That is thanks to you and the other 3.400+ registered developers who are developing on our platform. In this newsletter we want to give you an update on our plans for our PSD2 API. Continue reading to learn more about new features and the highly anticipated decoupled user flow that uses Mobile BankID (Swedish market). We are trying our hardest to meet the milestones for implementing the new changes. However life and work continues just a little differently and the same goes for our Open Banking portal.

 

Important: PSD2 API v3 is coming, get ready!

PSD2 API v3 is planned for end of June 2020. In order to make transition to PSD2 API v3 as easy as possible we introduce important changes to PSD2 API Sandbox v3. If you already are integrated to PSD2 API v2 please review and adapt for v3 breaking changes we introduce in PSD2 API Sandbox v3 and technical documentation.

 

Changes we introduce in PSD2 API Sandbox v3 and documentation:

Alignment to BGS v1.3.5 standard and breaking changes:

 

Response body changes for alignment to BGS v1.3.5:

  • POST /consents/{consentID}/authorisations
  • PUT /consents/{consentID}/authorisations/{authorisationID}
  • POST /payments/{payment-product}/{paymentID}/authorisations
  • PUT /payments/{payment-product}/{paymentID}/authorisations/{authorisationID}
  • GET /available-authentication-methods
  • POST /consents in Decoupled approach
  • POST /authorize-decoupled
  • POST /authorisations
  • POST /consents
  • POST /payments/{payment-product} (Decoupled auth only)
 
Request body changes for alignment to BGS v1.3.5:
  • POST /authorize-decoupled
 
HTTP method changes (instead of PATCH):
  • PUT /consents/{consentID}/authorisations/{authorisationID} instead for PATCH
  • PUT /payments/{consentID}/authorisations/{authorisationID} instead of PATCH
 
XML statement support is aligned to other digital channels and made available for corporates only (Baltics).
 

Other changes:

New format is added for better support to Nordea personal account (Sweden) - personal account format without clearing number allowed if prefix ‘PA’ added, check swagger documentation on Developer portal for more details;

    • Improved alignment to OAuth 2.0 and BGS v1.3.5 standard by making BIC parameter not mandatory if country code based URL is used;
    • Support of TPP-Nok-Redirect_URI for redirect approach in Baltic countries;
    • Parallel support of 2 valid consents: All accounts consent, detailed consent.
 

Decoupled is already here!

We're also glad to announce that Decoupled authentication approach for private domestic payments in Sweden is already available in production! However, due to upcoming Mobile BankID 5.1 upgrades, that we're going to deliver at the beginning of May 2020 some changes will be required from everyone who already has integrated this authentication method. Yes, the world is not stable these days, but we promise to do our best to deliver this on time.

And of course with these latest updates the developer and swagger documentation has also been updated and smaller improvements and bug fixes have been made.

 

What’s next?

As we want you to be able to work smoothly with our Developer portal and plan ahead, please take note that 3rd PSD2 API version will include all v2 services and will be extended with additional already described above changes and features. We strongly encourage you to check your integration against changes because PSD2 API v2 Sandbox and production will be closed on August 2020. To make things more clear here is short summary what is needed to know about PSD2 API version changes:

  • 2020 March PSD2 API Sandbox v3 release;
  • 2020 June PSD2 API v3 production release;
  • 2020 August PSD2 API v2 production and sandbox close.
 

Thank you for tuning in and as always - if you have any questions or feedback don’t hesitate to contact us at openbanking@swedbank.com – we are just one quick e-mail away and over 80% of inquiries are answered within one working day.