# Payment Initiation Service tutorial source: https://developer.mastercard.com/open-banking-connect/documentation/sandbox/sandbox-scenarios-pis-tutorial/index.md ### Get List of ASPSPs {#get-list-of-aspsps} Before making PIS requests you must first get the list of supported ASPSPs. To retrieve a list of available ASPSPs, submit the request below. Refer to [Sandbox Scenarios](https://developer.mastercard.com/open-banking-connect/documentation/sandbox/sandbox-scenarios/index.md) for all available scenarios for Get List of ASPSPs. #### Request {#request} `POST /accounts/aspsp` #### Request body parameters {#request-body-parameters} ```json { "requestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000" }, "returnAdditionalData": [ "capabilities" ] } ``` Note: The returnAdditionalData field is optional, and is used to return a list of capabilities for each ASPSP. The xRequestId parameter value should be provided unchanged from data sets in order to match the pre-defined response. The following sections are a walk though of how Open Banking Connect performs Payment Initiation operations. It is here to help better understand the Open Banking Connect API overall process for payments. This section describes the scenarios that are available in Open Banking Sandbox in relation to submitting a Domestic Payment instruction. Currently, Domestic Payments are supported by CMA9 and PolishAPI profiles only. #### Step 1 {#step-1} To initiate Domestic Payment consent request, you should select from the data set table; for example, an ASPSP id with **CMA9 profile** and Domestic single payment operation, ex. **876a09be-e667-437b-96e8-4e319d75b794** - Aluminum Bank. | **Field name** | **Value** | |----------------------|------------------------------------------| | `aspspId` | **876a09be-e667-437b-96e8-4e319d75b794** | | `aspsp name` | Aluminum Bank | | `API Profile` | CMA9 | | `country` | GB | | `services` | AIS, PIS | | `operation` | domestic single payment | | `localInstrument` | **UK.FasterPayments** | | `authorization` | UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007 | | `consentId` | UKqeBJbqtZ8sPNznYtUK07 | | `consent Request Id` | 23107 | | `paymentId` | UKSCfMdxtcIOmGpSUqkM | | `payment status` | ACSC | #### Step 2 {#step-2} The `aspspId` and `localinstrument` mandatory parameters should be passed into consent request. ##### Request {#request} `POST /payments/domestic-credit-transfers/consents` ##### Request body parameters {#request-body-parameters} ```json { "requestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000", "tppRedirectURI": "https://tpp-ob.com/callback", "aspspId": "876a09be-e667-437b-96e8-4e319d75b794" }, "payments": { "endToEndIdentification": "123456789012345678", "instructedAmount": { "currency": "GBP", "amount": 150.25 }, "creditorAccount": { "schemeName": "UK.AccountNumber", "identification": "89674545" }, "creditorAgent": { "clearingSystemIdentification": "UK.SortCode", "memberIdentification": "998877" }, "creditorName": "UK Test Creditor 1", "localInstrument": "UK.FasterPayments" } } ``` Note: The `aspspid` and `LocalInstrument` parameter values should be provided unchanged in order to match the pre-defined response. #### Step 3 {#step-3} The following response will be received after the request. The PSU should be redirected to the link in the scaRedirect property, and then the PSU is asked to authorize consent with the ASPSP. Once authorized, the consent will last for the duration of the payment transaction. ##### Response - success {#response---success} HTTP response code `200,OK` ##### Response body {#response-body} ```json { "originalRequestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000" }, "aspspSCAApproach": "REDIRECT", "consentRequestId": "23107", "_links": { "scaRedirect": "http://aspsp-example-sca-redirect-url.com" } } ``` Note: In production environment, the TPP will have to redirect the PSU to the URI received in 'scaRedirect' to complete the authentication with the ASPSP and authorization of the consent. #### Step 4 {#step-4} After this process completes, the TPP will obtain an authorization string starting immediately after question mark ( ? ) or hash mark ( # ) on the URI address specified in the 'tppRedirectURI' field in the request (example: [https://tpp-ob.com/callback/aspsp?code=UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007\&state=38948933-38ae-45af-953e-25a69fefa39e)](https://tpp-ob.com/callback/aspsp?code=UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007&state=38948933-38ae-45af-953e-25a69fefa39e)). The TPP uses this authorization string starting after question mark (example: "code=UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007\&state=38948933-38ae-45af-953e-25a69fefa39e") in "Payment Initiation request" endpoint to get consentId and use it in all subsequent requests associated with the consent. #### Step 1 {#step-1} To redeem the payment, submit a request using the aspspId and authorization parameters for aspspId you selected above from the data set. | **Field name** | **Value** | |----------------------|--------------------------------------------| | `aspspId` | **876a09be-e667-437b-96e8-4e319d75b794** | | `aspsp name` | Aluminum Bank | | `API Profile` | CMA9 | | `country` | GB | | `services` | AIS, PIS | | `operation` | domestic single payment | | `localInstrument` | UK.FasterPayments | | `authorization` | **UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007** | | `consentId` | UKqeBJbqtZ8sPNznYtUK07 | | `consent Request Id` | 23107 | | `paymentId` | UKSCfMdxtcIOmGpSUqkM | | `payment status` | ACSC | An example is shown below. ##### Request {#request} `POST /payments/domestic-credit-transfers` ##### Request body parameters {#request-body-parameters} ```json { "requestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000", "aspspId": "876a09be-e667-437b-96e8-4e319d75b794", "authorization": "code=UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007&state=38948933-38ae- 45af-953e-25a69fefa39e" } } ``` Note: The `aspspid` and `authorization` parameter values should be provided unchanged in order to match the pre-defined response. #### Step 2 {#step-2} The following response will be received indicating payment request was successful. ##### Response - success {#response---success} HTTP response code `200,OK` ##### Response body {#response-body} ```json { "originalRequestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000" }, "transfer": { "paymentId": "UKSCfMdxtcIOmGpSUqkM", "transactionStatus": "RCVD" }, "consent": { "consentRequestId": "23107", "consentId": "UKqeBJbqtZ8sPNznYtUK07" } } ``` Note: The response returns `consentId` and `paymentId` which will be used in future requests related to this consent. ##### Step 1 {#step-1} To get the payment status, submit the following request using the `paymentId`, `aspspId` and `consentId` parameters for ASPSP id you selected above from the data set. | **Field name** | **Value** | |----------------------|------------------------------------------| | `aspspId` | **876a09be-e667-437b-96e8-4e319d75b794** | | `aspsp name` | Aluminum Bank | | `API Profile` | CMA9 | | `country` | GB | | `services` | AIS, PIS | | `operation` | domestic single payment | | `localInstrument` | UK.FasterPayments | | `authorization` | UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007 | | `consentId` | **UKqeBJbqtZ8sPNznYtUK07** | | `consent Request Id` | 23107 | | `paymentId` | **UKSCfMdxtcIOmGpSUqkM** | | `payment status` | ACSC | An example is shown below. ##### Request {#request} `POST /payments/domestic-credit-transfers/payment-status` ##### Request body parameters {#request-body-parameters} ```json { "paymentId": "UKSCfMdxtcIOmGpSUqkM", "requestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000", "aspspId": "876a09be-e667-437b-96e8-4e319d75b794", "consentId": "UKqeBJbqtZ8sPNznYtUK07" } } ``` Note: The `aspspid`, `paymentId` and `consentId` parameter values should be provided unchanged in order to match the pre-defined response. #### Step 2 {#step-2} The following response will be received where payment status can be viewed. ##### Response - success {#response---success} HTTP response code `200,OK` ##### Response body {#response-body} ```json { "originalRequestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000" }, "payments": { "transactionStatus": "ACSC" } } ``` This section describes the scenarios that are available in Open Banking Sandbox in relation to submitting a SEPA Payment instruction. The SEPA Payments are supported by PolishAPI, NextGenPSD2 and STET profiles. The CMA9 does not support SEPA payments. #### Step 1 {#step-1} 1. To initiate SEPA Payment consent request, you should select from the data set table; for example,an ASPSP id which supports **SEPA** single payment operation, ex. **6bc896b5-1b5a-473a-a1d8-dfd3aaa4fab5** - Fermium Bank. | **Field name** | **Value** | |------------------------|------------------------------------------| | `aspspId` | **6bc896b5-1b5a-473a-a1d8-dfd3aaa4fab5** | | `aspsp name` | Fermium Bankk | | `API Profile` | NextGenPSD2 | | `country` | NL | | `services` | AIS, PIS | | `operation` | SEPA single payment | | `localInstrument` | **SEPA** | | `creditorAccount-iban` | **NL91ABNA4567981300** | | `authorization` | NLdpVsbG8gQ2TP7kZWJleft31serYXV0aNL060 | | `consentId` | NLqeBJbqtX7sPNznYtNL60 | | `consent Request Id` | 23162 | | `paymentId` | NLIEYZqcNiotDUflstxX | | `payment status` | ACSP | #### Step 2 {#step-2} The `aspspId`, `localinstrument` and `creditorAccount-iban` mandatory parameters should be passed into consent request. ##### Request {#request} `POST /payments/payments/sepa-credit-transfers/consents` ##### Request body parameters {#request-body-parameters} ```json { "requestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000", "tppRedirectURI": "https://tpp-ob.com/callback", "aspspId": "6bc896b5-1b5a-473a-a1d8-dfd3aaa4fab5" }, "payments": { "localInstrument": "SEPA", "instructionPriority": "Normal", "endToEndIdentification": "123456789012345678", "debtorName": "Debtor Name", "instructedAmount": { "currency": "EUR", "amount": 200.00 }, "creditorAgent": { "bicfi": "BARCGB22XXX" }, "creditorAccount": { "iban": "NL91ABNA4567981300" }, "creditorName": "Creditor Name", "creditorAddress": { "street": "Street", "buildingNumber": "2", "city": "City", "postalCode": "Postal Code", "countrySubDivision": "Country Subdivision", "country": "FR" }, "remittanceInformationUnstructured": "Payment for fruits" } } ``` Note: The `aspspid`, `localInstrument` and `iban` parameter values should be provided unchanged in order to match the pre-defined response. #### Step 3 {#step-3} The following response will be received after the request. The PSU should be redirected to the link in the scaRedirect property, and next the PSU will be asked to authorize consent with the ASPSP. Once authorized, the consent will last for the duration of the payment transaction.. ##### Response - success {#response---success} HTTP response code `200,OK` ##### Response body {#response-body} ```json { "originalRequestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000" }, "aspspSCAApproach": "REDIRECT", "consentRequestId": "23162", "_links": { "scaRedirect": "http://aspsp-example-sca-redirect-url.com" } } ``` Note: In production environment, the TPP will have to redirect the PSU to the URI received in 'scaRedirect' to complete the authentication with the ASPSP and authorization of the consent. #### Step 4 {#step-4} After this process completes, the TPP will obtain an authorization string starting immediately after question mark ( ? ) or hash mark ( # ) on the URI address specified in the 'tppRedirectURI' field in the request (ex. . The TPP uses this authorization string starting after question mark (ex. "code=UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007") in "Payment Initiation request" endpoint to get consentId and use it in all subsequent requests associated with the consent. #### Step 1 {#step-1} To redeem the payment, submit a request using the `aspspId` and `authorization` parameters for aspspId you selected above from the data set. | **Field name** | **Value** | |------------------------|--------------------------------------------| | `aspspId` | **6bc896b5-1b5a-473a-a1d8-dfd3aaa4fab5** | | `aspsp name` | Fermium Bankk | | `API Profile` | NextGenPSD2 | | `country` | NL | | `services` | AIS, PIS | | `operation` | SEPA single payment | | `localInstrument` | SEPA | | `creditorAccount-iban` | NL91ABNA4567981300 | | `authorization` | **NLdpVsbG8gQ2TP7kZWJleft31serYXV0aNL060** | | `consentId` | NLqeBJbqtX7sPNznYtNL60 | | `consent Request Id` | 23162 | | `paymentId` | NLIEYZqcNiotDUflstxX | | `payment status` | ACSP | An example is shown below. ##### Request {#request} `POST /payments/sepa-credit-transfers` ##### Request body parameters {#request-body-parameters} ```json { "requestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000", "aspspId": "6bc896b5-1b5a-473a-a1d8-dfd3aaa4fab5", "authorization": "code=NLdpVsbG8gQ2TP7kZWJleft31serYXV0aNL060&state=38948933-38ae-45af-953e-25a69fefa39e" } } ``` Note: The `aspspid` and `authorization` parameter values should be provided unchanged in order to match the pre-defined response. #### Step 2 {#step-2} The following response will be received indicating payment request was successful. ##### Response - success {#response---success} HTTP response code `200,OK` ##### Response body {#response-body} ```json { "originalRequestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000" }, "transfer": { "paymentId": "NLIEYZqcNiotDUflstxX", "transactionStatus": "ACSP" }, "consent": { "consentRequestId": "23162", "consentId": "NLqeBJbqtX7sPNznYtNL60" } } ``` Note: The response returns `consentId` and `paymentId` which will be used in future requests related to this consent. ##### Step 1 {#step-1} To get the payment status, submit the following request using the `paymentId`, `aspspId` and `consentId` parameters for ASPSP id you selected above from the data set. | **Field name** | **Value** | |------------------------|------------------------------------------| | `aspspId` | **6bc896b5-1b5a-473a-a1d8-dfd3aaa4fab5** | | `aspsp name` | Fermium Bankk | | `API Profile` | NextGenPSD2 | | `country` | NL | | `services` | AIS, PIS | | `operation` | SEPA single payment | | `localInstrument` | SEPA | | `creditorAccount-iban` | NL91ABNA4567981300 | | `authorization` | NLdpVsbG8gQ2TP7kZWJleft31serYXV0aNL060 | | `consentId` | **NLqeBJbqtX7sPNznYtNL60** | | `consent Request Id` | 23162 | | `paymentId` | **NLIEYZqcNiotDUflstxX** | | `payment status` | ACSP | An example is shown below. ##### Request {#request} `POST /payments/sepa-credit-transfers/payment-status` ##### Request body parameters {#request-body-parameters} ```json { "paymentId": "NLIEYZqcNiotDUflstxX", "requestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000", "aspspId": "6bc896b5-1b5a-473a-a1d8-dfd3aaa4fab5", "consentId": "NLqeBJbqtX7sPNznYtNL60" } } ``` Note: The `aspspId`, `consentId` and `paymentId` parameter values should be provided unchanged in order to match the pre-defined response. #### Step 2 {#step-2} The following response will be received where payment status can be viewed. ##### Response - success {#response---success} HTTP response code `200,OK` ##### Response body {#response-body} ```json { "originalRequestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000" }, "payments": { "transactionStatus": "ACSC" } } ``` This section describes the scenarios that are available in Open Banking Connect Sandbox in relation to submitting a Cross-Border Payment instruction. Currently, Cross-Border Payments are supported by CMA9 and PolishAPI profiles only. #### Step 1 {#step-1} To initiate Cross-Border Payment consent request, you should select from the data set table; for example an ASPSP id with **CMA9 profile** and Cross-Border single payment operation, ex. **420e5cff-0e2a-4156-991a-f6eeef0478cf** -- Sandbox ASPSP 1. | **Field name** | **Value** | |----------------------------------|-------------------------------------------| | `aspspId` | **420e5cff-0e2a-4156-991a-f6eeef0478cf** | | `aspsp name` | Sandbox ASPSP 1 | | `API Profile` | CMA9 | | `country` | GB | | `services` | AIS, PIS | | `operation` | Cross-Border single payment | | `localInstrument` | **Swift** | | `creditorAccount-schemeName` | **IBAN** | | `creditorAccount-identification` | **PL06884573292356737845125375** | | `authorization` | UKcrossVsbG8gQ2TP9kZWJleft53serYXV0aUK001 | | `consentId` | CBgBTpF3:EBy5xGqQMatk | | `consent Request Id` | 42341 | | `paymentId` | 258aFR415:22Aa:6asdC | | `payment status` | RCVD | #### Step 2 {#step-2} The `aspspId`, `localinstrument`, `schemeName` and `identification` mandatory parameters should be passed into consent request. ##### Request {#request} `POST /payments/cross-border-credit-transfers/consents` ##### Request body parameters {#request-body-parameters} ```json { "requestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000", "tppRedirectURI": "https://tpp-ob.com/callback", "aspspId": "420e5cff-0e2a-4156-991a-f6eeef0478cf" }, "payments": { "localInstrument": "Swift", "instructionPriority": "Normal", "endToEndIdentification": "123456789012345678", "debtorAccount": { "schemeName":"IBAN", "identification": "UK06884573292356737845125375" }, "debtorName": "Debtor Name", "debtorAddress": { "street": "Street", "buildingNumber": "1", "city": "City", "postalCode": "Postal Code", "countrySubDivision": "Country Subdivision", "country": "GB" }, "instructedAmount": { "currency": "GBP", "amount": 120.00 }, "creditorAgent": { "schemeName":"BIC", "identification": "ALLBPLPW" }, "creditorAccount": { "schemeName":"IBAN", "identification": "PL06884573292356737845125375" }, "creditorName": "Creditor Name", "remittanceInformationUnstructured": "Payment for fruits" } } ``` Note: The `aspspid`, `localInstrument`, `creditorAccount-schemeName` and `creditorAccount-identification` parameter values should be provided unchanged in order to match the pre-defined response. #### Step 3 {#step-3} The response below will be received after the request. The PSU should be redirected to the link in the scaRedirect property, and next the PSU will be asked to authorize consent with the ASPSP. Once authorized, the consent will last for the duration of the payment transaction. ##### Response - success {#response---success} HTTP response code `200,OK` ##### Response body {#response-body} ```json { "originalRequestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000" }, "aspspSCAApproach": "REDIRECT", "consentRequestId": "42341", "_links": { "scaRedirect": "http://aspsp-example-sca-redirect-url.com" } } ``` Note: In production environment, the TPP will have to redirect the PSU to the URI received in 'scaRedirect' to complete the authentication with the ASPSP and authorization of the consent. #### Step 4 {#step-4} After this process completes, the TPP will obtain an authorization string starting immediately after question mark ( ? ) or hash mark ( # ) on the URI address specified in the 'tppRedirectURI' field in the request (ex. [https://tpp-ob.com/callback/aspsp?code=UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007\&state=38948933-38ae-45af-953e-25a69fefa39e)](https://tpp-ob.com/callback/aspsp?code=UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007&state=38948933-38ae-45af-953e-25a69fefa39e)). The TPP uses this authorization string starting after question mark (ex. "code=UKdpVsbG8gQ2TP7kZWJleft54serYXV0aUK007\&state=38948933-38ae-45af-953e-25a69fefa39e") in "Payment Initiation request" endpoint to get consentId and use it in all subsequent requests associated with the consent. #### Step 1 {#step-1} To redeem the payment, submit a request using the `aspspId` and `authorization` parameters for aspspId you selected above from the data set. | **Field name** | **Value** | |----------------------------------|-----------------------------------------------| | `aspspId` | **420e5cff-0e2a-4156-991a-f6eeef0478cf** | | `aspsp name` | Sandbox ASPSP 1 | | `API Profile` | CMA9 | | `country` | GB | | `services` | AIS, PIS | | `operation` | Cross-Border single payment | | `localInstrument` | Swift | | `creditorAccount-schemeName` | IBAN | | `creditorAccount-identification` | PL06884573292356737845125375 | | `authorization` | **UKcrossVsbG8gQ2TP9kZWJleft53serYXV0aUK001** | | `consentId` | CBgBTpF3:EBy5xGqQMatk | | `consent Request Id` | 42341 | | `paymentId` | 258aFR415:22Aa:6asdC | | `payment status` | RCVD | An example is shown below. ##### Request {#request} `POST /payments/cross-border-credit-transfers` ##### Request body parameters {#request-body-parameters} ```json { "requestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000", "aspspId": "420e5cff-0e2a-4156-991a-f6eeef0478cf", "authorization": "code=UKcrossVsbG8gQ2TP9kZWJleft53serYXV0aUK001&state=38948933-38ae-45af-953e-25a69fefa39e " } } ``` Note: The `aspspid` and `authorization` parameter values be provided unchanged from data sets in order to match the pre-defined response. #### Step 2 {#step-2} The following response will be received indicating payment request was successful. ##### Response - success {#response---success} HTTP response code `200,OK` ##### Response body {#response-body} ```json { "originalRequestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000" }, "transfer": { "paymentId": "258aFR415:22Aa:6asdC", "transactionStatus": "RCVD" }, "consent": { "consentRequestId": "42341", "consentId": "CBgBTpF3:EBy5xGqQMatk" } } ``` Note: The response returns `consentId` and `paymentId` which will be used in future requests related to this consent. #### Step 1 {#step-1} To get the payment status, submit the following request using the `paymentId`, `aspspId` and `consentId` parameters for ASPSP id you selected above from the data set. | **Field name** | **Value** | |----------------------------------|-------------------------------------------| | `aspspId` | **420e5cff-0e2a-4156-991a-f6eeef0478cf** | | `aspsp name` | Sandbox ASPSP 1 | | `API Profile` | CMA9 | | `country` | GB | | `services` | AIS, PIS | | `operation` | Cross-Border single payment | | `localInstrument` | Swift | | `creditorAccount-schemeName` | IBAN | | `creditorAccount-identification` | PL06884573292356737845125375 | | `authorization` | UKcrossVsbG8gQ2TP9kZWJleft53serYXV0aUK001 | | `consentId` | **CBgBTpF3:EBy5xGqQMatk** | | `consent Request Id` | 42341 | | `paymentId` | **258aFR415:22Aa:6asdC** | | `payment status` | RCVD | An example is shown below. ##### Request {#request} `POST /payments/cross-border-credit-transfers/payment-status` ##### Request body parameters {#request-body-parameters} ```json { "paymentId": "258aFR415:22Aa:6asdC", "requestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000", "aspspId": "420e5cff-0e2a-4156-991a-f6eeef0478cf", "consentId": "CBgBTpF3:EBy5xGqQMatk" } } ``` Note: The `paymentId`, `aspspId` and `consentId` parameter values should be provided unchanged from data sets in order to match the pre-defined response. #### Step 2 {#step-2} The following response will be received where payment status can be viewed. ##### Response - success {#response---success} HTTP response code `200,OK` ##### Response body {#response-body} ```json { "originalRequestInfo": { "xRequestId": "123e4567-e89b-12d3-a456-426655440000" }, "payments": { "transactionStatus": "ACSC" } } ```