PSD2

General

Our services are based on the Berlin Group NextGenPSD2 standard.

Payment initiation services

These services will allow you to let your end user initiate a payment from her account at Sparebanken Vest. The service will ask for a strong customer authentication as long as no excemption is applied. Read about our payment initiation services here (requires login)

Account information services

With these services you will be able to retrieve balances and transactions from your end users’ account. Read about our account information services here (requires login)

Authenticate your application

To authenticate towards our services you need to register first and we will provide you with credentials. At a later stage we will implement authentication of third parties (PISPs and AISPs) using information from an PSD2 eIDAS certificate.

Authenticate the end user (PSU)

We use Open ID Connect and OAuth2 in our offering for identifying end users. At the moment we only support Norwegian BankID as a way of authenticating the end user.

Sandbox and production environment access

Connecting to our PSD2 sandbox and production environment is done the same way, but requires different credentials. If not received already during registration, please contact us at developer@spv.no.

Our current sandbox environment is somewhat limited, but is being actively developed to provide more features. You are able to perform most operations successfully, but are not able to perform SCA and data is not persisted. That means, for example, that a valid consent-id is not required to list or view accounts, but the field itself is.

To get a token for the sandbox environment you must use a difference audience than the other environments. Here is an example:

# Get access token (uses jq to extract token)
curl --request POST \
  --url https://[environment].eu.auth0.com/oauth/token \
  --header 'content-type: application/json' \
  --data '{"client_id":[client_id],"client_secret":[client_secret],"audience":"https://psd2-sandbox.spvdevapi.no","grant_type":"client_credentials"}' | jq ".access_token" -r

Please refer to the different PSD2 API’s for their respective sandbox URL.