Overview
Account Information Service (AIS) APIs allow third-party applications to access and aggregate bank account data, typically with the account holder's consent. These APIs are part of the open banking framework, which aims to increase competition, innovation, and transparency in the financial services industry.
Key features of AIS APIs include:
- User Consent - consent is a fundamental aspect of APIs. Before any data is shared, users must explicitly authorize third-party providers to access their account information. This ensures data privacy and security.
- Account Access - secure access to account information, such as account balances, transaction histories, and details of the account holder’s financial profile.
Abbreviations used in the documentation
- TPP - Third Party Providers
- AIS - Account Information Service
- ASPSP - Account Servicing Payment Service Provider
- PSU - Payment Service User
- SCA - Strong Customer Authentication
Get Access to AIS
These Steps will help you to initiate and authorize Consent and then get access to AIS
In order to get customer account(s), you need consent. To begin consent obtaining process, you need to:
- POST Create Consent - which will return consent ID (ConsentId) and urls to continue process (ScaOauth) and obtaining resources (self, status). ScaOauth url gives you our oauth server configuration address.
- GET Oauth Authorization Server - will return our metadata. there are our oauth/authorize endpoint; oauth/token endpoint. Take oauth/authorize endpoint to call.
- GET Oauth Authorize to get customer authorization url, GET method returns HTTP status 302 and it causes customer's automatic redirection to TBC Login Page. Customer will authenticat, then authorizes consent to share his/her accounts with you. You will get oauth authorization code (code) in redirectUri, which you have specified in the oauth/authorize request.
- Now you can retrieve or refresh access_token using POST Authorize or Refresh Token.
- Tokens are required to access accounts or card accounts services
Any call requires a JWS Signature, a JWS signature is a mechanism for electronically signing API requests and responses with a structure based on the JSON format.
Signed data must be passed in header x-jws-signature for all the requests
The signature must include the request body and the following headers: host, X-Request-ID, digest, content-type (optional), content-length (optional), Headers starting with the prefix "psu-"
More details on our JWS library on GitHub: Open Banking JWS Library
More details on JWS Signature standards can be found in the official file of the Georgian Banking Association