Account linking
Bank account linking is a feature that allows clients to link their bank account to a mobile application or a website and pay for goods or services directly through their bank. In some countries, the account linking feature may not be available yet but you can always get in touch with us to double-check.
Bank account linking is the future | kevin.

1. Start authentication

Initiate user authentication by calling the /auth endpoint with the Request-Id, Redirect-URL and payments scope. Service will return an authorizationLink.
You need to specify the accounts_basic scope if you want to bypass the account selection step as well. Please keep in mind that account information scopes are not enabled by default.
PHP
cURL
The example below is written using kevin. PHP library. All other possible attributes and their explanations can be found in the official API documentation.
use Kevin\Client;
​
$clientId = 'my-client-id';
$clientSecret = 'my-client-secret';
$options = ['error' => 'array', 'version' => '0.3', 'lang' => 'en'];
​
$kevinClient = new Client($clientId, $clientSecret, $options);
​
$attr = [
'redirectPreferred' => 'false',
'scopes' => 'payments',
//...or 'scopes' => 'payments,accounts_basic',
'Request-Id' => 'your-guid',
'Redirect-URL' => 'https://redirect.kevin.eu/authorization.html'
];
​
$response = $kevinClient->auth()->authenticate($attr);
curl --request POST \
--url https://api.kevin.eu/platform/v0.3/auth?redirectPreferred=false&scopes=payments \
--header 'Client-Id: my-client-id' \
--header 'Client-Secret: my-client-secret' \
--header 'Request-Id: your-guid' \
--header 'Redirect-URL: https://redirect.kevin.eu/authorization.html'

2. Redirect user

From the authentication request above you will receive a authorizationLink. The authorization link can lead the user to kevin. frame page or bank environment. The link expires after 48 hours and cannot be reused.
{
"authorizationLink": "https://psd2.kevin.eu/login?state=123",
"state": 123
}
After the successful authorization, the client will be redirected back to your Redirect-URL with the code, requestId and status=success query parameters. If authorization does not succeed, you will receive a requestId and a status=failure.
Example: https://redirect.kevin.eu/authorization.html?requestId=your-guid&code=my-authorization-code&status=success

3. Exchange code for token

In order to receive a token, you must exchange your code by calling the /auth/token endpoint. A token can then be used to create payments and skip the login part.
PHP
cURL
The example below is written using kevin. PHP library. All other possible attributes and their explanations can be found in the official API documentation.
use Kevin\Client;
​
$clientId = 'my-client-id';
$clientSecret = 'my-client-secret';
$options = ['error' => 'array', 'version' => '0.3', 'lang' => 'en'];
​
$kevinClient = new Client($clientId, $clientSecret, $options);
​
$attr = ['code' => 'your-auth-code'];
// ...or $attr = 'your-auth-code';
​
$response = $kevinClient->auth()->receiveToken($attr);
curl --request POST \
--url https://api.kevin.eu/platform/v0.3/auth/token \
--header 'Client-Id: my-client-id' \
--header 'Client-Secret: my-client-secret' \
--header 'Content-Type: application/json' \
--data '{
"grantType": "authorizationCode",
"code": "my-authorization-code"
}'
When token expires, use your refresh token by calling the /auth/token endpoint to get a new valid token.
PHP
cURL
The example below is written using kevin. PHP library. All other possible attributes and their explanations can be found in the official API documentation.
use Kevin\Client;
​
$clientId = 'my-client-id';
$clientSecret = 'my-client-secret';
$options = ['error' => 'array', 'version' => '0.3', 'lang' => 'en'];
​
$kevinClient = new Client($clientId, $clientSecret, $options);
​
$attr = ['refreshToken' => 'your-refresh-token'];
// ...or $attr = 'your-refresh-token';
​
$response = $kevinClient->auth()->refreshToken($attr);
curl --request POST \
--url https://api.kevin.eu/platform/v0.3/auth/token \
--header 'Client-Id: my-client-id' \
--header 'Client-Secret: my-client-secret' \
--header 'Content-Type: application/json' \
--data '{
"grantType": "refreshToken",
"refreshToken": "my-refresh-code"
}'

4. Initiate payment

Initiate payment by calling the /pis/payment endpoint with an Authorization header. You will receive a confirmLink. An access token will allow you to skip the login part.
PHP
cURL
The example below is written using kevin. PHP library. All other possible attributes and their explanations can be found in the official API documentation.
use Kevin\Client;
​
$clientId = 'my-client-id';
$clientSecret = 'my-client-secret';
$options = ['error' => 'array', 'version' => '0.3', 'lang' => 'en'];
​
$kevinClient = new Client($clientId, $clientSecret, $options);
​
$attr = [
'Authorization' => 'your-bearer-token'
'Redirect-URL' => 'https://redirect.kevin.eu/payment.html',
'description' => 'Test',
'currencyCode' => 'EUR',
'amount' => '0.01',
'bankPaymentMethod' => [
'endToEndId' => '1',
'creditorName' => 'John Smith',
'creditorAccount' => [
'iban' => 'LT144010051005081586'
],
],
];
​
$response = $kevinClient->payment()->initPayment($attr);
curl --request POST \
--url https://api.kevin.eu/platform/v0.3/pis/payment \
--header 'Client-Id: my-client-id' \
--header 'Client-Secret: my-client-secret' \
--header 'Authorization: Bearer my-bearer-token' \
--header 'Content-Type: application/json' \
--header 'Redirect-URL: https://redirect.kevin.eu/payment.html' \
--data '{
"amount": "0.01",
"currencyCode": "EUR",
"description": "Test",
"bankPaymentMethod": {
"creditorName": "John Doe",
"endToEndId": "1",
"creditorAccount": {
"iban": "LT144010051005081586"
}
}
}'makef

Skip account selection part

If you want to skip the account selection part, you need to get the account list by calling the /ais/accounts endpoint with an access token and providing one of the bank accounts in the payment initiation request.
PHP
cURL
The example below is written using kevin. PHP library.
use Kevin\Client;
​
$clientId = 'my-client-id';
$clientSecret = 'my-client-secret';
$options = ['error' => 'array', 'version' => '0.3', 'lang' => 'en'];
​
$kevinClient = new Client($clientId, $clientSecret, $options);
​
$accessToken = 'your-bearer-token';
$attr = [
'Authorization' => $accessToken,
'PSU-IP-Address' => 'your-ip-address',
'PSU-User-Agent' => 'your-user-agent',
'PSU-IP-Port' => 'your-ip-port',
'PSU-Http-Method' => 'GET',
'PSU-Device-ID' => 'your-device-id',
];
​
$response = $kevinClient->account()->getAccountList($attr);
curl --request GET \
--url https://api.kevin.eu/platform/v0.3/ais/accounts \
--header 'Client-Id: my-client-id' \
--header 'Client-Secret: my-client-secret' \
--header 'Authorization: Bearer my-bearer-token' \
--header 'PSU-IP-Address: your-ip-address' \
--header 'PSU-User-Agent: your-user-agent' \
--header 'PSU-IP-Port: your-ip-port' \
--header 'PSU-Http-Method: GET' \
--header 'PSU-Device-ID: your-device-id'
If you want to get an account list, your token must have the accounts_basic scope. Account information scopes are note enabled by default. You can check your project settings to see whether you have access.
Copy link
On this page
1. Start authentication
2. Redirect user
3. Exchange code for token
4. Initiate payment
Skip account selection part