...
| Awesome api app render macro | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
openapi: 3.0.1
info:
title: Ozone Connect - Data Sharing APIs
contact:
name: Ozone Financial Technology Limited
description: |
This document provides an API description in [OpenAPI](https://spec.openapis.org/oas/v3.0.1.html)
for Data Sharing APIs for Ozone Connect.
These APIs should be implemented by an financial institution so that Ozone
can expose these end-points to TPPs.
#### Test Case References
This description contains a number of references in the form `XXX-999-999`. These are references
to test case numbers in the Ozone Connect Test Harness that financial institutions may use to test
their Ozone Connect implementations. Please note that these errors are intended for pre-production
testing by the financial institution and are therefore not mandated for implementation.
#### Implementer Notes
Implementers should note that this API prescribes a positive response for correctly executed
operations including those where no data is returned. This is consistent with the general principles
of REST.
For example, if the operation
`get /accounts/{accountId}/products` is invoked and no product data is found for the account
associated with the value of `accountId` then the correct response is to return a `200` and an empty
array: `{ "data": [] }`.
#### Changes in Version 2024.43.0
* In Accounts API, NotActive account status has been updated to Inactive
* Account status descriptions have been changed to reference CBUAE definitions
* For Scheduled Payment, Beneficiary, Standing Order APIs - Additional enums like MaskedPAN, MobileNumber, UtilityName, EWallet have been added.
* Added credit line definitions.
#### Changes in Version 2024.37.0
* Removed 400 error code for `o3-psu-identifier` from POST /customers/action/cop-query
* Added missing `description` properties through the document.
* Added `default` response to each operation to aid understanding of error handling requirements.
* Changed `trustFramework` value and clarified implementation.
* Changed `page-size` parameter to match Operating Guidelines.
* Removed `additionalProperties: true` as not required and causes tooling issues
#### Changes in Version 2024.34.1
* Removed propagateError field from the Error object.
* Marked o3-psu-identifier header mandatory for Get /customer API and marked page and page-size mandatory query parameters.
* Refactored Security Scheme Objects to use common definitions across all API Hub APIs
* Implemented the correct Security Requirements for this API description, reflecting security patterns available in API Hub
#### Changes in Version 2024.34
* Removed the namespace from all enumerations.
* Marked mandatory fields.
* Renamed proprietoryBankTransactionCode as proprietaryBankTransactionCode.
* Marked o3-caller-org-id, o3-caller-client-id, o3-caller-software-statement-id, o3-consent-id, o3-caller-interaction-id and o3-psu-identifier headers mandatory.
* Added page and page-size query parameters.
* Updated enums for accountType, accountSubType, cardSchemeName and instrumentType.
version: 2024.43.0
servers:
- url: https://<your-ozone-connect-server>
tags:
- name: accounts
description: |
APIs that should be implemented by Financial Institutions to expose `accounts` information to TPPs.
- name: balances
description: |
APIs that should be implemented by Financial Institutions to expose `balances` information to TPPs.
- name: transactions
description: |
APIs that should be implemented by Financial Institutions to expose `transactions` information to TPPs.
- name: customers
description: |
APIs that should be implemented by Financial Institutions to expose `customer` information to TPPs.
- name: beneficiaries
description: |
APIs that should be implemented by Financial Institutions to expose `beneficiaries` information to TPPs.
- name: direct-debits
description: |
APIs that should be implemented by Financial Institutions to expose `direct debit` information to TPPs.
- name: scheduled-payments
description: |
APIs that should be implemented by Financial Institutions to expose `scheduled payment` information to TPPs.
- name: standing-orders
description: |
APIs that should be implemented by Financial Institutions to expose `standing order` information to TPPs.
- name: products
description: |
APIs that should be implemented by Financial Institutions to expose `product` information to TPPs.
security:
- {}
- OzoneConnectApiKey: []
- OzoneConnectClientCredentials: [ "placeholder" ]
- OzoneConnectJwtAuth: []
paths:
/accounts:
get:
tags:
- accounts
summary: Fetch accounts
description: |
###### ACC-010-010
The API must return all the accounts specified by the `accountIds` query parameter.
###### ACC-010-140
If one or more specified accountIds does not exist or cannot be retrieved the call should continue to return other accounts.
###### ACC-010-150
If no accounts are found, the call must return a success status code `200` with an empty `data` array.
## Optionality
At least one of `/accounts` or `/accounts/:accountId` must be implemented.
If not implemented, Ozone will use the `/accounts/:accountId` end-point.
However, that is not as performant an alternative and Financial Institutions are encouraged to implement this end-point.
operationId: findAccounts
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
# query parameters
- name: accountIds
in: query
description: Comma separated ids of the accounts to be returned
schema:
type: string
minimum: 1
required: true
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page-size"
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/AccountsResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### ACC-010-020
If the `accountsIds` query parameter is not supplied.
- ###### ACC-010-040
The `o3-psu-identifier` header parameter is not specified.
- ###### ACC-010-050
Both the `accountIds` query parameter and the `o3-psu-identifier` header parameter are not specified.
- ###### ACC-010-030
The `o3-provider-id` header is missing or has an unexpected value
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### ACC-010-070, ACC-010-080, ACC-010-090
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### ACC-010-100
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/accounts/{accountId}:
get:
tags:
- accounts
summary: Fetch the account specified by the account id
description: |
###### ACC-020-010
The API must return the account specified by the `accountId` path parameter.
## Optionality
At least one of `/accounts` or `/accounts/:accountId` must be implemented.
operationId: findByAccountId
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
# Path param definitions
- name: accountId
in: path
description: Id of the account to be queried
required: true
schema:
type: string
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/AccountResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### ACC-020-020
The account corresponding to the `accountId` query parameter does not exist or is under a bar
- ###### ACC-020-030
The `o3-provider-id` header is missing or has an unexpected value
The operation __should__ be failed with a status of `400` under the following error conditions:
- ###### ACC-020-040
The financial institution should fail the call if the `o3-psu-identifier` header is not specified.
- ###### ACC-020-050
If both the `accountId` and `o3-psu-identifier` header are not specified.
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### ACC-020-070, ACC-020-080, ACC-020-090
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### ACC-020-100
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/accounts/{accountId}/balances:
get:
tags:
- balances
summary: Fetch the balances for the account specified by the account id.
operationId: findBalancesByAccountId
description: |
###### BAL-020-010
Retrieves the balance for account specified by the `accountId` parameter.
###### BAL-020-110
If the `balanceType` is specified, the financial institution must return the specified balance type only.
###### BAL-020-120
If the balanceType is not specified, the financial institution may return more than one balance record for each account. Each row would represent a balance of a different type.
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
# Path param definitions
- name: accountId
in: path
description: Id of the account to be queried
required: true
schema:
type: string
# query parameters
- name: balanceType
in: query
description: The type of balance to be returned
schema:
$ref: "#/components/schemas/CbuaeBalanceType"
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page-size"
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/BalancesResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### BAL-020-020
The balance for account corresponding to the `accountId` query parameter does not exist or is under a bar
- ###### BAL-020-030
The `o3-provider-id` header is missing or has an unexpected value
- ###### BAL-020-130
The `balanceType` query parameter has an unexpected value or is not supported by the financial institution.
The operation __should__ be failed with a status of `400` under the following error conditions:
- ###### BAL-020-040
The financial institution should fail the call if the `o3-psu-identifier` header is not specified.
- ###### BAL-020-050
Both the `accountId` query parameter and the `o3-psu-identifier` header parameter are not specified.
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### BAL-020-070, BAL-020-080, BAL-020-090
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### BAL-020-100
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/accounts/{accountId}/transactions:
get:
tags:
- transactions
summary: Fetch transactions for the account specified by the accountId
description: |
###### TXN-020-010
Retrieves all the transactions for the account specified by the `accountId` in the URL.
###### TXN-020-011
Retrieves the transactions for the account specified, starting from the specified valid `fromBookingDateTime` query parameter, until today.
###### TXN-020-012
Retrieves the transactions for the account specified, starting from the begining, and ending at the specified valid `toBookingDateTime` query parameter.
###### TXN-020-013
Retrieves the transactions for the account specified, starting from the the specified valid `fromBookingDateTime` query parameter, and ending at the specified valid `toBookingDateTime` query parameter.
###### TXN-020-020
If the account does not exist or is under a bar, then the financial institution should return an error with status 400.
operationId: findTransactionsByAccountId
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
# Path param definitions
- name: accountId
in: path
description: Id of the account to be queried
required: true
schema:
type: string
example: abc-123
- $ref: "#/components/parameters/transaction-fromBookingDateTime"
- $ref: "#/components/parameters/transaction-toBookingDateTime"
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page-size"
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/TransactionsResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### TXN-020-020
If the account does not exist or is under a bar, then the financial institution should return an error with status 400.
- ###### TXN-020-040
If the `o3-psu-identifier` header parameter is not specified.
- ###### TXN-020-030
The `o3-provider-id` header is missing or has an unexpected value
- ###### TXN-020-050
Both the `accountId` query parameter and the `o3-psu-identifier` header parameter are not specified.
- ###### TXN-020-170
The `fromBookingDateTime` is not in ISO Date format
- ###### TXN-020-180
The `toBookingDateTime` is not in ISO Date format
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### TXN-020-070, TXN-020-080, TXN-020-090
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### TXN-020-100
The API consumer is not authorised.
default:
$ref: "#/components/responses/Error"
/accounts/{accountId}/direct-debits:
get:
tags:
- direct-debits
summary: Fetch the direct debits specified by the account id
description: |
###### DBT-020-010
Retrieves the direct debits specified by the `accountId` parameter.
operationId: findDirectDebitByAccountId
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
# Path param definitions
- name: accountId
in: path
description: Id of the account to be queried
required: true
schema:
type: string
# query parameters
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page-size"
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/DirectDebitsResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### DBT-020-020
The account corresponding to the `accountId` query parameter does not exist or is under a bar
- ###### DBT-020-030
The `o3-provider-id` header is missing or has an unexpected value
The operation __should__ be failed with a status of `400` under the following error conditions:
- ###### DBT-020-040
The financial institution should fail the call if the `o3-psu-identifier` header is not specified.
- ###### DBT-020-050
Both the `accountId` query parameter and the `o3-psu-identifier` header parameter are not specified.
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### DBT-020-070, DBT-020-080, DBT-020-090
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### DBT-020-100
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/accounts/{accountId}/scheduled-payments:
get:
tags:
- scheduled-payments
summary: Fetch the scheduled payments specified by the account id
description: |
###### FDP-020-010
Retrieves the scheduled payments specified by the `accountId` parameter.
operationId: findScheduledPaymentByAccountId
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
# Path param definitions
- name: accountId
in: path
description: Id of the account to be queried
required: true
schema:
type: string
# query parameters
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page-size"
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/ScheduledPaymentsResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### FDP-020-020
The account corresponding to the `accountId` query parameter does not exist or is under a bar
- ###### FDP-020-030
The `o3-provider-id` header is missing or has an unexpected value
The operation __should__ be failed with a status of `400` under the following error conditions:
- ###### FDP-020-040
The financial institution should fail the call if the `o3-psu-identifier` header is not specified.
- ###### FDP-020-050
Both the `accountId` query parameter and the `o3-psu-identifier` header parameter are not specified.
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### FDP-020-070, FDP-020-080, FDP-020-090
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### FDP-020-100
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/accounts/{accountId}/standing-orders:
get:
tags:
- standing-orders
summary: Fetch the standing orders specified by the account id
description: |
###### STO-020-010
Retrieves the standing orders specified by the `accountId` parameter.
operationId: findStandingOrderByAccountId
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
# Path param definitions
- name: accountId
in: path
description: Id of the account to be queried
required: true
schema:
type: string
# query parameters
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page-size"
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/StandingOrdersResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### STO-020-020
The account corresponding to the `accountId` query parameter does not exist or is under a bar
- ###### STO-020-030
The `o3-provider-id` header is missing or has an unexpected value
The operation __should__ be failed with a status of `400` under the following error conditions:
- ###### STO-020-040
The financial institution should fail the call if the `o3-psu-identifier` header is not specified.
- ###### STO-020-050
The financial institution should fail the call if the `accountId` does not refer to an account that
is accessible by a the PSU identified by the `o3-psu-identifier` header.
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### STO-020-060, STO-020-070, STO-020-080
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### STO-020-090
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/customer:
get:
tags:
- customers
summary: Fetch customer
description: |
###### CUS-010-040
The API must return the customer for the PSU identified by the `o3-psu-identifier` header.
###### CUS-010-190
If no customer is found, the call must return a success status code `200` with an empty `data` object.
operationId: findCustomer
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
- name: o3-consent-id
in: header
schema:
type: string
description: The consentId for which this call is being made
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/CustomerResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### CUS-010-040
The `o3-psu-identifier` header parameter are not specified.
- ###### CUS-010-030
The `o3-provider-id` header is missing or has an unexpected value
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### CUS-010-070, CUS-010-080, CUS-010-090
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### CUS-010-100
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/customers/action/cop-query:
post:
tags:
- customers
summary: Fetches customer data based on a confirmation of payee query
description: |
The API is used by Ozone to find customer records from the LFI based on a confirmation of payee query.
Ozone will send a query to the LFI that identifies a customer account. The financial institution must return the customer records associated with specified account.
Ozone takes on the responsibility of implementing the COP name matching rules. The financial institution must return the customer records that match the COP query.
The financial institution may return multiple customer records for a single account. (e.g. for joint accounts)
In situations where the customer is not found, the financial institution must return a success status code `200` with an empty `data` object. e.g.
- account is not found
- account is under a bar
- customer has opted out of COP
Note that this operation is not carried out under a consent and the call will not have a `o3-consent-id` header
operationId: findCustomerForCop
parameters:
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
# query parameters
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page-size"
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/ConfirmationRequest"
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/ConfirmationResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### CUS-010-030
The `o3-provider-id` header is missing or has an unexpected value
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### CUS-010-070, CUS-010-080, CUS-010-090
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### CUS-010-100
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/accounts/{accountId}/customer:
get:
tags:
- customers
summary: Fetch the customers specified by the account id
description: |
###### CUS-020-040
The API must return the customer for the PSU identified by the `o3-psu-identifier` header.
###### CUS-020-190
If no customer is found, the call must return a success status code `200` with an empty `data` object.
operationId: findCustomerByAccountId
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- name: o3-psu-identifier
in: header
schema:
type: string
required: true
description: A Base64 encoded representation of the psuIdentifier JSON object.
# Path param definitions
- name: accountId
in: path
description: Id of the account to be queried
required: true
schema:
type: string
example: abc-123
# query parameters
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page-size"
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/CustomersResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### CUS-020-040
The `o3-psu-identifier` header parameter are not specified.
- ###### CUS-020-030
The `o3-provider-id` header is missing or has an unexpected value
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### CUS-020-070, CUS-020-080, CUS-020-090
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### CUS-020-100
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/accounts/{accountId}/beneficiaries:
get:
tags:
- beneficiaries
summary: Fetch the beneficiaries specified by the account id
description: |
###### BEN-020-010
Retrieves the beneficiaries specified by the `accountId` parameter.
###### BEN-020-020
The account corresponding to the `accountId` query parameter does not exist or is under a bar
operationId: findBeneficiariesByAccountId
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
# Path param definitions
- name: accountId
in: path
description: Id of the account to be queried
required: true
schema:
type: string
# query parameters
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page-size"
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/BeneficiariesResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### BEN-020-020
If the `accountsId` query parameter is not specified.
- ###### BEN-020-030
The `o3-provider-id` header is missing or has an unexpected value
The operation __should__ be failed with a status of `400` under the following error conditions:
- ###### BEN-020-040
The financial institution should fail the call if the `o3-psu-identifier` header is not specified.
- ###### BEN-020-050
Both the `accountId` query parameter and the `o3-psu-identifier` header parameter are not specified.
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### BEN-020-060, BEN-020-070, BEN-020-080
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### BEN-020-100
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/accounts/{accountId}/products:
get:
tags:
- products
summary: Fetch products.
description: |
The API must return all the products that are provided by the financial institution.
If no products are found, the call must return a success status code `200` with an empty `data` array.
operationId: findProducts
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
# Path param definitions
- name: accountId
in: path
description: Id of the account to be queried
required: true
schema:
type: string
# query parameters
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page-size"
responses:
"200":
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/ProductsResponse"
"400":
description: |
The operation __must__ be failed with a status of `400` under the following error conditions:
- ###### PRD-010-030
The `o3-provider-id` header is missing or has an unexpected value
- ###### PRD-010-040
The `o3-psu-identifier` header parameter is not specified.
The operation __may__ be failed with a status of `400` under the following error conditions:
- ###### PRD-010-070, PRD-010-080, PRD-010-090
One or more of the mandatory header parameters is not specified or has an unexpected value
- `o3-api-uri`,
- `o3-api-operation`,
- `o3-ozone-interaction-id`
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
"401":
description: |
The operation __must__ be failed with a status of `401` under the following error conditions:
- ###### PRD-010-100
The API consumer is not authorised.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
components:
responses:
Error:
description: Default error response
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
schemas:
#
# Schemas for Accounts
#
AccountsResponse:
type: object
description: |
A descriptor for an account.
This is a composite object that may be expanded in the future to support
additional account types for new API standards and account types.
example:
data:
- id: string
accountType: Retail
accountSubType: string
currency: GBP
status: Active
accountHolderName: string
servicer:
schemeName: BICFI
identification: string
accountNumbers:
- name: string
schemeName: IBAN
identification: string
product:
id: string
productName: string
bundleName: string
meta: {}
properties:
data:
type: array
items:
$ref: "#/components/schemas/CbuaeAccount"
description: Primary data for the resource
meta:
$ref: "#/components/schemas/Meta"
AccountResponse:
type: object
description: |
A descriptor for an account.
This is a composite object that may be expanded in the future to support
additional account types for new API standards and account types.
properties:
data:
$ref: "#/components/schemas/CbuaeAccount"
meta:
$ref: "#/components/schemas/Meta"
CbuaeAccount:
type: object
properties:
id:
type: string
description: Unique identifier for the account resource
product:
$ref: "#/components/schemas/ProductIdentifier"
multiAuth:
type: boolean
description: Indicator that labels the account as requiring multiple authorizers
businessCustomer:
type: array
items:
$ref: "#/components/schemas/CustomerIdentifier"
description: Provides the customer identifiers for an account when the account is
a business account
customers:
type: array
items:
$ref: "#/components/schemas/CustomerIdentifier"
minimum: 1
description: Provides the customer identifiers for an account when the account is
a non-business account
accountHolderName:
$ref: "#/components/schemas/AccountHolderName"
accountHolderShortName:
$ref: "#/components/schemas/AccountHolderShortName"
status:
description: |
Specifies the status of account resource in code form.
* Active: The account exist and is in an active state.
* Inactive: The account is deemed not active by the LFI. Please refer to the
[CBUAE Website](https://rulebook.centralbank.ae/en/rulebook/dormant-accounts-regulation)
for qualification of Inactive status.
* Dormant: Please refer to the [CBUAE Website](https://rulebook.centralbank.ae/en/rulebook/dormant-accounts-regulation)
for the definition of Dormant status.
* Unclaimed: Please refer to the [CBUAE Website](https://rulebook.centralbank.ae/en/rulebook/dormant-accounts-regulation)
for the definition of Unclaimed status.
* Deceased: The account holder has passed away.
* Suspended: The account has been temporarily deactivated by the LFI for reasons such as
suspicious activities or non-compliance with regulations. The account holder might
be unable to access funds or perform transactions until the bank's requirements
are met, and the suspension is lifted.
* Closed: The account is closed
type: string
enum:
- Active
- Inactive
- Dormant
- Unclaimed
- Deceased
- Suspended
- Closed
statusUpdateDateTime:
description: "Date and time at which the resource status was updated."
type: string
format: date-time
currency:
$ref: "#/components/schemas/TCurrency"
accountType:
description: "Specifies the type of account (Retail, SME or Corporate)."
type: string
enum:
- Retail
- SME
- Corporate
accountSubType:
type: string
x-namespaced-enum:
- CurrentAccount
- Savings
description: "Specifies the sub type of account (product family group). Values
include: CurrentAccount, Savings"
description:
description: "Specifies the description of the account sub-type."
type: string
nickName:
description: "The nickname of the account, assigned by User 1 to provide an
additional and easier means of identification of the account at the
financial instituation"
type: string
openingDate:
description: "Date on which the account and its related basic services by
financial institution started to be operational for User 1"
type: string
format: date-time
maturityDate:
description: >
* Fixed Term Savings Account
MaturityDate is the date on which the savings mature and the balance can be withdrawn by the User without penalty
type: string
format: date-time
accountNumbers:
type: array
items:
$ref: "#/components/schemas/AccountIdentifiers"
minimum: 1
description: Provides the account numbers that identity the account. This is
separate to the `accountId`, which uniquely identifies the account
resource.
servicer:
$ref: "#/components/schemas/AEBranchAndFinancialInstitutionIdentification5_0"
required:
- id
additionalProperties: false
description: The properties of an account
AccountIdentifiers:
type: object
description: Provides the details to identify an account.
required:
- schemeName
- identification
properties:
schemeName:
$ref: '#/components/schemas/AEExternalAccountIdentificationCode'
identification:
$ref: '#/components/schemas/Identification_0'
name:
$ref: '#/components/schemas/Name_0'
additionalProperties: false
AEExternalAccountIdentificationCode:
description: >-
Name of the identification scheme for the account. Encoded with
allowable values published in an external list.
type: string
enum:
- IBAN
- AccountNumber
AEExternalAccountIdentificationCode1:
description: >-
Name of the identification scheme for the account. Encoded with
allowable values published in an external list.
type: string
enum:
- IBAN
- AccountNumber
- MaskedPAN
- MobileNumber
- UtilityName
- EWallet
Identification_0:
description: >
Identification for the account assigned by the financial institution
based on the Account Scheme Name. This identification is known by the
User 1 account owner. For IBAN, refer to the ISO Standard 13616.
type: string
minLength: 1
maxLength: 400
Name_0:
description: >-
The account name is the name or names of the User 1 account owner(s)
represented at an account level, as displayed by the financial
institution's online channels. Note: The account name is not the product
name or the nickname of the account.
type: string
minLength: 1
maxLength: 70
AEBranchAndFinancialInstitutionIdentification5_0:
type: object
required:
- schemeName
- identification
description: >-
Party that manages the account on behalf of the account owner, that is
manages the registration and booking of entries on the account,
calculates balances on the account and provides information about the
account.
properties:
schemeName:
$ref: >-
#/components/schemas/AEExternalFinancialInstitutionIdentificationCode
identification:
$ref: '#/components/schemas/Identification_1'
additionalProperties: false
Identification_1:
description: >
* /accounts resource
Unique and unambiguous identification of the financial institution as
the account servicing institution for the Open Finance services.
* /beneficiaries resource
Unique and unambiguous identification of the Creditor Agency as the
servicing institution of the Beneficiary.
* /scheduled-payments resource
Unique and unambiguous identification of the financial institution as
the account servicing institution for the Open Finance services.
* /standing-orders resource
Unique and unambiguous identification of the financial institution as
the account servicing institution for the Open Finance services.
* /transactions resource
Unique and unambiguous identification of the financial institution as the account servicing institution for the Open Finance services.
* Notes:
Based on the value of the field **IdentificationType**, this entry may
be :
* BICFI: The BIC/SWIFT Code
* OTHER: The ID; A Country Code followed by a Bank Code (UAEOF 4
character code).
type: string
minLength: 1
maxLength: 35
AEExternalFinancialInstitutionIdentificationCode:
description: >
* /accounts resource
The name of the identification scheme for the financial institution as
the account services provider. Encoded with allowable value as published
in an external list.
* /beneficiaries resource
Refers to the Financial Institution that manages the account on behalf
of the Beneficiary party, managing registration, booking of entries on
the account, calculating balances on the account and providing
information about the account. This is the servicing Financial
Institution of the Beneficiary account.
* /scheduled-payments resource
Refers to the identification scheme for uniquely identifying the
Creditor Agent.
* /standing-orders resource
Refers to the identification scheme for uniquely identifying the
Creditor Agent.
* /transactions resource
Refers to the identification scheme for uniquely identifying the
Creditor Agent.
type: string
enum:
- BICFI
- OTHER
CustomersResponse:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/CbuaeCustomer"
description: Primary data for the resource
meta:
$ref: "#/components/schemas/Meta"
description: The properties of customers associated with a given account
ConfirmationResponse:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/CbuaeCopCustomer"
description: Primary data for the resource
meta:
$ref: "#/components/schemas/Meta"
description: The properties of a Confirmation of Payee query response
CustomerResponse:
type: object
properties:
data:
$ref: "#/components/schemas/CbuaeCustomer"
meta:
$ref: "#/components/schemas/Meta"
description: The properties of a customer associated with a given account
CbuaeCustomer:
type: object
required:
- id
- customerType
- accountRole
- verifiedClaims
properties:
id:
type: string
minLength: 1
maxLength: 40
description: >-
A unique and immutable identifier used to identify the customer
resource. This identifier has no meaning to the account owner.
number:
type: string
minLength: 1
maxLength: 35
description: Number assigned by an agent to identify its customer.
customerType:
type: string
enum:
- Delegate
- Joint
- Sole
description: >
Specifies the party type.
Encoded with allowable values:
"Delegate" - Used for business accounts when user has delegated
authority to access the account ,
"Joint" - Customer is a joint owner of the account
"Sole" - Customer is the sole owner of the account
accountRole:
type: string
enum:
- Administrator
- Beneficiary
- CustodianForMinor
- Granter
- LegalGuardian
- OtherParty
- PowerOfAttorney
- Principal
- Protector
- RegisteredShareholderName
- SecondaryOwner
- SeniorManagingOfficial
- Settlor
- SuccessorOnDeath
description: Specifies the Party's role with respect to the related account.
verifiedClaims:
type: array
items:
$ref: '#/components/schemas/CbuaeVerifiedClaim'
description: >-
Container object containing entries for the trust framework and the
evidence used to verify the claims
description: >
Party Identity Assurance (Response) Schema
Based on the [OpenID Connect for Identity Assurance 1.0
Specification](https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html)
CbuaeCopCustomer:
type: object
required:
- id
- customerType
- accountRole
- verifiedClaims
properties:
id:
type: string
minLength: 1
maxLength: 40
description: >-
A unique and immutable identifier used to identify the customer
resource. This identifier has no meaning to the account owner.
number:
type: string
minLength: 1
maxLength: 35
description: Number assigned by an agent to identify its customer.
customerType:
type: string
enum:
- Delegate
- Joint
- Sole
description: >
Specifies the party type.
Encoded with allowable values:
"Delegate" - Used for business accounts when user has delegated
authority to access the account ,
"Joint" - Customer is a joint owner of the account
"Sole" - Customer is the sole owner of the account
accountRole:
type: string
enum:
- Administrator
- Beneficiary
- CustodianForMinor
- Granter
- LegalGuardian
- OtherParty
- PowerOfAttorney
- Principal
- Protector
- RegisteredShareholderName
- SecondaryOwner
- SeniorManagingOfficial
- Settlor
- SuccessorOnDeath
description: Specifies the Party's role with respect to the related account.
verifiedClaims:
type: array
items:
$ref: '#/components/schemas/CbuaeVerifiedCopClaim'
description: >-
Container object containing entries for the trust framework and the
evidence used to verify the claims
description: >
Party Identity Assurance (Response) Schema
Based on the [OpenID Connect for Identity Assurance 1.0
Specification](https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html)
CbuaeVerifiedClaim:
description: |
Verified Claims :This is Required field for Cbuae
Container object containing entries for the trust framework and the evidence used to verify the customer claims
type: "object"
properties:
verification:
description: |
Verification
type: "object"
required:
- trustFramework
properties:
trustFramework:
type: "string"
enum: [ FI ]
description: Identifies the trust framework used for customer verification. For UAE the
value "FI" is used, to indicate the FI has carried out verification of the customer
details based on their processes that adhere to legislation for KYC and AML.
assuranceLevel:
type: "string"
description: |
Determines the assurance level associated with the customer in the respective VerifiedClaims.
assuranceProcess:
type: "object"
description: |
Determines the assurance process that was followed. This reflects how the evidence meets the requirements of the TrustFramework and AssuranceLevel.
required:
- policy
- procedure
- assuranceDetails
properties:
policy:
type: "string"
description: "Representing the standard or policy that was followed."
procedure:
type: "string"
description: "Representing a specific procedure from the policy that was
followed."
assuranceDetails:
type: "array"
description: "Denoting the details about how the evidence complies with the
policy"
items:
type: "object"
required:
- assuranceType
- assuranceClassification
- evidenceRef
properties:
assuranceType:
description: "String denoting which part of the assurance_process the evidence
fulfils"
type: "string"
assuranceClassification:
description: "String reflecting how the evidence has been classified or measured
as required by the TrustFramework"
type: "string"
evidenceRef:
description: "Evidence being referred to"
type: "array"
items:
type: "object"
required:
- txn
- evidenceMetadata
properties:
txn:
description: "Identifier referring to the txn used in the CheckDetails."
type: "string"
evidenceMetadata:
description: "Object indicating any meta data about the evidence that is
required by the AssuranceProcess in order to
demonstrate compliance with the TrustFramework.
It has the following sub-elements"
type: "object"
required:
- evidenceClassification
properties:
evidenceClassification:
type: "string"
description: The classification of the evidence metadata
used in verifying a given customer
description: The properties of each piece of evidence used in
verifying a given customer
description: The properties of each assurance process implemented by
the LFI to verify the details of a given customer
time:
type: "string"
format: "date-time"
description: |
Representing the date and time when the identity verification process took place. All dates in the JSON payloads are represented in ISO 8601 date-time format. All date-time fields in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00
verificationProcess:
type: "string"
description: |
Unique reference to the identity verification process as performed by the OP.
evidence:
description: The type of evidence allowed for providing verification.
anyOf:
- $ref: '#/components/schemas/AEPartyIdentityEvidenceTypeDocument'
- $ref: '#/components/schemas/AEPartyIdentityEvidenceTypeElectronicRecord'
claims:
type: object
properties:
givenName:
type: string
description: >-
Given name of the Party. Given name (also called forename) is
used to differentiate from the surname or family name.
familyName:
type: string
description: Surname of the Party
middleName:
type: string
description: Middle name of the Party
nickname:
type: string
description: Nickname of the Party
emiratesId:
type: string
description: Emirates ID number of the Party
emiratesIdExpiryDate:
type: string
format: date
description: Emirates ID card expiry date
birthDate:
type: string
format: date
description: Date of birth of the Party
sourceOfIncome:
type: string
description: The customer source of income
salary:
type: string
description: The customer salary
nationality:
type: string
description: The customer nationality, standardised where possible using a recognised
three-character code set such as ISO 3166
residentialAddress:
$ref: '#/components/schemas/AEPartyIdentityAddressClaim'
mobileNumber:
type: string
description: The customer mobile number
email:
type: string
description: The customer email
maritalStatus:
type: string
description: The customer marital status
salutation:
type: string
description: The customer salutation
language:
type: string
description: The primary language of the customer, standardised where possible using
a recognised three-character code set such as ISO 639
employerName:
type: string
description: The employer name of the customer
employmentSinceDate:
type: string
format: date
description: The date from which the customer was employed by their employer
powerofAttorney:
type: boolean
description: Indicator that labels whether the customer is subject to a power
of attorney arrangement
salaryTransfer:
type: boolean
description: Indicator that labels whether the customer receives their salary
in the associated account
profession:
type: string
description: The customer profession
updatedAt:
type: string
format: time
description: The date at which the customer data was last updated
description: >
Standard Claims:
[https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims)
IdentityAssurance Claims:
[https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#name-claims](https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#name-claims)
additionalProperties: false
CbuaeVerifiedCopClaim:
description: |
Verified Claims :This is Required field for Cbuae
Container object containing entries for the trust framework and the evidence used to verify the customer claims
type: "object"
properties:
verification:
description: |
Verification
type: "object"
required:
- trustFramework
properties:
trustFramework:
type: "string"
enum: [ UAE.FI ]
description: |
Identifies the trust framework used for customer verification. Defaults to the KYC/AML applied as the source of truth for account holder details as applied under UAE law for Financial Institutions.
assuranceLevel:
type: "string"
description: |
Determines the assurance level associated with the customer in the respective VerifiedClaims.
assuranceProcess:
type: "object"
description: |
Determines the assurance process that was followed. This reflects how the evidence meets the requirements of the TrustFramework and AssuranceLevel.
required:
- policy
- procedure
- assuranceDetails
properties:
policy:
type: "string"
description: "Representing the standard or policy that was followed."
procedure:
type: "string"
description: "Representing a specific procedure from the policy that was
followed."
assuranceDetails:
type: "array"
description: "Denoting the details about how the evidence complies with the
policy"
items:
type: "object"
required:
- assuranceType
- assuranceClassification
- evidenceRef
properties:
assuranceType:
description: "String denoting which part of the assurance_process the evidence
fulfils"
type: "string"
assuranceClassification:
description: "String reflecting how the evidence has been classified or measured
as required by the TrustFramework"
type: "string"
evidenceRef:
description: "Evidence being referred to"
type: "array"
items:
type: "object"
required:
- txn
- evidenceMetadata
properties:
txn:
description: "Identifier referring to the txn used in the CheckDetails."
type: "string"
evidenceMetadata:
description: "Object indicating any meta data about the evidence that is
required by the AssuranceProcess in order to
demonstrate compliance with the TrustFramework.
It has the following sub-elements"
type: "object"
required:
- evidenceClassification
properties:
evidenceClassification:
type: "string"
description: The properties of each piece of evidence
used in verifying a given customer
description: The properties of each assurance process implemented
by the LFI to verify the details of a given customer
description: The properties of a customer associated with a given
account
time:
type: "string"
format: "date-time"
description: |
Representing the date and time when the identity verification process took place. All dates in the JSON payloads are represented in ISO 8601 date-time format. All date-time fields in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00
verificationProcess:
type: "string"
description: |
Unique reference to the identity verification process as performed by the OP.
evidence:
description: The type of evidence allowed for providing verification.
anyOf:
- $ref: '#/components/schemas/AEPartyIdentityEvidenceTypeDocument'
- $ref: '#/components/schemas/AEPartyIdentityEvidenceTypeElectronicRecord'
claims:
type: object
properties:
givenName:
type: string
description: >-
Given name of the Party. Given name (also called forename) is
used to differentiate from the surname or family name.
familyName:
type: string
description: Surname of the Party
middleName:
type: string
description: Middle name of the Party
nickname:
type: string
description: Nickname of the Party
emiratesId:
type: string
description: Emirates ID number of the Party
emiratesIdExpiryDate:
type: string
format: date
description: Emirates ID card expiry date
birthDate:
type: string
format: date
description: Date of birth of the Party
sourceOfIncome:
type: string
description: The customer source of income
salary:
type: string
description: The customer salary
nationality:
type: string
description: The customer nationality
residentialAddress:
$ref: '#/components/schemas/AEPartyIdentityAddressClaim'
mobileNumber:
type: string
description: The customer mobile number
email:
type: string
description: The customer email
maritalStatus:
type: string
description: The customer marital status
salutation:
type: string
description: The customer salutation
language:
type: string
description: The primary language of the customer
employerName:
type: string
description: The employer name of the customer
employmentSinceDate:
type: string
format: date
description: The date from which the customer was employed by their employer
powerofAttorney:
type: boolean
description: Indicator that labels whether the customer is subject to a power
of attorney arrangement
salaryTransfer:
type: boolean
description: Indicator that labels whether the customer receives their salary
in the associated account
profession:
type: string
description: The customer profession
updatedAt:
type: string
format: time
description: The date at which the customer data was last updated
description: >
Standard Claims:
[https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims)
IdentityAssurance Claims:
[https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#name-claims](https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#name-claims)
additionalProperties: false
organisationClaims:
type: object
properties:
name:
type: string
description: >-
Business name of the Party.
description: >
Standard Claims:
[https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims)
IdentityAssurance Claims:
[https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#name-claims](https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#name-claims)
additionalProperties: false
AEPartyIdentityEvidenceTypeDocument:
type: object
properties:
type:
type: string
enum:
- document
description: The type of evidence allowed for providing verification.
checkDetails:
type: array
items:
$ref: '#/components/schemas/AEPartyIdentityCheckDetail'
description: Details of one-or-more methods used to verify a physical document
that asserts the identity of the customer
verifier:
$ref: '#/components/schemas/DocumentEvidenceVerifier'
time:
$ref: '#/components/schemas/ISODateTime'
documentDetails:
$ref: '#/components/schemas/DocumentEvidenceDetails'
attachments:
type: object
required:
- AEPartyIdentityEvidenceAttachments
properties:
AEPartyIdentityEvidenceAttachments:
type: array
items:
$ref: '#/components/schemas/AEPartyIdentityEvidenceAttachment'
description: >
Attachment
additionalProperties: false
description: Attachments that provide evidence of the physical documents used to
verify the identity of the customer
description: >
Document Evidence
[https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#name-evidence-type-document](https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html#name-evidence-type-document)
AEPartyIdentityEvidenceTypeElectronicRecord:
type: object
properties:
type:
type: string
enum:
- electronic_record
description: The type of evidence allowed for providing verification.
checkDetails:
type: array
items:
$ref: '#/components/schemas/AEPartyIdentityCheckDetail'
description: Details of one-or-more methods used to verify an electronic record
that asserts the identity of the customer
time:
$ref: '#/components/schemas/ISODateTime'
record:
$ref: '#/components/schemas/ElectronicRecordProperties'
attachments:
type: object
required:
- AEPartyIdentityEvidenceAttachments
properties:
AEPartyIdentityEvidenceAttachments:
type: array
items:
$ref: '#/components/schemas/AEPartyIdentityEvidenceAttachment'
description: >
Attachments
description: Attachments that provide evidence of the electronic records used to
verify the identity of the customer
description: >
Electronic Record Evidence
additionalProperties: false
AEPartyIdentityCheckDetail:
type: object
properties:
checkMethod:
type: string
description: >
Identifes the method used by PASP for checking the evidence for
verification
String representing the check done, this includes processes such as
checking the authenticity of the document, or verifying the user's
biometric against an identity document.
organization:
type: string
description: >
String denoting the legal entity that performed the check. This
SHOULD be included if the OP did not perform the check itself
txn:
type: string
description: >
Identifier referring to the identity verification transaction. The
OP MUST ensure that this is present when EvidenceRef element is
used. The OP MUST ensure that the transaction identifier can be
resolved into transaction details during an audit
time:
$ref: '#/components/schemas/ISODateTime'
description: >
Identifes the method used by PASP for checking the evidence for
verification.
Representing the checks done in relation to the evidence
additionalProperties: false
DocumentEvidenceVerifier:
type: object
required:
- organization
properties:
organization:
type: string
description: >-
String denoting the organization which performed the verification on
behalf of the OP.
txn:
type: string
description: >-
Identifier referring to the identity verification transaction.
description: >-
Denoting the legal entity that performed the identity verification.
additionalProperties: false
DocumentEvidenceDetails:
type: object
properties:
type:
type: string
enum:
- passport
- driving_permit
- idcard
- residence_permit
description: >
The type of document used for evidence checking
documentNumber:
type: string
description: The unique id number in the evidence used for verification checking
personalNumber:
type: string
description: >
An identifier that is assigned to the End-User and is not limited to
being used in one document, for example a national identification
number, personal identity number, citizen number, social security
number, driver number, account number, customer number, licensee
number, etc
serialNumber:
type: string
description: >
An identifier/number that identifies the document irrespective of
any personalization information (this usually only applies to
physical artifacts and is present before personalization).
calendarType:
type: string
enum:
- IslamicCalendar
- GregorianCalendar
description: >
The type of calendar used for the date of issuance and date of
expiry in the document evidence
Allowable values:
"Islamic Calendar"
"Gregorian Calendar"
Both calendars must follow YYYY-MM-DD
dateOfIssuance:
$ref: '#/components/schemas/ISODateTime'
dateOfExpiry:
$ref: '#/components/schemas/ISODateTime'
issuer:
$ref: '#/components/schemas/DocumentEvidenceDetailsIssuer'
description: 'Representing the document used to perform the identity verification. '
additionalProperties: false
DocumentEvidenceDetailsIssuer:
type: object
required:
- name
- address
- countryCode
- jurisdiction
properties:
name:
type: string
description: |
Designation of the issuer of the document.
address:
$ref: '#/components/schemas/AEPartyIdentityAddressClaim'
countryCode:
type: object
required:
- CountryCode
properties:
CountryCode:
type: string
pattern: ^[A-Z]{2,2}$
description: Nation with its own government, occupying a particular territory.
additionalProperties: false
description: >
String containing the name of the
region(s)/state(s)/province(s)/municipality(ies) that issuer has
jurisdiction over (if this information is not common knowledge or
derivable from the address)
jurisdiction:
type: string
description: >
String containing the name of the
region(s)/state(s)/province(s)/municipality(ies) that issuer has
jurisdiction over (if this information is not common knowledge or
derivable from the address)
description: Containing information about the issuer of this document.
additionalProperties: false
AEPartyIdentityAddressClaim:
type: object
required:
- formatted
- streetAddress
- locality
- region
- postalCode
- country
properties:
formatted:
type: string
description: |
The address number and street claim that has been verified.
streetAddress:
type: string
description: |
The address street claim that has been verified.
locality:
type: string
description: >
The address locality (village, town, city etc) claim that has been
verified.
region:
type: string
description: |
The address region claim that has been verified.
postalCode:
type: object
required:
- PostalCode
properties:
PostalCode:
type: string
minLength: 5
maxLength: 5
description: >-
Identifier consisting of a group of letters and/or numbers that
is added to a postal address to assist the sorting of mail.
additionalProperties: false
description: |
The postal code that has been verified.
country:
type: object
required:
- CountryCode
properties:
CountryCode:
type: string
pattern: ^[A-Z]{2,2}$
description: Nation with its own government, occupying a particular territory.
additionalProperties: false
description: |
The country code that has been verified.
description: >
Address object as per OpenID Connect Core 1.0 Address Claim
[https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim](https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim)
additionalProperties: false
AEPartyIdentityEvidenceAttachment:
type: object
required:
- desc
- contentType
- content
- txn
properties:
desc:
type: string
description: >
Description of the document. This can be the filename or just an
explanation of the content.
contentType:
type: string
description: |
Content (MIME) type of the document
content:
type: string
description: |
Base64 encoded representation of the document content
txn:
type: string
description: |
Identifier referring to the transaction
additionalProperties: false
description: |
Identifier referring to the transaction
ElectronicRecordProperties:
type: object
required:
- type
- personalNumber
- calendarType
- createdAt
- dateOfExpiry
- source
properties:
type:
type: string
enum:
- bank_account
- mortgage_account
- loan_account
description: >
String denoting the type of electronic record
personalNumber:
type: string
description: >
String representing an identifier that is assigned to the customer
and is not limited to being used in one record, for example a
national identification number, personal identity number, citizen
number, social security number, driver number, account number,
customer number, licensee number, etc.
calendarType:
type: string
enum:
- IslamicCalendar
- GregorianCalendar
description: >
The type of calendar used for the date of issuance and date of
expiry in the document evidence
Allowable values:
"Islamic Calendar"
"Gregorian Calendar"
Both calendars must follow YYYY-MM-DD
createdAt:
$ref: '#/components/schemas/ISODateTime'
dateOfExpiry:
$ref: '#/components/schemas/ISODateTime'
source:
$ref: '#/components/schemas/ElectronicRecordSourceProperties'
description: |
Representing the record used to perform the identity verification.
additionalProperties: false
ElectronicRecordSourceProperties:
type: object
required:
- name
- address
- countryCode
- jurisdiction
properties:
name:
type: string
description: |
Designation of the source of the electronic_record
address:
$ref: '#/components/schemas/AEPartyIdentityAddressClaim'
countryCode:
type: object
properties:
CountryCode:
type: string
pattern: ^[A-Z]{2,2}$
description: Nation with its own government, occupying a particular territory.
additionalProperties: false
description: >
String containing the name of the region(s) / state(s) / province(s)
/ municipality(ies) that source has jurisdiction over (if it's not
common knowledge or derivable from the address)
jurisdiction:
type: string
description: >
String containing the name of the region(s) / state(s) / province(s)
/ municipality(ies) that source has jurisdiction over (if it's not
common knowledge or derivable from the address)
description: |
Information about the source of this record
additionalProperties: false
ISODateTime:
title: "ISODateTime"
description: "All dates in the JSON payloads are represented in ISO 8601
date-time format.\
All date-time fields in responses must include the timezone. An example
is below:
2017-04-05T10:43:07+00:00"
type: "string"
format: "date-time"
ProductIdentifier:
type: object
properties:
id:
type: string
description: Identifier within the LFI for the product. Must be unique in the
organisation.
productName:
type: string
description: Descriptive name for the product.
bundleName:
description: Optional field to indicate if this account is part of a bundle that
is providing additional benefit for to the customer
type: string
description: Provides the details of a given product at the LFI
CustomerIdentifier:
type: object
properties:
id:
type: string
description: Identifier within the LFI for the customer.
customerName:
type: string
description: Name of the customer.
required:
- id
- customerName
description: Provides the unique identifier and name for a given customer at the LFI
#
# Schemas related to Balances
#
BalancesResponse:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/CbuaeBalance"
description: Primary data for the resource
meta:
$ref: "#/components/schemas/Meta"
description: List of Balances for an Account.
CbuaeBalanceType:
type: string
enum:
- ClosingAvailable
- ClosingBooked
- ClosingCleared
- Expected
- ForwardAvailable
- Information
- InterimAvailable
- InterimBooked
- InterimCleared
- OpeningAvailable
- OpeningBooked
- OpeningCleared
- PreviouslyClosedBooked
description: >
The type of balance for the account.
Encoded with allowable values of:
* 'ClosingAvailable' - end of day balance specifying the amount
available to User 1 to withdraw or use.
* 'ClosingBooked' - end of day balance including value of payments for
cheques or payments which have not been cleared yet.
* 'ClosingCleared' - end of day balance including value of payments for
cheques or payments which have been cleared.
* 'Expected' - intra day balance including value of payments for cheques
or payments which have been cleared.
* 'ForwardAvailable' - intraday balance specifying the amount available
to User 1 to withdraw or use considering forward dated payments or other
intraday payments or cheques that will be clearing to the account.
* 'Information' - TBC.
* 'InterimAvailable' - intraday balance specifying the amount available
to User 1 to withdraw or use (most probably real-time.'InterimBooked' -
intraday balance including value of payments for cheques or payments
which have not been cleared yet.
* 'InterimCleared' - intraday balance including value of payments for
cheques or payments which have been cleared (probably real-time).
* 'OpeningAvailable' - start of day balance specifying the amount
available to User 1 to withdraw or use.
* 'OpeningBooked' - start of day balance including value of payments for
cheques or payments which have not been cleared yet.
* 'OpeningCleared' - start of day balance including value of payments
for cheques or payments which have been cleared.
* 'PreviouslyClosedBooked' -TBC.
Note: LFIs support different types for presenting account balance, so
this list is used to support different LFI systems in UAE.
CbuaeBalance:
type: object
properties:
accountId:
description: "A unique and immutable identifier produced by the financial
institution to identify the account resource.This identifier has no
meaning to the account owner (User 1)."
type: string
creditDebitIndicator:
description: "Indicates whether the balance of the account is a credit or a
debit balance."
type: string
enum:
- Credit
- Debit
balanceType:
$ref: "#/components/schemas/CbuaeBalanceType"
timestamp:
description: "Indicates the date (and time) that the account balance was checked"
type: string
format: "date-time"
amount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
creditLines:
type: array
items:
$ref: "#/components/schemas/CbuaeCreditLine"
description: Set of elements used to provide details of credit lines available
for the account.
required:
- accountId
- balanceType
- amount
- creditDebitIndicator
- timestamp
description: The properties of a given balance.
CbuaeCreditLine:
description: Set of elements used to provide details on the credit line.
required:
- included
- creditType
- amount
properties:
included:
description: "Boolean flag to Indicate whether or not a credit line is included
in the balance of the account."
type: boolean
creditType:
description: |
Type of credit line provided to the account. The enumerations values are defined as follows.
| Value | Description |
| ---------- | --------------------------------------------------------------------------------------------------------------------------------------- |
| Available | The amount of credit limit available to the account holder Available: The amount of credit limit available to the account holder
|
| Credit | - Credit: The amount of a credit limit that has been agreed with the account holder
|
| Emergency |- Emergency: The amount of an arranged lending limit that can be borrowed on top of pre-agreed lending, that has been agreed with the account holder
| - | Pre-Agreed: | The amount of an arranged lending limit that has been agreed with the account holder
|
| Temporary |- Temporary: The amount of a temporary lending limit that has been agreed with the account holder |
type: string
enum:
- Available
- Credit
- Emergency
- Pre-Agreed
- Temporary
amount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
#
# Schemas related to Transactions
#
TransactionsResponse:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/CbuaeTransaction"
description: Primary data for the resource.
meta:
$ref: "#/components/schemas/PaginatedMeta"
description: List of Transactions for an Account.
CbuaeTransaction:
type: object
required:
- accountId
- transactionId
- transactionDateTime
- transactionType
- subTransactionType
- paymentModes
- creditDebitIndicator
- status
- bookingDateTime
- amount
properties:
accountId:
description: "A unique and immutable identifier produced by the financial
institution to identify the account resource"
type: string
transactionId:
description: "Unique identifier for the transaction within an servicing
institution."
type: string
transactionDateTime:
$ref: "#/components/schemas/TransactionDateTime"
localTimeZone:
$ref: "#/components/schemas/LocalTimeZone"
statementReference:
description: "Unique reference for the statement."
type: array
items:
type: string
description: Unique reference for the statement. This reference may be
optionally populated if available.
transactionReference:
description: "Unique reference for the transaction."
type: string
transactionType:
description: "The type of transaction"
type: string
enum:
- POS
- ECommerce
- ATM
- BillPayments
- LocalBankTransfer
- SameBankTransfer
- InternationalTransfer
- Teller
- Cheque
- Other
subTransactionType:
description: "The sub-type of a transaction"
type: string
enum:
- Purchase
- Reversal
- Refund
- Withdrawal
- WithdrawalReversal
- Deposit
- DepositReversal
- MoneyTransfer
- NotApplicable
terminalId:
$ref: "#/components/schemas/TerminalId"
flags:
type: "array"
items:
$ref: "#/components/schemas/CbuaeFlags"
description: One-or-more flags applied to the transaction.
paymentModes:
description: "The mode of payment"
type: string
enum:
- Online
- Offline
- Batch
creditDebitIndicator:
description: "Indicates whether the transaction is a credit or a debit entry."
type: "string"
enum:
- Credit
- Debit
status:
description: "Status of a transaction entry on the books of the account servicer."
type: string
enum:
- Booked
- Pending
- Rejected
transactionMutability:
description: "Specifies the Mutability of the Transaction record."
type: string
enum:
- Mutable
- Immutable
bookingDateTime:
description: "Date and time when a transaction entry is posted to an account on
the account servicer's books."
type: string
format: date-time
valueDateTime:
description: "Date and time at which assets become available to the account
owner in case of a credit entry, or cease to be available to the
account owner in case of a debit transaction entry."
type: string
format: date-time
transactionInformation:
description: "Further details of the transaction."
type: string
amount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
chargeAmount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_6"
chargeAmountVat:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
currencyExchange:
$ref: "#/components/schemas/CurrencyExchange"
bankTransactionCode:
$ref: "#/components/schemas/AEBankTransactionCodeStructure"
proprietaryBankTransactionCode:
$ref: "#/components/schemas/ProprietaryBankTransactionCode"
balance:
type: object
required:
- creditDebitIndicator
- balanceType
- amount
properties:
creditDebitIndicator:
description: "Indicates whether the balance of the account is a credit or a
debit balance"
type: string
enum:
- Credit
- Debit
balanceType:
$ref: "#/components/schemas/CbuaeBalanceType"
amount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
description: The balance of the account at the time of the transaction. The
balance amount is qualified by the balance type value.
merchantDetails:
$ref: "#/components/schemas/MerchantDetails"
creditorAgent:
$ref: "#/components/schemas/AEBranchAndFinancialInstitutionIdentification6_1"
creditorAccount:
type: array
items:
$ref: '#/components/schemas/AECashAccount6_0'
description: The creditor account for the transaction, when the transaction is a
debit.
debtorAgent:
$ref: "#/components/schemas/AEBranchAndFinancialInstitutionIdentification6_1"
debtorAccount:
$ref: '#/components/schemas/AECashAccount6_0'
cardInstrument:
$ref: "#/components/schemas/AETransactionCardInstrument"
supplementaryData:
type: object
description: Any additional data stored with the transaction that is displayed to
the user or available in the statement.
geoLocation:
$ref: "#/components/schemas/AEGeoLocation"
billDetails:
$ref: "#/components/schemas/BillDetails"
description: Provides further details on an entry in the report.
CbuaeFlags:
title: "Flags"
description: "The flag of a transaction"
type: "string"
enum:
- "Cashback"
- "Payroll"
- "DirectDebit"
- "StandingOrder"
- "Loan"
- "Dividend"
AEBankTransactionCodeStructure:
type: object
description: >
BankTransactionCode is mandatory (with code specifying the Domain,
Family and SubFamily as per External Codes ISO20022) when the
ProprietaryBankTransactionCode is absent.
properties:
domain:
description: Specifies the Domain
type: string
domainCode:
description: Specifies the Domain Code.
type: string
family:
description: Specifies the Family
type: string
familyCode:
description: Specifies the Family Code
type: string
subFamily:
description: Specifies the Sub-Family
type: string
subFamilyCode:
description: Specifies the Sub-family Code
type: string
additionalProperties: false
AEBranchAndFinancialInstitutionIdentification6_1:
type: object
required:
- schemeName
- identification
description: >
Financial institution servicing an account for the creditor in case the
transaction is a Debit transaction or Financial institution servicing an
account for the Debtor in case the transaction is a Credit transaction.
properties:
schemeName:
$ref: >-
#/components/schemas/AEExternalFinancialInstitutionIdentificationCode
identification:
$ref: '#/components/schemas/Identification_1'
name:
$ref: '#/components/schemas/Name_1'
postalAddress:
$ref: '#/components/schemas/AEPostalAddress6'
additionalProperties: false
Name_1:
description: >
* Beneficiary
Name by which an agent is known and which is usually used to identify
that agent
* Creditor agent
Name by which the Financial institution(FI) which is the creditor is
known and which is usually used to identify that FI.
* DebtorAgent
Name by which an financial institution of the debtor is known and which
is usually used to identify that financial institution.
type: string
minLength: 1
maxLength: 140
AEPostalAddress6:
type: object
description: >-
Postal Address specifies Information that locate and identify a specific
address, as defined by postal services.
properties:
addressType:
description: Postal Address type specifies the the nature of the postal address.
type: string
enum:
- Business
- Correspondence
- DeliveryTo
- MailTo
- POBox
- Postal
- Residential
- Statement
shortAddress:
description: 8 character Unique alphanumeric Code.
type: string
minLength: 1
maxLength: 8
buildingNumber:
description: Number that identifies the position of a building on a street.
type: string
minLength: 4
maxLength: 4
unitNumber:
description: This is the unit number of the business premises or dwelling
type: string
streetName:
description: Name of a street or thoroughfare.
type: string
secondaryNumber:
description: Secondary Number, if required
type: string
minLength: 4
maxLength: 4
district:
description: Identifies the District of a City
type: string
postCode:
description: >-
Identifier consisting of a group of letters and/or numbers that is
added to a postal address to assist the sorting of mail.
type: string
townName:
description: Identifies the City of a Country
type: string
country:
description: Identifies a county either by full name or country code
type: string
pattern: ^[A-Z]{2,2}$
AECashAccount6_0:
type: object
description: >
Creditor account details available in case the transaction is a Debit
transaction.
properties:
schemeName:
$ref: '#/components/schemas/AEExternalAccountIdentificationCode'
identification:
$ref: '#/components/schemas/Identification_0'
name:
$ref: '#/components/schemas/Name_0'
additionalProperties: false
AETransactionCardInstrument:
type: object
required:
- cardSchemeName
- instrumentType
description: Set of elements to describe the card instrument used in the transaction.
properties:
cardSchemeName:
description: Name of the card scheme.
type: string
enum:
- AmericanExpress
- Diners
- Discover
- GCC
- MasterCard
- UPI
- VISA
instrumentType:
description: The card instrument type.
type: string
enum:
- ApplePay
- Contactless
- MagStripe
- Chip
- Other
name:
description: Name of the cardholder using the card instrument.
type: string
minLength: 1
maxLength: 70
identification:
description: >-
Identification assigned by an institution to identify the card
instrument used in the transaction. This identification is known by
the account owner, and MUST be masked.
type: string
minLength: 1
maxLength: 16
example: 1234********4321
additionalProperties: false
AEGeoLocation:
description: >-
Estimated latitude and longitude coordinates, in degrees. Contains one
latitude and one longitude subfield.
type: object
required:
- latitude
- longitude
properties:
latitude:
description: Latitude in degrees
type: string
longitude:
description: Longitude in degrees
type: string
additionalProperties: false
MerchantDetails:
type: object
properties:
merchantId:
description: Merchant Id
type: string
merchantName:
description: Name by which the merchant is known.
type: string
merchantCategoryCode:
description: Category code values are used to enable the classification of
merchants into specific categories based on the type of business,
trade or services supplied.
type: string
description: >
Details of the Merchant involved in the transaction.
Merchant Details are specified only for those merchant categories that
are generally expected to originate retail financial transactions
ProprietaryBankTransactionCode:
type: object
properties:
code:
description: "Proprietary bank transaction code to identify the underlying
transaction."
type: string
issuer:
description: "Identification of the issuer of the proprietary bank transaction
code."
type: string
required:
- code
description: >
ProprietaryBankTransactionCode is mandatory when the BankTransactionCode
(with code specifying the Domain, Family and SubFamily as per External
Codes ISO20022) is absent.
Set of elements to fully identify a proprietary bank transaction code
CurrencyExchange:
type: object
properties:
sourceCurrency:
$ref: "#/components/schemas/TCurrency"
targetCurrency:
$ref: "#/components/schemas/TCurrency"
unitCurrency:
$ref: "#/components/schemas/TCurrency"
exchangeRate:
type: string
description: >-
Factor used to convert an amount from one currency into another.
This reflects the price at which one currency was bought with
another currency.
Usage: ExchangeRate expresses the ratio between UnitCurrency and
QuotedCurrency (ExchangeRate = UnitCurrency/QuotedCurrency).
contractIdentification:
type: string
description: Unique identification to unambiguously identify the foreign exchange
contract.
quotationDate:
type: string
format: date-time
description: >-
Date and time at which an exchange rate is quoted.All dates in the
JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
instructedAmount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
required:
- sourceCurrency
- targetCurrency
- unitCurrency
- exchangeRate
- instructedAmount
description: Set of elements used to provide details on the currency exchange.
OBActiveOrHistoricCurrencyAndAmount_6:
type: "object"
description: "Transaction charges to be paid by the charge bearer."
required:
- amount
- currency
properties:
amount:
$ref: "#/components/schemas/OBActiveCurrencyAndAmount_SimpleType"
currency:
$ref: "#/components/schemas/ActiveOrHistoricCurrencyCode_1"
chargeIncluded:
description: |
If true then the value in the Amount has the ChargeAmount deducted from it
type: boolean
OBActiveOrHistoricCurrencyAndAmount_8:
type: "object"
required:
- "amount"
- "currency"
properties:
amount:
$ref: "#/components/schemas/OBActiveCurrencyAndAmount_SimpleType"
currency:
$ref: "#/components/schemas/ActiveOrHistoricCurrencyCode_1"
description: The amount and currency code for a given payment or transaction.
ActiveOrHistoricCurrencyCode_1:
description: "A 3 character alphabetic code allocated to a currency under an
international currency identification scheme, as described in the latest
edition of the international standard ISO 4217 'Codes for the
representation of currencies and funds'."
type: "string"
pattern: "^[A-Z]{3,3}$"
example: "SAR"
OBActiveCurrencyAndAmount_SimpleType:
description: "A number of monetary units specified in an active currency where
the unit of currency is explicit and compliant with ISO 4217."
type: "string"
pattern: "^\\d{1,13}$|^\\d{1,13}\\.\\d{1,5}$"
#
# Schemas related to Direct Debits
#
DirectDebitsResponse:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/CbuaeDirectDebit"
description: Primary data for the resource.
meta:
$ref: "#/components/schemas/Meta"
description: The properties of a direct debit.
DirectDebitStatusEnum:
description: "Specifies the status of the direct debit."
type: string
enum:
- Active
- Inactive
CbuaeDirectDebit:
type: object
properties:
accountId:
description: "A unique and immutable identifier produced by the financial
institution to identify the account resource.This identifier has no
meaning to the account owner (User 1)."
type: string
directDebitId:
description: "A unique and immutable identifier used to identify the direct
debit resource. This identifier has no meaning to the account
owner."
type: string
mandateIdentification:
description: "This is the unique and immutable reference to the User 1 for the
Direct Debit mandate."
type: string
directDebitStatusCode:
$ref: "#/components/schemas/DirectDebitStatusEnum"
name:
description: "This is the name of the regulated beneficiary entity that
initiates the Direct Debit collection."
type: string
frequency:
description: "Specifies the frequency of the Direct Debit collections to the
User 1 account."
type: string
enum:
- Annual
- Daily
- Fortnightly
- HalfYearly
- Monthly
- NotKnown
- Quarterly
- Weekly
previousPaymentDateTime:
type: string
format: date-time
description: >-
The date of most recent direct debit collection to the User account.
All dates in the JSON payloads are represented in ISO 8601 date-time
format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
previousPaymentAmount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
required:
- accountId
- directDebitId
- directDebitStatusCode
- mandateIdentification
- name
- frequency
description: Account to or from which a cash entry is made.
#
# Schemas related to Scheduled Payments
#
ScheduledPaymentsResponse:
type: object
description: |
A descriptor for scheduled payments.
This is a composite object that may be expanded in the future to support
additional scheduled payment types for new API standards and account types.
properties:
data:
type: array
items:
$ref: "#/components/schemas/CbuaeScheduledPayment"
description: Primary data for the resource
meta:
$ref: "#/components/schemas/Meta"
CbuaeScheduledPayment:
type: object
required:
- accountId
- scheduledPaymentId
- scheduledType
- scheduledPaymentDateTime
- instructedAmount
properties:
accountId:
type: string
description: The account identifer for the account from which the scheduled
payment is made.
scheduledPaymentId:
type: string
description: Unique identifier for the scheduled payment.
accountHolderShortName:
$ref: "#/components/schemas/AccountHolderShortName"
scheduledType:
description: >
Specifies the type of scheduled payment date provided under
ScheduledPaymentDateTime.
Encoded with allowable values of:
"Arrival" - User1 specifies the date for the arrival of funds in the beneficiary (Creditor) account
"Execution" - User1 specifies the date which the payment needs to be executed from the User 1 (Debtor) account.
type: string
enum:
- Arrival
- Execution
scheduledPaymentDateTime:
type: string
format: date-time
description: >-
The date and time of the scheduled payment. All dates in the JSON
payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
creditorReference:
type: string
description: The creditor reference for the scheduled payment.
debtorReference:
type: string
description: The debitor reference for the scheduled payment.
instructedAmount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
creditorAgent:
$ref: "#/components/schemas/AEBranchAndFinancialInstitutionIdentification5_1"
creditorAccount:
$ref: '#/components/schemas/AECashAccount4_0'
creditorAccountList:
type: array
items:
$ref: '#/components/schemas/AECashAccount5_0'
description: Provides the list of details to identify the beneficiary account.
description: Scheduled Payments for a specific AccountId
AEBranchAndFinancialInstitutionIdentification5_1:
type: object
required:
- schemeName
- identification
description: >
Creditor Agent refers to the Financial Institution that manages the
account on behalf of the scheduled payment beneficiary party, managing
registration, booking of entries on the account, calculating balances on
the account and providing information about the account. This is the
servicing Financial Institution of the Beneficiary account.
properties:
schemeName:
$ref: >-
#/components/schemas/AEExternalFinancialInstitutionIdentificationCode
identification:
$ref: '#/components/schemas/Identification_1'
additionalProperties: false
AECashAccount5_0:
type: object
required:
- schemeName
- identification
description: Provides the details to identify the beneficiary account.
properties:
schemeName:
$ref: '#/components/schemas/AEExternalAccountIdentificationCode1'
identification:
$ref: '#/components/schemas/Identification_0'
additionalProperties: false
AECashAccount4_0:
type: object
properties:
name:
type: string
description: The name of the account.
accountHolderShortName:
type: string
description: The short name for the account as defined by the User.
additionalProperties: false
description: Provides the details to identify the beneficiary account.
#
# Schemas related to Standing Orders
#
StandingOrdersResponse:
type: object
description: |
A descriptor for StandingOrder.
properties:
data:
type: array
items:
$ref: "#/components/schemas/CbuaeStandingOrder"
description: Primary data for the resource.
meta:
$ref: "#/components/schemas/Meta"
CbuaeStandingOrder:
type: object
required:
- accountId
- standingOrderId
- frequency
- firstPaymentDateTime
- finalPaymentDateTime
- numberOfPayments
- standingOrderStatusCode
- firstPaymentAmount
- finalPaymentAmount
properties:
accountId:
type: string
description: The account identifer for the account from which the standing order
is instructed.
standingOrderId:
type: string
description: Unique identifier for the standing order.
standingOrderType:
description: The type of Standing Order.
type: string
enum:
- BetweenMyAccounts
- SameBankTransfer
- LocalBankTransfer
- InternationalTransfer
- Charity
frequency:
type: string
description: >
The frequency that the Standing Order payments are executed from the
account. Encoded with allowable values as follows:
#### Individual Definitions:
* NotKnown - SO frequency is not known (i.e. not provided)
* EveryDay - SO frequency is Every day
* EveryWorkingDay - SO frequency is every working day
* IntervalDay - SO frequency is an interval specified in number of
calendar days (2 to 31)
* IntervalWeekDay - SO frequency is an interval specified in weeks
(1 to 51), and the day within the week (1 to 7)
* WeekInMonthDay - SO frequency is a monthly interval, specifying
the week of the month (1 to 5) and day within the week (1 to 7)
* IntervalMonthDay - SO frequency is an interval specified in months
(between 1 to 6, 12, 24), specifying the day within the month (-5 to
-1, 1 to 31)
* QuarterDay - SO frequency is quarterly RECEIVED
* BiAnnual - SO frequency is every 6 months
* Annual - SO frequency is every year
* RECEIVED = Paid on the 20th March, 19th June, 24th September and
20th December.
#### Individual Patterns:
* NotKnown (ScheduleCode)
* EveryDay (ScheduleCode)
* EveryWorkingDay (ScheduleCode)
* IntervalDay:NoOfDay (ScheduleCode + NoOfDay)
* IntervalWeekDay:IntervalInWeeks:DayInWeek (ScheduleCode +
IntervalInWeeks + DayInWeek)
* WeekInMonthDay:WeekInMonth:DayInWeek (ScheduleCode + WeekInMonth +
DayInWeek)
* IntervalMonthDay:IntervalInMonths:DayInMonth (ScheduleCode +
IntervalInMonths + DayInMonth)
* QuarterDay: + either (RECEIVED) ScheduleCode + QuarterDay
The regular expression for this element combines five smaller
versions for each permitted pattern. To aid legibility - the
components are presented individually here:
* NotKnown
* EveryDay
* EveryWorkingDay
* IntervalDay:(([2-9])|([1-2][0-9])|3[0-1])
* IntervalWeekDay:[1-51]:[1-7]
* WeekInMonthDay:[1-5]:[1-7]
* IntervalMonthDay:([1-6]|12|24):(-[1-5]|[1-9]|[12][0-9]|3[01])
* QuarterDay:(RECEIVED)
#### Full Regular Expression:
*
^(NotKnown)$|^(EveryDay)$|^(EveryWorkingDay)$|^(IntervalDay:(([2-9])|([1-2][0-9])|3[0-1]))$|^(IntervalWeekDay:[1-51]:[1-7])$|^(WeekInMonthDay:[1-5]:[1-7])$|^(IntervalMonthDay:([1-6]|12|24):(-[1-5]|[1-9]|[12][0-9]|3[01]))$|^(QuarterDay:(RECEIVED))$"
creditorReference:
type: string
description: "Unique reference in the context of the creditor, provided by the
creditor to the User (Debtor), to unambiguously refer to the payment
transaction. Usage: If available, the initiating party (i.e. Debtor)
provides this reference in the structured remittance information, to
enable reconciliation by the Creditor upon receipt of the amount of
money. This field is populated by the User 1 (who is the initiating
party of the payment e.g. the Debtor). Field is free format text."
purpose:
$ref: "#/components/schemas/PurposeSO"
firstPaymentDateTime:
type: string
format: date-time
description: The date on which the first payment for a Standing Order schedule
will be made.
nextPaymentDateTime:
type: string
format: date-time
description: The date on which the next payment for a Standing Order schedule
will be made.
lastPaymentDateTime:
type: string
format: date-time
description: The date on which the last (most recent) payment for a Standing
Order schedule was made.
finalPaymentDateTime:
type: string
format: date-time
description: The date on which the final payment for a Standing Order schedule
will be made.
numberOfPayments:
type: string
description: Number of the payments that will be made in completing this
frequency sequence including any executed since the sequence start
date.
standingOrderStatusCode:
description: Specifies the status of the standing order in code form.
type: string
enum:
- Active
- Inactive
firstPaymentAmount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
nextPaymentAmount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
lastPaymentAmount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
finalPaymentAmount:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyAndAmount_8"
creditorAgent:
$ref: "#/components/schemas/AEBranchAndFinancialInstitutionIdentification5_1"
creditorAccount:
$ref: '#/components/schemas/AECashAccount4_0'
creditorAccountList:
type: array
items:
$ref: '#/components/schemas/AECashAccount5_0'
description: List of Creditor Accounts for the standing order instruction.
supplementaryData:
type: object
description: Any additional data stored with the standing order that is displayed
to the user or available in the statement.
description: Standing Orders for a specific AccountId
#
# Schemas related to Products
#
ProductsResponse:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/CbuaeProduct"
description: Primary data for the resource
meta:
$ref: "#/components/schemas/Meta"
description: Product data for a given account
CbuaeProduct:
type: object
description: |
A descriptor for an product.
This is a composite object that may be expanded in the future to support
additional account types for new API standards and product types.
required:
- AccountId
- ProductId
- ProductType
properties:
AccountId:
description: "A unique and immutable identifier produced by the financial
institution to identify the account resource.This identifier has no
meaning to the account owner (User 1)."
type: string
ProductId:
description: "Identifier within the financial institution for the product. Must
be unique in the organisation."
type: string
ProductType:
description: "Descriptive code for the product."
type: string
ProductName:
description: "Descriptive name for the product."
type: string
IsIslamic:
description: |
A flag to denote if the Product is an Islamic product
type: boolean
default: false
Charges:
$ref: '#/components/schemas/AECharge'
LendingRates:
$ref: '#/components/schemas/AELendingRate'
DepositRates:
$ref: '#/components/schemas/AEDepositRate'
AECharge:
description: Fees and charges applicable to the account or product
type: array
items:
description: Properties of the charges applied
type: object
required:
- Name
- ChargeType
- Amount
properties:
Name:
type: string
description: Name of the charge
minLength: 1
maxLength: 40
ChargeType:
type: string
description: Type of the charge
minLength: 1
maxLength: 10
Amount:
$ref: '#/components/schemas/AEActiveOrHistoricCurrencyAndAmount_0'
Frequency:
$ref: '#/components/schemas/AEDuration'
Notes:
type: string
description: Notes providing more information on the charge.
minLength: 1
maxLength: 500
additionalProperties: false
AELendingRate:
description: |
Lending rates for this account
type: array
items:
type: object
required:
- LendingRateType
- Rate
properties:
LendingRateType:
type: string
minLength: 1
maxLength: 10
description: |
Options in place for repayments
Rate:
$ref: '#/components/schemas/AERate'
Amount:
$ref: '#/components/schemas/AEActiveOrHistoricCurrencyAndAmount_0'
CalculationFrequency:
$ref: '#/components/schemas/AEDuration'
ApplicationFrequency:
$ref: '#/components/schemas/AEDuration'
RepaymentType:
type: string
description: |
Options in place for repayments
minLength: 1
maxLength: 40
Notes:
type: string
description: |
Notes providing more information on the rate.
minLength: 1
maxLength: 500
additionalProperties: false
description: |
Notes providing more information on the rate.
AEActiveOrHistoricCurrencyAndAmount_0:
type: object
required:
- Amount
- Currency
description: A given amount value and currency
properties:
Amount:
description: A number of monetary units specified in an active currency where the
unit of currency is explicit and compliant with ISO 4217.
type: string
Currency:
$ref: '#/components/schemas/ActiveOrHistoricCurrencyCode_1'
additionalProperties: false
AEDepositRate:
description: |
Deposit rates for this account
type: array
items:
type: object
required:
- DepositRateType
- Rate
properties:
DepositRateType:
type: string
minLength: 1
maxLength: 10
description: |
Options in place for repayments
Rate:
$ref: '#/components/schemas/AERate'
CalculationFrequency:
$ref: '#/components/schemas/AEDuration'
ApplicationFrequency:
$ref: '#/components/schemas/AEDuration'
RepaymentType:
type: string
description: |
Options in place for repayments
minLength: 1
maxLength: 40
Notes:
type: string
description: |
Notes providing more information on the rate.
minLength: 1
maxLength: 500
additionalProperties: false
description: |
Notes providing more information on the rate.
AERate:
description: >
A string representing a percentage (e.g. an interest rate).
A rate of 100% would be represented by the value 1.0 and a rate of -100%
by -1.0
- At least 1 and up to a total of 16 significant digits before decimal
point
- Up to 16 digits following the decimal point
- No formatting, eg thousand separating commas
type: string
minLength: 1
maxLength: 18
AEDuration:
description: A period of time, formatted according to ISO 8601 duration excluding
recurrence syntax
type: string
#
# Common types
#
BeneficiariesResponse:
type: object
properties:
data:
type: array
items:
$ref: "#/components/schemas/CbuaeBeneficiary"
description: Primary data for the resource.
meta:
$ref: "#/components/schemas/Meta"
description: Beneficiaries for a specific AccountId
CbuaeBeneficiary:
type: object
properties:
accountId:
type: string
description: The account identifer for the account that the beneficiary is
associated with.
beneficiaryId:
type: string
description: Unique identifier for the beneficiary resource
beneficiaryType:
description: >-
Specifies the Beneficiary Type. Encoded with allowable values of:
'Activated' - Beneficiary has been added to the beneficiary list
using SCA. 'NotActivated' - Beneficiary has been added to the
beneficiary list without SCA
type: string
enum:
- Activated
- NotActivated
accountHolderShortName:
$ref: "#/components/schemas/AccountHolderShortName"
reference:
type: string
description: A unique and immutable identifier used to identify the beneficiary
resource. This identifier has no meaning to the account owner.
supplementaryData:
type: object
description: Any additional data stored with the beneficiary that is displayed to
the User.
servicer:
$ref: '#/components/schemas/AEBranchAndFinancialInstitutionIdentification6_1'
creditorAccount:
$ref: '#/components/schemas/AECashAccount4_0'
creditorAccountList:
type: array
items:
$ref: '#/components/schemas/AECashAccount5_0'
description: List of Creditor Accounts for the beneficiary.
required:
- accountId
- beneficiaryId
- beneficiaryType
description: The properties of a given beneficiary.
TCurrency:
type: string
pattern: "^[A-Z]{3,3}$"
description: Currency code for the account.
AccountHolderName:
type: "string"
description: |
The Account Holder Name is the name or names of the Beneficiary account owner(s) represented at the account level, as displayed by the Creditor Agent's online channels and as provided by the Beneficiary to the customer when adding the Beneficiary in the Beneficiary list.
Note, the Account Holder Name is not the product name or the nickname of the account.d
AccountHolderShortName:
type: "string"
description: |
The Beneficiary account holder nick name
TransactionDateTime:
title: "TransactionDateTime"
description: |
The Date Time of when the transaction occurred.
All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone.
An example is below: 2017-04-05T10:43:07+00:00
type: "string"
format: "date-time"
LocalTimeZone:
title: "LocalTimeZone"
description: |
The UTC offset of the local date and time of where the transaction occurred
E.g. UTC+03:00
type: "string"
format: "date-time"
TerminalId:
description: "ID of the Terminal if the transaction was initiated from a retail POS"
type: "string"
minLength: 8
maxLength: 20
BillDetails:
description: "Bill Details"
type: "object"
properties:
BillerID:
description: |
This should be 'BillerCode' as per SP-SADAD specifications. It is a
unique biller identifier within SADAD that could be used by the
end-user to refer to a specific SADAD biller (e.g. STC biller code
is 001, water services biller code is 015, etc.)
type: "string"
BillNumber:
description: "Unique bill identifier within the account."
type: "string"
BillPaymentType:
description: |
Indicates whether the bill could be a One-off payment, Recurring
payment, Postpaid, Pre-paid, etc
type: "string"
x-namespaced-enum:
- Post-Paid
- AdvancePaymentForRoaming
- Recharge
- Renewal
- RoamingDeposit
- One-Off
- RecurringPayment
PurposeSO:
description: |
The purpose of the Standing Order payment.
A free format string in the form of transaction categorisation.
Example: "Bills and expenses", "Government payment", "Personal Expenses".
type: "string"
minLength: 1
maxLength: 50
ConfirmationRequest:
type: object
properties:
data:
type: object
properties:
account:
type: object
properties:
schemeName:
type: string
enum:
- IBAN
description: Name of the identification scheme for the account. Encoded
with allowable values published in an external list.
identification:
type: string
description: Identification for the account assigned by the LFI based on
the Account Scheme Name. This identification is known by the
User account owner. For IBAN, refer to the ISO Standard
13616.
name:
oneOf:
- $ref: "#/components/schemas/PersonName"
- $ref: "#/components/schemas/BusinessName"
description: Account for which confirmation of payee details is required.
description: Primary data for the resource.
description: Properties of a Confirmation of Payee request
PersonName:
type: object
required:
- firstName
- lastName
properties:
firstName:
type: string
description: The first name of the person matched in a given Confirmation of
Payee request.
lastName:
type: string
description: The last name of the person matched in a given Confirmation of Payee
request.
additionalProperties: false
description: The properties of a person matched in a given Confirmation of Payee
request.
BusinessName:
type: object
required:
- businessName
properties:
businessName:
type: string
description: The name of a business matched in a given Confirmation of Payee
request.
additionalProperties: false
description: The properties of a business matched in a given Confirmation of Payee
request.
Meta:
type: object
properties:
totalPages:
type: number
description: |
The number of expected pages for the query.
totalRecords:
type: number
description: |
The total number of records in the full set.
description: Metadata relevant to the resource.
PaginatedMeta:
type: object
properties:
paginated:
type: boolean
description: |
`true` if the response is paginated.
`false` if the response returns all matching data elements.
If not specified, a non-paginated response is assumed.
totalPages:
type: number
description: |
The number of expected pages for the query.
totalRecords:
type: number
description: |
The total number of records in the full set.
description: Pagination metadata relevant to the resource.
Error:
description: Default error response payload structure for Ozone Connect
type: object
properties:
errorCode:
type: string
description: Error code identifying the problem that occurred
errorMessage:
type: string
description: Message describing what problem has occurred
parameters:
aspspId:
name: o3-aspsp-id
in: header
schema:
type: string
required: true
deprecated: true
description: Identifier for the financial institution that the request is
targetted to. This header is deprecated and will be removed in a future
version of Ozone Connect. Use `o3-provider-id` instead.
providerId:
name: o3-provider-id
in: header
schema:
type: string
required: true
description: Identifier for the financial institution that the request is targetted to
callerOrgId:
name: o3-caller-org-id
in: header
schema:
type: string
required: true
description: An identifier for the organization calling the API
callerClientId:
name: o3-caller-client-id
in: header
schema:
type: string
required: true
description: An identifier for the OIDC clientId calling the API
callerSoftwareStatementId:
name: o3-caller-software-statement-id
in: header
schema:
type: string
required: true
description: An identifier for the software statement calling the API
apiUri:
name: o3-api-uri
in: header
schema:
type: string
required: true
description: The parameterised URL of the API being called by the caller
apiOperation:
name: o3-api-operation
in: header
schema:
type: string
required: true
description: The API operation carried out by the caller (e.g. GET, POST, PUT,
DELETE, PATCH)
consentId:
name: o3-consent-id
in: header
schema:
type: string
required: true
description: The consentId for which this call is being made
callerInteractionId:
name: o3-caller-interaction-id
in: header
schema:
type: string
required: true
description: The interaction ID passed in by the caller, if any
ozoneInteractionId:
name: o3-ozone-interaction-id
in: header
schema:
type: string
required: true
description: An interaction ID generated by Ozone if the caller did not send in
one. If the callerInteractionId is specified, this takes the same value.
psuIdentifier:
name: o3-psu-identifier
in: header
schema:
type: string
required: true
description: A Base64 encoded representation of the psuIdentifier JSON object.
transaction-fromBookingDateTime:
name: fromBookingDateTime
in: query
description: |
If specified, the API should only return transactions which have a `bookingDateTime` that occours on or after the specified date-time.
schema:
type: string
format: date
transaction-toBookingDateTime:
name: toBookingDateTime
in: query
description: |
If specified, the API should only return transactions which have a `bookingDateTime` that occours on or before the specified date-time.
schema:
type: string
format: date
page:
name: page
in: query
description: Page of results to request (standard pagination)
required: true
schema:
default: 1
type: integer
style: form
page-size:
name: page-size
in: query
description: Page size to request. Default is 100 to comply with the Operating Guidelines for
the Open Finance Framework.
required: true
schema:
default: 100
type: integer
style: form
securitySchemes:
OzoneConnectApiKey:
description: Communications between the API Hub and the LFI Ozone Connect
implementation are secured using an API Key, which is a secret shared
between the API Hub and the LFI.
type: apiKey
in: header
name: Authorization
OzoneConnectClientCredentials:
type: oauth2
description: |
Communications between the API Hub and the LFI Ozone Connect implementation are secured using a Client Credentials grant type.
LFIs must host an OAuth 2.0 Authorization Server to utilise this security pattern. Scope values are set during the onboarding process, and represented by a placeholder in this API description.
flows:
clientCredentials:
tokenUrl: "https://example.lfi.ae/token"
scopes:
placeholder: Placeholder for scopes, which are set by the LFI during onboarding
OzoneConnectJwtAuth:
description: |
Communications between the API Hub and the LFI Ozone Connect implementation are secured using the "JWT Auth" mechanism, where the Client presents a signed JSON Web Token as a credential.
The Server MUST verify the signature in order to authenticate the Client.
Please note that the value of the `scheme` parameter is not a registered HTTP Authentication Scheme, to indicate it is specific to Ozone Connect. Please refer to API Hub documentation for further details.
type: http
scheme: Ozone-Connect-JWT-Auth
|
...