Skip to main content
Pay By Bank

Get account information V1

You can use Pay by Bank to give customers access to view their bank account details within the payment experience.

Authorise a payment provider

To present your customer with an experience to authorise a payment provider, use the following requests:

  1. POST aisp/providers : To get a list of providers for the country in which the payment is being made.
  2. POST aisp/consent/provider : To get consent for a specific provider to be used for account access. This triggers the user journey for your customer to access to their account details.
  3. POST aisp/authorize : To get an authorization token from your customer's provider.

Get the list of payment providers

To get a list of payment providers in the country where the payment is being made, use POST aisp/providers

Populate the countryCode field with the two-character ISO code for the country. For example, UK.

Sample request
Curl
curl -X 'POST' \
  'https://apigatewayqaf.jpmorgan.com/tsapi/v1/aisp/providers' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -d '{
  "countryCode": "UK"
}'
Sample response
Json
{
  "data": [
    {
      "providersCode": "fakebank_image_xf",
      "providersName": "Fake Bank with Image",
      "customerNotifiedOnSignIn": false,
      "loginUrl": "http://example.com/login",
      "logoUrl": "https://d1uuj3mi6rzwpm.cloudfront.net/logos/providers/xf/placeholder_global.svg",
      "countryCode": "UK",
      "supportedFetchScopes": [
        "accounts",
        "accounts_without_balance",
        "holder_info",
        "transactions"
      ],
      "supportedAccountNatures": [
        "account",
        "card",
        "credit_card"
      ]
    }
  ]
}

In the response you can see the available providers, along with key information:

  • providersCode : To identify the provider when you need to get consent to connect.
  • supportedFetchScopes : To show which elements of your customers account details can be accessed.

To get consent for your customer to connect with their provider (not yet their account), send a request to POST aisp/consent/provider

In the body of this request, you must provide:

  • customerId : Your unique ID for the customer.
  • countryCode : The country where the access if being requested.
  • providerCode : The unique code for this provider. Returned in the response to POST aisp/providers
  • consentScopes : The elements of your customers account to access. Such as account details or transactions.
  • consentDuration : The period of time in days that the consent is provided for. You can leave this blank for open-ended consent.
Sample request
Json
{
  "customerId": "CUST_QA02103453A",
  "countryCode": "UK",
  "providerCode": "fake_oauth_client_xf",
  "consentScopes": [
    "accountDetails",
    "transactions_details",
    "holderInformation"
  ],
  "consentDuration": 90,
  "returnToUrl": "https://sites.jpmchase.com/sites/cib"
}

The sample response is a URL and connect token. You can use this to open the account access screens securely provided for your customer.

Sample response
Json
{
  "redirectUrl": "https://www.abc.com/regulated_fake_providers/fake_oauth_client_xf?client_id=2886&fetch_scopes%5B%5D=accounts&fetch_scopes%5B%5D=holder_info&fetch_scopes%5B%5D=transactions&flow=ais&return_to=https%3A%2F%2Fwww.saltedge.com%2Fconnect%2Foauth_callback%2Faisp%2F2c58378dea8acbc899a4ef6be60e6f8462662615f2011e93de1625af8dcc6c3e&state=connect_token_2c58378dea8acbc899a4ef6be60e6f8462662615f2011e93de1625af8dcc6c3e"
}

Authorize access to your customer's account

Now that your customer has access to their provider, you must request a token that can be used to authorize access to their account.

To authorize this access, you need to make a request to POST aisp/authorize

In your request, you must include:

  • customerId : The ID of your customer.
  • providerCode : The same provider code used to connect to the chosen provider.
  • authToken : The token provided by the response to POST aisp/consent/provider
Sample request payload
Json
{
    "customerId": "TestCustomer1",
    "providerCode": "fake_oauth_client_xf",
    "authToken": "access_token=bc4521d3&state=Pd8b4d0eb"
}

Get account information

Once you have an active auth token for your customer to access their account details, you can send the request for information.

To get account information for your customer from their provider, use POST aisp/

Your request must include:

  • customerId : The ID of your customer.
  • providerCode : The unique code for this provider. Returned in the response to POST aisp/providers
Sample request body
Json
{
  "customerId": "TestCustomer1",
  "providerCode": "fake_oauth_client_xf"
}
Sample response
Json
[
  {
    "accountId": "7610825",
    "balance": 2010.8,
    "nature": "card",
    "name": "AccountList",
    "currencyCode": "EUR",
    "extra": {
      "cards": [],
      "assets": [],
      "clientName": "Fake name",
      "lastPostedTransactionId": "1378698846",
      "iban": "DEXXXXXXXXXXXXXXXXX",
      "transactionsCount": {
        "pending": 0,
        "posted": 1098
      }
    }
  }
]

Get transactions for your customer

Once you have an active auth token for your customer to access their account details, you can send the request for transaction information.

To get transactions information for your customer, use POST aisp/transactions

Your request must include:

  • customerId : The ID of your customer.
  • providerCode : The unique code for this provider. Returned in the response to POST aisp/providers
  • accountId : Your client's account ID with their provider.
Sample request
Json
{
  "customerId": "TestCustomer1",
  "providerCode": "fake_oauth_client_xf",
  "accountId": "12000012"
}
Sample response
Json
[
  {
    "accountId": "12000012",
    "duplicated": false,
    "mode": "normal",
    "amount": 100,
    "madeOn": "2018-12-20",
    "description": "Online crockery purchase",
    "category": "fees_and_charges",
    "currencyCode": "EUR",
    "status": "posted",
    "extra": [
      {
        "possibleDuplicate": false,
        "convert": false,
        "categorizationConfidence": 1,
        "id": "1378698846",
        "accountBalanceSnapshot": 10100,
        "tags": []
      }
    ],
    "createdAt": "2018-12-20T17:38:13Z",
    "updatedAt": "2019-08-05T17:38:13Z"
  },
  {
    "accountId": "12000012",
    "duplicated": false,
    "mode": "normal",
    "amount": 50,
    "madeOn": "2018-12-19",
    "description": "Online clothes purchase",
    "category": "fees_and_charges",
    "currencyCode": "EUR",
    "status": "posted",
    "extra": [
      {
        "possibleDuplicate": false,
        "convert": false,
        "categorizationConfidence": 1,
        "id": "1378698847",
        "accountBalanceSnapshot": 10150,
        "tags": []
      }
    ],
    "createdAt": "2018-12-19T17:38:13Z",
    "updatedAt": "2019-08-05T17:38:13Z"
  }
]

Get customer info held by a provider

Once you have an active auth token for your customer to access their account details, you can send the request for details about your customer held by the provider.

To get transactions information for your customer, use POST aisp/holderinfo

Your request must include:

  • customerId : The ID of your customer.
  • providerCode : The unique code for this provider. Returned in the response to POST aisp/providers
Sample request
Json
{
  "customerId": "TestCustomer1",
  "providerCode": "fake_oauth_client_xf"
}
Sample response
Json
{
  "names": [
    "Engelbert Smith"
  ],
  "emails": [
    "esmith@emailservice.com"
  ],
  "phoneNumbers": [
    "+440123123123"
  ],
  "addresses": []
}

Sequence diagram for account information service

Account Information Sequence Diagram