In this article you will learn how the authentication will look like from the end-user (PSU) perspective.
This is an example of how Authentication with UI (oAuth flow simulation) works for Finnish and Swedish customers. Denmark and Norway will have its own similarly to this, but with their own authentication methods (such as NemID and BankID)
TPP redirects the customer to authorize the TPP.
Please note that authorization flow is not testable with the sandbox. Authorization is automatically accepted after a few seconds has passed.
AUTH FLOW FOR FINLAND
You start the authorization by creating the authorization call such as:
https://api.nordeaopenbanking.com/personal/v4/authorize?state=oauth2&client_id={{X-IBM-Client-ID}}&scope=ACCOUNTS_BASIC,ACCOUNTS_BALANCES,ACCOUNTS_DETAILS,ACCOUNTS_TRANSACTIONS,PAYMENTS_MULTIPLE, CARDS_TRANSACTIONS, CARDS_INFORMATION&duration=129600&redirect_uri=https://redirect_uri.com/redirect&country=FI
The Finnish customer will first be asked for Nordea Login ID (netbank ID).
Then the customer can confirm the log in via the Mobile Codes app or by clicking "Mobile offline?"
- More about this app here
Clicking Mobile offline will let the user to confirm the identification as well but by asking an extra code.
After this the customer needs to select which accounts they wish to grant the TPP access to.
In addition, we're introducing an optional payment account list that you can pass to Nordea in order to inform on what specific payment accounts to access. In practice this will remove the need for the PSU to select any payment accounts in a Nordea user interface, if those have been pre-selected in the TPP application.
After the clicking grant access, customer will be redirected back to the TPP app with the generated access token. Redirect will happen according to the set redirect_uri.
AUTH FLOW FOR SWEDEN
With an example TPP application
