Security

Security

Security 1.2.3

Includes API calls for securing monetrary transactions, implementing a 2FA mechanism using sms and/or token devices.

expand_moreexpand_lessContact information
rapidlink support
expand_moreexpand_lessLicense
Privacy Policy
production
development
https://api.rapidlink.piraeusbank.gr/piraeusbank/production

Base Gateway API Endpoint

Paths

/token/select/{TokenType}/for/{SessionKey}

post /token/select/{TokenType}/for/{SessionKey}

Generate {TokenType} second factor pin

Use /{TokenType}/generate/force to generate again temporary pin to be used as a second factor authentication in monetary and other information sensitive transactions. This is usefull in case the first pin, never reached the client.

To use this operation you must use one of the following sets of security requirements.
clientIdHeader
X-IBM-Client-Id
(apiKey located in header)
MSIS OAuth
MSIS OAuth
(oauth2 accessCode)
Authorization URL
https://openbank.piraeusbank.gr/identityserver/connect/authorize
Token URL
https://openbank.piraeusbank.gr/identityserver/connect/token
Scopes
winbankAccess winbankAccess.info winbankAccess.monetaryTransactions
clientIdHeader
X-IBM-Client-Id
(apiKey located in header)
Sandbox OAuth
Sandbox OAuth
(oauth2 accessCode)

Resource Owner Implicit Grant Type

Authorization URL
https://api.rapidlink.piraeusbank.gr/piraeusbank/production/v1.2/oauth/oauth2/authorize
Token URL
https://api.rapidlink.piraeusbank.gr/piraeusbank/production/v1.2/oauth/oauth2/token
Scopes
/sandboxapi
Access to all security resources in sandbox
Authorization
Required in header
string

This header should be in the form "Bearer Token", where Token is returned from the call to OAuth2.

TokenType
Required in path
string

The method through which the user will receive the extrapin token for the particular transaction. Accepted values: SMS_OTP, PUSH_OTP.

Optional in
object
Accept
Optional in header
string
application/json
lisa.pavlidi@gr.ey.com
200

OK

Token_Select_Output
400

Bad Request

Error_Output
401

Unauthorized

Error_Output
403

Forbidden

Error_Output
404

Not Found

Error_Output
412

Precondition Failed

Error_Output
440

Login Time-Out

Error_Output
501

Not Implemented

Error_Output
Example Request
Example Response
POST https://api.rapidlink.piraeusbank.gr/piraeusbank/production/v1.2/security/token/select/{TokenType}/for/{SessionKey}
Try this operation
https://api.rapidlink.piraeusbank.gr/piraeusbank/production/v1.2/security/token/select/{TokenType}/for/{SessionKey}
accept
Authorization
TokenType

Definitions 

{
    "type": "object",
    "properties": {
        "httpCode": {
            "type": "string"
        },
        "httpMessage": {
            "type": "string"
        },
        "errorCode": {
            "type": "string"
        },
        "errorMessage": {
            "type": "string"
        }
    },
    "example": "{\n\t\"httpCode\": \"412\",\n\t\"httpMessage\": \"Precondition Failed\",\n\t\"errorCode\": \"API-987\",\n\t\"errorMessage\": \"sample error message\"\n}"
}
              
{
    "type": "object",
    "properties": {
        "Valid": {
            "type": "boolean"
        },
        "tokenType": {
            "type": "string"
        }
    },
    "example": "{\n\t\"Valid\": true,\n\t\"tokenType\": \"extrapin\"\n}"
}