OBAPI support APIs as well as UX for Payment Service User (PSU) consent capture for a request from a Third Party provider (TPP)

Prerequisite: TPP has registered with the ASPSP as a client to avail Berlin Standard Open Banking services.

AISP Flow:

1. During data request, TPP contacts ASPSP with their credentials
2. TPP also shares the list of accounts for which consent is needed
3. ASPSP then directly contacts PSU to acquire consent for sharing the data with the TPP
4. During this process, PSU sees the list of accounts that they have shared with TPP for consent capture
5. Once consent is given by the PSU to ASPSP, ASPSP generates an authorisation token and shares the same with the TPP
6. TPP uses this authorisation token and gets the access token from the ASPSP
7. TPP can use this access token to access customer’s data for the specified time

PISP Flow:

1. During payment initiation request, TPP contacts ASPSP with their credentials and payment details. The payment details include the PSU account number from which the payment needs to be initiated.
2. ASPSP then directly contacts PSU to acquire consent for allowing payment initiation from their accounts.
3. During this process, the PSU sees the payment details including their ASPSP account number that they have entered in the TPP end.
4. Once consent is given by the PSU to ASPSP, ASPSP generates an authorisation token and shares the same with the TPP
5. TPP uses this authorisation token and gets the access token from the ASPSP
6. TPP uses this access token to initiate the payment