9 posts / 0 new
Last post
Team Tanda
Payment apis
Hi, I am Mario from Tanda app Team. we are facing an issue when calling account-requests  { "ErrorResponseCode": "401", "ErrorDescription": "Missing/Invalid Access Token" } using this body: { "Data": { "Permissions": [ "ReadAccountsDetail", "ReadBalances", "ReadBeneficiariesDetail", "ReadDirectDebits", "ReadProducts", "ReadStandingOrdersDetail", "ReadTransactionsCredits", "ReadTransactionsDebits", "ReadTransactionsDetail" ], "ExpirationDateTime": "2025-08-02T00:00:00-00:00", "TransactionFromDateTime": "2012-05-03T00:00:00-00:00", "TransactionToDateTime": "2025-05-08T00:00:00-00:00" }, "Risk": { } } and this token: zH3Sp8WKzX8rMoa70FBtGZPSGlOv   we are facing another issue when calling payments { "ErrorResponseCode": "403", "ErrorDescription": "Invalid Scope" } using this body: { "Data": { "Initiation": { "InstructionIdentification": "ACME412", "EndToEndIdentification": "FRESCO.21302.GFX.20", "InstructedAmount": { "Amount": "165.88", "Currency": "JOD" }, "CreditorAccount": { "SchemeName": "SortCodeAccountNumber", "Identification": "08080021325698", "Name": "ACME Inc", "SecondaryIdentification": "0002" }, "RemittanceInformation": { "Reference": "FRESCO-101", "Unstructured": "Internal ops code 5120101" } } }, "Risk": { "PaymentContextCode": "EcommerceGoods", "MerchantCategoryCode": "5967", "MerchantCustomerIdentification": "053598653254", "DeliveryAddress": { "AddressLine": [ "Flat 7", "Acacia Lodge" ], "StreetName": "Acacia Avenue", "BuildingNumber": "27", "PostCode": "GU31 2ZZ", "TownName": "Sparsholt", "CountySubDivision": [ "Wessex" ], "Country": "JO  } } } and this token: fBu33lVG2yAYgY4ANI0CrvGxEzFT   Please advice thanks regards

ramezsw
Pament apis

Hi Mario,

Thanks for reaching out. First of all your app is only subscribed to the Payment APIs product, you can view your details in the "My Apps" section and edit/add products accordingly.

 

However, the issues you are facing are not related to product subscription, I will address each issue separately below:

- The invalid scope error is generated because the scope tied to the Access Token is not set correctly; the scope parameter is added in the /token request, it can be "accounts", "payments", so for payments please make sure to include the scope "payment".

- Your payload structure is correct, however, are you sending the REQUIRED header parameters as shown in the API documentation here? most importantly, the Authorization header and the x-jws-signature. The Authorization header should contain the keyword "Bearer " followed by your Access token from the previous /token request", the example is shown in the API doc.

Regarding the x-jws-signature, it is a header parameter containing the JSON web token (JWT) of your payload, you can use jwt.io to sign your payload with your public/private key pair for testing the API, and once it is working you can write your custom code to sign the payload as JWT.

The purpose of x-jws-signature is to ensure that the payload you are sending does not get modified or tampered with in any way while its being sent.

Note: every POST request will contain a JWT of the payload. after you succesfully call the payment initiation or account request API, you will need to call the /authorize request, which will essentially result in a redirect to Arab Bank's login page where the users can log in their AB accounts and consent. This /authorize request contains a "request" query param that is also a JWT. 

Hopefully I have answered to your questions, and in case new questions arise, please feel free to ask us :)

Happy coding,

Ramez Sweiss

 


Team Tanda
Payment apis
Hi, Ramez Thanks for your support. all things works fine now but I am facing new issue with "authorize" that redirect to your login page it's ​ redirect to your page and gives me "Unexpected token in object literal". and some times it returns invalid state PS. I am using a random string generator for the state value after using 99999 and return invalid state here an example for my request:- "https://tapi.arabbank.com/sandbox/oauth/v1/authorize?client_id=7Lee8S3gqXIOkUkvjjY4PAgpARtBFY04&redirect_uri=http://165.227.120.37/api/v1/arabBankLoginCallBack&nonce=987654321&scope=openid accounts&response_type=code id_token&state=JPx0DkCy0S1551043653&x-idempotency-key=987654321&request=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiI3TGVlOFMzZ3FYSU9rVWt2ampZNFBBZ3BBUnRCRlkwNCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY2xpZW50X2lkIjoiN0xlZThTM2dxWElPa1VrdmpqWTRQQWdwQVJ0QkZZMDQiLCJyZWRpcmVjdF91cmkiOiJodHRwOlwvXC8xNjUuMjI3LjEyMC4zN1wvYXBpXC92MVwvYXJhYkJhbmtMb2dpbkNhbGxCYWNrIiwic2NvcGUiOiJvcGVuaWQgYWNjb3VudHMiLCJzdGF0ZSI6IkpQeDBEa0N5MFMxNTUxMDQzNjUzIiwibm9uY2UiOiI5ODc2NTQzMjEiLCJ4LWlkZW1wb3RlbmN5LWtleSI6Ijk4NzY1NDMyMSIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJvcGVuYmFua2luZ19pbnRlbnRfaWQiOnsidmFsdWUiOiJ1cm46YXJhYmJhbms6aW50ZW50OmFjY291bnRzOmJlNWRiNGNjLWZhMzQtNGRlZS05MDE1LTgyYTA0YjY1ZTYyOSIsImVzc2VudGlhbCI6dHJ1ZX0sImFjciI6eyJlc3NlbnRpYWwiOnRydWV9fX19.CLKvqUM-y3TcD5zT2kNGyTxYN6qui0BdrvWUeSoWVf4QPhG9kGGHGnwuYRUcF1PEp_b6jojH88TjFvNDJZbZrQ5aKypMFNXNKlVG3_Z7Nk21R31wlzA9QyHJyd-6hbChz9iNXJCdLE6bHOnb6zBtdrilq--ev1t9RtR1B6IDKk4AIo601pM8iueneP5hbrTkh874sR7w5oHUsabCMd39wo5HH18tllFBu-OI8QVPUxbAzgUOnQMK_rZNz4lKu1ix1f-06WGj5Utk5jIb317gPG75N_PFmAo49G5eMB_vhuIRZh-Bcb5iXVSGSDgET4Pd8j-3ZrSxaEIxi9xZ4X_-_A" Please advice Ramez  thank you  regards Tanda App Team  

Team Tanda
Payment apis
Hi, Ramez   Thanks for your Support  I am facing an issue with "Authorize" api it returns "Unexpected token in object literal" some times it returns invalid status (I am using string random generator) this is Example of request " https://tapi.arabbank.com/sandbox/oauth/v1/authorize?client_id=7Lee8S3gqXIOkUkvjjY4PAgpARtBFY04&redirect_uri=http://165.227.120.37/api/v1/arabBankLoginCallBack&nonce=987654321&scope=openid accounts&response_type=code id_token&state=oP046botTs1550956042&x-idempotency-key=987654321&request=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiI3TGVlOFMzZ3FYSU9rVWt2ampZNFBBZ3BBUnRCRlkwNCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY2xpZW50X2lkIjoiN0xlZThTM2dxWElPa1VrdmpqWTRQQWdwQVJ0QkZZMDQiLCJyZWRpcmVjdF91cmkiOiJodHRwOlwvXC8xNjUuMjI3LjEyMC4zN1wvYXBpXC92MVwvYXJhYkJhbmtMb2dpbkNhbGxCYWNrIiwic2NvcGUiOiJvcGVuaWQgYWNjb3VudHMiLCJzdGF0ZSI6Im9QMDQ2Ym90VHMxNTUwOTU2MDQyIiwibm9uY2UiOiI5ODc2NTQzMjEiLCJ4LWlkZW1wb3RlbmN5LWtleSI6Ijk4NzY1NDMyMSIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJvcGVuYmFua2luZ19pbnRlbnRfaWQiOnsidmFsdWUiOiJ1cm46YXJhYmJhbms6aW50ZW50OmFjY291bnRzOjE3MGNiZjA1LTlkNzItNGNjMi1iMWRhLTg0ZDE2NDEzMTZmOSIsImVzc2VudGlhbCI6dHJ1ZX0sImFjciI6eyJlc3NlbnRpYWwiOnRydWV9fX19.Jyttpf8TzdBUvCfQ5xrfibjhkqrDQKAnhwukEskHLlsHY2Ouwy8C4XlniU_OKTOSoP6ydWyc3tjAlYKlsSW3vcWUTZmR09XPcMSuIvwjA3OxhlgWIDyeIjRv1MvBPpCXyJEpRza2YhIheI8snyajEbWbruFghh4gAJRGLb63jgAVx9ZFyO_tBJGKN2hehiVPdSO4a8-z7RfQAdVwNhciqN1reMyLk6gdiD9u5_-5m41qdTYJAaDw6vcfji3qAGFunwG4_EsDvxQB3vP-AvlD3x15NepNbA1_uLZDjDT-UMwZFBz6o4OrpLSJwsp85cD96R1ociUSeECdubkz1CYfcw" Please advice   Regards  

ramezsw
Authorize API request

Hello!

You are nearing the end of the API flow! you just need to login the arab bank page and retrieve the "code" parameter!

Nothing seems to be wrong with your request, as long as you provide a valid JWT in the "request" param, with fields matching the other query params exactly, you should be fine. Make sure to copy the "AccountRequestID" retrieved from the previous API call and attach it to the "claims" intent_id value.

I have tried to replicate your issue, using the exact same request params you provide, there was no issues and I completed the flow with login and consent etc... Also make sure that the "nonce" and "state" are unique for every request, and they are reflected in your "request" JWT accordingly.

Maybe the error you are getting is from client side? Did you calling the API through the portal before implementing it in code?

Regards,

Ramez


Team Tanda
Payment apis
Hi, Ramez I am Mario From Tanda App Team. Thanks for your support, I appreciate it  I am Sorry for bothering you. I am still getting the same error. yes, I used the portal before implementing the code and both are giving the same result kindly find this LINK I am getting this response in both codes and the portal please advise regards 

ramezsw
Good afternoon Mario,

Good afternoon Mario,

 

Again, I have tried to replicate your issue with the same request you provided, the only thing I have changed is the public/private key pair (I have used our own test key/pair).

I was unable to replicate the issue and the flow was completed succesfully (both from the portal and Postman). Your payload shown in your post above is fine - noting that some variables need to be different for every request (nonce and state, and the requestID), and you have to retrieve a new Access Token for every retry.

A couple of suggestions worth trying, maybe it will fix your problem:

- Make sure the "request" JWT is VALID and signed correctly using RS256, as the error returned is due to a problem with JSON parsing.

- Try to call the /authorize redirect using a different broswer than chrome. (shouldn't be the problem, but doesn't hurt to try)

 

I hope I was able to narrow down the reason for your issue, please update me here once you try the above.

 

Regards,

Ramez

 


Team Tanda
Payment apis
Hi, Ramez  I am Mario Tanda App team  we still facing the same issue I mentioned earlier   here is my request for every step 1- https://tapi.arabbank.com/sandbox/oauth/v1/token Body parameters are: client_id=Consumer Key&redirect_uri=http://165.227.120.37/api/v1/arabBankLoginCallBack/&grant_type=client_credentials&scope=accounts&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiI3TGVlOFMzZ3FYSU9rVWt2ampZNFBBZ3BBUnRCRlkwNCJ9.ZWRyfN278onBw9AdtedMXv18KtxhcUBhjNf58TvBiG2QpMtzvoAjADhLSU8St3KLTrc7XGFCUTPyZxK1NF7fFzm9urAyyvJkuiJ_nt7LPsCI3q-MmseDL6nM0CNidu1cOcIhZP5KESbXZkdyHWQwaD8pQvvhBUkF8eJjJmYVZc9FEZZySMd5FuP8a7Hr-do9eTvgCk0lrjTxNYL5izdq8loPVYTFgfhUuBQ9YDeCoUld2ddUrFPBtj3z9E0TQzVCSg-_ILmVkW4fhwXeTqIIvvuVKInK-zR_EKivmZHAnq2_xcmpHlU3FG12-HYABDThFrTw8DChnIMuRV9ZE3hm8A client_assertion is: {"iss":"Consumer Key​"} Hashed using RS256 algorithem, JWT, puplic key and private key response : {#336 +"access_token": "NC4RDMGsDgrECx1MqQIz7JtHYT4F" +"token_type": "Bearer" +"expires_in": 3599 }   2- https://tapi.arabbank.com/sandbox/open-banking/account/v1/account-requests Header Paramters are: {"x-fapi-financial-id":"123456","Authorization":"Bearer 6NSNBX3x9tSEzirKmhiNkqPgIOFA","x-jws-signature":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJEYXRhIjp7IlBlcm1pc3Npb25zIjpbIlJlYWRBY2NvdW50c0RldGFpbCIsIlJlYWRCYWxhbmNlcyIsIlJlYWRCZW5lZmljaWFyaWVzRGV0YWlsIiwiUmVhZERpcmVjdERlYml0cyIsIlJlYWRQcm9kdWN0cyIsIlJlYWRTdGFuZGluZ09yZGVyc0RldGFpbCIsIlJlYWRUcmFuc2FjdGlvbnNDcmVkaXRzIiwiUmVhZFRyYW5zYWN0aW9uc0RlYml0cyIsIlJlYWRUcmFuc2FjdGlvbnNEZXRhaWwiXSwiRXhwaXJhdGlvbkRhdGVUaW1lIjoiMjAyNS0wOC0wMlQwMDowMDowMC0wMDowMCIsIlRyYW5zYWN0aW9uRnJvbURhdGVUaW1lIjoiMjAxMi0wNS0wM1QwMDowMDowMC0wMDowMCIsIlRyYW5zYWN0aW9uVG9EYXRlVGltZSI6IjIwMjUtMDUtMDhUMDA6MDA6MDAtMDA6MDAifSwiUmlzayI6e319.qmw5hVK46KFo08vaoVxyQ5gZlyiYYT_G4dU_iUI7JCBEy2IDICkz0uQe1d6ngdK3hU-ti_YtyMxxK5A3W8-fpLXmn9HT82ky5UhomLbpyFph2c_8WnfQzKgQX-lNFR6X51nDElKzKLmFz0TMK0ihq_Xs2UIYUjwh6v91iTtXkjQw8AdkyufC7uTljhJJ6P_ZZ97vRZs0xpHUofZfwUrYm7-TeC8uUeGPssWkJjovlQCkH0UbcvDjqqyHrVYB_zOSPP_YJQmxMfYyHBiYV7ilZoQ3twj1nJr6NXSh0dMTdYepX6a46wb1IAUX7UPJNtVxGC8G2lTIvIpm4sUyrf7m5g","Content-Type":"application/json"} Request Body:- {"Data":{"Permissions":["ReadAccountsDetail","ReadBalances","ReadBeneficiariesDetail","ReadDirectDebits","ReadProducts","ReadStandingOrdersDetail","ReadTransactionsCredits","ReadTransactionsDebits","ReadTransactionsDetail"],"ExpirationDateTime":"2025-08-02T00:00:00-00:00","TransactionFromDateTime":"2012-05-03T00:00:00-00:00","TransactionToDateTime":"2025-05-08T00:00:00-00:00"},"Risk":{}} response :   {#338 +"Data": {#337 +"AccountRequestId": "35036441-7dbe-4f43-96ba-322b32f065ef" +"Status": "AwaitingAuthentication" +"CreationDateTime": "2019-03-08T13:22:29.000Z" +"Permissions": array:9 [ 0 => "ReadAccountsDetail" 1 => "ReadBalances" 2 => "ReadBeneficiariesDetail" 3 => "ReadDirectDebits" 4 => "ReadProducts" 5 => "ReadStandingOrdersDetail" 6 => "ReadTransactionsCredits" 7 => "ReadTransactionsDebits" 8 => "ReadTransactionsDetail" ] +"ExpirationDateTime": "2025-08-02T00:00:00.000Z" +"TransactionFromDateTime": "2012-05-03T00:00:00.000Z" +"TransactionToDateTime": "2025-05-08T00:00:00.000Z" } +"Risk": {#335} +"Links": {#336 +"self": "/account-requests/35036441-7dbe-4f43-96ba-322b32f065ef" } +"Meta": {#339} }   3- https://developer.arabbank.com/oauth-apis/apis/get/authorize   Query Parameter client_id=7Lee8S3gqXIOkUkvjjY4PAgpARtBFY04&redirect_uri=http://165.227.120.37/api/v1/arabBankLoginCallBack/&nonce=951552051567&scope=openid accounts&response_type=code id_token&state=951552051567&x-idempotency-key=951552051567&request=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiI3TGVlOFMzZ3FYSU9rVWt2ampZNFBBZ3BBUnRCRlkwNCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY2xpZW50X2lkIjoiN0xlZThTM2dxWElPa1VrdmpqWTRQQWdwQVJ0QkZZMDQiLCJyZWRpcmVjdF91cmkiOiJodHRwOlwvXC8xNjUuMjI3LjEyMC4zN1wvYXBpXC92MVwvYXJhYkJhbmtMb2dpbkNhbGxCYWNrXC8iLCJzY29wZSI6Im9wZW5pZCBhY2NvdW50cyIsInN0YXRlIjoiOTUxNTUyMDUxNTY3Iiwibm9uY2UiOiI5NTE1NTIwNTE1NjciLCJ4LWlkZW1wb3RlbmN5LWtleSI6Ijk1MTU1MjA1MTU2NyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJvcGVuYmFua2luZ19pbnRlbnRfaWQiOnsidmFsdWUiOiJ1cm46YXJhYmJhbms6aW50ZW50OmFjY291bnRzOjc1Yjk1Zjc3LTIyZDItNDZjYS1iNmMwLTVjOWU4ZGVjMTUyYSIsImVzc2VudGlhbCI6dHJ1ZX0sImFjciI6eyJlc3NlbnRpYWwiOnRydWV9fX19.jzNByhtmK9ciXEIyPaUgKcoQ1RXVgZ_GOvVzihcx8iy-dexHitaBplhopsp_I6rxPmQbIGXKbTP3Izts-V0dVCysZlSXo2sSTgDvIl-BozgeTPTW-qeqmtAwLXab3JKRpvgS5k0lS6KxTEgLIqGbm88VHCfp33DnNkVraJNbzalGeGbZCGOf7x6b674BeTfWbyaKXzgLkkPOk0n_vMd391UqzaYTauWFzAoU-iscovDk8Q_4THwv4Dr13iWH8vXr6kOngwQwWFEVDiiiQdsPUWK7ujD5DOHwUvP-x3fNjuya4itK4qXHRPzgUB78EQ8XaRvJ4auC3nCnEeqO7xgnVw   response : This link   Please Advice  Regards  

ramezsw
Payment apis

Hi Mario,

I think I have identified the source of your issue, it might be one of the two possibilities below

 

- Notice the URL in your point number 3: it should be https://tapi.arabbank.com/sandbox/oauth/v1/authorize instead of https://developer.arabbank.com/oauth-apis/apis/get/authorize.

- More importantly, you need to append the AccountRequestId that you retrieved from /account-requests to the "request" query param in the claims of /authorize as shown below

"claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "urn:arabbank:intent:accounts:75b95f77-22d2-46ca-b6c0-5c9e8dec152a",
        "essential": true
      },
      "acr": {
        "essential": true
      }
    }
  }

Notice that the AccountRequestId you have in your claims is different from the request ID you obtained from /account-requests.

 

 


Add new comment