PSD2 CONTINGENCY MECHANISM (PSD2 FALLBACK)

The regulatory fallback solution will be available starting September 14th 2019 in the event that our PSD2-API implementation does not perform in compliance with the legal requirements.

 

STEP 1: TESTING YOUR EIDAS QWAC CERTIFICATE / GETTING A CLIENT-ID

You will have to call the first-contact endpoint once to receive a Client-ID. This step also ensures that your eIDAS certificate is valid.
You can send this request multiple times - as long as your certificate's subject DN does not change, you will receive the same Client-ID.

 

Please note that our APIs only support certificates with a maximum key length of 2048 bits.

 

The following example shows a request in "cURL" format:

curl -X POST "https://psd2.raiffeisen.at/api/psd2-xs2a/first-contact/" \

-H "Content-Type: application/json" \
-H "Cache-Control: no-cache" \
--cert "/path/to/cert.pem" \
--key "/path/to/key.key"

 

The following is an example response body you would receive:

{

  "clientId": "API-7d6f204b-3219-4b63-b66e-5f7a0be1d067"

}

 

 

STEP 2: ACCESSING MEIN ELBA VIA FALLBACK MECHANISM

Once you have obtained a Client-ID you can access SmartOffice Online-Banking via screen scraping.
You will have to send all requests using your eIDAS QWAC certificate and transmit the Client-ID in the "X-Fallback-Client-Id" HTTP header.

 

Please note the entry point is different to our regular customer login and available at https://psd2-fallback.multicash.at.

 

The following example shows a request in "cURL" format:

curl -X GET https://psd2-fallback.multicash.at \

-H "X-Fallback-Client-Id: API-7d6f204b-3219-4b63-b66e-5f7a0be1d067" \
--cert "/path/to/cert.pem" \
--key "/path/to/key.key"