Obtain VRP consent from the PSU by creating a domestic-vrp-consents resource with the Open Banking VRP API; specify the ControlParameters including MaximumIndividualAmount, MaximumCumulativeAmount, ValidFromDateTime, and ValidToDateTime
Redirect the PSU to their ASPSP for SCA authentication of the consent; on success receive the ConsentId in the callback and persist it with the PSU's record
Originate individual VRP payments by posting to the domestic-vrps endpoint referencing the ConsentId; the payment amount must fall within the consent's ControlParameters
Handle payment status transitions by polling or webhooks: Pending → AcceptedSettlementInProcess → AcceptedCreditSettlementCompleted or Rejected
To revoke consent, call DELETE on the consent resource; also implement a UI allowing the PSU to revoke directly via the ASPSP's dashboard per Open Banking requirements
Known gotchas
VRP sweeping consent is currently limited to sweeping between accounts owned by the same PSU; using it for third-party payments (non-sweeping) requires a separate FCA authorization and is not universally supported
ControlParameters are hard constraints enforced by the ASPSP; if your payment request exceeds MaximumIndividualAmount, the ASPSP will reject it — validate client-side before submission
Not all UK ASPSPs have implemented VRP; check the Open Banking directory for ASPSP VRP support status before presenting VRP as a payment option to users
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp