Create CBCT payment
POST/v1/payments/cross-border-credit-transfers
See XS2A Framework Implementation Guidelines, Section 5.3.1 and 11.1 for additional details.
Sample Request Body
"instructedAmount": {
"amount": "100.33",
"currency": "SEK"
},
"creditorName": "Company 123",
"creditorAgent": "AAA100",
"creditorAccount": {
"bban": "95360573002",
"currency": "SEK"
},
"creditorAddress": {
"street": "Street",
"buildingNumber": "56",
"postalCode": "7014",
"city": "Trondheim",
"country": "NO"
},
"debtorAccount": {
"bban": "95360573002",
"currency": "NOK"
}
}
Request
Query Parameters
Advertises whether or not logical duplicate payments should be allowed.
Header Parameters
- keyId must be formatted as
keyId="SN=XXX,CA=YYY"
whereXXX
is the serial number of the signing certificate in hexadecimal encoding andYYY
is the ful Distinguished Name of the Certificate Authority having certificate - algorithm must identify the same algorithm for the signature as presented in the signing certificate and should be
rsa-sha256
- headers must contain
date
,digest
,x-request-id
,psu-id
,psu-corporate-id
, andtpp-redirect-uri
when available - signature must be computed as
Base64(RSA-SHA256(signingString))
Make a published future breaking change active before the date when it is going to be made default, for adopting changes early. (see Future Breaking Changes)
Advertises which content types, expressed as MIME types, the client is able to understand. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the Content-Type response header.
Advertises which character set the client is able to understand. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice within the Content-Type response header.
Advertises which content encoding, usually a compression algorithm, the client is able to understand. Using content negotiation, the server selects one of the proposals, uses it and informs the client of its choice with the Content-Encoding response header.
Advertises which natural languages the client is able to understand, and which locale variant is preferred. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the Content-Language response header.
The domain name of the server (for virtual hosting), and (optionally) the TCP port number on which the server is listening.
Request identifier, unique to the call, as determined by the TPP.
TPP session identifier.
URI of the TPP, where the transaction flow shall be redirected to after a Redirect.
Set to false to automatically trigger biometric authentication for mobile apps whenever available. Default is true.
Logged TPP brand used towards the PSU if applicable
Base64 encoded sha256 or sha512 hash of the message body, used with the signature.
The Digest header is defined by RFC3230 and sha256/sha512 si defined by RFC5843.
The certificate used for signing the request in base64 encoding.
HTTP Message Signature as specified by https://tools.ietf.org/html/draft-cavage-http-signatures-10 with requirements imposed by Berlin Group's NextGenPSD2 Framework.
If any values in the Signature header is ISO-8859-1 or UTF-8 encoded you need to URL encode the Signature header according to RFC 2047 which means MIME encoding the signature.
Also the signature must be wrapped using this format: =?charset?encoding?encoded signature?=
Example of this encoding: =?utf-8?B?a2V5QTQsQ0E9Mi41LjQuOTc9IzB........jMTM1MDUzNDQ0ZTRmMmQ0NjUz?=
Java example of how to implement encoding:
if (charset.equals(StandardCharsets.UTF_8)) {
Signature = String.format("=?utf-8?B?%s?=", Base64.getEncoder().encodeToString(signature.getBytes(StandardCharsets.UTF_8)));
}
The PSU identifier.
As an alternative to PSU-ID, the PSU can be identified by norwegian personal identification number (national identity number/D-number)
The PSU Corporate agreement identifier.
Possible values: [PRIVATE
, CORPORATE
]
Explicitly set PSU context. Required for single SCA payment initiation.
The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP.
The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
The forwarded value for the User-Agent header field between the PSU and TPP, if available.
The forwarded value for the Accept header field between the PSU and TPP, if available.
The forwarded value for the Accept-Charset header field between the PSU and TPP, if available.
The forwarded value for the Accept-Encoding header field between the PSU and TPP, if available.
The forwarded value for the Accept-Language header field between the PSU and TPP, if available.
Possible values: [GET
, POST
, PUT
, PATCH
, DELETE
]
The forwarded value for the HTTP method used between the PSU and TPP, if available.
The forwarded value of the device ID used by the PSU, if available.
The forwarded value of the Geo Location of the corresponding HTTP request between the PSU and TPP, if available.
- application/json
Body
required
payload
instructedAmount
object
required
Note that even though the contract sets a precision of 18 and a scale of 5, the provided fraction digits must adhere to the minor units as defined in ISO 4217 for the provided currency code.
Possible values: [AED
, AFN
, ALL
, AMD
, ANG
, AOA
, ARS
, AUD
, AWG
, AZN
, BAM
, BBD
, BDT
, BGN
, BHD
, BIF
, BMD
, BND
, BOB
, BRL
, BSD
, BTN
, BWP
, BYR
, BZD
, CAD
, CDF
, CHF
, CLP
, CNY
, COP
, CRC
, CUC
, CUP
, CVE
, CZK
, DJF
, DKK
, DOP
, DZD
, EGP
, ERN
, ETB
, EUR
, FJD
, FKP
, GBP
, GEL
, GGP
, GHS
, GIP
, GMD
, GNF
, GTQ
, GYD
, HKD
, HNL
, HRK
, HTG
, HUF
, IDR
, ILS
, IMP
, INR
, IQD
, IRR
, ISK
, JEP
, JMD
, JOD
, JPY
, KES
, KGS
, KHR
, KMF
, KPW
, KRW
, KWD
, KYD
, KZT
, LAK
, LBP
, LKR
, LRD
, LSL
, LYD
, MAD
, MDL
, MGA
, MKD
, MMK
, MNT
, MOP
, MRO
, MUR
, MVR
, MWK
, MXN
, MYR
, MZN
, NAD
, NGN
, NIO
, NOK
, NPR
, NZD
, OMR
, PAB
, PEN
, PGK
, PHP
, PKR
, PLN
, PYG
, QAR
, RON
, RSD
, RUB
, RWF
, SAR
, SBD
, SCR
, SDG
, SEK
, SGD
, SHP
, SLL
, SOS
, SPL
, SRD
, STD
, SVC
, SYP
, SZL
, THB
, TJS
, TMT
, TND
, TOP
, TRY
, TTD
, TVD
, TWD
, TZS
, UAH
, UGX
, USD
, UYU
, UZS
, VEF
, VND
, VUV
, WST
, XAF
, XCD
, XDR
, XOF
, XPF
, YER
, ZAR
, ZMW
, ZWD
]
ISO 4217 Alphabetic Currency Code.
Possible values: <= 70 characters
The creditor's full name.
The creditor's agent, otherwise known as BIC, BICFI or SWIFT, required if using BBAN in creditorAccount.
creditorAccount
object
required
A reference to either a BBAN or an IBAN of an account.
Possible values: <= 30 characters
Identifier that uniquely identifies an individual account at a specific financial institution in a particular country and which includes a bank identifier of the financial institution servicing that account.
Possible values: <= 34 characters
Expanded version of the basic bank account number (BBAN), structured as defined by ISO 13616-1:2007, intended for use internationally, which uniquely identifies an individual account at a specific financial institution, in a particular country.
Possible values: [AED
, AFN
, ALL
, AMD
, ANG
, AOA
, ARS
, AUD
, AWG
, AZN
, BAM
, BBD
, BDT
, BGN
, BHD
, BIF
, BMD
, BND
, BOB
, BRL
, BSD
, BTN
, BWP
, BYR
, BZD
, CAD
, CDF
, CHF
, CLP
, CNY
, COP
, CRC
, CUC
, CUP
, CVE
, CZK
, DJF
, DKK
, DOP
, DZD
, EGP
, ERN
, ETB
, EUR
, FJD
, FKP
, GBP
, GEL
, GGP
, GHS
, GIP
, GMD
, GNF
, GTQ
, GYD
, HKD
, HNL
, HRK
, HTG
, HUF
, IDR
, ILS
, IMP
, INR
, IQD
, IRR
, ISK
, JEP
, JMD
, JOD
, JPY
, KES
, KGS
, KHR
, KMF
, KPW
, KRW
, KWD
, KYD
, KZT
, LAK
, LBP
, LKR
, LRD
, LSL
, LYD
, MAD
, MDL
, MGA
, MKD
, MMK
, MNT
, MOP
, MRO
, MUR
, MVR
, MWK
, MXN
, MYR
, MZN
, NAD
, NGN
, NIO
, NOK
, NPR
, NZD
, OMR
, PAB
, PEN
, PGK
, PHP
, PKR
, PLN
, PYG
, QAR
, RON
, RSD
, RUB
, RWF
, SAR
, SBD
, SCR
, SDG
, SEK
, SGD
, SHP
, SLL
, SOS
, SPL
, SRD
, STD
, SVC
, SYP
, SZL
, THB
, TJS
, TMT
, TND
, TOP
, TRY
, TTD
, TVD
, TWD
, TZS
, UAH
, UGX
, USD
, UYU
, UZS
, VEF
, VND
, VUV
, WST
, XAF
, XCD
, XDR
, XOF
, XPF
, YER
, ZAR
, ZMW
, ZWD
]
ISO 4217 Alphabetic Currency Code.
creditorAddress
object
Possible values: <= 70 characters
Possible values: <= 2 characters
, [AF
, AX
, AL
, DZ
, AS
, AD
, AO
, AI
, AQ
, AG
, AR
, AM
, AW
, AU
, AT
, AZ
, BH
, BS
, BD
, BB
, BY
, BE
, BZ
, BJ
, BM
, BT
, BO
, BQ
, BA
, BW
, BV
, BR
, IO
, BN
, BG
, BF
, BI
, KH
, CM
, CA
, CV
, KY
, CF
, TD
, CL
, CN
, CX
, CC
, CO
, KM
, CG
, CD
, CK
, CR
, CI
, HR
, CU
, CW
, CY
, CZ
, DK
, DJ
, DM
, DO
, EC
, EG
, SV
, GQ
, ER
, EE
, ET
, FK
, FO
, FJ
, FI
, FR
, GF
, PF
, TF
, GA
, GM
, GE
, DE
, GH
, GI
, GR
, GL
, GD
, GP
, GU
, GT
, GG
, GN
, GW
, GY
, HT
, HM
, VA
, HN
, HK
, HU
, IS
, IN
, ID
, IR
, IQ
, IE
, IM
, IL
, IT
, JM
, JP
, JE
, JO
, KZ
, KE
, KI
, KP
, KR
, KW
, KG
, LA
, LV
, LB
, LS
, LR
, LY
, LI
, LT
, LU
, MO
, MK
, MG
, MW
, MY
, MV
, ML
, MT
, MH
, MQ
, MR
, MU
, YT
, MX
, FM
, MD
, MC
, MN
, ME
, MS
, MA
, MZ
, MM
, NA
, NR
, NP
, NL
, NC
, NZ
, NI
, NE
, NG
, NU
, NF
, MP
, NO
, OM
, PK
, PW
, PS
, PA
, PG
, PY
, PE
, PH
, PN
, PL
, PT
, PR
, QA
, RE
, RO
, RU
, RW
, BL
, SH
, KN
, LC
, MF
, PM
, VC
, WS
, SM
, ST
, SA
, SN
, RS
, SC
, SL
, SG
, SX
, SK
, SI
, SB
, SO
, ZA
, GS
, SS
, ES
, LK
, SD
, SR
, SJ
, SZ
, SE
, CH
, SY
, TW
, TJ
, TZ
, TH
, TL
, TG
, TK
, TO
, TT
, TN
, TR
, TM
, TC
, TV
, UG
, UA
, AE
, GB
, US
, UM
, UY
, UZ
, VU
, VE
, VN
, VG
, VI
, WF
, EH
, YE
, ZM
, ZW
]
ISO 3166-1 Alpha-2 Country Code.
debtorAccount
object
required
A reference to either a BBAN or an IBAN of an account.
Possible values: <= 30 characters
Identifier that uniquely identifies an individual account at a specific financial institution in a particular country and which includes a bank identifier of the financial institution servicing that account.
Possible values: <= 34 characters
Expanded version of the basic bank account number (BBAN), structured as defined by ISO 13616-1:2007, intended for use internationally, which uniquely identifies an individual account at a specific financial institution, in a particular country.
Possible values: [AED
, AFN
, ALL
, AMD
, ANG
, AOA
, ARS
, AUD
, AWG
, AZN
, BAM
, BBD
, BDT
, BGN
, BHD
, BIF
, BMD
, BND
, BOB
, BRL
, BSD
, BTN
, BWP
, BYR
, BZD
, CAD
, CDF
, CHF
, CLP
, CNY
, COP
, CRC
, CUC
, CUP
, CVE
, CZK
, DJF
, DKK
, DOP
, DZD
, EGP
, ERN
, ETB
, EUR
, FJD
, FKP
, GBP
, GEL
, GGP
, GHS
, GIP
, GMD
, GNF
, GTQ
, GYD
, HKD
, HNL
, HRK
, HTG
, HUF
, IDR
, ILS
, IMP
, INR
, IQD
, IRR
, ISK
, JEP
, JMD
, JOD
, JPY
, KES
, KGS
, KHR
, KMF
, KPW
, KRW
, KWD
, KYD
, KZT
, LAK
, LBP
, LKR
, LRD
, LSL
, LYD
, MAD
, MDL
, MGA
, MKD
, MMK
, MNT
, MOP
, MRO
, MUR
, MVR
, MWK
, MXN
, MYR
, MZN
, NAD
, NGN
, NIO
, NOK
, NPR
, NZD
, OMR
, PAB
, PEN
, PGK
, PHP
, PKR
, PLN
, PYG
, QAR
, RON
, RSD
, RUB
, RWF
, SAR
, SBD
, SCR
, SDG
, SEK
, SGD
, SHP
, SLL
, SOS
, SPL
, SRD
, STD
, SVC
, SYP
, SZL
, THB
, TJS
, TMT
, TND
, TOP
, TRY
, TTD
, TVD
, TWD
, TZS
, UAH
, UGX
, USD
, UYU
, UZS
, VEF
, VND
, VUV
, WST
, XAF
, XCD
, XDR
, XOF
, XPF
, YER
, ZAR
, ZMW
, ZWD
]
ISO 4217 Alphabetic Currency Code.
Possible values: non-empty
and <= 140 characters
Unstructured representation of remittance information. Supported character encodings are ASCII and UTF-8. Note that this information may be truncated or change encoding during processing.
Possible values: [INVS
, SALA
, IDCP
, CASH
, CORT
, INTC
, PENS
, SSBE
, SUPP
, TAXS
, TREA
, VATX
, LOAN
, OTHR
]
Supported subset of ISO 20022 ExternalPurpose1Code.
Payment execution date as ISO 8601 Date.
Responses
- 201
- 400
- 401
- 403
- 404
- 500
CREATED
- application/json
- Schema
- Example (from schema)
Schema
Array [
]
Possible values: [ACCP
, ACSC
, ACSP
, ACTC
, ACWC
, ACWP
, RCVD
, PDNG
, RJCT
, CANC
, PART
]
transactionFees
object
Note that even though the contract sets a precision of 18 and a scale of 5, the provided fraction digits must adhere to the minor units as defined in ISO 4217 for the provided currency code.
Possible values: [AED
, AFN
, ALL
, AMD
, ANG
, AOA
, ARS
, AUD
, AWG
, AZN
, BAM
, BBD
, BDT
, BGN
, BHD
, BIF
, BMD
, BND
, BOB
, BRL
, BSD
, BTN
, BWP
, BYR
, BZD
, CAD
, CDF
, CHF
, CLP
, CNY
, COP
, CRC
, CUC
, CUP
, CVE
, CZK
, DJF
, DKK
, DOP
, DZD
, EGP
, ERN
, ETB
, EUR
, FJD
, FKP
, GBP
, GEL
, GGP
, GHS
, GIP
, GMD
, GNF
, GTQ
, GYD
, HKD
, HNL
, HRK
, HTG
, HUF
, IDR
, ILS
, IMP
, INR
, IQD
, IRR
, ISK
, JEP
, JMD
, JOD
, JPY
, KES
, KGS
, KHR
, KMF
, KPW
, KRW
, KWD
, KYD
, KZT
, LAK
, LBP
, LKR
, LRD
, LSL
, LYD
, MAD
, MDL
, MGA
, MKD
, MMK
, MNT
, MOP
, MRO
, MUR
, MVR
, MWK
, MXN
, MYR
, MZN
, NAD
, NGN
, NIO
, NOK
, NPR
, NZD
, OMR
, PAB
, PEN
, PGK
, PHP
, PKR
, PLN
, PYG
, QAR
, RON
, RSD
, RUB
, RWF
, SAR
, SBD
, SCR
, SDG
, SEK
, SGD
, SHP
, SLL
, SOS
, SPL
, SRD
, STD
, SVC
, SYP
, SZL
, THB
, TJS
, TMT
, TND
, TOP
, TRY
, TTD
, TVD
, TWD
, TZS
, UAH
, UGX
, USD
, UYU
, UZS
, VEF
, VND
, VUV
, WST
, XAF
, XCD
, XDR
, XOF
, XPF
, YER
, ZAR
, ZMW
, ZWD
]
ISO 4217 Alphabetic Currency Code.
Indicates if the created payment will incur a fee. The total transaction fee amount will then be available in the transactionFees property. This total will also include any currency conversion fees if applicable.
tppMessages
object[]
messages to the TPP on operational issues.
Possible values: [ERROR
, WARNING
]
Possible values: [SYSTEM_ERROR
, BAD_REQUEST
, FORBIDDEN
, NOT_FOUND
, CONFLICT
, HTTP_HEADER_REQUIRED
, QUERY_PARAMETER_REQUIRED
, SCA_NOT_FOUND
, SCA_EXPIRED
, SCA_INVALID
, FORMAT_ERROR
, RESOURCE_UNKNOWN
, PSU_CREDENTIALS_INVALID
, CONSENT_UNKNOWN
, CONSENT_INVALID
, CONSENT_EXPIRED
, ACCESS_EXCEEDED
, PRODUCT_UNKNOWN
, PRODUCT_INVALID
, KID_MISSING
, KID_INVALID
, PAYMENT_FAILED
, EXECUTION_DATE_INVALID
]
Possible values: <= 512 characters
Possible values: <= 512 characters
Text to be displayed to the PSU
_links
object
A collection of hyperlinks.
property name*
Link
Possible values: [GET
, PUT
, POST
, DELETE
]
{
"paymentId": "enc!!H6fD9HS7Y7peXJh1HqC34RFgGfF992bjabcRx5n==",
"transactionStatus": "RCVD",
"transactionFees": {
"amount": "100.33",
"currency": "NOK"
},
"transactionFeeIndicator": false,
"tppMessages": [
{
"category": "ERROR",
"code": "SYSTEM_ERROR",
"path": "/v1/payments/norwegian-domestic-credit-transfers",
"text": "Example text"
}
],
"psuMessage": "Preliminary calculated countervalue in NOK: 642.63",
"_links": {
"self": {
"href": "https://openbanking.paretobank.no/",
"verbs": [
"GET"
]
}
}
}
Bad Request
- application/json
- Schema
- Example (from schema)
- FORMAT_ERROR
Schema
{
"id": "5884127160",
"system": "ERA-PSD2",
"status": 400,
"code": "ERROR_CODE",
"message": "error message appears here"
}
{
"id": "5615873375",
"status": 400,
"system": "ERA-PSD2",
"code": "FORMAT_ERROR"
}
Unauthorized
- application/json
- Schema
- Example (from schema)
Schema
_links
object
property name*
Link
Possible values: [GET
, PUT
, POST
, DELETE
]
{
"_links": {
"scaRedirect": {
"href": "https://openbanking.paretobank.no/tap?route_secesb_id=1&flow=psd2&state=ca477daf-d824-4f0b-b405-6c8fc385dc0b&locale=no-NB, no; q=1.0",
"verbs": [
"GET"
]
}
}
}
Forbidden
- application/json
- Schema
- Example (from schema)
- PRODUCT_INVALID
Schema
{
"id": "5884127160",
"system": "ERA-PSD2",
"status": 400,
"code": "ERROR_CODE",
"message": "error message appears here"
}
{
"id": "5615873376",
"system": "ERA-PSD2",
"status": 403,
"code": "PRODUCT_INVALID"
}
Not Found
- application/json
- Schema
- Example (from schema)
- RESOURCE_UNKNOWN
Schema
{
"id": "5884127160",
"system": "ERA-PSD2",
"status": 400,
"code": "ERROR_CODE",
"message": "error message appears here"
}
{
"id": "5615873376",
"system": "ERA-PSD2",
"status": 404,
"code": "RESOURCE_UNKNOWN"
}
Internal Server Error
- application/json
- Schema
- Example (from schema)
- SYSTEM_ERROR
Schema
{
"id": "5884127160",
"system": "ERA-PSD2",
"status": 400,
"code": "ERROR_CODE",
"message": "error message appears here"
}
{
"id": "5615873378",
"system": "ERA-PSD2",
"status": 500,
"code": "SYSTEM_ERROR"
}