Skip to main content

Get specific sandbox card account

Only for managing sandbox data, not part of the production API. Get a single card account created using POST /v1/sandbox/card-accounts.

Path Parameters
    mockCardAccountId string required
Header Parameters
    Accept string

    Advertises which content types, expressed as MIME types, the client is able to understand. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the Content-Type response header.

    Example: application/json
    Accept-Charset string

    Advertises which character set the client is able to understand. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice within the Content-Type response header.

    Example: utf-8
    Accept-Encoding string

    Advertises which content encoding, usually a compression algorithm, the client is able to understand. Using content negotiation, the server selects one of the proposals, uses it and informs the client of its choice with the Content-Encoding response header.

    Example: deflate, gzip;q=1.0, *;q=0.5
    Accept-Language string

    Advertises which natural languages the client is able to understand, and which locale variant is preferred. Using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the Content-Language response header.

    Example: en-US,en;q=0.7,nb;q=0.3
    Host string

    The domain name of the server (for virtual hosting), and (optionally) the TCP port number on which the server is listening.

    Example: openbanking.okq8bank.se
    X-Request-ID string required

    Request identifier, unique to the call, as determined by the TPP.

    Example: 4eba4445-1a4b-47b8-bdd5-4e56ef026b19
    TPP-Signature-Certificate string required

    The certificate used for signing the request in base64 encoding.

    Example: MIFFTzCCAzegAkIBAgMJANnQVDLqktJUMA0GCS....8WLZOX3YxNoH4k==
    Signature string required

    HTTP Message Signature as specified by https://tools.ietf.org/html/draft-cavage-http-signatures-10 with requirements imposed by Berlin Group's NextGenPSD2 Framework.

    • keyId must be formatted as keyId="SN=XXX,CA=YYY" where XXX is the serial number of the signing certificate in hexadecimal encoding and YYY is the full Distinguished Name of the Certificate Authority having certificate
    • algorithm must identify the same algorithm for the signature as presented in the signing certificate and should be rsa-sha256
    • headers must contain date, digest, x-request-id, psu-id, psu-corporate-id, and tpp-redirect-uri when available
    • signature must be computed as Base64(RSA-SHA256(signingString))

    If any values in the signature header is ISO-8859-1 or UTF-8 encoded you need to URL encode the signature header according to RFC 2047 which means MIME encoding the signature.

    Also the signature must be wrapped using this format: =?charset?encoding?encoded signature?=

    Example of this encoding: =?utf-8?B?a2V5QTQsQ0E9Mi41LjQuOTc9IzB........jMTM1MDUzNDQ0ZTRmMmQ0NjUz?=

    Java example of how to implement encoding:

    if (charset.equals(StandardCharsets.UTF_8)) {
      signature = String.format("=?utf-8?B?%s?=", Base64.getEncoder().encodeToString(signature.getBytes(StandardCharsets.UTF_8)));
    }
    Example: keyId="SN=6AEB4444FBAAD267,CA=O=PSDNO-FSA-ABCA,L=Trondheim,C=NO", algorithm="rsa-sha256", headers="date x-request-id tpp-redirect-uri psu-id", signature="***************"
Responses
Schema
    cardAccount object required
    resourceId string required
    maskedPan string required
    currency string required
    creditLimit object required
    currency string required
    amount int32 required
    balances object[] required
  • Array [
    • balanceAmount object required
    currency string required
    amount int32 required
    balanceType string required

    Possible values: [closingBooked, expected]

  • ]
    • cardId string required
    cardIdVNo string required
    accountNumber string required
    expiry string required
    name string required
    product string required
    status string required

    Possible values: [enabled, deleted, blocked]

    _links object required
    self object required
    href string required
    verbs string[] required
    transactions object required
    href string required
    verbs string[] required
Loading...