The Payment Request API allows you or your customer to request payment links from Rabobank using your application. With this integration, you can create the payment links as a part of your billing process or the billing process of your customer.

Rabobank business customers can send payment links directly using your software.

To know more read the manual that connects to your use case:

Relevant scope(s) for oauth2 access code flow

Scope name	Description
prs.paymentrequest.read-write	Consent for payment request

📘
Make sure that you use the Authorization and Token URL as provided by the Authorization Services.

Rate Limiting

A default rate limit plan is set for all APIs. The rate limit can be shared or defined per operation. The table below describes the rate limiting for this product.

Operation	Type	Limit (API calls / s)	Counts towards shared limit
`GET /payment-requests`	Shared	5	Yes
`POST /payment-requests`	Shared	5	Yes
`GET /payment-requests/accounts`	Shared	5	Yes
`GET /payment-requests/{id}/qr-codes`	Shared	5	Yes
`GET /payment-requests/{id}`	Shared	5	Yes
`DELETE /payment-requests/{id}`	Shared	5	Yes
`GET /payment-requests/{id}/transactions/{transactionId}`	Shared	5	Yes
All (premium) Oauth calls	Shared	5	Yes

Characteristics of the business payment request

Rabobank customers can create payment requests for business accounts using the API.

	Business
Maximum amount	€ 50.000,-
Variable amount	Optional
Link can be used	Once
Link expires after	100 days
Add a client reference	Optional
Indicate the number of payers	Not supported (always 1)
More information (in Dutch)	Business Payment Request

Payment request API user flow:

Request a payment link using the Payment request API.
Share the requested payment link or qr-code through email, text, WhatsApp, or social media.

📘
You can also choose to delete a payment request, which renders it unpayable.
The receiver of the payment link pays directly using iDEAL.

📘
You can request the status of your Payment Request i.e. paid, unpaid or all.
The amount is credited to your account immediately after payment.

redirectUrl

You can use redirectUrl field while creating a payment request to redirect your user to your webpage, where they can see the status of the transaction.

The redirectUrl field must contain a valid URL, and should be implemented by you (party initiating the transaction).

"redirectUrl": https://www.abc.nl/payment-request/redirect

If the payment is completed, canceled, or expired, the user is redirected to the URL as entered in the redirectUrl automatically. You use the id and trxid in the query parameters of the URL to fetch the transaction status and display it to the customer on their page.

https://www.abc.nl/payment-request/redirect?id=fe129503-4141-4f6e-967d-5bdb5b1fd630&trxid=b6248d63-0aad-4d68-9a4c-c925efeeb4a1

🚧

Passing a redirectUrl without having a valid page implemented lead to your user landing on an unknown page.

The id and trxid fields are automatically filled by us.

You can retrieve the payment request transaction status:

GET payment-requests/{id}/transactions/{transactionId}

Requests

The POST Payment-requests requests must contain a digital signature. You can generate a digital signature using the private key of your certificate. For the Sandbox environment, you must use the example certificate available in the Signing documentation.

You can retrieve a list of existing payment requests for the user with GET Payment-requests.

GET https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests?offset=0&limit=25&completionStatus=ALL

You can receive a payment request link with POST Payment-requests.

POST https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests

📘
You can let the payer fill in the amount by using the new optional parameter hasVariableAmount (default value = false):

If false, the amountCents field is required and must contain a value.

If true, the amountCents field is optional and can be null.

You can retrieve a list of accounts that the current user can create payment requests for with GET payment-requests/accounts.

GET https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests/accounts

You can generate a QR Code for a specific payment request using GET payment-requests/{id}/qr-codes, using the id(s) in the URL.

GET https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests/2f280203-fb0f-43db-ac3b-3211d3b98f22/qr-codes

You can retrieve an existing payment request by its UUID with GET Payment-requests/{id}, using the id(s) in the URL:

GET https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests/fe129503-4141-4f6e-967d-5bdb5b1fd630

You can delete a specific payment request using DELETE payment-requests/{id}, using the id(s) in the URL:

DELETE https://api-sandbox.rabobank.nl/openapi/sandbox/payments/payment-requests/fe129503-4141-4f6e-967d-5bdb5b1fd630

Response

GET Payment-requests

To view the GET parameters, read the endpoint description for GET /payment-requests.

{
  "currentDateTime": "2023-09-26T11:14:59.738Z",
  "paymentRequests": [
    {
      "paymentRequest": {
        "id": "fe129503-4141-4f6e-967d-5bdb5b1fd630",
        "created": "2018-09-17T15:43:51.459Z",
        "accountIban": "NL19RABO0123456790",
        "accountName": "The Requester",
        "currency": "EUR",
        "amountCents": 10000,
        "hasVariableAmount": false,
        "numPayers": 1,
        "description": "Can you please pay me for the present",
        "accountSegment": "BUSINESS",
        "clientReference": "TEST ref",
        "transactions": [
          {
            "id": "800b42aa-9a8d-4e5e-a955-bda223e1e80f",
            "tsPaid": "2018-09-17T15:43:51.459Z",
            "accountIban": "NL63RABO0000000000",
            "accountName": "The Payer",
            "amountCents": 10000,
            "chosenAmountCents": 10000
          }
        ],
        "expired": false
      },
      "paymentPageUrl": "https://fake.nl/fakebetaalverzoek/?id=_hKVA0FBT26WfVvbWx_WMA"
    }
  ]
}

The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific triggers values in the GET payment-requests parameters to receive the mentioned responses.

Trigger	HTTP status	Description
(default)	200	Happy flow for retrieving a list of payment requests
param limit = -2	404	No consent information specified
param limit = -1	500	Technical error

POST Payment-requests

To view the POST parameters, read the endpoint description for POST /payment-requests.

{
  "paymentPageUrl": "https://fake.nl/fakebetaalverzoek/?id=baVGVJPZRg2nNc8-WlLzSw",
  "assignedId": "fe129503-4141-4f6e-967d-5bdb5b1fd630"
}

The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific triggers values in the Post payment-request parameters to receive the mentioned responses.

Use NL19RABO0123456790 for your Sandbox testing.

Trigger	HTTP status	Description
(default)	201	Happy flow for initiating a payment request
invalid request (e.g. amount = 0)	400	Validation error
invalid X-IBM-Client-Id	401	Unauthorized
`field description` = INVALID-CONSENT	403	No consent given for the given IBAN
`field description` = TECHNICAL-ERROR	500	Technical error
for missing header - TPP-Signature-Certificate	403	CERTIFICATE_VALIDATION_ERROR
for missing header - signature, date, digest or x-request-id. or Invalid signature.	403	SIGNATURE_VALIDATION_ERRO

GET Payment-requests/accounts

To view the GET parameters, read the endpoint description for GET /payment-requests/accounts.

[
  {
    "iban": "NL19RABO0123456789",
    "currency": "EUR",
    "segment": "BUSINESS"
  }
]

The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific triggers values in the Get payment-requests parameters to receive the mentioned responses.

Trigger	HTTP sttus	Description
header x-scenario = TECHNICAL-ERROR	500	Technical error
header x-scenario = INVALID-CONSENT	404	No consent information specified
(default)	200	Happy flow for retrieving a list of accounts

GET`Payment-requests/id/qr-codes`

To view the GET parameters, read the endpoint description for GET /payment-requests/{id}/qr-codes.

The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific id(s) in the URL, example (GET /payments/payment-requests/{id}/qr-codes) to get the mentioned responses.

Trigger	HTTP Status	Description
(default)	204	Happy flow for generating a QR code
`param id` = 11111111-1111-1111-1111-111111111111	403	No consent given for the payment request IBAN
`param id` = 00000000-0000-0000-0000-000000000000	404	Payment request could not be found
`param id` = 22222222-2222-2222-2222-222222222222	500	Technical error

GET`Payment-requests/id`

To view the GET parameters, read the endpoint description for GET /payment-requests/{id}.

{
  "currentDateTime": "2022-03-01T08:51:19.196Z",
  "paymentRequestWithMetadata": {
    "paymentRequest": {
      "id": "fe129503-4141-4f6e-967d-5bdb5b1fd630",
      "created": "2018-09-17T15:43:51.459Z",
      "accountIban": "NL19RABO123456790",
      "accountName": "The Requester",
      "currency": "EUR",
      "amountCents": 10000,
      "hasVariableAmount": false,
      "numPayers": 1,
      "description": "Can you please pay me for the present",
      "accountSegment": "BUSINESS",
      "clientReference": "TEST ref",
      "transactions": [
        {
          "id": "800b42aa-9a8d-4e5e-a955-bda223e1e80f",
          "tsPaid": "2018-09-17T15:43:51.459Z",
          "accountIban": "NL00RABO0000000000",
          "accountName": "The Payer",
          "amountCents": 10000,
          "chosenAmountCents": 10000
        }
      ],
      "expired": false
    },
    "paymentPageUrl": "https://fake.nl/fakebetaalverzoek/?id=_hKVA0FBT26WfVvbWx_WMA"
  }
}

The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific triggers values in the GET payment-requests/{id} parameters to receive the mentioned responses.

Trigger	HTTP Status	Description
`param id` = fe129503-4141-4f6e-967d-5bdb5b1fd630	200	Happy flow for retrieving by ID
`param id` = 11	400	Bad Request, id should be of type UUID
`param id` = 11111111-1111-1111-1111-111111111111	403	No consent information specified
`param id` = 00000000-0000-0000-0000-000000000000	404	Payment Request Not found
`param id` = 22222222-2222-2222-2222-222222222222	500	Technical error

DELETE`Payment-requests/id`

To view the DELETE parameters, read the endpoint description for DELETE /payment-requests/{id}.

The following test scenarios are supported in Sandbox for this endpoint. Some scenarios, as mentioned below, require specific id(s) in the URL, example (GET/payments/payment-requests/{id}) to get the mentioned responses.

Trigger	HTTP Status	Description
(default)	204	Happy flow for deleting a payment request
`param id` = 11111111-1111-1111-1111-111111111111	403	No consent given for the payment request IBAN
`param id` = 00000000-0000-0000-0000-000000000000	404	Payment request to delete could not be found
`param id` = 22222222-2222-2222-2222-222222222222	500	Technical error