This API intends to provide an interface between
- Account Servicing Payment Service Providers (ASPSP)
- Third Party (Payment Service) Providers (TPP)
This API is based on STET API version 1.4.1.3.
TPP may act with different roles as described below:
- Account Information Service Providers (AISP)
- Payment Initiation Service Providers (PISP)
- Card Based Payment Instrument Issuers (CBPII)
The Payment Service User (PSU) is the owner of the accounts held by the ASPSP and gives accreditations to the TPP in order to access his accounts information or initiates payment from these accounts
To access PSD2 BNP PARIBAS French Retail Banking API, please use one of the following links :
URL | |
PSD2 Sandbox (test data) | https://api.sandbox.bddf.bnpparibas/psd2-sandbox/corporate/V1.4 |
PSD2 Production (live data) | https://api-psd2.bddf.bnpparibas/psd2/corporate/V1.4 |
Details of the sandbox PISP implementation
Details of implementation | |
PISP sandbox data | - The payment data are those transmitted by the TPP in the payment request endpoint. Only fake payment data must be sent in the body request : no confidential nor personnal data must be submitted. - The payment data transmitted by the TPP in the request body of the sandbox APIs will not be subjected to coherence controls.. - In order to allow the TPP to test the different status after PSU validation : - if last digit of the amount (including decimals) is even : payment status is executed - if last digit of the amount (including decimals) is odd : payment status is rejected - If there is no debtor account submitted in the POST /payment-request, a default debtor account will be set by the ASPSP in the GET /payment-request. |
PSU Identification / Authentication | - The PSU identification / authentication is needed at the first step of the PSU sandbox PISP journey. The password is '785149' for all the users (all users id are accepted). - For the PSU SCA in sandbox, only Transfer Secured Card is available in the user interface ; no control is applied as long as numbers are full-filled. |
The API is designed on a REST model using JSON structures.
The Richardson Maturity Model is applied on level three using HAL HYPERMEDIA links