Error handling

All responses from the Consent API with a response code >=400 should be handled as an error with the format described in this section. Beside the most common consent errors as described below there is also a list of common error codes that should be considered for error handling.

NOTE: Whenever a response contains a consent_token, use this one for your next request. Note that error responses can also have a consent_token.

{
    "error": {
        "code": String,
        "message": String
    },
    "consent_token": ?String,
    "transfer_token": ?String
}

error.code String, always present

The code property indicates the type of the error.

error.message String, always present

The message property holds detailed information about the error provided by the bank's API.

consent_token String, optional

The consent_token property holds the token for the next request. If it is not present, the token is expired and should not be used again.

transfer_token String, optional

The transfer_token property holds the token for the next request. It's only present after a transfer-state call.

Consent errors can also occur due to temporary issues at the bank. The same request resulting in an error at first might be successful in a second attempt. The underlying consent represented by the latest consent_token remains valid in these cases.

There is no specific error response which indicates such a temporary issue at the bank, but this can cause any error response except for CONSENT.LIMIT_EXCEEDED. This means a response might contain the CONSENT.EXPIRED error while the consent is actually not expired but was rejected by the bank due to an issue.

As a result, we recommend ignoring the first error response and repeating the request later, ideally 1 day but at least 30 minutes after the first error response. A possible second error response can then be treated as final.

Example Error Responses

HTTP 400 Bad Request
{
    "error": {
        "code": "CONSENT",
        "message": "A general error when using a consent that can not be specified in detail"
    }
}
HTTP 400 Bad Request
{
    "error": {
        "code": "CONSENT.EXPIRED",
        "message": "The consent lifetime has expired"
    }
}

Requests using a consent_token older than their lifetime return CONSENT.EXPIRED. The lifetime of a consent token is defined in the session. If you want to continue fetching data, start a new session asking the PSU for consent to get a new consent_token.

HTTP 400 Bad Request
{
    "error": {
        "code": "CONSENT.REVOKED",
        "message": "The consent has been revoked"
    }
}
HTTP 400 Bad Request
{
    "error": {
        "code": "CONSENT.LIMIT_EXCEEDED",
        "message": "The daily limit of the consent usage has been exceeded"
    }
}

Request not supported by bank

HTTP 400 Bad request
{
    "error": {
        "code": "NOT_SUPPORTED.TRANSACTIONS_DATE_RANGE",
        "message": "The requested date range is not supported for this bank"
    },
    "consent_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IjEyMzQ1Njc4OTAifQ.na71ipK8ASvggoM6C5vMjBKgJlZLxV-m6ElgHBrNtlU"
}
HTTP 400 Bad request
{
    "error": {
        "code": "badRequest",
        "message": "'account_id' is missing"
    }
}

A token can not be requested for a session which is not logged in or does not exists

HTTP 404 Not found
{
    "error": {
        "code": "notFound",
        "message": "Could not request a consent token for a session which is not logged in"
    }
}

Any unexpected error

HTTP 500 Internal Server Error
{
    "error": {
        "code": "internalServerError",
        "message": "Internal Server Error"
    }
}

results matching ""

    No results matching ""