Account information - Ma Banque Entreprise

Provided by PSD2 Team
Last update 26.11.2025
Status Live
Version v1.4.1 based on STET v1.4.1.3
Category PSD2
API Product(s)
Country
User profile
Tags
#ACCOUNT INFORMATION
BNP
AISP
Description

This API intends to provide an interface between

  • Account Servicing Payment Service Providers (ASPSP)
  • A.I.S.P (Account Information Service Provider)

This API is based on STET API version 1.4.1.3.

Swagger versions

Version Description
1.4.1 From 24-NOV-2025
- Sandbox (24 NOV 2025) and Live (24 NOV 2025):

Return informations cards.
1.3.3 From 13-SEP-2023
Since 25 July 2023, PSU refresh token changed: 24 hours to 180 days.
1.3.2 From 11-APR-2023
- Sandbox (11 APR 2023) and Live (06 JUN 2023):

/owners :
Return owner : real person or a company.
- In the first case, the name of the real person owning the account is provided in [Identity] block.
 - In the second case, the identity of the company owning the account is provided in [company] block.
1.3.1 From FEB-2022
/transactions :
List of transactions is limited to : 700 accounted transactions and 700 pending transactions returned (like "MaBanque Entreprise" Web-Banking).
1.3.0 From 11-MAY-2020
- Sandbox (only) :
/balances : ReferenceDate is returned.
/balances : Data "name" aligned with live balance value.
/transactions :
ValueDate is returned only for professional clients (see data “usage” from /accounts).
 TransactionDate is deprecated. This data should not be used.
 New controls DateTo / DateFrom (See Details).
 DateTo / DateFrom : max 15 days period is returned.
1.2.1 From 23-JAN-2020
-Sandbox : PSU consent will be valid only for 5 days. Therefore, in order to access continually to PSU AISP fake data it will be necessary to strongly authenticate the PSU at least each 5 days (by calling the /authorize endpoint).

From 20-JAN-2020
- Sandbox and Live : Update of Callback Links (no change of URLs to access our APIs).
1.1.0 From 27-NOV-2019 : Iban is returned.
1.0.0 From 05-SEP-2019 : Initial Version.

Accounts - Details of implementation

Accounts -Details of implementation
/consents Full-AISP model is implemented (A1 from the STET documentation) therefore PUT/consent endpoint is not implemented.
/authorize Time of validity of PSU refresh token is aligned with the Strong Customer Authentication.
PSU refresh token is valid for 180 days.
/accounts Only payment accounts (cash accounts).
Datas following are not returned in this endpoint:
- List of card based transactions
- List of balances
- Identity of the account owner
/balances See below for details

If there is no future transactions, future balance (OTHR) is not returned
/transactions Transactions are sent from newest to oldest booking date.
Deferred debit card transactions are integrated with others transactions.
No pagination data.
DateTo / DateFrom : max 15 days period is returned.
/owners See below for details.
/end-user-identity Civility, last and first name of the end-user are returned.
/trusted-beneficiaries Not implemented yet.

Cards - Details of implementation

Apis Cards - Details of implementation
/accounts-cards Only payment account's cards (cash accounts) are returned.
/balances Sum of upcoming card transactions.
/transactions Card transactions are sent from newest to oldest transaction date.
No pagination data.
DateTo / DateFrom : max 15 days period is returned.
/owners Card holder (firstname, lastname).

To access PSD2 BNP PARIBAS French Retail Banking API, please use one of the following links :

URL
PSD2 Sandbox (test data) with eIDAS certificate https://api.sandbox.bddf.bnpparibas/psd2-sandbox/corporate/V1.4
PSD2 Production (live data) https://api-psd2.bddf.bnpparibas/psd2/corporate/V1.4

How to use sandbox API ?

Details of implementation
AISP sandbox data - The data are fictive. We put the accounts list of fictive users at TPP's disposal.
- Different static fictive balances and transactions are available, depending on the date of the request.
- The transactions are sent from newest to oldest bookingDate.
- There's no consistency between the balances and the transactions.
AISP sandbox dataset
User Id Dataset
72318812 2 accounts in EUR and USD / 2 cards in EUR
22319812 13 accounts (11 in EUR and 2 in USD) / 3 cards in EUR
32317812 9 accounts (7 in EUR and 2 in USD)
97317812 1 account in EUR (this user did not subscribe to our online service for corporates allowing to consult transactions over 90 days) / 1 cards in EUR
73178881 No enterprise authorization given to allow the TPP to access to accounts data (non passing-case)
55317817 PSU has no payment account (non passing-case).
55317817 This user did not subscribe to our online service for corporates allowing to consult transactions (non passing-case)

PSU Identification / Authentication - The PSU identification / authentication is needed at the first step of the PSU sandbox AISP Journey. The password is '785149' for all the users.
The API is designed on a REST model using JSON structures. The Richardson Maturity Model is applied on level three using HAL HYPERMEDIA links