Direkt zum Inhalt

VP Bank Developer Portal

API Services & Documentation

Using VP Bank APIs help you to extend your services. Our supported set of API services let you use customer’s data who give their consents to do so.
Our API services are based on Berlin Group Access-to-Account (XSA2) specifications, version 1.2 and follow the required services covered by the PSD2 regulation. These services are currently supported for customers using our online services of our Luxembourg location. Further services might be extended in the future.

We support requests and responses in JavaScript Object Notation (JSON) format. For payment initiation instructions XML formats may be used as well. Data exposure handling is supported through RESTful services.

Services are supported for third-party providers using a qualified certificate for website authentication issued by a qualified trust service provider according eIDAS regulation. The content of the certificate has to be compliant with the requirements of the Regulatory Technical Standards of European Banking Authority.

Supported Payment Initiation services

The following service for third-party provider registered as Payment Initiation Service Provider (PISP) is supported:
POST a payment initiation request on behalf of a customer
GET the transaction status information of a previously initiated payment

 

VP Bank currently support single payment services with the following types:
SEPA credit transfers in JSON and pain.001 XML
Cross-border credit transfers in JSON and pain.001 XML

 

Supported Account Information services

The following service for third-party provider registered as Account Information Service Provider (AISP) is supported:
POST a customer permission request for account information
GET the status of the customer permission request
DELETE a given consent for account information
GET account details
GET account balances
GET transaction history of accounts
GET account list

 

Customer permission and authentication

Please note that VP Bank follows only the bank-offered consent principles. Customer permissions, i.e. consents, for the respective services are managed on the Bank’s online banking platform using Strong Customer Authentication (SCA) regulated by the respective Regulatory Technical Standards.

The supported method to perform a SCA is currently only via redirect. We will follow an implicit authorization flow and deliver a redirect URL in the response message. Further authentication methods including OAuth2 might be added in the future.

API Definitions and Sandbox

The Swagger API specifications of our supported services can be found in the restricted area after you have requested a login. We do provide as well a sandbox environment for testing purposes.

PSD2 Statistics

Click here to access our quarterly published PSD2 statistics.

Contact

Need some help on our API services? Did you find a bug? Get in touch with our team!
Kontaktformular 
Anrede
Land