...
PSD2 APIs require both types of certificates, QWAC to access the API and QSeal for HTTP-signature, i.e. message signing.
Fiorano implementation of eIDAS certificates:
as As required by the PSD2 European Directive, Fiorano PSD2 APIs can be protected by Mutual TLS protocols based on eIDAS Certificates. This means that if you want to access one of our PSD2 APIs, you need to use an eIDAS TLS Client Certificate for your requests. If you don’t have such a certificate, you can download a mock eIDAS Certificate from our Developer Portal (Login, then go to Applications -> select Application -> Download QWAC Certificate). Our mock certificate nevertheless only allows access to Sandbox APIs. To access Production, you need to get your own PSD2 eIDAS Certificate from a Qualified Trust Service Provider.
...
Detailed documentation of the API with complete information about the parameters involved, sample requests and responses, and authentication mechanisms used can be viewed in the API Documentation section.
Click an Environment name (see the figure above) for API Documentation. If the REST APIs are protected, click the Authorize button to unlock the APIs.
Provide the Client ID which is the Consumer Key mentioned in the Fetching Consumer Key and Customer Secret section of the respective product and click Authorize.
...