Q:
Do you support sole-trader/freelancers accounts and small/medium business (SMB) accounts within PSD2?
A:
Both accounts are supported but it depends on the agreement the PSU (Payment Service User) has with the bank, meaning personal agreement or business agreement. Sole-trader accounts could be in personal agreement or in business/sme agreement.
Q:
How to distinguish the sole-trader from small business account? Do you need to use different endpoints to access them?
A:
Based on the agreement. There are separate APIs for personal and business/sme segment customers.
Q:
Does Open Banking access for business/sole-trader accounts require additional consents or other steps?
A:
Consents are needed, but the same process applies. There are also different scopes in consent. Please refer to:
Business Access Authorization API
API Reference - Business Access Authorization
API reference - Access Authorization
Q:
Where user rights and roles are managed for business accounts?
A:
Authorizations (user rights) are stored in the bank's local legacy systems.
Q:
What authentication methods are available in the business flow?
A:
There are several. Please refer to:
Business Access Authorization API
Decoupled authentication and authorization (Business Access Authorization API)
Q:
Do you support multi-authorization (2 people authorization) for PSD2 business accounts? Is it only for PIS?
A:
Yes, customers can choose to approve a payment by 2 persons, known as 4 eyes confirmation. It is for PIS only. Please refer to our Business PIS documentation:
API Reference (Compliance APIs)
Q:
Do you provide the following information in the AIS response for business: organisation (company name), company registration number, tax number, VAT number, organisation address, name of the PSU who has consented to the access?
A:
Yes, please refer to:
API Reference - Business Accounts
Q:
In the response to:
you return account_name and account_holder parameters. How do they differ? Which one should we use for account owner name: account_name or account_holder?
A:
A default account name in Nordea is a name of the product. However, customers are allowed to set an alias for the account and by doing this, change the account_name - this parameter does not relate to the owner of the account.
Account_holder parameter should be the name of the account holder (owner). Refer to:
Get list of accounts (Business Accounts API)
Q:
Can I use a TPP to access my account information if I have Nordea Business Konto-Kik?
A:
Yes, you can. If you experience any issues with this, please verify that you have access permissions to the account. If you do and the issue still persists, please request your TPP to contact:
Nordea Open Banking technical assistance
Q:
We encounter payment initiation failures due to invalid characters in the message. What characters are allowed so we can make that validation ourselves?
A:
Please refer to: Special characters in message fields (creditor/debtor/beneficiary name)
Q:
Can payments with status OnHold and requires_second_channel_confirmation true/false be cancelled?
A:
The only scenario when you can delete OnHold payment is when requires_second_channel_confirmation is true.
Q:
Does Nordea support Get account subtransactions (lump sum transactions) endpoint:
GET /business/v4/accounts/{id}/subtransactions/{subtransaction-id}
for Denmark in Sandbox/Production?
A:
Please refer to:
API Reference - Business Accounts
Lump-sum Transactions (Business Accounts API)
Q:
While calling the endpoint:
we receive the following error (\"code\":\"error.authentication\",\"description\":\"Unspecified error with OBI authentication.\):
Request('https://open.nordea.com/business/v4/accounts', method='GET', body='', headers=[('X-Nordea-Originating-User-Ip', '104.[redacted].13'), ('X-Nordea-Originating-User-Agent', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:95.0) Ge[redacted]01 Firefox/95.0'), ('X-Nordea-Originating-Date', 'Thu, 19 Jun 2025 15:16:03 GMT'), ('X-Nordea-Originating-Host', 'open.nordea.com'), ('X-IBM-Client-Id', '993[redacted]11e'), ('X-IBM-Client-Secret',***), ('Authorization', 'Bearer 123'), ('Content-Type', 'application/json'), ('Signature', 'keyId="993[redacted]211e",algorithm="rsa-sha256",headers="(request-target) x-nordea-originating-host x-nordea-originating-date",signature="o6ByWXnSkodb[redacted]kFYgXC8DMM//H"')], tls=None)
"response":"{\"group_header\":{\"message_identification\":\"098a74332df21681\",\"creation_date_time\":\"2025-06-19T15:16:05.155028369Z\",\"http_code\":401},\"error\":{\"request\":{\"url\":\"/business/v4/accounts\"},\"failures\":[{\"code\":\"error.authentication\",\"description\":\"Unspecified error with OBI authentication.\"}]}}",}}
What could be the reason?
A:
In the Authorization header you need to provide a valid Access Token acquired during Business Access Authorization flow. Please see:
Business Access authorization API
API reference - Business Access Authorization
API Reference - Business Accounts
How long is Access Token valid?
Q:
What causes the booking_date to change in the following transaction example when requests have been made on two consecutive days?
-
2025-11-12 23:04:28.473 Request('https://open.nordea.com/business/v4/accounts/FI47***49-EUR/transactions?from_date=2025-11-05&to_date=2025-11-12', method='GET'response body: {"group_header":{"message_identification":"2485ae48816a1681","creation_date_time":"2025-11-12T21:04:28.857168574Z","http_code":200},"response":{"transactions":[{"transaction_id":"25***55","currency":"EUR","booking_date":"2025-11-12","value_date":"2025-11-12","type_description":"e***u","narrative":"e***u","message":"Kie***46","status":"billed","reference":"87***76","counterparty_account":"FI20***91","counterparty_name":"Pa***A","counterparty_bank_bic":"NDEAFIHH","transaction_date":"2025-11-12","payment_date":"2025-11-12","amount":"-450.00","to_account_name":"P***A","archive_id":"25***55"}
-
2025-11-13 18:08:21.676 Request('https://open.nordea.com/business/v4/accounts/FI47***49-EUR/transactions?from_date=2025-11-12&to_date=2025-11-13', method='GET'response body: {"group_header":{"message_identification":"254663b02df21681","creation_date_time":"2025-11-13T16:08:22.138829868Z","http_code":200},"response":{"transactions":[{"transaction_id":"25***55","currency":"EUR","booking_date":"2025-11-13","value_date":"2025-11-12","type_description":"e***u","narrative":"e***u","message":"Kie***46","status":"billed","reference":"87***76","counterparty_account":"FI20***91","counterparty_name":"Pa***A","counterparty_bank_bic":"NDEAFIHH","transaction_date":"2025-11-12","payment_date":"2025-11-12","amount":"-450.00","to_account_name":"P***A","archive_id":"25***55"}
A:
The reason behind the booking date change is that preliminary bookings appear immediately, even if the transaction is not finally booked in the system until the next day. When the transaction is finally booked, the booking date may change.
Q:
Is there an enumeration or reference list of possible values for the transaction_type_code field, including descriptions of what each code represents?
A:
Given that this value depends on various factors (e.g. account ledgers) and can take one of a dozen possible values, we are unable to provide such a list.
Q:
For Norway, are the following transaction data fields immutable and can function as unique identifiers within our system?
- own_message
- message
- narrative
- counterparty-related fields
- transaction_id
- currency
A:
Yes, with the exception that transaction_id becomes immutable only after the transaction is billed.