Section 5: Discovering Data Providers

Once you have obtained an access token via Client Credentials Grant, you can call the Providers endpoint to discover all Data Providers available in the PayNet ecosystem and their connection details.

Overview

The Providers endpoint returns a list of all Data Providers in the ecosystem, including their authorization server URLs, resource server URLs, and supported use cases. This information is essential for routing consent requests to the correct DP and understanding what data they can provide.

Prerequisites

Before calling the Providers endpoint, ensure you have:

Item	Where to Find	Notes
Access token	From Section 4: Obtaining Access Tokens via Client Credentials Grant	Token obtained via Client Credentials Grant with `accounts` scope
Transport certificate & key	From Section 1: Before You Begin - Prerequisites	Your mTLS transport certificate and key
Resource Server URL	From well-known endpoint response (or check with PayNet)	<TODO: Clarify if this is in well-known response or needs to be provided>

Calling the Providers Endpoint

Endpoint

GET {{RESOURCE_SERVER_URL}}/v1/providers

Transport Security

mTLS required - You must present your transport client certificate and key for mutual TLS authentication.

Headers

Authorization: Bearer {{ACCESS_TOKEN}}
x-fapi-interaction-id: 550e8400-e29b-41d4-a716-446655440000

Query Parameters (Optional)

Parameter	Type	Description
`page_size`	Integer	Number of records per request. Default depends on server implementation.
`next_page_params`	String	URL-encoded parameter string for pagination. Use when retrieving subsequent pages.

Example cURL Request

curl -X GET "{{RESOURCE_SERVER_URL}}/v1/providers?page_size=20" \
  --cert /path/to/transport-certificate.pem \
  --key /path/to/transport-key.pem \
  -H "Authorization: Bearer {{ACCESS_TOKEN}}" \
  -H "x-fapi-interaction-id: 550e8400-e29b-41d4-a716-446655440000"

Understanding the Response

200 - Success Response

The response contains an array of Provider objects and metadata.

Field	Type	Description
`data`	Object[]	Array of Provider objects (see below)
`meta`	Object	Meta object containing pagination information with `next_page_params` for cursor-based pagination

Provider Object

Each provider entry contains:

Field	Type	Description
`provider_id`	String	Unique identifier for the provider. Use this as the `dp_id` in future requests that relate to this provider.
`name`	String	Institution name (e.g., "PayBank Malaysia", "FinServe Bank")
`status`	String	Current status (e.g., "ACTIVE", "INACTIVE")
`provider_type`	String	Type of provider (e.g., "BANK", "FINTECH")
`authorization_server_url`	String	Base URL of the provider's Authorization Server (e.g., `https://{{PROVIDER_DOMAIN}}`)
`resource_server_url`	String	Base URL of the provider's Resource Server for accessing customer data
`supported_use_cases`	String[]	Array of supported consent purposes (e.g., "ACCOUNT_INFO", "TRANSACTIONS", "BALANCES")

Example Response

{
  "data": [
    {
      "provider_id": "5e5a3c8f-1234-5678-90ab-cdef12345678",
      "name": "PayBank Malaysia",
      "status": "ACTIVE",
      "provider_type": "BANK",
      "authorization_server_url": "https://{{PROVIDER_DOMAIN}}",
      "resource_server_url": "https://{{PROVIDER_RESOURCE_SERVER}}",
      "supported_use_cases": [
        "ACCOUNT_INFO",
        "TRANSACTIONS",
        "BALANCES"
      ]
    },
    {
      "provider_id": "9f8e7d6c-abcd-4321-87ef-fedcba987654",
      "name": "FinServe Bank",
      "status": "ACTIVE",
      "provider_type": "BANK",
      "authorization_server_url": "https://{{PROVIDER_DOMAIN}}",
      "resource_server_url": "https://{{PROVIDER_RESOURCE_SERVER}}",
      "supported_use_cases": [
        "ACCOUNT_INFO",
        "TRANSACTIONS"
      ]
    }
  ],
  "meta": {
    "next_page_params": "page_size=20&after=eyJjdXJzb3IiOiJsYXN0X2lkIn0="
  }
}

Discovering Provider-Specific Endpoints

For each Data Provider you plan to use, you need to discover their specific OAuth endpoints:

Take the authorization_server_url from the provider's entry
Append /.well-known/openid-configuration to it
Call this well-known endpoint to get the provider's specific auth and resource URLs

Example:

curl -X GET "https://{{PROVIDER_DOMAIN}}/.well-known/openid-configuration"

This returns the provider's own authorization endpoint, token endpoint, and other critical URLs that you'll use when creating consents with that specific provider.

Next Steps

You now have:

A list of available Data Providers
Their identifiers (provider_id)
Their authorization and resource server URLs
Their supported use cases (consent types)

Proceed to:

Section 6: Creating a Consent - Create a JAR and submit via PAR endpoint

Previous: Client Credentials Grant
Next: Creating Consents