Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In both cases the TPP will agree with the User that the details appear to correlate with the intended Payee before invoking any Confirmation of Payee operation. The requested account details must included either the IBAN or the domestic account number and bank code.

1.2 Step 2: Discover LFI that holds the Payee account

...

The TPP MUST create a request payload that contains the IBAN or the bank code for the Payee account, signed and encoded as a JSON Web Signature (JWS) for purposes of non-repudiation. The Content-type header field will be set to application/jwt to indicate that request is a JWS.

The TPP MUST call the Discover operation to retrieve the correct OFP Authorization Server and Resource Server URLs for the LFI that holds the account. The request body must include the IBAN or the bank code for the payee account.

The OFP MUST resolve the IBAN or bank code sent by the TPP to the correct OFP Authorization Server and Resource URLs for the LFI that holds the payee account. The Authorization Server and Resource Server URLs will be used to create the response body, which will be signed and encoded as a JWS for purposes of non-repudiation.

...

The TPP MUST create a request payload that contains the IBAN or the domestic account number for the Payee account and the account name as understood by the User, signed and encoded as a JSON Web Signature (JWS) for purposes of non-repudiation. The Content-type header field will be set to application/jwt to indicate that request is a JWS.

...

The OFP MUST return a 200 OK together with the response body containing the account name match indicator. If the value of the matched indicator is UAEOF.ConfirmationOfPayee.No, the response will also contain the name that was on the account, which will be masked. The Content-type header field will be set to application/jwt to indicate that response is a JWS.

...

Code Block
POST /open-finance/confirmation-of-payee/v1/discovery HTTP/1.1
Host: rs1.openfinanceplatform.ae
Content-Type: application/jwt
Accept: application/jwt
x-fapi-interaction-id: 8b92e2c6-e0b6-4bc2-92e7-dae085a8141c
Authorization: Bearer 54234c74-8ab7-4633-bc3d-ce050695751c
{
  "alg": "PS256",
  "kid": "44310147-3249-40cf-a85f-d197a29f9b1b"
}
.
{
  "iss": "string",
  "exp": 0.5,
  "nbf": 0.5,
  "aud": [
    "string"
  ],
  "iat": 0.5,
  "message": {
    "Data": {
      "IdentificationTypeSchemeName": "UAEOF.IBAN",
      "Identification": "AE070331234567890123456"
    }
  }
}
.
<<signature>>

...

Code Block
POST /open-finance/confirmation-of-payee/v1/confirmation HTTP/1.1
Host: lfi1.openfinanceplatform.ae
Content-Type: application/jwt
Accept: application/jwt
x-fapi-interaction-id: 1a1f0c67-1120-4b4b-abf3-7f5cd5979189
Authorization: Bearer 77c38589-a158-4eda-8b9f-279dc98d1635
{
  "alg": "PS256",
  "kid": "44310147-3249-40cf-a85f-d197a29f9b1b"
}
.
{
  "iss": "string",
  "exp": 0.5,
  "nbf": 0.5,
  "aud": [
    "string"
  ],
  "iat": 0.5,
  "message": {
    "Data": {
      "IdentificationTypeSchemeName": "UAEOF.IBAN",
      "Identification": "AE070331234567890123456",
      "Name": {
        "GivenName": "Mohammed",
        "FamilyName": "Al-Nakheel"
      }
    }
  }
}
.
<<signature>>

...

Code Block
HTTP/1.1 200 OK
Content-Type: application/jwt
{
  "alg": "PS256",
  "kid": "29b362fc-c46c-460e-98b5-2a8af073e6aa"
}
.
{
  "iss": "string",
  "exp": 0.5,
  "nbf": 0.5,
  "aud": [
    "string"
  ],
  "iat": 0.5,
  "message": {
    "Data": {
      "AccountNameMatchIndicator": "UAEOF.ConfirmationOfPayee.Yes"
    }
  }
}
.
<<signature>>

...