Built by the community
Navigation
Metrics
Program
Service DeskPricingPoliciesDocument RepositoryLive Ecosystem
Developer Docs
TPP — Open Finance StandardsLFI — Integration GuideAPI SpecsKnowledge BaseRelease Notes & Erratas
NewsGitHub
Service Initiation · Multi-Authorization

Multi-Authorization 2 min read

The Open Finance standards support payment journeys that require more than one authorizer. This guide explains how TPPs and LFIs must coordinate multi-authorization for payment consents and how the consent lifecycle is reflected in API calls and responses.

01 Prerequisites

What you need before initiating a multi-authorization payment

  • Registered Application — the application must be created within the Trust Framework and assigned the BSIP role as defined in Roles.
  • An active payment consent — a payment consent must have been created through the relevant Service Initiation API Guide. Multi-authorization applies after the first authorizer has completed their step.
  • Understanding of the Consent Lifecycle — you should understand consent status transitions, including AwaitingAuthorization, Authorized, and Rejected.
02 API Sequence Flow

End-to-end multi-authorization journey

Sequence diagramMulti-AuthorizationClick to expand
03 Step 1

Indicate multi-authorization support in the PAR request

When submitting the Pushed Authorization Request (PAR), the TPP MUST set IsSingleAuthorization inside authorization_details[].consent:

  • true — only a single authorizer is supported for the payment.
  • false — multiple authorizers are supported (multi-authorization enabled).

When IsSingleAuthorization is false, the TPP SHOULD also set AuthorizationExpirationDateTime inside authorization_details[].consent. This field represents the deadline by which all remaining authorizers must have acted — that is, the consent MUST reach Status=Authorized before this time, otherwise the consent transitions to rejected/expired.

  • AuthorizationExpirationDateTime MUST NOT be after ExpirationDateTime.
  • When IsSingleAuthorization is true, TPPs SHOULD NOT include AuthorizationExpirationDateTime.
Tip

These fields are carried in the Rich Authorization Request (authorization_details[].consent.IsSingleAuthorization, authorization_details[].consent.AuthorizationExpirationDateTime). See the Authorization Endpoints OpenAPI for the full schema reference.

04 Step 2 · LFI Behavior

Account selection based on authorization type

Before showing eligible accounts during the consent journey, the LFI checks IsSingleAuthorization from the PAR request:

  • If true: allow selection only from accounts that require a single authorizer. If none exist, decline the consent, cancel the journey, and redirect the user to the TPP with an appropriate error.
  • If false: allow selection from accounts that require either single or multiple authorizers.
05 Step 3 · LFI Behavior

Managing the authorization flow

After the first user authorizes, the LFI must:

  • Inform OFH of required authorizers by PATCHing the consent to include Meta.MultipleAuthorizers.
  • Keep consent status as AwaitingAuthorization — do not set Status=Authorized yet.
  • Redirect back to the TPP via /doConfirm once the PATCH is accepted.
PATCH consents/{consentId} — first authorizer complete, others pendingjson
{
  "psuIdentifiers": {
    "userId": "52738e3b-eacf-4a7c-a73b-da01caa45c3f"
  },
  "accountIds": [
    "100004000000000000000001",
    "100004000000000000000003",
    "100004000000000000000004"
  ],
  "consentBody": {
    "Meta": {
      "MultipleAuthorizers": {
        "TotalRequired": 2,
        "Authorizations": [
          {
            "AuthorizerId": "ab7eb4fb-2446-4058-bbc4-114fe6d3f44a",
            "AuthorizerType": "admin-group",
            "AuthorizationStatus": "Pending"
          },
          {
            "AuthorizerId": "e5afc3c6-5064-4a9a-baab-5fd39c4cf1eb",
            "AuthorizerType": "admin-group",
            "AuthorizationStatus": "Pending"
          }
        ]
      }
    }
  },
  "authorizationChannel": "App"
}

The TPP receives the redirect/callback, exchanges the authorization code at /token, and receives an access token plus the consent object still marked AwaitingAuthorization, including the Meta.MultipleAuthorizers structure above.

06 Step 4 · Tracking Additional Authorizations

Updating consent status after each authorization

The LFI must PATCH the consent after each additional authorization to reflect progress:

  • If any required authorizer rejects → set Status=Rejected.
  • When all required authorizers approve → set Status=Authorized.
Example — one authorizer approved, another still pendingjson
{
  "consentBody": {
    "Meta": {
      "MultipleAuthorizers": {
        "TotalRequired": 2,
        "Authorizations": [
          {
            "AuthorizerId": "ab7eb4fb-2446-4058-bbc4-114fe6d3f44a",
            "AuthorizerType": "admin-group",
            "AuthorizationDate": "2025-06-19T06:28:17Z",
            "AuthorizationStatus": "Approved"
          },
          {
            "AuthorizerId": "e5afc3c6-5064-4a9a-baab-5fd39c4cf1eb",
            "AuthorizerType": "admin-group",
            "AuthorizationStatus": "Pending"
          }
        ]
      }
    }
  },
  "authorizationChannel": "App"
}
Example — final approval, consent becomes Authorizedjson
{
  "consentBody": {
    "Data": {
      "Status": "Authorized"
    },
    "Meta": {
      "MultipleAuthorizers": {
        "TotalRequired": 2,
        "Authorizations": [
          {
            "AuthorizerId": "ab7eb4fb-2446-4058-bbc4-114fe6d3f44a",
            "AuthorizerType": "admin-group",
            "AuthorizationDate": "2025-06-19T06:28:17Z",
            "AuthorizationStatus": "Approved"
          },
          {
            "AuthorizerId": "e5afc3c6-5064-4a9a-baab-5fd39c4cf1eb",
            "AuthorizerType": "admin-group",
            "AuthorizationDate": "2025-06-19T08:10:02Z",
            "AuthorizationStatus": "Approved"
          }
        ]
      }
    }
  },
  "authorizationChannel": "App"
}
Example — a required authorizer rejects, consent becomes Rejectedjson
{
  "consentBody": {
    "Data": {
      "Status": "Rejected"
    },
    "Meta": {
      "MultipleAuthorizers": {
        "TotalRequired": 2,
        "Authorizations": [
          {
            "AuthorizerId": "ab7eb4fb-2446-4058-bbc4-114fe6d3f44a",
            "AuthorizerType": "admin-group",
            "AuthorizationDate": "2025-06-19T06:28:17Z",
            "AuthorizationStatus": "Approved"
          },
          {
            "AuthorizerId": "e5afc3c6-5064-4a9a-baab-5fd39c4cf1eb",
            "AuthorizerType": "admin-group",
            "AuthorizationStatus": "Rejected"
          }
        ]
      }
    }
  },
  "authorizationChannel": "App"
}
07 Step 5

Consent status and payment initiation

  • The TPP MAY initiate the payment only after Status=Authorized.
  • Additional authorizers must act before AuthorizationExpirationDateTime if set, otherwise before ExpirationDateTime.
Tracking consent status

TPPs can monitor progress by:

Once the consent is Authorized, the TPP can exchange the refresh token for a new access token via /token and proceed to initiate the payment.