What is AIS?
The account information APIs, which follow the oAuth2 framework, will enable your application to retrieve account information from a KBC customer’s online payment account only with their explicit and authorised consent.
The process should begin by your application obtaining an explicit consent for the account access from a customer and then requesting the customer to authorise the consent using their KBC online banking/mobile banking credentials. Once the consent has been authorised by the KBC customer, your application can request the information on the accounts based on the permissions given by the customer as part of the consent.
The account information APIs also enable your application to check the status of the consent authorisation.
Who is it for?
• Third party payment service providers
• Financial services firms
Documentation
KBC Ireland has provided the following endpoints to allow the initiation and execution of a payment from the application.
| AIS | |
|---|---|
| Endpoints | Description |
| POST /account-access-consents | Create a consent record. |
| GET /account-access-consents/{ConsentId} | Retrieve the status of the consent record. |
| DELETE /account-access-consents/{ConsentId} | Delete a consent record. |
| GET /accounts | Get the full list of accounts the customer authorised the TPP to access. |
| GET /accounts/{AccountId} | Get the account information for a specific account. |
| GET /accounts/{AccountId}/balances | Get the account balance information for a specific account. |
| GET /accounts/{AccountId}/transactions | Get the list of transactions for a specific account. |
These endpoints comply with the Account and Transaction API Specification of the Open Banking standards. Detailed documentation of our implementation is available after you have registered on our developer portal.
A outline for the payments flow can be seen below (source: Open Banking):
Additional Information
KBC Ireland offers dedicated digital channels for its personal and business customers. This essentially means that the authorisation endpoints for a personal login and a business login will be different. We recommend that all third party applications use the following for KBC Ireland in their listing of Banks – KBC Personal Login and KBC Business Login.
KBC Ireland will support both web redirection and mobile application redirection for consent authorisation for its personal customers. The TPP application on a mobile device will be able to deep link into the KBC Ireland mobile application. In the event the customer does not have the mobile application installed on their device, they can expect that the TPP application will automatically redirect the customer to KBC Ireland online banking website, using the web-redirect method.
KBC Ireland will support only web redirection for its business customers.
Please read this document (pdf, 176 KB) for more information on the KBCI Authorisation flow.
Roadmap
September 13, 2019 – APIs are now live. Register your application using our Dynamic Registration APIs.