Linked-account payment

Bank account linking is a feature that allows clients to link their bank account to a mobile application or a website and pay for goods or services directly through their bank. In some countries, the account linking feature may not be available yet but you can always get in touch with us to double-check.

1. Start authentication

Initiate user authentication by calling the /auth endpoint with the Request-Id, Redirect-URL and payments scope. Service will return an authorizationLink.

You need to specify the accounts_basic scope if you want to bypass the account selection step as well. Please keep in mind that account information scopes are not enabled by default.

The example below is written using kevin. PHP library. All other possible attributes and their explanations can be found in the API documentation.

use Kevin\Client;

$clientId = 'my-client-id';
$clientSecret = 'my-client-secret';
$options = ['error' => 'array', 'version' => '0.3', 'lang' => 'en'];

$kevinClient = new Client($clientId, $clientSecret, $options);

$attr = [
    'redirectPreferred' => 'false',
    'scopes' => 'payments',
    //...or 'scopes' => 'payments,accounts_basic',
    'Request-Id' => 'your-guid',
    'Redirect-URL' => 'https://redirect.kevin.eu/authorization.html'
];

$response = $kevinClient->auth()->authenticate($attr);

2. Redirect user

From the authentication request above you will receive a authorizationLink. The authorization link can lead the user to kevin. frame page or bank environment. The link expires after 48 hours and cannot be reused.

{
    "authorizationLink": "https://psd2.kevin.eu/login?state=123",
    "state": 123
}

After the successful authorization, the client will be redirected back to your Redirect-URL with the code, requestId and status=success query parameters. If authorization does not succeed, you will receive a requestId and a status=failure.

Example: https://redirect.kevin.eu/authorization.html?requestId=your-guid&code=my-authorization-code&status=success

3. Exchange code for token

In order to receive a token, you must exchange your code by calling the /auth/token endpoint. A token can then be used to create payments and skip the login part.

The example below is written using kevin. PHP library. All other possible attributes and their explanations can be found in the API documentation.

use Kevin\Client;

$clientId = 'my-client-id';
$clientSecret = 'my-client-secret';
$options = ['error' => 'array', 'version' => '0.3', 'lang' => 'en'];

$kevinClient = new Client($clientId, $clientSecret, $options);

$attr = ['code' => 'your-auth-code'];
// ...or $attr = 'your-auth-code';

$response = $kevinClient->auth()->receiveToken($attr);

When token expires, use your refresh token by calling the /auth/token endpoint to get a new valid token.

The example below is written using kevin. PHP library. All other possible attributes and their explanations can be found in the API documentation.

use Kevin\Client;

$clientId = 'my-client-id';
$clientSecret = 'my-client-secret';
$options = ['error' => 'array', 'version' => '0.3', 'lang' => 'en'];

$kevinClient = new Client($clientId, $clientSecret, $options);

$attr = ['refreshToken' => 'your-refresh-token'];
// ...or $attr = 'your-refresh-token';

$response = $kevinClient->auth()->refreshToken($attr);

4. Initiate payment

Initiate payment by calling the /pis/payment endpoint with an Authorization header. You will receive a confirmLink. An access token will allow you to skip the login part.

The example below is written using kevin. PHP library. All other possible attributes and their explanations can be found in the API documentation.

use Kevin\Client;

$clientId = 'my-client-id';
$clientSecret = 'my-client-secret';
$options = ['error' => 'array', 'version' => '0.3', 'lang' => 'en'];

$kevinClient = new Client($clientId, $clientSecret, $options);

$attr = [
    'Authorization' => 'your-bearer-token'
    'Redirect-URL' => 'https://redirect.kevin.eu/payment.html',
    'description' => 'Test',
    'currencyCode' => 'EUR',
    'amount' => '0.01',
    'bankPaymentMethod' => [
        'endToEndId' => '1',
        'creditorName' => 'John Smith',
        'creditorAccount' => [
            'iban' => 'LT144010051005081586'
        ],
    ],
];

$response = $kevinClient->payment()->initPayment($attr);

Skip account selection part

If you want to skip the account selection part, you need to get the account list by calling the /ais/accounts endpoint with an access token and providing one of the bank accounts in the payment initiation request.

The example below is written using kevin. PHP library.

use Kevin\Client;

$clientId = 'my-client-id';
$clientSecret = 'my-client-secret';
$options = ['error' => 'array', 'version' => '0.3', 'lang' => 'en'];

$kevinClient = new Client($clientId, $clientSecret, $options);

$accessToken = 'your-bearer-token';
$attr = [
    'Authorization' => $accessToken,
    'PSU-IP-Address' => 'your-ip-address',
    'PSU-User-Agent' => 'your-user-agent',
    'PSU-IP-Port' => 'your-ip-port',
    'PSU-Http-Method' => 'GET',
    'PSU-Device-ID' => 'your-device-id',
];

$response = $kevinClient->account()->getAccountList($attr);

If you want to get an account list, your token must have the accounts_basic scope. Account information scopes are not enabled by default. You can check your project settings to see whether you have access.

Last updated