Two headers are required as part of the authentication process: the authorization header and the FI reference ID.

1. Authorization Header (Basic Auth)

The Konsentus APIs use Basic Auth, this document details how to authenticate to the APIs using this method.

The HTTP Authorization request header contains the credentials to authenticate a user agent with the Konsentus server. These credentials are provided as part of the onboarding process. If credentials are invalid or not sent the server will respond with a 401 (Unauthorized) status.


Authorization: <type> <credentials>
Field Description
type Authentication type - this must be set to Basic
credentials The Client ID and Client Secret combined with a colon and base64encoded (see example below).

Stub Authorization Data

Stub Authorization Header Values

Field Value Explanation
type Basic Always set to Basic
credentials YXBpLWNvbnN1bWVyLWlkOnBhc3N3b3Jk client-id:client-secret as abase64encoded string


Authorization: Basic YXBpLWNvbnN1bWVyLWlkOnBhc3N3b3Jk


MDN Basic Auth Documentation

2. FI Reference ID Header

This header is a reference to the ASPSP that is requesting the data. The data used to populate this field must be the reference number used to identify that financial institution within their home National Competent Authority (NCA).

This field must be used consistently, such that all requests for a specific financial institution utilise the same reference identifier. This consistency is important as it ensures the Konsentus system is able to correctly identify a financial institution’s data and is able to provide accurate reporting.

When providing fi_reference_id it is best to use the eIDAS authorisation number format. e.g. For an ASPSP in the UK regulated by the FCA with reference "111111", the eIDAS reference would be PSDGB‑FCA‑111111.


If you are consuming the Konsentus APIs as a financial institution directly, this value will be your own NCA reference. If you are consuming the Konsentus APIs on behalf of a financial institution, then this value should be provided to you by the institution.


fi_reference_id: <id>

Validation requirements

  • characters allowed: any
  • minimum length: 6
  • maximum length: 128
Field Description
fi_reference_id The local National Competent Authority (NCA) reference for the ASPSP making the request

Stub Authorization Data

Stub Authorization Header Values

Field Value Explanation
fi_reference_id PSDGB‑FCA‑111111 This must be sent consistently so that it is the same every time the APIs are being used for a particular ASPSP.


fi_reference_id: PSDGB-FCA-111111
Last Updated: 6/25/2020, 11:35:40 AM