As of now, Yapily does not provide any support for web-hooks although it is something that is on our roadmap. For updates on the
Consent status, you should use the
GET Consent endpoint.
Yapily supports both redirect-based and embedded authorisation flows. To learn more, see the following links:
Provided that the customer uses mobile banking and has the accompanying mobile banking application installed on their mobile device, the
authorisationUrl provided by Yapily will automatically
deep-link to the PSU's mobile banking application.
Similarly, it is also possible to allow customers to still use a mobile device to complete an authorisation even if you're not planning to release a mobile application. Yapily also provides a
qrCodeUrl in the AccountAuthorisationResponse to make this option possible.
This is a valid use case in the Open Banking journey if the PSU chooses not to give their consent to either make a payment or share their account information. In this event, it would be good to relay the result back to the PSU in your application confirming that this was intended and providing options to authorise again or to abandon the flow. See Payment Consent Authorisation Status or Account Consent Status Transitions
This scenario occurs when the
Institution does not send a response for the authorisation either because there is an issue with the
Institution or because the PSU does not complete the
authorisation. Unfortunately, there is little Yapily can do in this scenario to investigate the cause as Yapily relies on the query parameters returned by the
Institution to receive information on
the authorisation status. To mitigate against this problem, you can write logic to check the status of the consent after 5 mins and if the
Consent is still in the
should display an appropriate message. At this point, you could also prompt the PSU to authorise again.
Institution will have its own limits, however, this is rarely longer than a few minutes. If the PSU takes to long to login to their
Institution will display a
expired error notification, and you will need to generate a new authorisation.