| Awesome api app render macro | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
openapi: 3.0.0
info:
title: UAE Confirmation of Payee API
description: '## UAE Open Finance Confirmation of Payee API Specification'
version: v1.0-rc1
tags:
- name: Discovery Operations
description: Discovery operations and resources
- name: Confirmation Operations
description: Payee confirmation operations and resources
paths:
/confirmation:
post:
tags:
- Confirmation Operations
operationId: ConfirmationOfPayeeConfirmation_signedConfirmationRequest
summary: Confirm the account details are correct based on the parameters supplied
description: >-
Provide the properties that can be used to verify the payee account.
At version 1.0.0 this will be the account name and eitherthe IBANCreditor orAccount
Account NumberIBAN. Future version of this API may support verification through other
through other identifiers.
parameters:
- $ref: '#/components/parameters/Authorization'
- $ref: '#/components/parameters/x-customer-user-agent'
- $ref: '#/components/parameters/x-fapi-auth-date'
- $ref: '#/components/parameters/x-fapi-customer-ip-address'
- $ref: '#/components/parameters/x-fapi-interaction-id'
responses:
'200':
description: The request has succeeded.
headers:
x-fapi-interaction-id:
required: false
description: An RFC4122 UID used as a correlation id.
schema:
type: string
content:
application/jwt:
schema:
$ref: '#/components/schemas/NameConfirmationResponseBodySigned'
'400':
description: Bad request
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
content:
application/jwt:
schema:
$ref: '#/components/schemas/AEErrorSignedResponse'
'401':
description: Unauthorized
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'403':
description: Forbidden
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
content:
application/jwt:
schema:
$ref: '#/components/schemas/AEErrorSignedResponse'
'404':
description: Not found
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'405':
description: Method Not Allowed
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'406':
description: Not Acceptable
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'415':
description: Unsupported Media Type
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'429':
description: Too Many Requests
headers:
retry-after:
required: true
description: Number in seconds to wait
schema:
type: integer
format: int64
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'500':
description: Internal Server Error
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
content:
application/jwt:
schema:
$ref: '#/components/schemas/AEErrorSignedResponse'
requestBody:
required: true
content:
application/jwt:
schema:
$ref: '#/components/schemas/NameConfirmationRequestBodySigned'
security:
- TPPOAuth2Security:
- openid
- confirmation-of-payee
/discovery:
post:
tags:
- Discovery Operations
operationId: ConfirmationOfPayeeDiscovery_signedDiscoveryRequest
summary: Discover the LFI that will confirm the payee attributes
description: >-
Before a Confirmation of Payee (CoP) operation takes place the TPP will
need to resolve the LFI that will service the account properties
request. This requirement is based on the separation of concerns
implemented in the OFP, which ensures that the APIs for a given LFI are
always physically separated.
At version 1.0.0 the TPP will call this endpoint with the Creditor
account IBAN, Account IBAN, which will be used to resolve the correct URL with which
to make the CoP to make the CoP operation.
parameters:
- $ref: '#/components/parameters/Authorization'
- $ref: '#/components/parameters/x-customer-user-agent'
- $ref: '#/components/parameters/x-fapi-auth-date'
- $ref: '#/components/parameters/x-fapi-customer-ip-address'
- $ref: '#/components/parameters/x-fapi-interaction-id'
responses:
'200':
description: The request has succeeded.
headers:
x-fapi-interaction-id:
required: false
description: An RFC4122 UID used as a correlation id.
schema:
type: string
content:
application/jwt:
schema:
$ref: >-
#/components/schemas/DiscoverConfirmationSourceResponseBodySigned
'400':
description: Bad request
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
content:
application/jwt:
schema:
$ref: '#/components/schemas/AEErrorSignedResponse'
'401':
description: Unauthorized
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'403':
description: Forbidden
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
content:
application/jwt:
schema:
$ref: '#/components/schemas/AEErrorSignedResponse'
'404':
description: Not found
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'405':
description: Method Not Allowed
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'406':
description: Not Acceptable
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'415':
description: Unsupported Media Type
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'429':
description: Too Many Requests
headers:
retry-after:
required: true
description: Number in seconds to wait
schema:
type: integer
format: int64
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
'500':
description: Internal Server Error
headers:
x-fapi-interaction-id:
required: true
description: An RFC4122 UID used as a correlation id.
schema:
type: string
content:
application/jwt:
schema:
$ref: '#/components/schemas/AEErrorSignedResponse'
requestBody:
required: true
content:
application/jwt:
schema:
$ref: '#/components/schemas/DiscoverConfirmationSourceRequestBodySigned'
security:
- TPPOAuth2Security:
- openid
- confirmation-of-payee
components:
parameters:
Authorization:
name: authorization
in: header
required: true
description: An authorization Token as per https://tools.ietf.org/html/rfc6750
schema:
type: string
x-customer-user-agent:
name: x-customer-user-agent
in: header
required: false
description: Indicates the user-agent that the User is using.
schema:
type: string
x-fapi-auth-date:
name: x-fapi-auth-date
in: header
required: false
description: >-
The time when the User last logged in with the TPP.
All dates in the HTTP headers are represented as RFC 7231 Full Dates. An
example is below:
Sun, 10 Sep 2017 19:43:31 UTC
schema:
type: string
pattern: >-
^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2}
(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \d{4}
\d{2}:\d{2}:\d{2} (GMT|UTC)$
x-fapi-customer-ip-address:
name: x-fapi-customer-ip-address
in: header
required: false
description: The User's IP address if the User is currently logged in with the TPP.
schema:
type: string
x-fapi-interaction-id:
name: x-fapi-interaction-id
in: header
required: false
description: An RFC4122 UID used as a correlation id.
schema:
type: string
schemas:
AEAccountConfirmationRequest:
type: object
required:
- Data
properties:
Data:
$ref: '#/components/schemas/AEAccountConfirmationRequestProperties'
additionalProperties: false
AEAccountConfirmationRequestProperties:
oneOftype: object
- $ref: '#/components/schemas/AEIbanConfirmationProperties'required:
- $ref: '#/components/schemas/AEAccountNumberConfirmationProperties'SchemeName
discriminator: - Identification
propertyName: SchemeName - Name
mappingproperties:
IBANSchemeName:
'#/components/schemas/AEIbanConfirmationProperties' AccountNumbertype: '#/components/schemas/AEAccountNumberConfirmationProperties'string
AEAccountConfirmationResponse: typeenum:
object required: - IBAN
- Data description: >-
Links - Meta Name of the identification scheme, properties:in a coded form as published in
Data: an $ref: '#/components/schemas/AEAccountConfirmationResponseProperties'external list.
LinksIdentification:
$reftype: '#/components/schemas/LinksSelf' string
MetaminLength: 1
$refmaxLength: '#/components/schemas/Meta' 34
additionalPropertiesdescription: false>-
AEAccountConfirmationResponseProperties: Identification for the account assigned type:by objectthe LFI based on the
required: - AccountNameMatchIndicatorAccount Scheme Name, as understood by the properties:Debtor.
AccountNameMatchIndicatorName:
$ref: '#/components/schemas/AEAccountNameMatchIndicatorsAEAccountNameConfirmationProperties'
MaskedAccountNamedescription: Properties to request a the Confirmation of Payee
type: string additionalProperties: false
AEAccountConfirmationResponse:
minLength: 1 type: object
maxLengthrequired:
70 - Data
description: >- - Links
The masked matched- accountMeta
name. This is provided to allow theproperties:
User Data:
to review the account name return from the Confirmation operation.$ref: '#/components/schemas/AEAccountConfirmationResponseProperties'
additionalPropertiesLinks:
false AEAccountDiscoveryByBankCode: $ref: type: object'#/components/schemas/LinksSelf'
requiredMeta:
- SchemeName $ref: '#/components/schemas/Meta'
-additionalProperties: BankCodefalse
propertiesAEAccountConfirmationResponseProperties:
SchemeNametype: object
required:
type: string - AccountNameMatchIndicator
enum: properties:
AccountNameMatchIndicator:
- BankCode BankCode$ref: '#/components/schemas/AEAccountNameMatchIndicators'
typeMaskedAccountName: string
patterntype: ^[0-9]{3}$string
descriptionminLength: >-1
maxLength: 70
Bank identification code issued by CBUAE that identifies the LFI atdescription: >-
which theThe accountmasked ismatched heldaccount name. This is provided to allow additionalProperties:the falseUser
AEAccountDiscoveryByIban: type: objectto review the account name return from required:the Confirmation operation.
-additionalProperties: SchemeNamefalse
AEAccountNameConfirmationProperties:
- Identification oneOf:
properties: - $ref: '#/components/schemas/AEPersonalAccountNameConfirmationProperties'
SchemeName: - $ref: '#/components/schemas/AEBusinessAccountNameConfirmationProperties'
typeAEAccountNameMatchIndicators:
string type: string
enum:
- ConfirmationOfPayee.Yes
- IBAN - ConfirmationOfPayee.No
Identification: description: >-
type: string Indicator for whether the payee name is matched with minLength:the 1account name
held maxLength:at 400the LFI
AEBusinessAccountNameConfirmationProperties:
description: >- type: object
required:
Identification for the account assigned by- theBusinessName
LFI based on the properties:
BusinessName:
Account Scheme Name, and as understood by the payer. This type: string
identificationminLength: is1
known by the User account owner. For IBAN, refer maxLength: 140
to thedescription: ISOThe Standardbusiness 13616.name of the account holder, as understood additionalProperties:by falsethe Debtor
AEAccountNameConfirmationProperties: oneOfdescription: The properties required to verify a business -account
$ref: '#/components/schemas/AEPersonalAccountNameConfirmationProperties' - $ref: '#/components/schemas/AEBusinessAccountNameConfirmationProperties'additionalProperties: false
AEAccountNameMatchIndicatorsAEConfirmationDiscovery:
type: stringobject
enumrequired:
- ConfirmationOfPayee.YesSchemeName
- ConfirmationOfPayee.NoIdentification
descriptionproperties:
>- SchemeName:
Indicator for whether the payee name is matched with the account name
held at the LFI
AEAccountNumberConfirmationProperties:
type: string
type: object requiredenum:
- SchemeName - IdentificationIBAN
- BankCode - Name
description: >-
properties: Name of SchemeName:the identification scheme, in a coded form as published in
type: string an enum:
external list.
- AccountNumber Identification:
type: string
minLength: 1
maxLength: 40034
description: >-
Identification for the account assigned by the LFI based on the
Account Scheme Name, and as understood by the payerDebtor.
This additionalProperties: false
AEConfirmationDiscoveryRequest:
identification is known by the User account owner. For IBAN, refer type: object
required:
- Data
to the ISO Standard 13616.properties:
BankCodeData:
type: string$ref: '#/components/schemas/AEConfirmationDiscovery'
additionalProperties: false
pattern AEConfirmationDiscoveryResponse:
^[0-9]{3}$ type: object
description: >- required:
- BankData
identification code issued by CBUAE that identifies the LFI- atLinks
- Meta
which the account is heldproperties:
NameData:
$ref: '#/components/schemas/AEAccountNameConfirmationPropertiesAEConfirmationSourceProperties'
additionalProperties: false Links:
AEBusinessAccountNameConfirmationProperties: type$ref: object'#/components/schemas/LinksSelf'
required: Meta:
- BusinessName $ref: '#/components/schemas/Meta'
properties additionalProperties: false
AEConfirmationSourceProperties:
BusinessName: type: object
typerequired:
string - AuthorizationServerUrl
minLength: 1 - ResourceServerUrl
maxLength: 140 properties:
descriptionAuthorizationServerUrl:
The business name of the account holder, as understood bytype: thestring
payer description: The properties requiredminLength: to1
verify a business account additionalPropertiesmaxLength: false500
AEConfirmationDiscovery: oneOfdescription: >-
- $ref: '#/components/schemas/AEAccountDiscoveryByIban' Authorization Server URL at which an -Access $ref: '#/components/schemas/AEAccountDiscoveryByBankCode'
Token to invoke the
discriminator: propertyName: SchemeNameConfirmation of Payee operation should be sought
mappingResourceServerUrl:
IBANtype: '#/components/schemas/AEAccountDiscoveryByIban'string
BankCodeminLength: '#/components/schemas/AEAccountDiscoveryByBankCode' 1
AEConfirmationDiscoveryRequest: maxLength: 500
type: object requireddescription: >-
- Data Resource Server URL properties:at which the Confirmation of Payee operation
Data: should $ref: '#/components/schemas/AEConfirmationDiscovery'be invoked
additionalProperties: false
AEConfirmationDiscoveryResponseAEError:
type: object
required:
- DataCode
- Message
Links properties:
- Meta Code:
properties: DataallOf:
- $ref: '#/components/schemas/AEConfirmationSourcePropertiesAEErrorCode'
Links: description: Low level textual error $ref: '#/components/schemas/LinksSelf'code, e.g., UAEOF.Field.Missing
MetaMessage:
$reftype: '#/components/schemas/Meta'string
additionalProperties: false minLength: AEConfirmationSourceProperties:1
type: object maxLength: 500
required: description: >-
AuthorizationServerUrl - ResourceServerUrl A description of the error properties:that occurred. e.g., 'A mandatory field
AuthorizationServerUrl: isn't supplied' type:or string'RequestedExecutionDateTime must be in future'
minLength: 1 UAEOF doesn't standardise this field
maxLength: 500 Path:
description: >- type: string
Authorization Server URL at which anminLength: Access1
Token to invoke the maxLength: 500
Confirmation of Payee operation should be soughtdescription: >-
ResourceServerUrl: Recommended but optional reference to the type:JSON stringPath of the field
minLength: 1 with error, e.g., Data.Initiation.InstructedAmount.Currency
maxLength: 500 Url:
description: >- type: string
Resource Server URLdescription: at>-
which the Confirmation of Payee operation URL to help remediate the problem, shouldor beprovide invokedmore information, or
additionalProperties: false AEError: to API Reference, or type:help objectetc
requireddescription: Error
additionalProperties: -false
Code AEErrorCode:
- Message type: string
properties: enum:
Code: - UAEOF.AccessToken.Unauthorized
allOf: - UAEOF.AccessToken.InvalidScope
- UAEOF.Consent.Revoked
- $ref: '#/components/schemas/AEErrorCode' - UAEOF.Consent.TransientAccountAccessFailure
description: Low level textual error code,- eUAEOF.gConsent.,AccountTemporarilyBlocked
Field.Missing - UAEOF.Consent.PermanentAccountAccessFailure
Message: - UAEOF.Consent.Invalid
type: string - UAEOF.JWS.InvalidSignature
minLength: 1 - UAEOF.JWS.Malformed
maxLength: 500 - UAEOF.JWS.InvalidClaim
description: >- UAEOF.JWS.InvalidHeader
- UAEOF.GenericRecoverableError
A description of the error that- occurredUAEOF. e.g., 'A mandatory fieldGenericError
- UAEOF.JWE.DecryptionError
isn't supplied' or 'RequestedExecutionDateTime must be in future'- UAEOF.JWE.InvalidHeader
- UAEOF.Event.UnexpectedEvent
- UAEOF doesn't standardise this field.Body.InvalidFormat
- UAEOF.Resource.InvalidResourceId
Path: - UAEOF.Resource.InvalidFormat
type: string - UAEOF.Consent.BusinessRuleViolation
minLengthAEErrorResponse:
1 type: object
maxLength: 500 required:
description: >- Errors
properties:
Recommended but optional reference toErrors:
the JSON Path of the field type: array
with error, e.g., Data.Initiation.InstructedAmount.Currency items:
Url: $ref: '#/components/schemas/AEError'
type: string minItems: 1
description: >-
An array of detail URL to help remediate the problemerror codes, or provide more informationand messages, orand URLs to documentation
to API Reference, or help etc
remediation.
description: Error additionalProperties: false
AEErrorCodeAEErrorSignedResponse:
type: stringobject
enumrequired:
- AccessToken.Unauthorizediss
- AccessToken.InvalidScopeexp
- Consent.Revokednbf
- Consent.TransientAccountAccessFailuremessage
properties:
- Consent.AccountTemporarilyBlocked iss:
- Consent.PermanentAccountAccessFailure type: string
- Consent.Invalid description: >-
JWS.InvalidSignature - JWS.Malformed
- JWS.InvalidClaim
- JWS.InvalidHeader [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1)
-exp:
GenericRecoverableError - GenericErrortype: number
- JWE.DecryptionError description: >-
- JWE.InvalidHeader - Event.UnexpectedEvent
- Body.InvalidFormat
- Resource.InvalidResourceId
- Resource.InvalidFormat[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4)
- Consent.BusinessRuleViolation
nbf:
AEErrorResponse: type: objectnumber
required: description: >-
Errors properties: Errors:
type: array
items:
$ref: '#/components/schemas/AEError'
minItems: 1
description: >-
An array of detail error codes, and messages, and URLs to documentation
to help remediation.
additionalProperties: false
AEErrorSignedResponse:
type: object
required:
- iss
- exp
- nbf
- message
properties:
iss:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1)
exp:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4)
nbf:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)
aud:
type: array
items:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3)
iat:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6)
message:
$ref: '#/components/schemas/AEErrorResponse'
description: Signed error response payload
additionalProperties: false
AEIbanConfirmationProperties:
type: object
required:
- SchemeName
- Identification
- Name
properties:
SchemeName:
type: string
enum:
- IBAN[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)
Identificationaud:
type: stringarray
minLengthitems:
1 maxLengthtype: 400string
description: >-
Identification for the account assigned by the LFI based on the[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3)
iat:
Account Scheme Name, and as understood by the payer. This
identification is known by the User account owner. For IBAN, refer
type: number
description: >-
to the ISO Standard 13616. [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6)
Namemessage:
$ref: '#/components/schemas/AEAccountNameConfirmationProperties'AEErrorResponse'
description: Signed error response payload
additionalProperties: false
AEPersonalAccountNameConfirmationProperties:
type: object
required:
- GivenName
- LastName
properties:
GivenName:
type: string
minLength: 1
maxLength: 70
description: >-
The given or first name of the account holder, as understood by the
payerDebtor
LastName:
type: string
minLength: 1
maxLength: 70
description: >-
The family or surname of the account holder, as understood by the
payerDebtor
description: The properties required to verify a personal account
additionalProperties: false
DiscoverConfirmationSourceRequestBodySigned:
type: object
required:
- iss
- exp
- nbf
- message
properties:
iss:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1)
exp:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4)
nbf:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)
aud:
type: array
items:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3)
iat:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6)
message:
$ref: '#/components/schemas/AEConfirmationDiscoveryRequest'
additionalProperties: false
DiscoverConfirmationSourceResponseBodySigned:
type: object
required:
- iss
- exp
- nbf
- message
properties:
iss:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1)
exp:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4)
nbf:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)
aud:
type: array
items:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3)
iat:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6)6)
message:
$ref: '#/components/schemas/AEConfirmationDiscoveryResponse'
additionalProperties: false
message: ErrorTemplate:
$reftype: '#/components/schemas/AEConfirmationDiscoveryResponse'object
additionalProperties: false
LinksSelf:
type: object
required:
- Self
properties:
Self:
$ref: '#/components/schemas/Self'
description: Links relevant to the resource
additionalProperties: false
Meta:
type: object
description: Metadata relevant to the resource
additionalProperties: false
MethodNotAllowedErrorResponse:
type: object
allOf:
- $ref: '#/components/schemas/ErrorTemplate'
description: Method Not Allowed
additionalProperties: false
NameConfirmationRequestBodySigned:
type: object
required:
- iss
- exp
- nbf
- message
properties:
iss:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1)
exp:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4)
nbf:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)
aud:
type: array
items:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3)
iat:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6)
message:
$ref: '#/components/schemas/AEAccountConfirmationRequest'
additionalProperties: false
NameConfirmationResponseBodySigned:
type: object
required:
- iss
- exp
- nbf
- message
properties:
iss:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1)
exp:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4)
nbf:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)
aud:
type: array
items:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3)
iat:
type: number
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6)
message:
$ref: '#/components/schemas/AEAccountConfirmationResponse'
additionalProperties: false
Self:
type: string
format: uri
description: A link to the current resource
securitySchemes:
TPPOAuth2Security:
type: oauth2
description: >-
TPP confidential client authorization with the LFI to stage a consent.
**Please refer to [OpenID FAPI Security Profile 1.0 -Part 2
Advanced](https://openid.net/specs/openid-financial-api-part-2-1_0.html#authorization-server)
- 5.2.2 point 14 - shall authenticate the confidential client using one
of the following methods private_key_jwt and [OpenID Connect Core
1.0](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication)
9. Client Authentication private_key_jwt**
flows:
clientCredentials:
tokenUrl: https://authserver.example/token
scopes:
openid: Activates OpenID Connect Support
confirmation-of-payee: Right to invoke a Confirmation of Payee operation
accounts: Ability to read Accounts Information
insurance: Right to read insurance policies
servers:
- url: /open-finance/confirmation-of-payee/v1.0-rc1
description: Default URL
variables: {}
|
Attachments
The Confirmation of Payee OpenAPI description is attached, together with a spreadsheet that lists all properties by operation.
...