter for simulating error conditions. Supported values are:

  • InsufficientFunds: Simulates condition where payer account has insufficient funds during submission of payment.
  • PaymentSystemUnavailable: Simulates error condition where payment submission ends up in SubmissionPending state.
  • PaymentFail: Simulates payment submission failure due to unspecified reason.
  • PaymentFail=Reason: Simulates payment submission failure due to one of following reasons:
    • AccountClosed: The payer account is closed and cannot be debited from.
    • InvalidPayee: The payee account is unusable and cannot be credited to.
    • LimitExceeded: Account withdrawal limit exceeded.
  • PaymentRejected: Simulates condition where accepted payment is later rejected. Payment status updates on GET payment.
  • PaymentDebited: Simulates condition where accepted payment is successfully processed and transitions to debited. Payment status updates on GET payment.
  • PaymentCredited: Simulates condition where payment is debited from payer account and credited to payee account. This simulates successful SEPA Instant Credit Transfer and immediately credited OP-OP transfer.
  • PaymentAccepted: Simulates condition where payment in SubmissionPending is verified to be processed and awaits confirmation of being debited from payer account.
Request Body schema: application/json; charset=utf-8
object

API guarantees that submission is processed and debited only once. Allows retry also in case of backend failure due to insufficient funds, for example.

Responses

Request samples

Content type
application/json; charset=utf-8
{ }

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "archiveId": "string",
  • "status": "Unauthorized"
}

Create scheduled SEPA payment

header Parameters
Authorization
required
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage. Represents the Client Application, obtained via Client Credentials Grant.

x-idempotency-key
required
string <= 40 characters ^(?!\s)(.*)(\S)$

Every payment will be created only once per x-idempotency-key.

x-api-key
string

API Key

x-jws-signature
string

A detached JWS signature of the body of the payload. This is required for exemption flow and will be always checked when given. Signature is created using your QSealC.

x-fapi-customer-last-logged-time
string^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Fe...

The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 full dates. An example: Sun, 10 Sep 2017 19:43:31 UTC

x-fapi-customer-ip-address
string

The PSU's IP address if the PSU is currently logged in with the TPP.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-customer-user-agent
string

Indicates the user-agent that the PSU is using.

Request Body schema: application/json; charset=utf-8
One of
required
FinnishReference (string) or CrossBorderReference (string)
required
MonetaryEuroAmount (string)

Amount of the payment, value 0,01 - 999 999 999,99 euros

required
object (SepaPayee)

Payee details. For non-domestic payments (i.e. IBAN not starting with FI) address and country are required.

dueDate
required
string <date>

Date when the payment should be executed. For recurring payment, this is the day from which recurrence starts if given.

authorizationId
string

Authorization bundle ID. Used to bundle several payments to one authorization. Foreign payments cannot be bundled with SEPA payments.

object

Payer element is used to define the debit account. If the debit account is not given in the request, then the PSU must choose the debit account from an account list presented by the ASPSP on the authentication and authorization. PSU always has the option to change the debit account during authorization flow.

message
string <= 140 characters

Message for the payee and payer's account statement

ownMessage
string <= 20 characters

Message for the payer's account statement. This is not transmitted to the payee.

payerReference
string <= 35 characters

Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain.

object

Payer identification such as Business ID (Y-tunnus).

ultimatePayee
string <= 70 characters

Name of the ultimate payee, aka the ultimate creditor. Ultimate payee information is required when the PISP acts as PSP and the payee contains the PSP name and account number.

originalPayer
string <= 70 characters

Name of the original payer, aka the ultimate debtor

Responses

Request samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "dueDate": "2019-08-24"
}

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "dueDate": "2019-08-24",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized",
  • "archiveId": "string"
}

Get scheduled SEPA payment details

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-sandbox-scenario
string

Sandbox-only parameter for simulating error conditions. Supported values are:

  • InsufficientFunds: Simulates condition where payer account has insufficient funds during submission of payment.
  • PaymentSystemUnavailable: Simulates error condition where payment submission ends up in SubmissionPending state.
  • PaymentFail: Simulates payment submission failure due to unspecified reason.
  • PaymentFail=Reason: Simulates payment submission failure due to one of following reasons:
    • AccountClosed: The payer account is closed and cannot be debited from.
    • InvalidPayee: The payee account is unusable and cannot be credited to.
    • LimitExceeded: Account withdrawal limit exceeded.
  • PaymentRejected: Simulates condition where accepted payment is later rejected. Payment status updates on GET payment.
  • PaymentDebited: Simulates condition where accepted payment is successfully processed and transitions to debited. Payment status updates on GET payment.
  • PaymentCredited: Simulates condition where payment is debited from payer account and credited to payee account. This simulates successful SEPA Instant Credit Transfer and immediately credited OP-OP transfer.
  • PaymentAccepted: Simulates condition where payment in SubmissionPending is verified to be processed and awaits confirmation of being debited from payer account.

Responses

Request samples

curl -X GET https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/scheduled-sepa-payments/{paymentId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'x-sandbox-scenario: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "dueDate": "2019-08-24",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized",
  • "archiveId": "string"
}

Delete scheduled SEPA payment

Deleting payment after it is authorized requires separate SCA approval from PSU.

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X DELETE https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/scheduled-sepa-payments/{paymentId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "dueDate": "2019-08-24",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized",
  • "archiveId": "string"
}

Submit scheduled SEPA payment

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-sandbox-scenario
string

Sandbox-only parameter for simulating error conditions. Supported values are:

  • InsufficientFunds: Simulates condition where payer account has insufficient funds during submission of payment.
  • PaymentSystemUnavailable: Simulates error condition where payment submission ends up in SubmissionPending state.
  • PaymentFail: Simulates payment submission failure due to unspecified reason.
  • PaymentFail=Reason: Simulates payment submission failure due to one of following reasons:
    • AccountClosed: The payer account is closed and cannot be debited from.
    • InvalidPayee: The payee account is unusable and cannot be credited to.
    • LimitExceeded: Account withdrawal limit exceeded.
  • PaymentRejected: Simulates condition where accepted payment is later rejected. Payment status updates on GET payment.
  • PaymentDebited: Simulates condition where accepted payment is successfully processed and transitions to debited. Payment status updates on GET payment.
  • PaymentCredited: Simulates condition where payment is debited from payer account and credited to payee account. This simulates successful SEPA Instant Credit Transfer and immediately credited OP-OP transfer.
  • PaymentAccepted: Simulates condition where payment in SubmissionPending is verified to be processed and awaits confirmation of being debited from payer account.
Request Body schema: application/json; charset=utf-8
object

Confirm scheduled SEPA payment

Responses

Request samples

Content type
application/json; charset=utf-8
{ }

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "dueDate": "2019-08-24",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized",
  • "archiveId": "string"
}

Create recurring SEPA payment

header Parameters
Authorization
required
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage. Represents the Client Application, obtained via Client Credentials Grant.

x-idempotency-key
required
string <= 40 characters ^(?!\s)(.*)(\S)$

Every payment will be created only once per x-idempotency-key.

x-api-key
string

API Key

x-jws-signature
string

A detached JWS signature of the body of the payload. This is required for exemption flow and will be always checked when given. Signature is created using your QSealC.

x-fapi-customer-last-logged-time
string^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Fe...

The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 full dates. An example: Sun, 10 Sep 2017 19:43:31 UTC

x-fapi-customer-ip-address
string

The PSU's IP address if the PSU is currently logged in with the TPP.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-customer-user-agent
string

Indicates the user-agent that the PSU is using.

Request Body schema: application/json; charset=utf-8
One of
required
FinnishReference (string) or CrossBorderReference (string)
required
MonetaryEuroAmount (string)

Amount of the payment, value 0,01 - 999 999 999,99 euros

required
object (SepaPayee)

Payee details. For non-domestic payments (i.e. IBAN not starting with FI) address and country are required.

dueDate
required
string <date>

Date when the payment should be executed. For recurring payment, this is the day from which recurrence starts if given.

recurrence
required
string
Enum: "Weekly" "Monthly" "LastBankingDayOfTheMonth"

How often the recurring payment should be executed

recurrenceEndDate
required
string <date>

Date when recurring payment should end

authorizationId
string

Authorization bundle ID. Used to bundle several payments to one authorization. Foreign payments cannot be bundled with SEPA payments.

object

Payer element is used to define the debit account. If the debit account is not given in the request, then the PSU must choose the debit account from an account list presented by the ASPSP on the authentication and authorization. PSU always has the option to change the debit account during authorization flow.

message
string <= 140 characters

Message for the payee and payer's account statement

ownMessage
string <= 20 characters

Message for the payer's account statement. This is not transmitted to the payee.

payerReference
string <= 35 characters

Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain.

object

Payer identification such as Business ID (Y-tunnus).

ultimatePayee
string <= 70 characters

Name of the ultimate payee, aka the ultimate creditor. Ultimate payee information is required when the PISP acts as PSP and the payee contains the PSP name and account number.

originalPayer
string <= 70 characters

Name of the original payer, aka the ultimate debtor

Responses

Request samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "dueDate": "2019-08-24",
  • "recurrence": "Weekly",
  • "recurrenceEndDate": "2019-08-24"
}

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "dueDate": "2019-08-24",
  • "recurrence": "Weekly",
  • "recurrenceEndDate": "2019-08-24",
  • "paymentId": "string",
  • "archiveId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized"
}

Get recurring SEPA payment details

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-sandbox-scenario
string

Sandbox-only parameter for simulating error conditions. Supported values are:

  • InsufficientFunds: Simulates condition where payer account has insufficient funds during submission of payment.
  • PaymentSystemUnavailable: Simulates error condition where payment submission ends up in SubmissionPending state.
  • PaymentFail: Simulates payment submission failure due to unspecified reason.
  • PaymentFail=Reason: Simulates payment submission failure due to one of following reasons:
    • AccountClosed: The payer account is closed and cannot be debited from.
    • InvalidPayee: The payee account is unusable and cannot be credited to.
    • LimitExceeded: Account withdrawal limit exceeded.
  • PaymentRejected: Simulates condition where accepted payment is later rejected. Payment status updates on GET payment.
  • PaymentDebited: Simulates condition where accepted payment is successfully processed and transitions to debited. Payment status updates on GET payment.
  • PaymentCredited: Simulates condition where payment is debited from payer account and credited to payee account. This simulates successful SEPA Instant Credit Transfer and immediately credited OP-OP transfer.
  • PaymentAccepted: Simulates condition where payment in SubmissionPending is verified to be processed and awaits confirmation of being debited from payer account.

Responses

Request samples

curl -X GET https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/recurring-sepa-payments/{paymentId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'x-sandbox-scenario: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "dueDate": "2019-08-24",
  • "recurrence": "Weekly",
  • "recurrenceEndDate": "2019-08-24",
  • "paymentId": "string",
  • "archiveId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized"
}

Delete recurring SEPA payment

Deleting payment after it is authorized requires separate SCA approval from PSU.

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X DELETE https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/recurring-sepa-payments/{paymentId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "dueDate": "2019-08-24",
  • "recurrence": "Weekly",
  • "recurrenceEndDate": "2019-08-24",
  • "paymentId": "string",
  • "archiveId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized"
}

Confirm recurring SEPA payment

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-customer-last-logged-time
string^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Fe...

The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 full dates. An example: Sun, 10 Sep 2017 19:43:31 UTC

x-fapi-customer-ip-address
string

The PSU's IP address if the PSU is currently logged in with the TPP.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-customer-user-agent
string

Indicates the user-agent that the PSU is using.

x-sandbox-scenario
string

Sandbox-only parameter for simulating error conditions. Supported values are:

  • InsufficientFunds: Simulates condition where payer account has insufficient funds during submission of payment.
  • PaymentSystemUnavailable: Simulates error condition where payment submission ends up in SubmissionPending state.
  • PaymentFail: Simulates payment submission failure due to unspecified reason.
  • PaymentFail=Reason: Simulates payment submission failure due to one of following reasons:
    • AccountClosed: The payer account is closed and cannot be debited from.
    • InvalidPayee: The payee account is unusable and cannot be credited to.
    • LimitExceeded: Account withdrawal limit exceeded.
  • PaymentRejected: Simulates condition where accepted payment is later rejected. Payment status updates on GET payment.
  • PaymentDebited: Simulates condition where accepted payment is successfully processed and transitions to debited. Payment status updates on GET payment.
  • PaymentCredited: Simulates condition where payment is debited from payer account and credited to payee account. This simulates successful SEPA Instant Credit Transfer and immediately credited OP-OP transfer.
  • PaymentAccepted: Simulates condition where payment in SubmissionPending is verified to be processed and awaits confirmation of being debited from payer account.
Request Body schema: application/json; charset=utf-8
object

Confirm recurring SEPA payment

Responses

Request samples

Content type
application/json; charset=utf-8
{ }

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "amountEUR": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "ownMessage": "string",
  • "reference": "string",
  • "payerReference": "string",
  • "payerIdentifier": {
    },
  • "ultimatePayee": "string",
  • "originalPayer": "string",
  • "dueDate": "2019-08-24",
  • "recurrence": "Weekly",
  • "recurrenceEndDate": "2019-08-24",
  • "paymentId": "string",
  • "archiveId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized"
}

Get recurring SEPA payment recurrence details

path Parameters
paymentId
required
string

Payment ID

dueDate
required
string <date>
Example: 2022-12-01

Due date

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X GET https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/recurring-sepa-payments/{paymentId}/recurrence/{dueDate} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "modified": "2019-08-24T14:15:22Z",
  • "archiveId": "string",
  • "dueDate": "2019-08-24",
  • "status": "AwaitingDueDate"
}

Get payment authorization (bundle)

path Parameters
authorizationId
required
string

Authorization ID

header Parameters
Authorization
required
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage. Represents the Client Application, obtained via Client Credentials Grant.

x-api-key
string

API Key

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X GET https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/authorizations/{authorizationId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized"
}

Revoke authorization (bundle)

All the unauthorized payment transactions included in the bundle will be revoked. If bundle is authorized, each payment has to be cancelled via SCA individually.

path Parameters
authorizationId
required
string

Authorization ID

header Parameters
Authorization
required
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage. Represents the Client Application, obtained via Client Credentials Grant.

x-api-key
string

API Key

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X DELETE https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/authorizations/{authorizationId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized"
}

Find payments by authorizationId

path Parameters
authorizationId
required
string

Authorization ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X GET https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/authorizations/{authorizationId}/payments \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "status": "Unauthorized",
  • "sepaPayments": [
    ],
  • "scheduledSepaPayments": [
    ],
  • "recurringSepaPayments": [
    ],
  • "foreignPayments": [
    ]
}

Foreign payments

OP PSD2 PIS API supports the initiation of foreign payments. Payments are considered foreign payments when any of the following criteria apply:

  • The currency of the payment is not Euro.
  • The Payee’s account number is not in IBAN format.
  • The payee’s account holding bank is located outside the EU/ETA area.

OP PSD2 PIS API foreign payment processing:

  1. Foreign payment initiation starts with Create Foreign payment request.
  2. A foreign payment is then submitted immediately by PISP using Submit foreign payment request.

Foreign payment processing schedule:

  • A foreign payment can be submitted at any time of the day, but it will be debited according to scheduled processing cycles.
  • The cut-off time for the same day processing of foreign payments is at 16.00 EET with a few exceptions on shorter banking days when the cut-off time is at 12.00 EET.
  • Foreign payments received after the cut-off time will be processed and debited on the next banking day.
  • The final status of the foreign payment is created after the last processing cycle at the end of the banking day the payment is debited, approximately at 24.00 EET.
  • TPPs can check the status with the Get foreign payment submission request.

Revocation of the foreign payment:

  • Revocation of the confirmed foreign payment is possible only prior to the submission of the payment to OP. Already submitted payments cannot be revoked. Revocation must be done through the PISP.

Create foreign payment

Go to the full workflow for PSD2 PIS API V2 >

Restrictions in initiating foreign payments:

  • Foreign payments must always be initiated as single payments, i.e. one at a time.
  • The PISP must submit the payment immediately after the PSU has confirmed the payment request.
  • Foreign payments cannot be recurring payments, i.e. paid repeatedly with the same amount and to the same payee.
  • Foreign payments cannot be part of a bundle, i.e. several foreign payments included in the request. If the PSU wants to initiate several foreign payments, then each payment must be initiated, confirmed and submitted separately.
header Parameters
Authorization
required
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage. Represents the Client Application, obtained via Client Credentials Grant.

x-idempotency-key
required
string <= 40 characters ^(?!\s)(.*)(\S)$

Every payment will be created only once per x-idempotency-key.

x-api-key
string

API Key

x-jws-signature
string

A detached JWS signature of the body of the payload. This is required for exemption flow and will be always checked when given. Signature is created using your QSealC.

x-fapi-customer-last-logged-time
string^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Fe...

The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 full dates. An example: Sun, 10 Sep 2017 19:43:31 UTC

x-fapi-customer-ip-address
string

The PSU's IP address if the PSU is currently logged in with the TPP.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-customer-user-agent
string

Indicates the user-agent that the PSU is using.

Request Body schema: application/json; charset=utf-8
amount
required
string <number> (MonetaryAmount) ^\d{1,13}(?:\.\d\d)?$

Positive (greater than zero) monetary amount.

currency
required
string (Currency) ^[A-Z]{3}$

ISO 4127 currency code

required
object (ForeignPayee)

Payee details for foreign payments.

message
required
string <= 140 characters

Message for the payee and payer's account statement

detailsOfCharges
string
Enum: "SHA" "OUR"

Charge bearer. If not given, then the default value of SHA will be used. SHA (default/recommended) = both parties pay their own banking fees OUR = payer pays all the banking fees

paymentOrder
string
Enum: "NORM" "HIGH"

Foreign payment type code. NORM (default) = regular foreign payment HIGH = urgent foreign payment

object
exchangeRateReference
string <= 15 characters

Reference number related to the foreign currency exchange deal (FX deal) for the payment amount. If given, then the exchange rate according to the FX deal is used. If not given, then the bank will use the daily exchange rates.

Responses

Request samples

Content type
application/json; charset=utf-8
{
  • "detailsOfCharges": "SHA",
  • "paymentOrder": "NORM",
  • "amount": "string",
  • "currency": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "exchangeRateReference": "string"
}

Response samples

Content type
application/json; charset=utf-8
{
  • "detailsOfCharges": "SHA",
  • "paymentOrder": "NORM",
  • "amount": "string",
  • "currency": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "exchangeRateReference": "string",
  • "authorizationId": "string",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "archiveId": "string",
  • "status": "Unauthorized"
}

Get foreign payment details

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-sandbox-scenario
string

Sandbox-only parameter for simulating error conditions. Supported values are:

  • InsufficientFunds: Simulates condition where payer account has insufficient funds during submission of payment.
  • PaymentSystemUnavailable: Simulates error condition where payment submission ends up in SubmissionPending state.
  • PaymentFail: Simulates payment submission failure due to unspecified reason.
  • PaymentFail=Reason: Simulates payment submission failure due to one of following reasons:
    • AccountClosed: The payer account is closed and cannot be debited from.
    • InvalidPayee: The payee account is unusable and cannot be credited to.
    • LimitExceeded: Account withdrawal limit exceeded.
  • PaymentRejected: Simulates condition where accepted payment is later rejected. Payment status updates on GET payment.
  • PaymentDebited: Simulates condition where accepted payment is successfully processed and transitions to debited. Payment status updates on GET payment.
  • PaymentCredited: Simulates condition where payment is debited from payer account and credited to payee account. This simulates successful SEPA Instant Credit Transfer and immediately credited OP-OP transfer.
  • PaymentAccepted: Simulates condition where payment in SubmissionPending is verified to be processed and awaits confirmation of being debited from payer account.

Responses

Request samples

curl -X GET https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/foreign-payments/{paymentId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'x-sandbox-scenario: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "detailsOfCharges": "SHA",
  • "paymentOrder": "NORM",
  • "amount": "string",
  • "currency": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "exchangeRateReference": "string",
  • "authorizationId": "string",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "archiveId": "string",
  • "status": "Unauthorized"
}

Delete foreign payment

Deleting payment after it is authorized requires separate SCA approval from PSU.

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X DELETE https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/foreign-payments/{paymentId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "detailsOfCharges": "SHA",
  • "paymentOrder": "NORM",
  • "amount": "string",
  • "currency": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "exchangeRateReference": "string",
  • "authorizationId": "string",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "archiveId": "string",
  • "status": "Unauthorized"
}

Submit foreign payment

path Parameters
paymentId
required
string

Payment ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

x-sandbox-scenario
string

Sandbox-only parameter for simulating error conditions. Supported values are:

  • InsufficientFunds: Simulates condition where payer account has insufficient funds during submission of payment.
  • PaymentSystemUnavailable: Simulates error condition where payment submission ends up in SubmissionPending state.
  • PaymentFail: Simulates payment submission failure due to unspecified reason.
  • PaymentFail=Reason: Simulates payment submission failure due to one of following reasons:
    • AccountClosed: The payer account is closed and cannot be debited from.
    • InvalidPayee: The payee account is unusable and cannot be credited to.
    • LimitExceeded: Account withdrawal limit exceeded.
  • PaymentRejected: Simulates condition where accepted payment is later rejected. Payment status updates on GET payment.
  • PaymentDebited: Simulates condition where accepted payment is successfully processed and transitions to debited. Payment status updates on GET payment.
  • PaymentCredited: Simulates condition where payment is debited from payer account and credited to payee account. This simulates successful SEPA Instant Credit Transfer and immediately credited OP-OP transfer.
  • PaymentAccepted: Simulates condition where payment in SubmissionPending is verified to be processed and awaits confirmation of being debited from payer account.
Request Body schema: application/json; charset=utf-8
object

API guarantees that submission is processed and debited only once. Allows retry also in case of backend failure due to insufficient funds, for example.

Responses

Request samples

Content type
application/json; charset=utf-8
{ }

Response samples

Content type
application/json; charset=utf-8
{
  • "detailsOfCharges": "SHA",
  • "paymentOrder": "NORM",
  • "amount": "string",
  • "currency": "string",
  • "payee": {
    },
  • "payer": {
    },
  • "message": "string",
  • "exchangeRateReference": "string",
  • "authorizationId": "string",
  • "paymentId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "submitted": "2019-08-24T14:15:22Z",
  • "archiveId": "string",
  • "status": "Unauthorized"
}

Get payment authorization (bundle)

path Parameters
authorizationId
required
string

Authorization ID

header Parameters
Authorization
required
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage. Represents the Client Application, obtained via Client Credentials Grant.

x-api-key
string

API Key

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X GET https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/authorizations/{authorizationId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized"
}

Revoke authorization (bundle)

All the unauthorized payment transactions included in the bundle will be revoked. If bundle is authorized, each payment has to be cancelled via SCA individually.

path Parameters
authorizationId
required
string

Authorization ID

header Parameters
Authorization
required
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage. Represents the Client Application, obtained via Client Credentials Grant.

x-api-key
string

API Key

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X DELETE https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/authorizations/{authorizationId} \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "created": "2019-08-24T14:15:22Z",
  • "modified": "2019-08-24T14:15:22Z",
  • "authorized": "2019-08-24T14:15:22Z",
  • "status": "Unauthorized"
}

Find payments by authorizationId

path Parameters
authorizationId
required
string

Authorization ID

header Parameters
x-api-key
string

API Key

Authorization
string

An authorization token as per the OAuth 2.0 Authorization Framework: Bearer Token Usage.

x-fapi-interaction-id
string

An RFC4122 UID used as a correlation ID.

Responses

Request samples

curl -X GET https://psd2.mtls.sandbox.apis.op.fi/payments-psd2/v2/authorizations/{authorizationId}/payments \
-H 'x-api-key: string' \
-H 'Authorization: string' \
-H 'x-fapi-interaction-id: string' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' 

Response samples

Content type
application/json; charset=utf-8
{
  • "authorizationId": "string",
  • "status": "Unauthorized",
  • "sepaPayments": [
    ],
  • "scheduledSepaPayments": [
    ],
  • "recurringSepaPayments": [
    ],
  • "foreignPayments": [
    ]
}