Skip to main content

🇬🇪 Georgia v0.8 - Update PSU Data for consents

PUT https://open-banking-api.paysera.com/xs2a/georgia/0.8/v1/consents/{consentId}/authorisations/{authorisationId}

This method update PSU data on the consents resource if needed. It may authorise a consent within the Embedded SCA Approach where needed.

Independently from the SCA Approach it supports e.g. the selection of the authentication method and a non-SCA PSU authentication.

This methods updates PSU data on the cancellation authorisation resource if needed.

There are several possible update PSU data requests in the context of a consent request if needed, which depends on the SCA approach:

  • Redirect SCA Approach: A specific Update PSU data request is applicable for
    • the selection of authentication methods, before choosing the actual SCA approach.
  • Decoupled SCA Approach: A specific update PSU data request is only applicable for
    • adding the PSU Identification, if not provided yet in the payment initiation request or the Account Information Consent Request, or if no OAuth2 access token is used, or
    • the selection of authentication methods.
  • Embedded SCA Approach: The Update PSU data request might be used
    • to add credentials as a first factor authentication data of the PSU and
    • to select the authentication method and
    • transaction authorisation.

The SCA Approach might depend on the chosen SCA method. For that reason, the following possible update PSU data request can apply to all SCA approaches:

  • Select an SCA method in case of several SCA methods are available for the customer.

There are the following request types on this access path:

  • Update PSU identification
  • Update PSU authentication
  • Select PSU autorization method WARNING: This method needs a reduced header, therefore many optional elements are not present. Maybe in a later version the access path will change.
  • Transaction Authorisation WARNING: This method needs a reduced header, therefore many optional elements are not present. Maybe in a later version the access path will change.

Authorization​

This endpoint requires mTLS (Mutual TLS) authentication using a valid QWAC certificate.

Requirements:

  • Valid QWAC certificate issued by a qualified trust service provider (QTSP)
  • Certificate must be registered with Paysera
  • Certificate organization identifier must match your TPP registration in the EBA register

Example (cURL):

curl https://open-banking-api.paysera.com/xs2a/georgia/0.8/v1/endpoint \
  --cert qwac-cert.pem \
  --key qwac-key.pem \
  -H "Content-Type: application/json" \
  -H "X-Request-ID: $(uuidgen)"

For detailed authentication guide, see Authentication.

Parameters​

Path Parameters​

NameTypeRequiredDescription
consentIdstring✓ID of the corresponding consent object as returned by an account information consent request.
authorisationIdstring✓Resource identification of the related SCA.

Request Body​

Errors​

This endpoint may return the following errors:

400 - Bad Request​

The request could not be understood by the server due to malformed syntax or invalid parameters.

Common error codes:

  • FORMAT_ERROR - Invalid request format or syntax
  • PARAMETER_NOT_CONSISTENT - Request parameters are inconsistent with each other
  • PARAMETER_NOT_SUPPORTED - Request contains unsupported parameters
  • SERVICE_INVALID - The addressed service is not valid for the addressed resources
  • RESOURCE_UNKNOWN - The addressed resource is unknown relative to the TPP
  • RESOURCE_EXPIRED - The addressed resource has expired
  • RESOURCE_BLOCKED - The addressed resource is blocked
  • TIMESTAMP_INVALID - The provided timestamp is invalid or malformed
  • PERIOD_INVALID - The provided time period is invalid
  • SCA_METHOD_UNKNOWN - The requested SCA method is not supported
  • SCA_INVALID - The SCA authentication data is invalid
  • CONSENT_UNKNOWN - The consent ID is unknown or invalid
  • CONSENT_INVALID - The consent is invalid or cannot be used
  • PAYMENT_FAILED - The payment initiation has failed
  • EXECUTION_DATE_INVALID - The execution date is invalid (e.g., in the past or too far in the future)
  • REQUIRED_KYC_MISSING - Required KYC information is missing
  • SESSIONS_NOT_SUPPORTED - Sessions are not supported by this ASPSP
  • ACCESS_EXCEEDED - The access frequency limit has been exceeded
  • REQUESTED_FORMATS_INVALID - The requested formats are not supported
  • BENEFICIARY_WHITELISTING_REQUIRED - This operation requires beneficiary whitelisting

Example response:

{
  
  "title": "Bad Request",
  "detail": "Invalid request format or syntax",
  "code": "FORMAT_ERROR"
}

401 - Unauthorized​

Certificate authentication failed or is missing.

Common error codes:

  • CERTIFICATE_INVALID - The TPP certificate is not valid
  • CERTIFICATE_EXPIRED - The TPP certificate has expired
  • CERTIFICATE_BLOCKED - The TPP certificate has been blocked by the ASPSP
  • CERTIFICATE_REVOKED - The TPP certificate has been revoked
  • CERTIFICATE_MISSING - The TPP certificate is missing in the request
  • ROLE_INVALID - The TPP certificate does not have the required role (PIS, AIS, PIIS, etc.)
  • SIGNATURE_INVALID - The request signature is invalid or verification failed
  • SIGNATURE_MISSING - The required signature is missing from the request
  • CORPORATE_ID_INVALID - The corporate ID in the certificate does not match the registration
  • PSU_CREDENTIALS_INVALID - The PSU credentials provided are invalid
  • CONSENT_INVALID - The consent token is invalid or has been revoked

Example response:

{
  
  "title": "Unauthorized",
  "detail": "The TPP certificate is not valid",
  "code": "CERTIFICATE_INVALID"
}

403 - Forbidden​

The TPP does not have the necessary permissions or the resource access is forbidden.

Common error codes:

  • CONSENT_UNKNOWN - The consent ID is unknown or invalid
  • CONSENT_EXPIRED - The consent has expired and can no longer be used
  • CONSENT_INVALID - The consent is invalid for this operation
  • SERVICE_BLOCKED - The TPP has been blocked from accessing this service
  • RESOURCE_UNKNOWN - The requested resource is unknown or does not exist
  • RESOURCE_EXPIRED - The requested resource has expired
  • PRODUCT_INVALID - The payment product is not supported by the ASPSP
  • PRODUCT_UNKNOWN - The addressed payment product is unknown
  • TOKEN_UNKNOWN - The OAuth2 token is unknown or invalid
  • TOKEN_INVALID - The OAuth2 token is invalid or has been revoked
  • TOKEN_EXPIRED - The OAuth2 token has expired
  • ACCESS_EXCEEDED - The number of accesses has exceeded the limit

Example response:

{
  
  "title": "Forbidden",
  "detail": "The consent ID is unknown or invalid",
  "code": "CONSENT_UNKNOWN"
}

404 - Not Found​

The requested resource could not be found.

Common error codes:

  • RESOURCE_UNKNOWN - The addressed resource is not found or does not exist
  • PRODUCT_UNKNOWN - The addressed payment product is not supported or unknown

Example response:

{
  
  "title": "Not Found",
  "detail": "The addressed resource is not found or does not exist",
  "code": "RESOURCE_UNKNOWN"
}

405 - Method Not Allowed​

The HTTP method used is not allowed for this endpoint.

Common error codes:

  • SERVICE_INVALID - The HTTP method is not supported for this service

Example response:

{
  
  "title": "Method Not Allowed",
  "detail": "The HTTP method is not supported for this service",
  "code": "SERVICE_INVALID"
}

406 - Not Acceptable​

The Accept header in the request is not supported. The API requires application/json.

Common error codes:

  • REQUESTED_FORMATS_INVALID - None of the requested formats are supported

Example response:

{
  
  "title": "Not Acceptable",
  "detail": "None of the requested formats are supported",
  "code": "REQUESTED_FORMATS_INVALID"
}

408 - Request Timeout​

The request took too long to process and timed out. This may occur if the PSU takes too long to authorize or if external systems are slow to respond.

Example response:

{
  
  "title": "Request Timeout",
  "detail": "The request took too long to process and timed out. This may occur if the PSU takes too long to authorize or if external systems are slow to respond."
}

409 - Conflict​

The request conflicts with the current state of the resource.

Common error codes:

  • STATUS_INVALID - The resource is in a status that does not allow this operation (e.g., trying to cancel an already executed payment)
  • CONSENT_CONFLICT - The consent request conflicts with an existing consent
  • ACCESS_EXCEEDED - The access has been attempted too many times

Example response:

{
  
  "title": "Conflict",
  "detail": "The resource is in a status that does not allow this operation (e.g., trying to cancel an already executed payment)",
  "code": "STATUS_INVALID"
}

415 - Unsupported Media Type​

The Content-Type header in the request is not supported. The API requires application/json.

Example response:

{
  
  "title": "Unsupported Media Type",
  "detail": "The Content-Type header in the request is not supported. The API requires `application/json`."
}

429 - Too Many Requests​

The TPP has exceeded the rate limit. Paysera Open Banking API applies the following rate limits:

10 requests per second - Maximum request rate 1000 requests per hour - Hourly quota 20 concurrent requests - Maximum parallel requests

Common error codes:

  • ACCESS_EXCEEDED - The TPP has sent too many requests in a given timeframe

Example response:

{
  
  "title": "Too Many Requests",
  "detail": "The TPP has sent too many requests in a given timeframe",
  "code": "ACCESS_EXCEEDED"
}

500 - Internal Server Error​

An unexpected error occurred on the server side. This indicates a problem with the ASPSP's system. Please try again later or contact Paysera support if the issue persists.

Example response:

{
  
  "title": "Internal Server Error",
  "detail": "An unexpected error occurred on the server side. This indicates a problem with the ASPSP's system. Please try again later or contact Paysera support if the issue persists."
}

503 - Service Unavailable​

The service is temporarily unavailable due to maintenance or overload. The request can be retried after a short delay. Check the Retry-After header if present.

Example response:

{
  
  "title": "Service Unavailable",
  "detail": "The service is temporarily unavailable due to maintenance or overload. The request can be retried after a short delay. Check the `Retry-After` header if present."
}

Example​

Request​

PUT https://open-banking-api.paysera.com/xs2a/georgia/0.8/v1/consents/{consentId}/authorisations/{authorisationId}
Content-Type: application/json
# Certificate authentication via mTLS, ext="body_hash=BODY_HASH"
{}

Response​

{
  "scatransactionStatus": "psuIdentified",
  "psuMessage": "Please use your BankApp for transaction Authorisation.",
  "_links": {
    "scaStatus": {
      "href": "/v1/payments/qwer3456tzui7890/authorisations/123auth456"
    }
  }

}

AUTHORIZATION: HTTP

REQUEST

Base URL
https://open-banking-api.paysera.com
Body REQUIRED
{}

RESPONSE

OK
{
  "scatransactionStatus": "psuIdentified",
  "psuMessage": "Please use your BankApp for transaction Authorisation.",
  "_links": {
    "scaStatus": {
      "href": "/v1/payments/qwer3456tzui7890/authorisations/123auth456"
    }
  }
}