--- swagger: "2.0" info: version: 2.0.0.0 title: BGS Consent CISP API description: Managing Consent to the access to the CISP section x-ibm-name: psd2-bgs-consent-cisp-api-200 basePath: /psd2-bgs-consent-cisp-api-2.0.0/v2 schemes: - https paths: /consents/confirmation-of-funds: post: description: This method creates a confirmation of funds consent resource at the ASPSP regarding confirmation of funds access to an account specified in this request. tags: - Confirmation Of Funds parameters: - name: X-Request-ID in: header description: ID of the request, unique to the call, as determined by the initiating party. required: true type: string format: UUID - name: body in: body description: Requestbody for a consent confirmation of funds request. required: false schema: $ref: '#/definitions/XS2A_Berlin_ConsentsConfirmationOfFunds' - $ref: '#/parameters/Digest' - $ref: '#/parameters/Signature' - $ref: '#/parameters/TPP-Signature-Certificate' - $ref: '#/parameters/PSU-ID' - $ref: '#/parameters/PSU-ID-Type' - $ref: '#/parameters/PSU-Corporate-ID' - $ref: '#/parameters/PSU-Corporate-ID-Type' - $ref: '#/parameters/TPP-Redirect-Preferred' - $ref: '#/parameters/TPP-Redirect-URI' - $ref: '#/parameters/TPP-Nok-Redirect-URI' - $ref: '#/parameters/TPP-Explicit-Authorisation-Preferred' - $ref: '#/parameters/PSU-IP-Address_conditionalForAis' - $ref: '#/parameters/PSU-IP-Port' - $ref: '#/parameters/PSU-Accept' - $ref: '#/parameters/PSU-Accept-Charset' - $ref: '#/parameters/PSU-Accept-Encoding' - $ref: '#/parameters/PSU-Accept-Language' - $ref: '#/parameters/PSU-User-Agent' - $ref: '#/parameters/PSU-Http-Method' - $ref: '#/parameters/PSU-Device-ID' - $ref: '#/parameters/PSU-Geo-Location' responses: 201: description: Created schema: $ref: '#/definitions/XS2A_Berlin_Create_Consent_Response' headers: Location: type: string X-Request-ID: type: string ASPSP-SCA-Approach: type: string 400: description: Bad Request headers: Location: type: string X-Request-ID: type: string default: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 schema: $ref: '#/definitions/Error400_NG_CIS' 401: description: Unauthorized headers: Location: type: string X-Request-ID: type: string default: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 schema: $ref: '#/definitions/Error401_NG_CIS' 403: description: Forbidden headers: Location: type: string X-Request-ID: type: string default: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 schema: $ref: '#/definitions/Error403_NG_CIS' 404: description: Not Found headers: Location: type: string X-Request-ID: type: string default: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 schema: $ref: '#/definitions/Error404_NG_CIS' 405: description: Method Not Allowed headers: Location: type: string X-Request-ID: type: string default: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 schema: $ref: '#/definitions/Error405_NG_CIS' 406: description: Not Acceptable headers: Location: type: string X-Request-ID: type: string default: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 schema: $ref: '#/definitions/Error406_NG_CIS' 408: description: Request Timeout headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 409: description: Conflict headers: Location: type: string X-Request-ID: type: string default: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 schema: $ref: '#/definitions/Error409_NG_CIS' 415: description: Unsupported Media Type headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 429: description: Too Many Requests headers: Location: type: string X-Request-ID: type: string default: 99391c7e-ad88-49ec-a2ad-99ddcb1f7721 schema: $ref: '#/definitions/Error429_NG_CIS' 500: description: Internal Server Error headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 503: description: Service Unavailable headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' /consents/confirmation-of-funds/{consentId}/status: get: description: Can check the status of an account information consent resource. tags: - Confirmation Of Funds parameters: - name: X-Request-ID in: header description: ID of the request, unique to the call, as determined by the initiating party. required: true type: string format: UUID - name: consentId in: path description: ID of the corresponding consent object as returned by an Account Information Consent Request. required: true type: string format: UUID - $ref: '#/parameters/Digest' - $ref: '#/parameters/Signature' - $ref: '#/parameters/TPP-Signature-Certificate' - $ref: '#/parameters/PSU-IP-Address_conditionalForAis' - $ref: '#/parameters/PSU-IP-Port' - $ref: '#/parameters/PSU-Accept' - $ref: '#/parameters/PSU-Accept-Charset' - $ref: '#/parameters/PSU-Accept-Encoding' - $ref: '#/parameters/PSU-Accept-Language' - $ref: '#/parameters/PSU-User-Agent' - $ref: '#/parameters/PSU-Http-Method' - $ref: '#/parameters/PSU-Device-ID' - $ref: '#/parameters/PSU-Geo-Location' responses: 200: description: Get consent status headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Consent_Status_Response' 400: description: Bad Request headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 401: description: Unauthorized headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 403: description: Forbidden headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 404: description: Not Found headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 405: description: Method Not Allowed headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 406: description: Not Acceptable headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 408: description: Request Timeout headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 409: description: Conflict headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 415: description: Unsupported Media Type headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 429: description: Too Many Requests headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 500: description: Internal Server Error headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' /consents/confirmation-of-funds/{consentId}: get: description: | Returns the content of an account information consent object. tags: - Confirmation Of Funds parameters: - name: X-Request-ID in: header description: ID of the request, unique to the call, as determined by the initiating party. required: true type: string format: UUID - name: consentId in: path description: ID of the corresponding consent object as returned by an Account Information Consent Request. required: true type: string format: UUID - $ref: '#/parameters/Digest' - $ref: '#/parameters/Signature' - $ref: '#/parameters/TPP-Signature-Certificate' - $ref: '#/parameters/PSU-IP-Address_conditionalForAis' - $ref: '#/parameters/PSU-IP-Port' - $ref: '#/parameters/PSU-Accept' - $ref: '#/parameters/PSU-Accept-Charset' - $ref: '#/parameters/PSU-Accept-Encoding' - $ref: '#/parameters/PSU-Accept-Language' - $ref: '#/parameters/PSU-User-Agent' - $ref: '#/parameters/PSU-Http-Method' - $ref: '#/parameters/PSU-Device-ID' - $ref: '#/parameters/PSU-Geo-Location' responses: 200: description: Get consent details headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_ConsentConfirmationOfFundsContentResponse' 400: description: Bad Request headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 401: description: Unauthorized headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 403: description: Forbidden headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 404: description: Not Found headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 405: description: Method Not Allowed headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 406: description: Not Acceptable headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 408: description: Request Timeout headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 409: description: Conflict headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 415: description: Unsupported Media Type headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 429: description: Too Many Requests headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 500: description: Internal Server Error headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' delete: description: Deletes a given consent. tags: - Confirmation Of Funds parameters: - name: X-Request-ID in: header description: ID of the request, unique to the call, as determined by the initiating party. required: true type: string format: UUID - name: Authorization in: header description: OAuth2 based SCA was performed in the corresponding consent transaction or if OAuth2 has been used in a pre-step. required: true type: string - name: consentId in: path description: Contains the resource-ID of the consent to be deleted. required: true type: string format: UUID - $ref: '#/parameters/Digest' - $ref: '#/parameters/Signature' - $ref: '#/parameters/TPP-Signature-Certificate' - $ref: '#/parameters/PSU-IP-Address_conditionalForAis' - $ref: '#/parameters/PSU-IP-Port' - $ref: '#/parameters/PSU-Accept' - $ref: '#/parameters/PSU-Accept-Charset' - $ref: '#/parameters/PSU-Accept-Encoding' - $ref: '#/parameters/PSU-Accept-Language' - $ref: '#/parameters/PSU-User-Agent' - $ref: '#/parameters/PSU-Http-Method' - $ref: '#/parameters/PSU-Device-ID' - $ref: '#/parameters/PSU-Geo-Location' responses: 204: description: Deletes a given consent. headers: X-Request-ID: type: string 400: description: Bad Request headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 401: description: Unauthorized headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 403: description: Forbidden headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 404: description: Not Found headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 405: description: Method Not Allowed headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 406: description: Not Acceptable headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 408: description: Request Timeout headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 409: description: Conflict headers: Location: description: Location of the created resource. type: string X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 415: description: Unsupported Media Type headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 429: description: Too Many Requests headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' 500: description: Internal Server Error headers: X-Request-ID: type: string schema: $ref: '#/definitions/XS2A_Berlin_Error' security: - oauth-1: - PSP_IC clientIdHeader: [] definitions: XS2A_Berlin_ConsentsConfirmationOfFunds: description: Content of the body of a consent confirmation of funds request. type: object required: - account properties: account: $ref: '#/definitions/accountReference' cardNumber: $ref: '#/definitions/cardNumber' cardExpiryDate: $ref: '#/definitions/cardExpiryDate' cardInformation: $ref: '#/definitions/cardInformation' registrationInformation: $ref: '#/definitions/registrationInformation' XS2A_Berlin_ConsentConfirmationOfFundsContentResponse: description: Body of the JSON response for a confirmation of funds content request. type: object required: - account - consentStatus properties: account: $ref: '#/definitions/accountReference' cardNumber: $ref: '#/definitions/cardNumber' cardExpiryDate: $ref: '#/definitions/cardExpiryDate' cardInformation: $ref: '#/definitions/cardInformation' registrationInformation: $ref: '#/definitions/registrationInformation' consentStatus: $ref: '#/definitions/XS2A_Berlin_Consent_Status' XS2A_Berlin_Consent_Status_Response: type: object properties: consentStatus: $ref: '#/definitions/XS2A_Berlin_Consent_Status' required: - consentStatus XS2A_Berlin_Create_Consent_Response: type: object properties: consentStatus: $ref: '#/definitions/XS2A_Berlin_Consent_Status' consentId: type: string description: Identification of the consent resource as it is used in the API structure. Shall be contained, if a consent resource was generated. scaMethods: type: array items: $ref: '#/definitions/XS2A_Sca_Methods' _links: $ref: '#/definitions/XS2A_Berlin_Links' required: - consentStatus - _links XS2A_Sca_Methods: type: array description: |- This data element might be contained, if SCA is required and if the PSU has a choice between different authentication methods. Depending on the risk management of the ASPSP this choice might be offered before or after the PSU has been identified with the first relevant factor, or if an access token is transported. If this data element is contained, then there is also an hyperlink of type 'startAuthorisationWithAuthenticationMethodSelection' contained in the response body. These methods shall be presented towards the PSU for selection by the TPP. items: $ref: '#/definitions/authenticationObject' authenticationObject: title: authenticationObject required: - authenticationMethodId - authenticationType type: object properties: authenticationType: $ref: '#/definitions/authenticationType' authenticationVersion: type: string description: |- Depending on the "authenticationType". This version can be used by differentiating authentication tools used within performing OTP generation in the same authentication type. This version can be referred to in the ASPSP?s documentation. authenticationMethodId: maxLength: 35 type: string description: An identification provided by the ASPSP for the later identification of the authentication method selection. example: myAuthenticationID name: type: string description: |- This is the name of the authentication method defined by the PSU in the Online Banking frontend of the ASPSP. Alternatively this could be a description provided by the ASPSP like "SMS OTP on phone +49160 xxxxx 28". This name shall be used by the TPP when presenting a list of authentication methods to the PSU, if available. example: SMS OTP on phone +49160 xxxxx 28 explanation: type: string description: Detailed information about the SCA method for the PSU. example: Detailed information about the SCA method for the PSU. description: Authentication Object authenticationType: title: authenticationType type: string enum: - SMS_OTP - CHIP_OTP - PHOTO_OTP - PUSH_OTP - APP_TO_APP_IOS - APP_TO_APP_ANDROID - SCAREDIRECT XS2A_Berlin_Links: type: object properties: scaRedirect: $ref: '#/definitions/XS2A_Berlin_Href' description: In case of an SCA Redirect Approach, the ASPSP is transmitting the link to which to redirect the PSU browse. status: $ref: '#/definitions/XS2A_Berlin_Href' description: The link to retrieve the transaction status of the account information consent. required: - scaRedirect - status XS2A_Berlin_Href: type: object properties: href: type: string example: https://api.testbank.com required: - href XS2A_Berlin_Consent_Status: type: string description: Authentication status of the consent. enum: - received - valid - rejected - revokedByPsu - expired - terminatedByTpp XS2A_Berlin_Error: type: object properties: errorCode: type: string description: Optional error code for reporting purposes. errorDescription: type: string description: The description of the error. Error400_NG_CIS: title: Error400_NG_CIS description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 400. type: object properties: tppMessages: type: array items: $ref: '#/definitions/tppMessage400_CIS' _links: $ref: '#/definitions/_linksAll' Error401_NG_CIS: title: Error401_NG_CIS description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 401. type: object properties: tppMessages: type: array items: $ref: '#/definitions/tppMessage401_CIS' _links: $ref: '#/definitions/_linksAll' Error403_NG_CIS: title: Error403_NG_CIS description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 403. type: object properties: tppMessages: type: array items: $ref: '#/definitions/tppMessage403_CIS' _links: $ref: '#/definitions/_linksAll' Error404_NG_CIS: title: Error404_NG_CIS description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404. type: object properties: tppMessages: type: array items: $ref: '#/definitions/tppMessage404_CIS' _links: $ref: '#/definitions/_linksAll' Error405_NG_CIS: title: Error405_NG_CIS description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 405. type: object properties: tppMessages: type: array items: $ref: '#/definitions/tppMessage405_CIS' _links: $ref: '#/definitions/_linksAll' Error406_NG_CIS: title: Error406_NG_CIS description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 406. type: object properties: tppMessages: type: array items: $ref: '#/definitions/tppMessage406_CIS' _links: $ref: '#/definitions/_linksAll' Error409_NG_CIS: title: Error409_NG_CIS description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 409. type: object properties: tppMessages: type: array items: $ref: '#/definitions/tppMessage409_CIS' _links: $ref: '#/definitions/_linksAll' Error429_NG_CIS: title: Error429_NG_CIS description: | NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 429. type: object properties: tppMessages: type: array items: $ref: '#/definitions/tppMessage429_CIS' _links: $ref: '#/definitions/_linksAll' tppMessage400_CIS: title: tppMessage400_CIS type: object properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode400_CIS' path: type: string text: description: Additional explaining text to the TPP. type: string maxLength: 512 required: - category - code tppMessage401_CIS: title: tppMessage401_CIS type: object properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode401_CIS' path: type: string text: description: Additional explaining text to the TPP. type: string maxLength: 512 required: - category - code tppMessage403_CIS: title: tppMessage403_CIS type: object properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode403_CIS' path: type: string text: description: Additional explaining text to the TPP. type: string maxLength: 512 required: - category - code tppMessage404_CIS: title: tppMessage404_CIS type: object properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode404_CIS' path: type: string text: description: Additional explaining text to the TPP. type: string maxLength: 512 required: - category - code tppMessage405_CIS: title: tppMessage405_CIS type: object properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode405_CIS' path: type: string text: description: Additional explaining text to the TPP. type: string maxLength: 512 required: - category - code tppMessage406_CIS: title: tppMessage406_CIS type: object properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode406_CIS' path: type: string text: description: Additional explaining text to the TPP. type: string maxLength: 512 required: - category - code tppMessage409_CIS: title: tppMessage409_CIS type: object properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode409_CIS' path: type: string text: description: Additional explaining text to the TPP. type: string maxLength: 512 required: - category - code tppMessage429_CIS: title: tppMessage429_CIS type: object properties: category: $ref: '#/definitions/tppMessageCategory' code: $ref: '#/definitions/MessageCode429_CIS' path: type: string text: description: Additional explaining text to the TPP. type: string maxLength: 512 required: - category - code tppMessageCategory: title: tppMessageCategory description: Category of the TPP message category example: ERROR type: string enum: - ERROR - WARNING MessageCode400_CIS: title: MessageCode400_CIS description: Message codes defined for CIS for HTTP Error code 400 (BAD_REQUEST). example: FORMAT_ERROR type: string enum: - FORMAT_ERROR - PARAMETER_NOT_CONSISTENT - PARAMETER_NOT_SUPPORTED - SERVICE_INVALID - RESOURCE_UNKNOWN - RESOURCE_EXPIRED - RESOURCE_BLOCKED - TIMESTAMP_INVALID - PERIOD_INVALID - SCA_METHOD_UNKNOWN - CONSENT_UNKNOWN - SESSIONS_NOT_SUPPORTED MessageCode401_CIS: title: MessageCode401_CIS description: Message codes defined for CIS for HTTP Error code 401 (UNAUTHORIZED). example: CERTIFICATE_INVALID type: string enum: - CERTIFICATE_INVALID - CERTIFICATE_EXPIRED - CERTIFICATE_BLOCKED - CERTIFICATE_REVOKE - CERTIFICATE_MISSING - SIGNATURE_INVALID - SIGNATURE_MISSING - CORPORATE_ID_INVALID - PSU_CREDENTIALS_INVALID - CONSENT_INVALID - CONSENT_EXPIRED - TOKEN_UNKNOWN - TOKEN_INVALID - TOKEN_EXPIRED MessageCode403_CIS: title: MessageCode403_CIS description: Message codes defined for CIS for HTTP Error code 403 (FORBIDDEN). example: CONSENT_UNKNOWN type: string enum: - CONSENT_UNKNOWN - SERVICE_BLOCKED - RESOURCE_UNKNOWN - RESOURCE_EXPIRED MessageCode404_CIS: title: MessageCode404_CIS description: Message codes defined for CIS for HTTP Error code 404 (NOT_FOUND). example: RESOURCE_UNKNOWN type: string enum: - RESOURCE_UNKNOWN MessageCode405_CIS: title: MessageCode405_CIS description: Message codes defined for CIS for HTTP Error code 405 (METHOD_NOT_ALLOWED). example: SERVICE_INVALID type: string enum: - SERVICE_INVALID MessageCode406_CIS: title: MessageCode406_CIS description: Message codes defined for CIS for HTTP Error code 406 (NOT_ACCEPTABLE). example: REQUESTED_FORMATS_INVALID type: string enum: - REQUESTED_FORMATS_INVALID MessageCode409_CIS: title: MessageCode409_CIS description: Message codes defined for CIS for HTTP Error code 409 (CONFLICT). example: STATUS_INVALID type: string enum: - STATUS_INVALID MessageCode429_CIS: title: MessageCode429_CIS description: Message codes defined for CIS for HTTP Error code 429 (TOO_MANY_REQUESTS). example: ACCESS_EXCEEDED type: string enum: - ACCESS_EXCEEDED _linksAll: title: _linksAll description: A _link object with all availabel link types type: object properties: scaRedirect: $ref: '#/definitions/XS2A_Berlin_Href' scaApp2AppIOS: $ref: '#/definitions/XS2A_Berlin_Href' scaApp2AppAndroid: $ref: '#/definitions/XS2A_Berlin_Href' scaOAuth: $ref: '#/definitions/XS2A_Berlin_Href' startAuthorisation: $ref: '#/definitions/XS2A_Berlin_Href' startAuthorisationWithPsuIdentification: $ref: '#/definitions/XS2A_Berlin_Href' updatePsuIdentification: $ref: '#/definitions/XS2A_Berlin_Href' startAuthorisationWithProprietaryData: $ref: '#/definitions/XS2A_Berlin_Href' updateProprietaryData: $ref: '#/definitions/XS2A_Berlin_Href' startAuthorisationWithPsuAuthentication: $ref: '#/definitions/XS2A_Berlin_Href' updatePsuAuthentication: $ref: '#/definitions/XS2A_Berlin_Href' startAuthorisationWithEncryptedPsuAuthentication: $ref: '#/definitions/XS2A_Berlin_Href' updateEncryptedPsuAuthentication: $ref: '#/definitions/XS2A_Berlin_Href' startAuthorisationWithAuthenticationMethodSelection: $ref: '#/definitions/XS2A_Berlin_Href' selectAuthenticationMethod: $ref: '#/definitions/XS2A_Berlin_Href' startAuthorisationWithTransactionAuthorisation: $ref: '#/definitions/XS2A_Berlin_Href' authoriseTransaction: $ref: '#/definitions/XS2A_Berlin_Href' self: $ref: '#/definitions/XS2A_Berlin_Href' status: $ref: '#/definitions/XS2A_Berlin_Href' scaStatus: $ref: '#/definitions/XS2A_Berlin_Href' account: $ref: '#/definitions/XS2A_Berlin_Href' balances: $ref: '#/definitions/XS2A_Berlin_Href' transactions: $ref: '#/definitions/XS2A_Berlin_Href' transactionDetails: $ref: '#/definitions/XS2A_Berlin_Href' cardAccount: $ref: '#/definitions/XS2A_Berlin_Href' cardTransactions: $ref: '#/definitions/XS2A_Berlin_Href' first: $ref: '#/definitions/XS2A_Berlin_Href' next: $ref: '#/definitions/XS2A_Berlin_Href' previous: $ref: '#/definitions/XS2A_Berlin_Href' last: $ref: '#/definitions/XS2A_Berlin_Href' download: $ref: '#/definitions/XS2A_Berlin_Href' cardExpiryDate: description: | Expiry date of the card issued by the PIISP. type: string format: date example: "2018-07-01" cardNumber: description: Card Number of the card issued by the PIISP. Should be delivered if available. type: string maxLength: 35 cardInformation: description: Addtional explanation for the card product. type: string maxLength: 140 registrationInformation: description: Addtional information about the registration process for the PSU, e. g. a reference to the TPP / PSU contract. type: string maxLength: 140 accountReference: description: | Reference to an account by either * IBAN, of a payment accounts, or * BBAN, for payment accounts if there is no IBAN, or * the Primary Account Number (PAN) of a card, can be tokenised by the ASPSP due to PCI DSS requirements, or * the Primary Account Number (PAN) of a card in a masked form, or * an alias to access a payment account via a registered mobile phone number (MSISDN). type: object properties: iban: $ref: '#/definitions/iban' currency: $ref: '#/definitions/currencyCode' iban: type: string description: IBAN of an account pattern: '[A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30}' example: FR7612345987650123456789014 currencyCode: description: ISO 4217 Alpha 3 currency code type: string pattern: '[A-Z]{3}' example: EUR x-ibm-configuration: enforced: true testable: true phase: realized application-authentication: certificate: false consumes: - application/json produces: - application/json securityDefinitions: oauth-1: type: oauth2 description: "" flow: accessCode scopes: PSP_IC: Cards access authorizationUrl: https://api-public.rba.hr/psd2-cards-oauth2-api/oauth2/authorize tokenUrl: https://api-public.rba.hr/psd2-cards-oauth2-api/oauth2/token clientIdHeader: type: apiKey description: "" in: header name: X-IBM-Client-Id security: - clientIdHeader: [] parameters: Digest: name: Digest in: header description: Is contained if and only if the "Signature" element is contained in the header of the request. type: string required: false Signature: name: Signature in: header description: A signature of the request by the TPP on application level. This might be mandated by ASPSP. type: string required: false TPP-Signature-Certificate: name: TPP-Signature-Certificate in: header description: The certificate used for signing the request, in base64 encoding. Must be contained if a signature is contained. type: string format: byte required: false TPP-Redirect-Preferred: name: TPP-Redirect-Preferred in: header description: If it equals "true", the TPP prefers a redirect over an embedded SCA approach. type: string enum: - "true" - "false" required: false TPP-Redirect-URI: name: TPP-Redirect-URI in: header description: URI of the TPP, where the transaction flow shall be redirected to after a Redirect. type: string format: uri required: false TPP-Nok-Redirect-URI: name: TPP-Nok-Redirect-URI in: header description: If this URI is contained, the TPP is asking to redirect the transaction flow to this address instead of the TPP-Redirect-URI in case of a negative result of the redirect SCA method. This might be ignored by the ASPSP. type: string format: uri required: false TPP-Explicit-Authorisation-Preferred: name: TPP-Explicit-Authorisation-Preferred in: header description: If it equals "true", the TPP prefers to start the authorisation process separately, e.g. because of the usage of a signing basket. type: string enum: - "true" - "false" required: false PSU-ID: name: PSU-ID in: header description: Client ID of the PSU in the ASPSP client interface. Might be mandated in the ASPSP's documentation. Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceding AIS service in the same session. type: string required: false PSU-ID-Type: name: PSU-ID-Type in: header description: Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility. type: string required: false PSU-Corporate-ID: name: PSU-Corporate-ID in: header description: Might be mandated in the ASPSP's documentation. Only used in a corporate context. type: string required: false PSU-Corporate-ID-Type: name: PSU-Corporate-ID-Type in: header description: Might be mandated in the ASPSP's documentation. Only used in a corporate context. type: string required: false PSU-IP-Address_conditionalForAis: name: PSU-IP-Address in: header description: The forwarded IP Address header field consists of the corresponding HTTP request type: string format: ipv4 required: false PSU-IP-Port: name: PSU-IP-Port in: header description: The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available. type: string required: false PSU-Accept: name: PSU-Accept in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. type: string required: false PSU-Accept-Charset: name: PSU-Accept-Charset in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. type: string required: false PSU-Accept-Encoding: name: PSU-Accept-Encoding in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. type: string required: false PSU-Accept-Language: name: PSU-Accept-Language in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. type: string required: false PSU-User-Agent: name: PSU-User-Agent in: header description: |- The forwarded Agent header field of the HTTP request between PSU and TPP, if available. Examples * Android: "Myappa/1.2 Dalvik/2.1.0 (Linux; U; Android 6.0.1; vivo 1610 Build/MMB29M)" * iOS: "MyApp/1 iPhone5,2 iOS/10_1 CFNetwork/808.3 Darwin/16.3.0" type: string required: false PSU-Http-Method: name: PSU-Http-Method in: header description: HTTP method used at the PSU ? TPP interface, if available. type: string enum: - GET - POST - PUT - PATCH - DELETE required: false PSU-Device-ID: name: PSU-Device-ID in: header description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. type: string format: uuid required: false PSU-Geo-Location: name: PSU-Geo-Location in: header description: The forwarded Geo Location of the corresponding http request between PSU and TPP if available. type: string pattern: GEO:-?[0-9]{1,2}\.[0-9]{6};-?[0-9]{1,3}\.[0-9]{6} required: false x-ibm-endpoints: - endpointUrl: https://api.rba.hr type: - production - development ...