The Payment Request API allows you or your customer to request payment links from Rabobank using your application. With this integration, you can create the payment links as a part of your billing process or the billing process of your customer.
Rabobank business customers can send payment links directly using your software.
To know more read the manual that connects to your use case:
- Third parties - Rabo Banking Link for third parties to know more.
- Direct connectors - Rabo Banking Link manual for direct connectors
Relevant scope(s) for oauth2 access code flow
| Scope name | Description |
|---|---|
| prs.paymentrequest.read-write | Consent for payment request |
Make sure that you use the Authorization and Token URL as provided by the Authorization Services.
Rate Limiting
A default rate limit plan is set for all APIs. The rate limit can be shared or defined per operation. The table below describes the rate limiting for this product.
| Operation | Type | Limit (API calls / s) | Counts towards shared limit |
|---|---|---|---|
GET /payment-requests | Shared | 5 | Yes |
POST /payment-requests | Shared | 5 | Yes |
GET /payment-requests/accounts | Shared | 5 | Yes |
GET /payment-requests/{id}/qr-codes | Shared | 5 | Yes |
GET /payment-requests/{id} | Shared | 5 | Yes |
DELETE /payment-requests/{id} | Shared | 5 | Yes |
GET /payment-requests/{id}/transactions/{transactionId} | Shared | 5 | Yes |
| All (premium) Oauth calls | Shared | 5 | Yes |
Characteristics of the business payment request
Rabobank customers can create payment requests for business accounts using the API.
| Business | |
|---|---|
| Maximum amount | € 5,000 |
| Variable amount | Optional |
| Link can be used | Once |
| Link expires after | 100 days |
| Add a client reference | Optional |
| Indicate the number of payers | Not supported (always 1) |
| More information (in Dutch) | Business Payment Request |
Payment request API user flow:
-
Request a payment link using the Payment request API.
-
Share the requested payment link or qr-code through email, text, WhatsApp, or social media.
You can also choose to delete a payment request, which renders it unpayable.
-
The receiver of the payment link pays directly using iDEAL.
You can request the status of your Payment Request i.e. paid, unpaid or all.
-
The amount is credited to your account immediately after payment.
redirectUrl
You can use redirectUrl field while creating a payment request to redirect your user to your webpage, where they can see the status of the transaction.
The redirectUrl field must contain a valid URL, and should be implemented by you (party initiating the transaction).
"redirectUrl": https://www.abc.nl/payment-request/redirectIf the payment is completed, canceled, or expired, the user is redirected to the URL as entered in the redirectUrl automatically. You use the id and trxid in the query parameters of the URL to fetch the transaction status and display it to the customer on their page.
https://www.abc.nl/payment-request/redirect?id=fe129503-4141-4f6e-967d-5bdb5b1fd630&trxid=b6248d63-0aad-4d68-9a4c-c925efeeb4a1
- Passing a redirectUrl without having a valid page implemented lead to your user landing on an unknown page.
- The id and trxid fields are automatically filled by us.
You can retrieve the payment request transaction status:
GET payment-requests/{id}/transactions/{transactionId}
Requests
The POST Payment-requests requests must contain a digital signature. You can generate a digital signature using the private key of your certificate.
For the Sandbox environment, you can use an example certificate available in the Signing documentation.
You can retrieve a list of existing payment requests for the user with GET Payment-requests.
GET https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests?offset=0&limit=25&completionStatus=ALLYou can receive a payment request link with POST Payment-requests.
POST https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requestsYou can let the payer fill in the amount by using the new optional parameter
hasVariableAmount(default value = false):
- If false, the
amountCentsfield is required and must contain a value.- If true, the
amountCentsfield is optional and can be null.
You can retrieve a list of accounts that the current user can create payment requests for with GET payment-requests/accounts.
GET https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests/accountsYou can generate a QR Code for a specific payment request using GET payment-requests/{id}/qr-codes, using the id(s) in the URL.
GET https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests/2f280203-fb0f-43db-ac3b-3211d3b98f22/qr-codesYou can retrieve an existing payment request by its UUID with GET Payment-requests/{id}, using the id(s) in the URL:
GET https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests/fe129503-4141-4f6e-967d-5bdb5b1fd630You can delete a specific payment request using DELETE payment-requests/{id}, using the id(s) in the URL:
DELETE https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests/fe129503-4141-4f6e-967d-5bdb5b1fd630Response
GET Payment-requests
To view the GET parameters, read the endpoint description for GET /payment-requests.
{
"currentDateTime": "2023-09-26T11:14:59.738Z",
"paymentRequests": [
{
"paymentRequest": {
"id": "fe129503-4141-4f6e-967d-5bdb5b1fd630",
"created": "2018-09-17T15:43:51.459Z",
"accountIban": "NL19RABO0123456790",
"accountName": "The Requester",
"currency": "EUR",
"amountCents": 10000,
"hasVariableAmount": false,
"numPayers": 1,
"description": "Can you please pay me for the present",
"accountSegment": "BUSINESS",
"clientReference": "TEST ref",
"transactions": [
{
"id": "800b42aa-9a8d-4e5e-a955-bda223e1e80f",
"tsPaid": "2018-09-17T15:43:51.459Z",
"accountIban": "NL63RABO0000000000",
"accountName": "The Payer",
"amountCents": 10000,
"chosenAmountCents": 10000
}
],
"expired": false
},
"paymentPageUrl": "https://fake.nl/fakebetaalverzoek/?id=_hKVA0FBT26WfVvbWx_WMA"
}
]
}The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific triggers values in the GET payment-requests parameters to receive the mentioned responses.
| Trigger | HTTP status | Description |
|---|---|---|
| (default) | 200 | Happy flow for retrieving a list of payment requests |
| param limit = -2 | 404 | No consent information specified |
| param limit = -1 | 500 | Technical error |
POST Payment-requests
To view the POST parameters, read the endpoint description for POST /payment-requests.
{
"paymentPageUrl": "https://fake.nl/fakebetaalverzoek/?id=baVGVJPZRg2nNc8-WlLzSw",
"assignedId": "fe129503-4141-4f6e-967d-5bdb5b1fd630"
}The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific triggers values in the Post payment-request parameters to receive the mentioned responses.
Use NL19RABO0123456790 for your Sandbox testing.
| Trigger | HTTP status | Description |
|---|---|---|
| (default) | 201 | Happy flow for initiating a payment request |
| invalid request (e.g. amount = 0) | 400 | Validation error |
| invalid X-IBM-Client-Id | 401 | Unauthorized |
field description = INVALID-CONSENT | 403 | No consent given for the given IBAN |
field description = TECHNICAL-ERROR | 500 | Technical error |
| for missing header - TPP-Signature-Certificate | 403 | CERTIFICATE_VALIDATION_ERROR |
| for missing header - signature, date, digest or x-request-id. or Invalid signature. | 403 | SIGNATURE_VALIDATION_ERRO |
GET Payment-requests/accounts
To view the GET parameters, read the endpoint description for GET /payment-requests/accounts.
[
{
"iban": "NL19RABO0123456789",
"currency": "EUR",
"segment": "BUSINESS"
}
]The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific triggers values in the Get payment-requests parameters to receive the mentioned responses.
| Trigger | HTTP sttus | Description |
|---|---|---|
| header x-scenario = TECHNICAL-ERROR | 500 | Technical error |
| header x-scenario = INVALID-CONSENT | 404 | No consent information specified |
| (default) | 200 | Happy flow for retrieving a list of accounts |
GETPayment-requests/id/qr-codes
Payment-requests/id/qr-codesTo view the GET parameters, read the endpoint description for GET /payment-requests/{id}/qr-codes.
The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific id(s) in the URL, example (GET /payments/payment-requests/{id}/qr-codes) to get the mentioned responses.
| Trigger | HTTP Status | Description |
|---|---|---|
| (default) | 204 | Happy flow for generating a QR code |
param id = 11111111-1111-1111-1111-111111111111 | 403 | No consent given for the payment request IBAN |
param id = 00000000-0000-0000-0000-000000000000 | 404 | Payment request could not be found |
param id = 22222222-2222-2222-2222-222222222222 | 500 | Technical error |
GETPayment-requests/id
Payment-requests/idTo view the GET parameters, read the endpoint description for GET /payment-requests/{id}.
{
"currentDateTime": "2022-03-01T08:51:19.196Z",
"paymentRequestWithMetadata": {
"paymentRequest": {
"id": "fe129503-4141-4f6e-967d-5bdb5b1fd630",
"created": "2018-09-17T15:43:51.459Z",
"accountIban": "NL19RABO123456790",
"accountName": "The Requester",
"currency": "EUR",
"amountCents": 10000,
"hasVariableAmount": false,
"numPayers": 1,
"description": "Can you please pay me for the present",
"accountSegment": "BUSINESS",
"clientReference": "TEST ref",
"transactions": [
{
"id": "800b42aa-9a8d-4e5e-a955-bda223e1e80f",
"tsPaid": "2018-09-17T15:43:51.459Z",
"accountIban": "NL00RABO0000000000",
"accountName": "The Payer",
"amountCents": 10000,
"chosenAmountCents": 10000
}
],
"expired": false
},
"paymentPageUrl": "https://fake.nl/fakebetaalverzoek/?id=_hKVA0FBT26WfVvbWx_WMA"
}
}The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific triggers values in the GET payment-requests/{id} parameters to receive the mentioned responses.
| Trigger | HTTP Status | Description |
|---|---|---|
param id = fe129503-4141-4f6e-967d-5bdb5b1fd630 | 200 | Happy flow for retrieving by ID |
param id = 11 | 400 | Bad Request, id should be of type UUID |
param id = 11111111-1111-1111-1111-111111111111 | 403 | No consent information specified |
param id = 00000000-0000-0000-0000-000000000000 | 404 | Payment Request Not found |
param id = 22222222-2222-2222-2222-222222222222 | 500 | Technical error |
DELETEPayment-requests/id
Payment-requests/idTo view the DELETE parameters, read the endpoint description for DELETE /payment-requests/{id}.
The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific id(s) in the URL, example (GET/payments/payment-requests/{id}) to get the mentioned responses.
| Trigger | HTTP Status | Description |
|---|---|---|
| (default) | 204 | Happy flow for deleting a payment request |
param id = 11111111-1111-1111-1111-111111111111 | 403 | No consent given for the payment request IBAN |
param id = 00000000-0000-0000-0000-000000000000 | 404 | Payment request to delete could not be found |
param id = 22222222-2222-2222-2222-222222222222 | 500 | Technical error |