@mojaloop/api-snippets 18.3.2 → 18.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (213) hide show
  1. package/CHANGELOG.md +13 -0
  2. package/audit-ci.jsonc +5 -1
  3. package/docs/fspiop-rest-v2.0-ISO20022-openapi3-snippets.yaml +0 -2
  4. package/docs/sdk-scheme-adapter-outbound-v2_1_0-openapi3-snippets.yaml +1 -1
  5. package/docs/thirdparty-admin-v2.0-openapi3-snippets.yaml +3705 -0
  6. package/docs/thirdparty-v1.0-openapi3-snippets.yaml +3802 -0
  7. package/docs/thirdparty-v2.0-openapi3-snippets.yaml +1825 -0
  8. package/eslint.config.mjs +70 -0
  9. package/fspiop/v2_0_ISO20022/openapi3/components/schemas/FinancialInstitutionIdentification18.yaml +0 -1
  10. package/fspiop/v2_0_ISO20022/openapi3/components/schemas/FinancialInstitutionIdentification23.yaml +0 -1
  11. package/lib/fspiop/v2_0/index.js +0 -1
  12. package/lib/fspiop/v2_0/index.js.map +1 -1
  13. package/lib/fspiop/v2_0_ISO20022/index.js +0 -1
  14. package/lib/fspiop/v2_0_ISO20022/index.js.map +1 -1
  15. package/lib/fspiop/v2_0_ISO20022/json-schemas.json +0 -71
  16. package/lib/fspiop/v2_0_ISO20022/schemas.d.ts +0 -140
  17. package/lib/index.js +0 -1
  18. package/lib/index.js.map +1 -1
  19. package/lib/sdk-scheme-adapter/v2_0_0/backend/index.js +0 -1
  20. package/lib/sdk-scheme-adapter/v2_0_0/backend/index.js.map +1 -1
  21. package/lib/sdk-scheme-adapter/v2_0_0/outbound/index.js +0 -1
  22. package/lib/sdk-scheme-adapter/v2_0_0/outbound/index.js.map +1 -1
  23. package/lib/sdk-scheme-adapter/v2_1_0/backend/index.js +0 -1
  24. package/lib/sdk-scheme-adapter/v2_1_0/backend/index.js.map +1 -1
  25. package/lib/sdk-scheme-adapter/v2_1_0/outbound/index.js +0 -1
  26. package/lib/sdk-scheme-adapter/v2_1_0/outbound/index.js.map +1 -1
  27. package/lib/sdk-scheme-adapter/v2_1_0/outbound/json-schemas.json +1 -1
  28. package/lib/sdk-scheme-adapter/v2_1_0/outbound/schemas.d.ts +1 -1
  29. package/lib/thirdparty/v2_0/openapi.d.ts +1726 -0
  30. package/lib/thirdparty/v2_0/openapi.js +7 -0
  31. package/lib/thirdparty/v2_0/openapi.js.map +1 -0
  32. package/package.json +48 -45
  33. package/sdk-scheme-adapter/v2_1_0/components/schemas/transferRequest.yaml +1 -1
  34. package/test/dto/{thirdparty.test.ts → thirdparty_v1_0.test.ts} +1 -1
  35. package/thirdparty/v1_0/openapi3/thirdparty-dfsp-api.yaml +68 -61
  36. package/thirdparty/v1_0/openapi3/thirdparty-pisp-api.yaml +82 -75
  37. package/thirdparty/v2_0/openapi3/components/headers/Content-Length.yaml +1 -0
  38. package/thirdparty/v2_0/openapi3/components/headers/Content-Type.yaml +1 -0
  39. package/thirdparty/v2_0/openapi3/components/parameters/Accept.yaml +1 -0
  40. package/thirdparty/v2_0/openapi3/components/parameters/Content-Length.yaml +1 -0
  41. package/thirdparty/v2_0/openapi3/components/parameters/Content-Type.yaml +1 -0
  42. package/thirdparty/v2_0/openapi3/components/parameters/Date.yaml +1 -0
  43. package/thirdparty/v2_0/openapi3/components/parameters/FSPIOP-Destination.yaml +1 -0
  44. package/thirdparty/v2_0/openapi3/components/parameters/FSPIOP-Encryption.yaml +1 -0
  45. package/thirdparty/v2_0/openapi3/components/parameters/FSPIOP-HTTP-Method.yaml +1 -0
  46. package/thirdparty/v2_0/openapi3/components/parameters/FSPIOP-Signature.yaml +1 -0
  47. package/thirdparty/v2_0/openapi3/components/parameters/FSPIOP-Source.yaml +1 -0
  48. package/thirdparty/v2_0/openapi3/components/parameters/FSPIOP-URI.yaml +1 -0
  49. package/thirdparty/v2_0/openapi3/components/parameters/ID.yaml +1 -0
  50. package/thirdparty/v2_0/openapi3/components/parameters/ServiceType.yaml +6 -0
  51. package/thirdparty/v2_0/openapi3/components/parameters/SubId.yaml +1 -0
  52. package/thirdparty/v2_0/openapi3/components/parameters/Type.yaml +1 -0
  53. package/thirdparty/v2_0/openapi3/components/parameters/X-Forwarded-For.yaml +1 -0
  54. package/thirdparty/v2_0/openapi3/components/responses/200.yaml +1 -0
  55. package/thirdparty/v2_0/openapi3/components/responses/202.yaml +1 -0
  56. package/thirdparty/v2_0/openapi3/components/responses/400.yaml +1 -0
  57. package/thirdparty/v2_0/openapi3/components/responses/401.yaml +1 -0
  58. package/thirdparty/v2_0/openapi3/components/responses/403.yaml +1 -0
  59. package/thirdparty/v2_0/openapi3/components/responses/404.yaml +1 -0
  60. package/thirdparty/v2_0/openapi3/components/responses/405.yaml +1 -0
  61. package/thirdparty/v2_0/openapi3/components/responses/406.yaml +1 -0
  62. package/thirdparty/v2_0/openapi3/components/responses/501.yaml +1 -0
  63. package/thirdparty/v2_0/openapi3/components/responses/503.yaml +1 -0
  64. package/thirdparty/v2_0/openapi3/components/schemas/Account.yaml +17 -0
  65. package/thirdparty/v2_0/openapi3/components/schemas/AccountAddress.yaml +25 -0
  66. package/thirdparty/v2_0/openapi3/components/schemas/AccountList.yaml +11 -0
  67. package/thirdparty/v2_0/openapi3/components/schemas/Amount.yaml +1 -0
  68. package/thirdparty/v2_0/openapi3/components/schemas/AmountType.yaml +1 -0
  69. package/thirdparty/v2_0/openapi3/components/schemas/AuthenticationResponse.yaml +10 -0
  70. package/thirdparty/v2_0/openapi3/components/schemas/AuthenticatorAssertionResponse.yaml +32 -0
  71. package/thirdparty/v2_0/openapi3/components/schemas/AuthenticatorAttestationResponse.yaml +23 -0
  72. package/thirdparty/v2_0/openapi3/components/schemas/AuthorizationResponseType.yaml +8 -0
  73. package/thirdparty/v2_0/openapi3/components/schemas/AuthorizationResponseTypeAccepted.yaml +6 -0
  74. package/thirdparty/v2_0/openapi3/components/schemas/AuthorizationResponseTypeRejected.yaml +6 -0
  75. package/thirdparty/v2_0/openapi3/components/schemas/BinaryString.yaml +1 -0
  76. package/thirdparty/v2_0/openapi3/components/schemas/ConsentRequestChannelType.yaml +9 -0
  77. package/thirdparty/v2_0/openapi3/components/schemas/ConsentRequestChannelTypeOTP.yaml +6 -0
  78. package/thirdparty/v2_0/openapi3/components/schemas/ConsentRequestChannelTypeWeb.yaml +6 -0
  79. package/thirdparty/v2_0/openapi3/components/schemas/ConsentRequestsIDPatchRequest.yaml +16 -0
  80. package/thirdparty/v2_0/openapi3/components/schemas/ConsentRequestsIDPutResponseOTP.yaml +30 -0
  81. package/thirdparty/v2_0/openapi3/components/schemas/ConsentRequestsIDPutResponseWeb.yaml +39 -0
  82. package/thirdparty/v2_0/openapi3/components/schemas/ConsentRequestsPostRequest.yaml +44 -0
  83. package/thirdparty/v2_0/openapi3/components/schemas/ConsentStatus.yaml +9 -0
  84. package/thirdparty/v2_0/openapi3/components/schemas/ConsentStatusIssued.yaml +7 -0
  85. package/thirdparty/v2_0/openapi3/components/schemas/ConsentStatusRevoked.yaml +7 -0
  86. package/thirdparty/v2_0/openapi3/components/schemas/ConsentsIDPatchResponseRevoked.yaml +17 -0
  87. package/thirdparty/v2_0/openapi3/components/schemas/ConsentsIDPatchResponseVerified.yaml +19 -0
  88. package/thirdparty/v2_0/openapi3/components/schemas/ConsentsIDPutResponseSigned.yaml +23 -0
  89. package/thirdparty/v2_0/openapi3/components/schemas/ConsentsIDPutResponseVerified.yaml +23 -0
  90. package/thirdparty/v2_0/openapi3/components/schemas/ConsentsPostRequestAUTH.yaml +33 -0
  91. package/thirdparty/v2_0/openapi3/components/schemas/ConsentsPostRequestPISP.yaml +32 -0
  92. package/thirdparty/v2_0/openapi3/components/schemas/CorrelationId.yaml +1 -0
  93. package/thirdparty/v2_0/openapi3/components/schemas/CredentialStatusPending.yaml +7 -0
  94. package/thirdparty/v2_0/openapi3/components/schemas/CredentialStatusVerified.yaml +7 -0
  95. package/thirdparty/v2_0/openapi3/components/schemas/CredentialType.yaml +11 -0
  96. package/thirdparty/v2_0/openapi3/components/schemas/Currency.yaml +1 -0
  97. package/thirdparty/v2_0/openapi3/components/schemas/DateOfBirth.yaml +1 -0
  98. package/thirdparty/v2_0/openapi3/components/schemas/DateTime.yaml +1 -0
  99. package/thirdparty/v2_0/openapi3/components/schemas/ErrorCode.yaml +1 -0
  100. package/thirdparty/v2_0/openapi3/components/schemas/ErrorDescription.yaml +1 -0
  101. package/thirdparty/v2_0/openapi3/components/schemas/ErrorInformation.yaml +1 -0
  102. package/thirdparty/v2_0/openapi3/components/schemas/Extension.yaml +1 -0
  103. package/thirdparty/v2_0/openapi3/components/schemas/ExtensionKey.yaml +1 -0
  104. package/thirdparty/v2_0/openapi3/components/schemas/ExtensionList.yaml +1 -0
  105. package/thirdparty/v2_0/openapi3/components/schemas/ExtensionValue.yaml +1 -0
  106. package/thirdparty/v2_0/openapi3/components/schemas/FIDOPublicKeyCredentialAssertion.yaml +71 -0
  107. package/thirdparty/v2_0/openapi3/components/schemas/FIDOPublicKeyCredentialAttestation.yaml +54 -0
  108. package/thirdparty/v2_0/openapi3/components/schemas/FirstName.yaml +1 -0
  109. package/thirdparty/v2_0/openapi3/components/schemas/FspId.yaml +1 -0
  110. package/thirdparty/v2_0/openapi3/components/schemas/GenericCredential.yaml +13 -0
  111. package/thirdparty/v2_0/openapi3/components/schemas/GeoCode.yaml +1 -0
  112. package/thirdparty/v2_0/openapi3/components/schemas/IlpCondition.yaml +1 -0
  113. package/thirdparty/v2_0/openapi3/components/schemas/IlpFulfilment.yaml +1 -0
  114. package/thirdparty/v2_0/openapi3/components/schemas/IlpPacket.yaml +1 -0
  115. package/thirdparty/v2_0/openapi3/components/schemas/Integer.yaml +1 -0
  116. package/thirdparty/v2_0/openapi3/components/schemas/LastName.yaml +1 -0
  117. package/thirdparty/v2_0/openapi3/components/schemas/Latitude.yaml +1 -0
  118. package/thirdparty/v2_0/openapi3/components/schemas/Longitude.yaml +1 -0
  119. package/thirdparty/v2_0/openapi3/components/schemas/MerchantClassificationCode.yaml +1 -0
  120. package/thirdparty/v2_0/openapi3/components/schemas/MiddleName.yaml +1 -0
  121. package/thirdparty/v2_0/openapi3/components/schemas/Money.yaml +1 -0
  122. package/thirdparty/v2_0/openapi3/components/schemas/Name.yaml +2 -0
  123. package/thirdparty/v2_0/openapi3/components/schemas/Note.yaml +1 -0
  124. package/thirdparty/v2_0/openapi3/components/schemas/ParticipantsIDPutResponse.yaml +17 -0
  125. package/thirdparty/v2_0/openapi3/components/schemas/ParticipantsPostRequest.yaml +20 -0
  126. package/thirdparty/v2_0/openapi3/components/schemas/ParticipantsTypeIDPutResponse.yaml +8 -0
  127. package/thirdparty/v2_0/openapi3/components/schemas/ParticipantsTypeIDSubIDPostRequest.yaml +15 -0
  128. package/thirdparty/v2_0/openapi3/components/schemas/PartiesTypeIDPutResponse.yaml +13 -0
  129. package/thirdparty/v2_0/openapi3/components/schemas/Party.yaml +15 -0
  130. package/thirdparty/v2_0/openapi3/components/schemas/PartyComplexName.yaml +1 -0
  131. package/thirdparty/v2_0/openapi3/components/schemas/PartyIdInfo.yaml +17 -0
  132. package/thirdparty/v2_0/openapi3/components/schemas/PartyIdInfoTPLink.yaml +17 -0
  133. package/thirdparty/v2_0/openapi3/components/schemas/PartyIdType.yaml +58 -0
  134. package/thirdparty/v2_0/openapi3/components/schemas/PartyIdTypeTPLink.yaml +7 -0
  135. package/thirdparty/v2_0/openapi3/components/schemas/PartyIdentifier.yaml +1 -0
  136. package/thirdparty/v2_0/openapi3/components/schemas/PartyName.yaml +1 -0
  137. package/thirdparty/v2_0/openapi3/components/schemas/PartyPersonalInfo.yaml +1 -0
  138. package/thirdparty/v2_0/openapi3/components/schemas/PartyResult.yaml +10 -0
  139. package/thirdparty/v2_0/openapi3/components/schemas/PartySubIdOrType.yaml +1 -0
  140. package/thirdparty/v2_0/openapi3/components/schemas/PartyTPLink.yaml +14 -0
  141. package/thirdparty/v2_0/openapi3/components/schemas/QuotesIDPutResponse.yaml +1 -0
  142. package/thirdparty/v2_0/openapi3/components/schemas/QuotesPostRequest.yaml +79 -0
  143. package/thirdparty/v2_0/openapi3/components/schemas/Scope.yaml +20 -0
  144. package/thirdparty/v2_0/openapi3/components/schemas/ScopeAction.yaml +14 -0
  145. package/thirdparty/v2_0/openapi3/components/schemas/ServiceType.yaml +15 -0
  146. package/thirdparty/v2_0/openapi3/components/schemas/ServicesServiceTypePutResponse.yaml +26 -0
  147. package/thirdparty/v2_0/openapi3/components/schemas/SignedCredential.yaml +23 -0
  148. package/thirdparty/v2_0/openapi3/components/schemas/SignedPayloadFIDO.yaml +11 -0
  149. package/thirdparty/v2_0/openapi3/components/schemas/SignedPayloadGeneric.yaml +11 -0
  150. package/thirdparty/v2_0/openapi3/components/schemas/SignedPayloadType.yaml +9 -0
  151. package/thirdparty/v2_0/openapi3/components/schemas/SignedPayloadTypeFIDO.yaml +5 -0
  152. package/thirdparty/v2_0/openapi3/components/schemas/SignedPayloadTypeGeneric.yaml +5 -0
  153. package/thirdparty/v2_0/openapi3/components/schemas/Transaction.yaml +43 -0
  154. package/thirdparty/v2_0/openapi3/components/schemas/TransactionRequestState.yaml +1 -0
  155. package/thirdparty/v2_0/openapi3/components/schemas/TransactionState.yaml +1 -0
  156. package/thirdparty/v2_0/openapi3/components/schemas/TransactionType.yaml +1 -0
  157. package/thirdparty/v2_0/openapi3/components/schemas/TransfersPostRequestFIDO.yaml +15 -0
  158. package/thirdparty/v2_0/openapi3/components/schemas/TransfersPostRequestGeneric.yaml +15 -0
  159. package/thirdparty/v2_0/openapi3/components/schemas/Uri.yaml +8 -0
  160. package/thirdparty/v2_0/openapi3/components/schemas/VerifiedCredential.yaml +23 -0
  161. package/thirdparty/v2_0/openapi3/components/schemas/tppAccountRequestPostRequest.yaml +35 -0
  162. package/thirdparty/v2_0/openapi3/components/schemas/tppAccountRequestPutResponse.yaml +30 -0
  163. package/thirdparty/v2_0/openapi3/components/schemas/tppAccountsIDPutResponse.yaml +21 -0
  164. package/thirdparty/v2_0/openapi3/components/schemas/tppAuthorizationsIDPutResponseFIDO.yaml +15 -0
  165. package/thirdparty/v2_0/openapi3/components/schemas/tppAuthorizationsIDPutResponseGeneric.yaml +15 -0
  166. package/thirdparty/v2_0/openapi3/components/schemas/tppAuthorizationsIDPutResponseRejected.yaml +10 -0
  167. package/thirdparty/v2_0/openapi3/components/schemas/tppAuthorizationsPostRequest.yaml +67 -0
  168. package/thirdparty/v2_0/openapi3/components/schemas/tppTransactionRequestPostRequest.yaml +60 -0
  169. package/thirdparty/v2_0/openapi3/components/schemas/tppTransactionRequestPutResponse.yaml +67 -0
  170. package/thirdparty/v2_0/openapi3/components/schemas/tppTransfersPostRequest.yaml +19 -0
  171. package/thirdparty/v2_0/openapi3/components/schemas/tppTransfersPutResponse.yaml +25 -0
  172. package/thirdparty/v2_0/openapi3/components/schemas/tppVerificationsIDPutResponse.yaml +19 -0
  173. package/thirdparty/v2_0/openapi3/components/schemas/tppVerificationsPostRequestFIDO.yaml +28 -0
  174. package/thirdparty/v2_0/openapi3/components/schemas/tppVerificationsPostRequestGeneric.yaml +28 -0
  175. package/thirdparty/v2_0/openapi3/openapi-admin.yaml +99 -0
  176. package/thirdparty/v2_0/openapi3/openapi.yaml +64 -0
  177. package/thirdparty/v2_0/openapi3/paths/health.yaml +25 -0
  178. package/thirdparty/v2_0/openapi3/paths/metrics.yaml +25 -0
  179. package/thirdparty/v2_0/openapi3/paths/participants.yaml +50 -0
  180. package/thirdparty/v2_0/openapi3/paths/participants_ID.yaml +49 -0
  181. package/thirdparty/v2_0/openapi3/paths/participants_ID_error.yaml +51 -0
  182. package/thirdparty/v2_0/openapi3/paths/participants_Type_ID.yaml +169 -0
  183. package/thirdparty/v2_0/openapi3/paths/participants_Type_ID_error.yaml +52 -0
  184. package/thirdparty/v2_0/openapi3/paths/services_ServiceType.yaml +77 -0
  185. package/thirdparty/v2_0/openapi3/paths/services_ServiceType_error.yaml +49 -0
  186. package/thirdparty/v2_0/openapi3/paths/tppAccountRequest.yaml +49 -0
  187. package/thirdparty/v2_0/openapi3/paths/tppAccountRequest_ID.yaml +86 -0
  188. package/thirdparty/v2_0/openapi3/paths/tppAccountRequest_ID_error.yaml +48 -0
  189. package/thirdparty/v2_0/openapi3/paths/tppAccounts_ID.yaml +88 -0
  190. package/thirdparty/v2_0/openapi3/paths/tppAccounts_ID_error.yaml +48 -0
  191. package/thirdparty/v2_0/openapi3/paths/tppAuthorizations.yaml +51 -0
  192. package/thirdparty/v2_0/openapi3/paths/tppAuthorizations_ID.yaml +86 -0
  193. package/thirdparty/v2_0/openapi3/paths/tppAuthorizations_ID_error.yaml +55 -0
  194. package/thirdparty/v2_0/openapi3/paths/tppConsentRequests.yaml +48 -0
  195. package/thirdparty/v2_0/openapi3/paths/tppConsentRequests_ID.yaml +123 -0
  196. package/thirdparty/v2_0/openapi3/paths/tppConsentRequests_ID_error.yaml +48 -0
  197. package/thirdparty/v2_0/openapi3/paths/tppConsents.yaml +49 -0
  198. package/thirdparty/v2_0/openapi3/paths/tppConsents_ID.yaml +165 -0
  199. package/thirdparty/v2_0/openapi3/paths/tppConsents_ID_error.yaml +48 -0
  200. package/thirdparty/v2_0/openapi3/paths/tppTransactionRequests.yaml +48 -0
  201. package/thirdparty/v2_0/openapi3/paths/tppTransactionRequests_ID.yaml +83 -0
  202. package/thirdparty/v2_0/openapi3/paths/tppTransactionRequests_ID_error.yaml +52 -0
  203. package/thirdparty/v2_0/openapi3/paths/tppTransfers.yaml +47 -0
  204. package/thirdparty/v2_0/openapi3/paths/tppTransfers_ID.yaml +86 -0
  205. package/thirdparty/v2_0/openapi3/paths/tppTransfers_ID_error.yaml +52 -0
  206. package/thirdparty/v2_0/openapi3/paths/tppVerifications.yaml +49 -0
  207. package/thirdparty/v2_0/openapi3/paths/tppVerifications_ID.yaml +87 -0
  208. package/thirdparty/v2_0/openapi3/paths/tppVerifications_ID_error.yaml +49 -0
  209. package/thirdparty/v2_0/openapi3/thirdparty-dfsp-admin-api.template.yaml +53 -0
  210. package/thirdparty/v2_0/openapi3/thirdparty-dfsp-admin-api.yaml +2633 -0
  211. package/thirdparty/v2_0/openapi3/thirdparty-pisp-admin-api.template.yaml +57 -0
  212. package/thirdparty/v2_0/openapi3/thirdparty-pisp-admin-api.yaml +3103 -0
  213. package/tsconfig.build.json +4 -3
@@ -0,0 +1,3705 @@
1
+ openapi: 3.0.2
2
+ info:
3
+ version: '0.1'
4
+ title: Thirdparty Snippets
5
+ description: |
6
+ Based on sequence diagrams
7
+ (https://github.com/mojaloop/tpp/tree/main/docs/out).
8
+ This is a work in progress.
9
+ license:
10
+ name: TBD
11
+ servers:
12
+ - url: '{protocol}://hostname:<port>/switch/'
13
+ variables:
14
+ protocol:
15
+ enum:
16
+ - http
17
+ - https
18
+ default: https
19
+ paths:
20
+ /interface:
21
+ post:
22
+ description: Essential path to include schema definitions that are not used so that these definitions get included into the openapi-cli bundle api definition so that they get converted into typescript definitions.
23
+ operationId: test
24
+ requestBody:
25
+ content:
26
+ application/json:
27
+ schema:
28
+ oneOf:
29
+ - $ref: '#/components/schemas/ParticipantsIDPutResponse'
30
+ - $ref: '#/components/schemas/PartiesTypeIDPutResponse'
31
+ - $ref: '#/components/schemas/QuotesIDPutResponse'
32
+ - $ref: '#/components/schemas/AuthorizationResponseType'
33
+ - $ref: '#/components/schemas/ConsentStatusIssued'
34
+ - $ref: '#/components/schemas/IlpFulfilment'
35
+ - $ref: '#/components/schemas/Integer'
36
+ - $ref: '#/components/schemas/Note'
37
+ - $ref: '#/components/schemas/PartyIdInfoTPLink'
38
+ - $ref: '#/components/schemas/PartyResult'
39
+ - $ref: '#/components/schemas/ServiceType'
40
+ - $ref: '#/components/schemas/ParticipantsPostRequest'
41
+ - $ref: '#/components/schemas/QuotesPostRequest'
42
+ responses:
43
+ '200':
44
+ description: Ok
45
+ /tppAccountRequest:
46
+ parameters:
47
+ - $ref: '#/components/parameters/Content-Type'
48
+ - $ref: '#/components/parameters/Date'
49
+ - $ref: '#/components/parameters/X-Forwarded-For'
50
+ - $ref: '#/components/parameters/FSPIOP-Source'
51
+ - $ref: '#/components/parameters/FSPIOP-Destination'
52
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
53
+ - $ref: '#/components/parameters/FSPIOP-Signature'
54
+ - $ref: '#/components/parameters/FSPIOP-URI'
55
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
56
+ post:
57
+ tags:
58
+ - accountRequest
59
+ operationId: AuthorisingAccountRequest
60
+ summary: AuthorisingAccountRequest
61
+ description: |
62
+ The `/tppAccountsRequest` resource is used to request consent from a user
63
+ for access to their accounts information. This resource must be called before
64
+ the /tppAccounts resource can be queried which provides the account information.
65
+ parameters:
66
+ - $ref: '#/components/parameters/Accept'
67
+ - $ref: '#/components/parameters/Content-Length'
68
+ requestBody:
69
+ description: The consentRequest to create
70
+ required: true
71
+ content:
72
+ application/json:
73
+ schema:
74
+ $ref: '#/components/schemas/tppAccountRequestPostRequest'
75
+ responses:
76
+ '202':
77
+ $ref: '#/components/responses/202'
78
+ '400':
79
+ $ref: '#/components/responses/400'
80
+ '401':
81
+ $ref: '#/components/responses/401'
82
+ '403':
83
+ $ref: '#/components/responses/403'
84
+ '404':
85
+ $ref: '#/components/responses/404'
86
+ '405':
87
+ $ref: '#/components/responses/405'
88
+ '406':
89
+ $ref: '#/components/responses/406'
90
+ '501':
91
+ $ref: '#/components/responses/501'
92
+ '503':
93
+ $ref: '#/components/responses/503'
94
+ /tppAccountRequest/{ID}:
95
+ parameters:
96
+ - $ref: '#/components/parameters/ID'
97
+ - $ref: '#/components/parameters/Content-Type'
98
+ - $ref: '#/components/parameters/Date'
99
+ - $ref: '#/components/parameters/X-Forwarded-For'
100
+ - $ref: '#/components/parameters/FSPIOP-Source'
101
+ - $ref: '#/components/parameters/FSPIOP-Destination'
102
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
103
+ - $ref: '#/components/parameters/FSPIOP-Signature'
104
+ - $ref: '#/components/parameters/FSPIOP-URI'
105
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
106
+ get:
107
+ operationId: GetAccountRequest
108
+ summary: GetAccountRequest
109
+ description: |
110
+ The `GET /tppAccountsRequest/{ID}` is used to request status of POST /tppAccountRequest/ call.
111
+ The *{ID}* in the URI should contain the accountRequestId that was assigned to the
112
+ request by the PISP when the PISP originated the request. The result is return via the PUT callback.
113
+ tags:
114
+ - accountRequest
115
+ parameters:
116
+ - $ref: '#/components/parameters/Accept'
117
+ responses:
118
+ '202':
119
+ $ref: '#/components/responses/202'
120
+ '400':
121
+ $ref: '#/components/responses/400'
122
+ '401':
123
+ $ref: '#/components/responses/401'
124
+ '403':
125
+ $ref: '#/components/responses/403'
126
+ '404':
127
+ $ref: '#/components/responses/404'
128
+ '405':
129
+ $ref: '#/components/responses/405'
130
+ '406':
131
+ $ref: '#/components/responses/406'
132
+ '501':
133
+ $ref: '#/components/responses/501'
134
+ '503':
135
+ $ref: '#/components/responses/503'
136
+ put:
137
+ tags:
138
+ - accountRequest
139
+ operationId: UpdateAccountRequest
140
+ summary: UpdateAccountRequest
141
+ description: |
142
+ A DFSP uses this callback to (1) inform the PISP that the accountRequest has been accepted,
143
+ and (2) communicate to the PISP which `authChannel` it should use to authenticate their user
144
+ with.
145
+
146
+ When a PISP requests a series of permissions from a DFSP on behalf of a DFSP's customer,
147
+ not all the permissions requested may be granted by the DFSP.
148
+ Conversely, the out-of-loop authorization process may result in additional privileges
149
+ being granted by the account holder to the PISP. The `PUT /tppAccountsRequest/<ID>`
150
+ resource returns the current state of the permissions relating to a particular
151
+ authorization request.
152
+ parameters:
153
+ - $ref: '#/components/parameters/Content-Length'
154
+ requestBody:
155
+ required: true
156
+ content:
157
+ application/json:
158
+ schema:
159
+ $ref: '#/components/schemas/tppAccountRequestPutResponse'
160
+ responses:
161
+ '202':
162
+ $ref: '#/components/responses/202'
163
+ '400':
164
+ $ref: '#/components/responses/400'
165
+ '401':
166
+ $ref: '#/components/responses/401'
167
+ '403':
168
+ $ref: '#/components/responses/403'
169
+ '404':
170
+ $ref: '#/components/responses/404'
171
+ '405':
172
+ $ref: '#/components/responses/405'
173
+ '406':
174
+ $ref: '#/components/responses/406'
175
+ '501':
176
+ $ref: '#/components/responses/501'
177
+ '503':
178
+ $ref: '#/components/responses/503'
179
+ /tppAccountRequest/{ID}/error:
180
+ parameters:
181
+ - $ref: '#/components/parameters/ID'
182
+ - $ref: '#/components/parameters/Content-Type'
183
+ - $ref: '#/components/parameters/Date'
184
+ - $ref: '#/components/parameters/X-Forwarded-For'
185
+ - $ref: '#/components/parameters/FSPIOP-Source'
186
+ - $ref: '#/components/parameters/FSPIOP-Destination'
187
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
188
+ - $ref: '#/components/parameters/FSPIOP-Signature'
189
+ - $ref: '#/components/parameters/FSPIOP-URI'
190
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
191
+ put:
192
+ tags:
193
+ - accountRequest
194
+ operationId: NotifyErrorAccountRequest
195
+ summary: NotifyErrorAccountRequest
196
+ description: |
197
+ DFSP responds to the PISP if something went wrong with validating an OTP or secret.
198
+ parameters:
199
+ - $ref: '#/components/parameters/Content-Length'
200
+ requestBody:
201
+ description: Error information returned.
202
+ required: true
203
+ content:
204
+ application/json:
205
+ schema:
206
+ $ref: '#/components/schemas/ErrorInformationObject'
207
+ responses:
208
+ '200':
209
+ $ref: '#/components/responses/200'
210
+ '400':
211
+ $ref: '#/components/responses/400'
212
+ '401':
213
+ $ref: '#/components/responses/401'
214
+ '403':
215
+ $ref: '#/components/responses/403'
216
+ '404':
217
+ $ref: '#/components/responses/404'
218
+ '405':
219
+ $ref: '#/components/responses/405'
220
+ '406':
221
+ $ref: '#/components/responses/406'
222
+ '501':
223
+ $ref: '#/components/responses/501'
224
+ '503':
225
+ $ref: '#/components/responses/503'
226
+ /tppAccounts/{ID}:
227
+ parameters:
228
+ - $ref: '#/components/parameters/ID'
229
+ - $ref: '#/components/parameters/Content-Type'
230
+ - $ref: '#/components/parameters/Date'
231
+ - $ref: '#/components/parameters/X-Forwarded-For'
232
+ - $ref: '#/components/parameters/FSPIOP-Source'
233
+ - $ref: '#/components/parameters/FSPIOP-Destination'
234
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
235
+ - $ref: '#/components/parameters/FSPIOP-Signature'
236
+ - $ref: '#/components/parameters/FSPIOP-URI'
237
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
238
+ get:
239
+ operationId: GetAccountsByUserId
240
+ summary: GetAccountsByUserId
241
+ description: |
242
+ The HTTP request `GET /tppAccounts/{ID}/{SignedChallenge}` is used to retrieve the list of potential accounts available for linking.
243
+ The request `{ID}` is the accountRequestID and the `{SignedChallenge}` is the signed challenge that resulted from the `POST /tppAccountRequest/` callback.
244
+
245
+ The signed challenge must match the authentication channel that was selected by the DFSP. For example, if the WEB authentication channel was selected by the DFSP, then signed challenge needs to be authToken, otherwise if the OTP channel was selected, then it needs to be the OTP that was entered by the party.
246
+ (For example, GET /tppAccounts/12345/56789).
247
+ tags:
248
+ - accounts
249
+ parameters:
250
+ - $ref: '#/components/parameters/Accept'
251
+ responses:
252
+ '202':
253
+ $ref: '#/components/responses/202'
254
+ '400':
255
+ $ref: '#/components/responses/400'
256
+ '401':
257
+ $ref: '#/components/responses/401'
258
+ '403':
259
+ $ref: '#/components/responses/403'
260
+ '404':
261
+ $ref: '#/components/responses/404'
262
+ '405':
263
+ $ref: '#/components/responses/405'
264
+ '406':
265
+ $ref: '#/components/responses/406'
266
+ '501':
267
+ $ref: '#/components/responses/501'
268
+ '503':
269
+ $ref: '#/components/responses/503'
270
+ put:
271
+ description: |
272
+ The HTTP request `PUT /tppAccounts/{ID}` is used to return the list of potential accounts available for linking
273
+ operationId: UpdateAccountsByUserId
274
+ summary: UpdateAccountsByUserId
275
+ tags:
276
+ - accounts
277
+ parameters:
278
+ - $ref: '#/components/parameters/Content-Length'
279
+ requestBody:
280
+ required: true
281
+ content:
282
+ application/json:
283
+ schema:
284
+ $ref: '#/components/schemas/tppAccountsIDPutResponse'
285
+ example:
286
+ - accountNickname: dfspa.user.nickname1
287
+ id: dfspa.username.1234
288
+ currency: ZAR
289
+ - accountNickname: dfspa.user.nickname2
290
+ id: dfspa.username.5678
291
+ currency: USD
292
+ responses:
293
+ '200':
294
+ $ref: '#/components/responses/200'
295
+ '400':
296
+ $ref: '#/components/responses/400'
297
+ '401':
298
+ $ref: '#/components/responses/401'
299
+ '403':
300
+ $ref: '#/components/responses/403'
301
+ '404':
302
+ $ref: '#/components/responses/404'
303
+ '405':
304
+ $ref: '#/components/responses/405'
305
+ '406':
306
+ $ref: '#/components/responses/406'
307
+ '501':
308
+ $ref: '#/components/responses/501'
309
+ '503':
310
+ $ref: '#/components/responses/503'
311
+ /tppAccounts/{ID}/error:
312
+ parameters:
313
+ - $ref: '#/components/parameters/ID'
314
+ - $ref: '#/components/parameters/Content-Type'
315
+ - $ref: '#/components/parameters/Date'
316
+ - $ref: '#/components/parameters/X-Forwarded-For'
317
+ - $ref: '#/components/parameters/FSPIOP-Source'
318
+ - $ref: '#/components/parameters/FSPIOP-Destination'
319
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
320
+ - $ref: '#/components/parameters/FSPIOP-Signature'
321
+ - $ref: '#/components/parameters/FSPIOP-URI'
322
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
323
+ put:
324
+ description: |
325
+ The HTTP request `PUT /ttpAccounts/{ID}/error` is used to return error information
326
+ operationId: UpdateAccountsByUserIdError
327
+ summary: UpdateAccountsByUserIdError
328
+ tags:
329
+ - accounts
330
+ parameters:
331
+ - $ref: '#/components/parameters/Content-Length'
332
+ requestBody:
333
+ description: Details of the error returned.
334
+ required: true
335
+ content:
336
+ application/json:
337
+ schema:
338
+ $ref: '#/components/schemas/ErrorInformationObject'
339
+ responses:
340
+ '200':
341
+ $ref: '#/components/responses/200'
342
+ '400':
343
+ $ref: '#/components/responses/400'
344
+ '401':
345
+ $ref: '#/components/responses/401'
346
+ '403':
347
+ $ref: '#/components/responses/403'
348
+ '404':
349
+ $ref: '#/components/responses/404'
350
+ '405':
351
+ $ref: '#/components/responses/405'
352
+ '406':
353
+ $ref: '#/components/responses/406'
354
+ '501':
355
+ $ref: '#/components/responses/501'
356
+ '503':
357
+ $ref: '#/components/responses/503'
358
+ /health:
359
+ get:
360
+ tags:
361
+ - health
362
+ responses:
363
+ '200':
364
+ $ref: '#/components/responses/200'
365
+ '400':
366
+ $ref: '#/components/responses/400'
367
+ '401':
368
+ $ref: '#/components/responses/401'
369
+ '403':
370
+ $ref: '#/components/responses/403'
371
+ '404':
372
+ $ref: '#/components/responses/404'
373
+ '405':
374
+ $ref: '#/components/responses/405'
375
+ '406':
376
+ $ref: '#/components/responses/406'
377
+ '501':
378
+ $ref: '#/components/responses/501'
379
+ '503':
380
+ $ref: '#/components/responses/503'
381
+ operationId: HealthGet
382
+ summary: Health check endpoint
383
+ description: The HTTP request GET /health is used to return the current status of the API.
384
+ /metrics:
385
+ get:
386
+ tags:
387
+ - health
388
+ responses:
389
+ '200':
390
+ $ref: '#/components/responses/200'
391
+ '400':
392
+ $ref: '#/components/responses/400'
393
+ '401':
394
+ $ref: '#/components/responses/401'
395
+ '403':
396
+ $ref: '#/components/responses/403'
397
+ '404':
398
+ $ref: '#/components/responses/404'
399
+ '405':
400
+ $ref: '#/components/responses/405'
401
+ '406':
402
+ $ref: '#/components/responses/406'
403
+ '501':
404
+ $ref: '#/components/responses/501'
405
+ '503':
406
+ $ref: '#/components/responses/503'
407
+ operationId: MetricsGet
408
+ summary: Prometheus metrics endpoint
409
+ description: The HTTP request GET /metrics is used to return metrics for the API.
410
+ /tppConsentRequests:
411
+ parameters:
412
+ - $ref: '#/components/parameters/Content-Type'
413
+ - $ref: '#/components/parameters/Date'
414
+ - $ref: '#/components/parameters/X-Forwarded-For'
415
+ - $ref: '#/components/parameters/FSPIOP-Source'
416
+ - $ref: '#/components/parameters/FSPIOP-Destination'
417
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
418
+ - $ref: '#/components/parameters/FSPIOP-Signature'
419
+ - $ref: '#/components/parameters/FSPIOP-URI'
420
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
421
+ post:
422
+ tags:
423
+ - consentRequests
424
+ operationId: CreateConsentRequest
425
+ summary: CreateConsentRequest
426
+ description: |
427
+ The HTTP request **POST /tppConsentRequests** is used to request a DFSP to grant access to one or more
428
+ accounts owned by a customer of the DFSP for the PISP who sends the request.
429
+ parameters:
430
+ - $ref: '#/components/parameters/Accept'
431
+ - $ref: '#/components/parameters/Content-Length'
432
+ requestBody:
433
+ description: The consentRequest to create
434
+ required: true
435
+ content:
436
+ application/json:
437
+ schema:
438
+ $ref: '#/components/schemas/ConsentRequestsPostRequest'
439
+ responses:
440
+ '202':
441
+ $ref: '#/components/responses/202'
442
+ '400':
443
+ $ref: '#/components/responses/400'
444
+ '401':
445
+ $ref: '#/components/responses/401'
446
+ '403':
447
+ $ref: '#/components/responses/403'
448
+ '404':
449
+ $ref: '#/components/responses/404'
450
+ '405':
451
+ $ref: '#/components/responses/405'
452
+ '406':
453
+ $ref: '#/components/responses/406'
454
+ '501':
455
+ $ref: '#/components/responses/501'
456
+ '503':
457
+ $ref: '#/components/responses/503'
458
+ /tppConsentRequests/{ID}:
459
+ parameters:
460
+ - $ref: '#/components/parameters/ID'
461
+ - $ref: '#/components/parameters/Content-Type'
462
+ - $ref: '#/components/parameters/Date'
463
+ - $ref: '#/components/parameters/X-Forwarded-For'
464
+ - $ref: '#/components/parameters/FSPIOP-Source'
465
+ - $ref: '#/components/parameters/FSPIOP-Destination'
466
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
467
+ - $ref: '#/components/parameters/FSPIOP-Signature'
468
+ - $ref: '#/components/parameters/FSPIOP-URI'
469
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
470
+ get:
471
+ operationId: GetConsentRequestsById
472
+ summary: GetConsentRequestsById
473
+ description: |
474
+ The HTTP request `GET /tppConsentRequests/{ID}` is used to get information about a previously
475
+ requested consent. The *{ID}* in the URI should contain the consentRequestId that was assigned to the
476
+ request by the PISP when the PISP originated the request.
477
+ tags:
478
+ - consentRequests
479
+ parameters:
480
+ - $ref: '#/components/parameters/Accept'
481
+ responses:
482
+ '202':
483
+ $ref: '#/components/responses/202'
484
+ '400':
485
+ $ref: '#/components/responses/400'
486
+ '401':
487
+ $ref: '#/components/responses/401'
488
+ '403':
489
+ $ref: '#/components/responses/403'
490
+ '404':
491
+ $ref: '#/components/responses/404'
492
+ '405':
493
+ $ref: '#/components/responses/405'
494
+ '406':
495
+ $ref: '#/components/responses/406'
496
+ '501':
497
+ $ref: '#/components/responses/501'
498
+ '503':
499
+ $ref: '#/components/responses/503'
500
+ put:
501
+ tags:
502
+ - consentRequests
503
+ operationId: UpdateConsentRequest
504
+ summary: UpdateConsentRequest
505
+ description: |
506
+ A DFSP uses this callback to (1) inform the PISP that the consentRequest has been accepted,
507
+ and (2) communicate to the PISP which `authChannel` it should use to authenticate their user
508
+ with.
509
+
510
+ When a PISP requests a series of permissions from a DFSP on behalf of a DFSP’s customer, not all
511
+ the permissions requested may be granted by the DFSP. Conversely, the out-of-band authorization
512
+ process may result in additional privileges being granted by the account holder to the PISP. The
513
+ **PUT /consentRequests/**_{ID}_ resource returns the current state of the permissions relating to a
514
+ particular authorization request.
515
+ parameters:
516
+ - $ref: '#/components/parameters/Content-Length'
517
+ requestBody:
518
+ required: true
519
+ content:
520
+ application/json:
521
+ schema:
522
+ oneOf:
523
+ - $ref: '#/components/schemas/ConsentRequestsIDPutResponseWeb'
524
+ - $ref: '#/components/schemas/ConsentRequestsIDPutResponseOTP'
525
+ responses:
526
+ '202':
527
+ $ref: '#/components/responses/202'
528
+ '400':
529
+ $ref: '#/components/responses/400'
530
+ '401':
531
+ $ref: '#/components/responses/401'
532
+ '403':
533
+ $ref: '#/components/responses/403'
534
+ '404':
535
+ $ref: '#/components/responses/404'
536
+ '405':
537
+ $ref: '#/components/responses/405'
538
+ '406':
539
+ $ref: '#/components/responses/406'
540
+ '501':
541
+ $ref: '#/components/responses/501'
542
+ '503':
543
+ $ref: '#/components/responses/503'
544
+ patch:
545
+ tags:
546
+ - consentRequests
547
+ operationId: PatchConsentRequest
548
+ summary: PatchConsentRequest
549
+ description: |
550
+ After the user completes an out-of-band authorization with the DFSP, the PISP will receive a token which they can use to prove to the DFSP that the user trusts this PISP.
551
+ parameters:
552
+ - $ref: '#/components/parameters/Accept'
553
+ - $ref: '#/components/parameters/Content-Length'
554
+ requestBody:
555
+ required: true
556
+ content:
557
+ application/json:
558
+ schema:
559
+ $ref: '#/components/schemas/ConsentRequestsIDPatchRequest'
560
+ responses:
561
+ '202':
562
+ $ref: '#/components/responses/202'
563
+ '400':
564
+ $ref: '#/components/responses/400'
565
+ '401':
566
+ $ref: '#/components/responses/401'
567
+ '403':
568
+ $ref: '#/components/responses/403'
569
+ '404':
570
+ $ref: '#/components/responses/404'
571
+ '405':
572
+ $ref: '#/components/responses/405'
573
+ '406':
574
+ $ref: '#/components/responses/406'
575
+ '501':
576
+ $ref: '#/components/responses/501'
577
+ '503':
578
+ $ref: '#/components/responses/503'
579
+ /tppConsentRequests/{ID}/error:
580
+ parameters:
581
+ - $ref: '#/components/parameters/ID'
582
+ - $ref: '#/components/parameters/Content-Type'
583
+ - $ref: '#/components/parameters/Date'
584
+ - $ref: '#/components/parameters/X-Forwarded-For'
585
+ - $ref: '#/components/parameters/FSPIOP-Source'
586
+ - $ref: '#/components/parameters/FSPIOP-Destination'
587
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
588
+ - $ref: '#/components/parameters/FSPIOP-Signature'
589
+ - $ref: '#/components/parameters/FSPIOP-URI'
590
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
591
+ put:
592
+ tags:
593
+ - consentRequests
594
+ operationId: NotifyErrorConsentRequests
595
+ summary: NotifyErrorConsentRequests
596
+ description: |
597
+ DFSP responds to the PISP if something went wrong with validating an OTP or secret.
598
+ parameters:
599
+ - $ref: '#/components/parameters/Content-Length'
600
+ requestBody:
601
+ description: Error information returned.
602
+ required: true
603
+ content:
604
+ application/json:
605
+ schema:
606
+ $ref: '#/components/schemas/ErrorInformationObject'
607
+ responses:
608
+ '200':
609
+ $ref: '#/components/responses/200'
610
+ '400':
611
+ $ref: '#/components/responses/400'
612
+ '401':
613
+ $ref: '#/components/responses/401'
614
+ '403':
615
+ $ref: '#/components/responses/403'
616
+ '404':
617
+ $ref: '#/components/responses/404'
618
+ '405':
619
+ $ref: '#/components/responses/405'
620
+ '406':
621
+ $ref: '#/components/responses/406'
622
+ '501':
623
+ $ref: '#/components/responses/501'
624
+ '503':
625
+ $ref: '#/components/responses/503'
626
+ /tppConsents:
627
+ parameters:
628
+ - $ref: '#/components/parameters/Content-Type'
629
+ - $ref: '#/components/parameters/Date'
630
+ - $ref: '#/components/parameters/X-Forwarded-For'
631
+ - $ref: '#/components/parameters/FSPIOP-Source'
632
+ - $ref: '#/components/parameters/FSPIOP-Destination'
633
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
634
+ - $ref: '#/components/parameters/FSPIOP-Signature'
635
+ - $ref: '#/components/parameters/FSPIOP-URI'
636
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
637
+ post:
638
+ tags:
639
+ - consents
640
+ operationId: PostConsents
641
+ summary: PostConsents
642
+ description: |
643
+ The **POST /tppConsents** request is used to request the creation of a consent for interactions between a PISP and the DFSP who owns the account which a PISP’s customer wants to allow the PISP access to.
644
+ parameters:
645
+ - $ref: '#/components/parameters/Accept'
646
+ - $ref: '#/components/parameters/Content-Length'
647
+ requestBody:
648
+ required: true
649
+ content:
650
+ application/json:
651
+ schema:
652
+ oneOf:
653
+ - $ref: '#/components/schemas/ConsentsPostRequestAUTH'
654
+ - $ref: '#/components/schemas/ConsentsPostRequestPISP'
655
+ responses:
656
+ '202':
657
+ $ref: '#/components/responses/202'
658
+ '400':
659
+ $ref: '#/components/responses/400'
660
+ '401':
661
+ $ref: '#/components/responses/401'
662
+ '403':
663
+ $ref: '#/components/responses/403'
664
+ '404':
665
+ $ref: '#/components/responses/404'
666
+ '405':
667
+ $ref: '#/components/responses/405'
668
+ '406':
669
+ $ref: '#/components/responses/406'
670
+ '501':
671
+ $ref: '#/components/responses/501'
672
+ '503':
673
+ $ref: '#/components/responses/503'
674
+ /tppConsents/{ID}:
675
+ parameters:
676
+ - $ref: '#/components/parameters/ID'
677
+ - $ref: '#/components/parameters/Content-Type'
678
+ - $ref: '#/components/parameters/Date'
679
+ - $ref: '#/components/parameters/X-Forwarded-For'
680
+ - $ref: '#/components/parameters/FSPIOP-Source'
681
+ - $ref: '#/components/parameters/FSPIOP-Destination'
682
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
683
+ - $ref: '#/components/parameters/FSPIOP-Signature'
684
+ - $ref: '#/components/parameters/FSPIOP-URI'
685
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
686
+ get:
687
+ description: |
688
+ The **GET /tppConsents/**_{ID}_ resource allows a party to enquire after the status of a consent. The *{ID}* used in the URI of the request should be the consent request ID which was used to identify the consent when it was created.
689
+ tags:
690
+ - consents
691
+ operationId: GetConsent
692
+ summary: GetConsent
693
+ parameters:
694
+ - $ref: '#/components/parameters/Accept'
695
+ responses:
696
+ '202':
697
+ $ref: '#/components/responses/202'
698
+ '400':
699
+ $ref: '#/components/responses/400'
700
+ '401':
701
+ $ref: '#/components/responses/401'
702
+ '403':
703
+ $ref: '#/components/responses/403'
704
+ '404':
705
+ $ref: '#/components/responses/404'
706
+ '405':
707
+ $ref: '#/components/responses/405'
708
+ '406':
709
+ $ref: '#/components/responses/406'
710
+ '501':
711
+ $ref: '#/components/responses/501'
712
+ '503':
713
+ $ref: '#/components/responses/503'
714
+ patch:
715
+ description: |
716
+ The HTTP request `PATCH /consents/{ID}` is used
717
+
718
+ - In account linking in the Credential Registration phase. Used by a DFSP
719
+ to notify a PISP a credential has been verified and registered with an
720
+ Auth service.
721
+
722
+ - In account unlinking by a hub hosted auth service and by DFSPs
723
+ in non-hub hosted scenarios to notify participants of a consent being revoked.
724
+
725
+ Called by a `auth-service` to notify a PISP and DFSP of consent status in hub hosted scenario.
726
+ Called by a `DFSP` to notify a PISP of consent status in non-hub hosted scenario.
727
+ tags:
728
+ - consents
729
+ operationId: PatchConsentByID
730
+ summary: PatchConsentByID
731
+ requestBody:
732
+ required: true
733
+ content:
734
+ application/json:
735
+ schema:
736
+ oneOf:
737
+ - $ref: '#/components/schemas/ConsentsIDPatchResponseVerified'
738
+ - $ref: '#/components/schemas/ConsentsIDPatchResponseRevoked'
739
+ parameters:
740
+ - $ref: '#/components/parameters/Accept'
741
+ - $ref: '#/components/parameters/Content-Length'
742
+ responses:
743
+ '200':
744
+ $ref: '#/components/responses/200'
745
+ '400':
746
+ $ref: '#/components/responses/400'
747
+ '401':
748
+ $ref: '#/components/responses/401'
749
+ '403':
750
+ $ref: '#/components/responses/403'
751
+ '404':
752
+ $ref: '#/components/responses/404'
753
+ '405':
754
+ $ref: '#/components/responses/405'
755
+ '406':
756
+ $ref: '#/components/responses/406'
757
+ '501':
758
+ $ref: '#/components/responses/501'
759
+ '503':
760
+ $ref: '#/components/responses/503'
761
+ put:
762
+ description: |
763
+ The HTTP request `PUT /consents/{ID}` is used by the PISP and Auth Service.
764
+
765
+ - Called by a `PISP` to after signing a challenge. Sent to an DFSP for verification.
766
+ - Called by a `auth-service` to notify a DFSP that a credential has been verified and registered.
767
+ tags:
768
+ - consents
769
+ operationId: PutConsentByID
770
+ summary: PutConsentByID
771
+ requestBody:
772
+ required: true
773
+ content:
774
+ application/json:
775
+ schema:
776
+ oneOf:
777
+ - $ref: '#/components/schemas/ConsentsIDPutResponseSigned'
778
+ - $ref: '#/components/schemas/ConsentsIDPutResponseVerified'
779
+ parameters:
780
+ - $ref: '#/components/parameters/Content-Length'
781
+ responses:
782
+ '200':
783
+ $ref: '#/components/responses/200'
784
+ '202':
785
+ $ref: '#/components/responses/202'
786
+ '400':
787
+ $ref: '#/components/responses/400'
788
+ '401':
789
+ $ref: '#/components/responses/401'
790
+ '403':
791
+ $ref: '#/components/responses/403'
792
+ '404':
793
+ $ref: '#/components/responses/404'
794
+ '405':
795
+ $ref: '#/components/responses/405'
796
+ '406':
797
+ $ref: '#/components/responses/406'
798
+ '501':
799
+ $ref: '#/components/responses/501'
800
+ '503':
801
+ $ref: '#/components/responses/503'
802
+ delete:
803
+ description: |
804
+ Used by PISP, DFSP
805
+
806
+ The **DELETE /consents/**_{ID}_ request is used to request the revocation of a previously agreed consent.
807
+ For tracing and auditing purposes, the switch should be sure not to delete the consent physically;
808
+ instead, information relating to the consent should be marked as deleted and requests relating to the
809
+ consent should not be honoured.
810
+ operationId: DeleteConsentByID
811
+ parameters:
812
+ - $ref: '#/components/parameters/Accept'
813
+ tags:
814
+ - consents
815
+ responses:
816
+ '202':
817
+ $ref: '#/components/responses/202'
818
+ '400':
819
+ $ref: '#/components/responses/400'
820
+ '401':
821
+ $ref: '#/components/responses/401'
822
+ '403':
823
+ $ref: '#/components/responses/403'
824
+ '404':
825
+ $ref: '#/components/responses/404'
826
+ '405':
827
+ $ref: '#/components/responses/405'
828
+ '406':
829
+ $ref: '#/components/responses/406'
830
+ '501':
831
+ $ref: '#/components/responses/501'
832
+ '503':
833
+ $ref: '#/components/responses/503'
834
+ /tppConsents/{ID}/error:
835
+ parameters:
836
+ - $ref: '#/components/parameters/ID'
837
+ - $ref: '#/components/parameters/Content-Type'
838
+ - $ref: '#/components/parameters/Date'
839
+ - $ref: '#/components/parameters/X-Forwarded-For'
840
+ - $ref: '#/components/parameters/FSPIOP-Source'
841
+ - $ref: '#/components/parameters/FSPIOP-Destination'
842
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
843
+ - $ref: '#/components/parameters/FSPIOP-Signature'
844
+ - $ref: '#/components/parameters/FSPIOP-URI'
845
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
846
+ put:
847
+ tags:
848
+ - consents
849
+ operationId: NotifyErrorConsents
850
+ summary: NotifyErrorConsents
851
+ description: |
852
+ DFSP responds to the PISP if something went wrong with validating or storing consent.
853
+ parameters:
854
+ - $ref: '#/components/parameters/Content-Length'
855
+ requestBody:
856
+ description: Error information returned.
857
+ required: true
858
+ content:
859
+ application/json:
860
+ schema:
861
+ $ref: '#/components/schemas/ErrorInformationObject'
862
+ responses:
863
+ '200':
864
+ $ref: '#/components/responses/200'
865
+ '400':
866
+ $ref: '#/components/responses/400'
867
+ '401':
868
+ $ref: '#/components/responses/401'
869
+ '403':
870
+ $ref: '#/components/responses/403'
871
+ '404':
872
+ $ref: '#/components/responses/404'
873
+ '405':
874
+ $ref: '#/components/responses/405'
875
+ '406':
876
+ $ref: '#/components/responses/406'
877
+ '501':
878
+ $ref: '#/components/responses/501'
879
+ '503':
880
+ $ref: '#/components/responses/503'
881
+ /participants:
882
+ parameters:
883
+ - $ref: '#/components/parameters/Content-Type'
884
+ - $ref: '#/components/parameters/Date'
885
+ - $ref: '#/components/parameters/X-Forwarded-For'
886
+ - $ref: '#/components/parameters/FSPIOP-Source'
887
+ - $ref: '#/components/parameters/FSPIOP-Destination'
888
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
889
+ - $ref: '#/components/parameters/FSPIOP-Signature'
890
+ - $ref: '#/components/parameters/FSPIOP-URI'
891
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
892
+ post:
893
+ description: The HTTP request `POST /participants` is used to create information in the server regarding the provided list of identities. This request should be used for bulk creation of FSP information for more than one Party. The optional currency parameter should indicate that each provided Party supports the currency.
894
+ summary: Create bulk participant information
895
+ tags:
896
+ - participants
897
+ operationId: Participants1
898
+ parameters:
899
+ - $ref: '#/components/parameters/Accept'
900
+ - $ref: '#/components/parameters/Content-Length'
901
+ requestBody:
902
+ description: Participant information to be created.
903
+ required: true
904
+ content:
905
+ application/json:
906
+ schema:
907
+ $ref: '#/components/schemas/ParticipantsPostRequest'
908
+ responses:
909
+ '202':
910
+ $ref: '#/components/responses/202'
911
+ '400':
912
+ $ref: '#/components/responses/400'
913
+ '401':
914
+ $ref: '#/components/responses/401'
915
+ '403':
916
+ $ref: '#/components/responses/403'
917
+ '404':
918
+ $ref: '#/components/responses/404'
919
+ '405':
920
+ $ref: '#/components/responses/405'
921
+ '406':
922
+ $ref: '#/components/responses/406'
923
+ '501':
924
+ $ref: '#/components/responses/501'
925
+ '503':
926
+ $ref: '#/components/responses/503'
927
+ /participants/{ID}:
928
+ parameters:
929
+ - $ref: '#/components/parameters/ID'
930
+ - $ref: '#/components/parameters/Content-Type'
931
+ - $ref: '#/components/parameters/Date'
932
+ - $ref: '#/components/parameters/X-Forwarded-For'
933
+ - $ref: '#/components/parameters/FSPIOP-Source'
934
+ - $ref: '#/components/parameters/FSPIOP-Destination'
935
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
936
+ - $ref: '#/components/parameters/FSPIOP-Signature'
937
+ - $ref: '#/components/parameters/FSPIOP-URI'
938
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
939
+ put:
940
+ description: The callback `PUT /participants/{ID}` is used to inform the client of the result of the creation of the provided list of identities.
941
+ summary: Return bulk participant information
942
+ tags:
943
+ - participants
944
+ operationId: PutParticipantsByID
945
+ parameters:
946
+ - $ref: '#/components/parameters/Content-Length'
947
+ requestBody:
948
+ description: Participant information returned.
949
+ required: true
950
+ content:
951
+ application/json:
952
+ schema:
953
+ $ref: '#/components/schemas/ParticipantsIDPutResponse'
954
+ responses:
955
+ '200':
956
+ $ref: '#/components/responses/200'
957
+ '400':
958
+ $ref: '#/components/responses/400'
959
+ '401':
960
+ $ref: '#/components/responses/401'
961
+ '403':
962
+ $ref: '#/components/responses/403'
963
+ '404':
964
+ $ref: '#/components/responses/404'
965
+ '405':
966
+ $ref: '#/components/responses/405'
967
+ '406':
968
+ $ref: '#/components/responses/406'
969
+ '501':
970
+ $ref: '#/components/responses/501'
971
+ '503':
972
+ $ref: '#/components/responses/503'
973
+ /participants/{ID}/error:
974
+ parameters:
975
+ - $ref: '#/components/parameters/ID'
976
+ - $ref: '#/components/parameters/Content-Type'
977
+ - $ref: '#/components/parameters/Date'
978
+ - $ref: '#/components/parameters/X-Forwarded-For'
979
+ - $ref: '#/components/parameters/FSPIOP-Source'
980
+ - $ref: '#/components/parameters/FSPIOP-Destination'
981
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
982
+ - $ref: '#/components/parameters/FSPIOP-Signature'
983
+ - $ref: '#/components/parameters/FSPIOP-URI'
984
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
985
+ put:
986
+ description: If there is an error during FSP information creation in the server, the error callback `PUT /participants/{ID}/error` is used. The `{ID}` in the URI should contain the requestId that was used for the creation of the participant information.
987
+ summary: Return bulk participant information error
988
+ tags:
989
+ - participants
990
+ operationId: PutParticipantsByIDAndError
991
+ parameters:
992
+ - $ref: '#/components/parameters/Content-Length'
993
+ requestBody:
994
+ description: Details of the error returned.
995
+ required: true
996
+ content:
997
+ application/json:
998
+ schema:
999
+ $ref: '#/components/schemas/ErrorInformationObject'
1000
+ responses:
1001
+ '200':
1002
+ $ref: '#/components/responses/200'
1003
+ '400':
1004
+ $ref: '#/components/responses/400'
1005
+ '401':
1006
+ $ref: '#/components/responses/401'
1007
+ '403':
1008
+ $ref: '#/components/responses/403'
1009
+ '404':
1010
+ $ref: '#/components/responses/404'
1011
+ '405':
1012
+ $ref: '#/components/responses/405'
1013
+ '406':
1014
+ $ref: '#/components/responses/406'
1015
+ '501':
1016
+ $ref: '#/components/responses/501'
1017
+ '503':
1018
+ $ref: '#/components/responses/503'
1019
+ /participants/{Type}/{ID}:
1020
+ parameters:
1021
+ - $ref: '#/components/parameters/Type'
1022
+ - $ref: '#/components/parameters/ID'
1023
+ - $ref: '#/components/parameters/Content-Type'
1024
+ - $ref: '#/components/parameters/Date'
1025
+ - $ref: '#/components/parameters/X-Forwarded-For'
1026
+ - $ref: '#/components/parameters/FSPIOP-Source'
1027
+ - $ref: '#/components/parameters/FSPIOP-Destination'
1028
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
1029
+ - $ref: '#/components/parameters/FSPIOP-Signature'
1030
+ - $ref: '#/components/parameters/FSPIOP-URI'
1031
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
1032
+ post:
1033
+ description: The HTTP request `POST /participants/{Type}/{ID}` (or `POST /participants/{Type}/{ID}/{SubId}`) is used to create information in the server regarding the provided identity, defined by `{Type}`, `{ID}`, and optionally `{SubId}` (for example, `POST /participants/MSISDN/123456789` or `POST /participants/BUSINESS/shoecompany/employee1`). An ExtensionList element has been added to this reqeust in version v1.1
1034
+ summary: Create participant information
1035
+ tags:
1036
+ - participants
1037
+ operationId: ParticipantsByIDAndType
1038
+ parameters:
1039
+ - $ref: '#/components/parameters/Accept'
1040
+ - $ref: '#/components/parameters/Content-Length'
1041
+ requestBody:
1042
+ description: Participant information to be created.
1043
+ required: true
1044
+ content:
1045
+ application/json:
1046
+ schema:
1047
+ $ref: '#/components/schemas/ParticipantsTypeIDSubIDPostRequest'
1048
+ responses:
1049
+ '202':
1050
+ $ref: '#/components/responses/202'
1051
+ '400':
1052
+ $ref: '#/components/responses/400'
1053
+ '401':
1054
+ $ref: '#/components/responses/401'
1055
+ '403':
1056
+ $ref: '#/components/responses/403'
1057
+ '404':
1058
+ $ref: '#/components/responses/404'
1059
+ '405':
1060
+ $ref: '#/components/responses/405'
1061
+ '406':
1062
+ $ref: '#/components/responses/406'
1063
+ '501':
1064
+ $ref: '#/components/responses/501'
1065
+ '503':
1066
+ $ref: '#/components/responses/503'
1067
+ get:
1068
+ description: The HTTP request `GET /participants/{Type}/{ID}` (or `GET /participants/{Type}/{ID}/{SubId}`) is used to find out in which FSP the requested Party, defined by `{Type}`, `{ID}` and optionally `{SubId}`, is located (for example, `GET /participants/MSISDN/123456789`, or `GET /participants/BUSINESS/shoecompany/employee1`). This HTTP request should support a query string for filtering of currency. To use filtering of currency, the HTTP request `GET /participants/{Type}/{ID}?currency=XYZ` should be used, where `XYZ` is the requested currency.
1069
+ summary: Look up participant information
1070
+ tags:
1071
+ - participants
1072
+ operationId: ParticipantsByTypeAndID
1073
+ parameters:
1074
+ - $ref: '#/components/parameters/Accept'
1075
+ responses:
1076
+ '202':
1077
+ $ref: '#/components/responses/202'
1078
+ '400':
1079
+ $ref: '#/components/responses/400'
1080
+ '401':
1081
+ $ref: '#/components/responses/401'
1082
+ '403':
1083
+ $ref: '#/components/responses/403'
1084
+ '404':
1085
+ $ref: '#/components/responses/404'
1086
+ '405':
1087
+ $ref: '#/components/responses/405'
1088
+ '406':
1089
+ $ref: '#/components/responses/406'
1090
+ '501':
1091
+ $ref: '#/components/responses/501'
1092
+ '503':
1093
+ $ref: '#/components/responses/503'
1094
+ put:
1095
+ description: The callback `PUT /participants/{Type}/{ID}` (or `PUT /participants/{Type}/{ID}/{SubId}`) is used to inform the client of a successful result of the lookup, creation, or deletion of the FSP information related to the Party. If the FSP information is deleted, the fspId element should be empty; otherwise the element should include the FSP information for the Party.
1096
+ summary: Return participant information
1097
+ tags:
1098
+ - participants
1099
+ operationId: ParticipantsByTypeAndID3
1100
+ parameters:
1101
+ - $ref: '#/components/parameters/Content-Length'
1102
+ requestBody:
1103
+ description: Participant information returned.
1104
+ required: true
1105
+ content:
1106
+ application/json:
1107
+ schema:
1108
+ $ref: '#/components/schemas/ParticipantsTypeIDPutResponse'
1109
+ responses:
1110
+ '200':
1111
+ $ref: '#/components/responses/200'
1112
+ '400':
1113
+ $ref: '#/components/responses/400'
1114
+ '401':
1115
+ $ref: '#/components/responses/401'
1116
+ '403':
1117
+ $ref: '#/components/responses/403'
1118
+ '404':
1119
+ $ref: '#/components/responses/404'
1120
+ '405':
1121
+ $ref: '#/components/responses/405'
1122
+ '406':
1123
+ $ref: '#/components/responses/406'
1124
+ '501':
1125
+ $ref: '#/components/responses/501'
1126
+ '503':
1127
+ $ref: '#/components/responses/503'
1128
+ delete:
1129
+ description: |-
1130
+ The HTTP request `DELETE /participants/{Type}/{ID}` (or `DELETE /participants/{Type}/{ID}/{SubId}`) is used to delete information in the server regarding the provided identity, defined by `{Type}` and `{ID}`) (for example, `DELETE /participants/MSISDN/123456789`), and optionally `{SubId}`. This HTTP request should support a query string to delete FSP information regarding a specific currency only. To delete a specific currency only, the HTTP request `DELETE /participants/{Type}/{ID}?currency=XYZ` should be used, where `XYZ` is the requested currency.
1131
+
1132
+ **Note:** The Account Lookup System should verify that it is the Party’s current FSP that is deleting the FSP information.
1133
+ summary: Delete participant information
1134
+ tags:
1135
+ - participants
1136
+ operationId: ParticipantsByTypeAndID2
1137
+ parameters:
1138
+ - $ref: '#/components/parameters/Accept'
1139
+ responses:
1140
+ '202':
1141
+ $ref: '#/components/responses/202'
1142
+ '400':
1143
+ $ref: '#/components/responses/400'
1144
+ '401':
1145
+ $ref: '#/components/responses/401'
1146
+ '403':
1147
+ $ref: '#/components/responses/403'
1148
+ '404':
1149
+ $ref: '#/components/responses/404'
1150
+ '405':
1151
+ $ref: '#/components/responses/405'
1152
+ '406':
1153
+ $ref: '#/components/responses/406'
1154
+ '501':
1155
+ $ref: '#/components/responses/501'
1156
+ '503':
1157
+ $ref: '#/components/responses/503'
1158
+ /participants/{Type}/{ID}/error:
1159
+ parameters:
1160
+ - $ref: '#/components/parameters/Type'
1161
+ - $ref: '#/components/parameters/ID'
1162
+ - $ref: '#/components/parameters/Content-Type'
1163
+ - $ref: '#/components/parameters/Date'
1164
+ - $ref: '#/components/parameters/X-Forwarded-For'
1165
+ - $ref: '#/components/parameters/FSPIOP-Source'
1166
+ - $ref: '#/components/parameters/FSPIOP-Destination'
1167
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
1168
+ - $ref: '#/components/parameters/FSPIOP-Signature'
1169
+ - $ref: '#/components/parameters/FSPIOP-URI'
1170
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
1171
+ put:
1172
+ description: If the server is unable to find, create or delete the associated FSP of the provided identity, or another processing error occurred, the error callback `PUT /participants/{Type}/{ID}/error` (or `PUT /participants/{Type}/{ID}/{SubId}/error`) is used.
1173
+ summary: Return participant information error
1174
+ tags:
1175
+ - participants
1176
+ operationId: ParticipantsErrorByTypeAndID
1177
+ parameters:
1178
+ - $ref: '#/components/parameters/Content-Length'
1179
+ requestBody:
1180
+ description: Details of the error returned.
1181
+ required: true
1182
+ content:
1183
+ application/json:
1184
+ schema:
1185
+ $ref: '#/components/schemas/ErrorInformationObject'
1186
+ responses:
1187
+ '200':
1188
+ $ref: '#/components/responses/200'
1189
+ '400':
1190
+ $ref: '#/components/responses/400'
1191
+ '401':
1192
+ $ref: '#/components/responses/401'
1193
+ '403':
1194
+ $ref: '#/components/responses/403'
1195
+ '404':
1196
+ $ref: '#/components/responses/404'
1197
+ '405':
1198
+ $ref: '#/components/responses/405'
1199
+ '406':
1200
+ $ref: '#/components/responses/406'
1201
+ '501':
1202
+ $ref: '#/components/responses/501'
1203
+ '503':
1204
+ $ref: '#/components/responses/503'
1205
+ /services/{ServiceType}:
1206
+ parameters:
1207
+ - $ref: '#/components/parameters/ServiceType'
1208
+ - $ref: '#/components/parameters/Content-Type'
1209
+ - $ref: '#/components/parameters/Date'
1210
+ - $ref: '#/components/parameters/X-Forwarded-For'
1211
+ - $ref: '#/components/parameters/FSPIOP-Source'
1212
+ - $ref: '#/components/parameters/FSPIOP-Destination'
1213
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
1214
+ - $ref: '#/components/parameters/FSPIOP-Signature'
1215
+ - $ref: '#/components/parameters/FSPIOP-URI'
1216
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
1217
+ get:
1218
+ operationId: GetServicesByServiceType
1219
+ summary: GetServicesByServiceType
1220
+ description: |
1221
+ The HTTP request `GET /services/{ServiceType}` is used to retrieve the list of participants
1222
+ that support a specified service.
1223
+ parameters:
1224
+ - $ref: '#/components/parameters/Accept'
1225
+ tags:
1226
+ - services
1227
+ responses:
1228
+ '202':
1229
+ $ref: '#/components/responses/202'
1230
+ '400':
1231
+ $ref: '#/components/responses/400'
1232
+ '401':
1233
+ $ref: '#/components/responses/401'
1234
+ '403':
1235
+ $ref: '#/components/responses/403'
1236
+ '404':
1237
+ $ref: '#/components/responses/404'
1238
+ '405':
1239
+ $ref: '#/components/responses/405'
1240
+ '406':
1241
+ $ref: '#/components/responses/406'
1242
+ '501':
1243
+ $ref: '#/components/responses/501'
1244
+ '503':
1245
+ $ref: '#/components/responses/503'
1246
+ put:
1247
+ description: |
1248
+ The HTTP request `PUT /services/{ServiceType}` is used to return list of participants
1249
+ that support a specified service.
1250
+ operationId: PutServicesByServiceType
1251
+ summary: PutServicesByServiceType
1252
+ tags:
1253
+ - services
1254
+ parameters:
1255
+ - $ref: '#/components/parameters/Content-Length'
1256
+ requestBody:
1257
+ required: true
1258
+ content:
1259
+ application/json:
1260
+ schema:
1261
+ $ref: '#/components/schemas/ServicesServiceTypePutResponse'
1262
+ responses:
1263
+ '200':
1264
+ $ref: '#/components/responses/200'
1265
+ '400':
1266
+ $ref: '#/components/responses/400'
1267
+ '401':
1268
+ $ref: '#/components/responses/401'
1269
+ '403':
1270
+ $ref: '#/components/responses/403'
1271
+ '404':
1272
+ $ref: '#/components/responses/404'
1273
+ '405':
1274
+ $ref: '#/components/responses/405'
1275
+ '406':
1276
+ $ref: '#/components/responses/406'
1277
+ '501':
1278
+ $ref: '#/components/responses/501'
1279
+ '503':
1280
+ $ref: '#/components/responses/503'
1281
+ /services/{ServiceType}/error:
1282
+ parameters:
1283
+ - $ref: '#/components/parameters/ServiceType'
1284
+ - $ref: '#/components/parameters/Content-Type'
1285
+ - $ref: '#/components/parameters/Date'
1286
+ - $ref: '#/components/parameters/X-Forwarded-For'
1287
+ - $ref: '#/components/parameters/FSPIOP-Source'
1288
+ - $ref: '#/components/parameters/FSPIOP-Destination'
1289
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
1290
+ - $ref: '#/components/parameters/FSPIOP-Signature'
1291
+ - $ref: '#/components/parameters/FSPIOP-URI'
1292
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
1293
+ put:
1294
+ description: |
1295
+ The HTTP request `PUT /services/{ServiceType}/error` is used to return error information
1296
+ operationId: PutServicesByServiceTypeAndError
1297
+ summary: PutServicesByServiceTypeAndError
1298
+ tags:
1299
+ - services
1300
+ parameters:
1301
+ - $ref: '#/components/parameters/Content-Length'
1302
+ requestBody:
1303
+ description: Details of the error returned.
1304
+ required: true
1305
+ content:
1306
+ application/json:
1307
+ schema:
1308
+ $ref: '#/components/schemas/ErrorInformationObject'
1309
+ responses:
1310
+ '200':
1311
+ $ref: '#/components/responses/200'
1312
+ '400':
1313
+ $ref: '#/components/responses/400'
1314
+ '401':
1315
+ $ref: '#/components/responses/401'
1316
+ '403':
1317
+ $ref: '#/components/responses/403'
1318
+ '404':
1319
+ $ref: '#/components/responses/404'
1320
+ '405':
1321
+ $ref: '#/components/responses/405'
1322
+ '406':
1323
+ $ref: '#/components/responses/406'
1324
+ '501':
1325
+ $ref: '#/components/responses/501'
1326
+ '503':
1327
+ $ref: '#/components/responses/503'
1328
+ /tppAuthorizations:
1329
+ parameters:
1330
+ - $ref: '#/components/parameters/Content-Type'
1331
+ - $ref: '#/components/parameters/Date'
1332
+ - $ref: '#/components/parameters/X-Forwarded-For'
1333
+ - $ref: '#/components/parameters/FSPIOP-Source'
1334
+ - $ref: '#/components/parameters/FSPIOP-Destination'
1335
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
1336
+ - $ref: '#/components/parameters/FSPIOP-Signature'
1337
+ - $ref: '#/components/parameters/FSPIOP-URI'
1338
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
1339
+ post:
1340
+ description: |
1341
+ The HTTP request **POST /tppAuthorizations** used by a Payer DFSP to request authorization from the Payer to make a payment.
1342
+ This use case is applicable when the Payer DFSP receives a request to pay (a Payee initiated payment) and chooses to authorize the payment through the third party provider.
1343
+ operationId: tppPostAuthorizations
1344
+ summary: tppPostAuthorizations
1345
+ tags:
1346
+ - authorizations
1347
+ parameters:
1348
+ - $ref: '#/components/parameters/Accept'
1349
+ - $ref: '#/components/parameters/Content-Length'
1350
+ requestBody:
1351
+ description: Authorization request details
1352
+ required: true
1353
+ content:
1354
+ application/json:
1355
+ schema:
1356
+ $ref: '#/components/schemas/tppAuthorizationsPostRequest'
1357
+ responses:
1358
+ '202':
1359
+ $ref: '#/components/responses/202'
1360
+ '400':
1361
+ $ref: '#/components/responses/400'
1362
+ '401':
1363
+ $ref: '#/components/responses/401'
1364
+ '403':
1365
+ $ref: '#/components/responses/403'
1366
+ '404':
1367
+ $ref: '#/components/responses/404'
1368
+ '405':
1369
+ $ref: '#/components/responses/405'
1370
+ '406':
1371
+ $ref: '#/components/responses/406'
1372
+ '501':
1373
+ $ref: '#/components/responses/501'
1374
+ '503':
1375
+ $ref: '#/components/responses/503'
1376
+ /tppAuthorizations/{ID}:
1377
+ parameters:
1378
+ - $ref: '#/components/parameters/ID'
1379
+ - $ref: '#/components/parameters/Content-Type'
1380
+ - $ref: '#/components/parameters/Date'
1381
+ - $ref: '#/components/parameters/X-Forwarded-For'
1382
+ - $ref: '#/components/parameters/FSPIOP-Source'
1383
+ - $ref: '#/components/parameters/FSPIOP-Destination'
1384
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
1385
+ - $ref: '#/components/parameters/FSPIOP-Signature'
1386
+ - $ref: '#/components/parameters/FSPIOP-URI'
1387
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
1388
+ get:
1389
+ description: |
1390
+ The HTTP request **GET /tppAuthorizations/**_{ID}_ is used to get information relating
1391
+ to a previously issued authorization request. The *{ID}* in the request should match the
1392
+ `authorizationRequestId` which was given when the authorization request was created.
1393
+ operationId: tppGetAuthorizationsById
1394
+ summary: ttpGetAuthorizationsById
1395
+ tags:
1396
+ - authorizations
1397
+ parameters:
1398
+ - $ref: '#/components/parameters/Accept'
1399
+ responses:
1400
+ '202':
1401
+ $ref: '#/components/responses/202'
1402
+ '400':
1403
+ $ref: '#/components/responses/400'
1404
+ '401':
1405
+ $ref: '#/components/responses/401'
1406
+ '403':
1407
+ $ref: '#/components/responses/403'
1408
+ '404':
1409
+ $ref: '#/components/responses/404'
1410
+ '405':
1411
+ $ref: '#/components/responses/405'
1412
+ '406':
1413
+ $ref: '#/components/responses/406'
1414
+ '501':
1415
+ $ref: '#/components/responses/501'
1416
+ '503':
1417
+ $ref: '#/components/responses/503'
1418
+ put:
1419
+ description: |
1420
+ After receiving the **POST /tppAuthorizations**, the PISP will present the details of the
1421
+ transaction to their user, and request that the client sign the `challenge` field using the credential
1422
+ they previously registered.
1423
+
1424
+ The signed challenge will be sent back by the PISP in **PUT /tppAuthorizations/**_{ID}_:
1425
+ operationId: tppPutAuthorizationsById
1426
+ summary: tppPutAuthorizationsById
1427
+ tags:
1428
+ - authorizations
1429
+ parameters:
1430
+ - $ref: '#/components/parameters/Content-Length'
1431
+ requestBody:
1432
+ description: Signed authorization object
1433
+ required: true
1434
+ content:
1435
+ application/json:
1436
+ schema:
1437
+ oneOf:
1438
+ - $ref: '#/components/schemas/tppAuthorizationsIDPutResponseRejected'
1439
+ - $ref: '#/components/schemas/tppAuthorizationsIDPutResponseFIDO'
1440
+ - $ref: '#/components/schemas/tppAuthorizationsIDPutResponseGeneric'
1441
+ responses:
1442
+ '200':
1443
+ $ref: '#/components/responses/200'
1444
+ '400':
1445
+ $ref: '#/components/responses/400'
1446
+ '401':
1447
+ $ref: '#/components/responses/401'
1448
+ '403':
1449
+ $ref: '#/components/responses/403'
1450
+ '404':
1451
+ $ref: '#/components/responses/404'
1452
+ '405':
1453
+ $ref: '#/components/responses/405'
1454
+ '406':
1455
+ $ref: '#/components/responses/406'
1456
+ '501':
1457
+ $ref: '#/components/responses/501'
1458
+ '503':
1459
+ $ref: '#/components/responses/503'
1460
+ /tppAuthorizations/{ID}/error:
1461
+ parameters:
1462
+ - $ref: '#/components/parameters/ID'
1463
+ - $ref: '#/components/parameters/Content-Type'
1464
+ - $ref: '#/components/parameters/Date'
1465
+ - $ref: '#/components/parameters/X-Forwarded-For'
1466
+ - $ref: '#/components/parameters/FSPIOP-Source'
1467
+ - $ref: '#/components/parameters/FSPIOP-Destination'
1468
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
1469
+ - $ref: '#/components/parameters/FSPIOP-Signature'
1470
+ - $ref: '#/components/parameters/FSPIOP-URI'
1471
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
1472
+ put:
1473
+ tags:
1474
+ - authorizations
1475
+ operationId: tppAuthorizationsByIdAndError
1476
+ summary: tppAuthorizationsByIdAndError
1477
+ description: |
1478
+ The HTTP request `PUT /tppAuthorizations/{ID}/error` is used by the DFSP or PISP to inform
1479
+ the other party that something went wrong with a Thirdparty Transaction Authorization Request.
1480
+
1481
+ The PISP may use this to tell the DFSP that the Thirdparty Transaction Authorization Request is invalid or doesn't
1482
+ match a `transactionRequestId`.
1483
+
1484
+ The DFSP may use this to tell the PISP that the signed challenge returned in `PUT /tppAuthorizations/{ID}`
1485
+ was invalid.
1486
+ parameters:
1487
+ - $ref: '#/components/parameters/Content-Length'
1488
+ requestBody:
1489
+ description: Error information returned.
1490
+ required: true
1491
+ content:
1492
+ application/json:
1493
+ schema:
1494
+ $ref: '#/components/schemas/ErrorInformationObject'
1495
+ responses:
1496
+ '200':
1497
+ $ref: '#/components/responses/200'
1498
+ '400':
1499
+ $ref: '#/components/responses/400'
1500
+ '401':
1501
+ $ref: '#/components/responses/401'
1502
+ '403':
1503
+ $ref: '#/components/responses/403'
1504
+ '404':
1505
+ $ref: '#/components/responses/404'
1506
+ '405':
1507
+ $ref: '#/components/responses/405'
1508
+ '406':
1509
+ $ref: '#/components/responses/406'
1510
+ '501':
1511
+ $ref: '#/components/responses/501'
1512
+ '503':
1513
+ $ref: '#/components/responses/503'
1514
+ /tppVerifications:
1515
+ parameters:
1516
+ - $ref: '#/components/parameters/Content-Type'
1517
+ - $ref: '#/components/parameters/Date'
1518
+ - $ref: '#/components/parameters/X-Forwarded-For'
1519
+ - $ref: '#/components/parameters/FSPIOP-Source'
1520
+ - $ref: '#/components/parameters/FSPIOP-Destination'
1521
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
1522
+ - $ref: '#/components/parameters/FSPIOP-Signature'
1523
+ - $ref: '#/components/parameters/FSPIOP-URI'
1524
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
1525
+ post:
1526
+ tags:
1527
+ - verifications
1528
+ operationId: tppPostVerifications
1529
+ summary: tppPostVerifications
1530
+ description: |
1531
+ The HTTP request `POST /tppVerifications` is used by the DFSP to verify a third party authorization in cases where the authentication service to be used is implemented by the switch and not internally by the DFSP.
1532
+ parameters:
1533
+ - $ref: '#/components/parameters/Accept'
1534
+ - $ref: '#/components/parameters/Content-Length'
1535
+ requestBody:
1536
+ description: The thirdparty authorization details to verify
1537
+ required: true
1538
+ content:
1539
+ application/json:
1540
+ schema:
1541
+ oneOf:
1542
+ - $ref: '#/components/schemas/tppVerificationsPostRequestFIDO'
1543
+ - $ref: '#/components/schemas/tppVerificationsPostRequestGeneric'
1544
+ responses:
1545
+ '202':
1546
+ $ref: '#/components/responses/202'
1547
+ '400':
1548
+ $ref: '#/components/responses/400'
1549
+ '401':
1550
+ $ref: '#/components/responses/401'
1551
+ '403':
1552
+ $ref: '#/components/responses/403'
1553
+ '404':
1554
+ $ref: '#/components/responses/404'
1555
+ '405':
1556
+ $ref: '#/components/responses/405'
1557
+ '406':
1558
+ $ref: '#/components/responses/406'
1559
+ '501':
1560
+ $ref: '#/components/responses/501'
1561
+ '503':
1562
+ $ref: '#/components/responses/503'
1563
+ /tppVerifications/{ID}:
1564
+ parameters:
1565
+ - $ref: '#/components/parameters/ID'
1566
+ - $ref: '#/components/parameters/Content-Type'
1567
+ - $ref: '#/components/parameters/Date'
1568
+ - $ref: '#/components/parameters/X-Forwarded-For'
1569
+ - $ref: '#/components/parameters/FSPIOP-Source'
1570
+ - $ref: '#/components/parameters/FSPIOP-Destination'
1571
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
1572
+ - $ref: '#/components/parameters/FSPIOP-Signature'
1573
+ - $ref: '#/components/parameters/FSPIOP-URI'
1574
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
1575
+ get:
1576
+ tags:
1577
+ - verifications
1578
+ operationId: tppGetVerificationsById
1579
+ summary: tppGetVerificationsById
1580
+ description: |
1581
+ The HTTP request `/tppVerifications/{ID}` is used to get
1582
+ information regarding a previously created or requested authorization. The *{ID}*
1583
+ in the URI should contain the verification request ID
1584
+ parameters:
1585
+ - $ref: '#/components/parameters/Accept'
1586
+ responses:
1587
+ '202':
1588
+ $ref: '#/components/responses/202'
1589
+ '400':
1590
+ $ref: '#/components/responses/400'
1591
+ '401':
1592
+ $ref: '#/components/responses/401'
1593
+ '403':
1594
+ $ref: '#/components/responses/403'
1595
+ '404':
1596
+ $ref: '#/components/responses/404'
1597
+ '405':
1598
+ $ref: '#/components/responses/405'
1599
+ '406':
1600
+ $ref: '#/components/responses/406'
1601
+ '501':
1602
+ $ref: '#/components/responses/501'
1603
+ '503':
1604
+ $ref: '#/components/responses/503'
1605
+ put:
1606
+ tags:
1607
+ - verifications
1608
+ operationId: tppPutVerificationsById
1609
+ summary: tppPutVerificationsById
1610
+ description: |-
1611
+ The HTTP request `PUT /tppVerifications/{ID}` is used by the Auth-Service to inform the DFSP of a successful result in validating the verification of a Thirdparty Transaction Request.
1612
+ If the validation fails, the auth-service will send back `PUT /tppVerifications/{ID}` with `authenticationResponse: 'REJECTED'`.
1613
+ In unplanned error cases the Auth-Service MUST use `PUT /tppVerifications/{ID}/error`.
1614
+ parameters:
1615
+ - $ref: '#/components/parameters/Content-Length'
1616
+ requestBody:
1617
+ description: The result of validating the Thirdparty Transaction Request
1618
+ required: true
1619
+ content:
1620
+ application/json:
1621
+ schema:
1622
+ $ref: '#/components/schemas/tppVerificationsIDPutResponse'
1623
+ example:
1624
+ authenticationResponse: VERIFIED
1625
+ responses:
1626
+ '200':
1627
+ $ref: '#/components/responses/200'
1628
+ '400':
1629
+ $ref: '#/components/responses/400'
1630
+ '401':
1631
+ $ref: '#/components/responses/401'
1632
+ '403':
1633
+ $ref: '#/components/responses/403'
1634
+ '404':
1635
+ $ref: '#/components/responses/404'
1636
+ '405':
1637
+ $ref: '#/components/responses/405'
1638
+ '406':
1639
+ $ref: '#/components/responses/406'
1640
+ '501':
1641
+ $ref: '#/components/responses/501'
1642
+ '503':
1643
+ $ref: '#/components/responses/503'
1644
+ /tppVerifications/{ID}/error:
1645
+ parameters:
1646
+ - $ref: '#/components/parameters/ID'
1647
+ - $ref: '#/components/parameters/Content-Type'
1648
+ - $ref: '#/components/parameters/Date'
1649
+ - $ref: '#/components/parameters/X-Forwarded-For'
1650
+ - $ref: '#/components/parameters/FSPIOP-Source'
1651
+ - $ref: '#/components/parameters/FSPIOP-Destination'
1652
+ - $ref: '#/components/parameters/FSPIOP-Encryption'
1653
+ - $ref: '#/components/parameters/FSPIOP-Signature'
1654
+ - $ref: '#/components/parameters/FSPIOP-URI'
1655
+ - $ref: '#/components/parameters/FSPIOP-HTTP-Method'
1656
+ put:
1657
+ tags:
1658
+ - verifications
1659
+ operationId: tppPutVerificationsByIdAndError
1660
+ summary: tppPutVerificationsByIdAndError
1661
+ description: |
1662
+ The HTTP request `PUT /tppVerifications/{ID}/error` is used by the Auth-Service to inform
1663
+ the DFSP of a failure in validating or looking up the verification of a Thirdparty Transaction Request.
1664
+ parameters:
1665
+ - $ref: '#/components/parameters/Content-Length'
1666
+ requestBody:
1667
+ description: Error information returned.
1668
+ required: true
1669
+ content:
1670
+ application/json:
1671
+ schema:
1672
+ $ref: '#/components/schemas/ErrorInformationObject'
1673
+ responses:
1674
+ '200':
1675
+ $ref: '#/components/responses/200'
1676
+ '400':
1677
+ $ref: '#/components/responses/400'
1678
+ '401':
1679
+ $ref: '#/components/responses/401'
1680
+ '403':
1681
+ $ref: '#/components/responses/403'
1682
+ '404':
1683
+ $ref: '#/components/responses/404'
1684
+ '405':
1685
+ $ref: '#/components/responses/405'
1686
+ '406':
1687
+ $ref: '#/components/responses/406'
1688
+ '501':
1689
+ $ref: '#/components/responses/501'
1690
+ '503':
1691
+ $ref: '#/components/responses/503'
1692
+ components:
1693
+ schemas:
1694
+ PartyIdType:
1695
+ title: PartyIdType
1696
+ type: string
1697
+ enum:
1698
+ - MSISDN
1699
+ - EMAIL
1700
+ - PERSONAL_ID
1701
+ - BUSINESS
1702
+ - DEVICE
1703
+ - ACCOUNT_ID
1704
+ - IBAN
1705
+ - ALIAS
1706
+ - CONSENT
1707
+ - THIRD_PARTY_LINK
1708
+ description: |
1709
+ Below are the allowed values for the enumeration.
1710
+ - MSISDN - An MSISDN (Mobile Station International Subscriber Directory
1711
+ Number, that is, the phone number) is used as reference to a participant.
1712
+ The MSISDN identifier should be in international format according to the
1713
+ [ITU-T E.164 standard](https://www.itu.int/rec/T-REC-E.164/en).
1714
+ Optionally, the MSISDN may be prefixed by a single plus sign, indicating the
1715
+ international prefix.
1716
+ - EMAIL - An email is used as reference to a
1717
+ participant. The format of the email should be according to the informational
1718
+ [RFC 3696](https://tools.ietf.org/html/rfc3696).
1719
+ - PERSONAL_ID - A personal identifier is used as reference to a participant.
1720
+ Examples of personal identification are passport number, birth certificate
1721
+ number, and national registration number. The identifier number is added in
1722
+ the PartyIdentifier element. The personal identifier type is added in the
1723
+ PartySubIdOrType element.
1724
+ - BUSINESS - A specific Business (for example, an organization or a company)
1725
+ is used as reference to a participant. The BUSINESS identifier can be in any
1726
+ format. To make a transaction connected to a specific username or bill number
1727
+ in a Business, the PartySubIdOrType element should be used.
1728
+ - DEVICE - A specific device (for example, a POS or ATM) ID connected to a
1729
+ specific business or organization is used as reference to a Party.
1730
+ For referencing a specific device under a specific business or organization,
1731
+ use the PartySubIdOrType element.
1732
+ - ACCOUNT_ID - A bank account number or FSP account ID should be used as
1733
+ reference to a participant. The ACCOUNT_ID identifier can be in any format,
1734
+ as formats can greatly differ depending on country and FSP.
1735
+ - IBAN - A bank account number or FSP account ID is used as reference to a
1736
+ participant. The IBAN identifier can consist of up to 34 alphanumeric
1737
+ characters and should be entered without whitespace.
1738
+ - ALIAS An alias is used as reference to a participant. The alias should be
1739
+ created in the FSP as an alternative reference to an account owner.
1740
+ Another example of an alias is a username in the FSP system.
1741
+ The ALIAS identifier can be in any format. It is also possible to use the
1742
+ PartySubIdOrType element for identifying an account under an Alias defined
1743
+ by the PartyIdentifier.
1744
+ - CONSENT - A Consent represents an agreement between a PISP, a Customer and
1745
+ a DFSP which allows the PISP permission to perform actions on behalf of the
1746
+ customer. A Consent has an authoritative source: either the DFSP who issued
1747
+ the Consent, or an Auth Service which administers the Consent.
1748
+ - THIRD_PARTY_LINK - A Third Party Link represents an agreement between a PISP,
1749
+ a DFSP, and a specific Customer's account at the DFSP. The content of the link
1750
+ is created by the DFSP at the time when it gives permission to the PISP for
1751
+ specific access to a given account.
1752
+ example: PERSONAL_ID
1753
+ PartyIdentifier:
1754
+ title: PartyIdentifier
1755
+ type: string
1756
+ minLength: 1
1757
+ maxLength: 128
1758
+ description: Identifier of the Party.
1759
+ example: '16135551212'
1760
+ PartySubIdOrType:
1761
+ title: PartySubIdOrType
1762
+ type: string
1763
+ minLength: 1
1764
+ maxLength: 128
1765
+ description: Either a sub-identifier of a PartyIdentifier, or a sub-type of the PartyIdType, normally a PersonalIdentifierType.
1766
+ FspId:
1767
+ title: FspId
1768
+ type: string
1769
+ minLength: 1
1770
+ maxLength: 32
1771
+ description: FSP identifier.
1772
+ ExtensionKey:
1773
+ title: ExtensionKey
1774
+ type: string
1775
+ minLength: 1
1776
+ maxLength: 32
1777
+ description: Extension key.
1778
+ ExtensionValue:
1779
+ title: ExtensionValue
1780
+ type: string
1781
+ minLength: 1
1782
+ maxLength: 128
1783
+ description: Extension value.
1784
+ Extension:
1785
+ title: Extension
1786
+ type: object
1787
+ additionalProperties: false
1788
+ description: Data model for the complex type Extension.
1789
+ properties:
1790
+ key:
1791
+ $ref: '#/components/schemas/ExtensionKey'
1792
+ value:
1793
+ $ref: '#/components/schemas/ExtensionValue'
1794
+ required:
1795
+ - key
1796
+ - value
1797
+ ExtensionList:
1798
+ title: ExtensionList
1799
+ type: object
1800
+ additionalProperties: false
1801
+ description: Data model for the complex type ExtensionList. An optional list of extensions, specific to deployment.
1802
+ properties:
1803
+ extension:
1804
+ type: array
1805
+ items:
1806
+ $ref: '#/components/schemas/Extension'
1807
+ minItems: 1
1808
+ maxItems: 16
1809
+ description: Number of Extension elements.
1810
+ required:
1811
+ - extension
1812
+ PartyIdInfo:
1813
+ title: PartyIdInfo
1814
+ type: object
1815
+ description: Data model for the complex type PartyIdInfo.
1816
+ properties:
1817
+ partyIdType:
1818
+ $ref: '#/components/schemas/PartyIdType'
1819
+ partyIdentifier:
1820
+ $ref: '#/components/schemas/PartyIdentifier'
1821
+ partySubIdOrType:
1822
+ $ref: '#/components/schemas/PartySubIdOrType'
1823
+ fspId:
1824
+ $ref: '#/components/schemas/FspId'
1825
+ extensionList:
1826
+ $ref: '#/components/schemas/ExtensionList'
1827
+ required:
1828
+ - partyIdType
1829
+ - partyIdentifier
1830
+ ErrorCode:
1831
+ title: ErrorCode
1832
+ type: string
1833
+ pattern: ^[1-9]\d{3}$
1834
+ description: The API data type ErrorCode is a JSON String of four characters, consisting of digits only. Negative numbers are not allowed. A leading zero is not allowed. Each error code in the API is a four-digit number, for example, 1234, where the first number (1 in the example) represents the high-level error category, the second number (2 in the example) represents the low-level error category, and the last two numbers (34 in the example) represent the specific error.
1835
+ example: '5100'
1836
+ ErrorDescription:
1837
+ title: ErrorDescription
1838
+ type: string
1839
+ minLength: 1
1840
+ maxLength: 128
1841
+ description: Error description string.
1842
+ ErrorInformation:
1843
+ title: ErrorInformation
1844
+ type: object
1845
+ additionalProperties: false
1846
+ description: Data model for the complex type ErrorInformation.
1847
+ properties:
1848
+ errorCode:
1849
+ $ref: '#/components/schemas/ErrorCode'
1850
+ errorDescription:
1851
+ $ref: '#/components/schemas/ErrorDescription'
1852
+ extensionList:
1853
+ $ref: '#/components/schemas/ExtensionList'
1854
+ required:
1855
+ - errorCode
1856
+ - errorDescription
1857
+ PartyResult:
1858
+ title: PartyResult
1859
+ type: object
1860
+ description: Data model for the complex type PartyResult.
1861
+ properties:
1862
+ partyId:
1863
+ $ref: '#/components/schemas/PartyIdInfo'
1864
+ errorInformation:
1865
+ $ref: '#/components/schemas/ErrorInformation'
1866
+ required:
1867
+ - partyId
1868
+ Currency:
1869
+ title: Currency
1870
+ description: The currency codes defined in [ISO 4217](https://www.iso.org/iso-4217-currency-codes.html) as three-letter alphabetic codes are used as the standard naming representation for currencies.
1871
+ type: string
1872
+ minLength: 3
1873
+ maxLength: 3
1874
+ enum:
1875
+ - AED
1876
+ - AFN
1877
+ - ALL
1878
+ - AMD
1879
+ - ANG
1880
+ - AOA
1881
+ - ARS
1882
+ - AUD
1883
+ - AWG
1884
+ - AZN
1885
+ - BAM
1886
+ - BBD
1887
+ - BDT
1888
+ - BGN
1889
+ - BHD
1890
+ - BIF
1891
+ - BMD
1892
+ - BND
1893
+ - BOB
1894
+ - BRL
1895
+ - BSD
1896
+ - BTN
1897
+ - BWP
1898
+ - BYN
1899
+ - BZD
1900
+ - CAD
1901
+ - CDF
1902
+ - CHF
1903
+ - CLP
1904
+ - CNY
1905
+ - COP
1906
+ - CRC
1907
+ - CUC
1908
+ - CUP
1909
+ - CVE
1910
+ - CZK
1911
+ - DJF
1912
+ - DKK
1913
+ - DOP
1914
+ - DZD
1915
+ - EGP
1916
+ - ERN
1917
+ - ETB
1918
+ - EUR
1919
+ - FJD
1920
+ - FKP
1921
+ - GBP
1922
+ - GEL
1923
+ - GGP
1924
+ - GHS
1925
+ - GIP
1926
+ - GMD
1927
+ - GNF
1928
+ - GTQ
1929
+ - GYD
1930
+ - HKD
1931
+ - HNL
1932
+ - HRK
1933
+ - HTG
1934
+ - HUF
1935
+ - IDR
1936
+ - ILS
1937
+ - IMP
1938
+ - INR
1939
+ - IQD
1940
+ - IRR
1941
+ - ISK
1942
+ - JEP
1943
+ - JMD
1944
+ - JOD
1945
+ - JPY
1946
+ - KES
1947
+ - KGS
1948
+ - KHR
1949
+ - KMF
1950
+ - KPW
1951
+ - KRW
1952
+ - KWD
1953
+ - KYD
1954
+ - KZT
1955
+ - LAK
1956
+ - LBP
1957
+ - LKR
1958
+ - LRD
1959
+ - LSL
1960
+ - LYD
1961
+ - MAD
1962
+ - MDL
1963
+ - MGA
1964
+ - MKD
1965
+ - MMK
1966
+ - MNT
1967
+ - MOP
1968
+ - MRO
1969
+ - MUR
1970
+ - MVR
1971
+ - MWK
1972
+ - MXN
1973
+ - MYR
1974
+ - MZN
1975
+ - NAD
1976
+ - NGN
1977
+ - NIO
1978
+ - NOK
1979
+ - NPR
1980
+ - NZD
1981
+ - OMR
1982
+ - PAB
1983
+ - PEN
1984
+ - PGK
1985
+ - PHP
1986
+ - PKR
1987
+ - PLN
1988
+ - PYG
1989
+ - QAR
1990
+ - RON
1991
+ - RSD
1992
+ - RUB
1993
+ - RWF
1994
+ - SAR
1995
+ - SBD
1996
+ - SCR
1997
+ - SDG
1998
+ - SEK
1999
+ - SGD
2000
+ - SHP
2001
+ - SLL
2002
+ - SOS
2003
+ - SPL
2004
+ - SRD
2005
+ - STD
2006
+ - SVC
2007
+ - SYP
2008
+ - SZL
2009
+ - THB
2010
+ - TJS
2011
+ - TMT
2012
+ - TND
2013
+ - TOP
2014
+ - TRY
2015
+ - TTD
2016
+ - TVD
2017
+ - TWD
2018
+ - TZS
2019
+ - UAH
2020
+ - UGX
2021
+ - USD
2022
+ - UYU
2023
+ - UZS
2024
+ - VEF
2025
+ - VND
2026
+ - VUV
2027
+ - WST
2028
+ - XAF
2029
+ - XCD
2030
+ - XDR
2031
+ - XOF
2032
+ - XPF
2033
+ - XTS
2034
+ - XXX
2035
+ - YER
2036
+ - ZAR
2037
+ - ZMW
2038
+ - ZWD
2039
+ ParticipantsIDPutResponse:
2040
+ title: ParticipantsIDPutResponse
2041
+ type: object
2042
+ description: The object sent in the PUT /participants/{ID} callback.
2043
+ properties:
2044
+ partyList:
2045
+ type: array
2046
+ items:
2047
+ $ref: '#/components/schemas/PartyResult'
2048
+ minItems: 1
2049
+ maxItems: 10000
2050
+ description: List of PartyResult elements that were either created or failed to be created.
2051
+ currency:
2052
+ $ref: '#/components/schemas/Currency'
2053
+ required:
2054
+ - partyList
2055
+ MerchantClassificationCode:
2056
+ title: MerchantClassificationCode
2057
+ type: string
2058
+ pattern: ^[\d]{1,4}$
2059
+ description: A limited set of pre-defined numbers. This list would be a limited set of numbers identifying a set of popular merchant types like School Fees, Pubs and Restaurants, Groceries, etc.
2060
+ PartyName:
2061
+ title: PartyName
2062
+ type: string
2063
+ minLength: 1
2064
+ maxLength: 128
2065
+ description: Name of the Party. Could be a real name or a nickname.
2066
+ FirstName:
2067
+ title: FirstName
2068
+ type: string
2069
+ minLength: 1
2070
+ maxLength: 128
2071
+ pattern: ^(?!\s*$)[\p{L}\p{gc=Mark}\p{digit}\p{gc=Connector_Punctuation}\p{Join_Control} .,''-]{1,128}$
2072
+ description: First name of the Party (Name Type).
2073
+ example: Henrik
2074
+ MiddleName:
2075
+ title: MiddleName
2076
+ type: string
2077
+ minLength: 1
2078
+ maxLength: 128
2079
+ pattern: ^(?!\s*$)[\p{L}\p{gc=Mark}\p{digit}\p{gc=Connector_Punctuation}\p{Join_Control} .,''-]{1,128}$
2080
+ description: Middle name of the Party (Name Type).
2081
+ example: Johannes
2082
+ LastName:
2083
+ title: LastName
2084
+ type: string
2085
+ minLength: 1
2086
+ maxLength: 128
2087
+ pattern: ^(?!\s*$)[\p{L}\p{gc=Mark}\p{digit}\p{gc=Connector_Punctuation}\p{Join_Control} .,''-]{1,128}$
2088
+ description: Last name of the Party (Name Type).
2089
+ example: Karlsson
2090
+ PartyComplexName:
2091
+ title: PartyComplexName
2092
+ type: object
2093
+ additionalProperties: false
2094
+ description: Data model for the complex type PartyComplexName.
2095
+ properties:
2096
+ firstName:
2097
+ $ref: '#/components/schemas/FirstName'
2098
+ middleName:
2099
+ $ref: '#/components/schemas/MiddleName'
2100
+ lastName:
2101
+ $ref: '#/components/schemas/LastName'
2102
+ DateOfBirth:
2103
+ title: DateofBirth (type Date)
2104
+ type: string
2105
+ pattern: ^(?:[1-9]\d{3}-(?:(?:0[1-9]|1[0-2])-(?:0[1-9]|1\d|2[0-8])|(?:0[13-9]|1[0-2])-(?:29|30)|(?:0[13578]|1[02])-31)|(?:[1-9]\d(?:0[48]|[2468][048]|[13579][26])|(?:[2468][048]|[13579][26])00)-02-29)$
2106
+ description: Date of Birth of the Party.
2107
+ example: '1966-06-16'
2108
+ KYCInformation:
2109
+ title: KYCInformation
2110
+ type: string
2111
+ minLength: 1
2112
+ maxLength: 2048
2113
+ description: KYC information for the party in a form mandated by an individual scheme.
2114
+ example: |-
2115
+ {
2116
+ "metadata": {
2117
+ "format": "JSON",
2118
+ "version": "1.0",
2119
+ "description": "Data containing KYC Information"
2120
+ },
2121
+ "data": {
2122
+ "name": "John Doe",
2123
+ "dob": "1980-05-15",
2124
+ "gender": "Male",
2125
+ "address": "123 Main Street, Anytown, USA",
2126
+ "email": "johndoe@example.com",
2127
+ "phone": "+1 555-123-4567",
2128
+ "nationality": "US",
2129
+ "passport_number": "AB1234567",
2130
+ "issue_date": "2010-02-20",
2131
+ "expiry_date": "2025-02-20",
2132
+ "bank_account_number": "1234567890",
2133
+ "bank_name": "Example Bank",
2134
+ "employer": "ABC Company",
2135
+ "occupation": "Software Engineer",
2136
+ "income": "$80,000 per year",
2137
+ "marital_status": "Single",
2138
+ "dependents": 0,
2139
+ "risk_level": "Low"
2140
+ }
2141
+ }
2142
+ PartyPersonalInfo:
2143
+ title: PartyPersonalInfo
2144
+ type: object
2145
+ additionalProperties: false
2146
+ description: Data model for the complex type PartyPersonalInfo.
2147
+ properties:
2148
+ complexName:
2149
+ $ref: '#/components/schemas/PartyComplexName'
2150
+ dateOfBirth:
2151
+ $ref: '#/components/schemas/DateOfBirth'
2152
+ kycInformation:
2153
+ $ref: '#/components/schemas/KYCInformation'
2154
+ Party:
2155
+ title: Party
2156
+ type: object
2157
+ description: Data model for the complex type Party.
2158
+ properties:
2159
+ partyIdInfo:
2160
+ $ref: '#/components/schemas/PartyIdInfo'
2161
+ merchantClassificationCode:
2162
+ $ref: '#/components/schemas/MerchantClassificationCode'
2163
+ name:
2164
+ $ref: '#/components/schemas/PartyName'
2165
+ personalInfo:
2166
+ $ref: '#/components/schemas/PartyPersonalInfo'
2167
+ required:
2168
+ - partyIdInfo
2169
+ PartiesTypeIDPutResponse:
2170
+ title: PartiesTypeIDPutResponse
2171
+ type: object
2172
+ description: |
2173
+ The object sent in the PUT /parties/{Type}/{ID} callback.
2174
+
2175
+ This is a variant based on FSPIOP `PartiesTypeIDPutResponse` specification.
2176
+ Main difference being that it returns a `Party` with the newly added
2177
+ `accounts` property.
2178
+ properties:
2179
+ party:
2180
+ $ref: '#/components/schemas/Party'
2181
+ required:
2182
+ - party
2183
+ Amount:
2184
+ title: Amount
2185
+ type: string
2186
+ pattern: ^([0]|([1-9][0-9]{0,17}))([.][0-9]{0,3}[1-9])?$
2187
+ description: The API data type Amount is a JSON String in a canonical format that is restricted by a regular expression for interoperability reasons. This pattern does not allow any trailing zeroes at all, but allows an amount without a minor currency unit. It also only allows four digits in the minor currency unit; a negative value is not allowed. Using more than 18 digits in the major currency unit is not allowed.
2188
+ example: '123.45'
2189
+ Money:
2190
+ title: Money
2191
+ type: object
2192
+ additionalProperties: false
2193
+ description: Data model for the complex type Money.
2194
+ properties:
2195
+ currency:
2196
+ $ref: '#/components/schemas/Currency'
2197
+ amount:
2198
+ $ref: '#/components/schemas/Amount'
2199
+ required:
2200
+ - currency
2201
+ - amount
2202
+ DateTime:
2203
+ title: DateTime
2204
+ type: string
2205
+ pattern: ^(?:[1-9]\d{3}-(?:(?:0[1-9]|1[0-2])-(?:0[1-9]|1\d|2[0-8])|(?:0[13-9]|1[0-2])-(?:29|30)|(?:0[13578]|1[02])-31)|(?:[1-9]\d(?:0[48]|[2468][048]|[13579][26])|(?:[2468][048]|[13579][26])00)-02-29)T(?:[01]\d|2[0-3]):[0-5]\d:[0-5]\d(?:(\.\d{3}))(?:Z|[+-][01]\d:[0-5]\d)$
2206
+ description: The API data type DateTime is a JSON String in a lexical format that is restricted by a regular expression for interoperability reasons. The format is according to [ISO 8601](https://www.iso.org/iso-8601-date-and-time-format.html), expressed in a combined date, time and time zone format. A more readable version of the format is yyyy-MM-ddTHH:mm:ss.SSS[-HH:MM]. Examples are "2016-05-24T08:38:08.699-04:00", "2016-05-24T08:38:08.699Z" (where Z indicates Zulu time zone, same as UTC).
2207
+ example: '2016-05-24T08:38:08.699-04:00'
2208
+ Latitude:
2209
+ title: Latitude
2210
+ type: string
2211
+ pattern: ^(\+|-)?(?:90(?:(?:\.0{1,6})?)|(?:[0-9]|[1-8][0-9])(?:(?:\.[0-9]{1,6})?))$
2212
+ description: The API data type Latitude is a JSON String in a lexical format that is restricted by a regular expression for interoperability reasons.
2213
+ example: '+45.4215'
2214
+ Longitude:
2215
+ title: Longitude
2216
+ type: string
2217
+ pattern: ^(\+|-)?(?:180(?:(?:\.0{1,6})?)|(?:[0-9]|[1-9][0-9]|1[0-7][0-9])(?:(?:\.[0-9]{1,6})?))$
2218
+ description: The API data type Longitude is a JSON String in a lexical format that is restricted by a regular expression for interoperability reasons.
2219
+ example: '+75.6972'
2220
+ GeoCode:
2221
+ title: GeoCode
2222
+ type: object
2223
+ additionalProperties: false
2224
+ description: Data model for the complex type GeoCode. Indicates the geographic location from where the transaction was initiated.
2225
+ properties:
2226
+ latitude:
2227
+ $ref: '#/components/schemas/Latitude'
2228
+ longitude:
2229
+ $ref: '#/components/schemas/Longitude'
2230
+ required:
2231
+ - latitude
2232
+ - longitude
2233
+ IlpPacket:
2234
+ title: IlpPacket
2235
+ type: string
2236
+ pattern: ^[A-Za-z0-9-_]+[=]{0,2}$
2237
+ minLength: 1
2238
+ maxLength: 32768
2239
+ description: Information for recipient (transport layer information).
2240
+ example: AYIBgQAAAAAAAASwNGxldmVsb25lLmRmc3AxLm1lci45T2RTOF81MDdqUUZERmZlakgyOVc4bXFmNEpLMHlGTFGCAUBQU0svMS4wCk5vbmNlOiB1SXlweUYzY3pYSXBFdzVVc05TYWh3CkVuY3J5cHRpb246IG5vbmUKUGF5bWVudC1JZDogMTMyMzZhM2ItOGZhOC00MTYzLTg0NDctNGMzZWQzZGE5OGE3CgpDb250ZW50LUxlbmd0aDogMTM1CkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbgpTZW5kZXItSWRlbnRpZmllcjogOTI4MDYzOTEKCiJ7XCJmZWVcIjowLFwidHJhbnNmZXJDb2RlXCI6XCJpbnZvaWNlXCIsXCJkZWJpdE5hbWVcIjpcImFsaWNlIGNvb3BlclwiLFwiY3JlZGl0TmFtZVwiOlwibWVyIGNoYW50XCIsXCJkZWJpdElkZW50aWZpZXJcIjpcIjkyODA2MzkxXCJ9IgA
2241
+ IlpCondition:
2242
+ title: IlpCondition
2243
+ type: string
2244
+ pattern: ^[A-Za-z0-9-_]{43}$
2245
+ maxLength: 48
2246
+ description: Condition that must be attached to the transfer by the Payer.
2247
+ QuotesIDPutResponse:
2248
+ title: QuotesIDPutResponse
2249
+ type: object
2250
+ additionalProperties: false
2251
+ description: The object sent in the PUT /quotes/{ID} callback.
2252
+ properties:
2253
+ transferAmount:
2254
+ $ref: '#/components/schemas/Money'
2255
+ payeeReceiveAmount:
2256
+ $ref: '#/components/schemas/Money'
2257
+ payeeFspFee:
2258
+ $ref: '#/components/schemas/Money'
2259
+ payeeFspCommission:
2260
+ $ref: '#/components/schemas/Money'
2261
+ expiration:
2262
+ $ref: '#/components/schemas/DateTime'
2263
+ geoCode:
2264
+ $ref: '#/components/schemas/GeoCode'
2265
+ ilpPacket:
2266
+ $ref: '#/components/schemas/IlpPacket'
2267
+ condition:
2268
+ $ref: '#/components/schemas/IlpCondition'
2269
+ extensionList:
2270
+ $ref: '#/components/schemas/ExtensionList'
2271
+ required:
2272
+ - transferAmount
2273
+ - expiration
2274
+ - ilpPacket
2275
+ - condition
2276
+ AuthorizationResponseType:
2277
+ title: AuthorizationResponseType
2278
+ description: |
2279
+ Enum containing authorization response information; if the customer
2280
+ accepted the terms of the transfer, or rejected the terms.
2281
+ type: string
2282
+ enum:
2283
+ - ACCEPTED
2284
+ - REJECTED
2285
+ ConsentStatusIssued:
2286
+ title: ConsentStatusIssued
2287
+ type: string
2288
+ enum:
2289
+ - ISSUED
2290
+ description: |-
2291
+ Allowed values for the enumeration ConsentStatus
2292
+ - ISSUED - The consent has been issued by the DFSP
2293
+ IlpFulfilment:
2294
+ title: IlpFulfilment
2295
+ type: string
2296
+ pattern: ^[A-Za-z0-9-_]{43}$
2297
+ maxLength: 48
2298
+ description: Fulfilment that must be attached to the transfer by the Payee.
2299
+ example: WLctttbu2HvTsa1XWvUoGRcQozHsqeu9Ahl2JW9Bsu8
2300
+ Integer:
2301
+ title: Integer
2302
+ type: string
2303
+ pattern: ^[1-9]\d*$
2304
+ description: The API data type Integer is a JSON String consisting of digits only. Negative numbers and leading zeroes are not allowed. The data type is always limited to a specific number of digits.
2305
+ Note:
2306
+ title: Note
2307
+ type: string
2308
+ minLength: 1
2309
+ maxLength: 128
2310
+ description: Memo assigned to transaction.
2311
+ example: Note sent to Payee.
2312
+ PartyIdTypeTPLink:
2313
+ title: PartyIdTypeTPLink
2314
+ type: string
2315
+ enum:
2316
+ - THIRD_PARTY_LINK
2317
+ description: |
2318
+ - THIRD_PARTY_LINK - is the DFSP's internal reference which allows DFSP to find out the corresponding consent
2319
+ example: PERSONAL_ID
2320
+ PartyIdInfoTPLink:
2321
+ title: PartyIdInfo
2322
+ type: object
2323
+ description: Data model for the complex type PartyIdInfo.
2324
+ properties:
2325
+ partyIdType:
2326
+ $ref: '#/components/schemas/PartyIdTypeTPLink'
2327
+ partyIdentifier:
2328
+ $ref: '#/components/schemas/PartyIdentifier'
2329
+ partySubIdOrType:
2330
+ $ref: '#/components/schemas/PartySubIdOrType'
2331
+ fspId:
2332
+ $ref: '#/components/schemas/FspId'
2333
+ extensionList:
2334
+ $ref: '#/components/schemas/ExtensionList'
2335
+ required:
2336
+ - partyIdType
2337
+ - partyIdentifier
2338
+ ServiceType:
2339
+ title: ServiceType
2340
+ type: string
2341
+ description: |-
2342
+ The ServiceType enumeration describes the types of role for which a DFSP may query using the /services resource.
2343
+ Below are the allowed values for the enumeration ServiceType - THIRD_PARTY_DFSP - Enum used to query for DFSPs that have thirdparty features enabled. - PISP - Enum used to query for PISPs. - AUTH_SERVICE - Participants which provide Authentication Services.
2344
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v2.0.0/api/thirdparty/data-models.md#3229-servicetype
2345
+ enum:
2346
+ - THIRD_PARTY_DFSP
2347
+ - PISP
2348
+ - AUTH_SERVICE
2349
+ CorrelationId:
2350
+ title: CorrelationId
2351
+ type: string
2352
+ pattern: ^[0-9a-f]{8}-[0-9a-f]{4}-[1-7][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$|^[0-9A-HJKMNP-TV-Z]{26}$
2353
+ description: Identifier that correlates all messages of the same sequence. The supported identifiers formats are for lowercase [UUID](https://datatracker.ietf.org/doc/html/rfc9562) and uppercase [ULID](https://github.com/ulid/spec)
2354
+ example: b51ec534-ee48-4575-b6a9-ead2955b8069
2355
+ ParticipantsPostRequest:
2356
+ title: ParticipantsPostRequest
2357
+ type: object
2358
+ description: The object sent in the POST /participants request.
2359
+ properties:
2360
+ requestId:
2361
+ $ref: '#/components/schemas/CorrelationId'
2362
+ partyList:
2363
+ type: array
2364
+ items:
2365
+ $ref: '#/components/schemas/PartyIdInfo'
2366
+ minItems: 1
2367
+ maxItems: 10000
2368
+ description: |
2369
+ List of PartyIdInfo elements that the client would like to update
2370
+ or create FSP information about.
2371
+ currency:
2372
+ $ref: '#/components/schemas/Currency'
2373
+ required:
2374
+ - requestId
2375
+ - partyList
2376
+ AmountType:
2377
+ title: AmountType
2378
+ type: string
2379
+ enum:
2380
+ - SEND
2381
+ - RECEIVE
2382
+ description: |-
2383
+ Below are the allowed values for the enumeration AmountType.
2384
+ - SEND - Amount the Payer would like to send, that is, the amount that should be withdrawn from the Payer account including any fees.
2385
+ - RECEIVE - Amount the Payer would like the Payee to receive, that is, the amount that should be sent to the receiver exclusive of any fees.
2386
+ example: RECEIVE
2387
+ TransactionScenario:
2388
+ title: TransactionScenario
2389
+ type: string
2390
+ enum:
2391
+ - DEPOSIT
2392
+ - WITHDRAWAL
2393
+ - TRANSFER
2394
+ - PAYMENT
2395
+ - REFUND
2396
+ description: |-
2397
+ Below are the allowed values for the enumeration.
2398
+ - DEPOSIT - Used for performing a Cash-In (deposit) transaction. In a normal scenario, electronic funds are transferred from a Business account to a Consumer account, and physical cash is given from the Consumer to the Business User.
2399
+ - WITHDRAWAL - Used for performing a Cash-Out (withdrawal) transaction. In a normal scenario, electronic funds are transferred from a Consumer’s account to a Business account, and physical cash is given from the Business User to the Consumer.
2400
+ - TRANSFER - Used for performing a P2P (Peer to Peer, or Consumer to Consumer) transaction.
2401
+ - PAYMENT - Usually used for performing a transaction from a Consumer to a Merchant or Organization, but could also be for a B2B (Business to Business) payment. The transaction could be online for a purchase in an Internet store, in a physical store where both the Consumer and Business User are present, a bill payment, a donation, and so on.
2402
+ - REFUND - Used for performing a refund of transaction.
2403
+ example: DEPOSIT
2404
+ TransactionSubScenario:
2405
+ title: TransactionSubScenario
2406
+ type: string
2407
+ pattern: ^[A-Z_]{1,32}$
2408
+ description: Possible sub-scenario, defined locally within the scheme (UndefinedEnum Type).
2409
+ example: LOCALLY_DEFINED_SUBSCENARIO
2410
+ TransactionInitiator:
2411
+ title: TransactionInitiator
2412
+ type: string
2413
+ enum:
2414
+ - PAYER
2415
+ - PAYEE
2416
+ description: |-
2417
+ Below are the allowed values for the enumeration.
2418
+ - PAYER - Sender of funds is initiating the transaction. The account to send from is either owned by the Payer or is connected to the Payer in some way.
2419
+ - PAYEE - Recipient of the funds is initiating the transaction by sending a transaction request. The Payer must approve the transaction, either automatically by a pre-generated OTP or by pre-approval of the Payee, or by manually approving in his or her own Device.
2420
+ example: PAYEE
2421
+ TransactionInitiatorType:
2422
+ title: TransactionInitiatorType
2423
+ type: string
2424
+ enum:
2425
+ - CONSUMER
2426
+ - AGENT
2427
+ - BUSINESS
2428
+ - DEVICE
2429
+ description: |-
2430
+ Below are the allowed values for the enumeration.
2431
+ - CONSUMER - Consumer is the initiator of the transaction.
2432
+ - AGENT - Agent is the initiator of the transaction.
2433
+ - BUSINESS - Business is the initiator of the transaction.
2434
+ - DEVICE - Device is the initiator of the transaction.
2435
+ example: CONSUMER
2436
+ RefundReason:
2437
+ title: RefundReason
2438
+ type: string
2439
+ minLength: 1
2440
+ maxLength: 128
2441
+ description: Reason for the refund.
2442
+ example: Free text indicating reason for the refund.
2443
+ Refund:
2444
+ title: Refund
2445
+ type: object
2446
+ additionalProperties: false
2447
+ description: Data model for the complex type Refund.
2448
+ properties:
2449
+ originalTransactionId:
2450
+ $ref: '#/components/schemas/CorrelationId'
2451
+ refundReason:
2452
+ $ref: '#/components/schemas/RefundReason'
2453
+ required:
2454
+ - originalTransactionId
2455
+ BalanceOfPayments:
2456
+ title: BalanceOfPayments
2457
+ type: string
2458
+ pattern: ^[1-9]\d{2}$
2459
+ description: (BopCode) The API data type [BopCode](https://www.imf.org/external/np/sta/bopcode/) is a JSON String of 3 characters, consisting of digits only. Negative numbers are not allowed. A leading zero is not allowed.
2460
+ example: '123'
2461
+ TransactionType:
2462
+ title: TransactionType
2463
+ type: object
2464
+ additionalProperties: false
2465
+ description: Data model for the complex type TransactionType.
2466
+ properties:
2467
+ scenario:
2468
+ $ref: '#/components/schemas/TransactionScenario'
2469
+ subScenario:
2470
+ $ref: '#/components/schemas/TransactionSubScenario'
2471
+ initiator:
2472
+ $ref: '#/components/schemas/TransactionInitiator'
2473
+ initiatorType:
2474
+ $ref: '#/components/schemas/TransactionInitiatorType'
2475
+ refundInfo:
2476
+ $ref: '#/components/schemas/Refund'
2477
+ balanceOfPayments:
2478
+ $ref: '#/components/schemas/BalanceOfPayments'
2479
+ required:
2480
+ - scenario
2481
+ - initiator
2482
+ - initiatorType
2483
+ QuotesPostRequest:
2484
+ title: QuotesPostRequest
2485
+ type: object
2486
+ description: The object sent in the POST /quotes request.
2487
+ properties:
2488
+ quoteId:
2489
+ $ref: '#/components/schemas/CorrelationId'
2490
+ description: Common ID between the FSPs for the quote object, decided by the Payer FSP. The ID should be reused for resends of the same quote for a transaction. A new ID should be generated for each new quote for a transaction.
2491
+ example: b51ec534-ee48-4575-b6a9-ead2955b8069
2492
+ transactionId:
2493
+ $ref: '#/components/schemas/CorrelationId'
2494
+ description: Common ID (decided by the Payer FSP) between the FSPs for the future transaction object. The actual transaction will be created as part of a successful transfer process. The ID should be reused for resends of the same quote for a transaction. A new ID should be generated for each new quote for a transaction.
2495
+ example: a8323bc6-c228-4df2-ae82-e5a997baf899
2496
+ transactionRequestId:
2497
+ $ref: '#/components/schemas/CorrelationId'
2498
+ description: Identifies an optional previously-sent transaction request.
2499
+ example: a8323bc6-c228-4df2-ae82-e5a997baf890
2500
+ payee:
2501
+ $ref: '#/components/schemas/Party'
2502
+ description: Information about the Payee in the proposed financial transaction.
2503
+ payer:
2504
+ $ref: '#/components/schemas/Party'
2505
+ description: Information about the Payer in the proposed financial transaction.
2506
+ amountType:
2507
+ $ref: '#/components/schemas/AmountType'
2508
+ description: SEND for send amount, RECEIVE for receive amount.
2509
+ example: SEND
2510
+ amount:
2511
+ $ref: '#/components/schemas/Money'
2512
+ description: Depending on amountType - If SEND - The amount the Payer would like to send, that is, the amount that should be withdrawn from the Payer account including any fees. The amount is updated by each participating entity in the transaction. If RECEIVE - The amount the Payee should receive, that is, the amount that should be sent to the receiver exclusive any fees. The amount is not updated by any of the participating entities.
2513
+ fees:
2514
+ $ref: '#/components/schemas/Money'
2515
+ description: The fees in the transaction. The fees element should be empty if fees should be non-disclosed. The fees element should be non-empty if fees should be disclosed.
2516
+ transactionType:
2517
+ $ref: '#/components/schemas/TransactionType'
2518
+ description: Type of transaction for which the quote is requested.
2519
+ geoCode:
2520
+ $ref: '#/components/schemas/GeoCode'
2521
+ description: Longitude and Latitude of the initiating Party. Can be used to detect fraud.
2522
+ note:
2523
+ $ref: '#/components/schemas/Note'
2524
+ description: A memo that will be attached to the transaction.
2525
+ example: Free-text memo.
2526
+ expiration:
2527
+ $ref: '#/components/schemas/DateTime'
2528
+ description: Expiration is optional. It can be set to get a quick failure in case the peer FSP takes too long to respond. Also, it may be beneficial for Consumer, Agent, and Merchant to know that their request has a time limit.
2529
+ example: '2016-05-24T08:38:08.699-04:00'
2530
+ extensionList:
2531
+ $ref: '#/components/schemas/ExtensionList'
2532
+ description: Optional extension, specific to deployment.
2533
+ required:
2534
+ - quoteId
2535
+ - transactionId
2536
+ - payee
2537
+ - payer
2538
+ - amountType
2539
+ - amount
2540
+ - transactionType
2541
+ ConsentRequestChannelType:
2542
+ title: ConsentRequestChannelType
2543
+ type: string
2544
+ enum:
2545
+ - WEB
2546
+ - OTP
2547
+ description: |
2548
+ The auth channel being used for the consent request.
2549
+ - WEB - DFSP can support authorization via a web-based login.
2550
+ - OTP - DFSP can support authorization via a One Time PIN.
2551
+ Uri:
2552
+ title: Uri
2553
+ type: string
2554
+ pattern: ^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?
2555
+ minLength: 1
2556
+ maxLength: 512
2557
+ description: |
2558
+ The API data type Uri is a JSON string in a canonical format that is restricted by a regular expression for interoperability reasons.
2559
+ tppAccountRequestPostRequest:
2560
+ title: AccountRequestPostRequest
2561
+ type: object
2562
+ description: |-
2563
+ Used by: PISP
2564
+ The /tppAccountsRequest resource is used to request consent from a user for access to their accounts information. This resource must be called before the /tppAccounts resource can be queried which provides the account information.
2565
+ Callback and data model for POST /tppAccountRequest:
2566
+ Callback: PUT /tppAccountRequests/{ID} Error callback: PUT /tppAccountRequests/{ID}/error Data model - see below url
2567
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v2.0.0/api/thirdparty/data-models.md#31212-post-accountrequest
2568
+ properties:
2569
+ accountRequestId:
2570
+ $ref: '#/components/schemas/CorrelationId'
2571
+ partyItentifier:
2572
+ $ref: '#/components/schemas/PartyIdentifier'
2573
+ authChannels:
2574
+ type: array
2575
+ minLength: 1
2576
+ maxLength: 256
2577
+ items:
2578
+ $ref: '#/components/schemas/ConsentRequestChannelType'
2579
+ callbackUri:
2580
+ $ref: '#/components/schemas/Uri'
2581
+ required:
2582
+ - accountRequestId
2583
+ - partyIdInfo
2584
+ - authChannels
2585
+ - callbackUri
2586
+ ErrorInformationResponse:
2587
+ title: ErrorInformationResponse
2588
+ type: object
2589
+ additionalProperties: false
2590
+ description: Data model for the complex type object that contains an optional element ErrorInformation used along with 4xx and 5xx responses.
2591
+ properties:
2592
+ errorInformation:
2593
+ $ref: '#/components/schemas/ErrorInformation'
2594
+ BinaryString:
2595
+ type: string
2596
+ pattern: ^[A-Za-z0-9-_]+[=]{0,2}$
2597
+ description: The API data type BinaryString is a JSON String. The string is a base64url encoding of a string of raw bytes, where padding (character ‘=’) is added at the end of the data if needed to ensure that the string is a multiple of 4 characters. The length restriction indicates the allowed number of characters.
2598
+ tppAccountRequestPutResponse:
2599
+ title: AccountRequestPutResponse
2600
+ type: object
2601
+ description: |-
2602
+ Used by: PISP
2603
+ This is the message that the DFSP sends to the PISP to inform the PISP that the accountRequest has been accepted, and to communicate to the PISP which `authChannel` it should use to authenticate their user with. I.e. it is a response to a POST /tppAccountsRequest request, or a GET /tppAccountsRequest/{ID} request.
2604
+ When a PISP requests a series of permissions from a DFSP on behalf of a DFSP's customer, not all the permissions requested may be granted by the DFSP. Conversely, the out-of-loop authorization process may result in additional privileges being granted by the account holder to the PISP. The `PUT /tppAccountsRequest/<ID>` resource returns the current state of the permissions relating to a particular authorization request.
2605
+
2606
+ properties:
2607
+ authChannel:
2608
+ $ref: '#/components/schemas/ConsentRequestChannelType'
2609
+ callbackUri:
2610
+ $ref: '#/components/schemas/Uri'
2611
+ authUri:
2612
+ $ref: '#/components/schemas/Uri'
2613
+ authToken:
2614
+ $ref: '#/components/schemas/BinaryString'
2615
+ required:
2616
+ - authChannels
2617
+ ErrorInformationObject:
2618
+ title: ErrorInformationObject
2619
+ type: object
2620
+ additionalProperties: false
2621
+ description: Data model for the complex type object that contains ErrorInformation.
2622
+ properties:
2623
+ errorInformation:
2624
+ $ref: '#/components/schemas/ErrorInformation'
2625
+ required:
2626
+ - errorInformation
2627
+ Name:
2628
+ title: Name
2629
+ type: string
2630
+ pattern: ^(?!\s*$)[\w .,'-]{1,128}$
2631
+ description: |-
2632
+ The API data type Name is a JSON String, restricted by a regular expression to avoid characters which are generally not used in a name.
2633
+
2634
+ Regular Expression - The regular expression for restricting the Name type is "^(?!\s*$)[\w .,'-]{1,128}$". The restriction does not allow a string consisting of whitespace only, all Unicode characters are allowed, as well as the period (.) (apostrophe (‘), dash (-), comma (,) and space characters ( ).
2635
+
2636
+ **Note:** In some programming languages, Unicode support must be specifically enabled. For example, if Java is used, the flag UNICODE_CHARACTER_CLASS must be enabled to allow Unicode characters.
2637
+ AccountAddress:
2638
+ title: AccountAddress
2639
+ type: string
2640
+ description: |-
2641
+ The AccountAddress data type is a variable length string with a maximum size of 1023 characters and consists of:
2642
+ Alphanumeric characters, upper or lower case. (Addresses are case-sensitive so that they can contain data encoded in formats such as base64url.)
2643
+ - Underscore (_) - Tilde (~) - Hyphen (-) - Period (.) Addresses MUST NOT end in a period (.) character
2644
+ An entity providing accounts to parties (i.e. a participant) can provide any value for an AccountAddress that is meaningful to that entity. It does not need to provide an address that makes the account identifiable outside the entity's domain.
2645
+ IMPORTANT: The policy for defining addresses and the life-cycle of these is at the discretion of the address space owner (the payer DFSP in this case).
2646
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v1.0.1/api/thirdparty/data-models.md#3212-accountaddress
2647
+ pattern: ^([0-9A-Za-z_~\-\.]+[0-9A-Za-z_~\-])$
2648
+ minLength: 1
2649
+ maxLength: 1023
2650
+ Account:
2651
+ title: Account
2652
+ type: object
2653
+ description: |-
2654
+ Data model for the complex type Account.
2655
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v2.0.0/api/thirdparty/data-models.md#3211-account
2656
+ properties:
2657
+ accountNickname:
2658
+ $ref: '#/components/schemas/Name'
2659
+ address:
2660
+ $ref: '#/components/schemas/AccountAddress'
2661
+ currency:
2662
+ $ref: '#/components/schemas/Currency'
2663
+ required:
2664
+ - accountNickname
2665
+ - address
2666
+ - currency
2667
+ AccountList:
2668
+ title: AccountList
2669
+ type: array
2670
+ description: |-
2671
+ The AccountList data model is used to hold information about the accounts that a party controls.
2672
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v2.0.0/api/thirdparty/data-models.md#3213-accountlist
2673
+ items:
2674
+ $ref: '#/components/schemas/Account'
2675
+ minItems: 1
2676
+ maxItems: 256
2677
+ tppAccountsIDPutResponse:
2678
+ title: AccountsIDPutResponse
2679
+ type: object
2680
+ description: |-
2681
+ Callback and data model information for GET /accounts/{ID}:
2682
+ Callback - PUT /tppAccounts/{ID} Error Callback - PUT /tppAccounts/{ID}/error Data Model - Empty body
2683
+ The PUT /accounts/{ID} response is used to inform the requester of the result of a request for accounts information. The identifier ID given in the call are the values given in the original request.
2684
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v2.0.0/api/thirdparty/data-models.md#31121--put-accountsid
2685
+ properties:
2686
+ accounts:
2687
+ $ref: '#/components/schemas/AccountList'
2688
+ extensionList:
2689
+ $ref: '#/components/schemas/ExtensionList'
2690
+ required:
2691
+ - accounts
2692
+ ScopeAction:
2693
+ title: ScopeAction
2694
+ type: string
2695
+ description: |
2696
+ The ScopeAction element contains an access type which a PISP can request
2697
+ from a DFSP, or which a DFSP can grant to a PISP.
2698
+ It must be a member of the appropriate enumeration.
2699
+
2700
+ - ACCOUNTS_GET_BALANCE: PISP can request a balance for the linked account
2701
+ - ACCOUNTS_TRANSFER: PISP can request a transfer of funds from the linked account in the DFSP
2702
+ - ACCOUNTS_STATEMENT: PISP can request a statement of individual transactions on a user's account
2703
+ enum:
2704
+ - ACCOUNTS_GET_BALANCE
2705
+ - ACCOUNTS_TRANSFER
2706
+ - ACCOUNTS_STATEMENT
2707
+ Scope:
2708
+ title: Scope
2709
+ type: object
2710
+ description: |-
2711
+ The Scope element contains an identifier defining, in the terms of a DFSP, an account on which access types can be requested or granted. It also defines the access types which are requested or granted.
2712
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v2.0.0/api/thirdparty/data-models.md#32121-scope
2713
+ properties:
2714
+ address:
2715
+ $ref: '#/components/schemas/AccountAddress'
2716
+ actions:
2717
+ type: array
2718
+ minItems: 1
2719
+ maxItems: 32
2720
+ items:
2721
+ $ref: '#/components/schemas/ScopeAction'
2722
+ required:
2723
+ - address
2724
+ - actions
2725
+ ConsentRequestsPostRequest:
2726
+ title: ConsentRequestsPostRequest
2727
+ type: object
2728
+ description: |-
2729
+ Used by: PISP
2730
+ The HTTP request POST /tppConsentRequests is used to request a DFSP to grant access to one or more accounts owned by a customer of the DFSP for the PISP who sends the request.
2731
+ Callback and data model for POST /tppConsentRequests:
2732
+ Callback: PUT /tppConsentRequests/{ID} Error callback: PUT /tppConsentRequests/{ID}/error
2733
+ properties:
2734
+ consentRequestId:
2735
+ $ref: '#/components/schemas/CorrelationId'
2736
+ partyIdInfo:
2737
+ $ref: '#/components/schemas/PartyIdInfo'
2738
+ scopes:
2739
+ type: array
2740
+ minLength: 1
2741
+ maxLength: 256
2742
+ items:
2743
+ $ref: '#/components/schemas/Scope'
2744
+ authChannels:
2745
+ type: array
2746
+ minLength: 1
2747
+ maxLength: 256
2748
+ items:
2749
+ $ref: '#/components/schemas/ConsentRequestChannelType'
2750
+ callbackUri:
2751
+ $ref: '#/components/schemas/Uri'
2752
+ extensionList:
2753
+ $ref: '#/components/schemas/ExtensionList'
2754
+ required:
2755
+ - consentRequestId
2756
+ - partyIdInfo
2757
+ - scopes
2758
+ - authChannels
2759
+ - callbackUri
2760
+ ConsentRequestChannelTypeWeb:
2761
+ title: ConsentRequestChannelTypeWeb
2762
+ type: string
2763
+ enum:
2764
+ - WEB
2765
+ description: |
2766
+ The web auth channel being used for `PUT /tppConsentRequest/{ID}` request.
2767
+ ConsentRequestsIDPutResponseWeb:
2768
+ title: ConsentRequestsIDPutResponseWeb
2769
+ type: object
2770
+ description: |
2771
+ The object sent in a `PUT /tppConsentRequests/{ID}` request.
2772
+
2773
+ Schema used in the request consent phase of the account linking web flow,
2774
+ the result is the PISP being instructed on a specific URL where this
2775
+ supposed user should be redirected. This URL should be a place where
2776
+ the user can prove their identity (e.g., by logging in).
2777
+ properties:
2778
+ scopes:
2779
+ type: array
2780
+ minLength: 1
2781
+ maxLength: 256
2782
+ items:
2783
+ $ref: '#/components/schemas/Scope'
2784
+ authChannels:
2785
+ type: array
2786
+ minLength: 1
2787
+ maxLength: 1
2788
+ items:
2789
+ $ref: '#/components/schemas/ConsentRequestChannelTypeWeb'
2790
+ callbackUri:
2791
+ $ref: '#/components/schemas/Uri'
2792
+ authUri:
2793
+ $ref: '#/components/schemas/Uri'
2794
+ extensionList:
2795
+ $ref: '#/components/schemas/ExtensionList'
2796
+ required:
2797
+ - scopes
2798
+ - authChannels
2799
+ - callbackUri
2800
+ - authUri
2801
+ additionalProperties: false
2802
+ ConsentRequestChannelTypeOTP:
2803
+ title: ConsentRequestChannelTypeOTP
2804
+ type: string
2805
+ enum:
2806
+ - OTP
2807
+ description: |
2808
+ The OTP auth channel being used for `PUT /tppConsentRequests/{ID}` request.
2809
+ ConsentRequestsIDPutResponseOTP:
2810
+ title: ConsentRequestsIDPutResponseOTP
2811
+ type: object
2812
+ description: |
2813
+ The object sent in a `PUT /tppConsentRequests/{ID}` request.
2814
+
2815
+ Schema used in the request consent phase of the account linking OTP/SMS flow.
2816
+ properties:
2817
+ scopes:
2818
+ type: array
2819
+ minLength: 1
2820
+ maxLength: 256
2821
+ items:
2822
+ $ref: '#/components/schemas/Scope'
2823
+ authChannels:
2824
+ type: array
2825
+ minLength: 1
2826
+ maxLength: 1
2827
+ items:
2828
+ $ref: '#/components/schemas/ConsentRequestChannelTypeOTP'
2829
+ callbackUri:
2830
+ $ref: '#/components/schemas/Uri'
2831
+ extensionList:
2832
+ $ref: '#/components/schemas/ExtensionList'
2833
+ required:
2834
+ - scopes
2835
+ - authChannels
2836
+ additionalProperties: false
2837
+ ConsentRequestsIDPatchRequest:
2838
+ title: ConsentRequestsIDPatchRequest
2839
+ type: object
2840
+ description: |-
2841
+ Used by: PISP
2842
+ After the user completes an out-of-band authorization with the DFSP, the PISP will receive a token which they can use to prove to the DFSP that the user trusts this PISP.
2843
+ properties:
2844
+ authToken:
2845
+ $ref: '#/components/schemas/BinaryString'
2846
+ extensionList:
2847
+ $ref: '#/components/schemas/ExtensionList'
2848
+ required:
2849
+ - authToken
2850
+ CredentialType:
2851
+ title: CredentialType
2852
+ type: string
2853
+ enum:
2854
+ - FIDO
2855
+ - GENERIC
2856
+ description: |-
2857
+ The type of the Credential. - "FIDO" - The credential is based on a FIDO challenge. Its payload is a FIDOPublicKeyCredentialAttestation object. - "GENERIC" - The credential is based on a simple public key validation. Its payload is a GenericCredential object.
2858
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v2.0.0/api/thirdparty/data-models.md#3226-credentialtype
2859
+ CredentialStatusPending:
2860
+ title: CredentialStatusPending
2861
+ type: string
2862
+ enum:
2863
+ - PENDING
2864
+ description: |
2865
+ The status of the Credential.
2866
+ - "PENDING" - The credential has been created, but has not been verified
2867
+ GenericCredential:
2868
+ title: GenericCredential
2869
+ type: object
2870
+ description: |
2871
+ A publicKey + signature of a challenge for a generic public/private keypair.
2872
+ properties:
2873
+ publicKey:
2874
+ $ref: '#/components/schemas/BinaryString'
2875
+ signature:
2876
+ $ref: '#/components/schemas/BinaryString'
2877
+ required:
2878
+ - publicKey
2879
+ - signature
2880
+ additionalProperties: false
2881
+ FIDOPublicKeyCredentialAttestation:
2882
+ title: FIDOPublicKeyCredentialAttestation
2883
+ type: object
2884
+ description: |
2885
+ A data model representing a FIDO Attestation result. Derived from
2886
+ [`PublicKeyCredential` Interface](https://w3c.github.io/webauthn/#iface-pkcredential).
2887
+
2888
+ The `PublicKeyCredential` interface represents the below fields with
2889
+ a Type of Javascript [ArrayBuffer](https://heycam.github.io/webidl/#idl-ArrayBuffer).
2890
+ For this API, we represent ArrayBuffers as base64 encoded utf-8 strings.
2891
+ properties:
2892
+ id:
2893
+ type: string
2894
+ description: |
2895
+ credential id: identifier of pair of keys, base64 encoded
2896
+ https://w3c.github.io/webauthn/#ref-for-dom-credential-id
2897
+ minLength: 20
2898
+ maxLength: 118
2899
+ rawId:
2900
+ type: string
2901
+ description: |
2902
+ raw credential id: identifier of pair of keys, base64 encoded
2903
+ minLength: 20
2904
+ maxLength: 118
2905
+ response:
2906
+ type: object
2907
+ description: |
2908
+ AuthenticatorAttestationResponse
2909
+ properties:
2910
+ clientDataJSON:
2911
+ type: string
2912
+ description: |
2913
+ JSON string with client data
2914
+ minLength: 121
2915
+ maxLength: 512
2916
+ attestationObject:
2917
+ type: string
2918
+ description: |
2919
+ CBOR.encoded attestation object
2920
+ minLength: 306
2921
+ maxLength: 2048
2922
+ required:
2923
+ - clientDataJSON
2924
+ - attestationObject
2925
+ additionalProperties: false
2926
+ type:
2927
+ type: string
2928
+ description: response type, we need only the type of public-key
2929
+ enum:
2930
+ - public-key
2931
+ required:
2932
+ - id
2933
+ - response
2934
+ - type
2935
+ additionalProperties: false
2936
+ SignedCredential:
2937
+ title: SignedCredential
2938
+ type: object
2939
+ description: |
2940
+ A credential used to allow a user to prove their identity and access
2941
+ to an account with a DFSP.
2942
+
2943
+ SignedCredential is a special formatting of the credential to allow us to be
2944
+ more explicit about the `status` field - it should only ever be PENDING when
2945
+ updating a credential.
2946
+ properties:
2947
+ credentialType:
2948
+ $ref: '#/components/schemas/CredentialType'
2949
+ status:
2950
+ $ref: '#/components/schemas/CredentialStatusPending'
2951
+ genericPayload:
2952
+ $ref: '#/components/schemas/GenericCredential'
2953
+ fidoPayload:
2954
+ $ref: '#/components/schemas/FIDOPublicKeyCredentialAttestation'
2955
+ required:
2956
+ - credentialType
2957
+ - status
2958
+ additionalProperties: false
2959
+ ConsentStatus:
2960
+ title: ConsentStatus
2961
+ type: string
2962
+ enum:
2963
+ - ISSUED
2964
+ - REVOKED
2965
+ description: |-
2966
+ Allowed values for the enumeration ConsentStatus
2967
+ - ISSUED - The consent has been issued by the DFSP
2968
+ - REVOKED - The consent has been revoked
2969
+ ConsentsPostRequestAUTH:
2970
+ title: ConsentPostRequestAUTH
2971
+ type: object
2972
+ description: |
2973
+ The object sent in a `POST /tppConsents` request to the Auth-Service
2974
+ by a DFSP to store registered Consent and credential
2975
+ properties:
2976
+ consentId:
2977
+ allOf:
2978
+ - $ref: '#/components/schemas/CorrelationId'
2979
+ description: |
2980
+ Common ID between the PISP and FSP for the Consent object
2981
+ determined by the DFSP who creates the Consent.
2982
+ consentRequestId:
2983
+ $ref: '#/components/schemas/CorrelationId'
2984
+ scopes:
2985
+ minLength: 1
2986
+ maxLength: 256
2987
+ type: array
2988
+ items:
2989
+ $ref: '#/components/schemas/Scope'
2990
+ credential:
2991
+ allOf:
2992
+ - $ref: '#/components/schemas/SignedCredential'
2993
+ status:
2994
+ $ref: '#/components/schemas/ConsentStatus'
2995
+ extensionList:
2996
+ $ref: '#/components/schemas/ExtensionList'
2997
+ required:
2998
+ - consentId
2999
+ - scopes
3000
+ - credential
3001
+ - status
3002
+ additionalProperties: false
3003
+ ConsentsPostRequestPISP:
3004
+ title: ConsentPostRequestPISP
3005
+ type: object
3006
+ description: |
3007
+ The provisional Consent object sent by the DFSP in `POST /tppConsents`.
3008
+ properties:
3009
+ consentId:
3010
+ allOf:
3011
+ - $ref: '#/components/schemas/CorrelationId'
3012
+ description: |
3013
+ Common ID between the PISP and the Payer DFSP for the consent object. The ID
3014
+ should be reused for re-sends of the same consent. A new ID should be generated
3015
+ for each new consent.
3016
+ consentRequestId:
3017
+ allOf:
3018
+ - $ref: '#/components/schemas/CorrelationId'
3019
+ description: |
3020
+ The ID given to the original consent request on which this consent is based.
3021
+ scopes:
3022
+ type: array
3023
+ minLength: 1
3024
+ maxLength: 256
3025
+ items:
3026
+ $ref: '#/components/schemas/Scope'
3027
+ status:
3028
+ $ref: '#/components/schemas/ConsentStatus'
3029
+ extensionList:
3030
+ $ref: '#/components/schemas/ExtensionList'
3031
+ required:
3032
+ - consentId
3033
+ - consentRequestId
3034
+ - scopes
3035
+ - status
3036
+ ConsentsIDPutResponseSigned:
3037
+ title: ConsentsIDPutResponseSigned
3038
+ type: object
3039
+ description: |
3040
+ The HTTP request `PUT /tppConsents/{ID}` is used by the PISP to update a Consent with a signed challenge and register a credential.
3041
+ Called by a `PISP` to after signing a challenge. Sent to a DFSP for verification.
3042
+ properties:
3043
+ status:
3044
+ $ref: '#/components/schemas/ConsentStatusIssued'
3045
+ scopes:
3046
+ type: array
3047
+ items:
3048
+ $ref: '#/components/schemas/Scope'
3049
+ credential:
3050
+ $ref: '#/components/schemas/SignedCredential'
3051
+ extensionList:
3052
+ $ref: '#/components/schemas/ExtensionList'
3053
+ required:
3054
+ - scopes
3055
+ - credential
3056
+ additionalProperties: false
3057
+ CredentialStatusVerified:
3058
+ title: CredentialStatusVerified
3059
+ type: string
3060
+ enum:
3061
+ - VERIFIED
3062
+ description: |
3063
+ The status of the Credential.
3064
+ - "VERIFIED" - The Credential is valid and verified.
3065
+ VerifiedCredential:
3066
+ title: VerifiedCredential
3067
+ type: object
3068
+ description: |
3069
+ A credential used to allow a user to prove their identity and access
3070
+ to an account with a DFSP.
3071
+
3072
+ VerifiedCredential is a special formatting of Credential to allow us to be
3073
+ more explicit about the `status` field - it should only ever be VERIFIED when
3074
+ updating a credential.
3075
+ properties:
3076
+ credentialType:
3077
+ $ref: '#/components/schemas/CredentialType'
3078
+ status:
3079
+ $ref: '#/components/schemas/CredentialStatusVerified'
3080
+ genericPayload:
3081
+ $ref: '#/components/schemas/GenericCredential'
3082
+ fidoPayload:
3083
+ $ref: '#/components/schemas/FIDOPublicKeyCredentialAttestation'
3084
+ required:
3085
+ - credentialType
3086
+ - status
3087
+ additionalProperties: false
3088
+ ConsentsIDPutResponseVerified:
3089
+ title: ConsentsIDPutResponseVerified
3090
+ type: object
3091
+ description: |
3092
+ The HTTP request `PUT /tppConsents/{ID}` is used by the DFSP or Auth-Service to update a Consent object once it has been Verified.
3093
+ Called by a `auth-service` to notify a DFSP that a credential has been verified and registered.
3094
+ properties:
3095
+ status:
3096
+ $ref: '#/components/schemas/ConsentStatusIssued'
3097
+ scopes:
3098
+ type: array
3099
+ items:
3100
+ $ref: '#/components/schemas/Scope'
3101
+ credential:
3102
+ $ref: '#/components/schemas/VerifiedCredential'
3103
+ extensionList:
3104
+ $ref: '#/components/schemas/ExtensionList'
3105
+ required:
3106
+ - scopes
3107
+ - credential
3108
+ additionalProperties: false
3109
+ ConsentsIDPatchResponseVerified:
3110
+ title: ConsentsIDPatchResponseVerified
3111
+ description: |
3112
+ PATCH /tppConsents/{ID} request object.
3113
+
3114
+ Sent by the DFSP to the PISP when a consent is issued and verified.
3115
+ Used in the "Register Credential" part of the Account linking flow.
3116
+ type: object
3117
+ properties:
3118
+ credential:
3119
+ type: object
3120
+ properties:
3121
+ status:
3122
+ $ref: '#/components/schemas/CredentialStatusVerified'
3123
+ required:
3124
+ - status
3125
+ extensionList:
3126
+ $ref: '#/components/schemas/ExtensionList'
3127
+ required:
3128
+ - credential
3129
+ ConsentStatusRevoked:
3130
+ title: ConsentStatusRevoked
3131
+ type: string
3132
+ enum:
3133
+ - REVOKED
3134
+ description: |-
3135
+ Allowed values for the enumeration ConsentStatus
3136
+ - REVOKED - The consent has been revoked
3137
+ ConsentsIDPatchResponseRevoked:
3138
+ title: ConsentsIDPatchResponseRevoked
3139
+ description: |
3140
+ PATCH /tppConsents/{ID} request object.
3141
+
3142
+ Sent to both the PISP and DFSP when a consent is revoked.
3143
+ Used in the "Unlinking" part of the Account Unlinking flow.
3144
+ type: object
3145
+ properties:
3146
+ status:
3147
+ $ref: '#/components/schemas/ConsentStatusRevoked'
3148
+ revokedAt:
3149
+ $ref: '#/components/schemas/DateTime'
3150
+ extensionList:
3151
+ $ref: '#/components/schemas/ExtensionList'
3152
+ required:
3153
+ - status
3154
+ - revokedAt
3155
+ ParticipantsTypeIDPutResponse:
3156
+ title: ParticipantsTypeIDPutResponse
3157
+ type: object
3158
+ description: The object sent in the PUT /participants/{Type}/{ID}/{SubId} and /participants/{Type}/{ID} callbacks.
3159
+ properties:
3160
+ fspId:
3161
+ $ref: '#/components/schemas/FspId'
3162
+ ParticipantsTypeIDSubIDPostRequest:
3163
+ title: ParticipantsTypeIDSubIDPostRequest
3164
+ type: object
3165
+ description: The object sent in the POST /participants/{Type}/{ID}/{SubId} and /participants/{Type}/{ID} requests. An additional optional ExtensionList element has been added as part of v1.1 changes.
3166
+ properties:
3167
+ fspId:
3168
+ $ref: '#/components/schemas/FspId'
3169
+ currency:
3170
+ $ref: '#/components/schemas/Currency'
3171
+ extensionList:
3172
+ $ref: '#/components/schemas/ExtensionList'
3173
+ required:
3174
+ - fspId
3175
+ ServicesServiceTypePutResponse:
3176
+ title: ServicesServiceTypePutResponse
3177
+ type: object
3178
+ description: |-
3179
+ Used by: Switch
3180
+ The callback PUT /services/{ServiceType} is used to inform the client of a successful result of the service information lookup.
3181
+ Callback and data model information for GET /services/{ServiceType}:
3182
+ Callback - PUT /services/{ServiceType} Error Callback - PUT /services/{ServiceType}/error Data Model - Empty body
3183
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v2.0.0/api/thirdparty/data-models.md#31531-put-servicesservicetype
3184
+ properties:
3185
+ providers:
3186
+ type: array
3187
+ minLength: 0
3188
+ maxLength: 256
3189
+ items:
3190
+ $ref: '#/components/schemas/FspId'
3191
+ extensionList:
3192
+ $ref: '#/components/schemas/ExtensionList'
3193
+ required:
3194
+ - providers
3195
+ tppAuthorizationsPostRequest:
3196
+ title: tppAuthorizationsPostRequest
3197
+ description: |-
3198
+ Used by: DFSP
3199
+ The HTTP request POST /tppAuthorizations is used to request the validation by a customer for the transfer described in the request.
3200
+ Callback and data model information for POST /tppAuthorizations:
3201
+ Callback - PUT /tppAuthorizations/{ID} Error Callback - PUT /tppAuthorizations/{ID}/error
3202
+ type: object
3203
+ properties:
3204
+ authorizationRequestId:
3205
+ $ref: '#/components/schemas/CorrelationId'
3206
+ transactionRequestId:
3207
+ $ref: '#/components/schemas/CorrelationId'
3208
+ challenge:
3209
+ type: string
3210
+ description: The challenge that the PISP's client is to sign
3211
+ transferAmount:
3212
+ allOf:
3213
+ - $ref: '#/components/schemas/Money'
3214
+ description: The amount that will be debited from the sending customer's account as a consequence of the transaction.
3215
+ payeeReceiveAmount:
3216
+ allOf:
3217
+ - $ref: '#/components/schemas/Money'
3218
+ description: The amount that will be credited to the receiving customer's account as a consequence of the transaction.
3219
+ fees:
3220
+ allOf:
3221
+ - $ref: '#/components/schemas/Money'
3222
+ description: The amount of fees that the paying customer will be charged as part of the transaction.
3223
+ payer:
3224
+ allOf:
3225
+ - $ref: '#/components/schemas/PartyIdInfo'
3226
+ description: Information about the Payer type, id, sub-type/id, FSP Id in the proposed financial transaction.
3227
+ payee:
3228
+ allOf:
3229
+ - $ref: '#/components/schemas/Party'
3230
+ description: Information about the Payee in the proposed financial transaction.
3231
+ transactionType:
3232
+ $ref: '#/components/schemas/TransactionType'
3233
+ expiration:
3234
+ allOf:
3235
+ - $ref: '#/components/schemas/DateTime'
3236
+ description: The time by which the transfer must be completed, set by the payee DFSP.
3237
+ extensionList:
3238
+ $ref: '#/components/schemas/ExtensionList'
3239
+ required:
3240
+ - authorizationRequestId
3241
+ - transactionRequestId
3242
+ - challenge
3243
+ - transferAmount
3244
+ - payeeReceiveAmount
3245
+ - fees
3246
+ - payer
3247
+ - payee
3248
+ - transactionType
3249
+ - expiration
3250
+ additionalProperties: false
3251
+ AuthorizationResponseTypeRejected:
3252
+ title: AuthorizationResponseTypeRejected
3253
+ description: |
3254
+ The customer rejected the terms of the transfer.
3255
+ type: string
3256
+ enum:
3257
+ - REJECTED
3258
+ tppAuthorizationsIDPutResponseRejected:
3259
+ title: tppAuthorizationsIDPutResponseRejected
3260
+ type: object
3261
+ description: The object sent in the PUT /tppAuthorizations/{ID} callback.
3262
+ properties:
3263
+ responseType:
3264
+ $ref: '#/components/schemas/AuthorizationResponseTypeRejected'
3265
+ extensionList:
3266
+ $ref: '#/components/schemas/ExtensionList'
3267
+ required:
3268
+ - responseType
3269
+ AuthorizationResponseTypeAccepted:
3270
+ title: AuthorizationResponseType
3271
+ description: |
3272
+ The customer accepted the terms of the transfer
3273
+ type: string
3274
+ enum:
3275
+ - ACCEPTED
3276
+ SignedPayloadTypeFIDO:
3277
+ title: SignedPayloadTypeFIDO
3278
+ type: string
3279
+ enum:
3280
+ - FIDO
3281
+ description: Describes a challenge that has been signed with FIDO Attestation flows
3282
+ FIDOPublicKeyCredentialAssertion:
3283
+ title: FIDOPublicKeyCredentialAssertion
3284
+ type: object
3285
+ description: |
3286
+ A data model representing a FIDO Assertion result.
3287
+ Derived from PublicKeyCredential Interface in WebAuthN.
3288
+
3289
+ The PublicKeyCredential interface represents the below fields with a Type of
3290
+ Javascript ArrayBuffer.
3291
+ For this API, we represent ArrayBuffers as base64 encoded utf-8 strings.
3292
+
3293
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v2.0.0/api/thirdparty/data-models.md#32128-fidopublickeycredentialassertion
3294
+ properties:
3295
+ id:
3296
+ type: string
3297
+ description: |
3298
+ credential id: identifier of pair of keys, base64 encoded
3299
+ https://w3c.github.io/webauthn/#ref-for-dom-credential-id
3300
+ minLength: 20
3301
+ maxLength: 118
3302
+ rawId:
3303
+ type: string
3304
+ description: |
3305
+ raw credential id: identifier of pair of keys, base64 encoded.
3306
+ minLength: 20
3307
+ maxLength: 118
3308
+ response:
3309
+ type: object
3310
+ description: |
3311
+ AuthenticatorAssertionResponse
3312
+ properties:
3313
+ authenticatorData:
3314
+ type: string
3315
+ description: |
3316
+ Authenticator data object.
3317
+ minLength: 49
3318
+ maxLength: 256
3319
+ clientDataJSON:
3320
+ type: string
3321
+ description: |
3322
+ JSON string with client data.
3323
+ minLength: 121
3324
+ maxLength: 512
3325
+ signature:
3326
+ type: string
3327
+ description: |
3328
+ The signature generated by the private key associated with this credential.
3329
+ minLength: 59
3330
+ maxLength: 256
3331
+ userHandle:
3332
+ type: string
3333
+ description: |
3334
+ This field is optionally provided by the authenticator, and
3335
+ represents the user.id that was supplied during registration.
3336
+ minLength: 1
3337
+ maxLength: 88
3338
+ required:
3339
+ - authenticatorData
3340
+ - clientDataJSON
3341
+ - signature
3342
+ additionalProperties: false
3343
+ type:
3344
+ type: string
3345
+ description: response type, we need only the type of public-key
3346
+ enum:
3347
+ - public-key
3348
+ required:
3349
+ - id
3350
+ - rawId
3351
+ - response
3352
+ - type
3353
+ additionalProperties: false
3354
+ SignedPayloadFIDO:
3355
+ title: SignedPayloadFIDO
3356
+ type: object
3357
+ properties:
3358
+ signedPayloadType:
3359
+ $ref: '#/components/schemas/SignedPayloadTypeFIDO'
3360
+ fidoSignedPayload:
3361
+ $ref: '#/components/schemas/FIDOPublicKeyCredentialAssertion'
3362
+ required:
3363
+ - signedPayloadType
3364
+ - fidoSignedPayload
3365
+ additionalProperties: false
3366
+ tppAuthorizationsIDPutResponseFIDO:
3367
+ title: tppAuthorizationsIDPutResponseFIDO
3368
+ type: object
3369
+ description: The object sent in the PUT /tppAuthorizations/{ID} callback.
3370
+ properties:
3371
+ responseType:
3372
+ $ref: '#/components/schemas/AuthorizationResponseTypeAccepted'
3373
+ signedPayload:
3374
+ $ref: '#/components/schemas/SignedPayloadFIDO'
3375
+ extensionList:
3376
+ $ref: '#/components/schemas/ExtensionList'
3377
+ required:
3378
+ - responseType
3379
+ - signedPayload
3380
+ additionalProperties: false
3381
+ SignedPayloadTypeGeneric:
3382
+ title: SignedPayloadTypeGeneric
3383
+ type: string
3384
+ enum:
3385
+ - GENERIC
3386
+ description: Describes a challenge that has been signed with a private key
3387
+ SignedPayloadGeneric:
3388
+ title: SignedPayloadGeneric
3389
+ type: object
3390
+ properties:
3391
+ signedPayloadType:
3392
+ $ref: '#/components/schemas/SignedPayloadTypeGeneric'
3393
+ genericSignedPayload:
3394
+ $ref: '#/components/schemas/BinaryString'
3395
+ required:
3396
+ - signedPayloadType
3397
+ - genericSignedPayload
3398
+ additionalProperties: false
3399
+ tppAuthorizationsIDPutResponseGeneric:
3400
+ title: tppAuthorizationsIDPutResponseGeneric
3401
+ type: object
3402
+ description: The object sent in the PUT /tppAuthorizations/{ID} callback.
3403
+ properties:
3404
+ responseType:
3405
+ $ref: '#/components/schemas/AuthorizationResponseTypeAccepted'
3406
+ signedPayload:
3407
+ $ref: '#/components/schemas/SignedPayloadGeneric'
3408
+ extensionList:
3409
+ $ref: '#/components/schemas/ExtensionList'
3410
+ required:
3411
+ - responseType
3412
+ - signedPayload
3413
+ additionalProperties: false
3414
+ tppVerificationsPostRequestFIDO:
3415
+ title: tppVerificationsPostRequestFIDO
3416
+ type: object
3417
+ description: The object sent in the POST /tppVerifications request.
3418
+ properties:
3419
+ verificationRequestId:
3420
+ allOf:
3421
+ - $ref: '#/components/schemas/CorrelationId'
3422
+ challenge:
3423
+ type: string
3424
+ description: Base64 encoded bytes - The challenge generated by the DFSP.
3425
+ consentId:
3426
+ allOf:
3427
+ - $ref: '#/components/schemas/CorrelationId'
3428
+ description: |
3429
+ The id of the stored consent object that contains the credential with which to verify
3430
+ the signed challenge against.
3431
+ signedPayloadType:
3432
+ $ref: '#/components/schemas/SignedPayloadTypeFIDO'
3433
+ fidoSignedPayload:
3434
+ $ref: '#/components/schemas/FIDOPublicKeyCredentialAssertion'
3435
+ extensionList:
3436
+ $ref: '#/components/schemas/ExtensionList'
3437
+ required:
3438
+ - verificationRequestId
3439
+ - challenge
3440
+ - consentId
3441
+ - signedPayloadType
3442
+ - fidoSignedPayload
3443
+ tppVerificationsPostRequestGeneric:
3444
+ title: tppVerificationsPostRequestGeneric
3445
+ type: object
3446
+ description: The object sent in the POST /tppVerifications request.
3447
+ properties:
3448
+ verificationRequestId:
3449
+ allOf:
3450
+ - $ref: '#/components/schemas/CorrelationId'
3451
+ challenge:
3452
+ type: string
3453
+ description: Base64 encoded bytes - The challenge generated by the DFSP.
3454
+ consentId:
3455
+ allOf:
3456
+ - $ref: '#/components/schemas/CorrelationId'
3457
+ description: |
3458
+ The id of the stored consent object that contains the credential with which to verify
3459
+ the signed challenge against.
3460
+ signedPayloadType:
3461
+ $ref: '#/components/schemas/SignedPayloadTypeGeneric'
3462
+ genericSignedPayload:
3463
+ $ref: '#/components/schemas/BinaryString'
3464
+ extensionList:
3465
+ $ref: '#/components/schemas/ExtensionList'
3466
+ required:
3467
+ - verificationRequestId
3468
+ - challenge
3469
+ - consentId
3470
+ - signedPayloadType
3471
+ - genericSignedPayload
3472
+ AuthenticationResponse:
3473
+ title: AuthenticationResponse
3474
+ type: string
3475
+ enum:
3476
+ - VERIFIED
3477
+ description: |-
3478
+ The AuthenticationResponse enumeration describes the result of authenticating verification request.
3479
+ Below are the allowed values for the enumeration AuthenticationResponse. - VERIFIED - The challenge was correctly signed.
3480
+ tppVerificationsIDPutResponse:
3481
+ title: tppVerificationsIDPutResponse
3482
+ type: object
3483
+ description: |-
3484
+ Used by: Auth Service
3485
+ The callback PUT /tppVerifications/{ID} is used to inform the client of the result of an authorization check. The {ID} in the URI should contain the authorizationRequestId which was used to request the check, or the {ID} that was used in the GET /tppVerifications/{ID}.
3486
+ https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v2.0.0/api/thirdparty/data-models.md#31821-put-thirdpartyrequestsverificationsid
3487
+ properties:
3488
+ authenticationResponse:
3489
+ $ref: '#/components/schemas/AuthenticationResponse'
3490
+ extensionList:
3491
+ $ref: '#/components/schemas/ExtensionList'
3492
+ required:
3493
+ - authenticationResponse
3494
+ parameters:
3495
+ Content-Type:
3496
+ name: Content-Type
3497
+ in: header
3498
+ schema:
3499
+ type: string
3500
+ required: true
3501
+ description: The `Content-Type` header indicates the specific version of the API used to send the payload body.
3502
+ Date:
3503
+ name: Date
3504
+ in: header
3505
+ schema:
3506
+ type: string
3507
+ required: true
3508
+ description: The `Date` header field indicates the date when the request was sent.
3509
+ X-Forwarded-For:
3510
+ name: X-Forwarded-For
3511
+ in: header
3512
+ schema:
3513
+ type: string
3514
+ required: false
3515
+ description: |-
3516
+ The `X-Forwarded-For` header field is an unofficially accepted standard used for informational purposes of the originating client IP address, as a request might pass multiple proxies, firewalls, and so on. Multiple `X-Forwarded-For` values should be expected and supported by implementers of the API.
3517
+
3518
+ **Note:** An alternative to `X-Forwarded-For` is defined in [RFC 7239](https://tools.ietf.org/html/rfc7239). However, to this point RFC 7239 is less-used and supported than `X-Forwarded-For`.
3519
+ FSPIOP-Source:
3520
+ name: FSPIOP-Source
3521
+ in: header
3522
+ schema:
3523
+ type: string
3524
+ required: true
3525
+ description: The `FSPIOP-Source` header field is a non-HTTP standard field used by the API for identifying the sender of the HTTP request. The field should be set by the original sender of the request. Required for routing and signature verification (see header field `FSPIOP-Signature`).
3526
+ FSPIOP-Destination:
3527
+ name: FSPIOP-Destination
3528
+ in: header
3529
+ schema:
3530
+ type: string
3531
+ required: false
3532
+ description: The `FSPIOP-Destination` header field is a non-HTTP standard field used by the API for HTTP header based routing of requests and responses to the destination. The field must be set by the original sender of the request if the destination is known (valid for all services except GET /parties) so that any entities between the client and the server do not need to parse the payload for routing purposes. If the destination is not known (valid for service GET /parties), the field should be left empty.
3533
+ FSPIOP-Encryption:
3534
+ name: FSPIOP-Encryption
3535
+ in: header
3536
+ schema:
3537
+ type: string
3538
+ required: false
3539
+ description: The `FSPIOP-Encryption` header field is a non-HTTP standard field used by the API for applying end-to-end encryption of the request.
3540
+ FSPIOP-Signature:
3541
+ name: FSPIOP-Signature
3542
+ in: header
3543
+ schema:
3544
+ type: string
3545
+ required: false
3546
+ description: The `FSPIOP-Signature` header field is a non-HTTP standard field used by the API for applying an end-to-end request signature.
3547
+ FSPIOP-URI:
3548
+ name: FSPIOP-URI
3549
+ in: header
3550
+ schema:
3551
+ type: string
3552
+ required: false
3553
+ description: The `FSPIOP-URI` header field is a non-HTTP standard field used by the API for signature verification, should contain the service URI. Required if signature verification is used, for more information, see [the API Signature document](https://github.com/mojaloop/docs/tree/main/Specification%20Document%20Set).
3554
+ FSPIOP-HTTP-Method:
3555
+ name: FSPIOP-HTTP-Method
3556
+ in: header
3557
+ schema:
3558
+ type: string
3559
+ required: false
3560
+ description: The `FSPIOP-HTTP-Method` header field is a non-HTTP standard field used by the API for signature verification, should contain the service HTTP method. Required if signature verification is used, for more information, see [the API Signature document](https://github.com/mojaloop/docs/tree/main/Specification%20Document%20Set).
3561
+ Accept:
3562
+ name: Accept
3563
+ in: header
3564
+ required: true
3565
+ schema:
3566
+ type: string
3567
+ description: The `Accept` header field indicates the version of the API the client would like the server to use.
3568
+ Content-Length:
3569
+ name: Content-Length
3570
+ in: header
3571
+ required: false
3572
+ schema:
3573
+ type: integer
3574
+ description: |-
3575
+ The `Content-Length` header field indicates the anticipated size of the payload body. Only sent if there is a body.
3576
+
3577
+ **Note:** The API supports a maximum size of 5242880 bytes (5 Megabytes).
3578
+ ID:
3579
+ name: ID
3580
+ in: path
3581
+ required: true
3582
+ schema:
3583
+ type: string
3584
+ description: The identifier value.
3585
+ Type:
3586
+ name: Type
3587
+ in: path
3588
+ required: true
3589
+ schema:
3590
+ type: string
3591
+ description: The type of the party identifier. For example, `MSISDN`, `PERSONAL_ID`.
3592
+ ServiceType:
3593
+ name: ServiceType
3594
+ in: path
3595
+ required: true
3596
+ schema:
3597
+ type: string
3598
+ description: The type of the service identifier. For example, `THIRD_PARTY_DFSP`
3599
+ responses:
3600
+ '200':
3601
+ description: OK
3602
+ '202':
3603
+ description: Accepted
3604
+ '400':
3605
+ description: Bad Request
3606
+ content:
3607
+ application/json:
3608
+ schema:
3609
+ $ref: '#/components/schemas/ErrorInformationResponse'
3610
+ headers:
3611
+ Content-Length:
3612
+ $ref: '#/components/headers/Content-Length'
3613
+ Content-Type:
3614
+ $ref: '#/components/headers/Content-Type'
3615
+ '401':
3616
+ description: Unauthorized
3617
+ content:
3618
+ application/json:
3619
+ schema:
3620
+ $ref: '#/components/schemas/ErrorInformationResponse'
3621
+ headers:
3622
+ Content-Length:
3623
+ $ref: '#/components/headers/Content-Length'
3624
+ Content-Type:
3625
+ $ref: '#/components/headers/Content-Type'
3626
+ '403':
3627
+ description: Forbidden
3628
+ content:
3629
+ application/json:
3630
+ schema:
3631
+ $ref: '#/components/schemas/ErrorInformationResponse'
3632
+ headers:
3633
+ Content-Length:
3634
+ $ref: '#/components/headers/Content-Length'
3635
+ Content-Type:
3636
+ $ref: '#/components/headers/Content-Type'
3637
+ '404':
3638
+ description: Not Found
3639
+ content:
3640
+ application/json:
3641
+ schema:
3642
+ $ref: '#/components/schemas/ErrorInformationResponse'
3643
+ headers:
3644
+ Content-Length:
3645
+ $ref: '#/components/headers/Content-Length'
3646
+ Content-Type:
3647
+ $ref: '#/components/headers/Content-Type'
3648
+ '405':
3649
+ description: Method Not Allowed
3650
+ content:
3651
+ application/json:
3652
+ schema:
3653
+ $ref: '#/components/schemas/ErrorInformationResponse'
3654
+ headers:
3655
+ Content-Length:
3656
+ $ref: '#/components/headers/Content-Length'
3657
+ Content-Type:
3658
+ $ref: '#/components/headers/Content-Type'
3659
+ '406':
3660
+ description: Not Acceptable
3661
+ content:
3662
+ application/json:
3663
+ schema:
3664
+ $ref: '#/components/schemas/ErrorInformationResponse'
3665
+ headers:
3666
+ Content-Length:
3667
+ $ref: '#/components/headers/Content-Length'
3668
+ Content-Type:
3669
+ $ref: '#/components/headers/Content-Type'
3670
+ '501':
3671
+ description: Not Implemented
3672
+ content:
3673
+ application/json:
3674
+ schema:
3675
+ $ref: '#/components/schemas/ErrorInformationResponse'
3676
+ headers:
3677
+ Content-Length:
3678
+ $ref: '#/components/headers/Content-Length'
3679
+ Content-Type:
3680
+ $ref: '#/components/headers/Content-Type'
3681
+ '503':
3682
+ description: Service Unavailable
3683
+ content:
3684
+ application/json:
3685
+ schema:
3686
+ $ref: '#/components/schemas/ErrorInformationResponse'
3687
+ headers:
3688
+ Content-Length:
3689
+ $ref: '#/components/headers/Content-Length'
3690
+ Content-Type:
3691
+ $ref: '#/components/headers/Content-Type'
3692
+ headers:
3693
+ Content-Length:
3694
+ required: false
3695
+ schema:
3696
+ type: integer
3697
+ description: |-
3698
+ The `Content-Length` header field indicates the anticipated size of the payload body. Only sent if there is a body.
3699
+
3700
+ **Note:** The API supports a maximum size of 5242880 bytes (5 Megabytes).
3701
+ Content-Type:
3702
+ schema:
3703
+ type: string
3704
+ required: true
3705
+ description: The `Content-Type` header indicates the specific version of the API used to send the payload body.