Account Details

Account Details

ReadAccountsDetail permission

If the request asks for all the accounts without AccountId in the query, detailed permission for the accounts will be given as bulk. If there is an AccountId in the query to retrieve account resource details, the detailed account information response will be only for the account.

ReadAccountsDetail permission will provide all the account details which include currency of the account, the nickname of account (E.g. ‘Jakes Household account’), account name, sort code, account number, IBAN, roll number (used for building society).

Selected Permission can be customized on the Account Access Permission wrapper. Forbidden Message can be rewritten to inform TPPs about why the request has been rejected. The message will be used as a response body to inform TPP when the ApiGo server understood the request but refuses to authorize it due to lack of valid consent.

To reach account details, consent, which as previously mentioned, must be taken. The consent needs to include the permissions depends on TPP business needs. The response will include an authorization URL which is providing a path to TPP to reach account information services.

ApiGo will inform PSU about the application request to take its permission. PSU can select and confirm the accounts to be shared with TPPs. Also, if PSU does not give permission to TPP, the process may be ended and TPP cannot reach the related services.

After the consent has been confirmed, TPP can call an account information service to reach account details. AIS needs to be called with the token, which is taken with the authorization code. To reach account details, TPP can be authorized with PSU’s all accounts or for only specific ones. Depends on TPP’s business needs and services, the selection can be specialized. ApiGo provides both kinds of endpoints mentioned on UK Open Banking Standards.

The request sent by TPP will be responded with the body containing the account basics and details. If there is no available consent to reach account details, the gateway will respond to the request with the forbidden message which can be defined with policy details on Management Portal.

A sample consent body without account details has been sending to the gateway in the following instance. When TPP sends a request with the consent which is not allowed to read account details, it will respond to the message, consent is not contained relevant permission to this account. So, if the consent has been taken without relevant permission, the response will be like the following body.

ReadBalances permission

The balance endpoint configured with Account Access Permission Policy - ReadBalances permission represents the net increases and decreases (as bulk or for a specific account) at a specific point in time. ReadBalances Permission can be customized on the Account Access Permission wrapper. Forbidden Message can be rewritten to inform TPPs about why the request has been rejected.

With ApiGo, ASPSP can implement both the bulk and specific retrieval endpoints, an TPP may optionally reach the account information services in bulk or only for an account. For bulk, the resources can be retrieved for all authorized accounts linked to the account request. By giving related AccountId in the query of the request, an TPP can send a request and be successfully responded to for a specific account.

After the consent with ReadBalances permission has been approved, TPP can call an account information service to reach balances. AIS needs to be called with the token which is taken with authorization code. The request will be responded with the body includes balance basics and details.