...
An AISP will be given the full list of accounts (the AccountId(s)) that the user/customer has authorised the AISP to access. The AccountId(s) returned may then be used to retrieve other resources for a specific AccountId. The selection of authorised accounts happens only at the ASPSP's ASPSP’s interface.
2.2 GET /accounts/{AccountId}
...
The Account and Servicer structure has been designed to:
Reflect the DebtorAccount, CreditorAccount and CreditorAgent structures in the PISP use case.
Having a SchemeName for the Account and Servicer blocks means we can be flexible to accommodate multiple types of accounts.
For common Domestic Bahrain identification schemes:
Account/Account
Where "BH.OBF. IBAN" is specified as the SchemeName, the Identification field must be populated with the full IBAN
Where "BH.OBF.PAN" is specified as the SchemeName, the Identification field must be populated with the primary PAN linked to the account. An ASPSP may choose to mask digits returned in the Identification field
Account/Servicer
Where "BH.OBF. BICFI" is populated as the SchemeName, the Identification field must be populated with the BIC.
3.4 Permission Codes
The resource differs depending on the permissions (ReadAccountsBasic and ReadAccountsDetail) used to access the resource. In the event that the resource is accessed with both ReadAccountsBasic and ReadAccountsDetail, the most detailed level (ReadAccountsDetail) must be used.
...