Account information - Hello bank!

v1.5.3 based on STET v1.4.1.3
Provided by:
PSD2 Team
Status:
Live
Category:
PSD2
Last update:
2023-11-17
Tags
AISP
HB!
HelloBank!
PSD2
DSP2
Contact the API Owner

This API intends to provide an interface between

  • Account Servicing Payment Service Providers (ASPSP)
  • A.I.S.P (Account Information Service Provider)

This API is based on STET API version 1.4.1.3.

Swagger versions

Version Description
1.5.3 From 13-SEP-2023
Since 25 July 2023, PSU refresh token changed: 90 days to 180 days.
1.5.2 From 11-APR-2023
- Sandbox (11 APR 2023) and Live (06 JUN 2023):

/owners :
Return owner : real person or a company.
- In the first case, the name of the real person owning the account is provided in [Identity] block.
 - In the second case, the identity of the company owning the account is provided in [company] block.
1.5.1 From 15-FEB-2021
Sandbox (15 Feb 2021) and Live (23 Mar 2021):
/transactions :
New status of transaction is returned : OTHR, détails :
. BOOK : Accounted transaction
 . PDNG : Future transaction included in Instant Balance (XPCD) - PROVIDED ONLY for HelloBank! Account
 . OTHR : Future transaction
/transactions :
New transaction codification is returned : bankTransactionCode / code - NOT PROVIDED for MaBanque Account
Unchanged links :
Sandbox : https://api.sandbox.bddf.bnpparibas/psd2-sandbox/hellobank/V1.4
Live : https://api-psd2.bddf.bnpparibas/psd2/hellobank/V1.4
1.4.1 From 22-SEP-2020 (Live)

/trusted-beneficiaries : Trusted beneficiaries are returned.
1.3.0 From 11-MAY-2020
- Sandbox (11 May 2020) and Live (18 May 2020):
/accounts : Mark account is specified in data “details”.
/balances : ReferenceDate is returned.
/transactions :
EntryReference is only provided for booked transactions.
 ValueDate is returned only for professional clients (see data “usage” from /accounts).
 TransactionDate is deprecated. This data should not be used.
 New controls DateTo / DateFrom / AfterEntryReference (See Details).
 DateTo / DateFrom : max 3 months period is returned.
- Sandbox only (11 May 2020):
/trusted-beneficiaries : Trusted beneficiaries are returned
 /balances : Data "name" aligned with live balance value.
1.2.1 From 23-JAN-2020
- Sandbox : PSU consent will be valid only for 5 days. Therefore, in order to access continually to PSU AISP fake data it will be necessary to strongly authenticate the PSU at least each 5 days (by calling the /authorize endpoint).

From 20-JAN-2020
- Sandbox and Live : Update of Callback Links (no change of URLs to access our APIs).
- Sandbox and Live : only for Hello bank! accounts, new balance is returned (instant balance - XPCD).
1.1.0 From 27-NOV-2019 : Iban is returned.
1.0.0 From 12-JUL-2019 : Initial Version.


Details of implementation

Details of implementation
/consents Full-AISP model is implemented (A1 from the STET documentation) therefore PUT/consent endpoint is not implemented.
/authorize Time of validity of PSU refresh token is aligned with the strong Customer Authentication.
PSU refresh token is valid for 180 days.
Specially for Sandbox, PSU refresh token is valid for 5 days in order to facilitate the TPP's tests.
/accounts Only payment accounts (cash accounts).
Datas following are not returned in this endpoint:
- List of card based transactions
- List of balances
- Identity of the account owner
/balances See below for details.
/transactions Transactions are sent from newest to oldest booking date.
Deferred debit card transactions are integrated with others transactions.
No pagination data.
DateTo / DateFrom : max 3 months period is returned.
/owners See below for details.
/end-user-identity Civility, last and first name of the end-user are returned.
In case of professional client, the Social Reason is returned instead of civility, last and first name of the end-user.
/trusted-beneficiaries Trusted-beneficiaries are returned.
No pagination data.


To access PSD2 BNP PARIBAS French Retail Banking API, scope Hello Bank!, please use one of the following links :

URL
PSD2 Sandbox (test data) https://api.sandbox.bddf.bnpparibas/psd2-sandbox/hellobank/V1.4
PSD2 Production (live data) https://api-psd2.bddf.bnpparibas/psd2/hellobank/V1.4

How to use sandbox API ?

  <table border="2">
    <thead>
      <tr>
        <td>&nbsp;</td>
        <td style="text-align:center">Details of implementation</td>
      </tr>
    </thead>
    <tbody>
      <tr>
        <td style="text-align:center">AISP sandbox data</td>
        <td style="padding: 10px">- The data are fictive. We put the accounts list of fictive users at TPP's disposal.<br/> - Different static fictive balances and transactions are available, depending on the date of the request.<br/>- The transactions are sent from newest  to oldest bookingDate. <br/>- There's no consistency between the balances and the transactions.</td>
      </tr>
      <tr>
        <td style="text-align:center">AISP sandbox dataset</td>
        <td style="padding: 10px">
        <table border="1">
          <thead>
            <tr>
              <td style="text-align:center">User Id</td>
              <td style="text-align:center">Dataset</td>
            </tr>
          </thead>
          <tbody>
            <tr>
              <td style="text-align:center">1231231231</td>
              <td style="padding: 10px">6 accounts in EUR => 5 individual accounts (3 individual customers and 2 professionals) and 1 co-account (individual account). <br/>+ 19 trusted-beneficiaries</td>
            </tr>
            <tr>
              <td style="text-align:center">8569856952</td>
              <td style="padding: 10px">1 co-account in EUR  (individual account). <br/>+ 19 trusted-beneficiaries</td>
            </tr>
            <tr>
              <td style="text-align:center">639828919</td>
              <td style="padding: 10px">2 HelloBank! accounts with instant balance.</td>
            </tr>
            <tr>
              <td style="text-align:center">1902163085</td>
              <td style="padding: 10px">HelloBank! account with instant balance and 1 MaBanque account without instant balance.</td>
            </tr>
            <tr>
              <td style="text-align:center">8712035648</td>
              <td style="padding: 10px">TPP is no longer authorized by its NCA (non-passing-case).</td>
            </tr>
            <tr>
              <td style="text-align:center">8712035648</td>
              <td style="padding: 10px">PSU has no payment account (non-passing-case).</td>
            </tr>
            <tr>
              <td style="text-align:center">5668994185</td>
              <td style="padding: 10px">TPP is no longer authorized by the PSU (non-passing-case).</td>
            </tr>
            <tr>
              <td style="text-align:center">9999999999</td>
              <td style="padding: 10px">No trusted beneficiaries</td>
            </tr>
          </tbody>
        </table>
        </td>
      </tr>
      <tr>
        <td style="text-align:center">PSU Identification / Authentication</td>
        <td style="padding: 10px">- The PSU identification / authentication is needed at the first step of the PSU sandbox AISP Journey. The password is '785149' for all the users. <br/> -  For the PSU SCA in sandbox, only SMS OTP is available in the user interface ; no control is applied as long as numbers are full-filled. The password to test the non-passing case is "00000".<br/></td>
      </tr>
    </tbody>
  </table>

The API is designed on a REST model using JSON structures. The Richardson Maturity Model is applied on level three using HAL HYPERMEDIA links