Overview
This section gives an overview of the API calls required when integrating via the following models:
- SELF-HOSTED
- SELF-HOSTED-CALLBACK
See AIS Implementation Options for more on these options.
Depending on the setup that best suits your business needs, the API calls that you need to make and how you process the responses vary.
A Note on Authentication
When interacting with the Nuapay Endpoints you must be authenticated via one of the following:
- API Keys
- OAuth Tokens
For more details, and to decide on the approach that suits your business needs, see the available Authentication Options under the Security section.
Self-Hosted
Call the following services in this order:
| POST | Access Token | (Optional) Use this service to retrieve an OAuth token, which you will use to authenticate yourself in subsequent calls. Alternatively you may use your API Key. |
| GET | Retrieve Banks | Use this service to give your PSU a list of banks from which to choose. In your request, filter on services = AISP |
| - | - | The PSU selects a bank (also referred to as the ASPSP). |
| POST) | Create Consent | Once the user selects an ASPSP, pass its bankId in the consent request. |
| - | - | The PSU is redirected to authenticate and approve the access request on that ASPSP’s online banking portal. Once the user approves or declines the request, he/she is redirected to the merchantPostAuthUrl (as referenced in the Create Consent call). |
| GET | Retrieve Consent | Retrieve the status of the consent request. |
For more details on this see the Merchant-Level Self-Hosted Setup
Self-Hosted Callback
Call the following services in this order:
| POST | Access Token | Use this service to retrieve an OAuth token, which you will use to authenticate yourself in subsequent calls. |
| GET | Retrieve Banks | Use this service to give your PSU a list of banks from which to choose. In your request, filter on services = AISP |
| - | - | The PSU selects a bank (also referred to as the ASPSP). |
| POST | Create Consent | Once the user selects an ASPSP, pass its bankId in the consent request. |
| - | - | The PSU is redirected to authenticate and approve the consent on that ASPSP’s online banking portal. Once the user approves or declines the request he/she is redirected to the merchantPostAuthUrl (as referenced in the Create Consent call). |
| POST | Access Token | Pass your merchant API Key with the required scope = openbanking_callback to retrieve an OAuth access token. |
| POST | Forward Account Access Consent Callback | In this mode as the callback/redirect from the ASPSP does not go directly to the Nuapay TPP, it is required to forward the details via this service; you must pass your callbackAccessToken and the callbackParams |
| GET | Retrieve Consent Status | Retrieve the status of the consent. |
Once you have an ACTIVE consent you may use the List Accounts service to retrieve account details.