πͺπΊ Berlin Group v1.3 - Read transaction list of an account
GET-BERLIN https://open-banking-api.paysera.com/xs2a/berlin/1.3/v1/accounts/\{account-id\}/transactions
Read transaction reports or transaction lists of a given account addressed by "account-id", depending on the steering parameter "bookingStatus" together with balances.
For a given account, additional parameters are e.g. the attributes "dateFrom" and "dateTo". The ASPSP might add balance information, if transaction lists without balances are not supported.
Authorizationβ
This endpoint requires mTLS (Mutual TLS) authentication using a valid QWAC certificate.
Requirements:
- Valid QWAC certificate issued by a qualified trust service provider (QTSP)
- Certificate must be registered with Paysera
- Certificate organization identifier must match your TPP registration in the EBA register
Example (cURL):
curl https://open-banking-api.paysera.com/xs2a/berlin/1.3/v1/endpoint \
--cert qwac-cert.pem \
--key qwac-key.pem \
-H "Content-Type: application/json" \
-H "X-Request-ID: $(uuidgen)"
For detailed authentication guide, see Authentication.
Parametersβ
Path Parametersβ
| Name | Type | Required | Description |
|---|---|---|---|
account-id | string | β | This identification is denoting the addressed (card) account. |
| The account-id is retrieved by using a "Read Account List" or "Read Card Account list" call. | |||
| The account-id is the "resourceId" attribute of the account structure. | |||
| Its value is constant at least throughout the lifecycle of a given consent. | |||
Query Parametersβ
| Name | Type | Required | Description |
|---|---|---|---|
dateFrom | string | Conditional: Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required | |
| and if bookingStatus does not equal "information". |
For booked transactions, the relevant date is the booking date.
For pending transactions, the relevant date is the entry date, which may not be transparent
neither in this API nor other channels of the ASPSP.
|
| dateTo | string | | End date (inclusive the data dateTo) of the transaction list, default is "now" if not given.
Might be ignored if a delta function is used.
For booked transactions, the relevant date is the booking date.
For pending transactions, the relevant date is the entry date, which may not be transparent
neither in this API nor other channels of the ASPSP.
|
| entryReferenceFrom | string | | This data attribute is indicating that the AISP is in favour to get all transactions after
the transaction with identification entryReferenceFrom alternatively to the above defined period.
This is a implementation of a delta access.
If this data element is contained, the entries "dateFrom" and "dateTo" might be ignored by the ASPSP
if a delta report is supported.
Optional if supported by API provider.
|
| bookingStatus | string | β | Permitted codes are
- "booked",
- "pending",
- "both",
- "information" and
- "all"
"booked" shall be supported by the ASPSP.
To support the "pending" and "both" feature is optional for the ASPSP,
Error code if not supported in the online banking frontend.
If supported, "both" means to request transaction reports of transaction of bookingStatus either "pending" or "booked".
To support the "information" feature is optional for the ASPSP. Currently the booking status βinformationβ only covers standing orders. Error code if not supported.
To support the "all" feature is optional for the ASPSP, Error code if not supported. If supported, "all" means to request transaction reports of transaction of any bookingStatus ("pending", "booked" or "information").
|
|
deltaList| boolean | | This data attribute is indicating that the AISP is in favour to get all transactions after the last report access for this PSU on the addressed account. This is another implementation of a delta access-report. This delta indicator might be rejected by the ASPSP if this function is not supported. Optional if supported by API provider | |withBalance| boolean | | If contained, this function reads the list of accessible payment accounts including the booking balance, if granted by the PSU in the related consent and available by the ASPSP. This parameter might be ignored by the ASPSP. |
Errorsβ
This endpoint may return the following errors:
400 - Bad Requestβ
The request could not be understood by the server due to malformed syntax or invalid parameters.
Common error codes:
FORMAT_ERROR- Invalid request format or syntaxPARAMETER_NOT_CONSISTENT- Request parameters are inconsistent with each otherPARAMETER_NOT_SUPPORTED- Request contains unsupported parametersSERVICE_INVALID- The addressed service is not valid for the addressed resourcesRESOURCE_UNKNOWN- The addressed resource is unknown relative to the TPPRESOURCE_EXPIRED- The addressed resource has expiredRESOURCE_BLOCKED- The addressed resource is blockedTIMESTAMP_INVALID- The provided timestamp is invalid or malformedPERIOD_INVALID- The provided time period is invalidSCA_METHOD_UNKNOWN- The requested SCA method is not supportedSCA_INVALID- The SCA authentication data is invalidCONSENT_UNKNOWN- The consent ID is unknown or invalidCONSENT_INVALID- The consent is invalid or cannot be usedPAYMENT_FAILED- The payment initiation has failedEXECUTION_DATE_INVALID- The execution date is invalid (e.g., in the past or too far in the future)REQUIRED_KYC_MISSING- Required KYC information is missingSESSIONS_NOT_SUPPORTED- Sessions are not supported by this ASPSPACCESS_EXCEEDED- The access frequency limit has been exceededREQUESTED_FORMATS_INVALID- The requested formats are not supportedBENEFICIARY_WHITELISTING_REQUIRED- This operation requires beneficiary whitelisting
Example response:
{
"title": "Bad Request",
"detail": "Invalid request format or syntax",
"code": "FORMAT_ERROR"
}
401 - Unauthorizedβ
Certificate authentication failed or is missing.
Common error codes:
CERTIFICATE_INVALID- The TPP certificate is not validCERTIFICATE_EXPIRED- The TPP certificate has expiredCERTIFICATE_BLOCKED- The TPP certificate has been blocked by the ASPSPCERTIFICATE_REVOKED- The TPP certificate has been revokedCERTIFICATE_MISSING- The TPP certificate is missing in the requestROLE_INVALID- The TPP certificate does not have the required role (PIS, AIS, PIIS, etc.)SIGNATURE_INVALID- The request signature is invalid or verification failedSIGNATURE_MISSING- The required signature is missing from the requestCORPORATE_ID_INVALID- The corporate ID in the certificate does not match the registrationPSU_CREDENTIALS_INVALID- The PSU credentials provided are invalidCONSENT_INVALID- The consent token is invalid or has been revoked
Example response:
{
"title": "Unauthorized",
"detail": "The TPP certificate is not valid",
"code": "CERTIFICATE_INVALID"
}
403 - Forbiddenβ
The TPP does not have the necessary permissions or the resource access is forbidden.
Common error codes:
CONSENT_UNKNOWN- The consent ID is unknown or invalidCONSENT_EXPIRED- The consent has expired and can no longer be usedCONSENT_INVALID- The consent is invalid for this operationSERVICE_BLOCKED- The TPP has been blocked from accessing this serviceRESOURCE_UNKNOWN- The requested resource is unknown or does not existRESOURCE_EXPIRED- The requested resource has expiredPRODUCT_INVALID- The payment product is not supported by the ASPSPPRODUCT_UNKNOWN- The addressed payment product is unknownTOKEN_UNKNOWN- The OAuth2 token is unknown or invalidTOKEN_INVALID- The OAuth2 token is invalid or has been revokedTOKEN_EXPIRED- The OAuth2 token has expiredACCESS_EXCEEDED- The number of accesses has exceeded the limit
Example response:
{
"title": "Forbidden",
"detail": "The consent ID is unknown or invalid",
"code": "CONSENT_UNKNOWN"
}
404 - Not Foundβ
The requested resource could not be found.
Common error codes:
RESOURCE_UNKNOWN- The addressed resource is not found or does not existPRODUCT_UNKNOWN- The addressed payment product is not supported or unknown
Example response:
{
"title": "Not Found",
"detail": "The addressed resource is not found or does not exist",
"code": "RESOURCE_UNKNOWN"
}
405 - Method Not Allowedβ
The HTTP method used is not allowed for this endpoint.
Common error codes:
SERVICE_INVALID- The HTTP method is not supported for this service
Example response:
{
"title": "Method Not Allowed",
"detail": "The HTTP method is not supported for this service",
"code": "SERVICE_INVALID"
}
406 - Not Acceptableβ
The Accept header in the request is not supported. The API requires application/json.
Common error codes:
REQUESTED_FORMATS_INVALID- None of the requested formats are supported
Example response:
{
"title": "Not Acceptable",
"detail": "None of the requested formats are supported",
"code": "REQUESTED_FORMATS_INVALID"
}
408 - Request Timeoutβ
The request took too long to process and timed out. This may occur if the PSU takes too long to authorize or if external systems are slow to respond.
Example response:
{
"title": "Request Timeout",
"detail": "The request took too long to process and timed out. This may occur if the PSU takes too long to authorize or if external systems are slow to respond."
}
409 - Conflictβ
The request conflicts with the current state of the resource.
Common error codes:
STATUS_INVALID- The resource is in a status that does not allow this operation (e.g., trying to cancel an already executed payment)CONSENT_CONFLICT- The consent request conflicts with an existing consentACCESS_EXCEEDED- The access has been attempted too many times
Example response:
{
"title": "Conflict",
"detail": "The resource is in a status that does not allow this operation (e.g., trying to cancel an already executed payment)",
"code": "STATUS_INVALID"
}
415 - Unsupported Media Typeβ
The Content-Type header in the request is not supported. The API requires application/json.
Example response:
{
"title": "Unsupported Media Type",
"detail": "The Content-Type header in the request is not supported. The API requires `application/json`."
}
429 - Too Many Requestsβ
The TPP has exceeded the rate limit. Paysera Open Banking API applies the following rate limits:
10 requests per second - Maximum request rate 1000 requests per hour - Hourly quota 20 concurrent requests - Maximum parallel requests
Common error codes:
ACCESS_EXCEEDED- The TPP has sent too many requests in a given timeframe
Example response:
{
"title": "Too Many Requests",
"detail": "The TPP has sent too many requests in a given timeframe",
"code": "ACCESS_EXCEEDED"
}
500 - Internal Server Errorβ
An unexpected error occurred on the server side. This indicates a problem with the ASPSP's system. Please try again later or contact Paysera support if the issue persists.
Example response:
{
"title": "Internal Server Error",
"detail": "An unexpected error occurred on the server side. This indicates a problem with the ASPSP's system. Please try again later or contact Paysera support if the issue persists."
}
503 - Service Unavailable��β
The service is temporarily unavailable due to maintenance or overload. The request can be retried after a short delay. Check the Retry-After header if present.
Example response:
{
"title": "Service Unavailable",
"detail": "The service is temporarily unavailable due to maintenance or overload. The request can be retried after a short delay. Check the `Retry-After` header if present."
}
Exampleβ
Requestβ
GET-BERLIN https://open-banking-api.paysera.com/xs2a/berlin/1.3/v1/accounts/\{account-id\}/transactions
# Certificate authentication via mTLS
Responseβ
{
"account": {
"iban": "DE2310010010123456788"
},
"transactions": {
"booked": [
{
"transactionId": "1234567",
"creditorName": "John Miles",
"creditorAccount": {
"iban": "DE67100100101306118605"
},
"transactionAmount": {
"currency": "EUR",
"amount": "256.67"
},
"bookingDate": "2017-10-25",
"valueDate": "2017-10-26",
"remittanceInformationUnstructured": "Example 1"
},
{
"transactionId": "1234568",
"debtorName": "Paul Simpson",
"debtorAccount": {
"iban": "NL76RABO0359400371"
},
"transactionAmount": {
"currency": "EUR",
"amount": "343.01"
},
"bookingDate": "2017-10-25",
"valueDate": "2017-10-26",
"remittanceInformationUnstructured": "Example 2"
}
],
"pending": [
{
"transactionId": "1234569",
"creditorName": "Claude Renault",
"creditorAccount": {
"iban": "FR7612345987650123456789014"
},
"transactionAmount": {
"currency": "EUR",
"amount": "-100.03"
},
"valueDate": "2017-10-26",
"remittanceInformationUnstructured": "Example 3"
}
],
"_links": {
"account": {
"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f"
}
}
}
}
AUTHORIZATION: HTTP
REQUEST
RESPONSE
{
"account": {
"iban": "DE2310010010123456788"
},
"transactions": {
"booked": [
{
"transactionId": "1234567",
"creditorName": "John Miles",
"creditorAccount": {
"iban": "DE67100100101306118605"
},
"transactionAmount": {
"currency": "EUR",
"amount": "256.67"
},
"bookingDate": "2017-10-25",
"valueDate": "2017-10-26",
"remittanceInformationUnstructured": "Example 1"
},
{
"transactionId": "1234568",
"debtorName": "Paul Simpson",
"debtorAccount": {
"iban": "NL76RABO0359400371"
},
"transactionAmount": {
"currency": "EUR",
"amount": "343.01"
},
"bookingDate": "2017-10-25",
"valueDate": "2017-10-26",
"remittanceInformationUnstructured": "Example 2"
}
],
"pending": [
{
"transactionId": "1234569",
"creditorName": "Claude Renault",
"creditorAccount": {
"iban": "FR7612345987650123456789014"
},
"transactionAmount": {
"currency": "EUR",
"amount": "-100.03"
},
"valueDate": "2017-10-26",
"remittanceInformationUnstructured": "Example 3"
}
],
"_links": {
"account": {
"href": "/psd2/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f"
}
}
}
}