Direct Registration

Registration steps for customers who are regulated as AISPs and/or PISPs

As a direct customer, you likely already have an AISP and/or PISP license with the FCA, from which point the following steps are required for you to connect to ASPSPs on the Yapily gateway.

Prerequisites

Depending on which regions you wish to be an AISP and/or PISP in, you will need to first complete the required prerequisites:

Uploading your certificates to the Yapily Dashboard

Once you have followed the required prerequisites for the regions you wish to be an AISP and/or PISP for and have created the required certificates, the next step is to upload the appropriate certificates to the Yapily Dashboard.

Once logged into the Yapily Dashboard, navigate to the My Certificates and select the option to Add Certificate. You will then be taken to the following page to upload your certificates:

Expand/Close Diagram
docs_yapily_cert_upload

You will need to go through this process twice; once for the transport certificate (OB WAC or QWAC) and once more for the signing certificate (OB SEAL or QSEAL). You will need to upload the appropriate .pem file and .key file for both certificate types you upload.

If you have followed the naming convention for the appropriate certificates you are attempting to upload (Naming your Open Banking Certificates or Naming your eIDAS Certificates), then it should be trivial to fill in the following fields:

  • Alias Name: Copy the file name without the extension
  • Certificate Key Id: This only applies to OB WAC and OB SEAL certificates types and the value to use comes after KID in the file name
  • Type of certificate: This is indicated by the first value in the file name

Institution Registration Process

Once you have followed the required prerequisites for the regions you wish to be an AISP and/or PISP for and have created the required certificates and have successfully uploaded the certificates to the Yapily Dashboard you are ready to register each Institution you wish to connect to.

First, select an Application with the desired one or more Institution you intend to register by selecting the My Applications option in the menu of the Dashboard. Next, select the Institution tab to view each Institution available in the Application. If you haven't already added the Institution to your application, scroll down to the bottom of the page and select the Add Institution option to choose the Institution and add it.Institution

At this point, you should have an Institution which has No Credentials present. Click on the note icon to begin the process to register the Institution

Specifying Certificates

On the first page, you will be required to add your signing and transport certificates which will either be your Open Banking certificates (OB WAC and OB SEAL) or your eIDAS certificates (QWAC and QSEAL). Depending on which type of certifcates you are uploading, the required information may slightly differ. See the examples below:

European example

In addition to the QWAC and QSEAL certificates, you should only have to specify the following:

  • Client Uri: Your application's main website
  • Terms of Service Uri: Your application's Terms of Service

Expand/Close Diagram docs_bpms_page1

GB example

In addition to the OB WAC and OB SEAL certificates, you should only have to specify the following:

  • Organisation Id: Obtained from the Open Banking Directory. See Organisation Details Overview to find this value
  • Software Statement Id: Obtained from the Open Banking Directory. See Create a Software Statement to find this value
  • Signing Key Id: The values after the KID in the file name for the OB SEAL file

Expand/Close Diagram docs_hsbc_page1

In any case, be sure to check the link to the documentation included for more information on any other additional fields.

After filling out the first page, click Next to complete the registration.

Manual Registration

Once on the second page, you will be prompted for a Key and Secret but the Register button will not be available. This indicates that the Institution has a manual process for obtaining the Key and Secret and you will have to follow the documented steps for the Institution to obtain these values by following the link included.

Expand/Close Diagram docs_bpms_page2

Once you have obtained these credentials and entered them into the relevant fields, you can click the Next button to save the completed registration.

Dynamic Client Registration

Once on the second page, you will be prompted for a Key and Secret and the Register button will be available. This indicates that the Institution supports DCR and that you will not need to go through a bespoke registration process for this Institution.

Expand/Close Diagram docs_hsbc_page2

To complete the registration, click the Register button and if successful, the Institution will return a Key and optionally a Secret. Once these credentials have been populated, you can click the Next button to save the completed registration.

Testing Registrations

In order to test that a registration for an Institution was successful, execute the appropriate authorisation for the Institution and verify that you are able to successfully redirect to the authorisationUrl (or in the case of an embedded Institution, verify that the request executes successfully).

For completeness, for redirect-based flows, you should attempt to log into the Institution using real valid credentials, however with the difficulty of sourcing accounts, successfully redirecting to the Institution log in page without errors is a generally a good indication.

Failed Registrations

If the registration fails when entering the credentials in the Dashboard as described in Institution Registration Process, then please raise a ticket with the Support Team with following information:

  • Application Id / Name
  • Institution Name
  • Time of Registration
  • A description of the error message / screenshot of the failure

If the registration in the Dashboard was successful but there were issues testing the registration, please raise a ticket with the Support Team with the following information:

  • Application Id / Name
  • Institution Name
  • Tracing Id
  • A description of the error message / screenshot of the failure