Validate · Enforce · Trust
Payment Refunds — Requirements v2.12 min read
The tables below list the validation rules that apply to the Payment Refunds API. The Validated by column indicates where each rule is enforced.
All requests require an active Trust Framework application with the BSIP role, a valid transport certificate presented on every request via mTLS, and an active signing key for JWT signing.
01 Endpoint
Retrieve Refund Account
GET
/payment-consents/{ConsentId}/refund#
Field
Rule
Validated by
1
AuthorizationMust contain a valid Bearer access token obtained via a
client_credentials grant with the payments scope.API Hub
2
ConsentId (path)The consent record linked to the
ConsentId must include the ReadRefundAccount permission.API Hub
3
Account state
The debtor account must not be blocked from receiving payments.
If the account is blocked for a temporary reason (e.g. account status is
If the account is blocked permanently (e.g. account status is
If the account is blocked for a temporary reason (e.g. account status is
Suspended, or the account is otherwise unable to receive a credit transaction refund on a transient basis), the response will be 403 with errorCode: Consent.AccountTemporarilyBlocked and errorMessage: The debtor account is blocked from receiving payments.If the account is blocked permanently (e.g. account status is
Closed, Deceased, or Unclaimed), the response will be 403 with errorCode: Consent.PermanentAccountAccessFailure and errorMessage: The debtor account is blocked from receiving payments.LFI
4
x-fapi-interaction-idShould be included. Should be a valid UUID (RFC 4122). An invalid value will not cause a failure but tracing will not be possible.
N/A