Skip to main content

Service Provider Onboarding

The onboarding process for each service available on bLink varies depending on the applicant's legal status and role in the process. Service Provider are complex organizations with multiple systems. Therefore, they require closer assistance during the onboarding process and may be supported by an integrator through the testing and integration phases.

The onboarding process for a Service Provider consists of the following steps:

  1. The process starts with a SP registering for a specific service offered on bLink, such as OpenWealth. The SP is required to provide the directory information and all data necessary to check their conformity to the admission criteria.
  2. SIX contacts the Service Provider, sets up a negotiation and drives the establishment of a subsequent contract.
  3. Once the contract has been signed, the SP may be assigned to a SIX integrator and connected to the SIX test environment.
  4. Prior to a production release, the interested parties must successfully complete a series of acceptance tests. The acceptance tests allow SIX to check if the implementation on the SP side fulfills the specified requirements and whether the integration with SIX is working appropriately. The interested parties must present evidence confirming that the acceptance tests were successfully executed.
  5. Service Providers must be capable of receiving, processing, and responding to all service calls specified and implemented by SIX. All formats (e.g. JSON, XML) have to be supported by the Service Provider.
  6. SIX provides a testing environment for the integration tests. Interested parties must provide information about certificates, host addresses and endpoints to connect to the test environment. The subsections below list the details on information that interested parties must provide.

The following sections present the required information, which comprises of general information (e.g., company name, marketing description, contact information) and technical information (e.g., authentication, base urls, IP addresses).

General Information

Company InformationDetails
IID

Primary IID of the Service Provider (used as identification)

Service Provider ID Test Environment

Unique identification of the SP's test environment assigned by SIX

Service Provider ID Prod Environment

Unique identification of the SP's production environment assigned by SIX

Company NameCompany name of the Service Provider
Company URLWebsite URL of the Service Provider
Short Description CompanyShort description of the company
Marketing Description Company

Marketing description of no more than five bullet points describing the company's claim

Product NameName of the product
Product Info URLWebsite URL of the product
Short Description ProductShort description of the product
Marketing Description Product

Marketing description of no more than five bullet points describing the product

Business ContactEmail address and optional phone number for business inquiries
Technical ContactEmail address and optional phone number for technical inquiries
Support ContactEmail address and optional phone number for support inquiries
Company LogoSVG image of company logo. Maximum allowed size: 3 MB
Icon

SVG image of company or product icon. Maximum allowed size: 3 MB

Use cases supported by the SPList of use cases that the SP supports
Consent FlowsType of consent flow supported with corresponding authorization URL of authorization server

API information for each use case

Details
API URL Account Information Service (AIS v3)Specific endpoint for this specific API (following base path)
API URL Payment Submission Service (PSS v3)Specific endpoint for this specific API (following base path)
API URL OpenWealth Custody Services (v2)Specific endpoint for this specific API (following base path)
API URL OpenWealth Customer Management (v1)Specific endpoint for this specific API (following base path)
API URL OpenWealth Order Placement (v2)Specific endpoint for this specific API (following base path)

Connectivity information for the SIX test environment

SIX's source IP addresses

SIX's source IP addresses for connecting to SP are identical for test and production environments. These IPs are presented in the table below.

InternetP2P / Leased LineSSFNData Center
SIX's Source IP addresses153.46.244.84153.46.225.34153.46.41.185ZH
193.247.180.4153.46.229.34153.46.169.185LP

Authentication

Certificate authentication is used for connections from SIX to SP. The following table shows the required certificates that must be used for authentication in the test environment.

Certificate IssuerO=SwissSign AG, CN= SwissSign Gold CA - G2
Certificate DN

CN = SwissSign RSA TLS OV ICA 2021 - 1, O = SwissSign AG, C = CH

CertificateSupplied in PEM or CRT format

Information about the SIX test environment

SIX has to provide SP with the information listed in the following table regarding the test environment.

Test Environment - SIXInternetP2P / Leased LineSSFN
Host Nameapi-qa.np.six-group.comapi-qa.np.p2p.six-group.comapi-qa.np.six.ssfn.ch

API Base URLs
ServiceBase URL for Consent 2.0Base URL for Consent 2.0 with CaaS
Consent - V2/api/bankingservices/xe/b-link-consent-2/consent-flow/v2/api/bankingservices/xe/b-link/consent-flow/v2
Platform - V2/api/bankingservices/xe/b-link-consent-2/platform/v2/api/bankingservices/xe/b-link/platform/v2
Account Information Service - V3

/api/bankingservices/xe/b-link-consent-2/account-information-service/v3

/api/bankingservices/xe/b-link/account-information-service/v3

Payments Submission Service - V3

/api/bankingservices/xe/b-link-consent-2/payments-submission-service/v3

/api/bankingservices/xe/b-link/payments-submission-service/v3

Custody Services - V2

/api/bankingservices/xe/b-link-consent-2/custody-services/v2

/api/bankingservices/xe/b-link/custody-services/v2
Customer Management - V1

/api/bankingservices/xe/b-link-consent-2/customer-management/v1

/api/bankingservices/xe/b-link/customer-management/v1
Order Placement - V2/api/bankingservices/xe/b-link-consent-2/order-placement/v2/api/bankingservices/xe/b-link/order-placement/v2

Connectivity information for the SP test environment

Authentication

Certificate authentication is also used for connections from SP to SIX. The following table shows the required certificates that must be used for the authentication process in the test environment.

Certificate Issuer

CN of issuer / type of certificate authority used for test environment

Certificates (CA and client cert)Certificates to be supplied in PEM or CRT format
Certificate

Check the requirements on the TLS/Certificates page in the Security section

Information about the SP test environment

SP have to provide SIX with the information listed in the following table regarding the test environment. Please only fill the relevant column based on the network used (Internet, P2P / Leased Line, or SSFN).

Test Environment 1 - SP
ServiceExampleInternetP2P / Leased LineSSFN
Target IP-Adress(es) SPxxx.xxx.xxx.xxx
Target Host name SPapi-test.example.com
API base path/api/example/api
Auth Server URLhttps://api.example.com/oauth/authorize
Token URLhttps://api.example.com/oauth/token
UsernameValidation URLhttps://api.example.com/oauth/username
Token Revocation URLhttps://api.example.com/oauth/revoke
Test Environment 2 - SP
ServiceExampleInternetP2P / Leased LineSSFN
Target IP-Adress(es) SPxxx.xxx.xxx.xxx
Target Host name SPapi-test.example.com
API base path/api/example/api
Auth Server URLhttps://api.example.com/oauth/authorize
Token URLhttps://api.example.com/oauth/token
UsernameValidation URLhttps://api.example.com/oauth/username
Token Revocation URLhttps://api.example.com/oauth/revoke

Connectivity information for the SIX production environment

SIX's source IP addresses

SIX's source IP addresses for connecting to SP are identical for test and production environments. These IPs are presented in the table below.

InternetP2P / Leased LineSSFNData Center
SIX's Source IP Addresses153.46.244.84153.46.225.34153.46.41.185ZH
193.247.180.4153.46.229.34153.46.169.185LP

Authentication

Certificate authentication is used for connections from SIX to SP. The following table shows the required certificates that must be used for authentication in the production environment.

Certificate IssuerO=SwissSign AG, CN= SwissSign Gold CA - G2
Certificate DN

CN = SwissSign RSA TLS OV ICA 2021 - 1, O = SwissSign AG, C = CH

CertificateSupplied in PEM and CRT format

Information about the SIX production environment

SIX has to provide SP with the information listed in the following table regarding the test environment.

Production EnvironmentInternetP2P / Leased LineSSFN
Host Nameapi-cert.six-group.comapi-cert.p2p.six-group.comapi.six.ssfn.ch

API Base URLs
ServiceBase URL for Consent 2.0Base URL for Consent 2.0 with CaaS
Consent - V2/api/bankingservices/b-link-consent-2/consent-flow/v2/api/bankingservices/b-link/consent-flow/v2
Platform - V2/api/bankingservices/b-link-consent-2/platform/v2/api/bankingservices/b-link/platform/v2
Account Information Service - V3

/api/bankingservices/b-link-consent-2/account-information-service/v3

/api/bankingservices/b-link/account-information-service/v3
Payments Submission Service - V3

/api/bankingservices/b-link-consent-2/payments-submission-service/v3

/api/bankingservices/b-link/payments-submission-service/v3
Custody Services - V2/api/bankingservices/b-link-consent-2/custody-services/v2/api/bankingservices/b-link/custody-services/v2
Customer Management - V1/api/bankingservices/b-link-consent-2/customer-management/v1/api/bankingservices/b-link/customer-management/v1
Order Placement - V2/api/bankingservices/b-link-consent-2/order-placement/v2/api/bankingservices/b-link/order-placement/v2

Connectivity information for the production environment required from SP to SIX

Authentication

Certificate authentication is also used for connections from SP to SIX. The following table shows the required certificates that must be used for the authentication process in the production environment.

Certificate Issuer

CN of issuer / type of certificate authority used for test environment

Certificates (CA and client cert)Certificates to be supplied in PEM or CRT format
Certificate

Check the requirements on the TLS/Certificates page in the Security section

Information about the SP production environment

SP have to provide SIX with the information listed in the following table regarding the production environment. Please only fill the relevant column based on the network used (Internet, P2P / Leased Line, or SSFN).

Production Environment - SP
ServiceExampleInternetP2P / Leased LineSSFN
Target IP-Adress(es) SPxxx.xxx.xxx.xxx
Target Host name SPapi-test.example.com
API base path/api/example/api
Auth Server URLhttps://api.example.com/oauth/authorize
Token URLhttps://api.example.com/oauth/token
UsernameValidation URLhttps://api.example.com/oauth/username
Token Revocation URLhttps://api.example.com/oauth/revoke