Sign-Up in portal

To start utilizing our APIs, first you need to sign-up by clicking “Sign-up” button. Once it is done, you need to active your account by following the link in the received email. After that your account become active and you can sign in.

Subscribing to a product

Every API call must be authenticated with ocp-apim-subscription-key header. It can be acquired as follows:

1. Click on the “Products” button

2. Choose unlimited product

3. Input a name for your subscription (it should contain the data which can easily identify your company)

4. Once you created a subscription, it needs to be activated by our administrators. Please get in touch with us so we can activate it

5. As soon as it is activated, the state will become active. Now you are ready to obtain the authentication keys

Authentication

INDEXO Open Banking supports decoupled authentication with an implicit authentication start. This process is initiated once consent or payment creation has been performed.

When you create consent or payment, the system responds with a Challenge. This Challenge should be displayed to the user in a confirmation window. It's essential that this Challenge is presented to the user for verification purposes

{

  "challengeData": {

    "data": [

      77974

    ]

  }

}

PSU Identification

Given that our system operates with a decoupled authentication method, it's necessary to include the PSU-ID in the consent or payment creation requests. For identification, we use a personal code as the PSU-ID, formatted as XXXXXX-XXXXX

Payment initiation flow

1.      InitiatePayment. Here we create a payment, send it to the INDEXO mobile application which returns a challenge code. In the same step customer approves a payment and it becomes authorised.

2.      GetPaymentAuthorisationScaStatus. This API to be invoked until the authorisation status becomes "finalised" or "failed". Authorisation status gets updated when a customer approves a payment in the previous step.

3.      GetPaymentStatus. Here we retrieve the final payment status.

Payment initiation response interpretation

1.      Challege code to be taken from challengeData -> data (single value in the array)

2.      To check the SCA status you should use the URL provided in a response: _links -> scaStatus (authorizationId highlighted with a red color)

3.      To obtain the payments status you should use the URL provided in a response: _links -> status

{

  "transactionStatus": "RCVD",

  "paymentId": "9496ddda-321e-43df-bd03-1efd0fb00343",

  "challengeData": {

    "data": [

      77974

    ]

  },

  "_links": {

    "authorisationsIDs": {

      "href": "v1/payments/sepa-credit-transfers/9496ddda-321e-43df-bd03-1efd0fb00343/authorisations"

    },

    "scaStatus": {

      "href": "v1/payments/sepa-credit-transfers/9496ddda-321e-43df-bd03-1efd0fb00343/authorisations/c5e91012-26fb-471a-875a-25219cb082fd"

    },

    "status": {

      "href": "v1/payments/sepa-credit-transfers/9496ddda-321e-43df-bd03-1efd0fb00343/status"

    },

    "details": {

      "href": "v1/payments/sepa-credit-transfers/9496ddda-321e-43df-bd03-1efd0fb00343"

    },

    "self": {

      "href": "v1/payments/sepa-credit-transfers"

    }

  }

}

Consent resource creation flow

1.      CreateConsentResource. Here we create a consent resource, send it to the INDEXO mobile application which returns a challenge code. In the same step customer approves a consent request and it becomes valid and authorised.

2.      GetAuthorisationScaStatus. This API to be invoked until the authorisation status becomes "finalised" or "failed". Authorisation status gets updated when a customer approves a consent in the previous step

3.      GetConsentStatus. Here we retrieve the consent status.

4.      GetAvailableAccounts. Here we retrieve the list of available accounts

Consent creation response interpretation

1.      Challege code to be taken from challengeData -> data (single value in the array)

2.      To check the SCA status you should use the URL provided in a response: _links -> scaStatus (authorizationId highlighted with a red color)

3.      To obtain the consent status you should use the URL provided in a response: _links -> status

{

  "consentStatus": "valid",

  "consentId": "9e9d2307-658b-42c4-a949-193989e3e3e5",

  "challengeData": {

    "data": [

      "36851"

    ]

  },

  "_links": {

    "authorisationsIDs": {

      "href": "v1/consents/9e9d2307-658b-42c4-a949-193989e3e3e5/authorisations"

    },

    "scaStatus": {

      "href": "v1/consents/9e9d2307-658b-42c4-a949-193989e3e3e5/authorisations/ff2c103f-e752-458d-86bf-f4c989dd0e51"

    },

    "status": {

      "href": "v1/consents/9e9d2307-658b-42c4-a949-193989e3e3e5/status"

    },

    "resourceDeletion": {

      "href": "v1/consents/9e9d2307-658b-42c4-a949-193989e3e3e5"

    },

    "self": {

      "href": "v1/consents/9e9d2307-658b-42c4-a949-193989e3e3e5"

    }

  }

}

Start experimenting with Sandbox

Sandbox allows you to test our APIs before going live. There are few things you need to know before you start:

1.      Sandbox mode works with mock data so you will not be able to access real customers data (integrations are also omitted)

2.      Payment and Consent authorization status becomes “finalised” by default

3.      Consent status becomes “valid” by default

4.      PSU-ID header should always be “SANDBOX_INDICATOR_1”

5.      ocp-apim-subscription-key header is mandatory (described in Subscribing to a product section)

6.      It requires a special certificate to be inputted

7.      Challenge code is always “123456”

8.      debtorAccount iban is mandatory (because it cannot be identified by entered personal code)

9.      Consent resource and linked balance & transaction data is created at the same time (randomly)

10. URL is the same as for production environment: https://apis.indexo.lv/

11. It will not work until you complete the Onboarding process

Samples

POST consents

URL: https://apis.indexo.lv/external/openbanking/api/v1/consents

HEADERS:

Ocp-Apim-Subscription-Key: 92044548c565426baecd52442f027fd1

X-Request-ID: f4c5c3a6-315b-4ad7-8672-4eafc50887f3

PSU-IP-Address: 83.99.204.49

PSU-ID: SANDBOX_INDICATOR_1

Content-Type: application/json

x-clientcert: MIIG5DCCBMygAwIBAgIUGsVIuXEO1TYNehhqwn0Ap6hCcXQwDQYJKoZIhvcNAQELBQAwgZsxCzAJBgNVBAYTAkxWMQ8wDQYDVQQIDAZMYXR2aWExDTALBgNVBAcMBFJpZ2ExGzAZBgNVBAoMEk9CSU1fQ0VSVF9ST0xFX0FMTDEbMBkGA1UECwwST0JJTV9DRVJUX1JPTEVfQUxMMRswGQYDVQQDDBJPQklNX0NFUlRfUk9MRV9BTEwxFTATBgNVBGEMDFRQUC1ST0xFLUFMTDAeFw0yNDA5MjYwODUyMjdaFw0zNDA5MjQwODUyMjdaMIGbMQswCQYDVQQGEwJMVjEPMA0GA1UECAwGTGF0dmlhMQ0wCwYDVQQHDARSaWdhMRswGQYDVQQKDBJPQklNX0NFUlRfUk9MRV9BTEwxGzAZBgNVBAsMEk9CSU1fQ0VSVF9ST0xFX0FMTDEbMBkGA1UEAwwST0JJTV9DRVJUX1JPTEVfQUxMMRUwEwYDVQRhDAxUUFAtUk9MRS1BTEwwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDHvxIDQwxpG6fhJk4FQj7M96dCaqXeztwiay6S8A+EPdn9o5oysYAx87giPa2ypNBey5g5zL+/TmuDqU875YgfGxdIARqYv3iaPE3noQ6qudKR1WtjhZi5AIz2AVoRdeRJ2cnJzX5sEsFJ2+gg9pCwLxWUDs0ZM0aBBGyRSlAVZo0TkTQr1OnQ+D/hEvIg4z9hN5Zx1ZJ0+6xviFbZ4sMIU4RQvVXJEUTilxjHqNRp1iq+IreiX2owgaFW+IaG3F6xtGO+kcNGdUtjL1DYfhf/3agiy8pQGs+fCTuKpaT6WN73lFB1qaf21F+QPJOqvkWe8Q2iQJUTHrtKO6K8wsZ7yxuHmEM6+4XJJsASfZqivqWlDTThUCs5kK4mQhhnT3zBEACJMl+v/cMtWjO0va8XDzhzgNzO8jP5AXm4fQWga+T+o1F4Im4jQ670MsyKNiNK6Ls/VES00stqyaQ8k/XHdX2izWE8bRONd2OAauJ3kflxkUsYoCqnMAQzKEE/A0N13MZvTr7EPHDSat0iJlChQTPwY5Hnuy2xE1Tvgvd1mymC8u7kL0cx7nbCMdmxdAI26LCI46qkqMxh+ttUrDtbheg07R7L4qal+xt5UamPqcbJydcnndDfROPdmPs+v0u4wJAJItaVxMW85OjATfr+HbMv+e8uNh6V7nTAdlOJgwIDAQABo4IBHDCCARgwggEGBggrBgEFBQcBAwSB+TCB9jAIBgYEAI5GAQEwOAYGBACORgEFMC4wLBYhaHR0cHM6Ly9leGFtcGxlLm9yZy9wa2lkaXNjbG9zdXJlEwdleGFtcGxlMIGIBgYEAIGYJwIwfjBMMBEGBwQAgZgnAQMMBlBTUF9BSTARBgcEAIGYJwEBDAZQU1BfQVMwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwlRHVtbXkgRmluYW5jaWFsIFN1cGVydmlzaW9uIEF1dGhvcml0eQwHWFgtREZTQTAlBgYEAI5GAQYwGwYHBACORgEGAQYHBACORgEGAgYHBACORgEGAzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBlh+Ux7MDGjzWm32O+vDOnNbb8TQkooIWshg0K86JcpttwsAN3NDAl36Hwy+i1GG4MszVav3lFn/l6PIzBQuv2Ykcetkl/A83rGiA0jxQL/sfGRAv8r8cv0CMfNTogxb1Z4e5ouUKL+1h1XPmQfBdsFwyoepS4Byy2h5GJHp/VfgsFoe7FVZsRQ421XWL/bYjUyCUVfJYwESrzVULa8r2gGwLiwmS+znr04kmcCLPzwK8MSP7Rt1fHb6mbfpivklqvDtezet2SHnjBYaPUprk5QhFkJ4unr5T+M3Teqr4V4HJUjcT+IqtyTRhSq9POZ6lkrrmTRnWf7u59yTvm4VVQ0wov0d0sdBorFU20lOlTVRyTi4lZ048ioqqLTaOl6MvHxKG+gHuUY+xG7AMujaSVPzUcprXO/AyJ6JvGGlBaf5OXo7D+R8X5qe9wZGbdGUFt1q0gvWb1WtLF/humzkGcM0G3aNT9N3a7HI89HX90BN2VvPeu1cxIz/Kpfh/Ji221PG5fiM/skLyugFzMf2EhxCBNiLDkls1IIhISK0yUUDif7w4N0gRdxOpEYChRClQQP7sdCgXYxTocjnNkXXTP8Jya2OtvJh8qb6zpcNgu9YuVb5ngs8nxcaFfcm177BHu23m9fHYGfYjvREmWW3CixBNGVuWrcITDLOlo6a6TXQ==

BODY:

{

  "access": {

      "accounts": [{

          "iban": "LV11INDX1681306232593"

      }],

      "balances": [{

          "iban": "LV11INDX1681306232593"

      }],

      "transactions": [{

          "iban": "LV11INDX1681306232593"

      }]

  },

  "recurringIndicator": true,

  "validUntil": "2023-12-31T00:00:00Z",

  "frequencyPerDay": 0

}

RESPONSE:

{

  "consentStatus": "valid",

  "consentId": "a7532aa1-f237-4b17-85c1-588e4fe1a695",

  "challengeData": {

    "data": [

      "123456"

    ]

  },

  "_links": {

    "authorisationsIDs": {

      "href": "v1/consents/a7532aa1-f237-4b17-85c1-588e4fe1a695/authorisations"

    },

    "scaStatus": {

      "href": "v1/consents/a7532aa1-f237-4b17-85c1-588e4fe1a695/authorisations/ba099f85-9970-4863-9c27-0cc148ffdbe8"

    },

    "status": {

      "href": "v1/consents/a7532aa1-f237-4b17-85c1-588e4fe1a695/status"

    },

    "resourceDeletion": {

      "href": "v1/consents/a7532aa1-f237-4b17-85c1-588e4fe1a695"

    },

    "self": {

      "href": "v1/consents/a7532aa1-f237-4b17-85c1-588e4fe1a695"

    }

  }

}

POST payments/sepa-credit-transfers

URL: https://apis.indexo.lv/external/openbanking/api/v1/payments/sepa-credit-transfers

HEADERS:

Ocp-Apim-Subscription-Key: 92044548c565426baecd52442f027fd1

X-Request-ID: 8692cb48-80fa-44f4-8461-4c53a8757bc9

PSU-IP-Address: 83.99.204.49

PSU-ID: SANDBOX_INDICATOR_1

Content-Type: application/json

x-clientcert: MIIG5DCCBMygAwIBAgIUGsVIuXEO1TYNehhqwn0Ap6hCcXQwDQYJKoZIhvcNAQELBQAwgZsxCzAJBgNVBAYTAkxWMQ8wDQYDVQQIDAZMYXR2aWExDTALBgNVBAcMBFJpZ2ExGzAZBgNVBAoMEk9CSU1fQ0VSVF9ST0xFX0FMTDEbMBkGA1UECwwST0JJTV9DRVJUX1JPTEVfQUxMMRswGQYDVQQDDBJPQklNX0NFUlRfUk9MRV9BTEwxFTATBgNVBGEMDFRQUC1ST0xFLUFMTDAeFw0yNDA5MjYwODUyMjdaFw0zNDA5MjQwODUyMjdaMIGbMQswCQYDVQQGEwJMVjEPMA0GA1UECAwGTGF0dmlhMQ0wCwYDVQQHDARSaWdhMRswGQYDVQQKDBJPQklNX0NFUlRfUk9MRV9BTEwxGzAZBgNVBAsMEk9CSU1fQ0VSVF9ST0xFX0FMTDEbMBkGA1UEAwwST0JJTV9DRVJUX1JPTEVfQUxMMRUwEwYDVQRhDAxUUFAtUk9MRS1BTEwwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDHvxIDQwxpG6fhJk4FQj7M96dCaqXeztwiay6S8A+EPdn9o5oysYAx87giPa2ypNBey5g5zL+/TmuDqU875YgfGxdIARqYv3iaPE3noQ6qudKR1WtjhZi5AIz2AVoRdeRJ2cnJzX5sEsFJ2+gg9pCwLxWUDs0ZM0aBBGyRSlAVZo0TkTQr1OnQ+D/hEvIg4z9hN5Zx1ZJ0+6xviFbZ4sMIU4RQvVXJEUTilxjHqNRp1iq+IreiX2owgaFW+IaG3F6xtGO+kcNGdUtjL1DYfhf/3agiy8pQGs+fCTuKpaT6WN73lFB1qaf21F+QPJOqvkWe8Q2iQJUTHrtKO6K8wsZ7yxuHmEM6+4XJJsASfZqivqWlDTThUCs5kK4mQhhnT3zBEACJMl+v/cMtWjO0va8XDzhzgNzO8jP5AXm4fQWga+T+o1F4Im4jQ670MsyKNiNK6Ls/VES00stqyaQ8k/XHdX2izWE8bRONd2OAauJ3kflxkUsYoCqnMAQzKEE/A0N13MZvTr7EPHDSat0iJlChQTPwY5Hnuy2xE1Tvgvd1mymC8u7kL0cx7nbCMdmxdAI26LCI46qkqMxh+ttUrDtbheg07R7L4qal+xt5UamPqcbJydcnndDfROPdmPs+v0u4wJAJItaVxMW85OjATfr+HbMv+e8uNh6V7nTAdlOJgwIDAQABo4IBHDCCARgwggEGBggrBgEFBQcBAwSB+TCB9jAIBgYEAI5GAQEwOAYGBACORgEFMC4wLBYhaHR0cHM6Ly9leGFtcGxlLm9yZy9wa2lkaXNjbG9zdXJlEwdleGFtcGxlMIGIBgYEAIGYJwIwfjBMMBEGBwQAgZgnAQMMBlBTUF9BSTARBgcEAIGYJwEBDAZQU1BfQVMwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwlRHVtbXkgRmluYW5jaWFsIFN1cGVydmlzaW9uIEF1dGhvcml0eQwHWFgtREZTQTAlBgYEAI5GAQYwGwYHBACORgEGAQYHBACORgEGAgYHBACORgEGAzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBlh+Ux7MDGjzWm32O+vDOnNbb8TQkooIWshg0K86JcpttwsAN3NDAl36Hwy+i1GG4MszVav3lFn/l6PIzBQuv2Ykcetkl/A83rGiA0jxQL/sfGRAv8r8cv0CMfNTogxb1Z4e5ouUKL+1h1XPmQfBdsFwyoepS4Byy2h5GJHp/VfgsFoe7FVZsRQ421XWL/bYjUyCUVfJYwESrzVULa8r2gGwLiwmS+znr04kmcCLPzwK8MSP7Rt1fHb6mbfpivklqvDtezet2SHnjBYaPUprk5QhFkJ4unr5T+M3Teqr4V4HJUjcT+IqtyTRhSq9POZ6lkrrmTRnWf7u59yTvm4VVQ0wov0d0sdBorFU20lOlTVRyTi4lZ048ioqqLTaOl6MvHxKG+gHuUY+xG7AMujaSVPzUcprXO/AyJ6JvGGlBaf5OXo7D+R8X5qe9wZGbdGUFt1q0gvWb1WtLF/humzkGcM0G3aNT9N3a7HI89HX90BN2VvPeu1cxIz/Kpfh/Ji221PG5fiM/skLyugFzMf2EhxCBNiLDkls1IIhISK0yUUDif7w4N0gRdxOpEYChRClQQP7sdCgXYxTocjnNkXXTP8Jya2OtvJh8qb6zpcNgu9YuVb5ngs8nxcaFfcm177BHu23m9fHYGfYjvREmWW3CixBNGVuWrcITDLOlo6a6TXQ==

BODY:

{

    "creditorName": "James Bond",

    "remittanceInformationUnstructured": "Ref number merchant",

    "debtorAccount": {

        "iban": "LV62IDXO1001010002370"

    },

    "creditorAccount": {

        "iban": "LV26IDXO1001010000787"

    },

    "instructedAmount": {

        "currency": "EUR",

        "amount": 100

    }

}

RESPONSE:

{

  "transactionStatus": "RCVD",

  "paymentId": "2a32ab8f-dbdb-4056-a2e7-6c361718c861",

  "challengeData": {

    "data": [

      "123456"

    ]

  },

  "_links": {

    "authorisationsIDs": {

      "href": "v1/payments/sepa-credit-transfers/2a32ab8f-dbdb-4056-a2e7-6c361718c861/authorisations"

    },

    "scaStatus": {

      "href": "v1/payments/sepa-credit-transfers/2a32ab8f-dbdb-4056-a2e7-6c361718c861/authorisations/c85b0d9d-e66e-473d-8360-9a9d275753ec"

    },

    "status": {

      "href": "v1/payments/sepa-credit-transfers/2a32ab8f-dbdb-4056-a2e7-6c361718c861/status"

    },

    "details": {

      "href": "v1/payments/sepa-credit-transfers/2a32ab8f-dbdb-4056-a2e7-6c361718c861"

    },

    "self": {

      "href": "v1/payments/sepa-credit-transfers"

    }

  }

}

Onboarding

To gain access to our production environment, you need to complete the onboarding process. This involves filling out the onboarding form and providing your Qualified Website Authentication Certificate (QWAC). Once you've submitted the form and your QWAC, we will reach you out to finalize the process.

Your QWAC certificate must contain TPP ID in the extension 2.5.4.97 and TPP role depending on the particular oid presence in the extension 1.3.6.1.5.5.7.1.3:

0.4.0.19495.1.1 = PSP_AS

0.4.0.19495.1.2 = PSP_PI

0.4.0.19495.1.3 = PSP_AI

Instruction:

1. Click on the “Onboarding” button

2. Fill in the form as shown in the example below

3. After you click “Submit”, the following pop-up window will be shown (if all data was inputted correctly). Then click “send” and our administrators will receive your onboarding request. If other window was shown, please contact our support team

4. After we receive your onboarding request, our specialists will configure your access. It takes up to 1 business day

Go-Live

When you are successfully onboarded, you can start utilizing our production environment. Here are few things you need to know before:

1. Every API call must be authenticated with your QWAC certificate. Input it into “x-clientcert” header

2. ocp-apim-subscription-key header is mandatory (described in Subscribing to a product section)

3. URL is https://apis.indexo.lv/

4. debtorAccount is optional (we will find the applicable current account based on the inputted PSU-ID value). Example below:

{

    "creditorName": "James Bond",

    "remittanceInformationUnstructured": "Ref number merchant",

    "creditorAccount": {

        "iban": "LV26IDXO1001010000787"

    },

    "instructedAmount": {

        "currency": "EUR",

        "amount": 100

    }

}

5. In Consent creation API call you do not need to specify accounts, they will be fetched automatically based on the PSU-ID you inputted. Example below:

{

  "access": {

      "accounts": [],

      "balances": [],

      "transactions": []

  },

  "recurringIndicator": true,

  "validUntil": "2023-12-31T00:00:00Z",

  "frequencyPerDay": 0

}