2020-06-01
Nikulipe provides access to E-Money bank accounts of its Clients over the Open Banking API. This API is offered as part of PSD2 regulation.
TPPs can access the Nikulipe Open Banking API using a valid eIDAS QWAC certificate issued by a trusted QTSP.
TPPs, as defined in PSD2, are under supervision of the Financial Supervision Authority of the respective member state of the EU, which grants them rights and places requirements/obligations on them.
2020-06-01: Initial Version
Nikulipe’s Open Banking API makes use of standards defined in the Berlin Group’s Joint Initiative on a PSD2 Compliant XS2A Interface NextGenPSD2 XS2A Framework Operational Rules v1.3.
Nikulipe’s Open Banking API implements the following workflows defined in this document: - AIS (Account Information Service) Redirect SCA Approach - PIS (Payment Initiation Service) Redirect SCA Approach - FCS (Funds Confirmation Service) Redirect SCA Approach
Currently no decoupled methods are supported.
All endpoints are secured using TLS 1.2 or higher.
Access to production endpoints is secured using client certificates. Only valid QWAC certificates can be used (signed by a trusted QTSP).
The TPP must provide the public part of the QWAC used for accessing the Nikulipe Open Banking API to Nikulipe, which then will be associated with the TPP’s account in Nikulipe’s systems.
Payload transported over the Open Banking API must be signed by the TPP. Only signatures done with a QSEAL certificate issued by a trusted QTSP are eligible.
The public part of the QSEAL used by the TPP has to be provided to Nikulipe and will be associated with the TPP’s account in Nikulipe’s systems.
In addition, all requests must contain an access token.
Only POST requests are signed by the TPP in order to guarantee integrity of message bodies and prove the origin of the content.
Please reach out to oba@nikulipe.com in order to get access to the Sandbox/Test environment.
Nikulipe will provide you with:
The full OpenAPI specification can be found on the Nikulipe UAB PSD2 API.