PIS Examples

This section contains detailed examples of monetary transfers performed with PSD2 PIS API.

    • Scenario #1 describes the mandatory and optional steps so that the PSU performs a transfer between their own accounts within Piraeus Bank.
    • Scenario #2 provides the mandatory and optional steps so that the PSU performs a transfer between one of their own accounts and a third party's account within Piraeus Bank.
    • Scenario #3 explains the mandatory and optional steps so that the PSU performs a transfer between one of their own accounts within Piraeus Bank and a third party's account in another bank (remittance).

In all cases, the basic concept involves making requests to the endpoint links provided in each step's response object.
In transfers between PSU's own accounts or when the creditor has been whitelisted by the PSU, no SCA is required. Then, the only mandatory step after payment initiation is payment execution, which is achieved by making a POST request to the link "execute".
On the contrary, when SCA is necessary (scenarios 2 and 3), then the mandatory steps include transaction authorization (unless the preselected SCA method is TOUCH_OTP and the PSU uses fingerprint validation to authorize the transaction) and payment execution.
The optional steps in all cases include the retrieval of payment information (by making a GET request to the link "self") and of payment status (by making a GET request to the link "status").
Furthermore, when SCA is performed, the optional steps also include SCA method selection (by making a PUT request to the link "selectAuthenticationMethod") and retrieval of SCA status (by making a GET request to the link "scaStatus").

 

 


 

Scenario #1: Transfer between PSU’s Own Accounts

Step 1: Initiate Payment

As transfers between PSU’s own accounts do not require SCA, the response includes endpoint links for payment information (self), payment status (status) and payment execution (execute). To perform each call use, the link exactly as provided. For your convenience, the response also contains the request verb (POST, GET or PUT) for each endpoint. The mandatory request headers remain the same as those of the initial call.
Also, note that in order to provide a reason for the particular transfer you must fill in the field “remittanceInformationUnstructured” with a serialized JSON object with the single attribute “comments” (see highlighted example below).

Request
curl -X POST \
https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \
  -d '{
       "endToEndIdentification": "1111111",
       "debtorAccount": {
              "iban": "GR34********************131",
              "currency": "EUR"
       },
       "instructedAmount": {
              "currency": "EUR",
              "amount": "123.00"
       },
       "creditorAccount": {
              "iban": " GR33********************149",
              "currency": "EUR",
              "msisdn" : "6979797979"
       },
       "creditorAgent": "",
       "creditorName": "G. Pap.",
       "creditorAddress": {
              "street": "",
              "buildingNumber": "",
              "city": "",
              "postalCode": "",
              "country": ""
       },
       "remittanceInformationUnstructured": "{\"comments\": \"test transfer to own account\"}"
'

Response
{
    "transactionStatus": "RCVD",
    "paymentId": "8183f925-d604-4bd1-b44f-54201848f4fc",

    "transactionFees": {
        "amount": 0
    },
    "transactionFeeIndicator": false,
    "_links": {
        "self": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/8183f925-d604-4bd1-b44f-54201848f4fc",
            "verb": "GET"
        },
        "status": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/8183f925-d604-4bd1-b44f-54201848f4fc/status",
            "verb": "GET"
        },
        "execute": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers?paymentId=8183f925-d604-4bd1-b44f-54201848f4fc&executionKey=a75a7e01c3144b0faf408dee3dbdb45d",
            "verb": "POST"
        }
    }
}

  

Step 2: Execute Payment

To complete the payment, you need to perform a POST request to the “execute” link.

Request
curl -X POST \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers?paymentId=8183f925-d604-4bd1-b44f-54201848f4fc&executionKey=a75a7e01c3144b0faf408dee3dbdb45d \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \
 

Response
{
    "transactionStatus": "ACCC",
    "paymentId": "8183f925-d604-4bd1-b44f-54201848f4fc",
    "transactionFees": {
        "amount": 0
    },
    "transactionFeeIndicator": false,
    "_links": {
        "self": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/8183f925-d604-4bd1-b44f-54201848f4fc",
            "verb": "GET"
        },
        "status": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/8183f925-d604-4bd1-b44f-54201848f4fc/status",
            "verb": "GET"
        }
    },
    "psuMessage": "EB17061900457354"
}

  

Extra (Optional) Step #1: Get Payment Information

This endpoint basically returns the input you have provided when initiating the payment, together with the transaction status at the time of the call.

Request
curl -X GET \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/8183f925-d604-4bd1-b44f-54201848f4fc \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \

Response
{
    "endToEndIdentification": "1111111",
    "debtorAccount": {
        "iban": "GR3401729760005976008074131",
        "currency": "EUR"
    },
    "instructedAmount": {
        "currency": "EUR",
        "amount": 55
    },
    "creditorAccount": {
        "iban": "GR3301729760005976008074149",
        "msisdn": "6979797979",
        "currency": "EUR"
    },
    "creditorAgent": "",
    "creditorName": "G. Pap",
    "creditorAddress": {
        "streetName": "",
        "buildingNumber": "",
        "townName": "",
        "postCode": "",
        "country": ""
    },
    "remittanceInformationUnstructured": "{\"comments\": \"test transfer to own account\"}",
    "transactionStatus": "ACSC"
}

 

Extra (Optional) Step #2: Get Payment Status

The status value depends on which step of the process you call the endpoint. Possible values: RCVD, ACSC. 

Request
curl -X GET \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/8183f925-d604-4bd1-b44f-54201848f4fc \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \ 

Response
{
    "transactionStatus": "ACSC"
}

 

Note that…

If you call the endpoint that starts payment authorization, although it is not required, the API will return the following response:
 

Request [not required]
curl -X POST \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/8183f925-d604-4bd1-b44f-54201848f4fc/authorisations \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \ 

Response [to unnecessary call]
{
    "tppMessages": [
        {
            "category": "ERROR",
            "code": "SCA_METHOD_UNKNOWN",
            "text": "This payment does not require authorisation. Proceed with direct execution through 'execute' link."
        }
    ]
}

 


 

Scenario #2: Transfer to Third Party Accounts within Piraeus Bank (Intra-Bank Transfers)

 

Step 1: Initiate Payment

Intra-bank monetary transfers require SCA, so the response includes endpoint links for starting SCA process (startAuthorisation), payment information (self) and payment status (status). To perform each call, use the link exactly as provided. For your convenience, the response also contains the request verb (POST, GET or PUT) for each endpoint. The mandatory request headers remain the same as those of the initial call.
Also, note that in order to provide a reason for the particular transfer you must fill in the field “remittanceInformationUnstructured” with a serialized JSON object with the single attribute “comments” (see highlighted example below).

Request
curl -X POST \
  https:// api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \
  -d '{
       "endToEndIdentification": "22222222",
       "debtorAccount": {
              "iban": "GR34********************131",
              "currency": "EUR"
       },
       "instructedAmount": {
              "currency": "EUR",
              "amount": "123.00"
       },
       "creditorAccount": {
              "iban": " GR65********************000",
              "currency": "EUR",
              "msisdn" : "6979797979"
       },
       "creditorAgent": "",
       "creditorName": "Al. Konst.",
       "creditorAddress": {
              "street": "",
              "buildingNumber": "",
              "city": "",
              "postalCode": "",
              "country": ""
       },
       "remittanceInformationUnstructured": "{\"comments\": \"test transfer to third party account\"}"
}'
  

Response
{
    "transactionStatus": "RCVD",
    "paymentId": "cc1daf39-809e-4ab1-a2b9-f483bdd351ba",
    "transactionFees": {
        "amount": 0
    },
    "transactionFeeIndicator": false,
    "_links": {
        "startAuthorisation": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations",
            "verb": "POST"
        },
        "self": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba",
            "verb": "GET"
        },
        "status": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/status",
            "verb": "GET"
        }
    }
}

 

Step 2: Authorize Transaction

To start the SCA process, you need to perform a POST request to the “startAuthorisation” link from the previous step, so that the user receives a One-Time Pin (OTP).
OTPs are transactional, i.e. required per transaction. TPP applications do not need to request for OTP generation. Instead, in all cases when an OTP is needed, the API will return an appropriate message or error.
If the preselected SCA method is SMS_OTP or PUSH_OTP, then the system will automatically send the OTP to the end-user's registered mobile phone (via SMS or push notification and will expect that OTP as input for the PSU authentication data update (STEP 3b) and final execution (STEP 4) steps.
In the case of CHIP_OTP, the PSU will get the OTP from a token generator device. The TPP will again have to retrieve that OTP from the PSU to provide it as input for the PSU authentication data update (STEP 3b) and final execution (STEP 4) steps.
In the case of TOUCH_OTP, the system will require the PSU to authorize the transaction using their smartphone's fingerprint functionality, so the TPP will not have to provide the OTP during the PSU authentication data update (STEP 3b) and final execution (STEP 4) steps.
To update the PSU authentication data with the received OTP, you need to perform a PUT request to the “startAuthorisation” link (STEP 3b).
On the other hand, there is also the possibility to select a SCA method different from the preselected, if another method is available for the specific PSU, by making a PUT call to the “selectAuthenticationMethod” link (STEP 3a).
The response of this step contains the authorisationId of the newly initiated authorisation (SCA) process, the current status of the SCA process, the available and preselected SCA methods of the particular PSU, as well as the necessary links to proceed with the next steps (STEP 3a or 3b) as described above, to directly execute the payment when TOUCH_OTP functionality is applied, or to get the status of the SCA process at any given time. 

Request
curl -X POST \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \ 

Response
{
    "scaStatus": "scaMethodSelected",
    "authorisationId": "a6657311-14cd-422c-8f35-1053076dbd7f",
    "scaMethods": [
        {
            "authenticationType": "TOUCH_OTP",
            "authenticationMethodId": "8",
            "name": "ExtraPin through Notification with Touch ID in winbank mobile app"
        },
        {
            "authenticationType": "SMS_OTP",
            "authenticationMethodId": "2",
            "name": "ExtraPin through SMS on the declared mobile phone number"
        }
    ],
    "chosenScaMethod": {
        "authenticationType": "TOUCH_OTP",
        "authenticationMethodId": "8",
        "name": "SCA through notification to the registered mobile application, using fingerprint functionality"
    },
    "_links": {
        "authoriseTransaction": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations/a6657311-14cd-422c-8f35-1053076dbd7f",
            "verb": "PUT"
        },
        "selectAuthenticationMethod": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations/a6657311-14cd-422c-8f35-1053076dbd7f",
            "verb": "PUT"
        },
        "scaStatus": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations/a6657311-14cd-422c-8f35-1053076dbd7f",
            "verb": "GET"
        }},
        "execute": {
            "href": " https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations/a6657311-14cd-422c-8f35-1053076dbd7f&executionKey=95147d672b584f63a9afb903ad0bfe08&scaAuthenticationData=dae9dcb7cea34f68a62d0270e6c396c6",
            "verb": "POST"
        }
    }
}

 

Step 3a: Select Authentication Method (Optional)

To change the SCA method and get a new OTP (possibly because the PSU has failed to receive the OTP through the preselected method), you need to perform a PUT request to the “selectAuthenticationMethod” link, providing the authenticationMethodId of the desired SCA method, as given in the response of the previous step.
In the following example, the preselected method (TOUCH_OTP) is temporarily overridden (only for the specific transfer) and replaced by SMS_OTP, with authenticationMethodId = 2.
The response object contains the new chosen SCA method, as well as the “authoriseTransaction” link for STEP 3b and “scaStatus” link to get the status of the SCA process at any given time.

Request
curl -X PUT \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations/a6657311-14cd-422c-8f35-1053076dbd7f \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \
  -d '{

       "authenticationMethodId": 2
}'

Response
{
    "chosenScaMethod": {
        "authenticationType": "SMS_OTP",
        "authenticationMethodId": "2",
        "name": "SCA through SMS message to the registered mobile number, using one time pin"
    },
    "_links": {
        "authoriseTransaction": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations/a6657311-14cd-422c-8f35-1053076dbd7f ",
            "verb": "PUT"
        },
        "scaStatus": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations/a6657311-14cd-422c-8f35-1053076dbd7f ",
            "verb": "GET"
        }
    },
    "scaStatus": "scaMethodSelected"
}
 

Step 3b: Update PSU Authentication Data (Mandatory)

To provide the OTP received by the PSU, you need to perform a PUT request to the “authoriseTransaction” link, with the OTP as the value of the scaAuthenticationData attribute of the requestBody object.
The response object contains the “execute” link for the final payment execution (STEP 4) and the “scaStatus” link to get the status of the SCA process at any given time.

Request
curl -X PUT \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations/a6657311-14cd-422c-8f35-1053076dbd7f \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \
  -d '{
       "scaAuthenticationData": "3288000"
   }'

Response
{
    "_links": {
        "execute": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers?paymentId=cc1daf39-809e-4ab1-a2b9-f483bdd351ba&executionKey=795db7a3c8d74adda7645c69af3dee99&scaAuthenticationData=3288000",
            "verb": "POST"
        },
        "scaStatus": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations/a6657311-14cd-422c-8f35-1053076dbd7f",
            "verb": "GET"
        }
    },
    "scaStatus": "finalised"
}

 

Step 4: Execute Payment

To complete the payment, you need to perform a POST request to the “execute” link.

Request
curl -X POST \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers?paymentId=cc1daf39-809e-4ab1-a2b9-f483bdd351ba&executionKey=795db7a3c8d74adda7645c69af3dee99&scaAuthenticationData=3288000 \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \

Response
{
    "transactionStatus": "ACCC",
    "paymentId": "cc1daf39-809e-4ab1-a2b9-f483bdd351ba",
    "transactionFees": {
        "amount": 0
    },
    "transactionFeeIndicator": false,
    "_links": {
        "self": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba ",
            "verb": "GET"
        },
        "status": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/status",
            "verb": "GET"
        }
    },
    "psuMessage": "EB17061900485673"
}

 

 

Extra (Optional) Step #1: Get Payment Information

[see Scenario #1]

 

Extra (Optional) Step #2: Get Payment Status

[see Scenario #1]

 

Extra (Optional) Step #3: Get SCA Status

The status value depends on which step of the SCA process you call the endpoint. Possible values: scaStatusSelected, finalized, failed, rejected.

Request
curl -X GET \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/authorisations/a6657311-14cd-422c-8f35-1053076dbd7f \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \

Response
{
    "scaStatus": "finalised"
}

 


Scenario #3: Remittance (Inter-Bank Transfers)

 

Step 1: Initiate Payment

Inter-bank monetary transfers require SCA, so the required steps are the same as those of Scenario #2 above for intra-bank transfers.
However, to provide additional useful guidelines, in this scenario the SCA process will involve payment authorisation via TOUCH_OTP.
Note that the creditorName and “remittanceInformationUnstructured.comments” are mandatory fields for these payments (see highlighted example below) and that in the response code, there is information about the charged transaction fees (transactionFeeIndicator =  true, transactionFees.Amount = 0.30).

Request
curl -X POST \
  https:// api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \
  -d '{
       "endToEndIdentification": "333333",
       "debtorAccount": {
              "iban": "GR34********************131",
              "currency": "EUR"
       },
       "instructedAmount": {
              "currency": "EUR",
              "amount": "123.00"
       },
       "creditorAccount": {
              "iban": " CY04********************4100",
              "currency": "EUR",
              "msisdn" : "003545789252"
       },
       "creditorAgent": "",
       "creditorName": " N. Nikolaou.",
       "creditorAddress": {
              "street": "",
              "buildingNumber": "",
              "city": "",
              "postalCode": "",
              "country": ""
       },
       "remittanceInformationUnstructured": "{\"comments\": \" test remittance\"}"
}'

Response
{
    "transactionStatus": "RCVD",
    "paymentId": "5eadb71c-269a-41c0-a384-4be859247dbf",
    "transactionFees": {
        "amount": 0.30
    },
    "transactionFeeIndicator": true,
    "_links": {
        "startAuthorisation": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/5eadb71c-269a-41c0-a384-4be859247dbf/authorisations",
            "verb": "POST"
        },
        "self": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/5eadb71c-269a-41c0-a384-4be859247dbf",
            "verb": "GET"
        },
        "status": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/5eadb71c-269a-41c0-a384-4be859247dbf/status",
            "verb": "GET"
        }
    }
}

 

Step 2: Authorize Transaction

[see Scenario #2, Step 2 for details]

Request
curl -X POST \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/5eadb71c-269a-41c0-a384-4be859247dbf/authorisations \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \

Response
{
    "scaStatus": "scaMethodSelected",
    "authorisationId": "b500f88c-aca8-4ecc-b2cf-1550edb6f7c7",
    "scaMethods": [
        {
            "authenticationType": "TOUCH_OTP",
            "authenticationMethodId": "8",
            "name": "ExtraPin through Notification with Touch ID in winbank mobile app"
        },
        {
            "authenticationType": "SMS_OTP",
            "authenticationMethodId": "2",
            "name": "ExtraPin through SMS on the declared mobile phone number"
        }
    ],
    "chosenScaMethod": {
        "authenticationType": "TOUCH_OTP",
        "authenticationMethodId": "8",
        "name": "SCA through notification to the registered mobile application, using fingerprint functionality"
    },
    "_links": {
        "authoriseTransaction": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/5eadb71c-269a-41c0-a384-4be859247dbf/authorisations/b500f88c-aca8-4ecc-b2cf-1550edb6f7c7",
            "verb": "PUT"
        },
        "selectAuthenticationMethod": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/5eadb71c-269a-41c0-a384-4be859247dbf/authorisations/b500f88c-aca8-4ecc-b2cf-1550edb6f7c7",
            "verb": "PUT"
        },
        "scaStatus": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/5eadb71c-269a-41c0-a384-4be859247dbf/authorisations/b500f88c-aca8-4ecc-b2cf-1550edb6f7c7",
            "verb": "GET"
        },
        "execute": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers?paymentId=5eadb71c-269a-41c0-a384-4be859247dbf&executionKey=95147d672b584f63a9afb903ad0bfe08&scaAuthenticationData=dae9dcb7cea34f68a62d0270e6c396c6",
            "verb": "POST"
        }
    }
}

 

Step 3a: Select Authentication Method (Optional)

[will not be performed in this Scenario to explain TOUCH_OTP functionality]

 

Step 3b: Update PSU Authentication Data (Mandatory)

[N/A in this Scenario, as TOUCH_OTP functionality is applied]

 

Step 4: Execute Payment

First run Extra (Optional) Step #3: Get SCA Status. As soon as the scaStatus is “received”, complete the payment via a POST request to the “execute” link.

Request
curl -X POST \
  https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers?paymentId=5eadb71c-269a-41c0-a384-4be859247dbf&executionKey=95147d672b584f63a9afb903ad0bfe08&scaAuthenticationData=dae9dcb7cea34f68a62d0270e6c396c6 \
  -H 'Authorization: Bearer [OAUTH_ACCESS_TOKEN]' \
  -H 'Content-Type: application/json' \
  -H 'PSU-IP-Address: [PSU_IP_ADDRESS]' \
  -H 'X-Client-Certificate: [QWAC_PEM_CONTENT]' \
  -H 'X-IBM-Client-ID: [CLIENT_ID]' \
  -H 'X-Request-ID: [GUID]' \

Response
{
    "transactionStatus": "ACSC",
    "paymentId": "5eadb71c-269a-41c0-a384-4be859247dbf",
    "transactionFees": {
        "amount": 0.30
    },
    "transactionFeeIndicator": true,
    "_links": {
        "self": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba ",
            "verb": "GET"
        },
        "status": {
            "href": "https://api.rapidlink.piraeusbank.gr/pireausbank/production/psd2/v3.1/payments/sepa-credit-transfers/cc1daf39-809e-4ab1-a2b9-f483bdd351ba/status",
            "verb": "GET"
        }
    },
    "psuMessage": " F928TO0000007186"
}

 

Extra (Optional) Step #1: Get Payment Information

[see Scenario #1]

 

Extra (Optional) Step #2: Get Payment Status

[see Scenario #1]

 

Extra (Optional) Step #3: Get SCA Status

[see Scenario #2]