|PTSB Dynamic Client Registration||v1.0|
|Account and Transactions||Open Banking UK v3.1|
|Payment Initiation||Open Banking UK v3.1|
|Confirmation of Funds||Open Banking UK v3.1|
To get started with our APIs you will need to register your application using the Dynamic Client Register API and be provided with OAuth 2.0 client credentials.
Please find below key information in relation to our production environment.
The PTSB OBIE Financial ID is 0015800001ZEZ3yAAH
|x-fapi-interaction-id||It is optional to provide an x-fapi-interaction-id, however we recommend passing a globally unique x-fapi-interaction-id header to be used as a correlation ID. If no x-fapi-interaction-id header is passed, an ID will be generated by us and returned in our response.|
We have developed our Security Profile in line with the Open Banking Standards: detailed information including specifications is available on UK Open Bank Security Profile.
|Process for signing a payload||
PTSB requires TPP’s to sign their Payment Post requests with their QSealC certificate. The following outlines the steps for signing a payments payload.
Step 1: Identify the Private Key and Corresponding Signing Certificate to be used for Signing.
We require TPP’s to sign their messages with their QSealC certificate. The signing key must be valid at the time of creating the JWS. The TPP’s QSealC certificate which contains the TPP’s public key must be transmitted with the request in the “tpp-signature-certificate” header.
Step 2: Form the JOSE Header. The JOSE header for the signature must contain the following claims:
a. alg -
i. This must be PS256.
i. This must be in the past, a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time.
i. This value must match the subject of the signing certificate.
Step 3: Compute the JWS. The signer must compute the signature as a detached JWS.
Step 4: Add the JWS as a HTTP Header. The signer must include an HTTP header called x-jws-signature with its value set to the signature computed in Step 3.
NOTE: All Dynamic Client Registration API response and PISP response messages sent to a TPP will be signed by PTSB’s QSealC certificate. The API response messages sent to the TPP will be accompanied by the “x-jws-signature” in the header. TPPs should use our well-known configuration endpoint and from here they will use the "jwks_uri":" to retrieve the PTSB QSealC Certificate for signature validation.
Alert: Please ensure that there are no trailing spaces or lines at the end of the JWT request body.
Please find below API functional implementation guidelines.
|Account and Transactions||Open Banking UK v3.1||AISP functional implementation guide|
|Payment Initiation||Open Banking UK v3.1||PISP functional implementation guide|
Note: We currently only support SCA redirect for following AISP requests (unless an exemption applies).
We are planning to introduce SCA redirect for remainder of the data requests in near future and AISPs will be notified in advance of the change.
For further information about our APIs including the API Swagger definitions please enrol on the Developer Portal. The Account and Transactions, Payment Initiation and Confirmation of Funds APIs are developed in line with the Open Banking Standards.
Please use our Sandbox to test your application’s integration with our suite of API in advance of using the production environment.