Below is a summary of the technical details for the PTSB Dedicated Interface available to authorised TPPs. For more detailed information including the API swagger files please enrol on the Developer Portal.
Each of the Application Programming Interfaces (APIs) found in this portal has been developed and designed in line with the Open Banking Standards. This market-enabling standard is designed to assist European account providers in meeting their PSD2 and RTS requirements. For detailed information on the Open Banking Standards including detailed specifications please visit www.openbanking.org.uk.
To enable AISPs, PISPs and CISPs to identify and mutually authenticate themselves with our APIs, we require both a QWAC and QSealC certificates. These certificates also allow us to establish a secure connection and prove origin, authenticity, and integrity of data.
eIDAS Technical Specification
For further information in relation to the use of a QWAC and QSealC please refer to Electronic Signatures and Infrastructures (ESI); Sector Specific Requirements; Qualified Certificate Profiles and TSP Policy Requirements under the payment services Directive (EU) 2015/2366 (ETSI TS 119 495 V1.2.1)
The API employs OAuth 2.0 as outlined in the Open Banking Security profile which is based on the Open ID Foundation’s Financial Grade API (FAPI) and Client Initiated Backchannel Authentication (CIBA) profiles
We utilise redirection for PSU authentication, whereby the PSU will be redirected to a permanent TSB domain where they will complete authentication
To view and browse the API Swagger files please enrol on our Developer Portal