To carry out a payment cancellation with the XS2A APIs, it is necessary for the TPP to ask for a payment cancellation to the ASPSP. To validate the cancellation, you will have to perform an OAuth2 authorization which will provide you a time-limited access token. This access token is mandatory to access the payment status afterwards.
Asks for payment cancellation at the ASPSP for a given payment (giving id, service and product). Specificities for this API and available services and products are listed in the dedicated HowTo.
Creates an authorisation sub-resource of the payment resource for its cancellation and start the authorisation process.
Requests an authorization from a PSU following the OAuth2 protocol. Details of the authentication workflow and user interfaces are described in the dedicated HowTo section.
Our specificities regarding the OAuth2 protocol are listed below.
response_type : code
code_challenge_method : S256
After successful authorization, the user will be redirected to the redirect URI provided in the request with the following parameters :
Requests an access token using the authorization code retrieved from the PSU authorization. This Access Token can be refreshed. The duration of access token is 5 minutes, and the duration of refresh token is 20 minutes.
For specific BerlinGroup Implementation on the Payment Initiation Service, please refer to HOWTO N°8