2019–03–08

Updates to AIS and PIS Authorisation Flows

🛎️ Added

API

Additional security introduced for the exchange of consents — Account and Payment Authorisation flows can return a one-time token (OTT) during the redirect instead of exposing the consent-token in the callback request

1. Account Auth Response has an optional field to receive one-time token (OTT) instead of consent-token
2. Payment Auth Response has an optional field to receive one-time token (OTT) instead of consent-token
3. TPP can retrieve consent-token by using OTT in the new consent endpoint

Visit the guide to learn how to use this feature.

✅ Updated

• Postman collection and API docs are updated to include these changes