OneLinQ Simplified AIS API flow | API Developer Portal

OneLinQ Simplified AIS

API Name	API Endpoint	API Description
Account Access Consent	POST /account-access-consents	Creates an account access consent request, after which PSU approval needs to be taken on it using OAuth flow.
Account Access Consent Redirect	GET /account-access-consents/redirect	Returns redirect url for Account Access Consent.
Account access consents details	GET /account-access-consents/{ConsentId}	Returns details of a specific Consent.
Account access consents revoke	DELETE /account-access-consents/{ConsentId}	Delete specific consent.
Account Bulk	GET /accounts/summary	Returns list of accounts with the details.
Account Specific	GET /accounts/{AccountId}/summary	Returns details of a specific account.
Balance Bulk	GET /accounts/balances	Returns balance details of all the accounts.
Balance Specific	GET /accounts/{AccountId}/balances	Returns balance details of a specific account.
Transactions Bulk	GET /accounts/transactions	Returns list of transactions of all the accounts.
Transactions Specific	GET /accounts/{AccountId}/transactions	Returns list of transactions of a specific account.
Beneficiaries	GET /accounts/beneficiaries	Returns the list of the beneficiaries.
Beneficiaries specific	GET /accounts/{AccountId}/beneficiaries	Returns the list of the account specific beneficiaries.

If GET /bank returns AisConsentType as IMPLICIT then implicit flow will be applicable.

Fintech/TPP will redirect PSU to simplified ‘/authorize’ URL with Fintech/TPP Redirect URL, Client Id, State, UserId for authentication,bank_name and authorization of PSU.
PSU will get redirected to simplified authorize URL through browser.
Simplified will redirect PSU to ASPSP authorize URL through browser.
ASPSP will redirect PSU to login page for authentication.
PSU has to authenticate with his credentials on ASPSP’s login page.
Once authenticated, ASPSP will ask to allow access for authorization.
PSU will allow access.
ASPSP will return auth code (B) & state on the callback URL of simplified.
Simplified will return auth code (P) & state on the callback URL of Fintech/TPP.

Fintech/TPP will call the ‘/token’ API of simplified with auth code (P) received on callback.
Simplified will call PSD2 IO and return the access token to Fintech/TPP.

Fintech/TPP will call get ‘accounts/summary’ API using the access token received.
Simplified will give the response to Fintech/TPP.
Fintech/TPP will show the response to PSU on Fintech/TPP UI.

If GET /bank returns AisConsentType as EXPLICIT then explicit flow will be applicable:.

PSU will request to fetch accounts from ASPSP.
Depends on destination bank, Fintech/TPP has to do a pre-step authorization_code (A.C.) / client_credentials (C.C.) access token Oauth.

Fintech/TPP will send the account access consent request with A.C / C.C. access token to Simplified.
Simplified will call PSD2 IO and return response containing ConsentId, Redirect SCA approach to Fintech/TPP.

Fintech/TPP will redirect PSU to ‘/redirect’ URL with Client Id, ConsentId to authenticate the ConsentId from PSU.
PSU will get redirected to Simplified redirect URL through browser.
PSD2 IO will redirect PSU to ASPSP redirect URL through browser.
ASPSP will redirect PSU to login page for authentication.
PSU has to authenticate with his credentials on ASPSP’s login page.
Once authenticated, ASPSP will ask to allow access for authorization.
PSU will allow access.
ASPSP will return success along with ConsentId on the success URL of simplified.
Simplified will return success along with ConsentId on the success URL of Fintech/TPP.

Fintech/TPP will call get ‘/accounts/summary’ API using the access token and ConsentId received.
Simplified will give the response to Fintech/TPP.
Fintech/TPP will show the response to PSU on Fintech/TPP UI.