AIS endpoints and errors

Here are our endpoints and errors which are specific to AIS (Account Information Service) APIs.

Below you can read about:

Domain URLs
Context path
Discovery endpoints
Error codes
OAuth2.0 redirection error mapping

Domain URLs

Below are our domain URLs to use for calls and redirects. Be sure to include the URL for the appropriate environment and purpose in each call.

Our domains are over MTLS. You should present your Open Banking signed certificate against these domains to validate the SSL handshake and check it is working as expected.

Environment
Domain
Environment Sandbox (Co-operative Bank)
Environment Production (Co-operative Bank)
Environment Production (smile)

Context path

Following a call to the Domain URL you can access the context path before the discovery endpoints.

AISP API CONTEXT PATH - /apis/retail/open-banking/v3.1/aisp/

Back to the top

Discovery endpoints

We provide all the AIS API endpoints which are in the OBL specifications:

AISP
Endpoints
AISP Account Access
Endpoints DELETE /account-access-consents/{ConsentId}
AISP Account Access
Endpoints GET /account-access-consents/{ConsentId}
AISP Account Access
Endpoints POST /account-access-consents
AISP Accounts
Endpoints GET /accounts/{AccountId}
AISP Accounts
Endpoints GET /accounts
AISP Transactions
Endpoints GET /accounts/{AccountId}/transactions
AISP Balances
Endpoints GET /accounts/{AccountId}/balances
AISP Direct Debit
Endpoints GET /accounts/{AccountId}/direct-debits
AISP Scheduled payment
Endpoints GET /accounts/{AccountId}/scheduled-payments
AISP Standing order
Endpoints GET /accounts/{AccountId}/standing-orders

Error codes

Below are our error codes and descriptions specific to AIS APIs, and what to do to correct them.

Scenario
Error response
TPP action
Scenario Consent expiration date should be a future date
Error response Status code: 400

Error code: UK.OBIE.Field.InvalidDate

Description: Consent expiration date should be a future date
TPP action Review the payload ensuring that the data is in line with the guidance given within API documentation.

Retry after making necessary changes.
Scenario Consent not found
Error response Status code: 400

Error code: UK.OBIE.Resource.NotFound

Description: Consent not found
TPP action TPP needs to verify the consentId then retry after making necessary changes.
Scenario Consent is not in Authorised
Error response Status code: 400

Error code: UK.OBIE.Resource.InvalidConsentStatus

Description: Consent not Authorised
TPP action TPP needs to verify the consent status then retry after making necessary changes.
Scenario Invalid Account - When consent doesn’t have the Account ID
Error response Status code: 400

Error code: UK.OBIE.Resource.NotFound

Description: Invalid AccountId
TPP action TPP needs to verify the AccountId then retry after making necessary changes.
Scenario Step up journey - Reauthentication
Error response Status code: 403

Error code: UK.OBIE.Reauthenticate

Description: Re-authentication is required
TPP action Take the PSU through the re-authentication journey using the existing consent.
Scenario Account type is credit card or savings account for scheduled payments, standing orders and direct debits
Error response Status code: 400

Error code: UK.OBIE.Resource.NotFound

Description: Account is not eligible for Direct debits, scheduled payments and standing orders
TPP action Review the payload ensuring that the data is in line with the guidance given within API documentation.

Retry after making necessary changes.
Scenario Transaction from date or to date exceeds today's date
Error response Status code: 400

Error code: UK.OBIE.Field.InvalidDate

Description: Transaction date range exceeds today's date
TPP action Review the payload ensuring that the data is in line with the guidance given within API documentation.

Retry after making necessary changes.
Scenario From date or to date exceeds 13 months from the current date
Error response Status code: 400

Error code: UK.OBIE.Field.InvalidDate

Description: Date range exceeds 13 months of transaction
TPP action Review the payload ensuring that the data is in line with the guidance given within API documentation.

Retry after making necessary changes.
Scenario From date is greater than the to date
Error response Status code: 400

Error code: UK.OBIE.Field.InvalidDate

Description: Invalid date range
TPP action Review the payload ensuring that the data is in line with the guidance given within API documentation.

Retry after making necessary changes.
Scenario TPP transaction date range is outside the consent transaction date range
Error response Status code: 400

Error code: UK.OBIE.Field.InvalidDate

Description: Date range exceeds consent Date range
TPP action Review the payload ensuring that the data is in line with the guidance given within API documentation.

Retry after making necessary changes.
Scenario Either fromDateTime or toDateTime exceeds consent Date range
Error response Status code: 400

Error code: UK.OBIE.Field.InvalidDate

Description: Either fromDateTime or toDateTime exceeds consent Date range
TPP action Review the payload ensuring that the data is in line with the guidance given within API documentation.

Retry after making necessary changes.
Scenario Unexpected Error
Error response Status code: 500

Error code: UK.OBIE.UnexpectedError

Description: Temporary System error, unknown temporary error
TPP action It might be an intermediate system error, TPP needs to send the request again.
Scenario Date format is not according to the OBIE spec
Error response Status code: 400
Error code: UK.OBIE.Field.InvalidDate
Description: /Data/Authorisation/CompletionDateTime [2013-09-29 18:46:19] is not a valid date-time. Expected [yyyy-MM-dd'T'HH:mm:ssZ, yyyy-MM-dd'T'HH:mm:ss.[0-9]{1,9}Z, yyyy-MM-dd'T'HH:mm:ss[+-]HH:mm, yyyy-MM-dd'T'HH:mm:ss.[0-9]{1,9}[+-]HH:mm]
TPP action Review the payload ensuring that the formatting of the data is in line with the guidance given within API documentation.

Retry after making necessary changes.
Scenario Mandatory field is missing according to the OB Spec
Error response Status code: 400

Error code: UK.OBIE.Field.Missing

Description: {Field} required key {Field} not found
TPP action Review the payload ensuring that the data is in line with the guidance given within API documentation.

OAuth2.0 redirection error mapping

These errors will cover any unhappy path system or user actions that result in the journey being exited without giving consent. In some of these scenario’s we will pass an error message back to the TPP. The error message may be different depending on the scenario and what will prompt which relevant error message needs to be used; and will relate to the scenario.

Error
Error description
Redirection URL
Summary
Error Account not found
Error description User account details supplied do not meet criteria
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=Account+not+found&error_description=User+account+details+supplied+do+not+meet+criteria
Summary Customer (PSU) has used the incorrect authentication details for 2FA Step Up (SCA) following a request for sensitive data sets (Transactions over 90 days / Scheduled Payments / Standing Orders / Direct Debits) and unable to supply consent
Error Authentication declined
Error description User declined authentication
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=Authentication+declined&error_description=User+declined+authentication
Summary Customer (PSU) has aborted consent/2FA Step Up (SCA) journey before authentication complete at Bank (ASPSP) by selecting 'Cancel and return' or session has timed out and automatically redirected back to TPP
Error Authentication failed
Error description User locked out of Online Banking
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=Authentication+failed&error_description=User+locked+out+of+Online+Banking
Summary Customers (PSU) Online credentials are locked so require resetting by bank (ASPSP) support team and are unable to authenticate for consent/2FA Step Up (SCA)
Error Authentication failed
Error description User needs to reset credentials
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=Authentication+failed&error_description=User+needs+to+reset+credentials
Summary Customers (PSU) Online credentials require reseting by bank (ASPSP) support team and are unable to authenticate for consent/2FA Step Up (SCA)
Error Consent declined
Error description User declined consent
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=Consent+declined&error_description=User+declined+consent
Summary Customer (PSU) has aborted consent journey after reviewing consent details supplied by selecting 'Cancel and return' or session has timed out and automatically redirected back to TPP
Error No eligible accounts
Error description User has no eligible accounts
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=No+eligible+accounts&error_description=User+has+no+eligible+accounts
Summary Customer (PSU) has no accounts eligible for Open Banking
Error Temporary System Error
Error description Unknown Temporary Error
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=Temporary+System+Error&error_description=Unknown+Temporary+Error+
Summary Bank (ASPSP) has had an internal system error and is unable to provide a response to consent/2FA Step Up (SCA) request, please try again later
Error User action caused error
Error description User refreshed the page during authentication
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=User+action+caused+error&error_description=User+refresh+page+during+authentication
Summary Customer (PSU) has aborted consent/2FA Step Up (SCA) journey before authentication complete at Bank (ASPSP) by selecting 'Browser Refresh' and has automatically redirected back to TPP
Error User action caused error
Error description User refreshed the page during consent
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=User+action+caused+error&error_description=User+refresh+page+during+consent
Summary Customer (PSU) has aborted consent journey after reviewing consent details supplied by selecting 'Browser Refresh' and has automatically redirected back to TPP
Error Not mobile registered user
Error description Mobile - user not registered
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=Not+mobile+registered+user&error_description=Mobile+-+user+not+registered
Summary The Customer (PSU) has the Bank (ASPSP) app on their device, but their device is not registered for Mobile Banking. Customer has decided to return to the TPP instead of going on to Online Banking to provide consent. Customer (PSU) needs to register their device before starting the journey again or instead continue to Online Banking to provide consent
Error Temporary system error
Error description App currently unavailable – user exited journey
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=Temporary+system+error&error_description=App+currently+unavailable+–+user+exited+journey
Summary The Bank (ASPSP) App is currently unavailable. Customer has decided to return to the TPP instead of going on to Online Banking to provide consent. Customer (PSU) can try again to see if it the App is available or instead continue to Online Banking to provide consent
Error Obsolete app version
Error description App update required
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=Obsolete+app+version&error_description=App+update+required
Summary Customer (PSU) needs to do a mandatory update of their version of the Bank (ASPSP) mobile app and customer has decided to return to the TPP instead of going on to Online Banking to provide consent. Customer (PSU) needs to update their Bank (ASPSP) app before starting the journey again or instead continue to Online Banking to provide consent
Error User action - exit
Error description User exited journey
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=User+action+-+exit&error_description=User+exited+journey
Summary Customer (PSU) has aborted consent journey before authentication complete at Bank (ASPSP) by selecting 'Cancel and return' on page which may indicate they need to reset their mobile app log in credentials
Error Authentication failed
Error description User unable to authenticate
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=Authentication+failed&error_description=User+unable+to+authenticate
Summary Customer (PSU) has failed authentication and is temporarily frozen-out of Mobile Banking. The customer will need to wait until the countdown has expired before they can try authentication again
Error request_unauthorized
Error description The request could not be authorized. The login request has expired. Please try again
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=request_unauthorized&error_description=The+request+could+not+be+authorized.The+login+request+has+expired.+Please+try+again
Summary The consent token has expired. Please allow the customer to start the journey again with a new consent token
Error request_unauthorized
Error description The request could not be authorized. The consent request has expired. Please try again
Redirection URL https://sandbox-bank.co-operativebanktest.co.uk/openbanking/coop/oauthRedirect?error=request_unauthorized&error_description=The+request+could+not+be+authorized.+The+consent+request+has+expired.+Please+try+again
Summary The consent token has expired. Please allow the customer to start the journey again with a new consent token
Error request_forbidden
Error description The request is not allowed. No CSRF value available in the session cookie
Redirection URL https://www.example.com?error=request_forbidden&error_description=The+request+is+not+allowed.+No+CSRF+value+available+in+the+session+cookie
Summary NA