diff --git a/postman_collections/PostmanApitest/pds2-api/datasets/my_accounts-Query_for_Balance_Check.json b/postman_collections/PostmanApitest/pds2-api/datasets/my_accounts-Query_for_Balance_Check.json
new file mode 100644
index 00000000..1bbe412e
--- /dev/null
+++ b/postman_collections/PostmanApitest/pds2-api/datasets/my_accounts-Query_for_Balance_Check.json
@@ -0,0 +1,263 @@
+[
+ {
+ "X-Request-ID": "0f1a9f4a-0d7e-46f2-9cb2-8e4f0c7a2a06",
+ "Date": "2026-03-26T09:10:11Z",
+ "Digest": "SHA-256=5Yyq1r3U8oVd8QKf1xM7mO2lXxk2n0yQ7pFZp5tV4yA=",
+ "Signature": "keyId=\"tpp-001\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"abcDEF123+/==\"",
+ "TPP-Signature-Certificate": "MIIDdzCCAl+gAwIBAgIUW2kV8bQmY7aN7o7g2e1+3zZlJd0wDQYJKoZIhvcNAQELBQAw",
+ "User-Involved": true,
+ "TPP-Name": "FinServe Ltd",
+ "exchangeIdentification": "658576010faf0a23dc",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "d4a9e7f1-2b8c-4c2e-9d1a-6b7c8d9e0f10",
+ "Date": "2026-03-26T09:15:00Z",
+ "Digest": "SHA-256=Q2hlY2tzdW1TZWFsamRrc2RrMTIzNDU2Nzg5MA==",
+ "Signature": "keyId=\"tpp-002\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"mnoPQR456+/==\"",
+ "TPP-Signature-Certificate": "MIICxjCCAa6gAwIBAgIJAL2aJ9k6kz7SMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNVBAMMCHRwcC1jZXJ0MB4XDTI2MDMyNjA5MTUwMFoXDTI3MDMyNjA5MTUwMFowEzERMA8GA1UEAwwIdHBwLWNlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6O7xJ1C9oX2M3CjLz8h2bQf8q5Yz5ZfD8QbCq7o8SxXf4m0G+0o0OQ8H8wQeXwJ6wQ6b8b9x5J1T3vJc5mM9Lw9nJ8B7sX1YxU1iOe3Hj7xqgWvH9oB8RzF6K8a8YkO9bS3YQIDAQABo1AwTjAdBgNVHQ4EFgQUcQq7h6yC8zqjO1f1VYF9D6m0h5kwHwYDVR0jBBgwFoAUcQq7h6yC8zqjO1f1VYF9D6m0h5kwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAVlP1YcB8yaYwX6R8q6u3cX8lS3i6w3t5qQ==",
+ "User-Involved": false,
+ "TPP-Name": "Acme Payments AG",
+ "exchangeIdentification": "9f8e7d6c5b4a3912",
+ "debtorAccount.identification.iban": "DE89370400440532013000",
+ "debtorAccount.currency": "EUR",
+ "transactionDetails.totalAmount": 49.99,
+ "transactionDetails.currency": "EUR",
+ "card.cardholderName": "Jane Doe",
+ "card.maskedPAN": "411111******1111",
+ "merchant.identification": "MRC-908172",
+ "merchant.shortName": "CoffeeCo",
+ "merchant.commonName": "Coffee Company GmbH",
+ "merchant.merchantCategoryCode": "5812",
+ "merchant.type": "E_COMMERCE",
+ "merchant.address": "Friedrichstrasse 123, 10117 Berlin",
+ "merchant.countryCode": "DE",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "6e9f2b5c-3e7a-4410-bf7e-9b1a7f5f2c12",
+ "Date": "2026-03-26T09:20:30Z",
+ "Digest": "SHA-256=9Zq6v2cQ0JmQkN9q4xvY7J1oV+5yE2w3JHk7bD9pQkI=",
+ "Signature": "keyId=\"tpp-003\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"ZyxWVUT987+/==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUFz3E7M7p+e6a9q1c5z9G7L2d8m0wDQYJKoZIhvcNAQELBQAw",
+ "User-Involved": false,
+ "TPP-Name": "PayLink BV",
+ "exchangeIdentification": "a1b2c3d4e5f60789",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "9d0a2b3c-4e5f-6789-a0b1-2c3d4e5f6789",
+ "Date": "2026-03-26T09:25:00Z",
+ "Digest": "SHA-256=Bb3l4XW2p8t3jZf0h3A1s9Q2r7W6yZQ9dD3p6Lk8mNw=",
+ "TPP-Signature-Certificate": "MIIC8DCCAdigAwIBAgIUX1P0KkzvI0YV3vS5m6m8w9u7t6AwDQYJKoZIhvcNAQELBQAw",
+ "User-Involved": true,
+ "TPP-Name": "ZenPay Ltd",
+ "exchangeIdentification": "cafe42deadbeef01",
+ "statusCode": 400,
+ "scenario": "FIELD_MISSING - Missing mandatory field in the request."
+ },
+ {
+ "X-Request-ID": "12345-not-uuid",
+ "Date": "26-03-2026 10:00",
+ "Digest": "SHA-256=QWJjMTIzNDU2Nzg5MHh5eg==",
+ "Signature": "keyId=\"tpp-004\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"pqrSTU321+/==\"",
+ "TPP-Signature-Certificate": "MIIDCTCCAfGgAwIBAgIUf3c1L7k2h4N8l6y3v9m0p2q5r7t9MA0GCSqGSIb3DQEBCwUAMBMxETAPBgNVBAMMCHRwcC1jZXJ0MB4XDTI2MDMyNjA5MzAwMFoXDTI3MDMyNjA5MzAwMFowEzERMA8GA1UEAwwIdHBwLWNlcnQw",
+ "User-Involved": true,
+ "TPP-Name": "AlphaPay SA",
+ "exchangeIdentification": "00ff11ee22dd33cc",
+ "statusCode": 400,
+ "scenario": "FIELD_INVALID - FIELD value is not valid."
+ },
+ {
+ "X-Request-ID": "1a2b3c4d-5e6f-7081-92a3-b4c5d6e7f8a9",
+ "Date": "2026-03-26T09:35:45Z",
+ "Digest": "SHA-256=J29mJ3FzbGtoamRmYXNkZmdoamtsOysvPT0=",
+ "Signature": "keyId=\"tpp-005\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"LMNopq789+/==\"",
+ "TPP-Signature-Certificate": "MIIC8TCCAdoCCQCeJx4z8ow7wTANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAl0cHAtY2VydDAeFw0yNjAzMjYwOTM1NDVaFw0yNzAzMjYwOTM1NDVaMBQxEjAQBgNVBAMMCXRwcC1jZXJ0",
+ "User-Involved": false,
+ "TPP-Name": "NovaPay AS",
+ "exchangeIdentification": "11223344aabbccdd",
+ "debtorAccount.identification.iban": "12345",
+ "debtorAccount.currency": "EUR",
+ "statusCode": 400,
+ "scenario": "AC02 [InvalidDebtorAccountNumber] invalid account identifier in the request content."
+ },
+ {
+ "X-Request-ID": "7e3c1a2b-9f8e-4d5c-b2a1-0c9d8e7f6a5b",
+ "Date": "2026-03-26T09:40:10Z",
+ "Digest": "SHA-256=c2hhMjU2LWRpZ2VzdC12YWx1ZS1leGFtcGxl",
+ "Signature": "keyId=\"tpp-006\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"AbCdEf987+/==\"",
+ "TPP-Signature-Certificate": "MIICsDCCAhmgAwIBAgIJAKfG1x8t5U0fMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNVBAMMCXRwcC1jZXJ0MB4XDTI2MDMyNjA5NDAxMFoXDTI3MDMyNjA5NDAxMFowFDESMBAGA1UEAwwJdHBwLWNlcnQ=",
+ "User-Involved": true,
+ "TPP-Name": "AtlasPay OÜ",
+ "exchangeIdentification": "44556677ddeeff00",
+ "debtorAccount.identification.iban": "GB82WEST12345698765432",
+ "debtorAccount.currency": "ZZZ",
+ "statusCode": 400,
+ "scenario": "AC09 [InvalidAccountCurrency] invalid currency of the required account."
+ },
+ {
+ "X-Request-ID": "3f2e1d0c-9b8a-7f6e-5d4c-3b2a1f0e9d8c",
+ "Date": "2026-03-26T09:45:22Z",
+ "Digest": "SHA-256=VGVzdERpZ2VzdFZhbHVlMTIzPT0=",
+ "Signature": "keyId=\"tpp-007\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"GhIjKl654+/==\"",
+ "TPP-Signature-Certificate": "MIICyDCCAbCgAwIBAgIUIe6v1m4k5c2a8v1n2m3b4c5d6e7fMA0GCSqGSIb3DQEBCwUAMBUxEzARBgNVBAMMCnRwcC1jZXJ0LTIwHhcNMjYwMzI2MDk0NTIyWhcNMjcwMzI2MDk0NTIyWjAVMRMwEQYDVQQDDAp0cHAtY2VydC0y",
+ "User-Involved": false,
+ "TPP-Name": "QuickPay Sp. z o.o.",
+ "exchangeIdentification": "aabbccddeeff0011",
+ "transactionDetails.totalAmount": 79.5,
+ "transactionDetails.currency": "XXX",
+ "statusCode": 400,
+ "scenario": "AM11 [InvalidTransactionCurrency] the request contains a currency not trade/not supported."
+ },
+ {
+ "X-Request-ID": "5a4b3c2d-1e0f-9a8b-7c6d-5e4f3a2b1c0d",
+ "Date": "2026-03-26T09:50:05Z",
+ "Digest": "SHA-256=YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXo=",
+ "Signature": "keyId=\"tpp-008\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"TuVwXy321+/==\"",
+ "TPP-Signature-Certificate": "MIIDAzCCAeugAwIBAgIUR3G7k8n9m5q2t1s0r9p8o7n6m5l4MA0GCSqGSIb3DQEBCwUAMBcxFTATBgNVBAMMDHRwcC1jZXJ0LXRlc3QwHhcNMjYwMzI2MDk1MDA1WhcNMjcwMzI2MDk1MDA1WjAXMRUwEwYDVQQDDAx0cHAtY2VydC10ZXN0",
+ "User-Involved": true,
+ "TPP-Name": "EuroPay S.A.",
+ "exchangeIdentification": "f0e1d2c3b4a59687",
+ "transactionDetails.totalAmount": -10.5,
+ "transactionDetails.currency": "EUR",
+ "statusCode": 400,
+ "scenario": "AM12 [InvalidAmount] wrong amount."
+ },
+ {
+ "X-Request-ID": "2a3b4c5d-6e7f-8091-a2b3-c4d5e6f70819",
+ "Date": "2026-03-26T09:55:40Z",
+ "Digest": "SHA-256=dW5hdXRob3Jpc2VkLXRlc3QtZGlnZXN0",
+ "Signature": "keyId=\"tpp-009\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"NoCertReq==\"",
+ "TPP-Signature-Certificate": "MIICrDCCAZSgAwIBAgIUDUMMYCERTFORTESTONLYMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1RQUC1OR0MwHhcNMjYwMzI2MTAwNTAwWhcNMjcwMzI2MTAwNTAwWjASMRAwDgYDVQQDDAdUUFAtTkdD",
+ "User-Involved": false,
+ "TPP-Name": "SecurePay AB",
+ "exchangeIdentification": "77aa88bb99cc00dd",
+ "statusCode": 401,
+ "scenario": "UNAUTHORISED - Invalid/missing access token = user is not authenticated"
+ },
+ {
+ "X-Request-ID": "8b7c6d5e-4f3a-2b1c-0d9e-8f7a6b5c4d3e",
+ "Date": "2026-03-26T10:00:20Z",
+ "Digest": "SHA-256=Zm9yYmlkZGVuLWRpZ2VzdC12YWx1ZQ==",
+ "Signature": "keyId=\"tpp-010\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"ForbiddenSig==\"",
+ "TPP-Signature-Certificate": "MIICVTCCAT2gAwIBAgIUFORBIDDEN-CERT-EXAMPLE-MA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1RQUC1GQ0EwHhcNMjYwMzI2MTAwMDIwWhcNMjcwMzI2MTAwMDIwWjASMRAwDgYDVQQDDAdUUFAtRkNB",
+ "User-Involved": true,
+ "TPP-Name": "BlueCard LLC",
+ "exchangeIdentification": "1234abcd5678ef90",
+ "statusCode": 403,
+ "scenario": "FORBIDDEN - Authentication with an invalid certificate or expired access token, a call that does not match a third-party license."
+ },
+ {
+ "X-Request-ID": "4c3d2e1f-0a9b-8c7d-6e5f-4a3b2c1d0e9f",
+ "Date": "2026-03-26T10:05:55Z",
+ "Digest": "SHA-256=c2VydmVyLWVycm9yLXRlc3QtZGlnZXN0",
+ "Signature": "keyId=\"tpp-011\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"ServerErr==\"",
+ "TPP-Signature-Certificate": "MIIDbjCCAlagAwIBAgIUQk1JTl9FUlIwMDBTRVJWRVIwDQYJKoZIhvcNAQELBQAw",
+ "User-Involved": false,
+ "TPP-Name": "CardNet A/S",
+ "exchangeIdentification": "ee11cc22bb33aa44",
+ "statusCode": 500,
+ "scenario": "NARR Narrative a general reason for rejecting the payment, with an addition of error-related information."
+ },
+ {
+ "X-Request-ID": "6a5b4c3d-2e1f-0a9b-8c7d-6e5f4a3b2c1d",
+ "Date": "2026-03-26T10:10:10Z",
+ "Digest": "SHA-256=aW52YWxpZC1maWxlLWZvcm1hdC1kaWdlc3Q=",
+ "Signature": "keyId=\"tpp-012\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"BadJsonFmt==\"",
+ "TPP-Signature-Certificate": "MIICpDCCAYwGCSqGSIb3DQEBCjCCAXYCAQExDzANBglghkgBZQMEAgMFADASMRAwDgYDVQQDDAdUUFAtSk9O",
+ "User-Involved": true,
+ "TPP-Name": "Gateway Inc.",
+ "exchangeIdentification": "deedbeefcafefeed",
+ "statusCode": 400,
+ "scenario": "FF01 [Invalid File Format] invalid JSON format or other technical problem with the query processing."
+ },
+ {
+ "X-Request-ID": "d4a9e7f1-2b8c-4c2e-9d1a-6b7c8d9e0f10",
+ "Date": "2026-03-26T10:12:00Z",
+ "Digest": "SHA-256=ZHVwbGljYXRlLXJlcXVlc3QtaWQ=",
+ "Signature": "keyId=\"tpp-013\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"DupReqId==\"",
+ "TPP-Signature-Certificate": "MIIDQjCCAiqgAwIBAgIURkYxMTIzNDU2Nzg5MA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNVBAMMCXRwcC1jZXJ0MB4XDTI2MDMyNjEwMTIwMFoXDTI3MDMyNjEwMTIwMFowFDESMBAGA1UEAwwJdHBwLWNlcnQ=",
+ "User-Involved": false,
+ "TPP-Name": "Acme Payments AG",
+ "exchangeIdentification": "99aa77bb55cc33dd",
+ "statusCode": 400,
+ "scenario": "RF01 [NotUniqueTransactionReference] not unique request identifier."
+ },
+ {
+ "X-Request-ID": "0a1b2c3d-4e5f-6071-82a3-94b5c6d7e8f9",
+ "Date": "2026-03-26T10:15:45Z",
+ "Digest": "SHA-256=aW52YWxpZC1jaGFyLXNldA==",
+ "Signature": "keyId=\"tpp-014\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"BadCharset==\"",
+ "TPP-Signature-Certificate": "MIICWDCCAUACAQEwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHVFBQLUNIQTAeFw0yNjAzMjYxMDE1NDVaFw0yNzAzMjYxMDE1NDVaMBIxEDAOBgNVBAMMB1RQUC1DSEE=",
+ "User-Involved": true,
+ "TPP-Name": "Fin💥Serve Ltd",
+ "exchangeIdentification": "0f0e0d0c0b0a0908",
+ "statusCode": 400,
+ "scenario": "RR10 [InvalidCharacterSet] invalid character set in the request."
+ },
+ {
+ "X-Request-ID": "1b2c3d4e-5f60-7182-93a4-b5c6d7e8f9a0",
+ "Date": "2026-03-26T10:18:30Z",
+ "Digest": "SHA-256=YWJzZW50LWNvbnNlbnQ=",
+ "Signature": "keyId=\"tpp-015\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"ConsentMissing==\"",
+ "TPP-Signature-Certificate": "MIICZzCCAU8CAQEwDQYJKoZIhvcNAQELBQAwEzERMA8GA1UEAwwIdHBwLWFnMDEwHhcNMjYwMzI2MTAxODMwWhcNMjcwMzI2MTAxODMwWjATMREwDwYDVQQDDAh0cHAtYWcwMQ==",
+ "User-Involved": false,
+ "TPP-Name": "TrustBank PSD2",
+ "exchangeIdentification": "abc123def4567890",
+ "statusCode": 403,
+ "scenario": "AG01 [TransactionForbidden] absent consent to access to balance check at the account."
+ },
+ {
+ "X-Request-ID": "2c3d4e5f-6071-8293-a4b5-c6d7e8f9a0b1",
+ "Date": "2026-03-26T10:20:05Z",
+ "Digest": "SHA-256=c3VjY2Vzcy13aXRoLW9wdGlvbmFscw==",
+ "Signature": "keyId=\"tpp-016\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"OptIncl-123==\"",
+ "TPP-Signature-Certificate": "MIICUzCCATsCAQEwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAwwJdHBwLXN1Y2MwHhcNMjYwMzI2MTAyMDA1WhcNMjcwMzI2MTAyMDA1WjAUMRIwEAYDVQQDDAl0cHAtc3VjYw==",
+ "User-Involved": true,
+ "TPP-Name": "FinServe Ltd",
+ "exchangeIdentification": "bead09f00d1e2c34",
+ "transactionDetails.totalAmount": 15.2,
+ "transactionDetails.currency": "GBP",
+ "merchant.identification": "MRC-556677",
+ "merchant.shortName": "BookHub",
+ "merchant.commonName": "BookHub Publishing",
+ "merchant.merchantCategoryCode": "5942",
+ "merchant.type": "E_COMMERCE",
+ "merchant.countryCode": "GB",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "3d4e5f60-7182-93a4-b5c6-d7e8f9a0b1c2",
+ "Date": "2026-03-26T10:22:50Z",
+ "Digest": "SHA-256=b3B0aW9uYWwtY2FyZC1maWVsZHM=",
+ "Signature": "keyId=\"tpp-017\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"CardOpt-456==\"",
+ "TPP-Signature-Certificate": "MIICQjCCAeugAwIBAgIUS01QMlRFU1QtQ0VSVDAwMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNVBAMMCXRwcC1jZXJ0MB4XDTI2MDMyNjEwMjI1MFoXDTI3MDMyNjEwMjI1MFowFDESMBAGA1UEAwwJdHBwLWNlcnQ=",
+ "User-Involved": true,
+ "TPP-Name": "Acme Payments AG",
+ "exchangeIdentification": "feedfacecafebabe",
+ "card.cardholderName": "John Smith",
+ "card.maskedPAN": "550000******0004",
+ "transactionDetails.totalAmount": 120,
+ "transactionDetails.currency": "USD",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "9f1e2d3c-4b5a-6c7d-8e9f-0a1b2c3d4e5f",
+ "Date": "2026-03-26T10:25:33Z",
+ "Digest": "SHA-256=aW52YWxpZC1tZXJjaGFudC10eXBl",
+ "Signature": "keyId=\"tpp-018\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"BadMerchantType==\"",
+ "TPP-Signature-Certificate": "MIICRDCCAeACAQEwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLdHBwLXR5cGUtdGVzdDAeFw0yNjAzMjYxMDI1MzNaFw0yNzAzMjYxMDI1MzNaMBYxFDASBgNVBAMMC3RwcC10eXBlLXRlc3Q=",
+ "User-Involved": false,
+ "TPP-Name": "NovaPay AS",
+ "exchangeIdentification": "123abc456def7890",
+ "merchant.type": "UNKNOWN_TYPE",
+ "statusCode": 400,
+ "scenario": "NARR Narrative a general reason for rejecting the payment, with an addition of error-related information."
+ }
+]
\ No newline at end of file
diff --git a/postman_collections/PostmanApitest/pds2-api/datasets/my_payments-New_Payment_initiation.json b/postman_collections/PostmanApitest/pds2-api/datasets/my_payments-New_Payment_initiation.json
new file mode 100644
index 00000000..2870f310
--- /dev/null
+++ b/postman_collections/PostmanApitest/pds2-api/datasets/my_payments-New_Payment_initiation.json
@@ -0,0 +1,334 @@
+[
+ {
+ "X-Request-ID": "0f8fad5b-d9cb-469f-a165-70867728950e",
+ "Date": "Wed, 26 Mar 2026 10:20:30 GMT",
+ "Digest": "SHA-256=QmFzZTY0RGlnZXN0U2lnbmF0dXJlMTIz",
+ "Signature": "keyId=\"tpp-001\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIGR1ZlZ3b1l2c2lnbmF0dXJlAA==\"",
+ "TPP-Signature-Certificate": "MIICdzCCAeCgAwIBAgIBADANBgkqhkiG9w0BAQ0FADASMRAwDgYDVQQDDAdUUEAgQ0EwHhcNMjYwMzI2MTAyMDMwWhcNMjcwMzI2MTAyMDMwWjASMRAwDgYDVQQDDAdUUEAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC18e3n4wq0nB8l8vXq",
+ "User-Involved": true,
+ "TPP-Name": "Acme TPP Ltd.",
+ "amount.instructedAmount.value": 250.75,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "DE89370400440532013000",
+ "creditorAccount.identification.iban": "NL91ABNA0417164300",
+ "paymentIdentification.instructionIdentification": "INV-2026-0001",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-04-01",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "7c9e6679-7425-40de-944b-e07fc1f90ae7",
+ "Date": "Wed, 26 Mar 2026 10:21:10 GMT",
+ "Digest": "SHA-256=VGhpc0lzQURpZ2VzdEhhc2g=",
+ "Signature": "keyId=\"tpp-002\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MGYCMQDFh3NpZ25hdHVyZUJsb2I9PQIxAJk3bW9jay1zaWduYXR1cmU=\"",
+ "TPP-Signature-Certificate": "MIIDAjCCAeqgAwIBAgIUUFN0cHBjZXJ0aWZpY2F0ZTAwMjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdUUEAgQ0EwHhcNMjYwMzI2MTAyMTEwWhcNMjcwMzI2MTAyMTEwWjASMRAwDgYDVQQDDAdUUEAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3r7u1mL1uZk8w",
+ "User-Involved": false,
+ "TPP-Name": "FinBridge Solutions",
+ "amount.instructedAmount.value": 1020.5,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "FR1420041010050500013M02606",
+ "debtorAccount.currency": "EUR",
+ "creditorAccount.identification.iban": "ES9121000418450200051332",
+ "creditorAccount.currency": "EUR",
+ "paymentIdentification.instructionIdentification": "INV-2026-0002",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-04-02",
+ "remittanceInformation.additionalRemittanceInformation": "Invoice March 2026",
+ "remittanceInformation.unstructured": "Consulting services",
+ "remittanceInformation.structured.creditorReferenceInformation.reference": "RF18539007547034",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "3c5a1d2e-9f4b-4c93-99f6-8a7b6c5d4e3f",
+ "Date": "Wed, 26 Mar 2026 10:22:05 GMT",
+ "Digest": "SHA-256=U0hBLTI1Nj1hYmNkZWY=",
+ "Signature": "keyId=\"tpp-003\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEYCIQDPZ2lnbnM2NDU2NzhnZGo9PQIhAJBhc2U2NGJ1ZmZlcg==\"",
+ "TPP-Signature-Certificate": "MIIDBTCCAe2gAwIBAgIUT1NJR05DRVJUMDAzMjAxMjANBgkqhkiG9w0BAQwFADASMRAwDgYDVQQDDAdUUEAgQ0EwHhcNMjYwMzI2MTAyMjA1WhcNMjcwMzI2MTAyMjA1WjASMRAwDgYDVQQDDAdUUEAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq6c2qP6pW",
+ "User-Involved": true,
+ "TPP-Name": "OpenPay Tech",
+ "amount.instructedAmount.value": 75.99,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "NL91ABNA0417164300",
+ "creditorAccount.identification.iban": "DE89370400440532013000",
+ "paymentIdentification.instructionIdentification": "INV-2026-0003",
+ "paymentTypeInformation.instructionPriority": "INST",
+ "requestedExecutionDate": "2026-03-27",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "e13b1f2a-6b7c-4d8e-9f10-112233445566",
+ "Date": "Wed, 26 Mar 2026 10:22:45 GMT",
+ "Digest": "SHA-256=ZGlnaXN0LWl0ZW0tNDI=",
+ "Signature": "keyId=\"tpp-004\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEUCIQDkYnl2ZWQzMTIzNDU2Nzg5PQIgQmFzZTY0U2lnblN0cmluZw==\"",
+ "TPP-Signature-Certificate": "MIIC8TCCAdmgAwIBAgIUT1BQU0lHRTQwMDM0NTY3ODANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdUUEAgQ0EwHhcNMjYwMzI2MTAyMjQ1WhcNMjcwMzI2MTAyMjQ1WjASMRAwDgYDVQQDDAdUUEAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Z0diuQkH",
+ "User-Involved": false,
+ "TPP-Name": "PayWave Europe",
+ "amount.instructedAmount.value": 500,
+ "amount.instructedAmount.currency": "GBP",
+ "debtorAccount.identification.iban": "GB33BUKB20201555555555",
+ "debtorAccount.currency": "GBP",
+ "creditorAccount.identification.iban": "FR1420041010050500013M02606",
+ "creditorAccount.currency": "EUR",
+ "paymentIdentification.instructionIdentification": "PAY-GB-0004",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-30",
+ "remittanceInformation.unstructured": "Payment for order #7843",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "4f2a9ccd-56e1-4f13-9a37-5a6b7c8d9e01",
+ "Date": "Wed, 26 Mar 2026 10:23:20 GMT",
+ "Digest": "SHA-256=Y2hlY2tzdW0tYmFzZTY0",
+ "Signature": "keyId=\"tpp-005\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MGQCMQDkY29ycmVjdFNpZ25hdHVyZQIxAPz1bW9ja0Jhc2U2NA==\"",
+ "TPP-Signature-Certificate": "MIIDAzCCAeugAwIBAgIUTElHTkVSLUNFUlQtMDA1LTAwNDAwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHVFBQIENSQTAeFw0yNjAzMjYxMDIzMjBaFw0yNzAzMjYxMDIzMjBaMBIxEDAOBgNVBAMMB1RQUCBDRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2Cwzq",
+ "User-Involved": true,
+ "TPP-Name": "NorthBank API Client",
+ "amount.instructedAmount.value": 1200.25,
+ "amount.instructedAmount.currency": "USD",
+ "debtorAccount.identification.iban": "IT60X0542811101000000123456",
+ "creditorAccount.identification.iban": "ES9121000418450200051332",
+ "paymentIdentification.instructionIdentification": "INV-US-5005",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-04-03",
+ "remittanceInformation.additionalRemittanceInformation": "Quarterly subscription",
+ "remittanceInformation.structured.creditorReferenceInformation.reference": "RF18539007547035",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "b1c2d3e4-f5a6-4b78-9c01-23456789abcd",
+ "Date": "Wed, 26 Mar 2026 10:24:10 GMT",
+ "Digest": "SHA-256=bWlzc2luZy1maWVsZA==",
+ "Signature": "keyId=\"tpp-006\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIFRpbmNvcnJlY3RTaWduYXR1cmUCIHByZXNldA==\"",
+ "TPP-Signature-Certificate": "MIIDBzCCAe+gAwIBAgIUQ0VSVElGLTAwNi0wMDYwMDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdUUEAgQ0EwHhcNMjYwMzI2MTAyNDEwWhcNMjcwMzI2MTAyNDEwWjASMRAwDgYDVQQDDAdUUEAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoa2V5",
+ "User-Involved": true,
+ "TPP-Name": "Acme TPP Ltd.",
+ "amount.instructedAmount.value": 300,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.currency": "EUR",
+ "creditorAccount.identification.iban": "NL91ABNA0417164300",
+ "creditorAccount.currency": "EUR",
+ "paymentIdentification.instructionIdentification": "INV-2026-0006",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-29",
+ "statusCode": 400,
+ "scenario": "FIELD_MISSING"
+ },
+ {
+ "X-Request-ID": "a2b3c4d5-e6f7-4a89-9b01-cdef12345678",
+ "Date": "Wed, 26 Mar 2026 10:24:50 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1hbW91bnQ=",
+ "Signature": "keyId=\"tpp-007\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEYCIQC6aW52YWxpZFNpZwIhAK1zaWduQmFzZTY0\"",
+ "TPP-Signature-Certificate": "MIIDCTCCAeGgAwIBAgIUQUlORk8tU0lHTi0wMDcwMDANBgkqhkiG9w0BAQwFADASMRAwDgYDVQQDDAdUUEAgQ0EwHhcNMjYwMzI2MTAyNDUwWhcNMjcwMzI2MTAyNDUwWjASMRAwDgYDVQQDDAdUUEAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC28x1v",
+ "User-Involved": false,
+ "TPP-Name": "FinBridge Solutions",
+ "amount.instructedAmount.value": -10,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "DE89370400440532013000",
+ "creditorAccount.identification.iban": "FR1420041010050500013M02606",
+ "paymentIdentification.instructionIdentification": "INV-2026-0007",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-28",
+ "statusCode": 400,
+ "scenario": "AM12"
+ },
+ {
+ "X-Request-ID": "9a8b7c6d-5e4f-4d3c-8b7a-6c5d4e3f2a1b",
+ "Date": "Wed, 26 Mar 2026 10:25:20 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1jdXJyZW5jeQ==",
+ "Signature": "keyId=\"tpp-008\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIHhpbnZhbGlkU2lnbmF0dXJlAiBjaGVjaw==\"",
+ "TPP-Signature-Certificate": "MIIC+jCCAeKgAwIBAgIUQ0VSVElGLTAwOC0wMDgwMDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdUUEAgQ0EwHhcNMjYwMzI2MTAyNTIwWhcNMjcwMzI2MTAyNTIwWjASMRAwDgYDVQQDDAdUUEAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7u8mF",
+ "User-Involved": true,
+ "TPP-Name": "OpenPay Tech",
+ "amount.instructedAmount.value": 55.5,
+ "amount.instructedAmount.currency": "XXX",
+ "debtorAccount.identification.iban": "NL91ABNA0417164300",
+ "creditorAccount.identification.iban": "ES9121000418450200051332",
+ "paymentIdentification.instructionIdentification": "INV-2026-0008",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-29",
+ "statusCode": 400,
+ "scenario": "AM11"
+ },
+ {
+ "X-Request-ID": "d4c3b2a1-0f9e-4d8c-8b7a-6c5d4e3f2a1c",
+ "Date": "Wed, 26 Mar 2026 10:25:55 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1kZWJ0b3ItYWNj",
+ "Signature": "keyId=\"tpp-009\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIGJhZFNpZ25BbmRCYXNlNjQCIHF3ZXJ0eQ==\"",
+ "TPP-Signature-Certificate": "MIIDBTCCAe2gAwIBAgIURkFLRS1DRVJUOjAwOS0wMDkwMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1RQUCBDQTAeFw0yNjAzMjYxMDI1NTVaFw0yNzAzMjYxMDI1NTVaMBIxEDAOBgNVBAMMB1RQUCBDQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxC0fK",
+ "User-Involved": false,
+ "TPP-Name": "PayWave Europe",
+ "amount.instructedAmount.value": 88,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "DE00INVALIDIBAN",
+ "creditorAccount.identification.iban": "FR1420041010050500013M02606",
+ "paymentIdentification.instructionIdentification": "INV-2026-0009",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-30",
+ "statusCode": 400,
+ "scenario": "AC02"
+ },
+ {
+ "X-Request-ID": "f1e2d3c4-b5a6-4c7d-9e80-0a1b2c3d4e5f",
+ "Date": "Wed, 26 Mar 2026 10:26:30 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1jcmVkaXRvcg==",
+ "Signature": "keyId=\"tpp-010\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEUCIQClbnJkU2lnbmF0dXJlAiBiby1iYWRmb3JtYXQ=\"",
+ "TPP-Signature-Certificate": "MIIDCzCCAfOgAwIBAgIUQUktQ0VSVElGLTAxMC0wMTAwMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1RQUCBDQTAeFw0yNjAzMjYxMDI2MzBaFw0yNzAzMjYxMDI2MzBaMBIxEDAOBgNVBAMMB1RQUCBDQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkUuGP",
+ "User-Involved": true,
+ "TPP-Name": "NorthBank API Client",
+ "amount.instructedAmount.value": 64.2,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "NL91ABNA0417164300",
+ "creditorAccount.identification.iban": "NL00INVALID000",
+ "paymentIdentification.instructionIdentification": "INV-2026-0010",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-31",
+ "statusCode": 400,
+ "scenario": "AC03"
+ },
+ {
+ "X-Request-ID": "6e1c2a34-489a-4d5f-9a96-7f2dccf1b9a1",
+ "Date": "Wed, 26 Mar 2026 10:27:05 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1kYXRl",
+ "Signature": "keyId=\"tpp-011\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIEJyb2tlbkRhdGVTdHVmZiIgc2lnAiB0ZXN0LXNpZw==\"",
+ "TPP-Signature-Certificate": "MIIDDTCCAfagAwIBAgIUQ0VSVElGLTAxMS0wMTEwMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1RQUCBDQTAeFw0yNjAzMjYxMDI3MDVaFw0yNzAzMjYxMDI3MDVaMBIxEDAOBgNVBAMMB1RQUCBDQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2y6qE",
+ "User-Involved": false,
+ "TPP-Name": "Acme TPP Ltd.",
+ "amount.instructedAmount.value": 10,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "FR1420041010050500013M02606",
+ "creditorAccount.identification.iban": "DE89370400440532013000",
+ "paymentIdentification.instructionIdentification": "INV-2026-0011",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-02-30",
+ "statusCode": 400,
+ "scenario": "DT01"
+ },
+ {
+ "X-Request-ID": "d3f8b8c1-0e44-4a32-a3d1-8a94bb57f2b3",
+ "Date": "Wed, 26 Mar 2026 10:27:40 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1wcmlvcml0eQ==",
+ "Signature": "keyId=\"tpp-012\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEYCIQCYcHJpb3JpdHlJbnZhbGlkAiB0ZXN0c2lnbg==\"",
+ "TPP-Signature-Certificate": "MIIDETCCAfmgAwIBAgIUQ0VSVElGLTAxMi0wMTIwMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1RQUCBDQTAeFw0yNjAzMjYxMDI3NDBaFw0yNzAzMjYxMDI3NDBaMBIxEDAOBgNVBAMMB1RQUCBDQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3We3O",
+ "User-Involved": true,
+ "TPP-Name": "OpenPay Tech",
+ "amount.instructedAmount.value": 42,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "ES9121000418450200051332",
+ "creditorAccount.identification.iban": "NL91ABNA0417164300",
+ "paymentIdentification.instructionIdentification": "INV-2026-0012",
+ "paymentTypeInformation.instructionPriority": "URGENT",
+ "requestedExecutionDate": "2026-03-28",
+ "statusCode": 400,
+ "scenario": "FIELD_INVALID"
+ },
+ {
+ "X-Request-ID": "a9b1d2c3-4e5f-4a89-9bcd-ef0123456789",
+ "Date": "Wed, 26 Mar 2026 10:28:15 GMT",
+ "Digest": "SHA-256=c2FtZS1hY2NvdW50cw==",
+ "Signature": "keyId=\"tpp-013\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEYCIQByc2FtZS1hY2NvdW50cy1ub3QtbG93AiBzaWdu\"",
+ "TPP-Signature-Certificate": "MIIDFzCCAu2gAwIBAgIURk9SQk1BVVQtMDEzLTAxMzAwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHVFBQIENSQTAeFw0yNjAzMjYxMDI4MTVaFw0yNzAzMjYxMDI4MTVaMBIxEDAOBgNVBAMMB1RQUCBDQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1wr3k",
+ "User-Involved": true,
+ "TPP-Name": "PayWave Europe",
+ "amount.instructedAmount.value": 15,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "CZ6508000000192000145399",
+ "creditorAccount.identification.iban": "CZ6508000000192000145399",
+ "paymentIdentification.instructionIdentification": "INV-2026-0013",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-29",
+ "statusCode": 400,
+ "scenario": "REC_SEND"
+ },
+ {
+ "X-Request-ID": "fe12dc34-ab56-4c78-9d0e-1a2b3c4d5e6f",
+ "Date": "Wed, 26 Mar 2026 10:28:50 GMT",
+ "Digest": "SHA-256=YWNjb3VudC1jdXJyLWNob2ljZQ==",
+ "Signature": "keyId=\"tpp-014\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIFBheWxvYWRUZXN0AiBzaWduLXNwZWM=\"",
+ "TPP-Signature-Certificate": "MIIDGjCCAuKgAwIBAgIUT0FQSUMtQ0VSVElGLTAxNC0wMTQwMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1RQUCBDQTAeFw0yNjAzMjYxMDI4NTBaFw0yNzAzMjYxMDI4NTBaMBIxEDAOBgNVBAMMB1RQUCBDQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKkiqT",
+ "User-Involved": false,
+ "TPP-Name": "NorthBank API Client",
+ "amount.instructedAmount.value": 220,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "SK3112000000198742637541",
+ "debtorAccount.currency": "JPY",
+ "creditorAccount.identification.iban": "DE89370400440532013000",
+ "paymentIdentification.instructionIdentification": "INV-2026-0014",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-31",
+ "statusCode": 400,
+ "scenario": "AC10"
+ },
+ {
+ "X-Request-ID": "1a2b3c4d-5e6f-4a70-8b90-0c1d2e3f4a5b",
+ "Date": "Wed, 26 Mar 2026 10:29:25 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1jaGFyLXNldA==",
+ "Signature": "keyId=\"tpp-015\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEUCIQCOZW1vamktdXNlZAIgY2hhcnMtdGVzdA==\"",
+ "TPP-Signature-Certificate": "MIIDHTCCAsigAwIBAgIUQUlQUkQtQ0VSVElGLTAxNS0wMTUwMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1RQUCBDQTAeFw0yNjAzMjYxMDI5MjVaFw0yNzAzMjYxMDI5MjVaMBIxEDAOBgNVBAMMB1RQUCBDQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHr1o3",
+ "User-Involved": true,
+ "TPP-Name": "Acme TPP Ltd.",
+ "amount.instructedAmount.value": 19.99,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "IT60X0542811101000000123456",
+ "creditorAccount.identification.iban": "FR1420041010050500013M02606",
+ "paymentIdentification.instructionIdentification": "INV-2026-0015",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-30",
+ "remittanceInformation.unstructured": "Payment for services 😊",
+ "statusCode": 400,
+ "scenario": "RR10"
+ },
+ {
+ "X-Request-ID": "2b3c4d5e-6f70-4a81-9b02-1c2d3e4f5a6b",
+ "Date": "Wed, 26 Mar 2026 10:30:00 GMT",
+ "Digest": "SHA-256=dW5hdXRoLXRva2Vu",
+ "Signature": "keyId=\"tpp-016\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIHVuYXV0aD0xMjM0NTY3ODkCIHdpdGhvdXQtY2VydA==\"",
+ "TPP-Signature-Certificate": "invalid-cert",
+ "User-Involved": false,
+ "TPP-Name": "OpenPay Tech",
+ "paymentIdentification.instructionIdentification": "INV-2026-0016",
+ "requestedExecutionDate": "2026-03-27",
+ "statusCode": 401,
+ "scenario": "UNAUTHORISED"
+ },
+ {
+ "X-Request-ID": "3c4d5e6f-7081-4a92-9b13-2d3e4f5a6b7c",
+ "Date": "Wed, 26 Mar 2026 10:30:35 GMT",
+ "Digest": "SHA-256=Zm9yYmlkZGVu",
+ "Signature": "keyId=\"tpp-017\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEUCIGZvcmJpZGRlbgIgY2Fubm90LWFjY2Vzcw==\"",
+ "TPP-Signature-Certificate": "MIIDITCCAgmgAwIBAgIUQkFEX0NBTl9VU0VfMDE3MDANBgkqhkiG9w0BAQwFADASMRAwDgYDVQQDDAdUUEAgQ0EwHhcNMjYwMzI2MTAzMDM1WhcNMjcwMzI2MTAzMDM1WjASMRAwDgYDVQQDDAdUUEAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKcQvY",
+ "User-Involved": true,
+ "TPP-Name": "FinBridge Solutions",
+ "amount.instructedAmount.value": 75,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "DE89370400440532013000",
+ "creditorAccount.identification.iban": "NL91ABNA0417164300",
+ "paymentIdentification.instructionIdentification": "INV-2026-0017",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-28",
+ "statusCode": 403,
+ "scenario": "FORBIDDEN"
+ },
+ {
+ "X-Request-ID": "4d5e6f70-8192-4aa3-9b24-3e4f5a6b7c8d",
+ "Date": "Wed, 26 Mar 2026 10:31:10 GMT",
+ "Digest": "SHA-256=c2VydmVyLWVycm9y",
+ "Signature": "keyId=\"tpp-018\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIGVycm9yLXNpbXVsYXRpb24CIHNpZ24=\"",
+ "TPP-Signature-Certificate": "MIIDJjCCAg6gAwIBAgIUTUlTR0VOSU5HX0NFUlRfMDE4MDANBgkqhkiG9w0BAQwFADASMRAwDgYDVQQDDAdUUEAgQ0EwHhcNMjYwMzI2MTAzMTEwWhcNMjcwMzI2MTAzMTEwWjASMRAwDgYDVQQDDAdUUEAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2o1lE",
+ "User-Involved": false,
+ "TPP-Name": "PayWave Europe",
+ "amount.instructedAmount.value": 5,
+ "amount.instructedAmount.currency": "EUR",
+ "debtorAccount.identification.iban": "ES9121000418450200051332",
+ "creditorAccount.identification.iban": "FR1420041010050500013M02606",
+ "paymentIdentification.instructionIdentification": "INV-2026-0018",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "requestedExecutionDate": "2026-03-27",
+ "statusCode": 500,
+ "scenario": "NARR"
+ }
+]
\ No newline at end of file
diff --git a/postman_collections/PostmanApitest/pds2-api/datasets/my_payments-Query_for_Balance_Check.json b/postman_collections/PostmanApitest/pds2-api/datasets/my_payments-Query_for_Balance_Check.json
new file mode 100644
index 00000000..899c29a9
--- /dev/null
+++ b/postman_collections/PostmanApitest/pds2-api/datasets/my_payments-Query_for_Balance_Check.json
@@ -0,0 +1,267 @@
+[
+ {
+ "X-Request-ID": "1f9d1c2a-5b6d-4e70-9f9a-1b2c3d4e5f60",
+ "Date": "Wed, 26 Mar 2026 10:15:30 GMT",
+ "Digest": "SHA-256=3q2+7w==",
+ "Signature": "keyId=\"tpp-key-001\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIF3Qm3Y1+R3u2i7tV8m1uKJqRk2s8qk7JtS0aB5k6c8nAiBcQmV7+QJvWv1Q3n3wHcQY5p5q6lG0aY2m5rY1z0y==\"",
+ "TPP-Signature-Certificate": "MIIDdzCCAl+gAwIBAgIUQ0u7y9Q3jvQqYz3bJS6X2SgJgS4wDQYJKoZIhvcNAQELBQAwTTELMAkGA1UEBhMCREUxEDAOBgNVBAgMB0JlcmxpbjESMBAGA1UEBwwJQmVybGluIENpdHkxETAPBgNVBAoMCFZhbHVlQ0EwHhcNMjYwMzI2MTAxNTMwWhcNMjcwMzI2MTAxNTMwWjBNMQswCQYDVQQGEwJERTEQMA4GA1UECAwHQmVybGluMRIwEAYDVQQHDAlCZXJsaW4gQ2l0eTERMA8GA1UECgwIVmFsdWVDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrQ9s0iC2m6F3J1iQH9Qxv7m1vG2Q4b6b2qX0m5m4Z4Zy6L7r3g8lq1O8rJbX+U3b5GZ3f2sZQ9q7VY0YCHkS7T9z0xR3Vx8w8oG6p+2n3pM8F5u9O7VJz9QO1mDg9wqjGk4H8S9bM5x2a7kzq1wq3mO1GZzYfYF6pY3b9S0Xv9UzwjQJvR5j6q2xQnZc4GQ8r3YtG8p4P9Yk1QWdJfE7qV2bGQ0h6XWwL1f0V+Z1NQ0CAwEAAaNTMFEwHQYDVR0OBBYEFAF8nDq8+6bYH4w5Kj0p0w9q8k9gMB8GA1UdIwQYMBaAFAF8nDq8+6bYH4w5Kj0p0w9q8k9gMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ0m3VwFfxpQqQ0tYVt1z8y0mEoGg8S9E5oXk3c7H2U=",
+ "User-Involved": true,
+ "TPP-Name": "FinTech GmbH",
+ "exchangeIdentification": "658576010faf0a23dc",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "2a7c5e90-1d2b-4a3f-8c1d-0e9f8d7c6b5a",
+ "Date": "Wed, 26 Mar 2026 10:17:11 GMT",
+ "Digest": "SHA-256=ZmFrZUJhc2U2NA==",
+ "Signature": "keyId=\"tpp-key-002\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEUCIQCj8o8Zy3m2d8a0Z1+3x1k6YVQv5uS2rVY5r7rUy5t7WgIgQm8I7nqQfE8k2m0X1tQk4iD3w3u8Lw9JZ3m2k7g=\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUe5m6rS5g2FQ8Qf3pY0d5aWJ3o0wwDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDE3MTFaFw0yNzAzMjYxMDE3MTFaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwq3w1b9H5Tg4Q5s8y4b+4E0kG7o6o3m9Zs7IYb3O4rZ5hZV3D4yYxOaB1mK4eJk1Y4Y0NwU6k0Wn7a1qkJ9Zr6j1yM1uM2o9kQkq7S2m8K5wV9F5uQ3pF2uD1iN6aY3bP0eK0kq8Zr3c2p8jW2r0QwIDAQABo1MwUTAdBgNVHQ4EFgQUq7R6k9Rk1bJ3J0s8xS63uJrV1R8wHwYDVR0jBBgwFoAUt9m3x7w2mD1l2mDg6s9nq0s1qXAwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAAu3gN0tq2l7D2W0mGxJr4m8QeJY7m7f0wJQ==",
+ "User-Involved": false,
+ "TPP-Name": "PaySmart Ltd",
+ "exchangeIdentification": "7a8b9c0d1e2f3a4b5c",
+ "debtorAccount.identification.iban": "DE89370400440532013000",
+ "debtorAccount.currency": "EUR",
+ "transactionDetails.totalAmount": 49.99,
+ "transactionDetails.currency": "EUR",
+ "card.cardholderName": "Max Mustermann",
+ "card.maskedPAN": "411111******1111",
+ "merchant.identification": "MRC12345",
+ "merchant.shortName": "ACME",
+ "merchant.commonName": "ACME Corp",
+ "merchant.merchantCategoryCode": "5732",
+ "merchant.type": "ECOMMERCE",
+ "merchant.address": "Friedrichstrasse 123, 10117 Berlin",
+ "merchant.countryCode": "DE",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "3b8d6f01-2e3c-4b5a-9d2e-1f0e9d8c7b6a",
+ "Date": "Wed, 26 Mar 2026 10:19:02 GMT",
+ "Digest": "SHA-256=QmFzZTY0SGFzaA==",
+ "Signature": "keyId=\"tpp-key-003\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIDv6p8S6m+9zG7m9q1s3b2o5Lq9w9a8e2t3u4v5w6x7yAiA7n5m4k3j2h1g0f9e8d7c6b5a4z3y2x1w0v9u8t7s6r==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUT1aV6t4S2w7f3lF1kX3G2Yw7zOkwDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDE5MDJaFw0yNzAzMjYxMDE5MDJaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl2q9e5n3Vq4Y0c9x7m5p2q7o1v2m5y6u3n4o5p6q7r8s9t0u1v2w3x4y5z6A7B8C9D0E1F2G3H4I5J6K7L8M9NwIDAQABo1MwUTAdBgNVHQ4EFgQUg9x1r2n3o4p5q6r7s8t9u0v1w2x3HwYDVR0jBBgwFoAUt9m3x7w2mD1l2mDg6s9nq0s1qXAwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAdC1l6bqVw9u3y4x5z6a7b8c9d0e1f2g3h4i5j6k7l8m9n0o1p",
+ "User-Involved": true,
+ "TPP-Name": "OpenPay BV",
+ "exchangeIdentification": "9c0d1e2f3a4b5c6d7e",
+ "debtorAccount.identification.iban": "NL91ABNA0417164300",
+ "debtorAccount.currency": "EUR",
+ "transactionDetails.totalAmount": 12.5,
+ "transactionDetails.currency": "EUR",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "4c9e7a12-3f4d-5c6b-0e3f-2a1f0e9d8c7b",
+ "Date": "Wed, 26 Mar 2026 10:20:45 GMT",
+ "Digest": "SHA-256=YW5vdGhlckhhc2g=",
+ "Signature": "keyId=\"tpp-key-004\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIF8gq4p2Lw7m6k9p8o7n6m5l4k3j2i1h0g9f8e7d6c5bAiA1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUQ1lW5p2r7s8t9u0v1w2x3y4z5A6B7DQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDIwNDVaFw0yNzAzMjYxMDIwNDVaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGq3pXf7c2d5e6f7g8h9i0j1k2l3m4n5o6p7q8r9s0tUVWX",
+ "User-Involved": false,
+ "TPP-Name": "CardGate SA",
+ "exchangeIdentification": "ab12cd34ef56ab78cd",
+ "card.cardholderName": "Jane Doe",
+ "card.maskedPAN": "550000******0004",
+ "merchant.identification": "MRC67890",
+ "merchant.shortName": "ShopX",
+ "merchant.commonName": "ShopX Retail",
+ "merchant.merchantCategoryCode": "5812",
+ "merchant.type": "POS",
+ "merchant.address": "1 High Street, W1A 1AA London",
+ "merchant.countryCode": "GB",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "Date": "Wed, 26 Mar 2026 10:22:01 GMT",
+ "Digest": "SHA-256=Y2hlY2tzdW1oYXNo",
+ "Signature": "keyId=\"tpp-key-005\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEYCIQDa7j6k5l4m3n2o1p0q9r8s7t6u5v4w3x2y1z0AIBoCIQCh5d7f6e5d4c3b2a1908f7e6d5c4b3a291817161514==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUWl6m7n8o9p0q1r2s3t4u5v6w7x8yDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDIyMDFaFw0yNzAzMjYxMDIyMDFaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": true,
+ "TPP-Name": "FinTech GmbH",
+ "exchangeIdentification": "cdef1234ab56cd78ef",
+ "statusCode": 400,
+ "scenario": "FIELD_MISSING\n\nMissing mandatory field in the request."
+ },
+ {
+ "X-Request-ID": "not-a-uuid",
+ "Date": "not-a-date",
+ "Digest": "SHA-256=abc123==",
+ "Signature": "keyId=\"tpp-key-006\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIC3u5Yt7oX4v5W6Y7Z8A9B0C1D2E3F4G5H6I7J8K9L8AiB7N6M5L4K3J2I1H0G9F8E7D6C5B4A3Z2Y1X0W9V8U==\"",
+ "TPP-Signature-Certificate": "MIIBINVALIDCERTDATA",
+ "User-Involved": false,
+ "TPP-Name": "PaySmart Ltd",
+ "exchangeIdentification": "11aa22bb33cc44dd55",
+ "statusCode": 400,
+ "scenario": "FIELD_INVALID\n\nFIELD value is not valid."
+ },
+ {
+ "X-Request-ID": "7e1a2b3c-4d5e-6f70-8a90-b1c2d3e4f5a6",
+ "Date": "Wed, 26 Mar 2026 10:23:45 GMT",
+ "Digest": "SHA-256=dGVzdEhhc2g=",
+ "Signature": "keyId=\"tpp-key-007\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIEZ8u3r2s1t0q9p8o7n6m5l4k3j2i1h0g9f8e7d6c5bAiA0Z1Y2X3C4V5B6N7M8L9K0J1H2G3F4E5D6C7B8A9==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUTXk2r5s4q3p2o1n0m9l8k7j6i5h4DQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDIzNDVaFw0yNzAzMjYxMDIzNDVaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": true,
+ "TPP-Name": "OpenPay BV",
+ "exchangeIdentification": "22bb33cc44dd55ee66",
+ "debtorAccount.identification.iban": "DE00INVALIDIBAN",
+ "debtorAccount.currency": "EUR",
+ "statusCode": 400,
+ "scenario": "AC02\n\n[InvalidDebtorAccountNumber] invalid account identifier in the request content."
+ },
+ {
+ "X-Request-ID": "8f2b3c4d-5e6f-7081-9a01-c2d3e4f5a6b7",
+ "Date": "Wed, 26 Mar 2026 10:24:30 GMT",
+ "Digest": "SHA-256=YWJjZGVmZ2g=",
+ "Signature": "keyId=\"tpp-key-008\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEYCIQDGcJ2k5m8n2b3v4c5x6z7a8b9c0d1e2f3g4h5i6jAIhAL2k3j4h5g6f7e8d9c0b1a2s3d4f5g6h7j8k9l0m==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUD1lq7m8n9o0p1q2r3s4t5u6v7w8xDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDI0MzBaFw0yNzAzMjYxMDI0MzBaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": false,
+ "TPP-Name": "CardGate SA",
+ "exchangeIdentification": "33cc44dd55ee66ff77",
+ "debtorAccount.identification.iban": "FR7630006000011234567890189",
+ "debtorAccount.currency": "ABC",
+ "statusCode": 400,
+ "scenario": "AC09\n\n[InvalidAccountCurrency] invalid currency of the required account."
+ },
+ {
+ "X-Request-ID": "9a3c4d5e-6f70-8192-a012-d3e4f5a6b7c8",
+ "Date": "Wed, 26 Mar 2026 10:25:59 GMT",
+ "Digest": "SHA-256=c29tZUhhc2g=",
+ "Signature": "keyId=\"tpp-key-009\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIF2b3c4d5e6f7g8h9i0j1k2l3m4n5o6p7q8r9s0t1uAiAg9h8g7f6e5d4c3b2a1908f7e6d5c4b3a2918171615==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUf2l4m5n6o7p8q9r0s1t2u3v4w5x6DQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDI1NTlaFw0yNzAzMjYxMDI1NTlaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": true,
+ "TPP-Name": "PaySmart Ltd",
+ "exchangeIdentification": "44dd55ee66ff778899",
+ "transactionDetails.totalAmount": 20,
+ "transactionDetails.currency": "ZZZ",
+ "statusCode": 400,
+ "scenario": "AM11\n\n[InvalidTransactionCurrency] the request contains a currency not trade/not supported."
+ },
+ {
+ "X-Request-ID": "0b4d5e6f-7081-92a3-b123-e4f5a6b7c8d9",
+ "Date": "Wed, 26 Mar 2026 10:27:13 GMT",
+ "Digest": "SHA-256=bXlEaWdlc3Q=",
+ "Signature": "keyId=\"tpp-key-010\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEUCIQCarf6z5y4x3w2v1u0t9s8r7q6p5o4n3m2l1k0j9iAIgT8r7q6p5o4n3m2l1k0j9i8h7g6f5e4d3c2b1a0==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUR1o2p3n4m5l6k7j8i9h0g1f2e3d4DQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDI3MTNaFw0yNzAzMjYxMDI3MTNaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": false,
+ "TPP-Name": "OpenPay BV",
+ "exchangeIdentification": "55ee66ff778899aabb",
+ "transactionDetails.totalAmount": -10.999,
+ "transactionDetails.currency": "EUR",
+ "statusCode": 400,
+ "scenario": "AM12\n\n[InvalidAmount] wrong amount. For instance, too low or high amount or wrong number format according to the number of decimal places according to the ISO 4217."
+ },
+ {
+ "X-Request-ID": "2a7c5e90-1d2b-4a3f-8c1d-0e9f8d7c6b5a",
+ "Date": "Wed, 26 Mar 2026 10:28:44 GMT",
+ "Digest": "SHA-256=cmVwZWF0SGFzaA==",
+ "Signature": "keyId=\"tpp-key-011\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEYCIQD2f5g6h7i8j9k0l1m2n3o4p5q6r7s8t9u0v1w2xAIhAL9m8n7b6v5c4x3z2y1w0v9u8t7s6r5q4p3o2n1m==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUR2p3o4n5m6l7k8j9i0h1g2f3e4d5DQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDI4NDRaFw0yNzAzMjYxMDI4NDRaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": true,
+ "TPP-Name": "CardGate SA",
+ "exchangeIdentification": "66ff778899aabbccdd",
+ "statusCode": 400,
+ "scenario": "RF01\n\n[NotUniqueTransactionReference] not unique request identifier."
+ },
+ {
+ "X-Request-ID": "1a2b3c4d-5e6f-7081-92a3-b4c5d6e7f809",
+ "Date": "Wed, 26 Mar 2026 10:29:31 GMT",
+ "Digest": "SHA-256=dGVzdDIyMg==",
+ "Signature": "keyId=\"tpp-key-012\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCICk7l8m9n0o1p2q3r4s5t6u7v8w9x0y1z2a3b4c5dAiA+e9d8c7b6a5z4y3x2w1v0u9t8s7r6q5p4o3n2m1==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUTGp5m4n3o2p1q0r9s8t7u6v5w4x3DQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDI5MzFaFw0yNzAzMjYxMDI5MzFaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": true,
+ "TPP-Name": "FinTech\u0001Ltd",
+ "exchangeIdentification": "778899aabbccddeeff",
+ "statusCode": 400,
+ "scenario": "RR10\n\n[InvalidCharacterSet] invalid character set in the request."
+ },
+ {
+ "X-Request-ID": "5d6e7f80-91a2-3b4c-5d6e-7f8091a2b3c4",
+ "Date": "Wed, 26 Mar 2026 10:31:02 GMT",
+ "Digest": "SHA-256=YXV0aEdmYWls",
+ "Signature": "keyId=\"tpp-key-013\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEUCIQD9k8l7m6n5o4p3q2r1s0t9u8v7w6x5y4z3a2b1cAIgL1k2j3h4g5f6e7d8c9b0a1s2d3f4g5h6j7k8l9m==\"",
+ "TPP-Signature-Certificate": "INVALID_OR_MISSING",
+ "User-Involved": false,
+ "TPP-Name": "PayNow Sp. z o.o.",
+ "exchangeIdentification": "8899aabbccddeeff00",
+ "statusCode": 401,
+ "scenario": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated"
+ },
+ {
+ "X-Request-ID": "6e7f8091-a2b3-4c5d-6e7f-8091a2b3c4d5",
+ "Date": "Wed, 26 Mar 2026 10:32:47 GMT",
+ "Digest": "SHA-256=Zm9yYmlkZGVu",
+ "Signature": "keyId=\"tpp-key-014\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIDp6q5w4e3r2t1y0u9i8o7p6q5r4s3t2u1v0w9x8yAiA7m6n5b4v3c2x1z0y9x8w7v6u5t4s3r2q1p0o9n8==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUY2VydEV4cGlyZWRUb2tlbg0wDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDMyNDdaFw0yNjAzMjYxMDMyNDdaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": true,
+ "TPP-Name": "LicenseCheck Ltd",
+ "exchangeIdentification": "99aabbccddeeff0011",
+ "merchant.identification": "MRC445566",
+ "merchant.shortName": "Blocked",
+ "merchant.commonName": "Blocked Merchant",
+ "merchant.merchantCategoryCode": "5999",
+ "merchant.type": "ECOMMERCE",
+ "merchant.address": "Rue de Paris 10, 75001 Paris",
+ "merchant.countryCode": "FR",
+ "statusCode": 403,
+ "scenario": "FORBIDDEN\n\nAuthentication with an invalid certificate or expired access token, a call that does not match a third-party license."
+ },
+ {
+ "X-Request-ID": "7f8091a2-b3c4-5d6e-7f80-91a2b3c4d5e6",
+ "Date": "Wed, 26 Mar 2026 10:33:58 GMT",
+ "Digest": "SHA-256=dHJhbnNhY3Rpb25Gb3JiaWRkZW4=",
+ "Signature": "keyId=\"tpp-key-015\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEUCIQDTv9y8x7w6v5u4t3s2r1q0p9o8n7m6l5k4j3h2gAIgG5f4e3d2c1b0a9z8y7x6w5v4u3t2s1r0q9p8o7n==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUY29uc2VudE1pc3NpbmcwDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDMzNThaFw0yNzAzMjYxMDMzNThaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": false,
+ "TPP-Name": "Consentless S.A.",
+ "exchangeIdentification": "aabbccddeeff001122",
+ "debtorAccount.identification.iban": "ES9121000418450200051332",
+ "debtorAccount.currency": "EUR",
+ "statusCode": 403,
+ "scenario": "AG01\n\n[TransactionForbidden] absent consent to access to balance check at the account."
+ },
+ {
+ "X-Request-ID": "8091a2b3-c4d5-6e7f-8091-a2b3c4d5e6f7",
+ "Date": "Wed, 26 Mar 2026 10:35:21 GMT",
+ "Digest": "SHA-256=c2VydmVyRXJyb3I=",
+ "Signature": "keyId=\"tpp-key-016\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCICf6d5s4a3q2w1e0r9t8y7u6i5o4p3l2k1j0h9g8fAiB3v2c1x0z9y8x7w6v5u4t3s2r1q0p9o8n7m6l5k==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUdW50aW1lRXJyb3JNaWQwDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDM1MjFaFw0yNzAzMjYxMDM1MjFaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": true,
+ "TPP-Name": "CoreBank AG",
+ "exchangeIdentification": "bbccddeeff00112233",
+ "statusCode": 500,
+ "scenario": "NARR\n\nNarrative a general reason for rejecting the payment, with an addition of error-related information."
+ },
+ {
+ "X-Request-ID": "91a2b3c4-d5e6-7f80-91a2-b3c4d5e6f708",
+ "Date": "Wed, 26 Mar 2026 10:36:49 GMT",
+ "Digest": "SHA-256=aW52YWxpZEpTT04=",
+ "Signature": "keyId=\"tpp-key-017\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIEp5o4i3u2y1t0r9q8p7o6n5m4l3k2j1h0g9f8e7dAiB2c1x0z9y8x7w6v5u4t3s2r1q0p9o8n7m6l5k4j==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUanNvbmVycm9yRmlsZTAwDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDM2NDlaFw0yNzAzMjYxMDM2NDlaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": false,
+ "TPP-Name": "API Client Ltd",
+ "exchangeIdentification": "ccddeeff0011223344",
+ "statusCode": 400,
+ "scenario": "FF01\n\n[Invalid File Format] invalid JSON forma tor other technical problem with the query processing."
+ },
+ {
+ "X-Request-ID": "a2b3c4d5-e6f7-8091-a2b3-c4d5e6f70819",
+ "Date": "Wed, 26 Mar 2026 10:38:12 GMT",
+ "Digest": "SHA-256=bmFycmF0aXZl",
+ "Signature": "keyId=\"tpp-key-018\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEUCIQDs7t6r5e4w3q2p1o0n9m8l7k6j5h4g3f2e1d0c9bAIgQ8p7o6n5m4l3k2j1h0g9f8e7d6c5b4a3z2y1x0==\"",
+ "TPP-Signature-Certificate": "MIIDazCCAlOgAwIBAgIUYXJnU2VydmVyTmFycmEwDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCREUxEzARBgNVBAoMCkZpblRlY2ggQ0ExFDASBgNVBAMMC0ZpblRlY2ggUm9vdDAeFw0yNjAzMjYxMDM4MTJaFw0yNzAzMjYxMDM4MTJaMEMxCzAJBgNVBAYTAkRFMRMwEQYDVQQKDApGaW5UZWNoIENBMRYwFAYDVQQDDA10cHAtc2lnbi1jZXJ0",
+ "User-Involved": true,
+ "TPP-Name": "Test Client LLC",
+ "exchangeIdentification": "ddeeff001122334455",
+ "merchant.identification": "MRC999000",
+ "merchant.shortName": "NewShop",
+ "merchant.commonName": "NewShop Global",
+ "merchant.merchantCategoryCode": "99999",
+ "merchant.type": "UNKNOWN_TYPE",
+ "merchant.address": "Via Roma 1, 00100 Roma",
+ "merchant.countryCode": "IT",
+ "statusCode": 400,
+ "scenario": "NARR\n\nNarrative a general reason for rejecting the payment, with an addition of error-related information."
+ }
+]
\ No newline at end of file
diff --git a/postman_collections/PostmanApitest/pds2-api/datasets/my_payments_paymentId-Payment_authorization_status.json b/postman_collections/PostmanApitest/pds2-api/datasets/my_payments_paymentId-Payment_authorization_status.json
new file mode 100644
index 00000000..d985f443
--- /dev/null
+++ b/postman_collections/PostmanApitest/pds2-api/datasets/my_payments_paymentId-Payment_authorization_status.json
@@ -0,0 +1,149 @@
+[
+ {
+ "paymentId": "pay_20260326_0001",
+ "X-Request-ID": "7f9c1a6e-3d7a-4f81-8b7a-12d3a4567890",
+ "statusCode": 200,
+ "scenario": "OK The URL for the status page was successfully generated"
+ },
+ {
+ "signId": "sig_20260326_A1",
+ "X-Request-ID": "3e1be9af-d93a-4f42-9a4c-2b064b1de8f2",
+ "statusCode": 200,
+ "scenario": "OK The URL for the status page was successfully generated"
+ },
+ {
+ "paymentId": "pay_20260326_0002",
+ "signId": "sig_20260326_B2",
+ "X-Request-ID": "5a8c7d32-9c01-4a9a-b302-bf1a2c4e7d55",
+ "Date": "Thu, 26 Mar 2026 10:15:30 GMT",
+ "Digest": "SHA-256=r4nd0mBase64HashValue1234567890==",
+ "Signature": "keyId=\"tpp-key-01\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest x-request-id\",signature=\"oS6l7F9wJxS0y2t9o0b4vQ==\"",
+ "TPP-Signature-Certificate": "MIICeDCCAhGgAwIBAgIUQ1V1G7p5l8pH6GvYwY0qZ3QFf2EwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHVFBQIENBMB4XDTI2MDMyNjA5MDAwMFoXDTI3MDMyNjA5MDAwMFowFjEUMBIGA1UEAwwLVFBQIFNpZ25lciBDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu9v7w8mWwL5H3t2pG7kZgQJkz8O1k2zB3kK8HcVb8hC9vPZk0o5zWg7xL2dY1o0P3k3cYz2mGq2dR0q7eQqX9eV8WbV2aP0u3nZ0PZbQh3k9Qw3f4lJd1m2D2G3j5h6r7t8u9v0w1x2y3z4a5b6c7d8e9f0IDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCMq3cU7Yw9b2f1e0r4s5t6u7v8w9x0y1z2a3b4c5d6e7f8g9h0i1j2k3l4m5",
+ "User-Involved": true,
+ "TPP-Name": "Acme TPP Ltd",
+ "redirectToTPPUrl": "https://tpp.client.com/auth/success?paymentId=pay_20260326_0002",
+ "statusCode": 200,
+ "scenario": "OK The URL for the status page was successfully generated"
+ },
+ {
+ "signId": "sig_20260326_B2",
+ "X-Request-ID": "b0f0e46a-2d6b-4b34-8c4d-66d9a96f1a33",
+ "Date": "Thu, 26 Mar 2026 11:22:10 GMT",
+ "Digest": "SHA-256=QWxhZGRpbjpvcGVuIHNlc2FtZQ==",
+ "Signature": "keyId=\"tpp-key-02\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest x-request-id\",signature=\"X1yZ2a3b4c5d6e7f8g9h0w==\"",
+ "TPP-Signature-Certificate": "MIIDdzCCAl+gAwIBAgIUT0PpE3P6kS3YjN8zqzq2b9xQ5L9lMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1RQUCBDQTAeFw0yNjAzMjYxMTAwMDBaFw0yNzAzMjYxMTAwMDBaMBYxFDASBgNVBAMMC1RQUCBTaWduZXIgQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1r4b0yWm8X8lYxg2Q3x3r7e8zv9pQvVwZ5XrTq1FhQqzQOq6zV8+6x2kT6J8u8bJzv3JQx1Jq3eGQb5iQ6+2J4p6O3o3f7b3n5z2n1v0oP1kN5mK0tqX5pYb8kJ2bFj3s4Y9wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBW8tq3H3m8m1Q2r7u5Wc1yY3p0ZbJcT5i2",
+ "User-Involved": false,
+ "TPP-Name": "PayBuddy EU",
+ "redirectToTPPUrl": "https://tpp.client.com/auth/success?signId=sig_20260326_B2",
+ "statusCode": 200,
+ "scenario": "OK The URL for the status page was successfully generated"
+ },
+ {
+ "paymentId": "pay_20260326_0003",
+ "X-Request-ID": "c1a2b3c4-d5e6-4f89-9ab1-c2d3e4f5a6b7",
+ "Date": "Thu, 26 Mar 2026 09:05:00 GMT",
+ "TPP-Name": "Finware Solutions",
+ "User-Involved": true,
+ "statusCode": 200,
+ "scenario": "OK The URL for the status page was successfully generated"
+ },
+ {
+ "X-Request-ID": "1623ab45-7890-4cde-8fab-0055aa33cc77",
+ "Date": "Thu, 26 Mar 2026 12:00:00 GMT",
+ "statusCode": 400,
+ "scenario": "BAD REQUEST\nRequest validation failed or required input is missing"
+ },
+ {
+ "paymentId": "pay_20260326_0004",
+ "X-Request-ID": "not-a-uuid",
+ "Date": "Thu, 26 Mar 2026 12:05:00 GMT",
+ "statusCode": 400,
+ "scenario": "BAD REQUEST\nRequest validation failed or required input is missing"
+ },
+ {
+ "paymentId": "pay_20260326_0005",
+ "X-Request-ID": "2b4d6f80-1234-4a67-9dea-1f2e3d4c5b6a",
+ "redirectToTPPUrl": "ht!tp:/bad_uri",
+ "statusCode": 400,
+ "scenario": "BAD REQUEST\nRequest validation failed or required input is missing"
+ },
+ {
+ "paymentId": "pay_20260326_0006",
+ "X-Request-ID": "8d3a1b5e-6c7d-4f2a-8b1c-d4e5f6a7b8c9",
+ "Digest": "INVALID_DIGEST_VALUE",
+ "statusCode": 400,
+ "scenario": "BAD REQUEST\nRequest validation failed or required input is missing"
+ },
+ {
+ "paymentId": "pay_20260326_0007",
+ "X-Request-ID": "e1f2a3b4-c5d6-4e7f-9a80-b1c2d3e4f5a6",
+ "Date": "Thu, 26 Mar 2026 13:10:45 GMT",
+ "Digest": "SHA-256=ZHVtbXk=",
+ "Signature": "keyId=\"tpp-key-unauth\",algorithm=\"rsa-sha256\",headers=\"date digest x-request-id\",signature=\"abcd==\"",
+ "statusCode": 401,
+ "scenario": "UNAUTHORISED\nInvalid/missing access token or certificate"
+ },
+ {
+ "paymentId": "pay_20260326_0008",
+ "X-Request-ID": "9a8b7c6d-5e4f-4d3c-8b2a-0f1e2d3c4b5a",
+ "Digest": "SHA-256=QmFzZTY0Q2VydA==",
+ "Signature": "keyId=\"tpp-key-unauth2\",algorithm=\"rsa-sha256\",headers=\"date digest x-request-id\",signature=\"EFGH==\"",
+ "TPP-Signature-Certificate": "MALFORMED_CERT",
+ "statusCode": 401,
+ "scenario": "UNAUTHORISED\nInvalid/missing access token or certificate"
+ },
+ {
+ "paymentId": "pay_20260326_0009",
+ "X-Request-ID": "a1b2c3d4-e5f6-4a78-9b0c-d1e2f3a4b5c6",
+ "TPP-Name": "Blocked TPP AG",
+ "Digest": "SHA-256=U29tZURpZ2VzdFZhbHVl",
+ "Signature": "keyId=\"tpp-key-forbidden\",algorithm=\"rsa-sha256\",headers=\"date digest x-request-id\",signature=\"ijkLMN==\"",
+ "TPP-Signature-Certificate": "MIICfzCCAXegAwIBAgIUY2Y3a2J4c2d5eGZha2VjZXJ0aWZ5MA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1RQUCBDQTAeFw0yNjAzMjYxMzAwMDBaFw0yNzAzMjYxMzAwMDBaMBYxFDASBgNVBAMMC1RQUCBTaWduZXIgQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK9Yp2W6y7c1Zz1C0qXzV8o8b2XjV6v1fY6s2m7p4r5t6y7u8v9w0x1y2z3a4b5c6d7e8f9g0IDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBTx3k2Vb7Lw8mQ1n2s3t4u5v6w7x8y9z0a1b2c3",
+ "statusCode": 403,
+ "scenario": "FORBIDDEN\nCaller is not allowed to invoke this operation"
+ },
+ {
+ "signId": "sig_20260326_C3",
+ "X-Request-ID": "d0c9b8a7-6e5d-4c3b-8a29-1f0e2d3c4b5a",
+ "TPP-Name": "Unapproved PSP",
+ "Digest": "SHA-256=VGVzdERpZ2VzdA==",
+ "Signature": "keyId=\"tpp-key-forbidden-2\",algorithm=\"rsa-sha256\",headers=\"date digest x-request-id\",signature=\"pqrsTU==\"",
+ "TPP-Signature-Certificate": "MIIDgjCCAmoCAQEwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHVFBQIENBMB4XDTI2MDMyNjE0MDAwMFoXDTI3MDMyNjE0MDAwMFowFjEUMBIGA1UEAwwLVFBQIFNpZ25lciBDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV8qk7u3Wb2cP0hJfN2w5Qh3m4p6u8y9z0A1B2C3D4E5F6G7H8I9J0K1L2M3N4O5IDAQAB",
+ "statusCode": 403,
+ "scenario": "FORBIDDEN\nCaller is not allowed to invoke this operation"
+ },
+ {
+ "paymentId": "pay_nonexistent_9999",
+ "X-Request-ID": "f1e2d3c4-b5a6-4c7d-9e80-a1b2c3d4e5f6",
+ "statusCode": 404,
+ "scenario": "ID_NOT_FOUND\nThe paymentId or signId does not exist or is invalid"
+ },
+ {
+ "signId": "sig_XX_404_NOT_FOUND",
+ "X-Request-ID": "0a1b2c3d-4e5f-4a6b-8c9d-0e1f2a3b4c5d",
+ "statusCode": 404,
+ "scenario": "ID_NOT_FOUND\nThe paymentId or signId does not exist or is invalid"
+ },
+ {
+ "paymentId": "pay_20260326_0010",
+ "X-Request-ID": "11223344-5566-4477-8899-aabbccddeeff",
+ "Date": "Thu, 26 Mar 2026 14:15:30 GMT",
+ "statusCode": 500,
+ "scenario": "INTERNAL SERVER ERROR\nUnexpected error occurred"
+ },
+ {
+ "X-Request-ID": "22334455-6677-4879-9abb-bbccddeeff00",
+ "Date": "Thu, 26 Mar 2026 15:00:00 GMT",
+ "Digest": "SHA-256=YmFkcmVxdWVzdA==",
+ "Signature": "keyId=\"tpp-key-03\",algorithm=\"rsa-sha256\",headers=\"date digest x-request-id\",signature=\"mnoPQR==\"",
+ "statusCode": 400,
+ "scenario": "BAD REQUEST\nRequest validation failed or required input is missing"
+ },
+ {
+ "paymentId": "pay_20260326_0011",
+ "X-Request-ID": "33445566-7788-4a9b-8acc-ccddeeff0011",
+ "redirectToTPPUrl": "https://tpp.client.com/auth/success?ref=ok",
+ "statusCode": 200,
+ "scenario": "OK The URL for the status page was successfully generated"
+ }
+]
\ No newline at end of file
diff --git a/postman_collections/PostmanApitest/pds2-api/datasets/my_standingorders-New_standing_order_initiation.json b/postman_collections/PostmanApitest/pds2-api/datasets/my_standingorders-New_standing_order_initiation.json
new file mode 100644
index 00000000..ad0a6968
--- /dev/null
+++ b/postman_collections/PostmanApitest/pds2-api/datasets/my_standingorders-New_standing_order_initiation.json
@@ -0,0 +1,292 @@
+[
+ {
+ "X-Request-ID": "5a9a9a7b-8c8a-4e7d-9d3a-2a6b6c9f2f31",
+ "Date": "Wed, 25 Mar 2026 10:15:30 GMT",
+ "Digest": "SHA-256=ZHVtbXlEaWdlc3Q9PQ==",
+ "Signature": "keyId=\"tpp-key-1\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIFk2mP8b+qj0jzQO8x==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIDQDCCAiigAwIBAgIUXYZ1234567890abcd-----END CERTIFICATE-----",
+ "User-Involved": true,
+ "TPP-Name": "Acme TPP s.r.o.",
+ "requestedExecutionDate": "2026-04-15",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "a2c04c6e-1a44-49a2-9c0f-9c1c9e2bd3b2",
+ "Date": "Wed, 25 Mar 2026 10:20:45 GMT",
+ "Digest": "SHA-256=QmFzZTY0RGlnaWVzdFNpZ25hdHVyZQ==",
+ "Signature": "keyId=\"tpp-key-2\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEUCIQDWkq2d0c0w==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIC8DCCAdigAwIBAgIUFEDC9876543210abcd-----END CERTIFICATE-----",
+ "User-Involved": false,
+ "TPP-Name": "FinGate Solutions a.s.",
+ "amount.instructedAmount.value": 1250.75,
+ "amount.instructedAmount.currency": "EUR",
+ "requestedExecutionDate": "2026-04-20",
+ "standingOrder.execution.mode": "MONTHLY",
+ "standingOrder.execution.modeDue": "AFTER_DUE_DATE",
+ "standingOrder.execution.interval": "MONTHLY",
+ "standingOrder.execution.intervalDue": "DAY_15",
+ "standingOrder.alias": "RentPayment",
+ "standingOrder.validity.lastExecutionDate": "2027-03-31",
+ "debtorAccount.identification.iban": "DE89370400440532013000",
+ "debtorAccount.currency": "EUR",
+ "creditorAccount.identification.iban": "NL91ABNA0417164300",
+ "creditorAccount.currency": "EUR",
+ "standingOrderIdentification.instructionIdentification": "SO-2026-0001",
+ "paymentTypeInformation.instructionPriority": "NORM",
+ "remittanceInformation.additionalRemittanceInformation": "Invoice 4567 for March",
+ "remittanceInformation.unstructured": "Rent for March 2026",
+ "remittanceInformation.structured.creditorReferenceInformation.reference": "RF18539007547034",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "7b9b6c2e-94e3-4bd3-8a51-4f0fd0d89c2f",
+ "Date": "Wed, 25 Mar 2026 10:25:10 GMT",
+ "Digest": "SHA-256=dGVzdC1kaWdlc3QtYnl0ZXM=",
+ "Signature": "keyId=\"tpp-key-3\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIFy9Xxq==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEFzCCA/ugAwIBAgIUabcd0011223344-----END CERTIFICATE-----",
+ "User-Involved": true,
+ "TPP-Name": "OpenPay EU Ltd.",
+ "amount.instructedAmount.value": 300,
+ "amount.instructedAmount.currency": "CZK",
+ "requestedExecutionDate": "2026-04-18",
+ "debtorAccount.identification.iban": "CZ6508000000192000145399",
+ "debtorAccount.currency": "CZK",
+ "creditorAccount.identification.iban": "SK6811000000002941445956",
+ "creditorAccount.currency": "EUR",
+ "paymentTypeInformation.instructionPriority": "HIGH",
+ "remittanceInformation.unstructured": "Gift for Anna",
+ "statusCode": 200,
+ "scenario": "OK"
+ },
+ {
+ "X-Request-ID": "4d2e9b1f-1a9c-4f7f-92ad-3a6d02f98f24",
+ "Date": "Wed, 25 Mar 2026 10:30:05 GMT",
+ "Digest": "SHA-256=bWlzc2luZy1zaWduYXR1cmUtZXhhbXBsZQ==",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEyzCCArOgAwIBAgIU77889900abcd-----END CERTIFICATE-----",
+ "User-Involved": true,
+ "TPP-Name": "Acme TPP s.r.o.",
+ "requestedExecutionDate": "2026-04-19",
+ "statusCode": 400,
+ "scenario": "FIELD_MISSING"
+ },
+ {
+ "X-Request-ID": "not-a-uuid",
+ "Date": "26-03-2026",
+ "Digest": "SHA-256=SW52YWxpZC1EaWdlc3Q=",
+ "Signature": "keyId=\"tpp-bad\",algorithm=\"rsa-sha256\",headers=\"date digest\",signature=\"INVALID==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----INVALID-----END CERTIFICATE-----",
+ "User-Involved": false,
+ "TPP-Name": "BadClient Inc.",
+ "requestedExecutionDate": "2026/04/01",
+ "paymentTypeInformation.instructionPriority": "URGENTLY",
+ "statusCode": 400,
+ "scenario": "FIELD_INVALID"
+ },
+ {
+ "X-Request-ID": "0f2b6a2c-6a8e-4a4d-8d2a-9b7c7c4e1f44",
+ "Date": "Wed, 25 Mar 2026 10:35:20 GMT",
+ "Digest": "SHA-256=YWNjb3VudC1lcnJvcg==",
+ "Signature": "keyId=\"tpp-key-4\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQDj==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIFazCCA1OgAwIBAgIUTEST-----END CERTIFICATE-----",
+ "User-Involved": true,
+ "TPP-Name": "SafePay s.r.o.",
+ "debtorAccount.identification.iban": "CZ00INVALIDIBAN123",
+ "debtorAccount.currency": "CZK",
+ "creditorAccount.identification.iban": "FR1420041010050500013M02606",
+ "creditorAccount.currency": "EUR",
+ "amount.instructedAmount.value": 1500,
+ "amount.instructedAmount.currency": "EUR",
+ "requestedExecutionDate": "2026-04-22",
+ "statusCode": 400,
+ "scenario": "AC02"
+ },
+ {
+ "X-Request-ID": "b8f9d765-2e3b-4f38-9c0e-678d2b3a1f5a",
+ "Date": "Wed, 25 Mar 2026 10:37:11 GMT",
+ "Digest": "SHA-256=Y2xvc2VkLWFjY291bnQ=",
+ "Signature": "keyId=\"tpp-key-5\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQDf==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEwTCCA6mgAwIBAgIUTEMP-----END CERTIFICATE-----",
+ "User-Involved": false,
+ "TPP-Name": "FinGate Solutions a.s.",
+ "debtorAccount.identification.iban": "DE89370400440532013000",
+ "debtorAccount.currency": "EUR",
+ "creditorAccount.identification.iban": "CZ6508000000192000145399",
+ "creditorAccount.currency": "CZK",
+ "amount.instructedAmount.value": 999.99,
+ "amount.instructedAmount.currency": "CZK",
+ "requestedExecutionDate": "2026-04-25",
+ "statusCode": 400,
+ "scenario": "AC03"
+ },
+ {
+ "X-Request-ID": "3ab6f1a1-71e6-4b8b-8a7c-0d5c8e27e2a9",
+ "Date": "Wed, 25 Mar 2026 10:39:45 GMT",
+ "Digest": "SHA-256=Y3VycmVuY3ktbWlzbWF0Y2g=",
+ "Signature": "keyId=\"tpp-key-6\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQDX==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIErjCCApagAwIBAgIUQWER-----END CERTIFICATE-----",
+ "User-Involved": true,
+ "TPP-Name": "OpenPay EU Ltd.",
+ "debtorAccount.identification.iban": "CZ6508000000192000145399",
+ "debtorAccount.currency": "EUR",
+ "creditorAccount.identification.iban": "NL91ABNA0417164300",
+ "creditorAccount.currency": "EUR",
+ "amount.instructedAmount.value": 250,
+ "amount.instructedAmount.currency": "EUR",
+ "requestedExecutionDate": "2026-04-28",
+ "statusCode": 400,
+ "scenario": "AC10"
+ },
+ {
+ "X-Request-ID": "fb6d6d4e-22a1-4d4c-9b0a-bd7e7fa84a77",
+ "Date": "Wed, 25 Mar 2026 10:41:02 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1jdXJyZW5jeQ==",
+ "Signature": "keyId=\"tpp-key-7\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQDZ==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIDhjCCAm6gAwIBAgIUZXNV-----END CERTIFICATE-----",
+ "User-Involved": false,
+ "TPP-Name": "Acme TPP s.r.o.",
+ "amount.instructedAmount.value": 420.5,
+ "amount.instructedAmount.currency": "XYZ",
+ "requestedExecutionDate": "2026-04-21",
+ "debtorAccount.identification.iban": "DE89370400440532013000",
+ "debtorAccount.currency": "EUR",
+ "creditorAccount.identification.iban": "FR1420041010050500013M02606",
+ "creditorAccount.currency": "EUR",
+ "statusCode": 400,
+ "scenario": "AM11"
+ },
+ {
+ "X-Request-ID": "e3b86c1f-5f3e-4c8a-83ce-9c0a9d1a2b3c",
+ "Date": "Wed, 25 Mar 2026 10:42:33 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1hbW91bnQ=",
+ "Signature": "keyId=\"tpp-key-8\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQDo==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEIDCCAwigAwIBAgIUVVBB-----END CERTIFICATE-----",
+ "User-Involved": true,
+ "TPP-Name": "SafePay s.r.o.",
+ "amount.instructedAmount.value": -10,
+ "amount.instructedAmount.currency": "EUR",
+ "requestedExecutionDate": "2026-04-22",
+ "debtorAccount.identification.iban": "NL91ABNA0417164300",
+ "debtorAccount.currency": "EUR",
+ "creditorAccount.identification.iban": "DE89370400440532013000",
+ "creditorAccount.currency": "EUR",
+ "statusCode": 400,
+ "scenario": "AM12"
+ },
+ {
+ "X-Request-ID": "91f0c9c8-61c8-4f9e-87f7-9e2b3c4d5e6f",
+ "Date": "Wed, 25 Mar 2026 10:44:18 GMT",
+ "Digest": "SHA-256=dGVjaG5pY2FsLWVycm9y",
+ "Signature": "keyId=\"tpp-key-9\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQB1==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIETDCCAjSgAwIBAgIUTTYY-----END CERTIFICATE-----",
+ "User-Involved": false,
+ "TPP-Name": "OpenPay EU Ltd.",
+ "requestedExecutionDate": "2026-04-23",
+ "statusCode": 400,
+ "scenario": "FF01"
+ },
+ {
+ "X-Request-ID": "6f5e4d3c-2b1a-4a7f-8e9d-0c1b2a3d4e5f",
+ "Date": "Wed, 25 Mar 2026 10:45:59 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1mZWUtY29kZQ==",
+ "Signature": "keyId=\"tpp-key-10\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQC7==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEuzCCA6egAwIBAgIUSSEE-----END CERTIFICATE-----",
+ "User-Involved": true,
+ "TPP-Name": "FinGate Solutions a.s.",
+ "requestedExecutionDate": "2026-04-24",
+ "statusCode": 400,
+ "scenario": "BE19"
+ },
+ {
+ "X-Request-ID": "c7e8d9f0-1a2b-3c4d-5e6f-708192a3b4c5",
+ "Date": "Wed, 25 Mar 2026 10:47:20 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1kYXRl",
+ "Signature": "keyId=\"tpp-key-11\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQD0==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEGzCCAwmgAwIBAgIURREE-----END CERTIFICATE-----",
+ "User-Involved": false,
+ "TPP-Name": "Acme TPP s.r.o.",
+ "requestedExecutionDate": "2026-02-30",
+ "amount.instructedAmount.value": 10,
+ "amount.instructedAmount.currency": "EUR",
+ "statusCode": 400,
+ "scenario": "DT01"
+ },
+ {
+ "X-Request-ID": "d1e2f3a4-b5c6-4d7e-8f90-a1b2c3d4e5f6",
+ "Date": "Wed, 25 Mar 2026 10:49:05 GMT",
+ "Digest": "SHA-256=aW52YWxpZC1jaGFyYWN0ZXJzZXQ=",
+ "Signature": "keyId=\"tpp-key-12\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQDf==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEJjCCAn6gAwIBAgIUHHJJ-----END CERTIFICATE-----",
+ "User-Involved": true,
+ "TPP-Name": "SafePay s.r.o.",
+ "amount.instructedAmount.value": 55,
+ "amount.instructedAmount.currency": "EUR",
+ "requestedExecutionDate": "2026-04-26",
+ "remittanceInformation.unstructured": "Payment 💥 with emoji",
+ "statusCode": 400,
+ "scenario": "RR10"
+ },
+ {
+ "X-Request-ID": "aa12bb34-cc56-4dd7-8899-00ee11ff2233",
+ "Date": "Wed, 25 Mar 2026 10:50:30 GMT",
+ "Digest": "SHA-256=bWlzc2luZy1jcmVkaXRvci1uYW1l",
+ "Signature": "keyId=\"tpp-key-13\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQCY==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEBTCCAe2gAwIBAgIUVVNN-----END CERTIFICATE-----",
+ "User-Involved": false,
+ "TPP-Name": "OpenPay EU Ltd.",
+ "requestedExecutionDate": "2026-04-27",
+ "statusCode": 400,
+ "scenario": "RR03"
+ },
+ {
+ "X-Request-ID": "ffeeddcc-bbaa-4999-8888-777766665555",
+ "Date": "Wed, 25 Mar 2026 10:52:11 GMT",
+ "Digest": "SHA-256=dW5hdXRob3Jpc2Vk",
+ "Signature": "keyId=\"tpp-key-14\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQCl==\"",
+ "TPP-Signature-Certificate": "INVALID_CERT",
+ "User-Involved": true,
+ "TPP-Name": "Acme TPP s.r.o.",
+ "requestedExecutionDate": "2026-04-28",
+ "statusCode": 401,
+ "scenario": "UNAUTHORISED"
+ },
+ {
+ "X-Request-ID": "11223344-5566-4777-8899-aabbccddeeff",
+ "Date": "Wed, 25 Mar 2026 10:53:40 GMT",
+ "Digest": "SHA-256=Zm9yYmlkZGVu",
+ "Signature": "keyId=\"tpp-key-15\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQCR==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEFzCCA/ugAwIBAgIUFORB-----END CERTIFICATE-----",
+ "User-Involved": false,
+ "TPP-Name": "FinGate Solutions a.s.",
+ "requestedExecutionDate": "2026-04-29",
+ "statusCode": 403,
+ "scenario": "FORBIDDEN"
+ },
+ {
+ "X-Request-ID": "12345678-90ab-4cde-bcde-1234567890ab",
+ "Date": "Wed, 25 Mar 2026 10:55:05 GMT",
+ "Digest": "SHA-256=YWNjZXNzLWRlbmllZA==",
+ "Signature": "keyId=\"tpp-key-16\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQCT==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEJTCCAn2gAwIBAgIUAAGG-----END CERTIFICATE-----",
+ "User-Involved": true,
+ "TPP-Name": "SafePay s.r.o.",
+ "requestedExecutionDate": "2026-05-01",
+ "statusCode": 403,
+ "scenario": "AG01"
+ },
+ {
+ "X-Request-ID": "0abc1def-2345-4678-9abc-def012345678",
+ "Date": "Wed, 25 Mar 2026 10:56:30 GMT",
+ "Digest": "SHA-256=Z2VuZXJpYy1lcnJvcg==",
+ "Signature": "keyId=\"tpp-key-17\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"MEQCIQCs==\"",
+ "TPP-Signature-Certificate": "-----BEGIN CERTIFICATE-----MIIEGTCCAwOgAwIBAgIUTTUU-----END CERTIFICATE-----",
+ "User-Involved": false,
+ "TPP-Name": "OpenPay EU Ltd.",
+ "requestedExecutionDate": "2026-05-02",
+ "amount.instructedAmount.value": 75.25,
+ "amount.instructedAmount.currency": "EUR",
+ "statusCode": 500,
+ "scenario": "NARR"
+ }
+]
\ No newline at end of file
diff --git a/postman_collections/PostmanApitest/pds2-api/datasets/my_standingorders_standingOrderId-Generate_status_.json b/postman_collections/PostmanApitest/pds2-api/datasets/my_standingorders_standingOrderId-Generate_status_.json
new file mode 100644
index 00000000..c31f942e
--- /dev/null
+++ b/postman_collections/PostmanApitest/pds2-api/datasets/my_standingorders_standingOrderId-Generate_status_.json
@@ -0,0 +1,143 @@
+[
+ {
+ "standingOrderId": "SO-20260326-001",
+ "signId": "SIG-739102",
+ "X-Request-ID": "3a0a5b9a-8b2d-4f90-9c7c-3a3a1e4b8f10",
+ "statusCode": 200,
+ "scenario": "OK The URL for the status page was successfully generated"
+ },
+ {
+ "X-Request-ID": "bfa4c2be-64a5-4f5e-8f24-8d9d3a5f2c31",
+ "Date": "Thu, 26 Mar 2026 10:15:30 GMT",
+ "Digest": "SHA-256=K2R1bW15ZGlnZXN0YmFzZTY0KQ==",
+ "Signature": "keyId=\"tpp-key-01\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"bG9uZ3NpZ25hdHVyZWJhc2U2NA==\"",
+ "TPP-Signature-Certificate": "MIIDdzCCAl+gAwIBAgIUXYZ12345o6p9Kf3G9xv2u7zF9v8wDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEAwwHVFBQIENBMB4XDTI2MDMyNjA5MDAwMFoXDTI3MDMyNjA5MDAwMFowEjEQMA4GA1UEAwwHVENlcnQgMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbJb4XQ2f9U8GQ0k7w0f2M5Tt7J0X2h3L0+8Lr3Wf3z2g2k3ZbW1HcF9p8oYVg5wN0pT6uXnY0f0m8t2q0q8xQw4qkQ3m5nC7o9oYkS4gD5v2p4F6P6bK3VxwqH1wGd9JjQxZrQIDAQABo1MwUTAdBgNVHQ4EFgQUoP3Yk3v9wZqv2m3Cw9cQb9iP7jQwHwYDVR0jBBgwFoAUoP3Yk3v9wZqv2m3Cw9cQb9iP7jQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQCAWqEoFQpKumN+",
+ "User-Involved": true,
+ "TPP-Name": "Acme TPP Ltd",
+ "standingOrderId": "SO-20260326-002",
+ "signId": "SIG-739103",
+ "redirectToTPPUrl": "https://tpp.client.com/auth/success?sid=SIG-739103",
+ "statusCode": 200,
+ "scenario": "OK The URL for the status page was successfully generated"
+ },
+ {
+ "X-Request-ID": "1b1c0d2e-2345-4e6f-9a0b-c1d2e3f4a5b6",
+ "Date": "Wed, 25 Mar 2026 08:22:10 GMT",
+ "standingOrderId": "SO-20260326-003",
+ "signId": "SIG-739104",
+ "User-Involved": false,
+ "redirectToTPPUrl": "https://tpp.client.com/auth/success?sid=SIG-739104&continue=true",
+ "statusCode": 200,
+ "scenario": "OK The URL for the status page was successfully generated"
+ },
+ {
+ "X-Request-ID": "6d7f8a9b-0c1d-4e2f-8a7b-9c0d1e2f3a4b",
+ "standingOrderId": "SO-20260326-004",
+ "Date": "Wed, 25 Mar 2026 12:00:00 GMT",
+ "statusCode": 400,
+ "scenario": "BAD REQUEST\nRequest validation failed or required input is missing"
+ },
+ {
+ "X-Request-ID": "12345",
+ "standingOrderId": "SO-20260326-005",
+ "signId": "SIG-739105",
+ "Digest": "SHA-256=YWJjZGVmZw==",
+ "statusCode": 400,
+ "scenario": "BAD REQUEST\nRequest validation failed or required input is missing"
+ },
+ {
+ "X-Request-ID": "90ab12cd-34ef-45ab-89cd-ef0123456789",
+ "standingOrderId": "SO-20260326-006",
+ "signId": "SIG-739106",
+ "redirectToTPPUrl": "htp:/bad_url",
+ "statusCode": 400,
+ "scenario": "BAD REQUEST\nRequest validation failed or required input is missing"
+ },
+ {
+ "X-Request-ID": "b1c2d3e4-f5a6-47b8-9c0d-1e2f3a4b5c6d",
+ "standingOrderId": "SO-20260326-007",
+ "signId": "SIG-739107",
+ "Signature": "keyId=\"tpp-key-02\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"c2lnbmF0dXJl\"",
+ "TPP-Signature-Certificate": "INVALID_CERT_DATA",
+ "statusCode": 401,
+ "scenario": "UNAUTHORISED\nInvalid/missing access token or certificate"
+ },
+ {
+ "X-Request-ID": "0e1f2a3b-4c5d-46e7-8f90-a1b2c3d4e5f6",
+ "standingOrderId": "SO-20260326-008",
+ "signId": "SIG-739108",
+ "Signature": "keyId=\"tpp-key-02\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"YWJjZHNpZ24=\"",
+ "Digest": "SHA-256=ZGlnaXN0aGFzaA==",
+ "statusCode": 401,
+ "scenario": "UNAUTHORISED\nInvalid/missing access token or certificate"
+ },
+ {
+ "X-Request-ID": "7e5c3a1b-2d4f-48a9-b0c1-d2e3f4a5b6c7",
+ "standingOrderId": "SO-20260326-009",
+ "signId": "SIG-739109",
+ "TPP-Name": "Unprivileged Integrator",
+ "statusCode": 403,
+ "scenario": "FORBIDDEN\nCaller is not allowed to invoke this operation"
+ },
+ {
+ "X-Request-ID": "4a3b2c1d-5e6f-47a8-9b0c-1d2e3f4a5b6c",
+ "standingOrderId": "SO-20260326-010",
+ "signId": "SIG-739110",
+ "TPP-Name": "Blocked TPP Ltd",
+ "User-Involved": true,
+ "statusCode": 403,
+ "scenario": "FORBIDDEN\nCaller is not allowed to invoke this operation"
+ },
+ {
+ "X-Request-ID": "c1d2e3f4-a5b6-47c8-9d0e-1f2a3b4c5d6e",
+ "standingOrderId": "SO-UNKNOWN-9999",
+ "signId": "SIG-739111",
+ "statusCode": 404,
+ "scenario": "ID_NOT_FOUND\nThe standingOrderId or signId does not exist or is invalid"
+ },
+ {
+ "X-Request-ID": "d2e3f4a5-b6c7-48d9-0e1f-2a3b4c5d6e7f",
+ "standingOrderId": "SO-20260326-012",
+ "signId": "SIG-00000000-XXXX",
+ "statusCode": 404,
+ "scenario": "ID_NOT_FOUND\nThe standingOrderId or signId does not exist or is invalid"
+ },
+ {
+ "X-Request-ID": "e3f4a5b6-c7d8-49e0-1f2a-3b4c5d6e7f80",
+ "standingOrderId": "SO-20260326-013",
+ "signId": "SIG-739113",
+ "Date": "Thu, 26 Mar 2026 14:45:00 GMT",
+ "statusCode": 500,
+ "scenario": "INTERNAL SERVER ERROR\nUnexpected error occurred"
+ },
+ {
+ "X-Request-ID": "f4a5b6c7-d8e9-401f-2a3b-4c5d6e7f8091",
+ "Date": "Thu, 26 Mar 2026 15:00:00 GMT",
+ "Digest": "SHA-256=YW5vdGhlcmhleGR1bW1kaWdlc3Q=",
+ "Signature": "keyId=\"tpp-key-03\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"YWJjMTIzc2lnbg==\"",
+ "TPP-Signature-Certificate": "MIICpDCCAYwCCQC7b0xWz0l3sjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdUUFAgQ0EwHhcNMjYwMzI2MTUwMDAwWhcNMjcwMzI2MTUwMDAwWjASMRAwDgYDVQQDDAdUUCBTYW5kMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEwN1VZ9z1wXf3mG1q2mYv8n7sOq3mT7oFJv7sQqz5R0v2yq4m2wD1Zb8Jm2uX2qvM4r9hJv8u9Wk8h1n2p2k3ZElxJxwqI2r9E4m1eU3x4Q2m9b3k1h0Yh2o0jAjAiBgNVHREEGzAZggZ0cHAuY29tgg93d3cudHBwLmNvbTAKBggqhkjOPQQDAgNoADBlAjEAmqH6W6o8tJk2x2lZKQ0cJxB2e8g6+o7i4K9w3k3T1gq8G8z6sGQ2j0M2b5QK2V7Y0lAjB2a0mS4q4Qn1GvH0Gx9m6rH3k2i4n5d6x8f9j0k1l2m3n4o5p6q7r8s9t",
+ "User-Involved": false,
+ "TPP-Name": "Acme TPP Sandbox",
+ "standingOrderId": "SO-20260326-014",
+ "signId": "SIG-739114",
+ "redirectToTPPUrl": "https://tpp.client.com/auth/success?sid=SIG-739114",
+ "statusCode": 500,
+ "scenario": "INTERNAL SERVER ERROR\nUnexpected error occurred"
+ },
+ {
+ "X-Request-ID": "05b6c7d8-e9f0-412a-3b4c-5d6e7f8091a2",
+ "standingOrderId": "SO-20260326-015",
+ "signId": "SIG-739115",
+ "Digest": "MD5=dGVzdGhhc2g=",
+ "statusCode": 400,
+ "scenario": "BAD REQUEST\nRequest validation failed or required input is missing"
+ },
+ {
+ "X-Request-ID": "16c7d8e9-f001-423a-b4c5-d6e7f8091a2b3",
+ "standingOrderId": "SO-20260326-016",
+ "signId": "SIG-739116",
+ "Signature": "keyId=\"tpp-key-04\",algorithm=\"hmac-sha1\",headers=\"(request-target) date digest\",signature=\"ZmFrZWQ=\"",
+ "statusCode": 400,
+ "scenario": "BAD REQUEST\nRequest validation failed or required input is missing"
+ }
+]
\ No newline at end of file
diff --git a/postman_collections/PostmanApitest/pds2-api/roost_postman_pds2-api_1774509019.json b/postman_collections/PostmanApitest/pds2-api/roost_postman_pds2-api_1774509019.json
new file mode 100644
index 00000000..ad240e7f
--- /dev/null
+++ b/postman_collections/PostmanApitest/pds2-api/roost_postman_pds2-api_1774509019.json
@@ -0,0 +1,10451 @@
+{
+ "item": [
+ {
+ "name": "my",
+ "item": [
+ {
+ "name": "accounts",
+ "item": [
+ {
+ "name": "my/accounts - List of client payment accounts",
+ "request": {
+ "name": "List of client payment accounts",
+ "description": {
+ "content": "Paged list of client accounts. Each account contains a unique id usable for URI referencing, e.g. for the account detail.\n\n**Headers for the digest intended for signature (in this order):**\n * X-Request-ID\n * Date",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "accounts"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "disabled": false,
+ "key": "size",
+ "value": "{{size}}",
+ "description": "Paging. Number of entries per page. Default is 25. Maximum is 100. Returns error if size is over 100."
+ },
+ {
+ "disabled": false,
+ "key": "page",
+ "value": "{{page}}",
+ "description": "Paging. Required page. + Default: 0"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ }
+ },
+ "response": [
+ {
+ "name": "OK",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"pageNumber\": 0,\n \"pageCount\": 1,\n \"pageSize\": 100,\n \"totalCount\": 120,\n \"accounts\": [\n {\n \"id\": \"f0aa18c9f900015\",\n \"identification\": {\n \"iban\": \"CZ6508000000192000145399\",\n \"other\": \"19-2000145399\"\n },\n \"currency\": \"CZK\",\n \"servicer\": {\n \"bankCode\": \"0800\",\n \"countryCode\": \"CZ\",\n \"bic\": \"GIBACZPX\"\n },\n \"nameI18N\": \"Můj hlavní účet\",\n \"productI18N\": \"OP_CURRENT_ACCOUNT_BASIC\",\n \"ownersNames\": [\n \"Jan Novák\",\n \"Monika Nováková\"\n ]\n },\n {\n \"id\": \"f0aa18c9f900015\",\n \"identification\": {\n \"iban\": \"CZ6508000000192000145399\",\n \"other\": \"19-2000145399\"\n },\n \"currency\": \"CZK\",\n \"servicer\": {\n \"bankCode\": \"0800\",\n \"countryCode\": \"CZ\",\n \"bic\": \"GIBACZPX\"\n },\n \"nameI18N\": \"Můj hlavní účet\",\n \"productI18N\": \"OP_CURRENT_ACCOUNT_BASIC\",\n \"ownersNames\": [\n \"Jan Novák\",\n \"Monika Nováková\"\n ]\n }\n ],\n \"nextPage\": 1\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "PARAMETER_INVALID\n\nThe value of the parameter is not valid",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\n\nAuthentication with an invalid certificate or expired access token, a call that does not match a third-party license.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "PAGE_NOT_FOUND\n\nRequest for a non-existing page",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/accounts/{accountId} - Account Balance",
+ "request": {
+ "name": "Account Balance",
+ "description": {
+ "content": "The balance of the specific client account according to the reference id account.\n\n**Headers for the digest intended for signature (in this order):**\n * GET /my/accounts/{accountId}/balance{?currency} (Marked as 'uri' in the 'headers' object in the 'Signature' header)\n * X-Request-ID\n * Date",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "balance"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "disabled": false,
+ "key": "currency",
+ "value": "{{currency}}",
+ "description": "Required account currency in ISO 4217 format for multi-currency accounts."
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ }
+ },
+ "response": [
+ {
+ "name": "OK",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "balance"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "currency",
+ "value": "{{currency}}"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"balances\": {\n \"type\": {\n \"codeOrProprietary\": {\n \"code\": \"CLAV\"\n }\n },\n \"amount\": {\n \"value\": \"string\"\n },\n \"creditDebitIndicator\": \"CRDT\",\n \"date\": \"2017-01-31\"\n }\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "PARAMETER_INVALID\n\nThe value of the parameter is not valid AC09 (InvalidAccountCurrency)",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "balance"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "currency",
+ "value": "{{currency}}"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "balance"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "currency",
+ "value": "{{currency}}"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\n\nAuthentication with an invalid certificate or expired access token, a call that does not match a third-party license.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "balance"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "currency",
+ "value": "{{currency}}"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "PAGE_NOT_FOUND\n\nRequest for a non-existing page\n\nor\n\nID_NOT_FOUND\n\nInvalid or unknown account ID",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "balance"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "currency",
+ "value": "{{currency}}"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/accounts/{accountId} - Overview of transactions",
+ "request": {
+ "name": "Overview of transactions",
+ "description": {
+ "content": "Paged list of transactions of a selected client account\n\n**Headers for the digest intended for signature (in this order):**\n * GET /my/accounts/{id}/transactions{?fromDate,toDate,currency,size,page,order} (Marked as 'uri' in the 'headers' object in the 'Signature' header)\n * X-Request-ID\n * Date",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "transactions"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "disabled": false,
+ "key": "currency",
+ "value": "{{currency}}",
+ "description": "Required account currency in ISO 4217 format for multi-currency accounts."
+ },
+ {
+ "disabled": false,
+ "key": "fromDate",
+ "value": "{{fromDate}}",
+ "description": "Filtering by time. Return records starting from a specific date in ISO 8601 Date format."
+ },
+ {
+ "disabled": false,
+ "key": "toDate",
+ "value": "{{toDate}}",
+ "description": "Filtering by time. Return records ending with a specific date in ISO 8601 Date format."
+ },
+ {
+ "disabled": false,
+ "key": "size",
+ "value": "{{size}}",
+ "description": "Paging. Number of entries per page. Default is 25. Maximum is 100. Returns error if size is over 100."
+ },
+ {
+ "disabled": false,
+ "key": "page",
+ "value": "{{page}}",
+ "description": "Paging. Required page. + Default: 0"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ }
+ },
+ "response": [
+ {
+ "name": "OK",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "transactions"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "currency",
+ "value": "{{currency}}"
+ },
+ {
+ "key": "fromDate",
+ "value": "{{fromDate}}"
+ },
+ {
+ "key": "toDate",
+ "value": "{{toDate}}"
+ },
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"pageNumber\": 0,\n \"pageCount\": 1,\n \"pageSize\": 100,\n \"totalCount\": 120,\n \"transactions\": [\n {\n \"amount\": {\n \"value\": \"string\"\n },\n \"creditDebitIndicator\": \"DBIT\",\n \"status\": \"BOOK\",\n \"bookingDate\": {\n \"date\": \"2017-01-31T00:00:00.000+01\"\n },\n \"valueDate\": {\n \"date\": \"2017-01-31T00:00:00.000+01\"\n },\n \"bankTransactionCode\": {\n \"proprietary\": {\n \"code\": \"40000101000\",\n \"issuer\": \"CBA\"\n }\n },\n \"entryDetails\": {\n \"transactionDetails\": {\n \"relatedParties\": {\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": {\n \"value\": \"string\"\n },\n \"other\": {\n \"value\": \"string\"\n }\n },\n \"currency\": {\n \"value\": \"string\"\n },\n \"name\": \"Jan Novák\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": {\n \"value\": \"string\"\n },\n \"other\": {\n \"value\": \"string\"\n }\n },\n \"currency\": {\n \"value\": \"string\"\n },\n \"name\": \"Jan Novák\"\n },\n \"debtor\": {\n \"name\": \"Novák Jan\"\n },\n \"creditor\": {\n \"name\": \"Novák Jan\"\n },\n \"proprietary\": {\n \"type\": \"string\",\n \"party\": {\n \"name\": \"Česká spořitelna, a.s. - ATM, CENTROTEX, a. s, nám. Hrdinů 1634/3, 140 00 Praha 4-Nusle\"\n }\n }\n },\n \"relatedAgents\": {\n \"debtorAgent\": {\n \"financialInstitutionIdentification\": {\n \"bic\": {\n \"value\": \"string\"\n },\n \"name\": {\n \"value\": \"string\"\n },\n \"other\": {\n \"value\": \"string\"\n }\n }\n },\n \"creditorAgent\": {\n \"financialInstitutionIdentification\": {\n \"bic\": {\n \"value\": \"string\"\n },\n \"name\": {\n \"value\": \"string\"\n },\n \"other\": {\n \"value\": \"string\"\n }\n }\n }\n },\n \"references\": {\n \"paymentId\": \"898165198413\",\n \"paymentInformationIdentification\": \"xxxxxxxxxxxx1248\",\n \"instructionIdentification\": \"54321\",\n \"endToEndIdentification\": \"0250117002\",\n \"chequeNumber\": \"xxxxxxxxxxxx1248\"\n },\n \"amountDetails\": {\n \"instructedAmount\": {\n \"amount\": {\n \"value\": {\n \"value\": \"string\"\n },\n \"currency\": {\n \"value\": \"string\"\n }\n }\n },\n \"counterValueAmount\": {\n \"amount\": {\n \"value\": {\n \"value\": \"string\"\n }\n },\n \"currencyExchange\": {\n \"sourceCurrency\": {\n \"value\": \"string\"\n },\n \"exchangeRate\": 10.525,\n \"targetCurrency\": {\n \"value\": \"string\"\n }\n }\n }\n },\n \"remittanceInformation\": {\n \"unstructured\": \"/VS/123456/KS/456789/SS/879213546\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": {\n \"value\": \"string\"\n }\n }\n }\n },\n \"additionalRemittanceInformation\": \"Platba za plyn - Bohemia Energy\"\n }\n },\n \"entryReference\": \"RB-4567813\"\n },\n {\n \"amount\": {\n \"value\": \"string\"\n },\n \"creditDebitIndicator\": \"DBIT\",\n \"status\": \"BOOK\",\n \"bookingDate\": {\n \"date\": \"2017-01-31T00:00:00.000+01\"\n },\n \"valueDate\": {\n \"date\": \"2017-01-31T00:00:00.000+01\"\n },\n \"bankTransactionCode\": {\n \"proprietary\": {\n \"code\": \"40000101000\",\n \"issuer\": \"CBA\"\n }\n },\n \"entryDetails\": {\n \"transactionDetails\": {\n \"relatedParties\": {\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": {\n \"value\": \"string\"\n },\n \"other\": {\n \"value\": \"string\"\n }\n },\n \"currency\": {\n \"value\": \"string\"\n },\n \"name\": \"Jan Novák\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": {\n \"value\": \"string\"\n },\n \"other\": {\n \"value\": \"string\"\n }\n },\n \"currency\": {\n \"value\": \"string\"\n },\n \"name\": \"Jan Novák\"\n },\n \"debtor\": {\n \"name\": \"Novák Jan\"\n },\n \"creditor\": {\n \"name\": \"Novák Jan\"\n },\n \"proprietary\": {\n \"type\": \"string\",\n \"party\": {\n \"name\": \"Česká spořitelna, a.s. - ATM, CENTROTEX, a. s, nám. Hrdinů 1634/3, 140 00 Praha 4-Nusle\"\n }\n }\n },\n \"relatedAgents\": {\n \"debtorAgent\": {\n \"financialInstitutionIdentification\": {\n \"bic\": {\n \"value\": \"string\"\n },\n \"name\": {\n \"value\": \"string\"\n },\n \"other\": {\n \"value\": \"string\"\n }\n }\n },\n \"creditorAgent\": {\n \"financialInstitutionIdentification\": {\n \"bic\": {\n \"value\": \"string\"\n },\n \"name\": {\n \"value\": \"string\"\n },\n \"other\": {\n \"value\": \"string\"\n }\n }\n }\n },\n \"references\": {\n \"paymentId\": \"898165198413\",\n \"paymentInformationIdentification\": \"xxxxxxxxxxxx1248\",\n \"instructionIdentification\": \"54321\",\n \"endToEndIdentification\": \"0250117002\",\n \"chequeNumber\": \"xxxxxxxxxxxx1248\"\n },\n \"amountDetails\": {\n \"instructedAmount\": {\n \"amount\": {\n \"value\": {\n \"value\": \"string\"\n },\n \"currency\": {\n \"value\": \"string\"\n }\n }\n },\n \"counterValueAmount\": {\n \"amount\": {\n \"value\": {\n \"value\": \"string\"\n }\n },\n \"currencyExchange\": {\n \"sourceCurrency\": {\n \"value\": \"string\"\n },\n \"exchangeRate\": 10.525,\n \"targetCurrency\": {\n \"value\": \"string\"\n }\n }\n }\n },\n \"remittanceInformation\": {\n \"unstructured\": \"/VS/123456/KS/456789/SS/879213546\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": {\n \"value\": \"string\"\n }\n }\n }\n },\n \"additionalRemittanceInformation\": \"Platba za plyn - Bohemia Energy\"\n }\n },\n \"entryReference\": \"RB-4567813\"\n }\n ],\n \"nextPage\": 1\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "PARAMETER_INVALID\n\nThe value of the parameter is not valid\n\nAC09 (InvalidAccountCurrency): currency not supported according to the table of exchanges\n\nDT01 (InvalidDate): Invalid format, Date in future, Date too old, ...",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "transactions"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "currency",
+ "value": "{{currency}}"
+ },
+ {
+ "key": "fromDate",
+ "value": "{{fromDate}}"
+ },
+ {
+ "key": "toDate",
+ "value": "{{toDate}}"
+ },
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "transactions"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "currency",
+ "value": "{{currency}}"
+ },
+ {
+ "key": "fromDate",
+ "value": "{{fromDate}}"
+ },
+ {
+ "key": "toDate",
+ "value": "{{toDate}}"
+ },
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\n\nAuthentication with an invalid certificate or expired access token, a call that does not match a third-party license.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "transactions"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "currency",
+ "value": "{{currency}}"
+ },
+ {
+ "key": "fromDate",
+ "value": "{{fromDate}}"
+ },
+ {
+ "key": "toDate",
+ "value": "{{toDate}}"
+ },
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "PAGE_NOT_FOUND\n\nRequest for a non-existing page\n\nor\n\nID_NOT_FOUND\n\nInvalid or unknown account ID",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ ":accountId",
+ "transactions"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "currency",
+ "value": "{{currency}}"
+ },
+ {
+ "key": "fromDate",
+ "value": "{{fromDate}}"
+ },
+ {
+ "key": "toDate",
+ "value": "{{toDate}}"
+ },
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{accountId}}",
+ "key": "accountId",
+ "description": "(Required) ID of the User Account"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/accounts - Query for Balance Check",
+ "request": {
+ "name": "Query for Balance Check",
+ "description": {
+ "content": "This is a resource for sending a query for Balance Check in a specific payment account of the account payer. The resource is not authorized directly by the account holder, through the authorization resource. Access to information must be granted by the client outside the interaction of this API before the resource is used.\n\n**Headers for the digest intended for signature (in this order):**\n * X-Request-ID\n * Date",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ },
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"exchangeIdentification\": \"{{exchangeIdentification_*string}}\",\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"transactionDetails\": {\n \"totalAmount\": \"{{transactionDetails.totalAmount_*number}}\",\n \"currency\": \"{{transactionDetails.currency_*string}}\"\n },\n \"card\": {\n \"cardholderName\": \"{{card.cardholderName_*string}}\",\n \"maskedPAN\": \"{{card.maskedPAN_*string}}\"\n },\n \"merchant\": {\n \"identification\": \"{{merchant.identification_*string}}\",\n \"shortName\": \"{{merchant.shortName_*string}}\",\n \"commonName\": \"{{merchant.commonName_*string}}\",\n \"merchantCategoryCode\": \"{{merchant.merchantCategoryCode_*string}}\",\n \"type\": \"{{merchant.type_*string}}\",\n \"address\": \"{{merchant.address_*string}}\",\n \"countryCode\": \"{{merchant.countryCode_*string}}\"\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "response": [
+ {
+ "name": "OK",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {}
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"responseIdentification\": 98765,\n \"exchangeIdentification\": \"658576010faf0a23dc\",\n \"response\": \"APPR\"\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FIELD_MISSING\n\nMissing mandatory field in the request.\n\nor\n\nFIELD_INVALID\n\nFIELD value is not valid.\n\nor\n\nAC02\n\n[InvalidDebtorAccountNumber] invalid account identifier in the request content.\n\nor\n\nAC09\n\n[InvalidAccountCurrency] invalid currency of the required account.\n\nor\n\nAC12\n\n[InvalidAccountType] - account type does not match allowed account types (e.g., a non-paying account).\n\nor\n\nAG01\n\n[TransactionForbidden] absent consent to access to balance check at the account.\n\nor\n\nAM11\n\n[InvalidTransactionCurrency] the request contains a currency not trade/not supported.\n\nor\n\nAM12\n\n[InvalidAmount] wrong amount. For instance, too low or high amount or wrong number format according to the number of decimal places according to the ISO 4217.\n\nor\n\nFF01\n\n[Invalid File Format] invalid JSON forma tor other technical problem with the query processing.\n\nor\n\nRF01\n\n[NotUniqueTransactionReference] not unique request identifier.\n\nor\n\nRR10\n\n[InvalidCharacterSet] invalid character set in the request.\n\nor\n\nNARR\n\nNarrative a general reason for rejecting the payment, with an addition of error-related information.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {}
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {}
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\n\nAuthentication with an invalid certificate or expired access token, a call that does not match a third-party license.\n\nor\n\nAG01\n\n[TransactionForbidden] absent consent to access to balance check at the account.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {}
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "NARR\n\nNarrative a general reason for rejecting the payment, with an addition of error-related information.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "accounts",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {}
+ },
+ "status": "Internal Server Error",
+ "code": 500,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "// ********RoostGPT********\n/*\nTest generated by RoostGPT for test PostmanApitest using AI Type Open AI and AI Model gpt-5\n\n\nTest generated for my/accounts/balanceCheck for http method type post in postman framework\n\n*/\n\n// ********RoostGPT********\n\n\nconst ld = require('lodash');\nlet responseData;\nconst contentType = pm.response.headers.get('Content-Type');\nif (contentType === \"application/xml\") {\n var parseString = require('xml2js').parseString;\n parseString(pm.response.body, function(err, result) {\n if (err) {\n console.error('Error parsing XML:', err);\n } else {\n responseData = result;\n }\n });\n} else {\n responseData = pm.response.json();\n}\n// Status code check with early exit\nconst expectedStatusCode = parseInt(pm.variables.get(\"statusCode\"));\nlet statusMatches = true;\nif (pm.variables.get(\"statusCode\")) {\n statusMatches = (pm.response.code === expectedStatusCode);\n pm.test(\"Status code matches expected value\", function() {\n pm.expect(pm.response.code).to.equal(expectedStatusCode);\n });\n}\n\nif (pm.response.code == 200 && statusMatches) {\n pm.test(\"OK\", function() {\n pm.expect(pm.response.status).to.be.eql(\"OK\");\n try {\n if (responseData !== null && responseData !== undefined) {\n {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: responseIdentification\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'responseIdentification')) {\n pm.test(`'responseData field has responseIdentification that is of type number'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`responseIdentification`)) {\n const value = responseData?.responseIdentification;\n\n pm.expect(typeof value).to.equal(\"number\");\n\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: exchangeIdentification\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'exchangeIdentification')) {\n pm.test(`'responseData field has exchangeIdentification that is of type string'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`exchangeIdentification`)) {\n const value = responseData?.exchangeIdentification;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: response\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'response')) {\n pm.test(`'responseData field has response that is of type string'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`response`)) {\n const value = responseData?.response;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n }\n })\n\n }\n }\n pm.test(`responseData to be one of enum [\"APPR\", \"DECL\"]`, function() {\n const value = ld.get(responseData, `responseData`, null);\n if (value !== null && value !== undefined) {\n pm.expect([\"APPR\", \"DECL\"]).to.include(value);\n }\n })\n\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 400 && statusMatches) {\n pm.test(\"FIELD_MISSING\n\n Missing mandatory field in the request.\n\n or\n\n FIELD_INVALID\n\n FIELD value is not valid.\n\n or\n\n AC02\n\n [InvalidDebtorAccountNumber] invalid account identifier in the request content.\n\n or\n\n AC09\n\n [InvalidAccountCurrency] invalid currency of the required account.\n\n or\n\n AC12\n\n [InvalidAccountType] - account type does not match allowed account types(e.g., a non - paying account).\n\n or\n\n AG01\n\n [TransactionForbidden] absent consent to access to balance check at the account.\n\n or\n\n AM11\n\n [InvalidTransactionCurrency] the request contains a currency not trade / not supported.\n\n or\n\n AM12\n\n [InvalidAmount] wrong amount.For instance, too low or high amount or wrong number format according to the number of decimal places according to the ISO 4217.\n\n or\n\n FF01\n\n [Invalid File Format] invalid JSON forma tor other technical problem with the query processing.\n\n or\n\n RF01\n\n [NotUniqueTransactionReference] not unique request identifier.\n\n or\n\n RR10\n\n [InvalidCharacterSet] invalid character set in the request.\n\n or\n\n NARR\n\n Narrative a general reason\n for rejecting the payment, with an addition of error - related information.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Bad Request\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 401 && statusMatches) {\n pm.test(\"UNAUTHORISED\n\n Invalid / missing access token = user is not authenticated\n\n or\n\n Invalid / missing certificate = provider is not authenticated \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Unauthorized\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 403 && statusMatches) {\n pm.test(\"FORBIDDEN\n\n Authentication with an invalid certificate or expired access token, a call that does not match a third - party license.\n\n or\n\n AG01\n\n [TransactionForbidden] absent consent to access to balance check at the account.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Forbidden\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 500 && statusMatches) {\n pm.test(\"NARR\n\n Narrative a general reason\n for rejecting the payment, with an addition of error - related information.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Internal Server Error\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}"
+ ],
+ "type": "text/javascript"
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ }
+ ],
+ "event": []
+ },
+ {
+ "name": "payments",
+ "item": [
+ {
+ "name": "my/payments - New Payment initiation",
+ "request": {
+ "name": "New Payment initiation",
+ "description": {
+ "content": "Resource for entering a new payment.\n\n**Headers for the digest intended for signature (in this order):**\n * X-Request-ID\n * Date",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "payments"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ },
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"paymentIdentification\": {\n \"instructionIdentification\": \"{{paymentIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "response": [
+ {
+ "name": "OK",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"paymentIdentification\": {\n \"instructionIdentification\": \"{{paymentIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"paymentIdentification\": {\n \"transactionIdentification\": \"033225570000078020091\",\n \"instructionIdentification\": \"NejakeID41785962314574\"\n },\n \"paymentTypeInformation\": {\n \"serviceLevel\": {\n \"code\": \"DMCT\"\n },\n \"instructionPriority\": \"NORM\"\n },\n \"signInfo\": {\n \"state\": \"WAITING_FOR_SIGN\",\n \"signId\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\"\n },\n \"instructionStatus\": \"ACTC\",\n \"statusChangeInfo\": \"DT01\"\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FIELD_MISSING\n\nMissing mandatory field in the request.\n\nFIELD_INVALID\n\nFIELD value is not valid.\n\nAC02\n\n[InvalidDebtorAccountNumber] invalid account identifier in the request content.\n\nAC03\n\n[InvalidCreditorAccountNumber] - recipient account number is closed, blocked, credit card are disabled for the account type, or the recipient's account number is in invalid format (note: only valid for in-house payments).\n\nAC10\n\n[InvalidDebtorAccountCurrency] the specified payer account currency does not correspond to the client's account currency for the account number held in the bank (the account currency is optional, in the case of multicurrency accounts, the account currency must be specified - Raiffeisenbank).\n\nAC12\n\n[InvalidAccountType] - account type does not match allowed account types (e.g., a non-paying account).\n\nAM05\n\n[Duplication] - this is a duplicate. Universal code for a duplicate CISP query (validated by, for example, CSOB) or a duplicate payment via GIS (non-unique payment reference).\n\nAM11\n\n[InvalidTransactionCurrency] the request contains a currency not trade/not supported.\n\nAM12\n\n[InvalidAmount] wrong amount. For instance, too low or high amount or wrong number format according to the number of decimal places according to the ISO 4217.\n\nFF01\n\n[Invalid File Format] invalid JSON format or other technical problem with the query processing.\n\nBE19\n\n[InvalidChargeBearerCode] - invalid fee type for the given transaction type.\n\nDT01\n\n[InvalidDate] - non-existent date value or format. Maturity in the future or in the past. Transactions on a non-business day of a bank (unless the bank receives such orders).\n\nRC07\n\n[InvalidCreditorBICIdentifier] invalid recipient SWIFT / BIC code.\n\nRC10\n\n[InvalidCreditorClearingSystemMemberIdentifier] - invalid recipient bank code identification.\n\nRR03\n\n[MissingCreditorNameOrAddress] - the field is missing the required data about the recipient's name or address (or its part). If the data is in bad format, the error code FIELD_INVALID is used.\n\nRR10\n\n[InvalidCharacterSet] invalid character set in the request.\n\nNO_PART\n\nUnattainable Payment Method - The payer or payee bank does not provide the requested priority of the instruction (Instant Payment). In this case, the bank can extend the error response by the \"parameters\" element and define a set of possible payment priorities. TPP resp. the PSU may be able to choose another type of priority.\n\n\n\n\"parameters\": {\n\n\n\n\n\n \"ALLOWED_PRIORITY_TYPES\" : [\"NORM\", \"INST\"]\n}\n\n\n\nREC_SEND\n\n[RECEIVER_SAME_AS_SENDER] Payer's account is the same as the payee's account (Applies to all types of payments)\n\nNARR\n\nNarrative a general reason for rejecting the payment, with an addition of error-related information.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"paymentIdentification\": {\n \"instructionIdentification\": \"{{paymentIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"paymentIdentification\": {\n \"instructionIdentification\": \"{{paymentIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\n\nAuthentication with an invalid certificate or expired access token, a call that does not match a third-party license.\n\nor\n\nAG01\n\n[TransactionForbidden] absent consent to access to balance check at the account.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"paymentIdentification\": {\n \"instructionIdentification\": \"{{paymentIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "NARR\n\nNarrative a general reason for rejecting the payment, with an addition of error-related information.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"paymentIdentification\": {\n \"instructionIdentification\": \"{{paymentIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Internal Server Error",
+ "code": 500,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "// ********RoostGPT********\n/*\nTest generated by RoostGPT for test PostmanApitest using AI Type Open AI and AI Model gpt-5\n\n\nTest generated for my/payments for http method type post in postman framework\n\n*/\n\n// ********RoostGPT********\n\n\nconst ld = require('lodash');\nlet responseData;\nconst contentType = pm.response.headers.get('Content-Type');\nif (contentType === \"application/xml\") {\n var parseString = require('xml2js').parseString;\n parseString(pm.response.body, function(err, result) {\n if (err) {\n console.error('Error parsing XML:', err);\n } else {\n responseData = result;\n }\n });\n} else {\n responseData = pm.response.json();\n}\n// Status code check with early exit\nconst expectedStatusCode = parseInt(pm.variables.get(\"statusCode\"));\nlet statusMatches = true;\nif (pm.variables.get(\"statusCode\")) {\n statusMatches = (pm.response.code === expectedStatusCode);\n pm.test(\"Status code matches expected value\", function() {\n pm.expect(pm.response.code).to.equal(expectedStatusCode);\n });\n}\n\nif (pm.response.code == 200 && statusMatches) {\n pm.test(\"OK\", function() {\n pm.expect(pm.response.status).to.be.eql(\"OK\");\n try {\n if (responseData !== null && responseData !== undefined) {\n {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: paymentIdentification\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'paymentIdentification')) {\n pm.test(`'responseData field has paymentIdentification that is of type object'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`paymentIdentification`)) {\n const value = responseData?.paymentIdentification;\n\n pm.expect(typeof value).to.equal(\"object\");\n\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData.paymentIdentification\n // subKey: instructionIdentification\n // required: []\n let requiredField = false\n if (requiredField || ld.get(responseData.paymentIdentification, 'instructionIdentification')) {\n pm.test(`'responseData.paymentIdentification field has instructionIdentification that is of type string'`, function() {\n let parent = responseData.paymentIdentification;\n if (pm.expect(parent).to.have.nested.property(`instructionIdentification`)) {\n const value = responseData.paymentIdentification?.instructionIdentification;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData.paymentIdentification\n // subKey: transactionIdentification\n // required: []\n let requiredField = false\n if (requiredField || ld.get(responseData.paymentIdentification, 'transactionIdentification')) {\n pm.test(`'responseData.paymentIdentification field has transactionIdentification that is of type string'`, function() {\n let parent = responseData.paymentIdentification;\n if (pm.expect(parent).to.have.nested.property(`transactionIdentification`)) {\n const value = responseData.paymentIdentification?.transactionIdentification;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData.paymentTypeInformation\n // subKey: serviceLevel\n // required: []\n let requiredField = false\n if (requiredField || ld.get(responseData.paymentTypeInformation, 'serviceLevel')) {\n pm.test(`'responseData.paymentTypeInformation field has serviceLevel that is of type object'`, function() {\n let parent = responseData.paymentTypeInformation;\n if (pm.expect(parent).to.have.nested.property(`serviceLevel`)) {\n const value = responseData.paymentTypeInformation?.serviceLevel;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"object\");\n }\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData.paymentTypeInformation.serviceLevel\n // subKey: code\n // required: []\n let requiredField = false\n if (requiredField || ld.get(responseData.paymentTypeInformation.serviceLevel, 'code')) {\n pm.test(`'responseData.paymentTypeInformation.serviceLevel field has code that is of type string'`, function() {\n let parent = responseData.paymentTypeInformation.serviceLevel;\n if (pm.expect(parent).to.have.nested.property(`code`)) {\n const value = responseData.paymentTypeInformation.serviceLevel?.code;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n }\n })\n\n }\n }\n pm.test(`responseData.paymentTypeInformation.serviceLevel to be one of enum [\"DMCT\", \"ESCT\", \"XBCT\", \"EXCT\", \"NXCT\"]`, function() {\n const value = ld.get(responseData, `responseData.paymentTypeInformation.serviceLevel`, null);\n if (value !== null && value !== undefined) {\n pm.expect([\"DMCT\", \"ESCT\", \"XBCT\", \"EXCT\", \"NXCT\"]).to.include(value);\n }\n })\n\n {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: signInfo\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'signInfo')) {\n pm.test(`'responseData field has signInfo that is of type object'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`signInfo`)) {\n const value = responseData?.signInfo;\n\n pm.expect(typeof value).to.equal(\"object\");\n\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData.signInfo\n // subKey: signId\n // required: []\n let requiredField = false\n if (requiredField || ld.get(responseData.signInfo, 'signId')) {\n pm.test(`'responseData.signInfo field has signId that is of type string'`, function() {\n let parent = responseData.signInfo;\n if (pm.expect(parent).to.have.nested.property(`signId`)) {\n const value = responseData.signInfo?.signId;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: instructionStatus\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'instructionStatus')) {\n pm.test(`'responseData field has instructionStatus that is of type string'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`instructionStatus`)) {\n const value = responseData?.instructionStatus;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n }\n })\n\n }\n }\n pm.test(`responseData to be one of enum [\"ACTC\"]`, function() {\n const value = ld.get(responseData, `responseData`, null);\n if (value !== null && value !== undefined) {\n pm.expect([\"ACTC\"]).to.include(value);\n }\n })\n\n {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: statusChangeInfo\n // required: []\n let requiredField = false\n if (requiredField || ld.get(responseData, 'statusChangeInfo')) {\n pm.test(`'responseData field has statusChangeInfo that is of type string'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`statusChangeInfo`)) {\n const value = responseData?.statusChangeInfo;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n }\n })\n\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 400 && statusMatches) {\n pm.test(\"FIELD_MISSING\n\n Missing mandatory field in the request.\n\n FIELD_INVALID\n\n FIELD value is not valid.\n\n AC02\n\n [InvalidDebtorAccountNumber] invalid account identifier in the request content.\n\n AC03\n\n [InvalidCreditorAccountNumber] - recipient account number is closed, blocked, credit card are disabled\n for the account type, or the recipient 's account number is in invalid format (note: only valid for in-house payments).\n\n AC10\n\n [InvalidDebtorAccountCurrency] the specified payer account currency does not correspond to the client 's account currency for the account number held in the bank (the account currency is optional, in the case of multicurrency accounts, the account currency must be specified - Raiffeisenbank).\n\n AC12\n\n [InvalidAccountType] - account type does not match allowed account types(e.g., a non - paying account).\n\n AM05\n\n [Duplication] - this is a duplicate.Universal code\n for a duplicate CISP query(validated by,\n for example, CSOB) or a duplicate payment via GIS(non - unique payment reference).\n\n AM11\n\n [InvalidTransactionCurrency] the request contains a currency not trade / not supported.\n\n AM12\n\n [InvalidAmount] wrong amount.For instance, too low or high amount or wrong number format according to the number of decimal places according to the ISO 4217.\n\n FF01\n\n [Invalid File Format] invalid JSON format or other technical problem with the query processing.\n\n BE19\n\n [InvalidChargeBearerCode] - invalid fee type\n for the given transaction type.\n\n DT01\n\n [InvalidDate] - non - existent date value or format.Maturity in the future or in the past.Transactions on a non - business day of a bank(unless the bank receives such orders).\n\n RC07\n\n [InvalidCreditorBICIdentifier] invalid recipient SWIFT / BIC code.\n\n RC10\n\n [InvalidCreditorClearingSystemMemberIdentifier] - invalid recipient bank code identification.\n\n RR03\n\n [MissingCreditorNameOrAddress] - the field is missing the required data about the recipient 's name or address (or its part). If the data is in bad format, the error code FIELD_INVALID is used.\n\n RR10\n\n [InvalidCharacterSet] invalid character set in the request.\n\n NO_PART\n\n Unattainable Payment Method - The payer or payee bank does not provide the requested priority of the instruction(Instant Payment).In this\n case, the bank can extend the error response by the \"parameters\"\n element and define a set of possible payment priorities.TPP resp.the PSU may be able to choose another type of priority.\n\n\n\n \"parameters\": {\n\n\n\n\n\n \"ALLOWED_PRIORITY_TYPES\": [\"NORM\", \"INST\"]\n }\n\n\n\n REC_SEND\n\n [RECEIVER_SAME_AS_SENDER] Payer 's account is the same as the payee'\n s account(Applies to all types of payments)\n\n NARR\n\n Narrative a general reason\n for rejecting the payment, with an addition of error - related information.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Bad Request\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 401 && statusMatches) {\n pm.test(\"UNAUTHORISED\n\n Invalid / missing access token = user is not authenticated\n\n or\n\n Invalid / missing certificate = provider is not authenticated \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Unauthorized\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 403 && statusMatches) {\n pm.test(\"FORBIDDEN\n\n Authentication with an invalid certificate or expired access token, a call that does not match a third - party license.\n\n or\n\n AG01\n\n [TransactionForbidden] absent consent to access to balance check at the account.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Forbidden\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 500 && statusMatches) {\n pm.test(\"NARR\n\n Narrative a general reason\n for rejecting the payment, with an addition of error - related information.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Internal Server Error\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}"
+ ],
+ "type": "text/javascript"
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/payments - Query for Balance Check",
+ "request": {
+ "name": "Query for Balance Check",
+ "description": {
+ "content": "This is a resource for sending a query for Balance Check in a specific payment account of the account payer. The resource is not authorized directly by the account holder, through the authorization resource. Access to information must be granted by the client outside the interaction of this API before the resource is used.\n\n**Headers for the digest intended for signature (in this order):**\n * X-Request-ID\n * Date",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ },
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"exchangeIdentification\": \"{{exchangeIdentification_*string}}\",\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"transactionDetails\": {\n \"totalAmount\": \"{{transactionDetails.totalAmount_*number}}\",\n \"currency\": \"{{transactionDetails.currency_*string}}\"\n },\n \"card\": {\n \"cardholderName\": \"{{card.cardholderName_*string}}\",\n \"maskedPAN\": \"{{card.maskedPAN_*string}}\"\n },\n \"merchant\": {\n \"identification\": \"{{merchant.identification_*string}}\",\n \"shortName\": \"{{merchant.shortName_*string}}\",\n \"commonName\": \"{{merchant.commonName_*string}}\",\n \"merchantCategoryCode\": \"{{merchant.merchantCategoryCode_*string}}\",\n \"type\": \"{{merchant.type_*string}}\",\n \"address\": \"{{merchant.address_*string}}\",\n \"countryCode\": \"{{merchant.countryCode_*string}}\"\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "response": [
+ {
+ "name": "OK",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {}
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"responseIdentification\": 98765,\n \"exchangeIdentification\": \"658576010faf0a23dc\",\n \"response\": \"APPR\"\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FIELD_MISSING\n\nMissing mandatory field in the request.\n\nor\n\nFIELD_INVALID\n\nFIELD value is not valid.\n\nor\n\nAC02\n\n[InvalidDebtorAccountNumber] invalid account identifier in the request content.\n\nor\n\nAC09\n\n[InvalidAccountCurrency] invalid currency of the required account.\n\nor\n\nAC12\n\n[InvalidAccountType] - account type does not match allowed account types (e.g., a non-paying account).\n\nor\n\nAG01\n\n[TransactionForbidden] absent consent to access to balance check at the account.\n\nor\n\nAM11\n\n[InvalidTransactionCurrency] the request contains a currency not trade/not supported.\n\nor\n\nAM12\n\n[InvalidAmount] wrong amount. For instance, too low or high amount or wrong number format according to the number of decimal places according to the ISO 4217.\n\nor\n\nFF01\n\n[Invalid File Format] invalid JSON forma tor other technical problem with the query processing.\n\nor\n\nRF01\n\n[NotUniqueTransactionReference] not unique request identifier.\n\nor\n\nRR10\n\n[InvalidCharacterSet] invalid character set in the request.\n\nor\n\nNARR\n\nNarrative a general reason for rejecting the payment, with an addition of error-related information.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {}
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {}
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\n\nAuthentication with an invalid certificate or expired access token, a call that does not match a third-party license.\n\nor\n\nAG01\n\n[TransactionForbidden] absent consent to access to balance check at the account.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {}
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "NARR\n\nNarrative a general reason for rejecting the payment, with an addition of error-related information.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ "balanceCheck"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {}
+ },
+ "status": "Internal Server Error",
+ "code": 500,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "// ********RoostGPT********\n/*\nTest generated by RoostGPT for test PostmanApitest using AI Type Open AI and AI Model gpt-5\n\n\nTest generated for my/payments/balanceCheck for http method type post in postman framework\n\n*/\n\n// ********RoostGPT********\n\n\nconst ld = require('lodash');\nlet responseData;\nconst contentType = pm.response.headers.get('Content-Type');\nif (contentType === \"application/xml\") {\n var parseString = require('xml2js').parseString;\n parseString(pm.response.body, function(err, result) {\n if (err) {\n console.error('Error parsing XML:', err);\n } else {\n responseData = result;\n }\n });\n} else {\n responseData = pm.response.json();\n}\n// Status code check with early exit\nconst expectedStatusCode = parseInt(pm.variables.get(\"statusCode\"));\nlet statusMatches = true;\nif (pm.variables.get(\"statusCode\")) {\n statusMatches = (pm.response.code === expectedStatusCode);\n pm.test(\"Status code matches expected value\", function() {\n pm.expect(pm.response.code).to.equal(expectedStatusCode);\n });\n}\n\nif (pm.response.code == 200 && statusMatches) {\n pm.test(\"OK\", function() {\n pm.expect(pm.response.status).to.be.eql(\"OK\");\n try {\n if (responseData !== null && responseData !== undefined) {\n {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: responseIdentification\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'responseIdentification')) {\n pm.test(`'responseData field has responseIdentification that is of type number'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`responseIdentification`)) {\n const value = responseData?.responseIdentification;\n\n pm.expect(typeof value).to.equal(\"number\");\n\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: exchangeIdentification\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'exchangeIdentification')) {\n pm.test(`'responseData field has exchangeIdentification that is of type string'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`exchangeIdentification`)) {\n const value = responseData?.exchangeIdentification;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: response\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'response')) {\n pm.test(`'responseData field has response that is of type string'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`response`)) {\n const value = responseData?.response;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n }\n })\n\n }\n }\n pm.test(`responseData to be one of enum [\"APPR\", \"DECL\"]`, function() {\n const value = ld.get(responseData, `responseData`, null);\n if (value !== null && value !== undefined) {\n pm.expect([\"APPR\", \"DECL\"]).to.include(value);\n }\n })\n\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 400 && statusMatches) {\n pm.test(\"FIELD_MISSING\n\n Missing mandatory field in the request.\n\n or\n\n FIELD_INVALID\n\n FIELD value is not valid.\n\n or\n\n AC02\n\n [InvalidDebtorAccountNumber] invalid account identifier in the request content.\n\n or\n\n AC09\n\n [InvalidAccountCurrency] invalid currency of the required account.\n\n or\n\n AC12\n\n [InvalidAccountType] - account type does not match allowed account types(e.g., a non - paying account).\n\n or\n\n AG01\n\n [TransactionForbidden] absent consent to access to balance check at the account.\n\n or\n\n AM11\n\n [InvalidTransactionCurrency] the request contains a currency not trade / not supported.\n\n or\n\n AM12\n\n [InvalidAmount] wrong amount.For instance, too low or high amount or wrong number format according to the number of decimal places according to the ISO 4217.\n\n or\n\n FF01\n\n [Invalid File Format] invalid JSON forma tor other technical problem with the query processing.\n\n or\n\n RF01\n\n [NotUniqueTransactionReference] not unique request identifier.\n\n or\n\n RR10\n\n [InvalidCharacterSet] invalid character set in the request.\n\n or\n\n NARR\n\n Narrative a general reason\n for rejecting the payment, with an addition of error - related information.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Bad Request\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 401 && statusMatches) {\n pm.test(\"UNAUTHORISED\n\n Invalid / missing access token = user is not authenticated\n\n or\n\n Invalid / missing certificate = provider is not authenticated \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Unauthorized\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 403 && statusMatches) {\n pm.test(\"FORBIDDEN\n\n Authentication with an invalid certificate or expired access token, a call that does not match a third - party license.\n\n or\n\n AG01\n\n [TransactionForbidden] absent consent to access to balance check at the account.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Forbidden\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 500 && statusMatches) {\n pm.test(\"NARR\n\n Narrative a general reason\n for rejecting the payment, with an addition of error - related information.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Internal Server Error\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}"
+ ],
+ "type": "text/javascript"
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/payments/{paymentId} - Payment authorization status",
+ "request": {
+ "name": "Payment authorization status",
+ "description": {
+ "content": "A resource indicating whether the authorization process was completed and with what result.\n\nIf you do not know the paymentId, or is not yet available, use signId for both signId and paymentId.\n\n**Headers for the digest intended for signature (in this order):**\n * PUT /my/payments/{paymentId}/sign/{signId} (Marked as 'uri' in the 'headers' object in the 'Signature' header)\n * X-Request-ID\n * Date",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ }
+ },
+ "response": [
+ {
+ "name": "OK",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"state\": \"WAITING_FOR_SIGN\",\n \"instructionStatus\": \"ACTC\",\n \"pollInterval\": 1000\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "AUTH_LIMIT_EXCEEDED\n\nThe resource may not be authorized with this method",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "ID_NOT_FOUND\n\nThe requested payment ID does not exist.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "NOT_IMPLEMENTED\n\nMethod not implemented",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "Not Implemented",
+ "code": 501,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/payments/{paymentId} - Payment authorization status page URL",
+ "request": {
+ "name": "Payment authorization status page URL",
+ "description": {
+ "content": "A resource that allows the TPP to obtain the URL of the Partners frontend \"Authorization status page\" to which the user should be redirected after he confirmed payment authorization.\n\nThe provided redirect URL (`redirectToTPPUrl`) will be used by the Partners frontend to redirect the user once the authorization reaches a final state.",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ },
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*uri}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "response": [
+ {
+ "name": "OK The URL for the status page was successfully generated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"statusPageUrl\": \"https://psd2.bank.cz/authorization-status/payment/3f7db2f6-9a3b-45c2-b9cf-0baf1fe3b212\"\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "BAD REQUEST\nRequest validation failed or required input is missing",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\nInvalid/missing access token or certificate",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\nCaller is not allowed to invoke this operation",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "ID_NOT_FOUND\nThe paymentId or signId does not exist or is invalid",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "INTERNAL SERVER ERROR\nUnexpected error occurred",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "payments",
+ ":paymentId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{paymentId}}",
+ "key": "paymentId",
+ "description": "(Required) ID of the Payment"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Internal Server Error",
+ "code": 500,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "// ********RoostGPT********\n/*\nTest generated by RoostGPT for test PostmanApitest using AI Type Open AI and AI Model gpt-5\n\n\nTest generated for my/payments/{paymentId}/status-page-url/{signId} for http method type post in postman framework\n\n*/\n\n// ********RoostGPT********\n\n\nconst ld = require('lodash');\nlet responseData;\nconst contentType = pm.response.headers.get('Content-Type');\nif (contentType === \"application/xml\") {\n var parseString = require('xml2js').parseString;\n parseString(pm.response.body, function(err, result) {\n if (err) {\n console.error('Error parsing XML:', err);\n } else {\n responseData = result;\n }\n });\n} else {\n responseData = pm.response.json();\n}\n// Status code check with early exit\nconst expectedStatusCode = parseInt(pm.variables.get(\"statusCode\"));\nlet statusMatches = true;\nif (pm.variables.get(\"statusCode\")) {\n statusMatches = (pm.response.code === expectedStatusCode);\n pm.test(\"Status code matches expected value\", function() {\n pm.expect(pm.response.code).to.equal(expectedStatusCode);\n });\n}\n\nif (pm.response.code == 200 && statusMatches) {\n pm.test(\"OK The URL for the status page was successfully generated\", function() {\n pm.expect(pm.response.status).to.be.eql(\"OK\");\n try {\n if (responseData !== null && responseData !== undefined) {\n {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: statusPageUrl\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'statusPageUrl')) {\n pm.test(`'responseData field has statusPageUrl that is of type string'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`statusPageUrl`)) {\n const value = responseData?.statusPageUrl;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n }\n })\n\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 400 && statusMatches) {\n pm.test(\"BAD REQUEST\n Request validation failed or required input is missing \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Bad Request\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 401 && statusMatches) {\n pm.test(\"UNAUTHORISED\n Invalid / missing access token or certificate \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Unauthorized\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 403 && statusMatches) {\n pm.test(\"FORBIDDEN\n Caller is not allowed to invoke this operation \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Forbidden\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 404 && statusMatches) {\n pm.test(\"ID_NOT_FOUND\n The paymentId or signId does not exist or is invalid \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Not Found\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 500 && statusMatches) {\n pm.test(\"INTERNAL SERVER ERROR\n Unexpected error occurred \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Internal Server Error\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}"
+ ],
+ "type": "text/javascript"
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ }
+ ],
+ "event": []
+ },
+ {
+ "name": "standingorders",
+ "item": [
+ {
+ "name": "my/standingorders - List of client standing orders",
+ "request": {
+ "name": "List of client standing orders",
+ "description": {
+ "content": "Paged list of client standing orders. Each standing order contains a unique id usable for URI referencing, e.g. for the standing order detail.\n\n**Headers for the digest intended for signature (in this order):**\n * X-Request-ID\n * Date",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "disabled": false,
+ "key": "size",
+ "value": "{{size}}",
+ "description": "Paging. Number of entries per page. Default is 25. Maximum is 100. Returns error if size is over 100."
+ },
+ {
+ "disabled": false,
+ "key": "page",
+ "value": "{{page}}",
+ "description": "Paging. Required page. + Default: 0"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ }
+ },
+ "response": [
+ {
+ "name": "OK",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"pageNumber\": 0,\n \"pageCount\": 1,\n \"pageSize\": 100,\n \"totalCount\": 120,\n \"standingOrders\": [\n {\n \"amount\": {\n \"instructedAmount\": {\n \"value\": 50000,\n \"currency\": \"CZK\"\n }\n },\n \"requestedExecutionDate\": \"2017-01-31\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"UNTIL_CANCELLATION\",\n \"modeDue\": \"DUE_OR_BEFORE_DAY_OF_MONTH\",\n \"interval\": \"MONTHLY\",\n \"intervalDue\": 6314\n },\n \"alias\": \"Payments for lunch - kindergarten Michal\",\n \"validity\": {\n \"lastExecutionDate\": \"2017-01-31\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"CZ0708000000001019382023\"\n },\n \"currency\": \"CZK\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"CZ0708000000001019382023\"\n },\n \"currency\": \"CZK\"\n },\n \"standingOrderIdentification\": {\n \"transactionIdentification\": \"033225570000078020091\",\n \"instructionIdentification\": \"NejakeID41785962314574\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"NORM\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"Platba za MŠ \",\n \"unstructured\": \"/VS/123456/KS/456789/SS/879213546\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"\\\"VS:123456\\\",\\\"KS:456789\\\",\\\"SS:879213546\\\"\"\n }\n }\n }\n },\n {\n \"amount\": {\n \"instructedAmount\": {\n \"value\": 50000,\n \"currency\": \"CZK\"\n }\n },\n \"requestedExecutionDate\": \"2017-01-31\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"UNTIL_CANCELLATION\",\n \"modeDue\": \"DUE_OR_BEFORE_DAY_OF_MONTH\",\n \"interval\": \"MONTHLY\",\n \"intervalDue\": 8481\n },\n \"alias\": \"Payments for lunch - kindergarten Michal\",\n \"validity\": {\n \"lastExecutionDate\": \"2017-01-31\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"CZ0708000000001019382023\"\n },\n \"currency\": \"CZK\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"CZ0708000000001019382023\"\n },\n \"currency\": \"CZK\"\n },\n \"standingOrderIdentification\": {\n \"transactionIdentification\": \"033225570000078020091\",\n \"instructionIdentification\": \"NejakeID41785962314574\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"NORM\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"Platba za MŠ \",\n \"unstructured\": \"/VS/123456/KS/456789/SS/879213546\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"\\\"VS:123456\\\",\\\"KS:456789\\\",\\\"SS:879213546\\\"\"\n }\n }\n }\n }\n ],\n \"nextPage\": 1\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "PARAMETER_INVALID\n\nThe value of the parameter is not valid",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\n\nAuthentication with an invalid certificate or expired access token, a call that does not match a third-party license.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "PAGE_NOT_FOUND\n\nRequest for a non-existing page",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [
+ {
+ "key": "size",
+ "value": "{{size}}"
+ },
+ {
+ "key": "page",
+ "value": "{{page}}"
+ }
+ ],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/standingorders - New standing order initiation",
+ "request": {
+ "name": "New standing order initiation",
+ "description": {
+ "content": "Resource for entering a new standingorder.\n\n**Headers for the digest intended for signature (in this order):**\n * X-Request-ID\n * Date",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ },
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "response": [
+ {
+ "name": "OK",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"standingOrderIdentification\": {\n \"transactionIdentification\": \"033225570000078020091\",\n \"instructionIdentification\": \"NejakeID41785962314574\"\n },\n \"paymentTypeInformation\": {\n \"serviceLevel\": {\n \"code\": \"DMCT\"\n },\n \"instructionPriority\": \"NORM\"\n },\n \"signInfo\": {\n \"state\": \"WAITING_FOR_SIGN\",\n \"signId\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\"\n },\n \"instructionStatus\": \"ACTC\",\n \"statusChangeInfo\": \"DT01\"\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FIELD_MISSING\n\nMissing mandatory field in the request.\n\nFIELD_INVALID\n\nFIELD value is not valid.\n\nAC02\n\n[InvalidDebtorAccountNumber] invalid account identifier in the request content.\n\nAC03\n\n[InvalidCreditorAccountNumber] - recipient account number is closed, blocked, credit card are disabled for the account type, or the recipient's account number is in invalid format (note: only valid for in-house payments).\n\nAC10\n\n[InvalidDebtorAccountCurrency] the specified payer account currency does not correspond to the client's account currency for the account number held in the bank (the account currency is optional, in the case of multicurrency accounts, the account currency must be specified - Raiffeisenbank).\n\nAC12\n\n[InvalidAccountType] - account type does not match allowed account types (e.g., a non-paying account).\n\nAM05\n\n[Duplication] - this is a duplicate. Universal code for a duplicate CISP query (validated by, for example, CSOB) or a duplicate payment via GIS (non-unique payment reference).\n\nAM11\n\n[InvalidTransactionCurrency] the request contains a currency not trade/not supported.\n\nAM12\n\n[InvalidAmount] wrong amount. For instance, too low or high amount or wrong number format according to the number of decimal places according to the ISO 4217.\n\nFF01\n\n[Invalid File Format] invalid JSON format or other technical problem with the query processing.\n\nBE19\n\n[InvalidChargeBearerCode] - invalid fee type for the given transaction type.\n\nDT01\n\n[InvalidDate] - non-existent date value or format. Maturity in the future or in the past. Transactions on a non-business day of a bank (unless the bank receives such orders).\n\nRC07\n\n[InvalidCreditorBICIdentifier] invalid recipient SWIFT / BIC code.\n\nRC10\n\n[InvalidCreditorClearingSystemMemberIdentifier] - invalid recipient bank code identification.\n\nRR03\n\n[MissingCreditorNameOrAddress] - the field is missing the required data about the recipient's name or address (or its part). If the data is in bad format, the error code FIELD_INVALID is used.\n\nRR10\n\n[InvalidCharacterSet] invalid character set in the request.\n\nREC_SEND\n\n[RECEIVER_SAME_AS_SENDER] Payer's account is the same as the payee's account (Applies to all types of payments)\n\nNARR\n\nNarrative a general reason for rejecting the payment, with an addition of error-related information.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\n\nAuthentication with an invalid certificate or expired access token, a call that does not match a third-party license.\n\nor\n\nAG01\n\n[TransactionForbidden] absent consent to access to balance check at the account.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "NARR\n\nNarrative a general reason for rejecting the payment, with an addition of error-related information.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": []
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Internal Server Error",
+ "code": 500,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "// ********RoostGPT********\n/*\nTest generated by RoostGPT for test PostmanApitest using AI Type Open AI and AI Model gpt-5\n\n\nTest generated for my/standingorders for http method type post in postman framework\n\n*/\n\n// ********RoostGPT********\n\n\nconst ld = require('lodash');\nlet responseData;\nconst contentType = pm.response.headers.get('Content-Type');\nif (contentType === \"application/xml\") {\n var parseString = require('xml2js').parseString;\n parseString(pm.response.body, function(err, result) {\n if (err) {\n console.error('Error parsing XML:', err);\n } else {\n responseData = result;\n }\n });\n} else {\n responseData = pm.response.json();\n}\n// Status code check with early exit\nconst expectedStatusCode = parseInt(pm.variables.get(\"statusCode\"));\nlet statusMatches = true;\nif (pm.variables.get(\"statusCode\")) {\n statusMatches = (pm.response.code === expectedStatusCode);\n pm.test(\"Status code matches expected value\", function() {\n pm.expect(pm.response.code).to.equal(expectedStatusCode);\n });\n}\n\nif (pm.response.code == 200 && statusMatches) {\n pm.test(\"OK\", function() {\n pm.expect(pm.response.status).to.be.eql(\"OK\");\n try {\n if (responseData !== null && responseData !== undefined) {\n {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData.paymentTypeInformation\n // subKey: serviceLevel\n // required: []\n let requiredField = false\n if (requiredField || ld.get(responseData.paymentTypeInformation, 'serviceLevel')) {\n pm.test(`'responseData.paymentTypeInformation field has serviceLevel that is of type object'`, function() {\n let parent = responseData.paymentTypeInformation;\n if (pm.expect(parent).to.have.nested.property(`serviceLevel`)) {\n const value = responseData.paymentTypeInformation?.serviceLevel;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"object\");\n }\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData.paymentTypeInformation.serviceLevel\n // subKey: code\n // required: []\n let requiredField = false\n if (requiredField || ld.get(responseData.paymentTypeInformation.serviceLevel, 'code')) {\n pm.test(`'responseData.paymentTypeInformation.serviceLevel field has code that is of type string'`, function() {\n let parent = responseData.paymentTypeInformation.serviceLevel;\n if (pm.expect(parent).to.have.nested.property(`code`)) {\n const value = responseData.paymentTypeInformation.serviceLevel?.code;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n }\n })\n\n }\n }\n pm.test(`responseData.paymentTypeInformation.serviceLevel to be one of enum [\"DMCT\", \"ESCT\", \"XBCT\", \"EXCT\", \"NXCT\"]`, function() {\n const value = ld.get(responseData, `responseData.paymentTypeInformation.serviceLevel`, null);\n if (value !== null && value !== undefined) {\n pm.expect([\"DMCT\", \"ESCT\", \"XBCT\", \"EXCT\", \"NXCT\"]).to.include(value);\n }\n })\n\n {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: signInfo\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'signInfo')) {\n pm.test(`'responseData field has signInfo that is of type object'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`signInfo`)) {\n const value = responseData?.signInfo;\n\n pm.expect(typeof value).to.equal(\"object\");\n\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData.signInfo\n // subKey: signId\n // required: []\n let requiredField = false\n if (requiredField || ld.get(responseData.signInfo, 'signId')) {\n pm.test(`'responseData.signInfo field has signId that is of type string'`, function() {\n let parent = responseData.signInfo;\n if (pm.expect(parent).to.have.nested.property(`signId`)) {\n const value = responseData.signInfo?.signId;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n }\n })\n\n }\n } {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: instructionStatus\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'instructionStatus')) {\n pm.test(`'responseData field has instructionStatus that is of type string'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`instructionStatus`)) {\n const value = responseData?.instructionStatus;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n }\n })\n\n }\n }\n pm.test(`responseData to be one of enum [\"ACTC\"]`, function() {\n const value = ld.get(responseData, `responseData`, null);\n if (value !== null && value !== undefined) {\n pm.expect([\"ACTC\"]).to.include(value);\n }\n })\n\n {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: statusChangeInfo\n // required: []\n let requiredField = false\n if (requiredField || ld.get(responseData, 'statusChangeInfo')) {\n pm.test(`'responseData field has statusChangeInfo that is of type string'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`statusChangeInfo`)) {\n const value = responseData?.statusChangeInfo;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n }\n })\n\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 400 && statusMatches) {\n pm.test(\"FIELD_MISSING\n\n Missing mandatory field in the request.\n\n FIELD_INVALID\n\n FIELD value is not valid.\n\n AC02\n\n [InvalidDebtorAccountNumber] invalid account identifier in the request content.\n\n AC03\n\n [InvalidCreditorAccountNumber] - recipient account number is closed, blocked, credit card are disabled\n for the account type, or the recipient 's account number is in invalid format (note: only valid for in-house payments).\n\n AC10\n\n [InvalidDebtorAccountCurrency] the specified payer account currency does not correspond to the client 's account currency for the account number held in the bank (the account currency is optional, in the case of multicurrency accounts, the account currency must be specified - Raiffeisenbank).\n\n AC12\n\n [InvalidAccountType] - account type does not match allowed account types(e.g., a non - paying account).\n\n AM05\n\n [Duplication] - this is a duplicate.Universal code\n for a duplicate CISP query(validated by,\n for example, CSOB) or a duplicate payment via GIS(non - unique payment reference).\n\n AM11\n\n [InvalidTransactionCurrency] the request contains a currency not trade / not supported.\n\n AM12\n\n [InvalidAmount] wrong amount.For instance, too low or high amount or wrong number format according to the number of decimal places according to the ISO 4217.\n\n FF01\n\n [Invalid File Format] invalid JSON format or other technical problem with the query processing.\n\n BE19\n\n [InvalidChargeBearerCode] - invalid fee type\n for the given transaction type.\n\n DT01\n\n [InvalidDate] - non - existent date value or format.Maturity in the future or in the past.Transactions on a non - business day of a bank(unless the bank receives such orders).\n\n RC07\n\n [InvalidCreditorBICIdentifier] invalid recipient SWIFT / BIC code.\n\n RC10\n\n [InvalidCreditorClearingSystemMemberIdentifier] - invalid recipient bank code identification.\n\n RR03\n\n [MissingCreditorNameOrAddress] - the field is missing the required data about the recipient 's name or address (or its part). If the data is in bad format, the error code FIELD_INVALID is used.\n\n RR10\n\n [InvalidCharacterSet] invalid character set in the request.\n\n REC_SEND\n\n [RECEIVER_SAME_AS_SENDER] Payer 's account is the same as the payee'\n s account(Applies to all types of payments)\n\n NARR\n\n Narrative a general reason\n for rejecting the payment, with an addition of error - related information.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Bad Request\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 401 && statusMatches) {\n pm.test(\"UNAUTHORISED\n\n Invalid / missing access token = user is not authenticated\n\n or\n\n Invalid / missing certificate = provider is not authenticated \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Unauthorized\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 403 && statusMatches) {\n pm.test(\"FORBIDDEN\n\n Authentication with an invalid certificate or expired access token, a call that does not match a third - party license.\n\n or\n\n AG01\n\n [TransactionForbidden] absent consent to access to balance check at the account.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Forbidden\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 500 && statusMatches) {\n pm.test(\"NARR\n\n Narrative a general reason\n for rejecting the payment, with an addition of error - related information.\n \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Internal Server Error\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}"
+ ],
+ "type": "text/javascript"
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/standingorders/{standingOrderId} - Standing order authorization status",
+ "request": {
+ "name": "Standing order authorization status",
+ "description": {
+ "content": "A resource indicating whether the authorization process was completed and with what result.\n\nIf you do not know the standingOrderId, or is not yet available, use signId for both signId and standingOrderId.\n\n**Headers for the digest intended for signature (in this order):**\n * PUT /my/standingorders/{standingOrderId}/sign/{signId} (Marked as 'uri' in the 'headers' object in the 'Signature' header)\n * X-Request-ID\n * Date",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) ID of the Transaction"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ }
+ },
+ "response": [
+ {
+ "name": "OK",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) ID of the Transaction"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"state\": \"WAITING_FOR_SIGN\",\n \"instructionStatus\": \"ACTC\",\n \"pollInterval\": 1000\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "AUTH_LIMIT_EXCEEDED\n\nThe resource may not be authorized with this method",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) ID of the Transaction"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\n\nInvalid/missing access token = user is not authenticated\n\nor\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) ID of the Transaction"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\n\nInvalid/missing certificate = provider is not authenticated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) ID of the Transaction"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "ID_NOT_FOUND\n\nThe requested transaction ID does not exist.",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) ID of the Transaction"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "NOT_IMPLEMENTED\n\nMethod not implemented",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "sign",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) ID of the Transaction"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {}
+ },
+ "status": "Not Implemented",
+ "code": 501,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/standingorders/{standingOrderId} - Generate status page URL for standing order authorization",
+ "request": {
+ "name": "Generate status page URL for standing order authorization",
+ "description": {
+ "content": "A resource that allows the TPP to obtain the URL of the Partners frontend \"Authorization status page\" to which the user should be redirected after he confirmed standing order authorization.\n\nThe provided redirect URL (`redirectToTPPUrl`) will be used by the Partners frontend to redirect the user once the authorization reaches a final state.",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) Unique identifier of the standing order"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ },
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*uri}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "response": [
+ {
+ "name": "OK The URL for the status page was successfully generated",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) Unique identifier of the standing order"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"statusPageUrl\": \"https://psd2.bank.cz/authorization-status/standing-order/8d77f2ce-2104-4f49-bc2f-ff3f91f2ddc3\"\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "BAD REQUEST\nRequest validation failed or required input is missing",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) Unique identifier of the standing order"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\nInvalid/missing access token or certificate",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) Unique identifier of the standing order"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\nCaller is not allowed to invoke this operation",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) Unique identifier of the standing order"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "ID_NOT_FOUND\nThe standingOrderId or signId does not exist or is invalid",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) Unique identifier of the standing order"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "INTERNAL SERVER ERROR\nUnexpected error occurred",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":standingOrderId",
+ "status-page-url",
+ ":signId"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{standingOrderId}}",
+ "key": "standingOrderId",
+ "description": "(Required) Unique identifier of the standing order"
+ },
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{signId}}",
+ "key": "signId",
+ "description": "(Required) ID of the initiated authorization"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "POST",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"redirectToTPPUrl\": \"{{redirectToTPPUrl_*string}}\"\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Internal Server Error",
+ "code": 500,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [
+ {
+ "listen": "test",
+ "script": {
+ "exec": [
+ "// ********RoostGPT********\n/*\nTest generated by RoostGPT for test PostmanApitest using AI Type Open AI and AI Model gpt-5\n\n\nTest generated for my/standingorders/{standingOrderId}/status-page-url/{signId} for http method type post in postman framework\n\n*/\n\n// ********RoostGPT********\n\n\nconst ld = require('lodash');\nlet responseData;\nconst contentType = pm.response.headers.get('Content-Type');\nif (contentType === \"application/xml\") {\n var parseString = require('xml2js').parseString;\n parseString(pm.response.body, function(err, result) {\n if (err) {\n console.error('Error parsing XML:', err);\n } else {\n responseData = result;\n }\n });\n} else {\n responseData = pm.response.json();\n}\n// Status code check with early exit\nconst expectedStatusCode = parseInt(pm.variables.get(\"statusCode\"));\nlet statusMatches = true;\nif (pm.variables.get(\"statusCode\")) {\n statusMatches = (pm.response.code === expectedStatusCode);\n pm.test(\"Status code matches expected value\", function() {\n pm.expect(pm.response.code).to.equal(expectedStatusCode);\n });\n}\n\nif (pm.response.code == 200 && statusMatches) {\n pm.test(\"OK The URL for the status page was successfully generated\", function() {\n pm.expect(pm.response.status).to.be.eql(\"OK\");\n try {\n if (responseData !== null && responseData !== undefined) {\n {\n // Condition: Raw data type and parent property is not an array\n // pathStr: responseData\n // subKey: statusPageUrl\n // required: []\n let requiredField = true\n if (requiredField || ld.get(responseData, 'statusPageUrl')) {\n pm.test(`'responseData field has statusPageUrl that is of type string'`, function() {\n let parent = responseData;\n if (pm.expect(parent).to.have.nested.property(`statusPageUrl`)) {\n const value = responseData?.statusPageUrl;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n }\n })\n\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 400 && statusMatches) {\n pm.test(\"BAD REQUEST\n Request validation failed or required input is missing \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Bad Request\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 401 && statusMatches) {\n pm.test(\"UNAUTHORISED\n Invalid / missing access token or certificate \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Unauthorized\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 403 && statusMatches) {\n pm.test(\"FORBIDDEN\n Caller is not allowed to invoke this operation \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Forbidden\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 404 && statusMatches) {\n pm.test(\"ID_NOT_FOUND\n The standingOrderId or signId does not exist or is invalid \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Not Found\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}\nif (pm.response.code == 500 && statusMatches) {\n pm.test(\"INTERNAL SERVER ERROR\n Unexpected error occurred \", function () {\n pm.expect(pm.response.status).to.be.eql(\"Internal Server Error\");\n try {\n if (responseData !== null && responseData !== undefined) {\n // array condition without arrayName and parent property is an array\n pm.test(`'responseData has 'error' as type array'`, function() {\n const value = responseData?.error;\n\n if (value !== null && value !== undefined) {\n pm.expect(Array.isArray(value)).to.equal(true);\n }\n\n })\n\n {\n let requiredArray = false;\n if (requiredArray || !ld.isEmpty(responseData)) {\n pm.test(`Each object in the responseData.error field has all the required fields and correct data-types`, function() {\n if (pm.expect(responseData).to.have.nested.property(`error`)) {\n let errorArray = ld.get(responseData, `error`, []);\n if (Array.isArray(errorArray)) {\n for (let error_it = 0; error_it < errorArray.length; error_it++) {\n let iterator = error_it;\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'error' as type 'string'`, function() {\n const value = errorArray[iterator]?.error;\n\n pm.expect(typeof value).to.equal(\"string\");\n\n })\n\n\n if (errorArray[error_it] !== null && errorArray[error_it] !== undefined) {\n\n // Condition: Raw data type with defined arrayName and parent property is an array\n pm.test(`'Item at errorArray[${iterator}]' has 'message' as type 'string'`, function() {\n const value = errorArray[iterator]?.message;\n\n if (!ld.isEmpty(value)) {\n pm.expect(typeof value).to.equal(\"string\");\n }\n })\n\n\n }\n }\n }\n }\n })\n }\n }\n }\n } catch (error) {\n console.error('Error during response validation:', error.message);\n }\n });\n\n}"
+ ],
+ "type": "text/javascript"
+ }
+ }
+ ],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/standingorders/{transactionIdentification} - Remove standing order",
+ "request": {
+ "name": "Remove standing order",
+ "description": {
+ "content": "Resource for removing a standing order.",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "DELETE",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ }
+ },
+ "response": [
+ {
+ "name": "Successfully removed standing order detail",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "DELETE",
+ "body": {}
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"standingOrderIdentification\": {\n \"transactionIdentification\": \"033225570000078020091\",\n \"instructionIdentification\": \"NejakeID41785962314574\"\n },\n \"signInfo\": {\n \"state\": \"WAITING_FOR_SIGN\",\n \"signId\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\"\n },\n \"instructionStatus\": \"ACTC\",\n \"statusChangeInfo\": \"DT01\"\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "BAD REQUEST\nRequest validation failed or required input is missing",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "DELETE",
+ "body": {}
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\nInvalid/missing access token or certificate",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "DELETE",
+ "body": {}
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\nCaller is not allowed to invoke this operation",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "DELETE",
+ "body": {}
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "ID_NOT_FOUND\nThe standingOrderId or signId does not exist or is invalid",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "DELETE",
+ "body": {}
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "INTERNAL SERVER ERROR\nUnexpected error occurred",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "DELETE",
+ "body": {}
+ },
+ "status": "Internal Server Error",
+ "code": 500,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/standingorders/{transactionIdentification} - Update standing order",
+ "request": {
+ "name": "Update standing order",
+ "description": {
+ "content": "Resource for updating a standing order.",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ },
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "response": [
+ {
+ "name": "Successfully updated standing order detail",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"standingOrderIdentification\": {\n \"transactionIdentification\": \"033225570000078020091\",\n \"instructionIdentification\": \"NejakeID41785962314574\"\n },\n \"signInfo\": {\n \"state\": \"WAITING_FOR_SIGN\",\n \"signId\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\"\n },\n \"instructionStatus\": \"ACTC\",\n \"statusChangeInfo\": \"DT01\"\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "BAD REQUEST\nRequest validation failed or required input is missing",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\nInvalid/missing access token or certificate",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\nCaller is not allowed to invoke this operation",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "ID_NOT_FOUND\nThe standingOrderId or signId does not exist or is invalid",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "INTERNAL SERVER ERROR\nUnexpected error occurred",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "PUT",
+ "body": {
+ "mode": "raw",
+ "raw": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": \"{{amount.instructedAmount.value_*number}}\",\n \"currency\": \"{{amount.instructedAmount.currency_*string}}\"\n }\n },\n \"requestedExecutionDate\": \"{{requestedExecutionDate_*date}}\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"{{standingOrder.execution.mode_*string}}\",\n \"modeDue\": \"{{standingOrder.execution.modeDue_*string}}\",\n \"interval\": \"{{standingOrder.execution.interval_*string}}\",\n \"intervalDue\": \"{{standingOrder.execution.intervalDue_*boolean}}\"\n },\n \"alias\": \"{{standingOrder.alias_*string}}\",\n \"validity\": {\n \"lastExecutionDate\": \"{{standingOrder.validity.lastExecutionDate_*date}}\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"{{debtorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{debtorAccount.currency_*string}}\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"{{creditorAccount.identification.iban_*string}}\"\n },\n \"currency\": \"{{creditorAccount.currency_*string}}\"\n },\n \"standingOrderIdentification\": {\n \"instructionIdentification\": \"{{standingOrderIdentification.instructionIdentification_*string}}\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"{{paymentTypeInformation.instructionPriority_*string}}\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"{{remittanceInformation.additionalRemittanceInformation_*string}}\",\n \"unstructured\": \"{{remittanceInformation.unstructured_*string}}\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"{{remittanceInformation.structured.creditorReferenceInformation.reference_*string}}\"\n }\n }\n }\n}",
+ "options": {
+ "raw": {
+ "language": "json"
+ }
+ }
+ }
+ },
+ "status": "Internal Server Error",
+ "code": 500,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ },
+ {
+ "name": "my/standingorders/{transactionIdentification} - Standing order detail",
+ "request": {
+ "name": "Standing order detail",
+ "description": {
+ "content": "Resource for obtaining the detail of a standing order",
+ "type": "text/plain"
+ },
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "auth": {
+ "type": "oauth2",
+ "oauth2": [
+ {
+ "key": "scope",
+ "value": "AISP PISP offline_access"
+ },
+ {
+ "key": "accessTokenUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/token"
+ },
+ {
+ "key": "authUrl",
+ "value": "https://login-pid.pbapi.cz/realms/pid/protocol/openid-connect/auth"
+ },
+ {
+ "key": "grant_type",
+ "value": "authorization_code"
+ }
+ ]
+ }
+ },
+ "response": [
+ {
+ "name": "Successfully retrieved standing order detail",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "OK",
+ "code": 200,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"amount\": {\n \"instructedAmount\": {\n \"value\": 50000,\n \"currency\": \"CZK\"\n }\n },\n \"requestedExecutionDate\": \"2017-01-31\",\n \"standingOrder\": {\n \"execution\": {\n \"mode\": \"UNTIL_CANCELLATION\",\n \"modeDue\": \"DUE_OR_BEFORE_DAY_OF_MONTH\",\n \"interval\": \"MONTHLY\",\n \"intervalDue\": true\n },\n \"alias\": \"Payments for lunch - kindergarten Michal\",\n \"validity\": {\n \"lastExecutionDate\": \"2017-01-31\"\n }\n },\n \"debtorAccount\": {\n \"identification\": {\n \"iban\": \"CZ0708000000001019382023\"\n },\n \"currency\": \"CZK\"\n },\n \"creditorAccount\": {\n \"identification\": {\n \"iban\": \"CZ0708000000001019382023\"\n },\n \"currency\": \"CZK\"\n },\n \"standingOrderIdentification\": {\n \"transactionIdentification\": \"033225570000078020091\",\n \"instructionIdentification\": \"NejakeID41785962314574\"\n },\n \"paymentTypeInformation\": {\n \"instructionPriority\": \"NORM\"\n },\n \"remittanceInformation\": {\n \"additionalRemittanceInformation\": \"Platba za MŠ \",\n \"unstructured\": \"/VS/123456/KS/456789/SS/879213546\",\n \"structured\": {\n \"creditorReferenceInformation\": {\n \"reference\": \"\\\"VS:123456\\\",\\\"KS:456789\\\",\\\"SS:879213546\\\"\"\n }\n }\n }\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "BAD REQUEST\nRequest validation failed or required input is missing",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Bad Request",
+ "code": 400,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "UNAUTHORISED\nInvalid/missing access token or certificate",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Unauthorized",
+ "code": 401,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "FORBIDDEN\nCaller is not allowed to invoke this operation",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Forbidden",
+ "code": 403,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "ID_NOT_FOUND\nThe standingOrderId or signId does not exist or is invalid",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Not Found",
+ "code": 404,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ },
+ {
+ "name": "INTERNAL SERVER ERROR\nUnexpected error occurred",
+ "originalRequest": {
+ "url": {
+ "path": [
+ "my",
+ "standingorders",
+ ":transactionIdentification"
+ ],
+ "host": [
+ "{{baseUrl}}"
+ ],
+ "query": [],
+ "variable": [
+ {
+ "disabled": false,
+ "type": "any",
+ "value": "{{transactionIdentification}}",
+ "key": "transactionIdentification",
+ "description": "(Required) Unique identifier of the Transaction"
+ }
+ ]
+ },
+ "header": [
+ {
+ "description": {
+ "content": "Added as a part of security scheme: oauth2",
+ "type": "text/plain"
+ },
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Unique request ID",
+ "key": "X-Request-ID",
+ "value": "{{X-Request-ID}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Date & time of the request, specified in a format by TPP. It is used to confirm the request.",
+ "key": "Date",
+ "value": "{{Date}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Digest according to RFC3230 that contains an algorithm. The digest is created as a hash of a string composed of header values specified in the Signature structure.\n\nHow to generate the hash?\n\n1. Create a string of header values based on the \"headers\" specified in the \"Signature\" header. The header values must be in given order without separator\n\n\n\n\n\n - example:\n - Signature header: algorithm=\"SHA256withRSA\",headers=\"uri authorization date x-request-id\",signature=\"ZmFzZGZhc2RmYXNkZmtmYWpzZGZhNnM1ZGY5YThzZDRmNmY0YTZzZDg0ZjZhc2Q4ZjZhc2Q4NGZhNnNkODRmYXNkZg==\"\n - String to be hashed: \"GET /my/accounts/08230397-3824-4e9e-918a-1f519eb31d9f/balanceBearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08Wed, 22 Oct 2023 07:28:00 GMT36e65182-7a28-11ed-a1eb-0242ac120002\"\n\n\n2. Make a hash based on the \"algorithm\" specified in the \"Signature\" header.",
+ "key": "Digest",
+ "value": "{{Digest}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A structure describing, in the form of a structured string, the content of the signature, its algorithm, and the BASE64 value of the signature.\n\nPossible headers to be signed (depends on the endpoint):\n\n- uri\n\n- authorization\n\n- date\n\n- x-request-id",
+ "key": "Signature",
+ "value": "{{Signature}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Base64 of the certificate public part (without envelope)",
+ "key": "TPP-Signature-Certificate",
+ "value": "{{TPP-Signature-Certificate}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) Involved user indication",
+ "key": "User-Involved",
+ "value": "{{User-Involved}}"
+ },
+ {
+ "disabled": false,
+ "description": "Name of TPP",
+ "key": "TPP-Name",
+ "value": "{{TPP-Name}}"
+ },
+ {
+ "disabled": false,
+ "description": "(Required) A header for passing the authorization token",
+ "key": "Authorization",
+ "value": "{{Authorization}}"
+ },
+ {
+ "key": "Accept",
+ "value": "application/json"
+ }
+ ],
+ "method": "GET",
+ "body": {}
+ },
+ "status": "Internal Server Error",
+ "code": 500,
+ "header": [
+ {
+ "key": "Content-Type",
+ "value": "application/json"
+ }
+ ],
+ "body": "{\n \"error\": [\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n },\n {\n \"error\": \"ERROR_CODE\",\n \"message\": \"string\"\n }\n ]\n}",
+ "cookie": [],
+ "_postman_previewlanguage": "json"
+ }
+ ],
+ "event": [],
+ "protocolProfileBehavior": {
+ "disableBodyPruning": true
+ }
+ }
+ ],
+ "event": []
+ }
+ ],
+ "event": []
+ }
+ ],
+ "event": [],
+ "variable": [
+ {
+ "type": "string",
+ "value": "https://api.pbapi.cz/bank-psd2outboundapi-sandbox",
+ "key": "baseUrl"
+ },
+ {
+ "type": "number",
+ "value": 200,
+ "key": "statusCode"
+ }
+ ],
+ "info": {
+ "_postman_id": "b8f0459f-6c8d-4b03-bb88-c3e6c864f126",
+ "name": "PSD2 API",
+ "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
+ "description": {
+ "content": "Welcome to the documentation for the Payment Services Directive 2 (PSD2) API. This comprehensive guide is designed to assist developers, financial institutions, and businesses in understanding and implementing the API specifications mandated by PSD2. The PSD2 directive, introduced by the European Union, aims to enhance the security and efficiency of electronic payments while fostering competition and innovation in the financial services sector.\n\n## Overview\n\nThe PSD2 API documentation provides detailed information on the APIs that enable secure and standardized access to payment account information and payment initiation services. By adhering to these specifications, financial institutions can facilitate seamless transactions, improve user experience, and comply with regulatory requirements.\n\n## Key Features\n\n- **Account Information Services (AIS):** Explore the APIs that allow authorized third-party providers to access account information, empowering users with a consolidated view of their financial data across multiple accounts and institutions.\n\n- **Payment Initiation Services (PIS):** Understand the APIs that enable third-party providers to initiate payments on behalf of users, streamlining the payment process and fostering innovation in the payments landscape.\n\n- **Strong Customer Authentication (SCA):** Learn about the security measures in place, including two-factor authentication, to ensure the protection of user data and compliance with PSD2 security requirements.\n\n\n## Getting Started\n\n Whether you are a developer integrating PSD2 APIs into your applications or a financial institution ensuring compliance, this documentation provides step-by-step guides, code samples, and detailed API reference information to facilitate a smooth integration process.\n\n## API Reference\n\n The API reference section outlines the endpoints, request and response formats, authentication mechanisms, and error handling details for both AIS and PIS APIs. Developers can use this information to build robust and secure applications that leverage the capabilities of the PSD2 API.\n\n## Compliance and Security\n\n Understand the regulatory landscape surrounding PSD2 and how to ensure compliance with the directive's requirements. Learn about security best practices to protect sensitive financial data and maintain the trust of users.\n\n## Support and Feedback\n\n For any questions, issues, or feedback related to the PSD2 API documentation, our support team is here to assist you. We encourage developers and stakeholders to actively participate in the improvement of this documentation by providing insights and suggestions.\n\nThank you for choosing PSD2 API, and we look forward to empowering you with the tools and knowledge needed to navigate the evolving landscape of financial services.\n\n\n## How to request API access with QSeal certificate\n Accessing the PSD2 API with a QSeal certificate is a secure and straightforward process. Here's a step-by-step guide for developers:\n\n### **Step 1:** Express Interest\n Initiate the access request by sending an email to our dedicated support team at psd2@partnersbanka.cz, expressing your interest in using the PSD2 API. Provide information about your organization and the intended use of the API.\n\n### **Step 2:** QSeal Certificate Submission\n Attach the public part of your organization's QSeal certificate to the email. This certificate is essential for secure communication between your systems and the PSD2 API. Ensure the certificate adheres to the specified security standards outlined in the API documentation.\n\n### **Step 3:** Access Verification\n Our support team will promptly review your request and verify the provided QSeal certificate. This process ensures the legitimacy of your access request and compliance with regulatory standards.\n\n### **Step 4:** OAuth2 Authorization Credentials\n Upon successful verification, you will receive a notification confirming the approval of your access request. This communication will include the necessary OAuth2 authorization credentials - ```client_id``` and ```client_secret``` - enabling secure access to the PSD2 API. See **Authorization** section.\n\n### **Step 5:** Integration and Support\n With access granted, proceed with integrating the PSD2 API into your applications using the provided OAuth2 credentials and the endpoint details. Our support team is available to assist you with any questions or challenges encountered during the integration process.\n\n By following this streamlined access request procedure, you can quickly and securely access the PSD2 API using your organization's QSeal certificate. This efficient process allows you to focus on integrating the API seamlessly into your applications, obtaining the OAuth2 credentials necessary for a secure and compliant authorization process within the regulatory framework of PSD2.\n\n## Introduction to Digest Signature Authorization for API Security\n Securing API communication is paramount in the digital landscape, and one effective method is through the use of a digest signature. This introduction provides insights into API authorization using a digest signature composed of selected HTTP headers.\n\n### Why Digest Signature?\n APIs handle sensitive data and transactions, demanding robust security measures. Digest signatures offer a cryptographic approach to authenticate and ensure the integrity of API requests. By incorporating selected HTTP headers into the signature, this method provides a secure means of authorization.\n\n### How Digest Signature Works\n Digest signatures involve the creation of a unique hash value based on selected elements of the HTTP request. These elements typically include headers such as ```Date```, and ```Content-Type```. The hash, commonly created using cryptographic algorithms like SHA-256, serves as a unique fingerprint for the request.\n\n### Benefits of Digest Signature Authorization\n 1. **Enhanced Security:** Digest signatures add an extra layer of security by ensuring that the request's content and headers remain unchanged during transmission.\n 2. **Protection Against Replay Attacks:** The timestamp in the digest signature prevents replay attacks, as the server can validate the freshness of the request.\n 3. **Selective Authorization:** By choosing specific headers for inclusion in the digest, API providers can control which parts of the request contribute to the signature, offering flexibility in authorization.\n 4. **Cryptographic Integrity:** The cryptographic nature of the digest signature ensures that even a minor alteration to the request results in a vastly different signature, providing a robust mechanism for detecting tampering.\n\n### Implementing Digest Signature Authorization\n To implement digest signature authorization, developers must follow a predefined algorithm to construct the signature based on selected headers. The server, in turn, verifies the signature using the same algorithm, ensuring the request's authenticity.\n\n### Getting Started\nThis documentation provides a comprehensive guide on implementing API authorization through digest signatures. Explore the step-by-step process, sample code snippets, and best practices to seamlessly integrate digest signature authorization into your API communication.\n\nEmbrace the power of digest signatures to fortify your API against unauthorized access and tampering. Elevate the security posture of your applications by adopting this robust method of API authorization, ensuring the confidentiality and integrity of your data in transit.\n\n## Authorization by signature in the request header\n * TPP (Third Party Provider) uses its QSeal certificate to call the signed request header\n * In each call, TPP sends a signed digest of selected header parameters in the header according to the defined algorithm\n * The API verifies the hash and signature of selected request headers\n * The TPP Admin checks the JERRS and CA register\n\n### Headers for signature algorithm\n The algorithm is described in detail for each API endpoint. It expects to add these parameters to the request header:\n\n | Parameter | Description | Example |\n |---|---|---|\n | Digest | Digest according to RFC3230 containing the algorithm. The digest is created as a hash of a string composed of the values of the headers specified in the sign structure. | sha-256=449d8432503f072092ad6e2c71e4b44... |\n | Signature | A structure describing the content of the signature, its algorithm and BASE64 value of the signature in the form of a structured string.
Format:
algorithm=\\\"{0}\\\",headers=\\\"{1}\\\",signature=\\\"{2}\\\" | c29a002951a81688c00000.... |\n | TPP-Signature-Certificate | Base64 public part of the certificate (without envelope) | MIIDzDCCArSgAwIBAgIJAPwpq5bhcUyaMA0GCSq... |\n\n> **Warning**\n>\n> *Please be aware that any attempt to use hashing algorithms other than **SHA-256** to generate header signatures will result in errors and the failure of the signature validation process. It is recommended to adhere to the SHA-256 standard to ensure compatibility and security.*\n>\n> **For proper functionality**, it is important to insert the parameter values in the hash string consecutively without a separator, i.e. valueofX-Request-IDvalueofDate \n\n### Example of headers and procedure for a specific request\n ```http\n X-Correlation-Id: c3a95adb-05d5-4b56-a8ac-54d7a2f97645\n X-Request-ID: 36e65182-7a28-11ed-a1eb-0242ac120002\n User-Involved: true\n Authorization: Bearer 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08\n Date: Wed, 22 Oct 2023 07:28:00 GMT\n Digest: SHA256=8adb0cce2022c23bacefa0843260ca54835a16eb64376f98b8f0cb98686802d1\n Signature: algorithm=\"SHA256withRSA\",headers=\"date x-request-id\",signature=\"UqIFDmRRG/j2/pqxMYLHw9XY47rdlz3Wto03C9GraneaZNfHvdKYlwgGw/Bl3uQbZTLTfC+FIhosiLCS0njeL/KuDgLyJTMf1dI/nwoZAduWEiFxlp61rV4OLWWrJO9TSRoE7y+PKDX+9CClGMD0VqD0pQgxipOrEJv9a/Xv0J2sJuHlaiwLrAuH9PtAMhi91vWlXyz2ws7Z4F4ZNIYzrluYNLQ6Tml7lZj7I2jLjj/1MBBZCnZlksg4RUMHDmwkVy4NaP6fUl4+me3YGUd0pGqfyDwO0JCPBOFjL67i/el64DzhdtfjVqNsDfkt8sDe9tM/JC+mRRIGYQ95xw/fAg==\"\n TPP-Signature-Certificate: MIIDzDCCArSgAwIBAgIJAPwpq5bhcUyaMA0GCSqGSIb3DQEBCwUAMHsxCzAJBgNVBAYTAkNaMQ8wDQYDVQQIDAZQcmFndWUxDzANBgNVBAcMBlByYWd1ZTEVMBMGA1UECgwMVGVzdCwgcy5yLm8uMREwDwYDVQQDDAhKb2huIERvZTEgMB4GCSqGSIb3DQEJARYRam9obi5kb2VAdGVzdC5jb20wHhcNMjMwMjA1MTc0ODE5WhcNMjQwMjA1MTc0ODE5WjB7MQswCQYDVQQGEwJDWjEPMA0GA1UECAwGUHJhZ3VlMQ8wDQYDVQQHDAZQcmFndWUxFTATBgNVBAoMDFRlc3QsIHMuci5vLjERMA8GA1UEAwwISm9obiBEb2UxIDAeBgkqhkiG9w0BCQEWEWpvaG4uZG9lQHRlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eRDKWXAV9XF5FLgegwzpekWukH+MRtqeIjHyAn5dy4SIqEbKcwDhSBE9xciUZkAyeOBY3Y4m6y2Y5/d5+gNWDQQ0dYlCsZ090IQIZdMNqaGji+8e0Pzsyzl7FHPE9OlldzFXOk3a0rq0A0bcRJLn7brFXOPqmLS3RaSvQC4pL2hna+ripcxNzZr9jk8lCtQ4rKOOho5azmaXDh/nO7dPMiR1R6cZdCLjmOdVaCBZdSpOufo2xU0Ux2Noyaky65auh1nu7aloQrPCNLzSGJY5xq8W0LEiln0ir7eCkVizHB9UixBzcsTuUKR5uXLyYUA3sQ8TSYIwM6EDu/rz0Z3EwIDAQABo1MwUTAdBgNVHQ4EFgQUWomTS6xJEgkKX1+zu2AA0XxJ1pQwHwYDVR0jBBgwFoAUWomTS6xJEgkKX1+zu2AA0XxJ1pQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEACYDuhO+5I53Mf5EpyPWkt3Vuapujkt1VNgNb60QGQCAdk/ZOdGFRZrbytmAzA7JfroCosSsxTcS18toFefxdPJrPxDOmt+ZrI/o8K++2/3mRWM2bEu2dZJj1+yGe27VqP5qsRVx+DY/iZIySZ+RVp5Mv9Nmb53U+7VDUmGtKiT4LXqwEfxHKkIBNiDs4zoCnIT1rAynLI6KTGsHX21xDMn2nUSF2jIDXSdzi8yiwRzRJ9rdEScpL9pKN444Ud/qOE+H+ryFCHSi/MgHPT+C7A1j2x54KQQ5X6ku9GOS8j2QB4VAC7KTzkRQaZIW3ax5x8ST3vvATTMgzVU6G9Sv//Q==\n ```\n\nContact Support:\n Name: Support\n Email: psd2@partnersbanka.cz",
+ "type": "text/plain"
+ }
+ }
+}
\ No newline at end of file