“/mfs-psd2-pis”
GET /v1/accounts { query-parameters }
Reads a list of bank accounts, with balances where required. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. The addressed list of accounts depends then on the PSU ID and the stored consent addressed by consentId, respectively the OAuth2 access token.
Attribute | Type | Condition | Description |
---|---|---|---|
withBalance | Boolean | Optional | If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP. |
Attribute | Type | Condition | Description |
---|---|---|---|
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
Consent-ID | String | Mandatory | Shall be contained since "Establish Consent Transaction" was performed via this API before. |
Authorization | String | Mandatory | An OAuth2 based authentication was performed in a pre-step. |
No request body
200 OK - Successful Response Code
400 BAD REQUEST - Error Response Code | duplicate x-Request-ID, malformed IBAN, currency other than RON, other validation errors
401 UNAUTHORIZED - Error Response Code | OAuth authentication failed
403 FORBIDDEN - Error Response Code | unauthorized user for selected action
Attribute | Type | Condition | Description |
---|---|---|---|
x-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
Attribute | Type | Condition |
---|---|---|
accounts | Array: Account Details | Mandatory |
Response body (example 1)
Response in case of an example, where the consent has been given for one IBAN and balances
{
"accounts": [
{
"resourceId": "1001",
"iban": "RO66ORMF1715363001ORANGE",
"currency": "EUR",
"product": "Moneda scripturala",
"status": "enabled",
"balances": [
{
"balanceType": "closingBooked",
"balanceAmount": {
"currency": "EUR",
"amount": "500"
}
},
{
"balanceType": "expected",
"balanceAmount": {
"currency": "EUR",
"amount": "342"
}
}
]}
]}
Response body (example 2)
Response in case of an example, where the consent has been given for two different IBANs and balances
{
{
"accounts": [
{
"resourceId": "1001",
"iban": "RO66ORMF1715363001ORANGE",
"currency": "EUR",
"product": "Moneda scripturala",
"status": "enabled",
"balances": [
{
"balanceType": "closingBooked",
"balanceAmount": {
"currency": "EUR",
"amount": "500"
}
},
{
"balanceType": "expected",
"balanceAmount": {
"currency": "EUR",
"amount": "342"
}
}
]
},
{
"resourceId": "1002",
"iban": "RO66ORMF1715363002ORANGE",
"currency": "EUR",
"product": "Moneda scripturala",
"status": "enabled",
"balances": [
{
"balanceType": "closingBooked",
"balanceAmount": {
"currency": "EUR",
"amount": "123"
}
},
{
"balanceType": "expected",
"balanceAmount": {
"currency": "EUR",
"amount": "210"
}
}
]
}
]
}
GET /v1/accounts/{ account-id } { query-parameters }
Reads details about an account, with balances where required. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. The addressed details of this account depends then on the stored consent addressed by consentId, respectively the OAuth2 access token.
Attribute | Type | Condition | Description |
---|---|---|---|
withBalance | Boolean | Optional | If contained, this function reads the details of the addressed account including the booking balance, if granted by the PSU's consent and if supported by ASPSP. This data element might be ignored by the ASPSP. |
Attribute | Type | Condition | Description |
---|---|---|---|
x-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
Consent-ID | String | Mandatory | Shall be contained since "Establish Consent Transaction" was performed via this API before. |
Authorization | String | Mandatory | An OAuth2 based authentication was performed in a pre-step. |
No request body
200 OK - Successful Response Code
400 BAD REQUEST - Error Response Code | duplicate x-Request-ID, malformed IBAN, currency other than RON, other validation errors
401 UNAUTHORIZED - Error Response Code | OAuth authentication failed
403 FORBIDDEN - Error Response Code | unauthorized user for selected action
500 INTERNAL SERVER ERROR - Error Response Code | unhandled business case or internal error
502 BAD GATEWAY - Error Response Code | failure from other services in the OMY ecosystems
Attribute | Type | Condition | Description |
---|---|---|---|
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
Attribute | Type | Condition |
---|---|---|
accounts | Account Details | Mandatory |
../v1/accounts/1001?withBalance=true
{
{
"resourceId": "1001",
"iban": "RO66ORMF1715363001ORANGE",
"currency": "EUR",
"product": "Moneda scripturala",
"status": "enabled",
"balances": [
{
"balanceType": "closingBooked",
"balanceAmount": {
"currency": "EUR",
"amount": "500"
}
},
{
"balanceType": "expected",
"balanceAmount": {
"currency": "EUR",
"amount": "342"
}
}
]
}
GET /v1/accounts/ { account-id } /balances
Reads account data from a given account addressed by "account-id".
Attribute | Type | Description |
---|---|---|
account-id | String | This identification is denoting the addressed account. The account-id is retrieved by using a "Read Account List" call. |
No request body
200 OK - Successful Response Code
400 BAD REQUEST - Error Response Code | duplicate x-Request-ID, malformed IBAN, currency other than RON, other validation errors
401 UNAUTHORIZED - Error Response Code | OAuth authentication failed
403 FORBIDDEN - Error Response Code | unauthorized user for selected action
500 INTERNAL SERVER ERROR - Error Response Code | unhandled business case or internal error
502 BAD GATEWAY - Error Response Code | failure from other services in the OMY ecosystems
Attribute | Type | Condition | Description |
---|---|---|---|
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
Consent-ID | String | Mandatory | Shall be contained since "Establish Consent Transaction" was performed via this API before. |
Authorization | String | Mandatory | An OAuth2 based authentication was performed in a pre-step. |
No request body
200 OK - Successful Response Code
400 BAD REQUEST - Error Response Code | duplicate x-Request-ID, malformed IBAN, currency other than RON, other validation errors
401 UNAUTHORIZED - Error Response Code | OAuth authentication failed
403 FORBIDDEN - Error Response Code | unauthorized user for selected action
500 INTERNAL SERVER ERROR - Error Response Code | unhandled business case or internal error
502 BAD GATEWAY - Error Response Code | failure from other services in the OMY ecosystems
Attribute | Type | Condition | Description |
---|---|---|---|
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
Attribute | Type | Condition |
---|---|---|
accounts | iban | Mandatory |
balances | Array: Balance | Mandatory |
../v1/accounts/1001/balances
{
{
"account": "RO66ORMF1715363001ORANGE",
"balances": [
{
"balanceType": "closingBooked",
"balanceAmount": {
"currency": "EUR",
"amount": "500"
}
},
{
"balanceType": "expected",
"balanceAmount": {
"currency": "EUR",
"amount": "342"
}
}
]
}
GET /v1/accounts/ { account-id } /transactions {query-parameters}
Attribute | Type | Description |
---|---|---|
account-id | String | This identification is denoting the addressed account. The account-id is retrieved by using a "Read Account List" call. |
Attribute | Type | Condition | Description |
---|---|---|---|
dateFrom | ISODate | Conditional | Starting date (inclusive the date dateFrom) of the transaction list. |
dateTo | ISODate | Mandatory | End date (inclusive the data dateTo) of the transaction list, default is "now" if not given. |
bookingStatus | String | Mandatory | Permitted codes are "booked", "pending" and "both" "booked" shall be supported by the ASPSP. To support the "pending" and "both" feature is optional for the ASPSP. |
withBalance | boolean | Optional | If contained, this function reads the list of transactions including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP. |
Attribute | Type | Condition | Description |
---|---|---|---|
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
Consent-ID | String | Mandatory | Shall be contained since "Establish Consent Transaction" was performed via this API before. |
No request body
201 OK - Successful Response Code
400 BAD REQUEST - Error Response Code | duplicate x-Request-ID, malformed IBAN, currency other than RON, other validation errors
401 UNAUTHORIZED - Error Response Code | OAuth authentication failed
403 FORBIDDEN - Error Response Code | unauthorized user for selected action
500 INTERNAL SERVER ERROR - Error Response Code | unhandled business case or internal error
502 BAD GATEWAY - Error Response Code | failure from other services in the OMY ecosystems
Attribute | Type | Condition | Description |
---|---|---|---|
Content-Type | String | Mandatory | application/json |
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
Attribute | Type | Condition |
---|---|---|
account | Account Reference (iban) | Mandatory |
transactions | Account Report | Optional |
balances | Balances | Optional |
Request:
… v1/accounts/1001/transactions?dateFrom=2018-01-01&dateTo=2018-07-29&bookingStatus=both&withBalance=true
Response:
{
{
"account": "RO66ORMF1715363001ORANGE",
"transactions": {
"booked": [
{
"bookingDate": "2018-03-2",
"transactionAmount": {
"currency": "EUR",
"amount": "432.00"
},
"creditorName": "ENTITY 1",
"debtorName": "ENTITY 2"
}
],
"pending": [
{
"bookingDate": "2018-07-2",
"transactionAmount": {
"currency": "EUR",
"amount": "412.00"
},
"creditorName": "ENTITY 7",
"debtorName": "ENTITY 8"
}
]
},
"balances": [
{
"balanceType": "closingBooked",
"balanceAmount": {
"currency": "EUR",
"amount": "120.00"
}
},
{
"balanceType": "expected",
"balanceAmount": {
"currency": "EUR",
"amount": "327.00"
}
}
}
“/mfs-psd2-pis”
POST /v1/consents
Creates an account information consent resource at the ASPSP regarding access to account specified in this request.
No request body
Attribute | Type | Condition | Description |
---|---|---|---|
x-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
Authorization | String | Mandatory | OAuth token. |
TPP-Redirect-URI | String | Mandatory | URI of the TPP, where the transaction flow shall be redirected to after a Redirect. |
Attribute | Type | Condition | Description |
---|---|---|---|
access | Account Access | Mandatory | |
recurringIndicator | Boolean | Mandatory | true, if the consent is for recurring access to the account data false, if the consent is for one access to the account data |
validUntil | ISODate | Mandatory | This parameter is requesting a valid until date for the requested consent. The content is the local ASPSP date in ISODate Format, e.g. 2017-10-30. If a maximal available date is requested, a date in far future is to be used: "9999-12-31". The consent object to be retrieved by the GET Consent Request will contain the adjusted date. |
frequencyPerDay | Integer | Mandatory | This field indicates the requested maximum frequency |
combinedService Indicator | Boolean | Mandatory | If true indicates that a payment initiation service will be addressed in the same "session". |
201 OK - Successful Response Code
400 BAD REQUEST - Error Response Code | duplicate x-Request-ID, malformed IBAN, currency other than RON, other validation errors
401 UNAUTHORIZED - Error Response Code | OAuth authentication failed
403 FORBIDDEN - Error Response Code | unauthorized user for selected action
500 INTERNAL SERVER ERROR - Error Response Code | unhandled business case or internal error
502 BAD GATEWAY - Error Response Code | failure from other services in the OMY ecosystems
Attribute | Type | Condition | Description |
---|---|---|---|
Location | String | Mandatory | Location of the created resource |
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
ASPSP-SCA-Approach | UUID | Mandatory | REDIRECT |
Attribute | Type | Condition |
---|---|---|
consentStatus | Consent Status | Mandatory |
consentID | String | Mandatory |
balances | Balances | Optional |
POST /v1/funds-confirmations
Creates a confirmation of funds request at the ASPSP.
No specific query parameter.
Attribute | Type | Condition | Description |
---|---|---|---|
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
Authorization | String | Mandatory | OAuth token. |
TPP-Redirect-URI | String | Mandatory | URI of the TPP, where the transaction flow shall be redirected to after a Redirect. |
Attribute | Type | Condition | Description |
---|---|---|---|
cardNumber | String | Optional | Card Number of the card issued by the PIISP. Should be delivered if available. |
account | iban | Mandatory | The merchant where the card is accepted as an information to the PSU. |
payee | String | Optional | An OAuth2 based authentication was performed in a pre-step. |
instructedAmount | Amount | Mandatory | Transaction amount to be checked within the funds check mechanism. |
201 OK - Successful Response Code
400 BAD REQUEST - Error Response Code | duplicate x-Request-ID, malformed IBAN, currency other than RON, other validation errors
401 UNAUTHORIZED - Error Response Code | OAuth authentication failed
403 FORBIDDEN - Error Response Code | unauthorized user for selected action
500 INTERNAL SERVER ERROR - Error Response Code | unhandled business case or internal error
502 BAD GATEWAY - Error Response Code | failure from other services in the OMY ecosystems
Attribute | Type | Condition | Description |
---|---|---|---|
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party. |
fundsAvailable | String | Mandatory | Equals true if sufficient funds are available at the time of the request, false otherwise. |
Attribute | Type | Description |
---|---|---|
resourceID | String | This is the data element to be used in the path when retrieving data from a dedicated account |
iban | String | |
currency | String | |
product | String | |
status | String | Account status. The value is one of the following:
|
balances | Array: Balances |
Attribute | Type |
---|---|
balanceAmount | Amount |
balanceType | String |
referenceDate | ISODate |
Attribute | Type |
---|---|
booked | Array: Transaction |
pending | Array: Transaction |
Attribute | Type | Description |
---|---|---|
bookingDate | ISODate | The Date when an entry is posted to an account on the ASPSPs books. |
transactionAmount | Amount | The amount of the transaction as billed to the account. |
creditorName | String | Name of the creditor if a "Debited" transaction |
debtorName | String | Name of the debtor if a "Credited" transaction. |
“/mfs-psd2-pis”
POST BasePath + "/v1/payments/sepa-credit-transfers"
Attribute | Type | Condition | Description |
---|---|---|---|
Content-Type | application/json | Mandatory | |
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party |
Authorization | String | Mandatory | Bearer Token received on OAuth2 based authentication performed in a pre-step |
PSU-IP-Address | String | Optional | The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP |
TPP-Redirect-Preferred | Boolean | Optional | If it equals "true", the TPP prefers a redirect over an embedded SCA approach |
TPP-Redirect-URI | String | Optional | URI of the TPP, where the transaction flow shall be redirected to after a Redirect |
Payment initation body
Attribute | Type | Condition | Description |
---|---|---|---|
endToEnd | String | Optional | Maximum 35 characters |
debtorAccount | Account Reference | Optional | Definition of the entity at Section 10 Account Reference |
instructedAmount | Amount | Mandatory | Definition of the entity at Section 10 Amount |
creditorAccount | Account Reference | Mandatory | Definition of the entity at Section 10 Account Reference |
creditorName | String | Mandatory | Maximum 70 characters |
creditorAddress | Address | Optional | Definition of the entity at Section 10 Address |
remittance | Remittance | Mandatory | Maximum 140 characters |
201 OK - Successful Response Code
400 BAD REQUEST - Error Response Code | duplicate x-Request-ID, malformed IBAN, currency other than RON, other validation errors
401 UNAUTHORIZED - Error Response Code | OAuth authentication failed
403 FORBIDDEN - Error Response Code | unauthorized user for selected action
500 INTERNAL SERVER ERROR - Error Response Code | unhandled business case or internal error
502 BAD GATEWAY - Error Response Code | failure from other services in the OMY ecosystems
Location | String | Condition | Description |
---|---|---|---|
Location | String | Mandatory | Location of the created resource, if created |
X-Request-ID | UUID | Mandatory | ID of the request, unique to the call, as determined by the initiating party |
ASPSP-SCA-Approach | String | Mandatory | The OAuth SCA approach will be subsumed by REDIRECT |
Attribute | Type | Condition | Description |
---|---|---|---|
transactionStatus | Transaction Status | Mandatory | |
paymentID | String | Mandatory | Resource identification of the generated payment initiation resource |
transactionFees | Amount | Optional | Can be used by the ASPSP to transport transaction |
transactionFeeIndicator | Boolean | Optional | If equals true, the transaction will involve specific transaction cost as shown by the ASPSP |
scaMethods | Array of authentication objects | Conditional | Is not applicable at the current moment as only one authentication method will be used |
_links | Links | Mandatory | A list of hyperbolinks to be recognized by the TPP. The actual hyperlinks used in the response depend on the dynamical decisions of the ASPS when processing the request |
psuMessage | String | Optional | Max 512 characters, text to be displayed to the PSU |
tppMessages | Array of TPP Message Information | Optional | Messages to the TPP on operational issues |
“/mfs-psd2-pis”
Get BasePath + “v1/payments/sepa-credit-transfers/{paymentId}/status"
Attribute | Type | Description |
---|---|---|
payment ID | String | Resource identification of the related payment |
Attribute | Type | Condition | Description |
---|---|---|---|
Authorization | String | Mandatory |
200 OK - Successful Response Code
401 UNAUTHORIZED - Error Response Code | OAuth authentication failed
403 FORBIDDEN - Error Response Code | unauthorized user for selected action
500 INTERNAL SERVER ERROR - Error Response Code | unhandled business case or internal error
Attribute | Type | Condition | Description |
---|---|---|---|
transactionStatus | String | Mandatory | 10 Links |
iban
bban
pan
maskedPan
msisdn
currency
(Currency codes according to the ISO 4217 standard)category
code
path
text
currency
(Currency codes according to the ISO 4217 standard) amount
street
buildingNumber
city
postalCode
country
(Currency codes according to the ISO 3166-1 standard)
scaRedirect
scaOAuth/strong>
startAuthorisation
startAuthorisationWithPsuIdentification
updatePsuIdentification
startAuthorisationWithProprietaryData
updateProprietaryData
startAuthorisationWithPsuAuthentication
updatePsuAuthentication
startAuthorisationWithEncryptedPsuAuthentication
updateEncryptedPsuAuthentication
startAuthorisationWithTransactionAuthorisation
selectAuthenticationMethod
authoriseTransaction
self
status
scaStatus
account
balances
transactions
transactionDetails
first
next
previous
last
download
href
Sediul Orange Money: Clădirea GREEN COURT, Corpul C, Etaj 11, Strada Gara Herăstrău 4D, Sectorul 2, București 020334
Serviciul Orange Money este furnizat de Orange Money IFN SA şi autorizat de Banca Naţională a României. Orange Money IFN SA este înregistrată cu nr. IEME - RO - 003 - / 21.12.2015 în Registrul Instituţiilor Emitente de Monedă Electronică gestionat de BNR.