bpost bank improves the API in order to add new functionalities.
This new API will be activated on December 9th 2020, and includes a breaking change in the way a consent is created (for both AIS and PIS).
The Berlin Group XS2A standard follows the OAuth2 standard. After a consent creation (with the header tppExplicitAuthorizationPreferred = false) or after a POST /authorization endpoint, there is an scaOauth property.
Currently, this property contains the authorisation URL.
In the new version of the API, this property will point to an OAuth2 .well-known file.
In order for you to familiarize with this breaking change, we refer to the documentation, and the updated version of the sandbox.
The advantage of this API change is improved reliabilty in the App-to-App workflow.