openapi: 3.0.1 info: title: Aggregation Hub - User API version: 'v1' contact: name: Meniga url: 'https://www.meniga.com' email: developers@meniga.com paths: # Aggregation API '/user/aggregation/v1/providers': get: summary: Get a list of data providers for aggregation security: - Login: - meniga_user_api tags: - Providers description: | Gets a list of providers that match the query parameters: - name: name in: query description: | The display name of the provider you are searching for. The result will include all providers whose display name contains the value of this parameter. required: false schema: $ref: '#/components/schemas/name' - name: country in: query description: | The ISO_3166-1_alpha-2 code for the country. The result will contain only those providers that are in the specified country. required: false schema: type: string - name: providerIds in: query description: | A comma separated string of provider id's. The result will contain only those providers that have the specified provider id's. required: false schema: $ref: '#/components/schemas/providerIds' style: form explode: false - name: types in: query description: | A comma separated string of provider types. The result will contain only those providers that have all the specified types. required: false schema: $ref: '#/components/schemas/types' style: form explode: false - name: capabilities in: query description: | A comma separated string of provider capabilities. The result will contain only those providers that have all the specified capabilities. required: false schema: $ref: '#/components/schemas/capabilities' style: form explode: false - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/take' - name: extended in: query schema: type: object description: | This parameter should be appended to the query string as separate key-value pairs where the key is named 'extended.key' where '.key' is some extended property of the Provider e.g. "extended.swift" for Account Information Providers. The result will contain only those providers that have all the specified extended properties. responses: '200': $ref: '#/components/responses/getProviders200' '400': $ref: '#/components/responses/badProviderFilter400' '401': $ref: '#/components/responses/unauthorized401' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/providers/{providerId}/accounts': get: summary: Get a list of available accounts from a provider. security: - Login: - meniga_user_api tags: - Providers description: | Gets a list of all available accounts from the provider. parameters: - $ref: '#/components/parameters/providerId' - $ref: '#/components/parameters/include' - $ref: '#/components/parameters/includeBalances' - $ref: '#/components/parameters/requestIdHeader_optional' - $ref: '#/components/parameters/User-IP-Address' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' responses: '200': $ref: '#/components/responses/getAccounts200' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '403': $ref: '#/components/responses/forbiddenConsentNotAvailable403' '404': $ref: '#/components/responses/providerNotFound404' '429': $ref: '#/components/responses/tooManyRequests429' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/providers/{providerId}/accounts/{accountId}': get: summary: Gets the addressed account resource security: - Login: - meniga_user_api tags: - Providers description: Gets a single account resource with the given account identifier. parameters: - $ref: '#/components/parameters/providerId' - $ref: '#/components/parameters/accountId' - $ref: '#/components/parameters/include' - $ref: '#/components/parameters/includeBalances' - $ref: '#/components/parameters/requestIdHeader_optional' - $ref: '#/components/parameters/User-IP-Address' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' responses: '200': $ref: '#/components/responses/getAccount200' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '403': $ref: '#/components/responses/forbiddenConsentNotAvailable403' '404': $ref: '#/components/responses/providerNotFound404' '429': $ref: '#/components/responses/tooManyRequests429' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/providers/{providerId}/accounts/{accountId}/transactions': get: summary: Get a list of transactions from a given account security: - Login: - meniga_user_api tags: - Providers description: | Gets a list of transactions for a given account parameters: - $ref: '#/components/parameters/providerId' - $ref: '#/components/parameters/accountId' - $ref: '#/components/parameters/includeBalances' - $ref: '#/components/parameters/lastSyncToken' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/take' - $ref: '#/components/parameters/reverse' - name: dateFrom in: query description: The inclusive transaction booked date to search from (YYYY-MM-DD) required: false schema: type: string format: date - name: dateTo in: query description: The exclusive transaction booked date to search to (YYYY-MM-DD) required: false schema: type: string format: date - $ref: '#/components/parameters/requestIdHeader_optional' - $ref: '#/components/parameters/User-IP-Address' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' responses: '200': $ref: '#/components/responses/getTransactions200' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '403': $ref: '#/components/responses/forbiddenConsentNotAvailable403' '404': $ref: '#/components/responses/providerNotFound404' '429': $ref: '#/components/responses/tooManyRequests429' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/providers/{providerId}/payments': post: summary: Initiate a payment security: - Login: - meniga_user_api tags: - Providers description: | Creates a payment initiation resource and starts the payment initiation flow parameters: - $ref: '#/components/parameters/providerId' - $ref: '#/components/parameters/requestIdHeader' - $ref: '#/components/parameters/User-IP-Address_required' - $ref: '#/components/parameters/clientRedirectUrl' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/preferredScaApproach' - $ref: '#/components/parameters/explicitAuthorizationPreferredPaymentInitiation' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' requestBody: description: | The payment initiation request. To create a standing order, include the periodic property and to create a bulk payment, add more recipients to the recipients list. required: true content: application/json: schema: $ref: '#/components/schemas/paymentInitiationRequest' examples: Sepa payment: value: paymentTypeId: "sepa-credit-transfers" paymentDate: "2019-01-01" purposeCode: "BKDF" debtorAccount: iban: "DE531234ABCD1234ABCD12" currency: "EUR" recipients: - instructedAmount: currency: "EUR" amount: 100.00 creditorAccount: iban: "DE531234ABCD1234ABCD12" currency: "EUR" creditorName: "Creditor Name" creditorAddress: street: "30 West Lane" city: "City 123" postCode: "AB123-456" country: "IS" remittanceInformationUnstructured: "Ref Number Abonnement" remittanceInformationStructured: reference: "Ref12" referenceType: "RefType1" referenceIssuer: "RefIssuer1" endToEndId: "ES-123456789" feeBearer: "following-service-level" Standing order: value: paymentTypeId: "sepa-credit-transfers" paymentDate: "2019-10-21" periodic: recurrence: format: "cron" expression: "0 0 21 * *" endDate: "2020-10-21" executionRule: "following" purposeCode: "BKDF" debtorAccount: iban: "DE531234ABCD1234ABCD12" currency: "EUR" recipients: - instructedAmount: currency: "EUR" amount: 200.00 creditorAccount: iban: "DE531234ABCD1234ABCD12" currency: "EUR" creditorName: "Creditor Name" creditorAddress: street: "30 West Lane" city: "City 123" postCode: "AB123-456" country: "IS" remittanceInformationUnstructured: "Ref Number Abonnement" remittanceInformationStructured: reference: "Ref32" referenceType: "RefType31" referenceIssuer: "RefIssuer13" endToEndId: "RF-123456789" feeBearer: "borne-by-creditor" extended: key1: "value1" key2: "value2" Bulk payment: value: paymentTypeId: "sepa-credit-transfers" paymentDate: "2019-01-01" purposeCode: "BKDF" debtorAccount: iban: "DE531234ABCD1234ABCD12" currency: "EUR" recipients: - instructedAmount: currency: "EUR" amount: 100.00 creditorAccount: iban: "DE531234ABCD1234ABCD12" currency: "EUR" creditorName: "Creditor Name 1" creditorAddress: street: "30 West Lane" city: "City 123" postCode: "AB123-456" country: "IS" - instructedAmount: currency: "EUR" amount: 500.00 creditorAccount: iban: "DE02100100109307118603" currency: "EUR" creditorName: "Creditor Name 2" creditorAddress: street: "40 West Lane" city: "City 423" postCode: "BA123-456" country: "UK" remittanceInformationUnstructured: "Ref Number Merchant" remittanceInformationStructured: reference: "Ref44" referenceType: "RefType44" referenceIssuer: "RefIssuer44" endToEndId: "AS-123456789" feeBearer: "following-service-level" responses: '201': $ref: '#/components/responses/postPayment201' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '403': $ref: '#/components/responses/providerDisabled403' '404': $ref: '#/components/responses/providerNotFound404' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/providers/{providerId}/payments/{paymentId}': get: summary: Gets the addressed payment initiation resource security: - Login: - meniga_user_api tags: - Providers description: | Gets the current state of the payment initiation resource with the given paymentId. parameters: - $ref: '#/components/parameters/providerId' - $ref: '#/components/parameters/paymentId' - $ref: '#/components/parameters/include' - $ref: '#/components/parameters/fetchFromConnectorPayment' responses: '200': $ref: '#/components/responses/getPayment200' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '403': $ref: '#/components/responses/providerDisabled403' '404': $ref: '#/components/responses/paymentNotFound404' '500': $ref: '#/components/responses/serverException500' delete: summary: Cancel an initiated payment security: - Login: - meniga_user_api tags: - Providers description: | Starts the payment cancellation flow to cancel the addressed payment initiation parameters: - $ref: '#/components/parameters/providerId' - $ref: '#/components/parameters/paymentId' - $ref: '#/components/parameters/requestIdHeader' - $ref: '#/components/parameters/clientRedirectUrl' - $ref: '#/components/parameters/preferredScaApproach' - $ref: '#/components/parameters/User-IP-Address' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' responses: '202': $ref: '#/components/responses/deletePayment202' '204': $ref: '#/components/responses/deletePayment204' '400': $ref: '#/components/responses/deletePayment400' '401': $ref: '#/components/responses/unauthorized401' '403': $ref: '#/components/responses/providerDisabled403' '404': $ref: '#/components/responses/paymentNotFound404' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/providers/{providerId}/payments/{paymentId}/status': get: summary: Gets the status of the addressed payment initiation resource security: - Login: - meniga_user_api tags: - Providers description: | Gets the current status of the payment initiation resource with the given paymentId. parameters: - $ref: '#/components/parameters/providerId' - $ref: '#/components/parameters/paymentId' - $ref: '#/components/parameters/fetchFromConnectorStatus' - $ref: '#/components/parameters/requestIdHeader_optional' - $ref: '#/components/parameters/User-IP-Address' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' responses: '200': $ref: '#/components/responses/getPaymentStatus200' '400': $ref: '#/components/responses/getPayment400' '401': $ref: '#/components/responses/unauthorized401' '403': $ref: '#/components/responses/providerDisabled403' '404': $ref: '#/components/responses/paymentNotFound404' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/providers/{providerId}/payments/types': get: summary: Get the list of payment types for a provider. security: - Login: - meniga_user_api tags: - Providers description: | Gets a list of all available payment types for a provider. parameters: - $ref: '#/components/parameters/providerId' responses: '200': $ref: '#/components/responses/getPaymentTypes200' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '403': $ref: '#/components/responses/providerDisabled403' '404': $ref: '#/components/responses/providerNotFound404' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/providers/{providerId}/payments/templates/{paymentTypeId}': get: summary: Gets a single payment template for a provider and the given payment type. security: - Login: - meniga_user_api tags: - Providers description: | Gets a single payment template for a provider and the given payment type. parameters: - $ref: '#/components/parameters/providerId' - $ref: '#/components/parameters/paymentTypeId' responses: '200': $ref: '#/components/responses/getProviderPaymentTemplate200' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '403': $ref: '#/components/responses/providerDisabled403' '404': $ref: '#/components/responses/providerNotFound404' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/consents': post: summary: Create consent security: - Login: - meniga_user_api tags: - Consents description: | Creates a consent for an intent and starts the flow to authorize it. The authorization property on the response describes how the authorization flow can be continued, e.g. by redirecting to the provider's authorization page or by supplying user credentials directly by posting them to the consent's authorizations endpoint. parameters: - $ref: '#/components/parameters/clientRedirectUrl' - $ref: '#/components/parameters/requestIdHeader' - $ref: '#/components/parameters/User-IP-Address_required' - $ref: '#/components/parameters/preferredScaApproach' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/explicitAuthorizationPreferred' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' requestBody: description: | The consent to create. required: true content: application/json: schema: $ref: '#/components/schemas/createConsentRequest' examples: Account global consent: value: providerId: "ah-bank-x" intent: allAccounts: - details - balances - transactions recurring: true validUntil: "2020-01-01" frequency: 4 combinedServiceIndicator: true Account bank offered consent: value: providerId: "ah-bank-x" intent: recurring: true validUntil: "2020-01-01" frequency: 4 combinedServiceIndicator: true Account detailed consent: value: providerId: "ah-bank-x" intent: accounts: - iban: "DE531234ABCD1234ABCD12" currency: "EUR" permissions: - details - bban: "BARC12345612345678" currency: "GBP" permissions: - details - balances - transactions - Pan: "5409050000000000" currency: "GBP" permissions: - details - MaskedPan: "123456xxxxxx1234" currency: "EUR" permissions: - details - Msisdn: "+49 170 1234567" currency: "ISK" permissions: - details - balances recurring: true validUntil: "2020-01-01" frequency: 4 combinedServiceIndicator: true Consent to perform payment: value: providerId: "ah-bank-x" intent: paymentId : "72643777-4159-4D15-841A-77338158A5AD" Consent to cancel payment: value: providerId: "ah-bank-x" intent: cancelledPaymentId : "72643777-4159-4D15-841A-77338158A5AD" responses: '201': $ref: '#/components/responses/postConsent201' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '500': $ref: '#/components/responses/serverException500' get: summary: List consents security: - Login: - meniga_user_api tags: - Consents description: | Gets a list of all the users consents. parameters: - $ref: '#/components/parameters/consentStatuses' - $ref: '#/components/parameters/accountIds' - $ref: '#/components/parameters/paymentIds' - $ref: '#/components/parameters/providerIdInQuery' - $ref: '#/components/parameters/consentIntent' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/take' responses: '200': $ref: '#/components/responses/getConsents200' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '500': $ref: '#/components/responses/serverException500' delete: summary: Revokes all AIS consents that have status 'valid' security: - Login: - meniga_user_api tags: - Consents description: | Revokes all AIS consents for the user that have status 'valid' parameters: - $ref: '#/components/parameters/requestIdHeader' responses: '202': $ref: '#/components/responses/deleteConsents202' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/consents/{consentId}': get: summary: Gets the addressed consent security: - Login: - meniga_user_api tags: - Consents description: Gets one consent parameters: - in: path name: consentId description: Consent resource identifier required: true schema: $ref: '#/components/schemas/consentId' - $ref: '#/components/parameters/requestIdHeader_optional' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/User-IP-Address' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' responses: '200': $ref: '#/components/responses/getConsent200' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '404': $ref: '#/components/responses/consentNotFound404' '500': $ref: '#/components/responses/serverException500' delete: summary: Revoke consent security: - Login: - meniga_user_api tags: - Consents description: | Revokes the specified consent. parameters: - in: path name: consentId description: Consent resource identifier required: true schema: $ref: '#/components/schemas/consentId' - $ref: '#/components/parameters/requestIdHeader' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/User-IP-Address' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' responses: '204': $ref: '#/components/responses/deleteConsent204' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/consents/{consentId}/authorizations': post: summary: Add required inputs security: - Login: - meniga_user_api tags: - Consents description: | Continues the consent's authorization flow by adding required inputs as described by the consent's authorization property. parameters: - in: path name: consentId description: Consent resource identifier required: true schema: $ref: '#/components/schemas/consentId' - $ref: '#/components/parameters/requestIdHeader' - $ref: '#/components/parameters/User-IP-Address_required' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' requestBody: description: | Inputs required for authorization to transition to next state required: true content: application/json: schema: $ref: '#/components/schemas/authorizationInputs' responses: '201': $ref: '#/components/responses/postAuthorization201' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '403': $ref: '#/components/responses/forbiddenConsentNotAvailable403' '404': $ref: '#/components/responses/consentNotFound404' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/consents/{consentId}/history': get: summary: Gets the consent activities security: - Login: - meniga_user_api tags: - Consents description: Gets the consent activities including state changes and usages parameters: - in: path name: consentId description: Consent resource identifier required: true schema: $ref: '#/components/schemas/consentId' - $ref: '#/components/parameters/consentActivityTypes' - name: dateFrom in: query description: From which date to fetch activities (inclusive). A UTC date time in ISO 8601 format required: false schema: type: string format: date-time - name: dateTo in: query description: To which date to fetch activities (exclusive). A UTC date time in ISO 8601 format required: false schema: type: string format: date-time - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/take' responses: '200': $ref: '#/components/responses/getConsentActivity200' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '404': $ref: '#/components/responses/consentNotFound404' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/consents/history': get: summary: Gets consent activities of all consents security: - Login: - meniga_user_api tags: - Consents description: Gets consent activities of all consents including state changes and consent usages parameters: - $ref: '#/components/parameters/providerIdInQuery' - name: providerName in: query description: | The display name of the provider you are searching for. The result will include all providers whose display name contains the value of this parameter. required: false schema: $ref: '#/components/schemas/name' - $ref: '#/components/parameters/consentActivityTypes' - name: dateFrom in: query description: From which date to fetch activities (inclusive). A UTC date time in ISO 8601 format required: false schema: type: string format: date-time - name: dateTo in: query description: To which date to fetch activities (exclusive). A UTC date time in ISO 8601 format required: false schema: type: string format: date-time - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/take' responses: '200': $ref: '#/components/responses/getConsentActivity200' '400': $ref: '#/components/responses/badRequest400' '401': $ref: '#/components/responses/unauthorized401' '500': $ref: '#/components/responses/serverException500' '/user/aggregation/v1/me': delete: summary: Delete a user and all linked user data. security: - Login: - meniga_user_api tags: - Users parameters: - $ref: '#/components/parameters/requestIdHeader_optional' - $ref: '#/components/parameters/User-IP-Address' - $ref: '#/components/parameters/userIdHeader' - $ref: '#/components/parameters/User-IP-Port' - $ref: '#/components/parameters/User-Accept' - $ref: '#/components/parameters/User-Accept-Charset' - $ref: '#/components/parameters/User-Accept-Encoding' - $ref: '#/components/parameters/User-Accept-Language' - $ref: '#/components/parameters/User-User-Agent' - $ref: '#/components/parameters/User-Http-Method' - $ref: '#/components/parameters/User-Device-ID' - $ref: '#/components/parameters/User-Geo-Location' - $ref: '#/components/parameters/acceptLanguage-Header' - $ref: '#/components/parameters/Channel-Id' - $ref: '#/components/parameters/MS-Request-Id' description: | Deletes the authorized user and all linked user data, including accounts, consents and payments. responses: '204': $ref: '#/components/responses/deleteUser204' '401': $ref: '#/components/responses/unauthorized401' '500': $ref: '#/components/responses/serverException500' components: # Security ####################################################################### securitySchemes: Login: type: oauth2 flows: implicit: authorizationUrl: https://sts.meniga.cloud/identity/connect/authorize scopes: meniga_user_api: # Parameters ##################################################################### parameters: providerId: name: providerId in: path description: | The id of the provider required: true schema: $ref: '#/components/schemas/providerId' paymentTypeId: name: paymentTypeId in: path description: The id of the payment type required: true schema: $ref: '#/components/schemas/paymentTypeId' templateId: name: templateId in: path description: The id of the template required: true schema: $ref: '#/components/schemas/templateId' accountId: name: accountId in: path description: | The id of the account required: true schema: $ref: '#/components/schemas/accountId' include: name: include in: query description: | Dictates whether to include a reference entity in the response required: false schema: $ref: '#/components/schemas/include' fetchFromConnectorStatus: name: fetchFromConnector in: query description: | Dictates whether to fetch payment status directly from the bank required: false schema: type: bool default: true fetchFromConnectorPayment: name: fetchFromConnector in: query description: | Dictates whether to fetch payment status directly from the bank required: false schema: type: bool default: false paymentId: in: path name: paymentId description: | The id of the payment required: true schema: $ref: '#/components/schemas/paymentId' skip: name: skip in: query description: | Specifies how many items in the entire result set to skip in the response. required: false schema: type: integer minimum: 0 lastSyncToken: name: lastSyncToken in: query description: | Incrementally get transactions that were created after the provided synchronization token required: false schema: type: string take: name: take in: query description: | Specifies how many items in the entire result set to include in the response. required: false schema: type: integer minimum: 0 reverse: name: reverse in: query description: | Specifies if the order of result list should be reversed in comparison to the default one. required: false schema: type: boolean consentStatuses: name: status in: query description: | The statuses in which to include consents from. required: false style: form explode: false schema: type: array items: $ref: '#/components/schemas/consentStatus' default: [pending-authorization,partially-authorized,valid] accountIds: name: accountIds in: query description: | The account ids the consent gives access to required: false style: form schema: type: array items: $ref: '#/components/schemas/accountId' paymentIds: name: paymentIds in: query description: | The payment ids the consent gives access to required: false style: form schema: type: array items: $ref: '#/components/schemas/paymentId' acceptLanguage-Header: name: Accept-Language in: header description: | The standard HTTP protocol Accept Language header : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Language schema: type: string required: false consentIntent: name: intent in: query description: | Specifies the intent of the consents to include in the query result. Defaults to account access consents only. required: false schema: type: string enum: - access-accounts-only - perform-payments-only - cancel-payments-only - all default: access-accounts-only providerIdInQuery: name: providerId in: query description: | The id of the provider required: false schema: $ref: '#/components/schemas/providerId' preferredScaApproach: name: Preferred-SCA-Approach in: header description: | The preferred approach for SCA. Note that the provider can ignore this at their own discretion. required: false schema: $ref: '#/components/schemas/scaApproach' explicitAuthorizationPreferred: name: Explicit-Authorization-Preferred in: header description: | 'true' to indicate that the caller intends to authorize this consent along with other consents with one SCA by including them in a new consent with the 'consentToAuthorizeConsents' intent type. required: false schema: type: boolean explicitAuthorizationPreferredPaymentInitiation: name: Explicit-Authorization-Preferred in: header description: | 'true' to indicate that the caller intends to sign this payment initiation along with other consents with one SCA by including them in a new consent with the 'consentToAuthorizeConsents' intent type. required: false schema: type: boolean clientRedirectUrl: name: Redirect-Url in: header description: | The location where the provider should redirect the client after authorizing in a redirect flow. required: false schema: type: string requestIdHeader: name: X-Request-Id in: header description: A unique identifier for the request required: true schema: type: string maxLength: 50 requestIdHeader_optional: name: X-Request-Id in: header description: A unique identifier for the request required: false schema: type: string maxLength: 50 userIdHeader: name: User-Id in: header description: | User Id of the user in the provider's user interface, an Id that is known by the user. The Provider.Extended.UserIdRequired property indicates if this is a required field for the given Provider required: false schema: type: string User-IP-Address: name: User-IP-Address in: header description: Originating IP Address required: false schema: type: string User-IP-Address_required: name: User-IP-Address in: header description: Originating IP Address required: true schema: type: string User-IP-Port: name: User-IP-Port in: header description: Originating IP Port required: false schema: type: string User-Accept: name: User-Accept in: header description: Originating HTTP request Accept header field required: false schema: type: string User-Accept-Charset: name: User-Accept-Charset in: header description: Originating HTTP request Accept-Charset header field required: false schema: type: string User-Accept-Encoding: name: User-Accept-Encoding in: header description: Originating HTTP request Accept-Encoding header field required: false schema: type: string User-Accept-Language: name: User-Accept-Language in: header description: Originating HTTP request Accept-Language header field required: false schema: type: string User-User-Agent: name: User-User-Agent in: header description: Originating HTTP request User-Agent header field required: false schema: type: string User-Http-Method: name: User-Http-Method in: header description: Originating HTTP request Http-Method header field required: false schema: type: string User-Device-ID: name: User-Device-ID in: header description: UUID (Universally Unique Identifier) for a device, which is used by the user. required: false schema: type: string User-Geo-Location: name: User-Geo-Location in: header description: Originating request Geo-Location required: false schema: type: string Channel-Id: name: Channel-Id in: header required: false schema: type: string MS-Request-Id: name: MS-Request-Id in: header required: false schema: type: string consentActivityTypes: name: activityType in: query description: | Activity types to search for required: false style: form explode: false schema: type: array items: $ref: '#/components/schemas/consentActivityType' default: [consent-created, consent-authorized] includeBalances: name: includeBalances in: query description: | Dictates whether to include balances in the response required: false schema: type: boolean # Responses ###################################################################### responses: postAuthorization201: description: | Ok, the inputs were successfully added. This process must be repeated while the status is "InProgress". content: application/json: schema: type: object properties: data: $ref: '#/components/schemas/authorization' examples: Authorization requires input: value: data: id: "cd84dadd-dcde-4a4c-9d20-87f9482894be" status: "in-progress" authorized: requires: inputs: - name: "userName" type: "text" - name: "passWord" type: "text" Authorization requires redirect: value: data: id: "dce7f571-be78-4416-a693-1c66fae9ccfb" status: "authorized" authorized: "2020-01-01" requires: redirectUrl: "https://provider.example.com/auth" Authorization requires OAuth: value: data: id: "abf28b30-62d2-4a39-8aee-b90072637627" status: "in-progress" authorized: requires: oAuthUrl: "https://provider.example.com/oauth" inputs: - name: "debtorAccount.input" type: "text" displayName: "Debtor Account" options: - value: "1" displayName: "One" - value: "2" displayName: "Two" data: "Some data" format: "text" Authorization requires Decoupled: value: data: id: "1e13cd25-0b14-40fe-9904-dbab2f3b1c65" status: "in-progress" authorized: requires: message: "Please authorize the transaction using your app..." data: "01234" postConsent201: description: | Ok, created the consent. To authorize it, follow the flow described by the consent's authorization property. headers: SCA-Approach: description: Type of authorization approach to authorize consent with schema: $ref: '#/components/schemas/scaApproach' content: application/json: schema: type: object description: | The result of posting a consent. required: - consentId properties: data: $ref: '#/components/schemas/consent' getConsents200: description: Ok content: application/json: schema: type: object properties: data: type: array items: $ref: '#/components/schemas/consent' getConsent200: description: Ok content: application/json: schema: type: object properties: data: $ref: '#/components/schemas/consent' examples: Account access consent: value: data: id: "4dc16e02-2152-4d0e-b1ba-ae6d476afe07" providerId: "ah-bank-x" providerConsentId: "77338158A5XBANK" intent: allAccounts: - details - balances - transactions recurring: true validUntil: "2021-01-01" frequency: 4 accountIds: - 72643777-4159-4D15-841A-77338158A5AD - AC363F23-4844-1165-116A-773381235627 - 03b69486-9964-4958-bab7-f8a22a92f027 combinedServiceIndicator: true created: "2019-12-15T10:53:08Z" lastUsed: "2019-12-15T10:54:08Z" status: "valid" authorization: id: "1392c6da-464d-4189-8786-c54b10af6abe" status: "authorized" authorized: "2019-12-15T10:53:18Z" Payment initiation consent: value: data: id: "4d22f570-e72e-48c8-971e-f0bd32c709dd" providerId: "ah-bank-x" intent: paymentId: "9a63dc07-e477-4507-a550-9caf13247b3c" created: "2019-12-12T10:11:22Z" lastUsed: "2019-12-15T10:11:22Z" status: "valid" authorization: id: "85978213-6460-41c7-9723-a66ea1345b07" status: "authorized" authorized: "2019-12-12T10:11:22Z" Payment cancellation consent: value: data: id: "60f3002d-8110-4ab2-b1be-6eada1197697" providerId: "ah-bank-x" intent: cancelledPaymentId: "af2c8061-fbcb-4168-ba3a-1c0fa7fb5e96" created: "2019-12-15T10:11:22Z" lastUsed: "2019-12-15T10:11:22Z" status: "valid" authorization: id: "6e5b2043-02d1-48de-a240-d8ebbcf4bdd8" status: "authorized" authorized: "2019-12-15T10:11:22Z" deleteConsent204: description: | Ok, the consent is revoked. deleteConsents202: description: | Request accepted for processing, the user AIS consents will be revoked in the background. deleteUser204: description: | Ok, the user and all user data, accounts, consents and payments have been deleted. consentNotFound404: description: | A consent with the given consentId can't be found. getConsentActivity200: description: Ok with a list of consent activities content: application/json: schema: type: object properties: data: $ref: '#/components/schemas/consentActivityList' getProviders200: description: OK with a list of providers content: application/json: schema: type: object properties: data: $ref: '#/components/schemas/providerList' example: data: - id: "ah-bank-x" name: "Bank X" description: "The Mock Bank X banking solution provider" type: - user-information - payment-initiation - account-information capabilities: - "gender" - "date-of-birth" - "payments" - "bulk-payments" - "periodic-payments" - "account-details" - "account-balance" - "account-detailed-consent" - "account-global-consent" - "account-bank-offered-consent" - "transactions" - "fund-confirmation" homeUrl: "https://bank-x.example.com" logoUrl: "https://bank-x.example.com/logo.tif" country: "GB" status: "online" authorization: - "oauth2" - "decoupled" - "embedded" - "redirect" extended: swift: - "MOCKBANKX" userIdRequired: false specification: "CBI" - id: "ah-bank-y" name: "Bank Y" description: "The Mock Bank Y banking solution provider" type: - account-information capabilities: - "account-details" - "account-balance" - "account-detailed-consent" - "account-global-consent" homeUrl: "https://bank-y.example.com" logoUrl: "https://bank-y.example.com/logo.tif" country: "IS" status: "online" authorization: - "redirect" getPaymentTypes200: description: OK with a list of payment types content: application/json: schema: type: object properties: data: $ref: '#/components/schemas/paymentTypeList' getProviderPaymentTemplate200: description: OK with a single payment template content: application/json: schema: type: object properties: data: $ref: '#/components/schemas/providerPaymentTemplate' badProviderFilter400: description: Error response content: application/json: schema: $ref: '#/components/schemas/errorResponse400' getAccount200: description: Ok content: application/json: schema: type: object properties: data: $ref: '#/components/schemas/account' included: type: object properties: consent: $ref: '#/components/schemas/consent' example: data: id: c8513bd4-571d-4101-ad49-5c7209853858 providerId: "ah-bank-x" name: "AccountName-1" productName: "BankCurrent" accountType: "current" currency: "GBP" iban: "GB14 0159 2601 8321 9999 9999 99" bic: "GBUTDEEFDEB" balances: - currency: GBP amount: 802 type: closing-booked date: "2019-12-05T12:59:00Z" customData: key1: "value1" key2: "value2" included: consent: id: "f3886141c2a6-4296-805c-9cce1196ae05" providerId: "ah-bank-x" providerConsentId: "77338158A5XBANK" intent: allAccounts: - details - balances - transactions recurring: true validUntil: "2020-01-01" frequency: 4 accountIds: - "dd4203fe-08ad-44ad-b5c5-062ce198388b" - "c8513bd4-571d-4101-ad49-5c7209853858" - "03b69486-9964-4958-bab7-f8a22a92f027" combinedServiceIndicator: true created: "2019-12-05T10:53:08Z" lastUsed: "2019-12-05T12:59:00Z" status: "valid" authorization: id: "8f8f85c9-85bd-4e22-8989-0a75a5614d87" status: "authorized" authorized: "2019-12-05T10:53:18Z" getAccounts200: description: Ok content: application/json: schema: type: object properties: data: type: array items: $ref: '#/components/schemas/account' included: type: object properties: consent: $ref: '#/components/schemas/consent' example: data: - id: c8513bd4-571d-4101-ad49-5c7209853858 providerId: "ah-bank-x" name: "AccountName-1" productName: "BankCurrent" accountType: "current" currency: "GBP" iban: "GB14 0159 2601 8321 9999 9999 99" bic: "GBUTDEEFDEB" balances: - currency: GBP amount: 802 type: closing-booked date: "2019-12-05T12:59:00Z" customData: key1: "value1" key2: "value2" - id: "dd4203fe-08ad-44ad-b5c5-062ce198388b" providerId: "ah-bank-x" name: "AccountName-2" productName: "BankCredit" accountType: "credit" currency: "EUR" iban: "DE49 0159 2601 8322 9999 9999 99" balances: - currency: "EUR" amount: 71055 type: "closing-booked" date: "2019-12-05T12:59:00Z" customData: key1: "value1" - id: "03b69486-9964-4958-bab7-f8a22a92f027" providerId: "ah-bank-x" name: "AccountName-3" productName: "BankSavings" accountType: "savings" currency: "ISK" iban: "IS84 0159 2601 8323 9999 9999 99" bic: "ISUTDEEFDEB" balances: - currency: "ISK" amount: 8287541 type: "closing-booked" date: "2019-12-05T12:59:00Z" customData: key1: "value1" key2: "value2" included: consent: id: "f3886141c2a6-4296-805c-9cce1196ae05" providerId: "ah-bank-x" providerConsentId: "77338158A5XBANK" intent: allAccounts: - details - balances - transactions recurring: true validUntil: "2020-01-01" frequency: 4 accountIds: - "dd4203fe-08ad-44ad-b5c5-062ce198388b" - "c8513bd4-571d-4101-ad49-5c7209853858" - "03b69486-9964-4958-bab7-f8a22a92f027" combinedServiceIndicator: true created: "2019-12-05T10:53:08Z" lastUsed: "2019-12-05T12:59:00Z" status: "valid" authorization: id: "95ff5204-2083-44db-b2cd-70bd096ede99" status: "authorized" authorized: "2019-12-05T10:53:18Z" getTransactions200: description: Ok content: application/json: schema: type: object properties: data: type: array items: $ref: '#/components/schemas/transaction' meta: type: object properties: lastSyncToken: $ref: '#/components/schemas/syncToken' balances: type: array items: $ref: '#/components/schemas/balance' postPayment201: description: | Ok, created payment initiation resource. The consent flow to authorize the payment must now be completed. content: application/json: schema: $ref: '#/components/schemas/paymentInitiationResult' getPayment200: description: Ok content: application/json: schema: type: object properties: data: $ref: '#/components/schemas/paymentInitiation' included: type: object properties: consent: $ref: '#/components/schemas/consent' cancelationConsent: $ref: '#/components/schemas/consent' getMenigaPayment200: description: Ok content: application/json: schema: type: object properties: data: $ref: '#/components/schemas/paymentInitiation' getPayments200: description: Ok content: application/json: schema: type: object properties: data: type: array items: $ref: '#/components/schemas/paymentInitiation' getPaymentStatus200: description: Ok content: application/json: schema: $ref: '#/components/schemas/paymentStatusResult' getPayment400: description: | Bad request, the supplied payment id is malformed. content: application/json: schema: $ref: '#/components/schemas/errorResponse400' deletePayment202: description: | Accepted, the consent flow to authorize the cancellation of the payment must now be completed. content: application/json: schema: type: object properties: data: $ref: '#/components/schemas/consent' deletePayment204: description: | Ok, the payment has been cancelled. deletePayment400: description: | The payment can't be cancelled as it has already been processed. content: application/json: schema: $ref: '#/components/schemas/errorResponse400' paymentNotFound404: description: | A payment with the given paymentId can't be found. providerNotFound404: description: | A provider with the given id can't be found. badRequest400: description: | The request is invalid or malformed. content: application/json: schema: $ref: '#/components/schemas/errorResponse400' unauthorized401: description: | Client credentials are missing or invalid. content: application/json: schema: type: object properties: errors: type: array items: type: object properties: message: type: string code: type: string enum: - unauthorized example: unauthorized forbiddenConsentNotAvailable403: description: | A valid consent does not exist for this operation. content: application/json: schema: type: object properties: errors: type: array items: type: object properties: message: type: string code: type: string enum: - consent-not-available - consent-expired - provider-disabled example: consent-not-available providerDisabled403: description: | The provider has been disabled. content: application/json: schema: type: object properties: errors: type: array items: type: object properties: message: type: string code: type: string enum: - provider-disabled example: provider-disabled tooManyRequests429: description: | The number of requests has exceeded the number of requests allowed by the consent. serverException500: description: | Server exception content: application/json: schema: $ref: '#/components/schemas/errorDocument500' schemas: # value types ################################################################### consentId: description: Consent resource identifier type: string format: uuid syncToken: description: Synchronization token type: string example: '7c7840b290914a0fa4d51eb2ea8f6acc' consentStatus: description: Consent status type: string enum: - pending-authorization - partially-authorized - valid - rejected - revoked - expired scaApproach: type: string enum: - embedded - redirect - oauth2 - decoupled name: description: 'The display name of the Provider' type: string description: description: 'The description of the Provider' type: string example: 'This provider gives you access to account data' providerIds: description: 'A comma seperated list of provider ids' type: array items: type: string types: description: 'The type of the Provider' type: array items: type: string enum: - user-information - account-information - payment-initiation capabilities: description: 'The data capabilities of the Provider' type: array items: type: string enum: - name - email - phone-number - ssn - address - gender - date-of-birth - payments - bulk-payments - periodic-payments - account-details - account-balance - account-detailed-consent - account-global-consent - account-bank-offered-consent - transactions - fund-confirmation minLength: description: Minimum length of an input type: number example: 5 maxLength: description: Maximum length of an input type: number example: 35 inputId: description: Id of an input item type: number example: 3505 inputType: description: The type of input control to present to the user type: string enum: - text - password - number - select - multi-select example: "number" input: description: Required input field type: object required: - name - type properties: name: $ref: '#/components/schemas/inputName' type: $ref: '#/components/schemas/inputType' displayName: $ref: '#/components/schemas/inputDisplayName' options: description: | When the value in the type field is Select or MultiSelect, the options field contains the valid options that can be selected. type: array items: type: object required: - value properties: value: description: The value of the option. type: string displayName: description: A user friendly name for the option. type: string data: description: | Any additional data to present to the user. If it is binary (as specified by the format field), it is Base64 encoded. type: string format: description: | The format (compliant with RFC 6838 spec) of the value in the data field. type: string inputName: description: The name of the input type: string example: "debtorAccount.iban" inputDisplayName: description: A user friendly name for the input type: string example: "IBAN number" inputPattern: description: A pattern used to validate input type: string example: "[A-Z][0-6]{15,34}" validValues: description: An array of valid values type: array items: type: string example: - EUR - ISK - GBP required: description: States if an input is required in a template type: boolean example: true templateId: description: Id of a template type: integer example: "1" templateName: description: A name of a template type: string example: "Instant payment single" templatePaymentTypeId: description: | The id of the payment type this template will be used for. type: string example: "sepa-credit-transfers" homeUrl: description: 'The website of the Provider' type: string example: 'https://www.example.com' logoUrl: description: 'The URI of the Provider logo' type: string example: 'https://www.example.com/logo.tif' status: description: | The status of the Provider. 'online' : the Provider is enabled and ready to provide data. 'offline' : the Provider is enabled and temporarily offline. 'disabled' : the Provider has been disabled and can not be used. type: string enum: - online - offline - disabled example: online authorizationFlowsList: description: 'The authorization flows the Provider supports' type: array items: $ref: '#/components/schemas/scaApproach' accountId: description: The Aggregation hub account id. type: string format: uuid maxLength: 36 providerAccountId: description: Account identifier retrieved from provider type: string format: text example: '6EC1701F52D94C94A47913C73517F88F' include: description: The includes option. type: string accountName: description: Account Name type: string maxLength: 128 example: "AccountName" accountProductName: description: Product name for the account type: string maxLength: 128 example: "SparCredit" accountType: description: Account type type: string enum: - credit - current - savings - loan - asset example: "credit" currencyCode: description: | ISO 4217 Alpha 3 currency code type: string pattern: "[A-Z]{3}" example: "EUR" transactionId: description: | Identifies a transaction type: string example: "7c7840b2-9091-4a0f-a4d5-1eb2ea8f6acc" bookingDate: description: | The date and time (in UTC) when an entry is posted to an account on the provider's books. type: string format: date-time example: '2019-01-01T10:00:00.00Z' valueDate: description: | The date and time (in UTC) at which assets become available to the account owner in case of a credit. type: string format: date-time example: '2019-01-01T10:11:12.13Z' executionDate: description: | The date and time (in UTC) at which the transaction was executed. type: string format: date-time example: '2019-01-01T10:11:12.13Z' transactionDate: description: | The date and time (in UTC) of the actual transaction. type: string format: date-time example: '2019-01-01T10:11:12.13Z' transactionText: description: | Text of the transactions type: string example: "Starbucks" exchangeRate: description: Exchange rate type: object properties: currencyFrom: $ref: '#/components/schemas/currencyCode' currencyTo: $ref: '#/components/schemas/currencyCode' rate: $ref: '#/components/schemas/rate' rateDate: $ref: '#/components/schemas/rateDate' rate: description: The fx rate type: number pattern: "[0-9]{1,14}(\\.[0-9]{1,10})?" example: 0.1802221 rateDate: description: Date and time of exchange rate type: string format: date-time example: '2019-01-01T11:22:00Z' exchangeRates: description: Array of exchange rates type: array items: $ref: '#/components/schemas/exchangeRate' purposeCode: description: | ExternalPurpose1Code from ISO 20022. Values from ISO 20022 External Code List ExternalCodeSets_1Q2018 June 2018 type: string enum: - "BKDF" - "BKFE" - "BKFM" - "BKIP" - "BKPP" - "CBLK" - "CDCB" - "CDCD" - "CDCS" - "CDDP" - "CDOC" - "CDQC" - "ETUP" - "FCOL" - "MTUP" - "ACCT" - "CASH" - "COLL" - "CSDB" - "DEPT" - "INTC" - "LIMA" - "NETT" - "BFWD" - "CCIR" - "CCPC" - "CCPM" - "CCSM" - "CRDS" - "CRPR" - "CRSP" - "CRTL" - "EQPT" - "EQUS" - "EXPT" - "EXTD" - "FIXI" - "FWBC" - "FWCC" - "FWSB" - "FWSC" - "MARG" - "MBSB" - "MBSC" - "MGCC" - "MGSC" - "OCCC" - "OPBC" - "OPCC" - "OPSB" - "OPSC" - "OPTN" - "OTCD" - "REPO" - "RPBC" - "RPCC" - "RPSB" - "RPSC" - "RVPO" - "SBSC" - "SCIE" - "SCIR" - "SCRP" - "SHBC" - "SHCC" - "SHSL" - "SLEB" - "SLOA" - "SWBC" - "SWCC" - "SWPT" - "SWSB" - "SWSC" - "TBAS" - "TBBC" - "TBCC" - "TRCP" - "AGRT" - "AREN" - "BEXP" - "BOCE" - "COMC" - "CPYR" - "GDDS" - "GDSV" - "GSCB" - "LICF" - "MP2B" - "POPE" - "ROYA" - "SCVE" - "SERV" - "SUBS" - "SUPP" - "TRAD" - "CHAR" - "COMT" - "MP2P" - "ECPG" - "ECPR" - "ECPU" - "EPAY" - "CLPR" - "COMP" - "DBTC" - "GOVI" - "HLRP" - "HLST" - "INPC" - "INPR" - "INSC" - "INSU" - "INTE" - "LBRI" - "LIFI" - "LOAN" - "LOAR" - "PENO" - "PPTI" - "RELG" - "RINP" - "TRFD" - "FORW" - "FXNT" - "ADMG" - "ADVA" - "BCDM" - "BCFG" - "BLDM" - "BNET" - "CBFF" - "CBFR" - "CCRD" - "CDBL" - "CFEE" - "CGDD" - "CORT" - "COST" - "CPKC" - "DCRD" - "DSMT" - "DVPM" - "EDUC" - "FACT" - "FAND" - "FCPM" - "FEES" - "GOVT" - "ICCP" - "IDCP" - "IHRP" - "INSM" - "IVPT" - "MCDM" - "MCFG" - "MSVC" - "NOWS" - "OCDM" - "OCFG" - "OFEE" - "OTHR" - "PADD" - "PTSP" - "RCKE" - "RCPT" - "REBT" - "REFU" - "RENT" - "REOD" - "RIMB" - "RPNT" - "RRBN" - "RVPM" - "SLPI" - "SPLT" - "STDY" - "TBAN" - "TBIL" - "TCSC" - "TELI" - "TMPG" - "TPRI" - "TPRP" - "TRNC" - "TRVC" - "WEBI" - "ANNI" - "CAFI" - "CFDI" - "CMDT" - "DERI" - "DIVD" - "FREX" - "HEDG" - "INVS" - "PRME" - "SAVG" - "SECU" - "SEPI" - "TREA" - "UNIT" - "FNET" - "FUTR" - "ANTS" - "CVCF" - "DMEQ" - "DNTS" - "HLTC" - "HLTI" - "HSPC" - "ICRF" - "LTCF" - "MAFC" - "MARF" - "MDCS" - "VIEW" - "CDEP" - "SWFP" - "SWPP" - "SWRS" - "SWUF" - "ADCS" - "AEMP" - "ALLW" - "ALMY" - "BBSC" - "BECH" - "BENE" - "BONU" - "CCHD" - "COMM" - "CSLP" - "GFRP" - "GVEA" - "GVEB" - "GVEC" - "GVED" - "GWLT" - "HREC" - "PAYR" - "PEFC" - "PENS" - "PRCP" - "RHBS" - "SALA" - "SSBE" - "LBIN" - "LCOL" - "LFEE" - "LMEQ" - "LMFI" - "LMRK" - "LREB" - "LREV" - "LSFL" - "ESTX" - "FWLV" - "GSTX" - "HSTX" - "INTX" - "NITX" - "PTXP" - "RDTX" - "TAXS" - "VATX" - "WHLD" - "TAXR" - "B112" - "BR12" - "TLRF" - "TLRR" - "AIRB" - "BUSB" - "FERB" - "RLWY" - "TRPT" - "CBTV" - "ELEC" - "ENRG" - "GASB" - "NWCH" - "NWCM" - "OTLC" - "PHON" - "UBIL" - "WTER" example: "BKDF" bankTransactionCode: description: | Bank transaction code as used by the provider and using the sub elements of this structured code defined by ISO 20022. This code type is concatenating the three ISO20022 Codes * Domain Code, * Family Code, and * SubFamiliy Code by hyphens, resulting in "DomainCode"-"FamilyCode"-"SubFamilyCode". type: string example: "PMNT-RCDT-ESCT" proprietaryBankTransactionCode: description: | Proprietary bank transaction code as used within a community or within an provider e.g. for MT94x based transaction reports. type: string maxLength: 128 example: TRF counterpartyName: description: Counterparty Name type: string maxLength: 128 example: "Counterparty Name" creditorName: description: Creditor Name type: string maxLength: 70 example: "Creditor Name" mccCode: description: Merchant category code type: string example: "3000" isOwnAccountTransfer: description: Transfer between own accounts type: boolean example: false transactionTimestamp: description: A timestamp for the transaction in the backend system type: string format: date-time example: "2019-10-24T07:10:30Z" merchantName: type: string example: "Hamley's" merchantIdentifier: type: string example: '7c7840b2-9091-4a0f-a4d5-1eb2ea8f6acc' countryCode: description: | The ISO_3166-1_alpha-2 code for the country. The result will contain only those providers that are in the specified country. type: string pattern: "^[A-Z]{2}$" example: "IS" iban: description: Iban of the account according to ISO 20022 type: string maxLength: 34 example: "DE531234ABCD1234ABCD12" balanceType: description: | Type of balance type: string enum: - closing-booked - expected - authorized - opening-booked - interim-available - forward-available - closing-available - information - interim-booked - opening-available - previously-closed-booked example: closing-booked amount: type: object required: - currency - amount properties: currency: $ref: "#/components/schemas/currencyCode" amount: $ref: "#/components/schemas/amountValue" example: { "currency": "EUR", "amount": 123.45 } balanceDate: description: | The date when the balance was updated. type: string format: date-time example: "2019-10-24T08:10:30Z" amountValue: description: | The amount given with fractional digits, where fractions must be compliant to the currency definition. Up to 14 significant figures. Negative amounts are signed by minus. The decimal separator is a dot. **Example:** Valid representations for EUR with up to two decimals are: * 1056 * 5768.2 * -1.50 * 5877.78 type: number pattern: "-?[0-9]{1,14}(\\.[0-9]{1,10})?" example: -5877.78 customData: description: | An object with key value pairs of custom data. The key is stored as the property name. **Example** { "key1": "value1", "key2": "value2" } type: object additionalProperties: type: string example: { "key1": "value1", "key2": "value2" } balance: type: object properties: currency: $ref: '#/components/schemas/currencyCode' amount: $ref: '#/components/schemas/amountValue' type: $ref: '#/components/schemas/balanceType' date: $ref: '#/components/schemas/balanceDate' example: { "currency": "EUR", "amount": 123.45, "type" : "closing-booked", "date": "2019-10-24T08:10:30Z" } paymentId: description: Payment initiation resource identifier type: string format: uuid cancelledPaymentId: description: Payment initiation resource identifier to be cancelled type: string format: uuid example: '72643777-4159-4D15-841A-77338158A5AD' providerId: description: Provider resource identifier type: string maxLength: 128 providerConsentId: description: The consent id from the provider side type: string maxLength: 128 example: '77338158A5XBANK' paymentTypeId: description: 'Payment type id' type: string maxLength : 128 paymentTypeDescription: description: 'Payment type description' type: string maxLength: 256 example: 'SEPA Credit Transfer (SCT) allows for the transfer of funds from one bank account to another.' recurringAccountAccess: description: | Whether or not the account access can be used multiple times type: boolean example: true accountAccessPermissionEnum: description: Permission to access some aspect of an account type: string enum: - details - balances - transactions example: details accountPermissionsList: description: A list of combined permissions type: array items: $ref: '#/components/schemas/accountAccessPermissionEnum' maxAccessRequestsPerDay: description: | Indicates how often a consent can be used to access a resource per day type: integer minimum: 1 example: 1 combinedServiceIndicator: description: | If "true" indicates that a payment initiation service will be addressed in the same "session" type: boolean example: true # discriminator: # description: | # Helps detect the object type # type: string # nullable: true consentIntent: type: object description: | Base type for all consent intents. Concrete type is specified in "discrimiator" property. If discriminator property does not exist then type is guessed based on required properties existence discriminator: propertyName: discriminator mapping: accessAllAccounts: "#/components/schemas/consentToAccessAllAccounts" accessAccounts: "#/components/schemas/consentToAccessAccounts" bankOfferedAccounts: "#/components/schemas/consentToAccessBankOfferedAccounts" performPayment: "#/components/schemas/consentToPerformPayment" cancelPayment: "#/components/schemas/consentToCancelPayment" authorizeConsent: "#/components/schemas/consentToAuthorizeConsents" consentToAccessAllAccounts: description: | Describes the intent to authorize access to accounts type: object required: - allAccounts - recurring - validUntil allOf: - $ref: "#/components/schemas/consentIntent" properties: # discriminator: # type: string # allOf: # - $ref: "#/components/schemas/discriminator" # default: "accessAllAccounts" allAccounts: $ref: "#/components/schemas/accountPermissionsList" recurring: $ref: '#/components/schemas/recurringAccountAccess' validUntil: $ref: '#/components/schemas/validUntilDate' frequency: $ref: '#/components/schemas/maxAccessRequestsPerDay' combinedServiceIndicator: $ref: '#/components/schemas/combinedServiceIndicator' consentToAccessAccounts: description: | Describes the intent to authorize access to accounts type: object allOf: - $ref: "#/components/schemas/consentIntent" required: - accounts - recurring - validUntil properties: accounts: type: array items: oneOf: - $ref: "#/components/schemas/accountPermission" - $ref: "#/components/schemas/accountPermissionIban" - $ref: "#/components/schemas/accountPermissionBban" - $ref: "#/components/schemas/accountPermissionPan" - $ref: "#/components/schemas/accountPermissionMaskedPan" - $ref: "#/components/schemas/accountPermissionMsisdn" recurring: $ref: '#/components/schemas/recurringAccountAccess' validUntil: $ref: '#/components/schemas/validUntilDate' frequency: $ref: '#/components/schemas/maxAccessRequestsPerDay' combinedServiceIndicator: $ref: '#/components/schemas/combinedServiceIndicator' accountIds: $ref: '#/components/schemas/accountIds' consentToAccessBankOfferedAccounts: description: | Describes the intent to authorize access to bank offered accounts type: object allOf: - $ref: "#/components/schemas/consentIntent" required: - recurring - validUntil properties: recurring: $ref: '#/components/schemas/recurringAccountAccess' validUntil: $ref: '#/components/schemas/validUntilDate' frequency: $ref: '#/components/schemas/maxAccessRequestsPerDay' combinedServiceIndicator: $ref: '#/components/schemas/combinedServiceIndicator' accountIds: $ref: '#/components/schemas/accountIds' pan: description: | Primary Account Number according to ISO/IEC 7812. type: string maxLength: 35 #According to ISO the following should be valid. #maxLength: 19 #minLength: 8 #pattern: "[0-9]{8,19}" example: "5409050000000000" maskedPan: description: | Masked Primary Account Number type: string maxLength: 35 example: "123456xxxxxx1234" bban: description: | Basic Bank Account Number (BBAN) Identifier This data element can be used in the body of the Consent Request Message for retrieving Account access Consent from this Account. This data elements is used for payment Accounts which have no IBAN. ISO20022: Basic Bank Account Number (BBAN). Identifier used nationally by financial institutions, i.e., in individual countries, generally as part of a National Account Numbering Scheme(s), which uniquely identifies the account of a customer. type: string pattern: "[a-zA-Z0-9/-]{1,30}" example: "BARC12345612345678" bic: description: | Code allocated to a financial institution by a Registration Authority under an international identification scheme. ISO20022: Bank Identifier Code type: string maxLength: 11 pattern: "[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}" example: "CHASUS33" msisdn: type: string maxLength: 35 description: Mobile phone number. example: "+49 170 1234567" externalId: type: string maxLength: 128 description: External account identifier example: "26086970-c804-4acd-9e3b-0fdc83f08be6" creditorIdentifier: type: string description: Custom creditor identifier. example: "123456789" limit: description: | Account limit or overdraft. Only returned where available from connector/provider type: number example: 0 paymentStatus: description: | Payment initiation status 'received': Payment initiation has been received by the provider 'accepted': The Payment initiation has been accepted by the provider 'pending' : Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed. 'completed': Settlement on the creditor's account has been completed 'rejected': Payment initiation or individual transaction included in the payment initiation has been rejected 'cancelled': Payment initiation has been cancelled before execution type: string enum: - received - accepted - pending - completed - rejected - cancelled example: received paymentDate: description: | The date on which to perform the payment type: string format: date example: '2019-10-01' feeBearer: description: | Specifies which party/parties will bear the charges associated with the processing of the payment transaction. type : string enum: - borne-by-creditor - borne-by-debtor - following-service-level - shared feeType: description: | Specifies which type of fee this is. type : array items: type: string transactionFeeIndicator: description: | If equals 'true', the transaction will involve specific transaction cost as shown by the Provider in their public price list or as agreed between Provider and end user. If equals 'false', the transaction will not involve additional specific transaction costs to the end user. type: boolean remittanceInformationUnstructured: description: | Unstructured remittance information. type: string maxLength: 140 example: 'Ref Number Abonnement' remittanceInformationStructured: description: | Structured remittance information. type: object properties: reference: type: string maxLength: 50 example: "66666689" referenceType: type: string maxLength: 50 example: "CIN" referenceIssuer: type: string maxLength: 50 example: "BCDDJ" endToEndId: description: | Unique end to end identity. type: string maxLength: 35 example: 'RF-123456789' endDate: description: | The last applicable day of execution If not given, it is an infinite standing order. type: string format: date example: '2019-11-24' validUntilDate: description: | This parameter is requesting a valid until date for the requested consent. The content is the local Provider date in ISO-Date Format, e.g. 2019-10-30. type: string format: date example: '2019-10-30' createdTime: description: | The timestamp when the resource was created type: string format: date-time example: '2019-10-20T10:11:22Z' accountIds: description: | The account id's this consent gives access to. type: array items: $ref: '#/components/schemas/accountId' lastUsedTime: description: | The timestamp of the last usage in UTC type: string format: date-time example: '2019-01-24T10:11:12Z' executionRule: description: | "following" or "preceding" supported as values. This data attribute defines the behavior when recurring payment dates falls on a weekend or bank holiday. The payment is then requested to be executed either the "preceding" or "following" working day. If the provider does not support this functionality, the request will result in a 400 error. type: string enum: - following - preceding example: following consentActivityTimestamp: description: | The timestamp of activity in UTC type: string format: date-time example: '2019-10-24T10:11:12Z' consentActivityType: description: Consent Activity type reflecting changes in state or usage information type: string enum: - consent-created - consent-partially-authorized - consent-authorized - consent-rejected - consent-revoked - consent-expired - accounts-listed - account-info-accessed - account-transactions-listed - payment-authorization-started - payment-authorized - payment-cancelled - consent-authorization-updated # Object definitions ############################################################## paymentTypeList: description: 'A list of provider payment types' type: array items: $ref: '#/components/schemas/paymentTypeObject' paymentTypeObject: description: 'A single payment type' type: object properties: id: $ref: '#/components/schemas/paymentTypeId' description: $ref: '#/components/schemas/paymentTypeDescription' providerList: description: 'A list of providers' type: array items: $ref: '#/components/schemas/provider' provider: description: 'A single provider resource' type: object properties: id: $ref: '#/components/schemas/providerId' name: $ref: '#/components/schemas/name' description: $ref: '#/components/schemas/description' type: $ref: '#/components/schemas/types' capabilities: $ref: '#/components/schemas/capabilities' homeUrl: $ref: '#/components/schemas/homeUrl' logoUrl: $ref: '#/components/schemas/logoUrl' country: $ref: '#/components/schemas/countryCode' status: $ref: '#/components/schemas/status' authorization: $ref: '#/components/schemas/authorizationFlowsList' extended: type: object description: | Additional provider properties that are domain specific. anyOf: - $ref: '#/components/schemas/providerExtendedBic' - $ref: '#/components/schemas/providerExtendedBlz' - $ref: '#/components/schemas/providerExtendedSwift' - $ref: '#/components/schemas/providerExtendedUserIdRequired' - $ref: '#/components/schemas/providerExtendedSpecification' providerExtendedBic: description: | Contains BIC numbers for financial data providers. type: object properties: bic: type: array items: type: string example: - BLZABC - SWIFT02 providerExtendedBlz: description: | Contains BLZ numbers for German and Austrian financial data providers. type: object properties: blz: type: array items: type: string example: - BLZABC providerExtendedSwift: description: | Contains SWIFT numbers for financial data providers. type: object properties: swift: type: array items: type: string example: - SWIFT01 providerExtendedUserIdRequired: description: | Tells if the HTTP header 'User-Id' is required when posting a Consent or posting a Payment for the given provider type: object properties: userIdRequired: type: boolean example: false providerExtendedSpecification: description: | Tells which specification or standard the provider's api follows, e.g. for banking providers values can be 'CBI', 'BerlinGroup', 'STET', 'OpenBankingUk', etc. type: object properties: specification: type: string example: BerlinGroup templateInput: description: | An input to a provider template type: object properties: id: $ref: '#/components/schemas/inputId' name: $ref: '#/components/schemas/inputName' type: $ref: '#/components/schemas/inputType' displayName: $ref: '#/components/schemas/inputDisplayName' pattern: $ref: '#/components/schemas/inputPattern' validValues: $ref: '#/components/schemas/validValues' minLength: $ref: '#/components/schemas/minLength' maxLength: $ref: '#/components/schemas/maxLength' required: $ref: '#/components/schemas/required' templateInputs: description: | A list of possible inputs to a provider template type: array items: $ref: '#/components/schemas/templateInput' providerPaymentTemplate: description: | A payment template used when initiating a payment of a given payment type type: object properties: id: $ref: '#/components/schemas/templateId' paymentTypeId: $ref: '#/components/schemas/templatePaymentTypeId' name: $ref: '#/components/schemas/templateName' inputs: $ref: '#/components/schemas/templateInputs' account: description: | Body for an account resource. type: object properties: id: $ref: '#/components/schemas/accountId' providerId: $ref: '#/components/schemas/providerId' name: $ref: '#/components/schemas/accountName' productName: $ref: '#/components/schemas/accountProductName' accountType: $ref: '#/components/schemas/accountType' currency: $ref: '#/components/schemas/currencyCode' iban: $ref: "#/components/schemas/iban" bban: $ref: "#/components/schemas/bban" bic: $ref: "#/components/schemas/bic" pan: $ref: "#/components/schemas/pan" maskedPan: $ref: "#/components/schemas/maskedPan" msisdn: $ref: "#/components/schemas/msisdn" externalId: $ref: "#/components/schemas/externalId" limit: $ref: "#/components/schemas/limit" balances: type: array items: $ref: '#/components/schemas/balance' customData: $ref: '#/components/schemas/customData' transaction: description: Body for a transaction resource type: object properties: id: $ref: '#/components/schemas/transactionId' accountId: $ref: '#/components/schemas/providerAccountId' bookingDate: $ref: '#/components/schemas/bookingDate' valueDate: $ref: '#/components/schemas/valueDate' transactionDate: $ref: '#/components/schemas/transactionDate' executionDate: $ref: '#/components/schemas/executionDate' amount: $ref: '#/components/schemas/amountValue' currency: $ref: '#/components/schemas/currencyCode' text: $ref: '#/components/schemas/transactionText' exchangeRates: $ref: '#/components/schemas/exchangeRates' balance: $ref: '#/components/schemas/balance' timestamp: $ref: '#/components/schemas/transactionTimestamp' countryCode: $ref: '#/components/schemas/countryCode' remittanceInformationUnstructured: $ref: "#/components/schemas/remittanceInformationUnstructured" endToEndId: $ref: '#/components/schemas/endToEndId' purposeCode: $ref: '#/components/schemas/purposeCode' bankTransactionCode: $ref: '#/components/schemas/bankTransactionCode' proprietaryBankTransactionCode: $ref: '#/components/schemas/proprietaryBankTransactionCode' isOwnAccountTransfer: $ref: '#/components/schemas/isOwnAccountTransfer' mccCode: $ref: '#/components/schemas/mccCode' merchantName: $ref: '#/components/schemas/merchantName' merchantIdentifier: $ref: '#/components/schemas/merchantIdentifier' counterpartyName: $ref: '#/components/schemas/counterpartyName' counterpartyAccount: oneOf: - $ref: "#/components/schemas/accountReference" - $ref: "#/components/schemas/accountReferenceIban" - $ref: "#/components/schemas/accountReferenceBban" - $ref: "#/components/schemas/accountReferencePan" - $ref: "#/components/schemas/accountReferenceMaskedPan" - $ref: "#/components/schemas/accountReferenceMsisdn" example: { "iban": "DE531234ABCD1234ABCD12", "currency": "EUR" } customData: $ref: '#/components/schemas/customData' paymentInitiationResult: type: object description: | The result of a payment initiation requirements. required: - paymentId properties: data: type: object properties: paymentId: $ref: '#/components/schemas/paymentId' consent: $ref: '#/components/schemas/consent' transactionFees: description: | Can be used by the Provider to transport transaction fees relevant for the underlying payments. $ref: "#/components/schemas/transactionFees" transactionFeeIndicator: $ref: "#/components/schemas/transactionFeeIndicator" paymentStatusResult: type: object description: | The result of a GET request for a payment status required: - status properties: data: type: object properties: status: $ref: '#/components/schemas/paymentStatus' formattedTextSchedule: description: | Describes a schedule based on a formatted expression. Currently, the only supported format is Meniga's extended cron format that supports biweekly patterns. NOTE: If a provider doesn't support the schedule described with the provided expression, the request will result in a 400 error. type: object required: - format - expression properties: format: type: string enum: - cron expression: type: string example: '0 0 21 * *' # occurs on the 21st day of each month extended: description: | Used to extend the payment request for properties not specified in the request object. These extended properties should be referred to as 'extended.key' when creating inputs for payment templates. **Example** { "key1": "value1", "key2": "value2" } type: object example: { "key1": "value1", "key2": "value2" } periodicPaymentDescription: description: | Describes a periodic payment schedule. The recurring payments will be made until the specified end date and according to the specified recurrence. If a particular instance of the payment happens to be scheduled on a weekend or bank holiday, an execution rule can be specified to either move the date forward or backward to the next working day. NOTE: Currently there is only one type of recurrence model supported, namely the formatted text schedule, which currently only supports a variant of cron expressions that supports biweekly patterns. In the future, both new recurrence models and new expression formats could be added. type: object required: - recurrence properties: recurrence: oneOf: - $ref: '#/components/schemas/formattedTextSchedule' example: format: cron expression: '0 0 21 * *' endDate: $ref: "#/components/schemas/endDate" executionRule: $ref: "#/components/schemas/executionRule" accountReference: type: object description: | Base type for all account references. Concrete type is specified in "discrimiator" property. If discriminator property does not exist then type is guessed based on required properties existence discriminator: propertyName: discriminator mapping: "iban": "#/components/schemas/accountReferenceIban" "bban": "#/components/schemas/accountReferenceBban" "pan": "#/components/schemas/accountReferencePan" "maskedPan": "#/components/schemas/accountReferenceMaskedPan" "msisdn": "#/components/schemas/accountReferenceMsisdn" accountReferenceIban: type: object description: | Reference to an account by the International Bank Account Number (IBAN). required: - iban allOf: - $ref: "#/components/schemas/accountReference" properties: iban: $ref: "#/components/schemas/iban" currency: $ref: "#/components/schemas/currencyCode" accountReferenceBban: type: object description: | Reference to an Account. This data elements is used for payment accounts which have no IBAN. required: - bban allOf: - $ref: "#/components/schemas/accountReference" properties: bban: $ref: "#/components/schemas/bban" currency: $ref: "#/components/schemas/currencyCode" accountReferencePan: type: object description: | Reference to an account by the Primary Account Number (PAN) of a card, can be tokenised by the Provider due to PCI DSS requirements. required: - pan allOf: - $ref: "#/components/schemas/accountReference" properties: pan: $ref: "#/components/schemas/pan" currency: $ref: "#/components/schemas/currencyCode" accountReferenceMaskedPan: type: object description: | Reference to an account by the Primary Account Number (PAN) of a card in a masked form. required: - maskedPan allOf: - $ref: "#/components/schemas/accountReference" properties: maskedPan: $ref: "#/components/schemas/maskedPan" currency: $ref: "#/components/schemas/currencyCode" accountReferenceMsisdn: type: object description: | An alias to access a payment account via a registered mobile phone number. required: - msisdn allOf: - $ref: "#/components/schemas/accountReference" properties: msisdn: $ref: "#/components/schemas/msisdn" currency: $ref: "#/components/schemas/currencyCode" creditorAccountReference: type: object description: | Base type for all account references. Concrete type is specified in "discrimiator" property. If discriminator property does not exist then type is guessed based on required properties existence discriminator: propertyName: discriminator mapping: "iban": "#/components/schemas/creditorAccountReferenceIban" "bban": "#/components/schemas/creditorAccountReferenceBban" "pan": "#/components/schemas/creditorAccountReferencePan" "maskedPan": "#/components/schemas/creditorAccountReferenceMaskedPan" "msisdn": "#/components/schemas/creditorAccountReferenceMsisdn" "creditorIdentifier": "#/components/schemas/creditorAccountReferenceCreditorIdentifier" creditorAccountReferenceIban: type: object description: | Reference to an account by the International Bank Account Number (IBAN). required: - iban allOf: - $ref: "#/components/schemas/creditorAccountReference" properties: iban: $ref: "#/components/schemas/iban" currency: $ref: "#/components/schemas/currencyCode" creditorAccountReferenceBban: type: object description: | Reference to an Account. This data elements is used for payment accounts which have no IBAN. required: - bban allOf: - $ref: "#/components/schemas/creditorAccountReference" properties: bban: $ref: "#/components/schemas/bban" currency: $ref: "#/components/schemas/currencyCode" creditorAccountReferencePan: type: object description: | Reference to an account by the Primary Account Number (PAN) of a card, can be tokenised by the Provider due to PCI DSS requirements. required: - pan allOf: - $ref: "#/components/schemas/creditorAccountReference" properties: pan: $ref: "#/components/schemas/pan" currency: $ref: "#/components/schemas/currencyCode" creditorAccountReferenceMaskedPan: type: object description: | Reference to an account by the Primary Account Number (PAN) of a card in a masked form. required: - maskedPan allOf: - $ref: "#/components/schemas/creditorAccountReference" properties: maskedPan: $ref: "#/components/schemas/maskedPan" currency: $ref: "#/components/schemas/currencyCode" creditorAccountReferenceMsisdn: type: object description: | An alias to access a payment account via a registered mobile phone number. required: - msisdn allOf: - $ref: "#/components/schemas/creditorAccountReference" properties: msisdn: $ref: "#/components/schemas/msisdn" currency: $ref: "#/components/schemas/currencyCode" creditorAccountReferenceCreditorIdentifier: type: object description: | A custom account identifier, use when standard identifiers(like IBAN, PAN) are not available. required: - creditorIdentifier allOf: - $ref: "#/components/schemas/creditorAccountReference" properties: creditorIdentifier: $ref: "#/components/schemas/creditorIdentifier" accountPermission: type: object description: | Base type for all account access permissions. Concrete type is specified in "discrimiator" property. If discriminator property does not exist then type is guessed based on required properties existence required: - permissions properties: currency: $ref: "#/components/schemas/currencyCode" permissions: $ref: "#/components/schemas/accountPermissionsList" discriminator: propertyName: discriminator mapping: "iban": "#/components/schemas/accountPermissionIban" "bban": "#/components/schemas/accountPermissionBban" "pan": "#/components/schemas/accountPermissionPan" "maskedPan": "#/components/schemas/accountPermissionMaskedPan" "msisdn": "#/components/schemas/accountPermissionMsisdn" accountPermissionIban: type: object description: | Reference to an account by the International Bank Account Number (IBAN). required: - iban - permissions allOf: - $ref: "#/components/schemas/accountPermission" properties: iban: $ref: "#/components/schemas/iban" accountPermissionBban: type: object description: | Reference to an Account. This data elements is used for payment accounts which have no IBAN. required: - bban - permissions allOf: - $ref: "#/components/schemas/accountPermission" properties: bban: $ref: "#/components/schemas/bban" accountPermissionPan: type: object description: | Reference to an account by the Primary Account Number (PAN) of a card, can be tokenised by the Provider due to PCI DSS requirements. required: - pan - permissions allOf: - $ref: "#/components/schemas/accountPermission" properties: pan: $ref: "#/components/schemas/pan" accountPermissionMaskedPan: type: object description: | Reference to an account by the Primary Account Number (PAN) of a card in a masked form. required: - maskedPan - permissions allOf: - $ref: "#/components/schemas/accountPermission" properties: maskedPan: $ref: "#/components/schemas/maskedPan" accountPermissionMsisdn: type: object description: | An alias to access a payment account via a registered mobile phone number. required: - msisdn - permissions allOf: - $ref: "#/components/schemas/accountPermission" properties: msisdn: $ref: "#/components/schemas/msisdn" address: type: object required: - street - city - postCode - country properties: street: type: string example: 30 Mysterious Drive city: type: string example: Noir city postCode: type: string example: AB123-456 country: $ref: '#/components/schemas/countryCode' creditorAddress: type: object properties: street: type: string example: 30 Mysterious Drive city: type: string example: Noir city postCode: type: string example: AB123-456 country: $ref: '#/components/schemas/countryCode' paymentRecipient: type: object description: | A creditor name and account plus an instructed amount for a payment. required: - instructedAmount - creditorAccount - creditorName properties: instructedAmount: $ref: "#/components/schemas/amount" creditorAccount: oneOf: - $ref: "#/components/schemas/creditorAccountReference" - $ref: "#/components/schemas/creditorAccountReferenceIban" - $ref: "#/components/schemas/creditorAccountReferenceBban" - $ref: "#/components/schemas/creditorAccountReferencePan" - $ref: "#/components/schemas/creditorAccountReferenceMaskedPan" - $ref: "#/components/schemas/creditorAccountReferenceMsisdn" - $ref: "#/components/schemas/creditorAccountReferenceCreditorIdentifier" example: iban: DE531234ABCD1234ABCD12 currency: EUR creditorName: $ref: "#/components/schemas/creditorName" creditorAddress: $ref: '#/components/schemas/creditorAddress' paymentRecipientList: type: array items: $ref: '#/components/schemas/paymentRecipient' minItems: 1 paymentInitiationRequest: description: | Body for a payment initiation request. type: object required: - paymentTypeId - paymentDate - debtorAccount - recipients properties: paymentTypeId: $ref: '#/components/schemas/paymentTypeId' paymentDate: $ref: '#/components/schemas/paymentDate' periodic: $ref: '#/components/schemas/periodicPaymentDescription' purposeCode: $ref: '#/components/schemas/purposeCode' debtorAccount: oneOf: - $ref: "#/components/schemas/accountReference" - $ref: "#/components/schemas/accountReferenceIban" - $ref: "#/components/schemas/accountReferenceBban" - $ref: "#/components/schemas/accountReferencePan" - $ref: "#/components/schemas/accountReferenceMaskedPan" - $ref: "#/components/schemas/accountReferenceMsisdn" example: iban: DE531234ABCD1234ABCD12 currency: EUR recipients: $ref: '#/components/schemas/paymentRecipientList' remittanceInformationUnstructured: $ref: "#/components/schemas/remittanceInformationUnstructured" remittanceInformationStructured: $ref: "#/components/schemas/remittanceInformationStructured" endToEndId: $ref: "#/components/schemas/endToEndId" feeBearer: description: | Bearer of payment fee. type: string enum: - borne-by-creditor - borne-by-debtor - following-service-level - shared extended: description: | Extended properties conveyed to provider $ref: "#/components/schemas/extended" paymentInitiation: description: | Body for a payment initiation. type: object required: - id - providerId - paymentType - paymentDate - debtorAccount - recipients - status properties: id: $ref: '#/components/schemas/paymentId' providerId: $ref: '#/components/schemas/providerId' paymentTypeId: $ref: '#/components/schemas/paymentTypeId' paymentDate: $ref: '#/components/schemas/paymentDate' periodic: $ref: '#/components/schemas/periodicPaymentDescription' debtorAccount: oneOf: - $ref: "#/components/schemas/accountReference" - $ref: "#/components/schemas/accountReferenceIban" - $ref: "#/components/schemas/accountReferenceBban" - $ref: "#/components/schemas/accountReferencePan" - $ref: "#/components/schemas/accountReferenceMaskedPan" - $ref: "#/components/schemas/accountReferenceMsisdn" example: iban: DE531234ABCD1234ABCD12 currency: EUR recipients: $ref: '#/components/schemas/paymentRecipientList' status: $ref: '#/components/schemas/paymentStatus' transactionFees: $ref: "#/components/schemas/transactionFees" transactionFeeIndicator: $ref: "#/components/schemas/transactionFeeIndicator" remittanceInformationUnstructured: $ref: "#/components/schemas/remittanceInformationUnstructured" remittanceInformationStructured: $ref: "#/components/schemas/remittanceInformationStructured" endToEndId: $ref: "#/components/schemas/endToEndId" purposeCode: $ref: "#/components/schemas/purposeCode" extended: description: | Used to extend the payment request for properties not specified in the request object. $ref: "#/components/schemas/extended" transactionFees: description: | Can be used by the Provider to transport transaction fees relevant for the underlying payments. type: array items: $ref: "#/components/schemas/transactionFee" transactionFee: type: object properties: amount: $ref: "#/components/schemas/amountValue" currency: $ref: '#/components/schemas/currencyCode' feeBearer: $ref: '#/components/schemas/feeBearer' feeType: $ref: '#/components/schemas/feeType' authorization: description: | Describes the current status of the consent authorization and what is required to transition to the next state. type: object properties: id: type: string description: An authorization identifier, changes when authorization object is updated. status: type: string enum: - in-progress - authorized - partially-authorized - failed example: authorized authorized: type: string format: date-time example: '2019-10-21T10:11:12Z' requires: oneOf: - $ref: '#/components/schemas/authorizationRequires' - $ref: '#/components/schemas/authorizationRequiresInput' - $ref: '#/components/schemas/authorizationRequiresRedirect' - $ref: '#/components/schemas/authorizationRequiresOAuth' - $ref: '#/components/schemas/authorizationRequiresDecoupled' example: status: in-progress authorized: null requires: oAuthUrl: https://provider.example.com/oauth inputs: - name: code type: Text authorizationRequires: type: object description: | Base type for all authorizationRequires types. Concrete type is specified in "discrimiator" property. If discriminator property does not exist then type is guessed based on required properties existence discriminator: propertyName: discriminator mapping: "userInput": '#/components/schemas/authorizationRequiresInput' "redirect": '#/components/schemas/authorizationRequiresRedirect' "oAuth2": '#/components/schemas/authorizationRequiresOAuth' "decoupled": '#/components/schemas/authorizationRequiresDecoupled' authorizationRequiresInput: description: | Describes the inputs the consent authoriation requires to transition to the next state. type: object required: - inputs allOf: - $ref: "#/components/schemas/authorizationRequires" properties: inputs: type: array items: $ref: '#/components/schemas/input' example: inputs: - name: UserName type: Text - name: Password type: Password - name: SelectedScaMethod type: Select options: - Some-SCA-Method - Another-SCA-Method - name: PictureChallenge type: Text data: SOMEBASE64ENCODEDIMAGE/== format: image/png - name: TextChallenge displayName: Security question type: Text data: What is the name of the street you grew up in? format: text/plain authorizationRequiresRedirect: description: | Describes the redirect that is required for the consent authorization to transition to the next state. type: object allOf: - $ref: "#/components/schemas/authorizationRequires" properties: redirectUrl: type: string example: https://provider.example.com/auth authorizationRequiresOAuth: description: | Authorzation is an OAuth flow redirect type: object allOf: - $ref: "#/components/schemas/authorizationRequires" properties: oAuthUrl: type: string example: https://provider.example.com/oauth inputs: type: array items: $ref: '#/components/schemas/input' authorizationRequiresDecoupled: description: | Describes the decoupled action that is required for the consent authorization to transition to the next state. type: object allOf: - $ref: "#/components/schemas/authorizationRequires" properties: decoupled: type: object properties: message: type: string example: Please authorize the transaction using your app... data: type: string example: 0123 authorizationInputs: description: | Contains inputs from the user to fulfill the requirements of a consent authorization to transition to the next state. type: object properties: inputs: type: array items: type: object properties: name: type: string values: type: array items: type: string example: [{ "name": "UserName", "values":["user@meniga.is"] }, { "name": "Password", "values":["123456"] }] consentToAuthorizeConsents: description: | Describes the intent to authorize multiple intents together, e.g. authorize together a consent to access accounts and also consent to initiate a payment type: object required: - consentIds allOf: - $ref: "#/components/schemas/consentIntent" properties: consentIds: type: array items: $ref: '#/components/schemas/consentId' example: - '33aa383e-a5a9-4dae-bd1a-8aeaf45a5b5b' - '22bb483f-f5a1-3dae-4d2b-4a9c048a95cd' consentToPerformPayment: description: | Describes the intent to authorize a payment initiation type: object required: - paymentId allOf: - $ref: "#/components/schemas/consentIntent" properties: paymentId: $ref: '#/components/schemas/paymentId' example: '82fc883e-f5a9-4dae-bd1a-8a9c048a5b5b' consentToCancelPayment: description: | Describes the intent to authorize a cancellation of a payment initiation type: object required: - cancelledPaymentId allOf: - $ref: "#/components/schemas/consentIntent" properties: cancelledPaymentId: $ref: '#/components/schemas/cancelledPaymentId' example: '82fc883e-f5a9-4dae-bd1a-8a9c048a5b5b' createConsentRequest: type: object description: | A consent to create required: - providerId properties: providerId: $ref: '#/components/schemas/providerId' intent: oneOf: - $ref: '#/components/schemas/consentIntent' - $ref: '#/components/schemas/consentToAccessAllAccounts' - $ref: '#/components/schemas/consentToAccessAccounts' - $ref: '#/components/schemas/consentToAccessBankOfferedAccounts' - $ref: '#/components/schemas/consentToPerformPayment' - $ref: '#/components/schemas/consentToCancelPayment' - $ref: '#/components/schemas/consentToAuthorizeConsents' consent: type: object description: | The current state of a consent properties: id: $ref: '#/components/schemas/consentId' providerId: $ref: '#/components/schemas/providerId' providerConsentId: $ref: '#/components/schemas/providerConsentId' intent: oneOf: - $ref: '#/components/schemas/consentIntent' - $ref: '#/components/schemas/consentToAccessAllAccounts' - $ref: '#/components/schemas/consentToAccessAccounts' - $ref: '#/components/schemas/consentToAccessBankOfferedAccounts' - $ref: '#/components/schemas/consentToPerformPayment' - $ref: '#/components/schemas/consentToCancelPayment' - $ref: '#/components/schemas/consentToAuthorizeConsents' example: allAccounts: - details - balances - transactions recurring: true validUntil: "2019-10-24" accountIds: - 72643777-4159-4D15-841A-77338158A5AD - AC363F23-4844-1165-116A-773381235627 - 13748387-4359-4358-858A-771364732477 created: $ref: '#/components/schemas/createdTime' lastUsed: $ref: '#/components/schemas/lastUsedTime' status: $ref: '#/components/schemas/consentStatus' authorization: $ref: '#/components/schemas/authorization' consentActivity: type: object description: | Consent activity - state changes or usage information properties: consentId: $ref: '#/components/schemas/consentId' providerId: $ref: '#/components/schemas/providerId' providerName: $ref: '#/components/schemas/name' activityType: $ref: '#/components/schemas/consentActivityType' date: $ref: '#/components/schemas/consentActivityTimestamp' consentActivityList: type: array description: | A list of Consent activities items: $ref: '#/components/schemas/consentActivity' error400: description: 'Details of an error' type: object properties: message: type: string messageDetails: type: string code: type: string modelState: type: array items: type: object additionalProperties: type: string example: message: Bad Request code: invalid-arguments modelState: - parameter: The value is not a valid integer. errorResponse400: description: 'An error message that holds the details on what is wrong' type: object properties: errors: type: array items: $ref: '#/components/schemas/error400' errorDocument500: description: 'An error message that holds the details on what is wrong' type: object properties: errors: type: array items: $ref: '#/components/schemas/error500' error500: description: 'Details of an error' type: object properties: message: type: string messageDetails: type: string code: type: string exceptionType: type: string exceptionMessage: type: string stackTrace: type: string