...
Awesome api app render macro | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
openapi: 3.0.1 info: title: Ozone Connect - Data Sharing APIs contact: name: Ozone Financial Technology Limited description: | This document provides the OAS3 specification for Data Sharing APIs for Ozone Connect. These APIs should be implemented by an financial institution so that Ozone can expose these end-points to TPPs. #### Document Structure The documentation contains a number of references of the form `XXX-999-999`. These are references to test case numbers in the Ozone Connect Test Harness that financial institutions may use to test their Ozone Connect implementations. #### Coming soon The following changes can be expected in the next release: - some enumeration and object definitions remain to be aligned with CBUAE specifications. These will be updated - specific changes expected in the next release have been marked as ***TODO*** in the document - query parameters for pagination will be introduced in alignment with CBUAE specifications - some additional query parameters for functional completeness will be introduced version: Version 2024.31 for CBUAE servers: - url: https://<your-ozone-connect-server> tags: - name: accounts description: | APIs that should be implemented by Financial Instituations to expose `accounts` information to TPPs. - name: balances description: | APIs that should be implemented by Financial Instituations to expose `balances` information to TPPs. - name: transactions description: | APIs that should be implemented by Financial Instituations to expose `transactions` information to TPPs. - name: customers description: | APIs that should be implemented by Financial Instituations to expose `customer` information to TPPs. - name: beneficiaries description: | APIs that should be implemented by Financial Instituations to expose `beneficiaries` information to TPPs. - name: direct-debits description: | APIs that should be implemented by Financial Instituations to expose `direct debit` information to TPPs. - name: scheduled-payments description: | APIs that should be implemented by Financial Instituations to expose `scheduled payment` information to TPPs. - name: standing-orders description: | APIs that should be implemented by Financial Instituations to expose `standing order` information to TPPs. - name: products description: | APIs that should be implemented by Financial Instituations to expose `product` information to TPPs. paths: /accounts: get: tags: - accounts summary: Fetch accounts description: | ###### ACC-010-010 The API must return all the accounts specified by the `accountIds` query parameter. ###### ACC-010-140 If one or more specified accountIds does not exist or cannot be retrieved the call should continue to return other accounts. ###### ACC-010-150 If no accounts are found, the call must return a success status code `200` with an empty `data` array. ## Optionality At least one of `/accounts` or `/accounts/:accountId` must be implemented. If not implemented, Ozone will use the `/accounts/:accountId` end-point. However, that is not as performant an alternative and Financial Instituations are encouraged to implement this end-point. operationId: findAccounts parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - $ref: "#/components/parameters/psuIdentifier" # query parameters - name: accountIds in: query description: Comma separated ids of the accounts to be returned schema: type: string minimum: 1 required: true responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/AccountsResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### ACC-010-020 If the `accountsIds` query parameter is not supplied. - ###### ACC-010-040 The `o3-psu-identifier` header parameter is not specified. - ###### ACC-010-050 Both the `accountIds` query parameter and the `o3-psu-identifier` header parameter are not specified. - ###### ACC-010-030 The `o3-provider-id` header is missing or has an unexpected value The operation __may__ be failed with a status of `400` under the following error conditions: - ###### ACC-010-070, ACC-010-080, ACC-010-090 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### ACC-010-100 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] /accounts/{accountId}: get: tags: - accounts summary: Fetch the account specified by the account id description: | ###### ACC-020-010 The API must return the account specified by the `accountId` path parameter. ## Optionality At least one of `/accounts` or `/accounts/:accountId` must be implemented. operationId: findByAccountId parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - $ref: "#/components/parameters/psuIdentifier" # Path param definitions - name: accountId in: path description: Id of the account to be queried required: true schema: type: string responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/AccountResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### ACC-020-020 The account corresponding to the `accountId` query parameter does not exist or is under a bar - ###### ACC-020-030 The `o3-provider-id` header is missing or has an unexpected value The operation __should__ be failed with a status of `400` under the following error conditions: - ###### ACC-020-040 The financial institution should fail the call if the `o3-psu-identifier` header is not specified. - ###### ACC-020-050 If both the `accountId` and `o3-psu-identifier` header are not specified. The operation __may__ be failed with a status of `400` under the following error conditions: - ###### ACC-020-070, ACC-020-080, ACC-020-090 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### ACC-020-100 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] /accounts/{accountId}/balances: get: tags: - balances summary: Fetch the balances for the account specified by the account id. operationId: findBalancesByAccountId description: | ###### BAL-020-010 Retrieves the balance for account specified by the `accountId` parameter. ###### BAL-020-110 If the `balanceType` is specified, the financial institution must return the specified balance type only. ###### BAL-020-120 If the balanceType is not specified, the financial institution may return more than one balance record for each account. Each row would represent a balance of a different type. parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - $ref: "#/components/parameters/psuIdentifier" # Path param definitions - name: accountId in: path description: Id of the account to be queried required: true schema: type: string # query parameters - name: balanceType in: query description: The type of balance to be returned schema: $ref: "#/components/schemas/CbuaeBalanceType" responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/BalancesResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### BAL-020-020 The balance for account corresponding to the `accountId` query parameter does not exist or is under a bar - ###### BAL-020-030 The `o3-provider-id` header is missing or has an unexpected value - ###### BAL-020-130 The `balanceType` query parameter has an unexpected value or is not supported by the financial institution. The operation __should__ be failed with a status of `400` under the following error conditions: - ###### BAL-020-040 The financial institution should fail the call if the `o3-psu-identifier` header is not specified. - ###### BAL-020-050 Both the `accountId` query parameter and the `o3-psu-identifier` header parameter are not specified. The operation __may__ be failed with a status of `400` under the following error conditions: - ###### BAL-020-070, BAL-020-080, BAL-020-090 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### BAL-020-100 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] /accounts/{accountId}/transactions: get: tags: - transactions summary: Fetch transactions for the account specified by the accountId description: | ###### TXN-020-010 Retrieves all the transactions for the account specified by the `accountId` in the URL. ###### TXN-020-011 Retrieves the transactions for the account specified, starting from the specified valid `fromBookingDateTime` query parameter, until today. ###### TXN-020-012 Retrieves the transactions for the account specified, starting from the begining, and ending at the specified valid `toBookingDateTime` query parameter. ###### TXN-020-013 Retrieves the transactions for the account specified, starting from the the specified valid `fromBookingDateTime` query parameter, and ending at the specified valid `toBookingDateTime` query parameter. ###### TXN-020-020 If the account does not exist or is under a bar, then the financial institution should return an error with status 400. operationId: findTransactionsByAccountId parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - $ref: "#/components/parameters/psuIdentifier" # Path param definitions - name: accountId in: path description: Id of the account to be queried required: true schema: type: string example: abc-123 - $ref: "#/components/parameters/transaction-fromBookingDateTime" - $ref: "#/components/parameters/transaction-toBookingDateTime" responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/TransactionsResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### TXN-020-020 If the account does not exist or is under a bar, then the financial institution should return an error with status 400. - ###### TXN-020-040 If the `o3-psu-identifier` header parameter is not specified. - ###### TXN-020-030 The `o3-provider-id` header is missing or has an unexpected value - ###### TXN-020-050 Both the `accountId` query parameter and the `o3-psu-identifier` header parameter are not specified. - ###### TXN-020-170 The `fromBookingDateTime` is not in ISO Date format - ###### TXN-020-180 The `toBookingDateTime` is not in ISO Date format The operation __may__ be failed with a status of `400` under the following error conditions: - ###### TXN-020-070, TXN-020-080, TXN-020-090 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### TXN-020-100 The API consumer is not authorised. security: - bearerAuth: [] /accounts/{accountId}/direct-debits: get: tags: - direct-debits summary: Fetch the direct debits specified by the account id description: | ###### DBT-020-010 Retrieves the direct debits specified by the `accountId` parameter. operationId: findDirectDebitByAccountId parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - $ref: "#/components/parameters/psuIdentifier" # Path param definitions - name: accountId in: path description: Id of the account to be queried required: true schema: type: string responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/DirectDebitsResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### DBT-020-020 The account corresponding to the `accountId` query parameter does not exist or is under a bar - ###### DBT-020-030 The `o3-provider-id` header is missing or has an unexpected value The operation __should__ be failed with a status of `400` under the following error conditions: - ###### DBT-020-040 The financial institution should fail the call if the `o3-psu-identifier` header is not specified. - ###### DBT-020-050 Both the `accountId` query parameter and the `o3-psu-identifier` header parameter are not specified. The operation __may__ be failed with a status of `400` under the following error conditions: - ###### DBT-020-070, DBT-020-080, DBT-020-090 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### DBT-020-100 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] /accounts/{accountId}/scheduled-payments: get: tags: - scheduled-payments summary: Fetch the scheduled payments specified by the account id description: | ###### FDP-020-010 Retrieves the scheduled payments specified by the `accountId` parameter. operationId: findScheduledPaymentByAccountId parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - $ref: "#/components/parameters/psuIdentifier" # Path param definitions - name: accountId in: path description: Id of the account to be queried required: true schema: type: string responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/ScheduledPaymentsResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### FDP-020-020 The account corresponding to the `accountId` query parameter does not exist or is under a bar - ###### FDP-020-030 The `o3-provider-id` header is missing or has an unexpected value The operation __should__ be failed with a status of `400` under the following error conditions: - ###### FDP-020-040 The financial institution should fail the call if the `o3-psu-identifier` header is not specified. - ###### FDP-020-050 Both the `accountId` query parameter and the `o3-psu-identifier` header parameter are not specified. The operation __may__ be failed with a status of `400` under the following error conditions: - ###### FDP-020-070, FDP-020-080, FDP-020-090 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### FDP-020-100 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] /accounts/{accountId}/standing-orders: get: tags: - standing-orders summary: Fetch the standing orders specified by the account id description: | ###### STO-020-010 Retrieves the standing orders specified by the `accountId` parameter. operationId: findStandingOrderByAccountId parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - $ref: "#/components/parameters/psuIdentifier" # Path param definitions - name: accountId in: path description: Id of the account to be queried required: true schema: type: string responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/StandingOrdersResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### STO-020-020 The account corresponding to the `accountId` query parameter does not exist or is under a bar - ###### STO-020-030 The `o3-provider-id` header is missing or has an unexpected value The operation __should__ be failed with a status of `400` under the following error conditions: - ###### STO-020-040 The financial institution should fail the call if the `o3-psu-identifier` header is not specified. - ###### STO-020-050 The financial institution should fail the call if the `accountId` does not refer to an account that is accessible by a the PSU identified by the `o3-psu-identifier` header. The operation __may__ be failed with a status of `400` under the following error conditions: - ###### STO-020-060, STO-020-070, STO-020-080 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### STO-020-090 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] /customer: get: tags: - customers summary: Fetch customer description: | ###### CUS-010-040 The API must return the customer for the PSU identified by the `o3-psu-identifier` header. ###### CUS-010-190 If no customer is found, the call must return a success status code `200` with an empty `data` object. operationId: findCustomer parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - name: o3-psu-identifier in: header schema: type: string required: true description: A Base64 encoded representation of the psuIdentifier JSON object. responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/CustomerResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### CUS-010-040 The `o3-psu-identifier` header parameter are not specified. - ###### CUS-010-030 The `o3-provider-id` header is missing or has an unexpected value The operation __may__ be failed with a status of `400` under the following error conditions: - ###### CUS-010-070, CUS-010-080, CUS-010-090 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### CUS-010-100 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] /customers/action/cop-query: post: tags: - customers summary: Fetches customer data based on a confirmation of payee query description: | The API is used by Ozone to find customer records from the LFI based on a confirmation of payee query. Ozone will send a query to the LFI that identifies a customer account. The financial institution must return the customer records associated with specified account. Ozone takes on the responsibility of implementing the COP name matching rules. The financial institution must return the customer records that match the COP query. The financial institution may return multiple customer records for a single account. (e.g. for joint accounts) In situations where the customer is not found, the financial institution must return a success status code `200` with an empty `data` object. e.g. - account is not found - account is under a bar - customer has opted out of COP Note that this operation is not carried out under a consent and the call will not have a `o3-consent-id` header operationId: findCustomerForCop parameters: - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/ConfirmationRequest" responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/CustomersResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### CUS-010-040 The `o3-psu-identifier` header parameter are not specified. - ###### CUS-010-030 The `o3-provider-id` header is missing or has an unexpected value The operation __may__ be failed with a status of `400` under the following error conditions: - ###### CUS-010-070, CUS-010-080, CUS-010-090 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### CUS-010-100 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] /accounts/{accountId}/customer: get: tags: - customers summary: Fetch the customers specified by the account id description: | ###### CUS-020-040 The API must return the customer for the PSU identified by the `o3-psu-identifier` header. ###### CUS-020-190 If no customer is found, the call must return a success status code `200` with an empty `data` object. operationId: findCustomerByAccountId parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - name: o3-psu-identifier in: header schema: type: string required: true description: A Base64 encoded representation of the psuIdentifier JSON object. # Path param definitions - name: accountId in: path description: Id of the account to be queried required: true schema: type: string example: abc-123 responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/CustomersResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### CUS-020-040 The `o3-psu-identifier` header parameter are not specified. - ###### CUS-020-030 The `o3-provider-id` header is missing or has an unexpected value The operation __may__ be failed with a status of `400` under the following error conditions: - ###### CUS-020-070, CUS-020-080, CUS-020-090 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### CUS-020-100 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] /accounts/{accountId}/beneficiaries: get: tags: - beneficiaries summary: Fetch the beneficiaries specified by the account id description: | ###### BEN-020-010 Retrieves the beneficiaries specified by the `accountId` parameter. ###### BEN-020-020 The account corresponding to the `accountId` query parameter does not exist or is under a bar operationId: findBeneficiariesByAccountId parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - $ref: "#/components/parameters/psuIdentifier" # Path param definitions - name: accountId in: path description: Id of the account to be queried required: true schema: type: string responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/BeneficiariesResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### BEN-020-020 If the `accountsId` query parameter is not specified. - ###### BEN-020-030 The `o3-provider-id` header is missing or has an unexpected value The operation __should__ be failed with a status of `400` under the following error conditions: - ###### BEN-020-040 The financial institution should fail the call if the `o3-psu-identifier` header is not specified. - ###### BEN-020-050 Both the `accountId` query parameter and the `o3-psu-identifier` header parameter are not specified. The operation __may__ be failed with a status of `400` under the following error conditions: - ###### BEN-020-060, BEN-020-070, BEN-020-080 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### BEN-020-100 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] /accounts/{accountId}/products: get: tags: - products summary: Fetch products. description: | The API must return all the products that are provided by the financial institution. If no products are found, the call must return a success status code `200` with an empty `data` array. It should be noted that the TPP calling the standards based API may not do so under a consent. The PSU is not identifiable and the `o3-consent-id` and `o3-psu-identifier` headers should not be expected. operationId: findProducts parameters: # common header parameters that set context - $ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId" - $ref: "#/components/parameters/callerInteractionId" - $ref: "#/components/parameters/ozoneInteractionId" - $ref: "#/components/parameters/psuIdentifier" # Path param definitions - name: accountId in: path description: Id of the account to be queried required: true schema: type: string responses: "200": description: successful operation content: application/json: schema: $ref: "#/components/schemas/ProductsResponse" "400": description: | The operation __must__ be failed with a status of `400` under the following error conditions: - ###### PRD-010-030 The `o3-provider-id` header is missing or has an unexpected value - ###### PRD-010-040 The `o3-psu-identifier` header parameter is not specified. The operation __may__ be failed with a status of `400` under the following error conditions: - ###### PRD-010-070, PRD-010-080, PRD-010-090 One or more of the mandatory header parameters is not specified or has an unexpected value - `o3-api-uri`, - `o3-api-operation`, - `o3-ozone-interaction-id` content: application/json: schema: $ref: "#/components/schemas/Error" "401": description: | The operation __must__ be failed with a status of `401` under the following error conditions: - ###### PRD-010-100 The API consumer is not authorised. content: application/json: schema: $ref: "#/components/schemas/Error" security: - bearerAuth: [] components: schemas: # # Schemas for Accounts # AccountsResponse: type: object description: | A descriptor for an account. This is a composite object that may be expanded in the future to support additional account types for new API standards and account types. example: data: - id: string accountType: UAEOF.Retail accountSubType: string currency: GBP status: Active accountHolderName: string servicer: schemeName: UAEOF.BICFI identification: string accountNumbers: - name: string schemeName: UAEOF.IBAN identification: string product: id: string productName: string bundleName: string meta: {} properties: data: type: array items: $ref: "#/components/schemas/CbuaeAccount" meta: $ref: "#/components/schemas/Meta" AccountResponse: type: object description: | A descriptor for an account. This is a composite object that may be expanded in the future to support additional account types for new API standards and account types. properties: data: $ref: "#/components/schemas/CbuaeAccount" meta: $ref: "#/components/schemas/Meta" CbuaeAccount: type: object properties: id: type: string product: $ref: "#/components/schemas/ProductIdentifier" multiAuth: type: boolean businessCustomer: type: array items: $ref: "#/components/schemas/CustomerIdentifier" customers: type: array items: $ref: "#/components/schemas/CustomerIdentifier" minimum: 1 accountHolderName: $ref: "#/components/schemas/AccountHolderName" accountHolderShortName: $ref: "#/components/schemas/AccountHolderShortName" status: description: | Specifies the status of account resource in code form. type: string enum: - Active - NotActive - Dormant - Unclaimed - Deceased - Suspended - Closed statusUpdateDateTime: description: "Date and time at which the resource status was updated." type: string format: date-time currency: $ref: "#/components/schemas/TCurrency" accountType: description: "Specifies the type of account (Retail or Corporate)" type: string enum: - UAEOF.Retail - UAEOF.Corporate accountSubType: type: string x-namespaced-enum: - CurrentAccount - Savings - CreditCard - PrePaidCard - EMoney - ChargeCard - Other description: description: "Specifies the description of the account sub-type." type: string nickName: description: "The nickname of the account, assigned by User 1 to provide an additional and easier means of identification of the account at the financial instituation" type: string openingDate: description: "Date on which the account and its related basic services by financial institution started to be operational for User 1" type: string format: date-time maturityDate: description: > * Fixed Term Loan Account MaturityDate is the date on which the debt of an account must be paid in full. On this date, the principal amount of the debt is fully paid, so no further interest expense accrues. * Fixed Term Savings Account MaturityDate is the date on which the savings mature and the balance can be withdrawn by the User without penalty type: string format: date-time accountNumbers: type: array items: $ref: "#/components/schemas/AccountIdentifiers" minimum: 1 servicer: $ref: "#/components/schemas/AEBranchAndFinancialInstitutionIdentification5_0" required: - id - accountNumbers additionalProperties: false AccountIdentifiers: type: object description: Provides the details to identify an account. required: - schemeName - identification properties: schemeName: $ref: '#/components/schemas/AEExternalAccountIdentificationCode' identification: $ref: '#/components/schemas/Identification_0' name: $ref: '#/components/schemas/Name_0' additionalProperties: false AEExternalAccountIdentificationCode: description: >- Name of the identification scheme for the account. Encoded with allowable values published in an external list. type: string enum: - UAEOF.IBAN - UAEOF.AccountNumber Identification_0: description: > Identification for the account assigned by the financial institution based on the Account Scheme Name. This identification is known by the User 1 account owner. For IBAN, refer to the ISO Standard 13616. type: string minLength: 1 maxLength: 400 Name_0: description: >- The account name is the name or names of the User 1 account owner(s) represented at an account level, as displayed by the financial institution's online channels. Note: The account name is not the product name or the nickname of the account. type: string minLength: 1 maxLength: 70 AEBranchAndFinancialInstitutionIdentification5_0: type: object required: - schemeName - identification description: >- Party that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account. properties: schemeName: $ref: >- #/components/schemas/AEExternalFinancialInstitutionIdentificationCode identification: $ref: '#/components/schemas/Identification_1' additionalProperties: false Identification_1: description: > * /accounts resource Unique and unambiguous identification of the financial institution as the account servicing institution for the Open Finance services. * /beneficiaries resource Unique and unambiguous identification of the Creditor Agency as the servicing institution of the Beneficiary. * /scheduled-payments resource Unique and unambiguous identification of the financial institution as the account servicing institution for the Open Finance services. * /standing-orders resource Unique and unambiguous identification of the financial institution as the account servicing institution for the Open Finance services. * /transactions resource Unique and unambiguous identification of the financial institution as the account servicing institution for the Open Finance services. * Notes: Based on the value of the field **IdentificationType**, this entry may be : * UAEOF.BICFI: The BIC/SWIFT Code * UAEOF.OTHER: The ID; A Country Code followed by a Bank Code (UAEOF 4 character code). type: string minLength: 1 maxLength: 35 AEExternalFinancialInstitutionIdentificationCode: description: > * /accounts resource The name of the identification scheme for the financial institution as the account services provider. Encoded with allowable value as published in an external list. * /beneficiaries resource Refers to the Financial Institution that manages the account on behalf of the Beneficiary party, managing registration, booking of entries on the account, calculating balances on the account and providing information about the account. This is the servicing Financial Institution of the Beneficiary account. * /scheduled-payments resource Refers to the identification scheme for uniquely identifying the Creditor Agent. * /standing-orders resource Refers to the identification scheme for uniquely identifying the Creditor Agent. * /transactions resource Refers to the identification scheme for uniquely identifying the Creditor Agent. type: string enum: - UAEOF.BICFI - UAEOF.OTHER CustomersResponse: type: object properties: data: type: array items: $ref: "#/components/schemas/CbuaeCustomer" meta: $ref: "#/components/schemas/Meta" CustomerResponse: type: object properties: data: $ref: "#/components/schemas/CbuaeCustomer" meta: $ref: "#/components/schemas/Meta" CbuaeCustomer: type: object properties: id: type: string minLength: 1 maxLength: 40 description: >- A unique and immutable identifier used to identify the customer resource. This identifier has no meaning to the account owner. number: type: string minLength: 1 maxLength: 35 description: Number assigned by an agent to identify its customer. customerType: type: string enum: - UAEOF.Delegate - UAEOF.Joint - UAEOF.Sole description: > Specifies the party type. Encoded with allowable values: "Delegate" - Used for business accounts when user has delegated authority to access the account , "Joint" - Customer is a joint owner of the account "Sole" - Customer is the sole owner of the account accountRole: type: string enum: - UAEOF.Administrator - UAEOF.Beneficiary - UAEOF.CustodianForMinor - UAEOF.Granter - UAEOF.LegalGuardian - UAEOF.OtherParty - UAEOF.PowerOfAttorney - UAEOF.Principal - UAEOF.Protector - UAEOF.RegisteredShareholderName - UAEOF.SecondaryOwner - UAEOF.SeniorManagingOfficial - UAEOF.Settlor - UAEOF.SuccessorOnDeath description: Specifies the Party's role with respect to the related account. verifiedClaims: type: array items: $ref: '#/components/schemas/CbuaeVerifiedClaim' description: >- Container object containing entries for the trust framework and the evidence used to verify the claims description: > Party Identity Assurance (Response) Schema Based on the [OpenID Connect for Identity Assurance 1.0 Specification](https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html) additionalProperties: false CbuaeVerifiedClaim: description: | Verified Claims :This is Required field for Cbuae Container object containing entries for the trust framework and the evidence used to verify the customer claims type: "object" properties: verification: description: | Verification type: "object" properties: trustFramework: type: "string" enum: [UAEOF.Undefined] description: | Identifies the trust framework used for customer verification. assuranceLevel: type: "string" description: | Determines the assurance level associated with the customer in the respective VerifiedClaims. assuranceProcess: type: "object" description: | Determines the assurance process that was followed. This reflects how the evidence meets the requirements of the TrustFramework and AssuranceLevel. properties: policy: type: "string" description: "Representing the standard or policy that was followed." procedure: type: "string" description: "Representing a specific procedure from the policy that was followed." assuranceDetails: type: "array" description: "Denoting the details about how the evidence complies with the policy" items: type: "object" properties: assuranceType: description: "String denoting which part of the assurance_process the evidence fulfils" type: "string" assuranceClassification: description: "String reflecting how the evidence has been classified or measured as required by the TrustFramework" type: "string" evidenceRef: description: "Evidence being referred to" type: "array" items: type: "object" properties: txn: description: "Identifier referring to the txn used in the CheckDetails." type: "string" evidenceMetadata: description: "Object indicating any meta data about the evidence that is required by the AssuranceProcess in order to demonstrate compliance with the TrustFramework. It has the following sub-elements" type: "object" properties: evidenceClassification: type: "string" time: type: "string" format: "date-time" description: | Representing the date and time when the identity verification process took place. All dates in the JSON payloads are represented in ISO 8601 date-time format. All date-time fields in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00 verificationProcess: type: "string" description: | Unique reference to the identity verification process as performed by the OP. evidence: description: The type of evidence allowed for providing verification. anyOf: - $ref: '#/components/schemas/AEPartyIdentityEvidenceTypeDocument' - $ref: '#/components/schemas/AEPartyIdentityEvidenceTypeElectronicRecord' claims: type: object properties: givenName: type: string description: >- Given name of the Party. Given name (also called forename) is used to differentiate from the surname or family name. familyName: type: string description: Surname of the Party middleName: type: string description: Middle name of the Party nickname: type: string description: Nickname of the Party emiratesId: type: string description: Emirates ID number of the Party emiratesIdExpiryDate: type: string format: date description: Emirates ID card expiry date birthDate: type: string format: date description: Date of birth of the Party sourceOfIncome: type: string salary: type: string nationality: type: string residentialAddress: $ref: '#/components/schemas/AEPartyIdentityAddressClaim' mobileNumber: type: string email: type: string maritalStatus: type: string salutation: type: string language: type: string employerName: type: string employmentSinceDate: type: string format: date powerofAttorney: type: boolean salaryTransfer: type: boolean profession: type: string updatedAt: type: string format: time description: > Standard Claims: [https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims) IdentityAssurance Claims: [https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#name-claims](https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#name-claims) additionalProperties: false AEPartyIdentityEvidenceTypeDocument: type: object properties: type: type: string enum: - document description: The type of evidence allowed for providing verification. checkDetails: type: array items: $ref: '#/components/schemas/AEPartyIdentityCheckDetail' verifier: $ref: '#/components/schemas/DocumentEvidenceVerifier' time: $ref: '#/components/schemas/ISODateTime' documentDetails: $ref: '#/components/schemas/DocumentEvidenceDetails' attachments: type: object required: - AEPartyIdentityEvidenceAttachments properties: AEPartyIdentityEvidenceAttachments: type: array items: $ref: '#/components/schemas/AEPartyIdentityEvidenceAttachment' description: > Attachment additionalProperties: false AEPartyIdentityEvidenceTypeElectronicRecord: type: object properties: type: type: string enum: - electronic_record description: The type of evidence allowed for providing verification. checkDetails: type: array items: $ref: '#/components/schemas/AEPartyIdentityCheckDetail' time: $ref: '#/components/schemas/ISODateTime' record: $ref: '#/components/schemas/ElectronicRecordProperties' attachments: type: object required: - AEPartyIdentityEvidenceAttachments properties: AEPartyIdentityEvidenceAttachments: type: array items: $ref: '#/components/schemas/AEPartyIdentityEvidenceAttachment' description: > Attachments description: > Electronic Record Evidence additionalProperties: false AEPartyIdentityCheckDetail: type: object properties: checkMethod: type: string description: > Identifes the method used by PASP for checking the evidence for verification String representing the check done, this includes processes such as checking the authenticity of the document, or verifying the user's biometric against an identity document. organization: type: string description: > String denoting the legal entity that performed the check. This SHOULD be included if the OP did not perform the check itself txn: type: string description: > Identifier referring to the identity verification transaction. The OP MUST ensure that this is present when EvidenceRef element is used. The OP MUST ensure that the transaction identifier can be resolved into transaction details during an audit time: $ref: '#/components/schemas/ISODateTime' description: > Identifes the method used by PASP for checking the evidence for verification. Representing the checks done in relation to the evidence additionalProperties: false DocumentEvidenceVerifier: type: object properties: organization: type: string description: >- String denoting the organization which performed the verification on behalf of the OP. txn: type: string description: >- Identifier referring to the identity verification transaction. description: >- Denoting the legal entity that performed the identity verification. additionalProperties: false DocumentEvidenceDetails: type: object properties: type: type: string enum: - passport - driving_permit - idcard - residence_permit description: > The type of document used for evidence checking documentNumber: type: string description: The unique id number in the evidence used for verification checking personalNumber: type: string description: > An identifier that is assigned to the End-User and is not limited to being used in one document, for example a national identification number, personal identity number, citizen number, social security number, driver number, account number, customer number, licensee number, etc serialNumber: type: string description: > An identifier/number that identifies the document irrespective of any personalization information (this usually only applies to physical artifacts and is present before personalization). calendarType: type: string enum: - IslamicCalendar - GregorianCalendar description: > The type of calendar used for the date of issuance and date of expiry in the document evidence Allowable values: "Islamic Calendar" "Gregorian Calendar" Both calendars must follow YYYY-MM-DD dateOfIssuance: $ref: '#/components/schemas/ISODateTime' dateOfExpiry: $ref: '#/components/schemas/ISODateTime' issuer: $ref: '#/components/schemas/DocumentEvidenceDetailsIssuer' description: 'Representing the document used to perform the identity verification. ' additionalProperties: false DocumentEvidenceDetailsIssuer: type: object properties: name: type: string description: | Designation of the issuer of the document. address: $ref: '#/components/schemas/AEPartyIdentityAddressClaim' countryCode: type: object required: - CountryCode properties: CountryCode: type: string pattern: ^[A-Z]{2,2}$ description: Nation with its own government, occupying a particular territory. additionalProperties: false jurisdiction: type: string description: > String containing the name of the region(s)/state(s)/province(s)/municipality(ies) that issuer has jurisdiction over (if this information is not common knowledge or derivable from the address) description: Containing information about the issuer of this document. additionalProperties: false AEPartyIdentityAddressClaim: type: object properties: formatted: type: string description: | The address number and street claim that has been verified. streetAddress: type: string description: | The address street claim that has been verified. locality: type: string description: > The address locality (village, town, city etc) claim that has been verified. region: type: string description: | The address region claim that has been verified. postalCode: type: object required: - PostalCode properties: PostalCode: type: string minLength: 5 maxLength: 5 description: >- Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail. additionalProperties: false country: type: object properties: CountryCode: type: string pattern: ^[A-Z]{2,2}$ description: Nation with its own government, occupying a particular territory. additionalProperties: false description: > Address object as per OpenID Connect Core 1.0 Address Claim [https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim](https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim) additionalProperties: false AEPartyIdentityEvidenceAttachment: type: object properties: desc: type: string description: > Description of the document. This can be the filename or just an explanation of the content. contentType: type: string description: | Content (MIME) type of the document content: type: string description: | Base64 encoded representation of the document content txn: type: string description: | Identifier referring to the transaction additionalProperties: false ElectronicRecordProperties: type: object required: - Type - PersonalNumber - CalendarType - CreatedAt - DateOfExpiry - Source properties: type: type: string enum: - bank_account - mortgage_account - loan_account description: > String denoting the type of electronic record personalNumber: type: string description: > String representing an identifier that is assigned to the customer and is not limited to being used in one record, for example a national identification number, personal identity number, citizen number, social security number, driver number, account number, customer number, licensee number, etc. calendarType: type: string enum: - IslamicCalendar - GregorianCalendar description: > The type of calendar used for the date of issuance and date of expiry in the document evidence Allowable values: "Islamic Calendar" "Gregorian Calendar" Both calendars must follow YYYY-MM-DD createdAt: $ref: '#/components/schemas/ISODateTime' dateOfExpiry: $ref: '#/components/schemas/ISODateTime' source: $ref: '#/components/schemas/ElectronicRecordSourceProperties' description: | Representing the record used to perform the identity verification. additionalProperties: false ElectronicRecordSourceProperties: type: object properties: name: type: string description: | Designation of the source of the electronic_record address: $ref: '#/components/schemas/AEPartyIdentityAddressClaim' countryCode: type: object properties: CountryCode: type: string pattern: ^[A-Z]{2,2}$ description: Nation with its own government, occupying a particular territory. additionalProperties: false jurisdiction: type: string description: > String containing the name of the region(s) / state(s) / province(s) / municipality(ies) that source has jurisdiction over (if it's not common knowledge or derivable from the address) description: | Information about the source of this record additionalProperties: false ISODateTime: title: "ISODateTime" description: "All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00" type: "string" format: "date-time" ProductIdentifier: type: object properties: id: type: string productName: type: string bundleName: description: Optional field to indicate if this account is part of a bundle that is providing additional benefit for to the customer type: string required: - productName CustomerIdentifier: type: object properties: id: type: string customerName: type: string required: - id - customerName # # Schemas related to Balances # BalancesResponse: type: object properties: data: type: array items: $ref: "#/components/schemas/CbuaeBalance" meta: $ref: "#/components/schemas/Meta" CbuaeBalanceType: type: string enum: - UAEOF.ClosingAvailable - UAEOF.ClosingBooked - UAEOF.ClosingCleared - UAEOF.Expected - UAEOF.ForwardAvailable - UAEOF.Information - UAEOF.InterimAvailable - UAEOF.InterimBooked - UAEOF.InterimCleared - UAEOF.OpeningAvailable - UAEOF.OpeningBooked - UAEOF.OpeningCleared - UAEOF.PreviouslyClosedBooked CbuaeBalance: type: object properties: accountId: description: "A unique and immutable identifier produced by the financial institution to identify the account resource.This identifier has no meaning to the account owner (User 1)." type: string creditDebitIndicator: description: "Indicates whether the balance of the account is a credit or a debit balance." type: string enum: - UAEOF.Credit - UAEOF.Debit balanceType: $ref: "#/components/schemas/CbuaeBalanceType" timestamp: description: "Indicates the date (and time) that the account balance was checked" type: string format: "date-time" amount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" creditLines: type: array items: $ref: "#/components/schemas/CbuaeCreditLine" required: - accountId - balanceType - amount CbuaeCreditLine: description: Set of elements used to provide details on the credit line. required: - included - creditType - amount properties: included: description: "Boolean flag to Indicate whether or not a credit line is included in the balance of the account." type: boolean creditType: description: "Type of credit line provided to the account." type: string enum: - UAEOF.Available - UAEOF.Credit - UAEOF.Emergency - UAEOF.Pre-Agreed - UAEOF.Temporary amount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" # # Schemas related to Transactions # TransactionsResponse: type: object properties: data: type: array items: $ref: "#/components/schemas/CbuaeTransaction" meta: $ref: "#/components/schemas/PaginatedMeta" CbuaeTransaction: type: object properties: accountId: description: "A unique and immutable identifier produced by the financial institution to identify the account resource" type: string transactionId: description: "Unique identifier for the transaction within an servicing institution." type: string transactionDateTime: $ref: "#/components/schemas/TransactionDateTime" localTimeZone: $ref: "#/components/schemas/LocalTimeZone" statementReference: description: "Unique reference for the statement." type: array items: type: string transactionReference: description: "Unique reference for the transaction." type: string transactionType: description: "The type of transaction" type: string enum: - UAEOF.POS - UAEOF.ECommerce - UAEOF.ATM - UAEOF.BillPayments - UAEOF.LocalBankTransfer - UAEOF.SameBankTransfer - UAEOF.InternationalTransfer - UAEOF.Teller - UAEOF.Cheque - UAEOF.Other subTransactionType: description: "The sub-type of a transaction" type: string enum: - UAEOF.Purchase - UAEOF.Reversal - UAEOF.Refund - UAEOF.Withdrawal - UAEOF.WithdrawalReversal - UAEOF.Deposit - UAEOF.DepositReversal - UAEOF.MoneyTransfer - UAEOF.NotApplicable terminalId: $ref: "#/components/schemas/TerminalId" flags: type: "array" items: $ref: "#/components/schemas/CbuaeFlags" paymentModes: description: "The mode of payment" type: string enum: - UAEOF.Online - UAEOF.Offline - UAEOF.Batch creditDebitIndicator: description: "Indicates whether the transaction is a credit or a debit entry." type: "string" enum: - UAEOF.Credit - UAEOF.Debit status: description: "Status of a transaction entry on the books of the account servicer." type: string enum: - UAEOF.Booked - UAEOF.Pending - UAEOF.Rejected transactionMutability: description: "Specifies the Mutability of the Transaction record." type: string enum: - UAEOF.Mutable - UAEOF.Immutable bookingDateTime: description: "Date and time when a transaction entry is posted to an account on the account servicer's books." type: string format: date-time valueDateTime: description: "Date and time at which assets become available to the account owner in case of a credit entry, or cease to be available to the account owner in case of a debit transaction entry." type: string format: date-time transactionInformation: description: "Further details of the transaction." type: string amount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" chargeAmount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_6" chargeAmountVat: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" currencyExchange: $ref: "#/components/schemas/CurrencyExchange" bankTransactionCode: $ref: "#/components/schemas/AEBankTransactionCodeStructure" proprietoryBankTransactionCode: $ref: "#/components/schemas/ProprietoryBankTransactionCode" balance: type: object properties: creditDebitIndicator: description: "Indicates whether the balance of the account is a credit or a debit balance" type: string enum: - UAEOF.Credit - UAEOF.Debit balanceType: $ref: "#/components/schemas/CbuaeBalanceType" amount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" merchantDetails: $ref: "#/components/schemas/MerchantDetails" creditorAgent: $ref: "#/components/schemas/AEBranchAndFinancialInstitutionIdentification6_1" creditorAccount: type: array items: $ref: '#/components/schemas/AECashAccount6_0' debtorAgent: $ref: "#/components/schemas/AEBranchAndFinancialInstitutionIdentification6_1" debtorAccount: $ref: '#/components/schemas/AECashAccount6_0' cardInstrument: $ref: "#/components/schemas/AETransactionCardInstrument" supplementaryData: type: object geoLocation: $ref: "#/components/schemas/AEGeoLocation" billDetails: $ref: "#/components/schemas/BillDetails" CbuaeFlags: title: "Flags" description: "The flag of a transaction" type: "string" enum: - "UAEOF.Cashback" - "UAEOF.Payroll" - "UAEOF.DirectDebit" - "UAEOF.StandingOrder" - "UAEOF.Loan" - "UAEOF.Dividend" AEBankTransactionCodeStructure: type: object description: > BankTransactionCode is mandatory (with code specifying the Domain, Family and SubFamily as per External Codes ISO20022) when the ProprietaryBankTransactionCode is absent. properties: domain: description: Specifies the Domain type: string domainCode: description: Specifies the Domain Code. type: string family: description: Specifies the Family type: string familyCode: description: Specifies the Family Code type: string subFamily: description: Specifies the Sub-Family type: string subFamilyCode: description: Specifies the Sub-family Code type: string additionalProperties: false AEBranchAndFinancialInstitutionIdentification6_1: type: object description: > Financial institution servicing an account for the creditor in case the transaction is a Debit transaction or Financial institution servicing an account for the Debtor in case the transaction is a Credit transaction. properties: schemeName: $ref: >- #/components/schemas/AEExternalFinancialInstitutionIdentificationCode identification: $ref: '#/components/schemas/Identification_1' name: $ref: '#/components/schemas/Name_1' postalAddress: $ref: '#/components/schemas/AEPostalAddress6' additionalProperties: false Name_1: description: > * Beneficiary Name by which an agent is known and which is usually used to identify that agent * Creditor agent Name by which the Financial institution(FI) which is the creditor is known and which is usually used to identify that FI. * DebtorAgent Name by which an financial institution of the debtor is known and which is usually used to identify that financial institution. type: string minLength: 1 maxLength: 140 AEPostalAddress6: type: object description: >- Postal Address specifies Information that locate and identify a specific address, as defined by postal services. properties: addressType: description: Postal Address type specifies the the nature of the postal address. type: string enum: - UAEOF.Business - UAEOF.Correspondence - UAEOF.DeliveryTo - UAEOF.MailTo - UAEOF.POBox - UAEOF.Postal - UAEOF.Residential - UAEOF.Statement shortAddress: description: 8 character Unique alphanumeric Code. type: string minLength: 1 maxLength: 8 buildingNumber: description: Number that identifies the position of a building on a street. type: string minLength: 4 maxLength: 4 unitNumber: description: This is the unit number of the business premises or dwelling type: string streetName: description: Name of a street or thoroughfare. type: string secondaryNumber: description: Secondary Number, if required type: string minLength: 4 maxLength: 4 district: description: Identifies the District of a City type: string postCode: description: >- Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail. type: string townName: description: Identifies the City of a Country type: string country: description: Identifies a county either by full name or country code type: string pattern: ^[A-Z]{2,2}$ AECashAccount6_0: type: object description: > Creditor account details available in case the transaction is a Debit transaction. properties: schemeName: $ref: '#/components/schemas/AEExternalAccountIdentificationCode' identification: $ref: '#/components/schemas/Identification_0' name: $ref: '#/components/schemas/Name_0' additionalProperties: false AETransactionCardInstrument: type: object required: - cardSchemeName - instrumentType description: Set of elements to describe the card instrument used in the transaction. properties: cardSchemeName: description: Name of the card scheme. type: string enum: - UAEOF.AmericanExpress - UAEOF.Diners - UAEOF.Discover - UAEOF.GCC - UAEOF.MasterCard - UAEOF.UPI - UAEOF.VISA - UAEOF.mada instrumentType: description: The card instrument type. type: string enum: - UAEOF.ApplePay - UAEOF.madaPay - UAEOF.Contactless - UAEOF.MagStripe - UAEOF.Chip - UAEOF.Other name: description: Name of the cardholder using the card instrument. type: string minLength: 1 maxLength: 70 identification: description: >- Identification assigned by an institution to identify the card instrument used in the transaction. This identification is known by the account owner, and MUST be masked. type: string minLength: 1 maxLength: 16 example: 1234********4321 additionalProperties: false AEGeoLocation: description: >- Estimated latitude and longitude coordinates, in degrees. Contains one latitude and one longitude subfield. type: object required: - latitude - longitude properties: latitude: description: Latitude in degrees type: string longitude: description: Longitude in degrees type: string additionalProperties: false MerchantDetails: type: object properties: merchantId: description: Merchant Id type: string merchantName: description: Name by which the merchant is known. type: string merchantCategoryCode: description: Category code values are used to enable the classification of merchants into specific categories based on the type of business, trade or services supplied. type: string ProprietoryBankTransactionCode: type: object properties: code: description: "Proprietary bank transaction code to identify the underlying transaction." type: string issuer: description: "Identification of the issuer of the proprietary bank transaction code." type: string required: - code CurrencyExchange: type: object properties: sourceCurrency: $ref: "#/components/schemas/TCurrency" targetCurrency: $ref: "#/components/schemas/TCurrency" unitCurrency: $ref: "#/components/schemas/TCurrency" exchangeRate: type: string contractIdentification: type: string quotationDate: type: string format: date-time instructedAmount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" required: - sourceCurrency - exchangeRate OBActiveOrHistoricCurrencyAndAmount_6: type: "object" description: "Transaction charges to be paid by the charge bearer." properties: amount: $ref: "#/components/schemas/OBActiveCurrencyAndAmount_SimpleType" currency: $ref: "#/components/schemas/ActiveOrHistoricCurrencyCode_1" chargeIncluded: description: | If true then the value in the Amount has the ChargeAmount deducted from it type: boolean OBActiveOrHistoricCurrencyAndAmount_8: type: "object" required: - "amount" - "currency" properties: amount: $ref: "#/components/schemas/OBActiveCurrencyAndAmount_SimpleType" currency: $ref: "#/components/schemas/ActiveOrHistoricCurrencyCode_1" ActiveOrHistoricCurrencyCode_1: description: "A 3 character alphabetic code allocated to a currency under an international currency identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'." type: "string" pattern: "^[A-Z]{3,3}$" example: "SAR" OBActiveCurrencyAndAmount_SimpleType: description: "A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217." type: "string" pattern: "^\\d{1,13}$|^\\d{1,13}\\.\\d{1,5}$" # # Schemas related to Direct Debits # DirectDebitsResponse: type: object properties: data: type: array items: $ref: "#/components/schemas/CbuaeDirectDebit" meta: $ref: "#/components/schemas/Meta" DirectDebitStatusEnum: description: "Specifies the status of the direct debit." type: string enum: - Active - Inactive CbuaeDirectDebit: type: object properties: accountId: description: "A unique and immutable identifier produced by the financial institution to identify the account resource.This identifier has no meaning to the account owner (User 1)." type: string directDebitId: description: "A unique and immutable identifier used to identify the direct debit resource. This identifier has no meaning to the account owner." type: string mandateIdentification: description: "This is the unique and immutable reference to the User 1 for the Direct Debit mandate." type: string directDebitStatusCode: $ref: "#/components/schemas/DirectDebitStatusEnum" name: description: "This is the name of the regulated beneficiary entity that initiates the Direct Debit collection." type: string frequency: description: "Specifies the frequency of the Direct Debit collections to the User 1 account." type: string enum: - UAEOF.Annual - UAEOF.Daily - UAEOF.Fortnightly - UAEOF.HalfYearly - UAEOF.Monthly - UAEOF.NotKnown - UAEOF.Quarterly - UAEOF.Weekly previousPaymentDateTime: type: string format: date-time previousPaymentAmount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" required: - accountId - mandateIdentification - name # # Schemas related to Scheduled Payments # ScheduledPaymentsResponse: type: object description: | A descriptor for scheduled payments. This is a composite object that may be expanded in the future to support additional scheduled payment types for new API standards and account types. properties: data: type: array items: $ref: "#/components/schemas/CbuaeScheduledPayment" meta: $ref: "#/components/schemas/Meta" CbuaeScheduledPayment: type: object properties: accountId: type: string scheduledPaymentId: type: string accountHolderShortName: $ref: "#/components/schemas/AccountHolderShortName" scheduledType: description: > Specifies the type of scheduled payment date provided under ScheduledPaymentDateTime. Encoded with allowable values of: "Arrival" - User1 specifies the date for the arrival of funds in the beneficiary (Creditor) account "Execution" - User1 specifies the date which the payment needs to be executed from the User 1 (Debtor) account. type: string enum: - UAEOF.Arrival - UAEOF.Execution scheduledPaymentDateTime: type: string format: date-time creditorReference: type: string debtorReference: type: string instructedAmount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" creditorAgent: $ref: "#/components/schemas/AEBranchAndFinancialInstitutionIdentification5_1" creditorAccount: $ref: "#/components/schemas/AECashAccount5_0" AEBranchAndFinancialInstitutionIdentification5_1: type: object required: - schemeName - identification description: > Creditor Agent refers to the Financial Institution that manages the account on behalf of the scheduled payment beneficiary party, managing registration, booking of entries on the account, calculating balances on the account and providing information about the account. This is the servicing Financial Institution of the Beneficiary account. properties: schemeName: $ref: >- #/components/schemas/AEExternalFinancialInstitutionIdentificationCode identification: $ref: '#/components/schemas/Identification_1' additionalProperties: false AECashAccount5_0: type: object required: - schemeName - identification description: Provides the details to identify the beneficiary account. properties: schemeName: $ref: '#/components/schemas/AEExternalAccountIdentificationCode' identification: $ref: '#/components/schemas/Identification_0' additionalProperties: false # # Schemas related to Standing Orders # StandingOrdersResponse: type: object description: | A descriptor for StandingOrder. properties: data: type: array items: $ref: "#/components/schemas/CbuaeStandingOrder" meta: $ref: "#/components/schemas/Meta" CbuaeStandingOrder: type: object properties: accountId: type: string standingOrderId: type: string accountHolderShortName: $ref: "#/components/schemas/AccountHolderShortName" standingOrderType: description: The type of Standing Order. type: string enum: - UAEOF.BetweenMyAccounts - UAEOF.SameBankTransfer - UAEOF.LocalBankTransfer - UAEOF.InternationalTransfer - UAEOF.Charity frequency: type: string creditorReference: type: string purpose: $ref: "#/components/schemas/PurposeSO" firstPaymentDateTime: type: string format: date-time nextPaymentDateTime: type: string format: date-time lastPaymentDateTime: type: string format: date-time finalPaymentDateTime: type: string format: date-time numberOfPayments: type: string standingOrderStatusCode: description: Specifies the status of the standing order in code form. type: string enum: - UAEOF.Active - UAEOF.Inactive firstPaymentAmount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" nextPaymentAmount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" lastPaymentAmount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" finalPaymentAmount: $ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8" creditorAgent: $ref: "#/components/schemas/AEBranchAndFinancialInstitutionIdentification5_1" creditorAccount: $ref: "#/components/schemas/AECashAccount5_0" supplementaryData: type: object # # Schemas related to Products # ProductsResponse: type: object properties: data: type: array items: $ref: "#/components/schemas/CbuaeProduct" meta: $ref: "#/components/schemas/Meta" CbuaeProduct: type: object description: | A descriptor for an product. This is a composite object that may be expanded in the future to support additional account types for new API standards and product types. properties: AccountId: description: "A unique and immutable identifier produced by the financial institution to identify the account resource.This identifier has no meaning to the account owner (User 1)." type: string ProductId: description: "Identifier within the financial institution for the product. Must be unique in the organisation." type: string ProductType: description: "Descriptive code for the product." type: string ProductName: description: "Descriptive name for the product." type: string IsIslamic: description: | A flag to denote if the Product is an Islamic product type: boolean default: false Charges: $ref: '#/components/schemas/AECharge' LendingRates: $ref: '#/components/schemas/AELendingRate' DepositRates: $ref: '#/components/schemas/AEDepositRate' additionalProperties: true AECharge: description: | Fees and charges applicable to the account type: array items: type: object required: - Name - ChargeType - Amount properties: Name: type: string description: | Name of the charge minLength: 1 maxLength: 40 ChargeType: type: string description: | Type of the charge minLength: 1 maxLength: 10 Amount: $ref: '#/components/schemas/AEActiveOrHistoricCurrencyAndAmount_0' Frequency: $ref: '#/components/schemas/AEDuration' Notes: type: string description: | Notes providing more information on the charge. minLength: 1 maxLength: 500 additionalProperties: false AELendingRate: description: | Lending rates for this account type: array items: type: object required: - LendingRateType - Rate properties: LendingRateType: type: string minLength: 1 maxLength: 10 Rate: $ref: '#/components/schemas/AERate' Amount: $ref: '#/components/schemas/AEActiveOrHistoricCurrencyAndAmount_0' CalculationFrequency: $ref: '#/components/schemas/AEDuration' ApplicationFrequency: $ref: '#/components/schemas/AEDuration' RepaymentType: type: string description: | Options in place for repayments minLength: 1 maxLength: 40 Notes: type: string description: | Notes providing more information on the rate. minLength: 1 maxLength: 500 additionalProperties: false AEActiveOrHistoricCurrencyAndAmount_0: type: object required: - Amount - Currency description: >- This is the value of the last direct debit collection from the User 1 account. properties: Amount: description: >- A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217. type: string Currency: $ref: '#/components/schemas/ActiveOrHistoricCurrencyCode_1' additionalProperties: false AEDepositRate: description: | Deposit rates for this account type: array items: type: object required: - DepositRateType - Rate properties: DepositRateType: type: string minLength: 1 maxLength: 10 Rate: $ref: '#/components/schemas/AERate' CalculationFrequency: $ref: '#/components/schemas/AEDuration' ApplicationFrequency: $ref: '#/components/schemas/AEDuration' RepaymentType: type: string description: | Options in place for repayments minLength: 1 maxLength: 40 Notes: type: string description: | Notes providing more information on the rate. minLength: 1 maxLength: 500 additionalProperties: false AERate: description: > A string representing a percentage (e.g. an interest rate). A rate of 100% would be represented by the value 1.0 and a rate of -100% by -1.0 - At least 1 and up to a total of 16 significant digits before decimal point - Up to 16 digits following the decimal point - No formatting, eg thousand separating commas type: string minLength: 1 maxLength: 18 AEDuration: description: | The period of time for which the credit line is available. Formatted according to ISO 8601 Durations (excludes recurrence syntax) type: string # # Common types # BeneficiariesResponse: type: object properties: data: type: array items: $ref: "#/components/schemas/CbuaeBeneficiary" meta: $ref: "#/components/schemas/Meta" CbuaeBeneficiary: type: object properties: accountId: type: string beneficiaryId: type: string beneficiaryType: description: >- Specifies the Beneficiary Type. Encoded with allowable values of: 'Activated' - Beneficiary has been added to the beneficiary list using SCA. 'NotActivated' - Beneficiary has been added to the beneficiary list without SCA type: string enum: - UAEOF.Activated - UAEOF.NotActivated accountHolderShortName: $ref: "#/components/schemas/AccountHolderShortName" reference: type: string supplementaryData: type: object servicer: $ref: '#/components/schemas/AEBranchAndFinancialInstitutionIdentification6_1' creditorAccount: type: array items: $ref: '#/components/schemas/AECashAccount5_0' TCurrency: type: string pattern: "^[A-Z]{3,3}$" AccountHolderName: type: "string" description: | The Account Holder Name is the name or names of the Beneficiary account owner(s) represented at the account level, as displayed by the Creditor Agent's online channels and as provided by the Beneficiary to the customer when adding the Beneficiary in the Beneficiary list. Note, the Account Holder Name is not the product name or the nickname of the account.d AccountHolderShortName: type: "string" description: | The Beneficiary account holder nick name TransactionDateTime: title: "TransactionDateTime" description: | The Date Time of when the transaction occurred. All dates in the JSON payloads are represented in ISO 8601 date-time format. All date-time fields in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00 type: "string" format: "date-time" LocalTimeZone: title: "LocalTimeZone" description: | The UTC offset of the local date and time of where the transaction occurred E.g. UTC+03:00 type: "string" format: "date-time" TerminalId: description: "ID of the Terminal if the transaction was initiated from a retail POS" type: "string" minLength: 8 maxLength: 20 BillDetails: description: "Bill Details" type: "object" properties: BillerID: description: | This should be 'BillerCode' as per SP-SADAD specifications. It is a unique biller identifier within SADAD that could be used by the end-user to refer to a specific SADAD biller (e.g. STC biller code is 001, water services biller code is 015, etc.) type: "string" BillNumber: description: "Unique bill identifier within the account." type: "string" BillPaymentType: description: | Indicates whether the bill could be a One-off payment, Recurring payment, Postpaid, Pre-paid, etc type: "string" x-namespaced-enum: - UAEOF.Post-Paid - UAEOF.AdvancePaymentForRoaming - UAEOF.Recharge - UAEOF.Renewal - UAEOF.RoamingDeposit - UAEOF.One-Off - UAEOF.RecurringPayment PurposeSO: description: | The purpose of the Standing Order payment. A free format string in the form of transaction categorisation. Example: "Bills and expenses", "Government payment", "Personal Expenses". type: "string" minLength: 1 maxLength: 50 ConfirmationRequest: type: object properties: data: type: object properties: account: type: object properties: schemeName: type: string enum: - UAEOF.IBAN - UAEOF.AccountNumber identification: type: string name: oneOf: - $ref: "#/components/schemas/PersonName" - $ref: "#/components/schemas/BusinessName" PersonName: type: object properties: firstName: type: string lastName: type: string BusinessName: type: object properties: businessName: type: string Meta: type: object properties: totalPages: type: number description: | The number of expected pages for the query. totalRecords: type: number description: | The total number of records in the full set. PaginatedMeta: type: object properties: paginated: type: boolean description: | `true` if the response is paginated. `false` if the response returns all matching data elements. If not specified, a non-paginated response is assumed. totalPages: type: number description: | The number of expected pages for the query. totalRecords: type: number description: | The total number of records in the full set. Error: type: object properties: errorCode: type: string description: Error code identifying the problem occured errorMessage: type: string description: Message describing what problem has occured propagateError: type: boolean description: optional field if error want to propagate parameters: aspspId: name: o3-aspsp-id in: header schema: type: string required: true deprecated: true description: Identifier for the financial institution that the request is targetted to. This header is deprecated and will be removed in a future version of Ozone Connect. Use `o3-provider-id` instead. providerId: name: o3-provider-id in: header schema: type: string required: true description: Identifier for the financial institution that the request is targetted to callerOrgId: name: o3-caller-org-id in: header schema: type: string description: An identifier for the organization calling the API callerClientId: name: o3-caller-client-id in: header schema: type: string description: An identifier for the OIDC clientId calling the API callerSoftwareStatementId: name: o3-caller-software-statement-id in: header schema: type: string description: An identifier for the software statement calling the API apiUri: name: o3-api-uri in: header schema: type: string required: true description: The parameterised URL of the API being called by the caller apiOperation: name: o3-api-operation in: header schema: type: string required: true description: The API operation carried out by the caller (e.g. GET, POST, PUT, DELETE, PATCH) consentId: name: o3-consent-id in: header schema: type: string description: The consentId for which this call is being made callerInteractionId: name: o3-caller-interaction-id in: header schema: type: string description: The interaction ID passed in by the caller, if any ozoneInteractionId: name: o3-ozone-interaction-id in: header schema: type: string required: true description: An interaction ID generated by Ozone if the caller did not send in one. If the callerInteractionId is specified, this takes the same value. psuIdentifier: name: o3-psu-identifier in: header schema: type: string required: true description: A Base64 encoded representation of the psuIdentifier JSON object. transaction-fromBookingDateTime: name: fromBookingDateTime in: query description: | If specified, the API should only return transactions which have a `bookingDateTime` that occours on or after the specified date-time. schema: type: string format: date transaction-toBookingDateTime: name: toBookingDateTime in: query description: | If specified, the API should only return transactions which have a `bookingDateTime` that occours on or before the specified date-time. schema: type: string format: date securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT |
...