SCA for transaction history

Learn how to use our Authentication SDK to authenticate your users when they request their transaction history.

Each time a user in the European Economic Area (EEA) wants to check their transaction history, you must authenticate them using SCA. This process ensures that sensitive financial data is only accessible to authorized users, fulfilling PSD2 regulatory requirements for secure data retrieval.

Use the Authentication SDK to integrate this verification flow directly into your transaction history request.

Requirements

Before you begin, take into account the following requirements, limitations, and preparations.

Requirement	Description
Integration type	This feature is supported with an Adyen for Platforms or a Classic integration.
API credentials	You must have an API key (recommended) or basic authentication username and password to access this API. Ensure that you have asked your Adyen contact to assign the following role to your API credential: TransferService Webservice Retrieve role
Setup steps	Before you begin: Make sure that you have installed the Authentication SDK. Make sure that you have registered a device for your user.

How it works

To retrieve transaction history, verify device eligibility, trigger a secure challenge via the SDK, and retrieve the data, perform the following:

Check SCA eligibility
Initiate a request for your user's transaction history using the sdkOutput that you got when you checked the device for SCA eligibility.
Authenticate your user with the Authentication SDK.
Get the transaction history using the sdkOutput from the authentication step.

Check SCA eligibility

Before requesting the transaction history, you must check for SCA eligibility and initiate the process to authenticate your users.

The following tabs explain how to check for SCA eligibility and initiate authentication using Kotlin, Swift, or JavaScript.

You will use the sdkOutput when initiating a request for transaction history.

Initiate a request for the transaction history

To request the transaction history for the specified balance account:

Make a GET /transactions request, specifying the following parameter in the header:

Request header	Description
`WWW-Authenticate`	`SCA realm`: Transaction. `auth-param1`: Base64-encoded value of sdkOutput you get when you initiate authentication..

Provide the following query parameters:

Parameter	Required	Description
balanceAccountId		Unique identifier of the balance account to get the transaction history for.
createdSince		Only include transactions that have been created on or after this point in time. The value must be in ISO 8601 format. For example, 2022-05-30T15:07:40Z.
createdUntil		Only include transactions that have been created on or before this point in time. The value must be in ISO 8601 format. For example, 2022-05-31T15:07:40Z.

In the response, note the following field in the header:
- auth-param1: Base64-encoded blob of data.
You will need auth-param1 when authenticating your user using the SDK.
Pass auth-param1 to the SDK as sdkInput.

Authenticate your user

After initiating the request, you have 10 minutes to complete the authentication process and finalize the request.

To authenticate your user with the Authentication SDK:

Trigger the SDK and pass the auth-param1 value from the previous step as sdkInput.
Pass sdkOutput to your server.

Get the transaction history

To finalize the request to get the transaction history:

Make a GET /transactions request, specifying the following parameter in the request header.

Request header Description

WWW-Authenticate SCA realm: Transaction.
auth-param1: Base64-encoded value of sdkOutput you get when you initiate authentication.
Use the content of the data array to present the transaction information to your user.