Requesting Account Information (AIS)

PSD2ClosedRevised Payment Services Directive 2 PSD2 provides the legislative and regulatory foundation for Open Banking and other broader initiatives at a UK and European level relating to open access to payment accounts. The European Banking Authority (EBA) recently extended the deadline for PSD2 compliance until December 31, 2020. OBIE defines the "Account Information Service" as an online service to provide consolidated information (balance, transaction history) on one or more payment accounts held by a PSUClosedPayment Services User – an individual person or legal business entity making use of an Open Banking service as a payee, payer or both. with one or more payment service providers.

As it relates to an AISPClosedAccount Information Service Provider – a TPP authorised to access consumer or business account data from the account holder's financial institutions with the account holder's explicit consent., this essentially means that, under open banking protocols, banks allow access to a customer's account data by TPPs only if the customer (PSU) explicitly gives consent (grants permission) to let the bank allow such access.

In the context of the account information queries discussed here, AISP and TPPClosedThird-Party Provider – an authorised online service provider introduced as part of Open Banking. TPPs exist outside of the account holder’s relationship with their bank but may be involved in transactions carried out by the user. are one and the same.

For each TPP member, Soldo imposes a maximum API request limit of 1,000 requests per minute.

The scope of analysis and service the bank supports includes comparing a PSU's accounts and transaction history to a range of financial service options, aggregating data across participating financial institutions and customers to create marketing profiles, and making new transactions and account changes on the PSU's behalf.

API support for accessing a PSU's account information institutes a communications flow that ensures all PSD2 mandates regulations for PSU consent and authorisation are met.

Pictured above (hover to enlarge) is the general flow. Guidance on making the appropriate POST and GET calls, as well as handling the bank's responses to these requests is covered next.

Base URLs

See Base URLs.


See Common Request Headers.

Typically, the bank requires a user ID as the first step of the credentials exchange necessary to identify the user. Additional details may be required, as well.