New SCA Oauth2 response in consent creation/payment submission

Dear Developers,
We want to inform you that the new release of the version 7 of the PSD2 APIs will be available by the end of May '21 on our environment.
This version brings a breaking change for you in the creation of a consent or a payment submission:

The returned scaOauth url in case of header tppExplicitAuthorizationPreferred = false will be https://api.tpp.europabank.be/berlingroup/.well-known/openid-configuration?authorizationId={UUID}.
You have to call this URL and retrieve the "authorization_enpoint" property in the response.


Connection to Production API

The communication between the TPP and production API is always secured by using a TLS-connection Mutual authentication using TLS version 1.2. This TLS-connection is initiated by the TPP and has to be established always including client (i.e. TPP) authentication.

For this authentication the TPP has to use a qualified certificate for website authentication (QWAC). This qualified certificate has to be issued by a qualified trust service provider according to the eIDAS regulation. The content of the certificate has to be compliant with the requirements of the EBA-RTS.