Getting Started
- Our Solution
- Registration
- Email confirmation and Sign in
- Onboarding
- Onboarding with eIDAS certificate
- Onboarding with eIDAS test certificate
- Have a look at our API catalog
- Need support?
Our solution
Ready to get started? Here is a step-by-step guide to walk you through UniCredit APIs integration.
API Standards
This section contains all the information related to the banks that adhere to the Berlin Group NextGenPSD2 Technical Specification. This can be retrieved following the link https://www.berlin-group.org/nextgenpsd2-downloads.
List of Banks
| Country | Bank |
| Italy |
UniCredit SpA |
| Italy | buddy |
| Austria |
Bank Austria |
| Germany | UniCredit Bank GmbH ("HypoVereinsbank") |
| Croatia |
Zagrebačka banka d.d. |
| Hungary |
UniCredit Bank Hungary Zrt. |
| Romania |
UniCredit Bank Romania |
| Slovenia |
UniCredit Bank Slovenia |
| Bulgaria |
UniCredit Bulbank |
| Czech Republic |
UniCredit Bank Czech Republic and Slovakia, a.s |
| Slovakia |
UniCredit Bank Czech Republic and Slovakia, a.s |
TPP Authentication
A TPP can interact with UniCredit APIs by presenting a valid QWAC (Qualified Web Authentication Certificate) certificate, according to the eIDAS Regulation. It will allow AISPs, PISPs and CISPs to communicate securely with and identify themselves towards the UniCredit Banks.
One Solution for multiple Legal Entities
One solution covering multiple Legal Entities of UniCredit Group: we made it easy for you to connect to all our Legal Entities in a uniform manner by using specific parameters for one global URL structure which are fully described in our documentation.
SCA (Strong Customer Authentication) Methods
The guidelines and framework released by the Berlin Group present the SCA methods supported by each bank of the group:
- Redirect - Uses the predefined redirect address in the authentication which redirect the user to the web site where the SCA is performed between the PSU and the Bank of UniCredit Group.
- Decoupled - Similar to redirect, with the difference that it's the UniCredit Bank asking the PSU to authenticate itself through the mobile app.
- Embedded - The SCA of the PSU is executed entirely as part of the transaction at the XS2A interface.
The table below displays at a glance the SCA methods supported by each Bank of the UniCredit Group:
| Country | Bank | SCA Method |
| Italy |
UniCredit SpA |
REDIRECT |
| Italy | buddy | DECOUPLED |
| Austria |
Bank Austria |
REDIRECT |
| Germany | UniCredit Bank GmbH ("HypoVereinsbank") | REDIRECT, EMBEDDED (online banking) REDIRECT (UC eBanking Global) |
| Croatia |
Zagrebačka banka d.d. |
REDIRECT |
| Hungary |
UniCredit Bank Hungary Zrt. |
REDIRECT |
| Romania |
UniCredit Bank Romania |
REDIRECT |
| Slovenia |
UniCredit Bank Slovenia |
REDIRECT |
| Bulgaria |
UniCredit Bulbank |
REDIRECT |
| Czech Republic |
UniCredit Bank Czech Republic and Slovakia, a.s |
REDIRECT |
| Slovakia |
UniCredit Bank Czech Republic and Slovakia, a.s |
REDIRECT |
note: Bank Austria DECOUPLED Approach returns a deeplink between the '<' and '>' symbols. On Sandbox APIs the deeplink shall be opened via e.g. Browser. On Real the deeplink shall be used to open the App.
Registration
To get started, a TPP has to register.
1. Click the "Registration" button on the homepage:
2. Complete the registration form, providing company name, email address and password:
At the conclusion of the registration process a message is displayed inviting the developer to access to their mailbox.
Email confirmation and Sign in
1. An email is sent to the specified address for the account activation:
2. Once the email activation process has been completed the profile is active the TPP can login to the Developer Portal with its credentials.
3. Click on "Sign In"
Onboarding
After the first login the TPP will be able to read and access only the TPP Onboarding APIs (with the associated documentation). The TPP will see two different catalogs: TPP Onboarding with eIDAS certificate and TPP Onboarding with eIDAS test certificate. The TPP shall use TPP Onboarding with eIDAS certificate API for a signature process with their eIDAS certificate, otherwise use the TPP Onboarding with eIDAS test certificate API for a signature process with their eIDAS test certificate.
Onboarding with eIDAS certificate
Clicking on "APIS Catalog" the TPP can access the TPP Onboarding APIs documentation:
Onboarding with eIDAS test certificate
The Onboarding is also available for the TPPs with an eIDAS test certificate considered trustable by UniCredit. To consider a test certificate trustable, UniCredit must be able to trust the entire test certificate chain (ROOT, Intermediate) of the CA that signed the eIDAS test certificate used for onboarding.
For this purpose, UniCredit allows to upload the test certificate chain file in the support page form for the registered TPPs, selecting the "Upload test certificate chain" in problem categorization field.
Upon successful completion of the TPP onboarding process, TPPs can access the Developer Portal and see the documentation and APIs (according to their roles & country passporting rights). A notification email is sent to the TPP, confirming the account activation.
Have a look at our API catalog
Our available APIs are displayed in the API Catalog page.
Need support?
Are you running into challenges or problems? Contact us through our Contact Us page.