- BerlinGroup Conformity : Implementation Guidelines version 1.3
More details on how the APIs work, including sample queries, etc, are available in the Berlin Group's specifications. The above link redirects to the Implementation Guidelines, as well as the Berlin Group specifications in Open API 3.0 format.
A valid QWAC Certificate for PSD2 is required to access the Sandbox and Berlin Group API. The following conditions are verified:
If one of the conditions is not fulfilled, the connection is closed and the TPP received an HTTP 403 response (Access forbidden).
A TPP can provide and use any number of valid certificates as long as the CA properties and organizationIdentifier stay the same. The old certificates are not revoked when a new valid certificate is presented by the TPP and can be kept in use until their expiration date is passed.
|Redirect OAuth 2.0 workflow||✔|
|App redirection using App-to-App redirection based on deep linking workflow||✖|
|Support of Signing Baskets||✖|
|Support of Card Accounts Endpoints||✖|
|Supported display of Account Owner name||✔|
|Support of Multilevel SCA Approach||✖|
|Maximum Frequency Per Day Value Supported on Consent Request||4|
|SCA Validity||90 days|
|Consent establishment Timeout||3 days|
|Support of parameter withBalance on APIs||✖|
|Supported Account Reference Identifiers||IBAN||✔|
|Consent scope preset by TPP||availableAccounts = allAccounts||✔|
|availableAccountsWithBalances = allAccounts||✖|
|Consent scope with acccounts preset by PSU||✖|
|Supported Access for MultiCurrency Accounts||✖|
|Multicurrency level||Aggregation level||✖|
|Aggregation & sub-account level||✖|
|Supported Transactions Query Parameters||dateFrom||✔|
|Supported Transaction information||debtorName||✖|