How to Go Live

Read the intro

  • The first thing you have to is login by clicking on “Login”.
  • Then, switch to the Live Environment.
  • There you’ll find an intro just like the one you’ve seen when getting started with your Sandbox.

TPP Registration

  • You have to import in portal the certificate you have received from the QTSP. Then, the platfrom will recognize you as a TPP.
  • In order to do so, go to Profile and the to tab 'PSD2 CERTIFICATES'. Then follow the on-screen instructions.
  • After you have been validated successfully, you will see a summary of your certificate.

Register your apps

  • All you need to do next is create an app.
  • Fields in first step are mandatory while in the second optional.
  • Your application stays inactive until Hellenic Bank checks your submitted information. We will inform you via email when your application is ready to go live.
  • The end user of your application will need to become a customer of Hellenic Bank in order to see their accounts and conduct transactions. Contact to find out more.
  • IMPORTANT:
    • You do not need to be a Hellenic Bank customer to register an application for the live environment and take your application live.

Manage your apps

  • You can view the applications you’ve registered to the live environment.
  • Simply click on the application you’d like to manage / review & you’ll get additional information.
  • The status will be 'Under Review' while the bank checks the data. Once the process is completed ,we will confirm over an email if the application is Accepted or if you will need to make any changes.
  • Once the check finishes, you will receive an e-mail for the result. Your application will be ready to use when the status is 'Accepted'.

Get the access token

  • When someone is ready to use your application, the first thing they’ll need is to get an access token from the OAuth2 server. Make sure you add this feature in your application.
  • The credentials entered here, are identical to the ones they use to login to web banking (Username, password and business ID, OTP).
  • In PSD2 cases and transaction initiation, you will not be asked for an OTP since you will provide one during transaction. You can only use payment status and cancel payment scopes in combination with transaction initiation scopes.

Authorize accounts

  • In PSD2 account requests, you will be asked to give the view authority to accounts.
  • In PSD2 transaction initiation, you will be asked to select the debit account.
  • This screen will not be available in B2B cases.

Final step

  • After a successful OAuth2 login, you need to grant access to APIs.
  • Then, OAuth2 redirects you to the client’s redirect url with a client token.
  • In the backend, client sends the client token to OAuth2 and receives an access token which is used in every API call.
  • Now, we are ready to call the APIs, following the instructions in API docs.

Initiate Payment

  • In case of PSD2, please sign the payload of HTTP POST & PUT requests with the private key of the certificate(x-signature header).
  • After payment submission, if you do not have validation errors, you will receive an HTTP 302 redirect with Location header containing the url for OTP page. B2B will receive an HTTP 200 response.
  • After a successful submission, you will get a success page.
  • Once you have used the redirectUrl or errorRedirectUrl parameter, you will be redirected there.
  • In PSD2, each access token can be used for one payment submission. Then, you can only get status or cancel the created payment.

Billing

  • By clicking on 'Billing' you can see an overview of the calls you made and the cost.
  • You can also download a report in excel.