Dynamic Client Registration

Overview

Dynamic Client Registration API is designed to register and manage client applications (APPS), prerequisite for using La Banque Postale's endpoints.

Functional details

This API largely follows the contract defined in RFC 7591(link is external).

Business Flow

Client applications managed via this API appear in the APPS section of La Banque Postale's developer portal (within 15 minutes).

Scope

    • Only one redirect_uri can be taken into account per APP. 

Technical details

Endpoints: https://api.labanquepostale.com/v1

Prerequisites

    • TPP and La Banque Postale have successfully processed a mutual check and authentication using an eIDAS QWAC Certificate.
    • Authorization Basic credentials is your developper portal username/password base 64 encoded.

Available operations 

    • Application creation: creates a new client application (client_id/client_secret) attached to your developer portal user account
    • Application retrieval: retrieves an existing Application with all its details
    • Application removal: deletes an existing Application

Examples 

    • Application creation

POST /register
Headers:

Content-Type: application/json
Authorization: Basic YXdobJusXVkLdG91cm5lc0AAFpbC5jb2

Body:

{
  "client_name": "Dynamic APP LBP",
  "contacts": ["api.support@labanquepostale.fr"],
  "redirect_uris": ["https://www.labanquepostale.com/"],
  "grant_types": ["authorization_code","client_credentials"],
  "provider_legal_id": "PSDFR-ACPR-XXXXX",
  "token_endpoint_auth_method": "tls_client_auth",
  "scope": "aisp pisp cbpii",
  "description": "Modèle de création APP LBP"
}

 

    • Application retrieval

GET /register/{client_id}

Headers:

Content-Type: application/json
Authorization: Basic YXdobJusXVkLdG91cm5lc0AAFpbC5jb2

 

    • Application removal

DELETE /register/{client_id}

Headers:

Content-Type: application/json
Authorization: Basic YXdobJusXVkLdG91cm5lc0AAFpbC5jb2