Initiate and Authorize PIS payment

General information

  • To create Payment Order and execute it, it must be Initiated and then Authorized. In this flow, payments will be authorized using Redirection model.
  • To access Open Banking Payment Initiation Service (OB-PSD2-PIS) API, your DevApp should include PSD2 PAYMENT INITIATION SERVICES API API product
  • Access Token must include psd2-pis scope
  • PSD2 PIS API currently supports SEPA-SCT and SEPA-SCT-Inst payments.
  • For Financial Institutions, when making payments on behalf of their clients, it is mandatory to provide full name of Ultimate Debtor. Use ultimateDebtor.name  property.
  • Please do not use ultimateDebtor property if is not applicable to your case.
  • Collection of PSD2 APIs is here.

Payment flow

  • TPP, in their application (Agent) presents payment form to the PSU
  • PSU fill the details
  • Agent forwards data to the TPP backend
  • TPP Backend calls Initiate Payment API with payment details and Access Token with psd2-pis scope
  • ConnectPay validates data and creates Payment Order resource. In API Response will be property _links.scaRedirect.href with URL to ConnectPay Auth webapp where to redirect PSU for payment authorization
  • TPP redirects Agent to above mentioned link.
    • Please always use full redirect, so PSU would be able to see ConnectPay URL in browser window. Embeding ConnectPay webapp into TPP interface via iFrame or other options is not allowed.
  • PSU will login with own ConnectPay’s credentials and confirm or reject payment.
  • Auth webapp will redirect browser back to TPP website using RedirectUrl that TPP provided in Initialize Payment request.
  • If, after rerdirection back, URL will have query parameter error – it means something went wrong with Auth request. Find and fix cause of error and initialize new payment.
  • If URL is without eror parameter – Authorization process was successful. Check Payment status from your backend using Payment Status API or Payment Information API.
  • Payment Authorization status can be checked using this Payment Authorization Status API. Possible statuses explained in the table below.
CodeDescription
receivedAn authorisation or cancellation-authorisation resource has been created successfully.
psuIdentifiedThe PSU related to the authorisation or cancellation-authorisation resource has been identified.
psuAuthenticatedThe PSU related to the authorisation or cancellation-authorisation resource has been identified and authenticated e.g. by a password or by an access token.
scaMethodSelectedThe PSU/TPP has selected the related SCA routine. If the SCA method is chosen implicitly since only one SCA method is available, then this is the first status to be reported instead of “received”.
startedThe addressed SCA routine has been started.
unconfirmedSCA is technically successfully finalised by the PSU, but the authorisation resource needs a confirmation command by the TPP yet.
finalisedThe SCA routine has been finalised successfully (including a potential confirmation command). This is a final status of the authorisation resource.
failedThe SCA routine failed. This is a final status of the authorisation resource.
exemptedSCA was exempted for the related transaction, the related authorisation is successful. This is a final status of the authorisation resource.

Scroll to Top