1. Overview
The Bulk/Batch Payment Consents resource is used by a PISP to register an intent to initiate a Bulk/Batch Payment.
This resource description should be read in conjunction with a compatible Payment Initiation API Profile.
2. Endpoints
Endpoints for the resource - and available methods.
S. No. | Resource | HTTP Operation | Endpoint | Mandatory | Scope | Grant Type | Message Signing | Idempotency Key | Request Object | Response Object |
2.1 | file-payment-consents | POST | POST /file-payment-consents | Conditional | payments | Client Credentials | Signed Request Signed Response | Yes | OBWriteFileConsent | OBWriteFileConsentResponse |
2.2 | file-payment-consents | POST | POST /file-payment-consents/{ConsentId}/file | Conditional | payments | Client Credentials | Signed Request Signed Response | Yes | File | NA |
2.3 | file-payment-consents | GET | GET /file-payment-consents/{ConsentId} | Mandatory (if resource POST implemented) | payments | Client Credentials | Signed Response | No | NA | OBWriteFileConsentResponse |
2.4 | file-payment-consents | GET | GET /file-payment-consents/{ConsentId}/file | Conditional | payments | Client Credentials | Signed Response | No | NA | File |
2.1 POST/file-payment-consents
The API endpoint allows the PISP to ask an ASPSP to create a new file-payment-consents resource.
The POST action indicates to the ASPSP that a file payment consent has been staged. At this point, the user/customer may not have been identified by the ASPSP and the request payload may not contain any information of the account(s) that should be debited.
The endpoint allows the PISP to send metadata of the consent (between user/customer and PISP) to the ASPSP .
The metadata of the consent must include the FileContextFormat of the request.
The metadata of the consent must include the FileHash, which is a base64 encoding of a SHA256 hash of the file to be uploaded.
The ASPSP creates the file-payment-consents resource and responds with a unique ConsentId to refer to the resource.
2.1.1 Status
The default Status is "AwaitingUpload" immediately after the file-payment-consent has been created.
Status |
AwaitingUpload |
2.2 POST/file-payment-consents/{ConsentId}/file
The API endpoint allows the PISP to upload a file to an ASPSP , against a file-payment-consents resource.
The endpoint allows the PISP to send a copy of the consent (between user/customer and PISP) to the ASPSP for the user/customer to authorise. The PISP must upload the file against the ConsentId before redirecting the user/customer to authorise the consent.
The file structure must match the FileContextFormat in the file-payment-consent request.
An ASPSP must confirm the hash of the file matches with the FileHash provided in the file-payment-consent Metadata.
The metadata for the file-payment-consent must match the contents of the uploaded file:
If the content of the metadata does not match the content of the file, the ASPSP must reject the file-payment-consent.
The file is sent in the HTTP request body.
HTTP headers (e.g. Content-Type) are used to describe the file.
2.2.1 Status
The default Status is "AwaitingAuthorisation" immediately after the file has been uploaded.
Status |
AwaitingAuthorisation |
2.3 GET/file-payment-consents/{ConsentId}
A PISP can optionally retrieve a payment consents resource that they have created to check its status.
2.3.1 Status
Once the user/customer authorises the payment-consents resource, the Status of the payment-consents resource will be updated with "Authorised".
If the user/customer rejects the consent or the file-payment-consent has failed some other ASPSP validation, the Status will be set to "Rejected".
Once a file-payment has been successfully created using the file-payment-consent, the Status of the file-payment-consent will be set to "Consumed".
The available Status codes for the file-payment-consents resource are:
Status |
AwaitingUpload |
AwaitingAuthorisation |
Rejected |
Authorised |
Consumed |
2.4 GET/file-payment-consents/{ConsentId}/file
The API endpoint allows the PISP to download a file (that had been uploaded against a file-payment-consents resource) from an ASPSP .
The file is sent in the HTTP response body.
HTTP headers (e.g. Content-Type) are used to describe the file.
2.5 State Model
2.5.1 Payment Order Consent
The state model for the file-payment-consents resource follows the generic consent state model.
The definitions for the Status:
S.No. | Status | Status Definition |
1 | AwaitingUpload | The file for the consent resource is awaiting upload. |
2 | AwaitingAuthorisation | The consent resource is awaiting user/customer authorisation. |
3 | Rejected | The consent resource has been rejected. |
4 | Authorised | The consent resource has been successfully authorised. |
5 | Consumed | The consented action has been successfully completed. This does not reflect the status of the consented action |
3. Data Model
The Data Dictionary section gives the detail on the payload content for the File Payment API flows.
3.1 OBFileInitiation (Reused Classes)
This section describes the OBFileInitiation class, which is reused as the Initiation object in the file-payment-consents resource.
3.1.1 UML Diagram
3.1.2 Notes
For the OBFile Initiation object:
All elements in the Initiation payload that are specified by the PISP must not be changed via the ASPSP , as this is part of formal consent from the user/customer.
If the ASPSP is able to establish a problem with payload or any contextual error during the API call, the ASPSP must reject the file-payment-consent request immediately.
If the ASPSP establishes a problem with the file-payment-consent after the API call, the ASPSP must set the Status of the file-payment-consents resource to Rejected.
The DebtorAccount is optional, as the PISP may not know the account identification details for the user/customer.
If the DebtorAccount is specified by the PISP and is invalid for the user/customer- then the file-payment-consent will be set to Rejected after user/customer authentication.
An ASPSP may choose which fields must be populated to process a specified FileContextFormat, and may reject the request if the fields are not populated. These ASPSP specific requirements must be documented.
An ASPSP may choose which fields must not be populated to process a specified FileContextFormat, and may reject the request if the fields are populated. These ASPSP specific requirements must be documented
3.1.3 Data Dictionary
Name | Occurrence | XPath | Definition | Class/ Datatype | Codes | Pattern |
OBFileInitiation |
| OBFileInitiation | The Initiation payload is sent by the initiating party to the ASPSP . It is used to request movement of funds using a payment file. | OBFileInitiation |
|
|
FileContextFormat | 1..1 | OBFileInitiation/FileContextFormat | Specifies the payment file type. | String | Enum:
|
|
FileHash | 1..1 | OBFileInitiation/FileHash | A base64 encoding of a SHA256 hash of the file to be uploaded. | String |
|
|
FileReference | 0..1 | OBFileInitiation/FileReference | Reference for the file. | String |
|
|
NumberOfTransactions | 0..1 | OBFileInitiation/NumberOfTransactions | Number of individual transactions contained in the payment information group. | String |
| [0-9]{1,15} |
ControlSum | 0..1 | OBFileInitiation/ControlSum | Total of all individual amounts included in the group, irrespective of currencies. | Number |
|
|
RequestedExecutionDateTime | 0..1 | OBFileInitiation/RequestedExecutionDateTime | Date at which the initiating party requests the clearing agent to process the payment. Usage: This is the date on which the debtor's account is to be debited. | DateTime |
|
|
LocalInstrument | 0..1 | OBFileInitiation/LocalInstrument | User community specific instrument. Usage: This element is used to specify a local instrument, local clearing option and/or further qualify the service or service level. | String | Enum:
|
|
DebtorAccount | 0..1 | OBFileInitiation/DebtorAccount | Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction. | OBFileInitiation/DebtorAccount |
|
|
SchemeName | 1..1 | OBFileInitiation/DebtorAccount/SchemeName | Name of the identification scheme, in a coded form as published in an external list. | String | Enum:
|
|
Identification | 1..1 | OBFileInitiation/DebtorAccount/Identification | Identification assigned by an institution to identify an account. This identification is known by the account owner. | String |
|
|
Name | 0..1 | OBFileInitiation/DebtorAccount/Name | The account name is the name or names of the account owner(s) represented at an account level, as displayed by the ASPSP’s online channels. Note, the account name is not the product name or the nickname of the account. | String |
|
|
RemittanceInformation | 0..1 | OBFileInitiation/RemittanceInformation | Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system. | OBFileInitiation/RemittanceInformation |
|
|
RemittanceDescription | 0..1 | OBFileInitiation/RemittanceInformation/ RemittanceDescription | Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form. | String |
|
|
Reference | 0..1 | OBFileInitiation/RemittanceInformation/Reference | Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification. | String |
|
|
SupplementaryData | 0..1 | OBFileInitiation/SupplementaryData | Additional information that cannot be captured in the structured fields and/or any other specific block. | OBSupplementaryData |
|
3.2 File Payment Consent – Request
The OBWriteFileConsent object will be used for the call to:
POST /file-payment-consents
3.2.1 UML Diagram
3.2.2 Notes
The file-payment-consent request contains these objects:
Initiation
Authorisation
SCASupportData
For the file-payment-consent request object:
There is no Risk section in the OBWriteFileConsent object - as this is not relevant for a file payment
3.2.3 Data Dictionary
Name | Occurrence | XPath | Definition | Class/ Datatype | Codes | Pattern |
OBWriteFileConsent |
| OBWriteFileConsent |
| OBWriteFileConsent |
|
|
Data | 1..1 | OBWriteFileConsent/Data |
| OBWriteFileConsent/Data |
|
|
Initiation | 1..1 | OBWriteFileConsent/Data/Initiation | The Initiation payload is sent by the initiating party to the ASPSP . It is used to request movement of funds using a payment file. | OBFileInitiation |
|
|
Authorisation | 0..1 | OBWriteFileConsent/Data/Authorisation | The authorisation type request from the PISP. | OBAuthorisation |
|
|
SCASupportData | 0..1 | OBWriteFileConsent/Data/SCASupportData | Supporting Data provided by PISP, when requesting SCA Exemption. | OBSCASupportData |
|
|
3.3 File Payment Consent - Response
The OBWriteFileConsentResponse object will be used for a response to a call to:
POST /file-payment-consents
GET /file-payment-consents/{ConsentId}
3.3.1 UML Diagram
3.3.2 Notes
The file-payment-consent response contains the full original payload from the file-payment-consent request with these additional elements:
ConsentId.
CreationDateTime the file-payment-consents resource was created.
Status and StatusUpdateDateTime of the file-payment-consents resource.
CutOffDateTime Behaviour is explained in Payment Initiation API Profile, Section -Payment Restrictions -> CutOffDateTime Behaviour.
Charges array - for the breakdown of applicable ASPSP charges
Post successful user/customer Authentication, an ASPSP may provide Debtor/Name in the Payment Order Consent Response, even when the Payer did not provide the Debtor Account via PISP
3.3.3 Data Dictionary
Name | Occurrence | XPath | Definition | Class/ Datatype | Codes | Pattern |
OBWriteFileConsentResponse |
| OBWriteFileConsentResponse |
| OBWriteFileConsentResponse |
|
|
Data | 1..1 | OBWriteFileConsentResponse/Data |
| OBWriteFileConsentResponse/Data |
|
|
ConsentId | 1..1 | OBWriteFileConsentResponse/Data/ConsentId | OB: Unique identification as assigned by the ASPSP to uniquely identify the consent resource. | String |
|
|
CreationDateTime | 1..1 | OBWriteFileConsentResponse/Data/CreationDateTime | Date and time at which the resource was created. | DateTime |
|
|
Status | 1..1 | OBWriteFileConsentResponse/Data/Status | Specifies the status of consent resource in code form. | String | Enum:
|
|
StatusUpdateDateTime | 1..1 | OBWriteFileConsentResponse/Data/StatusUpdateDateTime | Date and time at which the consent resource status was updated. | DateTime |
|
|
CutOffDateTime | 0..1 | OBWriteFileConsentResponse/Data/CutOffDateTime | Specified cut-off date and time for the payment consent. | DateTime |
|
|
Charges | 0..n | OBWriteFileConsentResponse/Data/Charges | Set of elements used to provide details of a charge for the payment initiation. | OBCharge |
|
|
Initiation | 1..1 | OBWriteFileConsentResponse/Data/Initiation | The Initiation payload is sent by the initiating party to the ASPSP . It is used to request movement of funds using a payment file. | OBFileInitiation |
|
|
Authorisation | 0..1 | OBWriteFileConsentResponse/Data/Authorisation | The authorisation type request from the PISP. | OBAuthorisation |
|
|
SCASupportData | 0..1 | OBWriteFileConsentResponse/Data/SCASupportData | Supporting Data provided by PISP, when requesting SCA Exemption. | OBSCASupportData |
|
|
Debtor | 0..1 | OBWriteFileConsentResponse/Data/Debtor | Set of elements used to identify a person or an organisation | OBWriteFileConsentResponse/Data/Debtor |
|
|
Name | 1..1 | OBWriteFileConsentResponse/Data/Debtor/Name | The account name is the name or names of the account owner(s) represented at an account level, as displayed by the ASPSP’s online channels. Note: The account name is not the product name or the nickname of the account. | String |
|
|
4. Usage Example
4.1 POST /file-payment-consents
4.1.1 Request
|
|
4.1.2 Response
|
|
4.2 POST /file-payment-consents/{ConsentId}/file
4.2.1 Request
|
4.2.2 Response
|