Flow description

Step 1: Initiate Payment

  1. At first, you have to obtain a valid access token to initiate a payment. You are able to do that by doing POST /auth/oauth/v2/token request with client credentials grant type and with PREMIUM_PIS scope. 
  2. Your application connects to the bank that services user’s payment account and creates a new payments resource. This informs the bank that one of its clients intends to make a payment. The bank responds with an identifier for the resource (paymentId – which is the intent identifier) and authorizationId – identifier of resource for authorization process and link scaRedirect.
  3. This step is carried out by making one of the POST payments requests, e.g. https://api.tatrabanka.sk/premium/production/v1/{payment-service}/{payment-product} request to the payments resource.

After successfull initiation, the payment goes to ACTC state, Authorization is in state received

Step 2: Authorize Payment Consent

  1. You should redirect the client to the bank by making a GET /auth/oauth/v2/authorize request.

Please note: Into the scaRedirect link its necessary to add PKCEs attributes and redirectUri:

  • State
  • Code_challenge
  • Code_challenge_method
  • Redirect_uri
  1. The redirect includes the scope in format PREMIUM_PIS: {authorizationId}. This allows the bank to correlate the payment that was initiated. The bank authenticates the client and updates the state of the payments resource internally to indicate that the payment has been authorized.
  2. The bank client is redirected back to you.
  3. You are now able to obtain a valid access token to submit an authorized payment. You are able to do that by doing POST /auth/oauth/v2/token request with authorization code grant type and with payments scope. Once you obtained a valid access token to initiate authorized payment, you may proceed to step 3.

After successful authorization process, authorization resource state is set to unconfirmed

Step 3: Submit Initiated Payment

  1. Once the bank client is redirected to you, you create a payment-submissions resource to indicate that the payment created in the steps above should be submitted for processing.
  2. This is carried out by making a PUT https://api.tatrabanka.sk/premium/production/v1/{payment-service}/{payment-product}{paymentId}/authorizations/{authorizationId} request to the payment-submissions resource.
  1. The bank returns the payment submission status to you.

Step 4: Get Payment Status

  1. You can check the status of the initiated payment (with the paymentId).
  2. This is carried out by making a GET https://api.tatrabanka.sk/premium/production/v1/{payment-service}/{payment-product}{paymentId}/status request to the initiated payments resource.