| Awesome api app render macro | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
openapi: 3.0.0 info: title: UAE Confirmation of Payee API description: '## UAE Open Finance Confirmation of Payee API Specification' version: v1.0-draft4 tags: - name: Discovery Operations description: Discovery operations and resources - name: Verification Confirmation Operations description: Payee confirmation operations and resources paths: /confirmation-of-payee/v1/discovery: post: tags: - Confirmation DiscoveryOperations operationId: ConfirmationOfPayeeDiscoveryConfirmationOfPayeeConfirmation_signedDiscoveryRequestsignedConfirmationRequest summary: DiscoverConfirm the LFI that will confirmaccount details are correct based on the payeeparameters attributessupplied description: >- BeforeProvide athe Confirmationproperties ofthat Payeecan (CoP)be operationused takesto placeverify the TPPpayee willaccount. need to resolveAt the LFI thatversion 1.0.0 this will servicebe the account propertiesname and IBAN. Future version request. This requirement is based on the separation of concernsthis API may support verification through other identifiers. implemented in the OFP, which ensuresparameters: that the APIs for a given LFI are - $ref: '#/components/parameters/Authorization' always physically separated. - $ref: '#/components/parameters/x-customer-user-agent' At version 1.0.0 the TPP will call this endpoint with the account IBAN, - $ref: '#/components/parameters/x-fapi-auth-date' - $ref: '#/components/parameters/x-fapi-customer-ip-address' which will be used to- resolve the correct URL with which to make the CoP$ref: '#/components/parameters/x-fapi-interaction-id' responses: '200': operation. parameters: description: The request has succeeded. - $ref: '#/components/parameters/Authorization' headers: - $ref: '#/components/parameters/x-customer-user-agent' - $ref: '#/components/parameters/x-fapi-auth-date'interaction-id: - $ref: '#/components/parameters/x-fapi-customer-ip-address' required: false - $ref: '#/components/parameters/x-fapi-interaction-id' responses: description: An RFC4122 UID used as a correlation id. '200': descriptionschema: The request has succeeded. headerstype: string x-fapi-interaction-id:content: application/jwt: required: false schema: description: An RFC4122 UID used as a correlation id. $ref: '#/components/schemas/NameConfirmationResponseBodySigned' schema'400': description: Bad request type: string contentheaders: application/jwtx-fapi-interaction-id: schemarequired: true $refdescription: >-An RFC4122 UID used as a correlation id. #/components/schemas/DiscoverVerificationSourceResponseBodySigned schema: '400': descriptiontype: Badstring request headerscontent: x-fapi-interaction-idapplication/jwt: requiredschema: true description: An RFC4122 UID used as a correlation id. $ref: '#/components/schemas/AEErrorSignedResponse' '401': description: Unauthorized schema: headers: type: string x-fapi-interaction-id: content: required: true application/jwt: description: An RFC4122 UID used as a correlation id. schema: $reftype: '#/components/schemas/AEErrorSignedResponse'string '401403': description: UnauthorizedForbidden headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '403'content: description: Forbidden application/jwt: headers: schema: x-fapi-interaction-id: $ref: '#/components/schemas/AEErrorSignedResponse' required: true '404': description: Not Anfound RFC4122 UID used as a correlation id. headers: schema: x-fapi-interaction-id: typerequired: stringtrue content: description: An RFC4122 UID used as a application/jwt:correlation id. schema: $reftype: '#/components/schemas/AEErrorSignedResponse'string '404405': description: Method Not foundAllowed headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '405406': description: Method Not AllowedAcceptable headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '406415': description: Unsupported NotMedia AcceptableType headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '415429': description: UnsupportedToo MediaMany TypeRequests headers: x-fapi-interaction-idretry-after: required: true description: AnNumber RFC4122in UIDseconds used as a correlation id.to wait schema: type: stringinteger '429': format: int64 description: Too Many Requests x-fapi-interaction-id: headers: retry-after:required: true requireddescription: trueAn RFC4122 UID used as a correlation id. description: Number in secondsschema: to wait schematype: string '500': type: integer description: Internal Server Error formatheaders: int64 x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '500'content: descriptionapplication/jwt: Internal Server Error headersschema: x-fapi-interaction-id: $ref: '#/components/schemas/AEErrorSignedResponse' requestBody: required: true required: true descriptioncontent: An RFC4122 UID used as a correlation id. application/jwt: schema: type$ref: string'#/components/schemas/NameConfirmationRequestBodySigned' security: content: - TPPOAuth2Security: application/jwt: - openid schema: - confirmation-of-payee /discovery: $ref: '#/components/schemas/AEErrorSignedResponse'post: requestBodytags: required:- trueDiscovery Operations contentoperationId: ConfirmationOfPayeeDiscovery_signedDiscoveryRequest summary: Discover the application/jwt:LFI that will confirm the payee attributes schemadescription: >- Before a Confirmation of Payee $ref: '#/components/schemas/DiscoverVerificationSourceRequestBodySigned' security:(CoP) operation takes place the TPP will need to -resolve TPPOAuth2Security:the LFI that will service the account properties - openid request. This requirement is based on the separation of concerns - confirmation-of-payee /confirmation-of-payee/v1/verification: post: tags: implemented in the OFP, which ensures that the APIs for a given LFI are - Verification always physically separated. operationId: ConfirmationOfPayeeVerification_signedVerificationRequest At summary: Verifyversion 1.0.0 the accountTPP detailswill basedcall onthis theendpoint parameterswith suppliedthe account IBAN, description: >- which will be used to resolve Provide the propertiescorrect thatURL canwith bewhich used to verifymake the payeeCoP account. operation. At version 1.0.0 this will be the account name and IBAN. Future version of this API may support verification through other identifiers. parameters:parameters: - $ref: '#/components/parameters/Authorization' - $ref: '#/components/parameters/x-customer-user-agent' - $ref: '#/components/parameters/x-fapi-auth-date' - $ref: '#/components/parameters/x-fapi-customer-ip-address' - $ref: '#/components/parameters/x-fapi-interaction-id' responses: '200': description: The request has succeeded. headers: x-fapi-interaction-id: required: false description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '>- #/components/schemas/NameVerificationResponseBodySigned'DiscoverConfirmationSourceResponseBodySigned '400': description: Bad request headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '#/components/schemas/AEErrorSignedResponse' '401': description: Unauthorized headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '403': description: Forbidden headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '#/components/schemas/AEErrorSignedResponse' '404': description: Not found headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '405': description: Method Not Allowed headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '406': description: Not Acceptable headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '415': description: Unsupported Media Type headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '429': description: Too Many Requests headers: retry-after: required: true description: Number in seconds to wait schema: type: integer format: int64 x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '500': description: Internal Server Error headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '#/components/schemas/AEErrorSignedResponse' requestBody: required: true content: application/jwt: schema: $ref: '#/components/schemas/NameVerificationRequestBodySignedDiscoverConfirmationSourceRequestBodySigned' security: - TPPOAuth2Security: - openid - confirmation-of-payee components: parameters: Authorization: name: authorization in: header required: true description: An authorization Token as per https://tools.ietf.org/html/rfc6750 schema: type: string x-customer-user-agent: name: x-customer-user-agent in: header required: false description: Indicates the user-agent that the User is using. schema: type: string x-fapi-auth-date: name: x-fapi-auth-date in: header required: false description: >- The time when the User last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC schema: type: string pattern: >- ^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \d{4} \d{2}:\d{2}:\d{2} (GMT|UTC)$ x-fapi-customer-ip-address: name: x-fapi-customer-ip-address in: header required: false description: The User's IP address if the User is currently logged in with the TPP. schema: type: string x-fapi-interaction-id: name: x-fapi-interaction-id in: header required: false description: An RFC4122 UID used as a correlation id. schema: type: string schemas: AEAccountDiscoveryAEAccountConfirmationRequest: type: object required: - IdentificationTypeData properties: - Identification propertiesData: IdentificationType: $ref: '#/components/schemas/AEAccountConfirmationRequestProperties' additionalProperties: type:false string AEAccountConfirmationRequestProperties: enumoneOf: - - UAEOF.IBAN$ref: '#/components/schemas/AEIbanConfirmationProperties' - Identification$ref: '#/components/schemas/AEAccountNumberConfirmationProperties' discriminator: type: string propertyName: IdentificationType minLengthmapping: 1 maxLengthUAEOF.IBAN: 400'#/components/schemas/AEIbanConfirmationProperties' descriptionUAEOF.AccountNumber: >-'#/components/schemas/AEAccountNumberConfirmationProperties' AEAccountConfirmationResponse: type: Identificationobject for the account assigned by the LFIrequired: based on the - Data Account Scheme Name, and- asLinks understood by the payer. This - Meta properties: identification is known by the User account owner. ForData: IBAN, refer $ref: '#/components/schemas/AEAccountConfirmationRequestProperties' to the ISO Standard 13616. additionalProperties: false AEAccountNameMatchIndicatorsLinks: type: string enum$ref: '#/components/schemas/LinksSelf' - UAEOF.ConfirmationOfPayee.Yes - UAEOF.ConfirmationOfPayee.No AEAccountNameVerificationProperties: Meta: oneOf: - $ref: '#/components/schemas/AEPersonalAccountNameVerificationPropertiesMeta' - $refadditionalProperties: '#/components/schemas/AEBusinessAccountNameVerificationProperties'false AEAccountVerificationPropertiesAEAccountDiscoveryByBankCode: type: object required: - IdentificationType - IdentificationBankCode properties: - Name properties: IdentificationType: type: string enum: - UAEOF.IBANBankCode IdentificationBankCode: type: string minLengthpattern: 1^[0-9]{3}$ maxLengthdescription: 400>- description: >- Bank identification code issued by CBUAE that identifies the LFI at Identification for the account assigned by the LFI based on the which the account is held additionalProperties: Accountfalse Scheme Name, and as understoodAEAccountDiscoveryByIban: by the payer. This type: object required: identification is known by the User account owner.- ForIdentificationType IBAN, refer - Identification to the ISO Standard 13616. properties: NameIdentificationType: $reftype: '#/components/schemas/AEAccountNameVerificationProperties'string additionalProperties: false enum: AEBusinessAccountNameVerificationProperties: type: object - UAEOF.IBAN required: Identification: - BusinessName propertiestype: string BusinessNameminLength: 1 type maxLength: string400 minLength: 1description: >- Identification for the account maxLength: 140 assigned by the LFI based on the description: The business name of theAccount accountScheme holderName, and as understood by the payer. This description: The properties required to verify a businessidentification accountis known by the User account owner. additionalProperties:For falseIBAN, refer AEError: type: object to the ISO Standard 13616. required: additionalProperties: false - CodeAEAccountNameConfirmationProperties: oneOf: - Message - properties:$ref: '#/components/schemas/AEPersonalAccountNameConfirmationProperties' - Code:$ref: '#/components/schemas/AEBusinessAccountNameConfirmationProperties' AEAccountNumberConfirmationProperties: allOftype: object required: - $ref: '#/components/schemas/AEErrorCode' - IdentificationType description: Low- levelIdentification textual error code, e.g., UAEOF.Field.Missing - BankCode Message: - Name type: string properties: minLengthIdentificationType: 1 maxLengthtype: 500string descriptionenum: >- - AUAEOF.AccountNumber description of the error that occurred. e.g., 'A mandatory field Identification: type: string isn't supplied' or 'RequestedExecutionDateTime must be in future' minLength: 1 UAEOF doesn't standardise this fieldmaxLength: 400 Pathdescription: >- type: string Identification for the account assigned by the LFI based minLength:on 1the maxLength: 500 Account Scheme Name, and as understood by the payer. This description: >- identification is Recommendedknown butby optionalthe referenceUser toaccount theowner. JSONFor PathIBAN, ofrefer the field to the withISO error,Standard e.g., Data.Initiation.InstructedAmount.Currency13616. BankCode: Urltype: string typepattern: string^[0-9]{3}$ description: >- Bank identification code issued URLby toCBUAE helpthat remediateidentifies the problem, or provide more information, or LFI at which the account is held to APIName: Reference, or help etc description$ref: Error'#/components/schemas/AEAccountNameConfirmationProperties' additionalProperties: false AEErrorCodeAEBusinessAccountNameConfirmationProperties: type: stringobject enumrequired: - UAEOF.AccessToken.UnauthorizedBusinessName properties: - UAEOF.AccessToken.InvalidScope BusinessName: - UAEOF.Consent.Revoked type: string - UAEOF.Consent.TransientAccountAccessFailure - UAEOF.Consent.AccountTemporarilyBlockedminLength: 1 - UAEOF.Consent.PermanentAccountAccessFailure maxLength: 140 - UAEOF.Consent.Invalid description: The business name of the - UAEOF.JWS.InvalidSignature account holder, as understood by the payer - UAEOF.JWS.Malformed description: The properties required to verify a - UAEOF.JWS.InvalidClaimbusiness account additionalProperties: false - UAEOF.JWS.InvalidHeader AEConfirmationDiscovery: - UAEOF.GenericRecoverableErroroneOf: - UAEOF.GenericError$ref: '#/components/schemas/AEAccountDiscoveryByIban' - UAEOF.JWE.DecryptionError $ref: '#/components/schemas/AEAccountDiscoveryByBankCode' discriminator: - UAEOF.JWE.InvalidHeader propertyName: IdentificationType - UAEOF.Event.UnexpectedEvent mapping: - UAEOF.Body.InvalidFormat - UAEOF.Resource.InvalidResourceId IBAN: '#/components/schemas/AEAccountDiscoveryByIban' - UAEOF.Resource.InvalidFormat - UAEOF.Consent.BusinessRuleViolationUAEOF.BankCode: '#/components/schemas/AEAccountDiscoveryByBankCode' AEErrorResponseAEConfirmationDiscoveryRequest: type: object required: - ErrorsData properties: ErrorsData: type$ref: array'#/components/schemas/AEConfirmationDiscovery' additionalProperties: false items AEConfirmationDiscoveryResponse: type: object $refrequired: '#/components/schemas/AEError' - Data minItems: 1 - Links description: >- - Meta An array of detail error codes,properties: and messages, and URLs to documentation Data: to help remediation. $ref: '#/components/schemas/AEConfirmationSourceProperties' additionalProperties: false AEErrorSignedResponseLinks: type: object $ref: '#/components/schemas/LinksSelf' required: Meta: - iss $ref: - exp'#/components/schemas/Meta' additionalProperties: false - nbf AEConfirmationSourceProperties: type: -object message required: properties: - iss:AuthorizationServerUrl - ResourceServerUrl type: string properties: description AuthorizationServerUrl: >- type: [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1)string expminLength: 1 type maxLength: number500 description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) nbf:Authorization Server URL at which an Access Token to invoke the Confirmation of Payee type:operation numbershould be sought descriptionResourceServerUrl: >- type: [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)string audminLength: 1 typemaxLength: array500 itemsdescription: >- type: string Resource Server URL at which the Confirmation of Payee operation description: >- should be invoked [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3)additionalProperties: false AEError: type: object iat: required: type: number - Code description: >- Message properties: [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6)Code: messageallOf: - $ref: '#/components/schemas/AEErrorResponseAEErrorCode' description: Low Signedlevel textual error response payload code, e.g., UAEOF.Field.Missing additionalProperties: false Message: AENameVerificationRequest: type: objectstring required: minLength: 1 - Data maxLength: 500 properties: Datadescription: >- $ref: '#/components/schemas/AEAccountVerificationProperties' A description of the error additionalProperties:that false AENameVerificationResponse:occurred. e.g., 'A mandatory field type: object isn't supplied' or required:'RequestedExecutionDateTime must be in future' - Data UAEOF -doesn't Linksstandardise this field - Meta Path: properties: type: string Data: minLength: 1 $ref: '#/components/schemas/AEVerifiedProperties' LinksmaxLength: 500 $refdescription: '#/components/schemas/LinksSelf'>- Meta: Recommended but optional reference to the JSON $ref: '#/components/schemas/Meta' Path of the field additionalProperties: false AEPersonalAccountNameVerificationProperties: with error, e.g., Data.Initiation.InstructedAmount.Currency type: object requiredUrl: - GivenName type: string - LastName description: >- properties: GivenName: URL to help remediate the problem, or provide more information, or type: string minLength:to 1API Reference, or help etc maxLengthdescription: 70Error additionalProperties: false description: >- AEErrorCode: type: string The given or firstenum: name of the account holder, as understood by the- UAEOF.AccessToken.Unauthorized - UAEOF.AccessToken.InvalidScope payer - UAEOF.Consent.Revoked LastName: - UAEOF.Consent.TransientAccountAccessFailure type: string - UAEOF.Consent.AccountTemporarilyBlocked minLength: 1 - UAEOF.Consent.PermanentAccountAccessFailure maxLength: 70 - UAEOF.Consent.Invalid description: >- UAEOF.JWS.InvalidSignature - UAEOF.JWS.Malformed The family or surname of the account holder, as understood by the - UAEOF.JWS.InvalidClaim - UAEOF.JWS.InvalidHeader - UAEOF.GenericRecoverableError - UAEOF.GenericError - UAEOF.JWE.DecryptionError - UAEOF.JWE.InvalidHeader - UAEOF.Event.UnexpectedEvent - UAEOF.Body.InvalidFormat - UAEOF.Resource.InvalidResourceId - UAEOF.Resource.InvalidFormat - UAEOF.Consent.BusinessRuleViolation AEErrorResponse: type: object required: - Errors properties: Errors: type: array items: $ref: '#/components/schemas/AEError' minItems: 1 description: >- An array of detail error codes, and messages, and URLs to documentation to help remediation. additionalProperties: false AEErrorSignedResponse: type: object required: - iss - exp - nbf - message properties: iss: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1) exp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) nbf: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5) aud: type: array items: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3) iat: type: number payer description: The properties required to verify a personal account>- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) additionalProperties: false message: AEVerificationDiscovery: $ref: '#/components/schemas/AEAccountDiscoveryAEErrorResponse' AEVerificationDiscoveryRequest: description: Signed error response payload type: object requiredadditionalProperties: false AEIbanConfirmationProperties: - Data type: object properties: required: Data: - IdentificationType $ref: '#/components/schemas/AEVerificationDiscovery' - Identification additionalProperties: false - AEVerificationDiscoveryResponse:Name typeproperties: object requiredIdentificationType: - Data type: string - Links enum: - Meta - properties:UAEOF.IBAN DataIdentification: $reftype: '#/components/schemas/AEVerificationSourceProperties' string LinksminLength: 1 $refmaxLength: '#/components/schemas/LinksSelf'400 Meta: description: >- $ref: '#/components/schemas/Meta' Identification additionalProperties:for falsethe account assigned by the AEVerificationSourceProperties:LFI based on the type: object required: Account Scheme Name, and as understood by the -payer. AuthorizationServerUrlThis - ResourceServerUrl identification is known by properties:the User account owner. For IBAN, refer AuthorizationServerUrl: to type:the stringISO Standard 13616. minLengthName: 1 maxLength$ref: 500'#/components/schemas/AEAccountNameConfirmationProperties' additionalProperties: false descriptionAEPersonalAccountNameConfirmationProperties: >- type: object Authorization Serverrequired: URL at which an Access Token to invoke the - GivenName - LastName Confirmation of Payee operation should be soughtproperties: ResourceServerUrlGivenName: type: string minLength: 1 maxLength: 50070 description: >- ResourceThe Servergiven URLor atfirst whichname the Confirmation of Payeethe operationaccount holder, as understood by the should be invoked payer additionalProperties: false AEVerifiedPropertiesLastName: type: object requiredtype: string - AccountNameMatchIndicator propertiesminLength: 1 AccountNameMatchIndicator: allOfmaxLength: 70 description: >- $ref: '#/components/schemas/AEAccountNameMatchIndicators' description:The >-family or surname of the account holder, as understood by the Indicator for whether the payee name is matched with the account payer description: The properties required nameto heldverify ata thepersonal LFIaccount additionalProperties: false DiscoverVerificationSourceRequestBodySignedDiscoverConfirmationSourceRequestBodySigned: type: object required: - iss - exp - nbf - message properties: iss: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1) exp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) nbf: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5) aud: type: array items: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3) iat: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) message: $ref: '#/components/schemas/AEVerificationDiscoveryRequestAEConfirmationDiscoveryRequest' additionalProperties: false DiscoverVerificationSourceResponseBodySignedDiscoverConfirmationSourceResponseBodySigned: type: object required: - iss - exp - nbf - message properties: iss: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1) exp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) nbf: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5) aud: type: array items: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3) iat: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) message: $ref: '#/components/schemas/AEVerificationDiscoveryResponse' additionalProperties: false DiscoverVerificationSourceSignedRequest: type: object required: - requestBody properties:1.6) requestBodymessage: $ref: '#/components/schemas/DiscoverVerificationSourceRequestBodySignedAEConfirmationDiscoveryResponse' additionalProperties: false LinksSelf: type: object required: - Self properties: Self: $ref: '#/components/schemas/Self' description: Links relevant to the resource additionalProperties: false Meta: type: object description: Metadata relevant to the resource additionalProperties: false NameVerificationRequestBodySignedNameConfirmationRequestBodySigned: type: object required: - iss - exp - nbf - message properties: iss: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1) exp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) nbf: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5) aud: type: array items: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3) iat: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) message: $ref: '#/components/schemas/AENameVerificationRequestAEAccountConfirmationRequest' additionalProperties: false NameVerificationResponseBodySignedNameConfirmationResponseBodySigned: type: object required: - iss - exp - nbf - message properties: iss: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1) exp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.41](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.41) nbfexp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.54](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.54) audnbf: type: array items: number type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.35](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.35) aud: iat: type: array items: type: numberstring description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.63](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) message: $ref: '#/components/schemas/AENameVerificationResponse'3) additionalProperties: false iat: NameVerificationSignedRequest: type: number object required: description: >- - requestBody properties:[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) requestBodymessage: $ref: '#/components/schemas/NameVerificationRequestBodySignedAEAccountConfirmationResponse' additionalProperties: false Self: type: string format: uri description: A link to the current resource securitySchemes: TPPOAuth2Security: type: oauth2 description: >- TPP confidential client authorization with the LFI to stage a consent. **Please refer to [OpenID FAPI Security Profile 1.0 -Part 2 Advanced](https://openid.net/specs/openid-financial-api-part-2-1_0.html#authorization-server) - 5.2.2 point 14 - shall authenticate the confidential client using one of the following methods private_key_jwt and [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication) 9. Client Authentication private_key_jwt** flows: clientCredentials: tokenUrl: https://authserver.example/token scopes: openid: Activates OpenID Connect Support confirmation-of-payee: Right to invoke a Confirmation of Payee operation accounts: Ability to read Accounts Information insurance: Right to read insurance policies servers: - url: /open-finance/confirmation-of-payee/v1.0-draft4 description: Default URL variables: {} |
Attachments
The Confirmation of Payee OpenAPI description is attached, together with a spreadsheet that lists all properties by operation.
...