Arion logo

Account Information Service (AIS)

The Account Information Service (AIS) offers the following services:

  • Transaction reports for a given account or card account including balances if applicable
  • Balances of a given account or card account
  • A list of available accounts or card account
  • Account details of a given account or card account or of the list of all accessible accounts or card account relative to a granted consent

Read account list

Read the identifiers of the available payment account together with booking balance information, depending on the consent granted.

It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. The addressed list of accounts depends then on the PSU ID and the stored consent addressed by consentId, respectively the OAuth2 access token.

Returns all identifiers of the accounts, to which an account access has been granted to through the /consents endpoint by the PSU. In addition, relevant information about the accounts and hyperlinks to corresponding account information resources are provided if a related consent has been already granted.

Remark: Note that the /consents endpoint optionally offers to grant an access on all available payment accounts of a PSU. In this case, this endpoint will deliver the information about all available payment accounts of the PSU at this ASPSP.

SecurityNone or BearerAuthOAuth
Request
query Parameters
withBalance
boolean

If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP.

withCreditLimit
boolean

If contained, this function reads the list of accessible payment accounts including the credit limit, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP.

header Parameters
X-Request-ID
required
string <uuid>

ID of the request, unique to the call, as determined by the initiating party.

Example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
Digest
string

Is contained if and only if the "Signature" element is contained in the header of the request.

Example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=
Signature
string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

Example: keyId="SN=9FA1,CA=CN=D-TRUST CA 2-1 2015,O=D-Trust GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))"
TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

Consent-ID
required
string (consentId)

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

PSU-IP-Address
string <ipv4>

The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. It shall be contained if and only if this request was actively initiated by the PSU.

Example: 192.168.8.78
PSU-IP-Port
string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

Example: 1234
PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

Language that the SCA page will be presented in. Possible options are:

  • "is" - Icelandic
  • "en" - English

If parameter is empty, the default language will be English.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
Enum: "GET" "POST" "PUT" "PATCH" "DELETE"
PSU-Device-ID
string <uuid>

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device.

Example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555
PSU-Geo-Location
stringGEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9...

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Example: GEO:52.506931;13.144558
Ocp-Apim-Subscription-Key
required
string

Azure API management subscription key

Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

409

Conflict

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

get/v1/accounts
Response samples
application/json

Response in case of an example, where the consent has been given on two different IBANs.

{
  • "accounts": [
    ]
}

Read account details

Reads details about an account, with balances where required. It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system. The addressed details of this account depends then on the stored consent addressed by consentId, respectively the OAuth2 access token.

NOTE: The account-id can represent a multicurrency account. In this case the currency code is set to "XXX".

Give detailed information about the addressed account.

Give detailed information about the addressed account together with balance information

SecurityNone or BearerAuthOAuth
Request
path Parameters
account-id
required
string (accountId)

This identification is denoting the addressed (card) account. The account-id is retrieved by using a "Read Account List" or "Read Card Account list" call. The account-id is the "resourceId" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

Example: qwer3456tzui7890
query Parameters
withBalance
boolean

If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP.

withCreditLimit
boolean

If contained, this function reads the list of accessible payment accounts including the credit limit, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP.

header Parameters
X-Request-ID
required
string <uuid>

ID of the request, unique to the call, as determined by the initiating party.

Example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
Digest
string

Is contained if and only if the "Signature" element is contained in the header of the request.

Example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=
Signature
string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

Example: keyId="SN=9FA1,CA=CN=D-TRUST CA 2-1 2015,O=D-Trust GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))"
TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

Consent-ID
required
string (consentId)

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

PSU-IP-Address
string <ipv4>

The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. It shall be contained if and only if this request was actively initiated by the PSU.

Example: 192.168.8.78
PSU-IP-Port
string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

Example: 1234
PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

Language that the SCA page will be presented in. Possible options are:

  • "is" - Icelandic
  • "en" - English

If parameter is empty, the default language will be English.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
Enum: "GET" "POST" "PUT" "PATCH" "DELETE"
PSU-Device-ID
string <uuid>

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device.

Example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555
PSU-Geo-Location
stringGEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9...

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Example: GEO:52.506931;13.144558
Ocp-Apim-Subscription-Key
required
string

Azure API management subscription key

Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

409

Conflict

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

get/v1/accounts/{account-id}
Response samples
application/json

Account details for a regular Account.

{
  • "account": {
    }
}

Read balance

Reads account data from a given account addressed by "account-id".

Remark: This account-id can be a tokenised identification due to data protection reason since the path information might be logged on intermediary servers within the ASPSP sphere. This account-id then can be retrieved by the "Get account list" call.

The account-id is constant at least throughout the lifecycle of a given consent.

SecurityNone or BearerAuthOAuth
Request
path Parameters
account-id
required
string (accountId)

This identification is denoting the addressed (card) account. The account-id is retrieved by using a "Read Account List" or "Read Card Account list" call. The account-id is the "resourceId" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

Example: qwer3456tzui7890
header Parameters
X-Request-ID
required
string <uuid>

ID of the request, unique to the call, as determined by the initiating party.

Example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
Digest
string

Is contained if and only if the "Signature" element is contained in the header of the request.

Example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=
Signature
string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

Example: keyId="SN=9FA1,CA=CN=D-TRUST CA 2-1 2015,O=D-Trust GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))"
TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

Consent-ID
required
string (consentId)

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

PSU-IP-Address
string <ipv4>

The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. It shall be contained if and only if this request was actively initiated by the PSU.

Example: 192.168.8.78
PSU-IP-Port
string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

Example: 1234
PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

Language that the SCA page will be presented in. Possible options are:

  • "is" - Icelandic
  • "en" - English

If parameter is empty, the default language will be English.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
Enum: "GET" "POST" "PUT" "PATCH" "DELETE"
PSU-Device-ID
string <uuid>

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device.

Example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555
PSU-Geo-Location
stringGEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9...

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Example: GEO:52.506931;13.144558
Ocp-Apim-Subscription-Key
required
string

Azure API management subscription key

Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

409

Conflict

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

get/v1/accounts/{account-id}/balances
Response samples
application/json

Response for a read balance request in case of a regular account.

{
  • "account": {
    },
  • "balances": [
    ]
}

Read transaction list of an account

Read transaction reports or transaction lists of a given account ddressed by "account-id", depending on the steering parameter "bookingStatus" together with balances.

For a given account, additional parameters are e.g. the attributes "dateFrom" and "dateTo". The ASPSP might add balance information, if transaction lists without balances are not supported.

SecurityNone or BearerAuthOAuth
Request
path Parameters
account-id
required
string (accountId)

This identification is denoting the addressed (card) account. The account-id is retrieved by using a "Read Account List" or "Read Card Account list" call. The account-id is the "resourceId" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

Example: qwer3456tzui7890
query Parameters
dateFrom
string <date>

Conditional: Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required and if bookingStatus does not equal "information".

For booked transactions, the relevant date is the booking date.

For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP.

dateTo
string <date>

End date (inclusive the data dateTo) of the transaction list, default is "now" if not given.

Might be ignored if a delta function is used.

For booked transactions, the relevant date is the booking date.

For pending transactions, the relevant date is the entry date, which may not be transparent neither in this API nor other channels of the ASPSP.

entryReferenceFrom
string

This data attribute is indicating that the AISP is in favour to get all transactions after the transaction with identification entryReferenceFrom alternatively to the above defined period. This is a implementation of a delta access. If this data element is contained, the entries "dateFrom" and "dateTo" might be ignored by the ASPSP if a delta report is supported.

Optional if supported by API provider.

bookingStatus
required
string

Permitted codes are

  • "information",
  • "booked",
  • "pending", and
  • "both" "booked" shall be supported by the ASPSP. To support the "pending" and "both" feature is optional for the ASPSP, Error code if not supported in the online banking frontend
Enum: "information" "booked" "pending" "both"
deltaList
boolean

This data attribute is indicating that the AISP is in favour to get all transactions after the last report access for this PSU on the addressed account. This is another implementation of a delta access-report. This delta indicator might be rejected by the ASPSP if this function is not supported. Optional if supported by API provider

withBalance
boolean

If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP.

pageNumber
integer

The list of transactions returned from the request will be paginated. This parameter is used to navigate the pagination of results. If this parameter is not contained within the request, then the call will respond with the first page of results.

header Parameters
X-Request-ID
required
string <uuid>

ID of the request, unique to the call, as determined by the initiating party.

Example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
Digest
string

Is contained if and only if the "Signature" element is contained in the header of the request.

Example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=
Signature
string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

Example: keyId="SN=9FA1,CA=CN=D-TRUST CA 2-1 2015,O=D-Trust GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))"
TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

Consent-ID
required
string (consentId)

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

PSU-IP-Address
string <ipv4>

The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. It shall be contained if and only if this request was actively initiated by the PSU.

Example: 192.168.8.78
PSU-IP-Port
string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

Example: 1234
PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

Language that the SCA page will be presented in. Possible options are:

  • "is" - Icelandic
  • "en" - English

If parameter is empty, the default language will be English.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
Enum: "GET" "POST" "PUT" "PATCH" "DELETE"
PSU-Device-ID
string <uuid>

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device.

Example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555
PSU-Geo-Location
stringGEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9...

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Example: GEO:52.506931;13.144558
Ocp-Apim-Subscription-Key
required
string

Azure API management subscription key

Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

409

Conflict

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

get/v1/accounts/{account-id}/transactions
Response samples

Response in JSON format for an access on a regular account.

{
  • "account": {
    },
  • "transactions": {
    }
}

Read transaction details

Reads transaction details from a given transaction addressed by "transactionId" on a given account addressed by "account-id". This call is only available on transactions as reported in a JSON format.

Remark: Please note that the PATH might be already given in detail by the corresponding entry of the response of the "Read Transaction List" call within the _links subfield.

SecurityNone or BearerAuthOAuth
Request
path Parameters
account-id
required
string (accountId)

This identification is denoting the addressed (card) account. The account-id is retrieved by using a "Read Account List" or "Read Card Account list" call. The account-id is the "resourceId" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent.

Example: qwer3456tzui7890
transactionId
required
string (transactionId)

This identification is given by the attribute transactionId of the corresponding entry of a transaction list.

Example: 3dc3d5b3-7023-4848-9853-f5400a64e80f
header Parameters
X-Request-ID
required
string <uuid>

ID of the request, unique to the call, as determined by the initiating party.

Example: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721
Digest
string

Is contained if and only if the "Signature" element is contained in the header of the request.

Example: SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A=
Signature
string

A signature of the request by the TPP on application level. This might be mandated by ASPSP.

Example: keyId="SN=9FA1,CA=CN=D-TRUST CA 2-1 2015,O=D-Trust GmbH,C=DE",algorithm="rsa-sha256", headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date", signature="Base64(RSA-SHA256(signing string))"
TPP-Signature-Certificate
string <byte>

The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained.

Consent-ID
required
string (consentId)

This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.

PSU-IP-Address
string <ipv4>

The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. It shall be contained if and only if this request was actively initiated by the PSU.

Example: 192.168.8.78
PSU-IP-Port
string

The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.

Example: 1234
PSU-Accept
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Charset
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Encoding
string

The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.

PSU-Accept-Language
string

Language that the SCA page will be presented in. Possible options are:

  • "is" - Icelandic
  • "en" - English

If parameter is empty, the default language will be English.

PSU-User-Agent
string

The forwarded Agent header field of the HTTP request between PSU and TPP, if available.

PSU-Http-Method
string

HTTP method used at the PSU ? TPP interface, if available. Valid values are:

  • GET
  • POST
  • PUT
  • PATCH
  • DELETE
Enum: "GET" "POST" "PUT" "PATCH" "DELETE"
PSU-Device-ID
string <uuid>

UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. UUID identifies either a device or a device dependant application installation. In case of an installation identification this ID needs to be unaltered until removal from device.

Example: 99435c7e-ad88-49ec-a2ad-99ddcb1f5555
PSU-Geo-Location
stringGEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9...

The forwarded Geo Location of the corresponding http request between PSU and TPP if available.

Example: GEO:52.506931;13.144558
Ocp-Apim-Subscription-Key
required
string

Azure API management subscription key

Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

406

Not Acceptable

408

Request Timeout

409

Conflict

415

Unsupported Media Type

429

Too Many Requests

500

Internal Server Error

503

Service Unavailable

get/v1/accounts/{account-id}/transactions/{transactionId}
Response samples
application/json

Example for transaction details.

{
  • "transactionsDetails": {
    }
}
➔ Next to Consent Service