openapi: "3.0.0"
info:
title: "UAE Payment API"
description: "## UAE Open Finance Payment API Specification"
version: "v1.0-draft2"
servers:
- url: "/open-finance/payment/v1.0-draft2"
tags:
- name: Payment Initiation
description: Initiate a Payment Consent
- name: Payment Instruction
description: Instruct the Payment
paths:
/payment-consents:
get:
tags:
- "Payment Initiation"
summary: "Retrieve Payment Consents by BaseConsentId"
description: |
Retrieve all Payment Consents for an BaseConsentId
operationId: "RetrievePaymentConsentsByBaseConsentId"
parameters:
- $ref: "#/components/parameters/authorization"
- $ref: "#/components/parameters/x-fapi-auth-date"
- $ref: "#/components/parameters/x-fapi-customer-ip-address"
- $ref: "#/components/parameters/x-fapi-interaction-id-request"
- $ref: "#/components/parameters/x-customer-user-agent"
- $ref: "#/components/parameters/baseConsentId"
responses:
"200":
$ref: "#/components/responses/200BaseConsentIdConsentsRetrieve"
"400":
$ref: "#/components/responses/400Error"
"401":
$ref: "#/components/responses/401Error"
"403":
$ref: "#/components/responses/403Error"
"404":
$ref: "#/components/responses/404Error"
"405":
$ref: "#/components/responses/405Error"
"406":
$ref: "#/components/responses/406Error"
"415":
$ref: "#/components/responses/415Error"
"429":
$ref: "#/components/responses/429Error"
"500":
$ref: "#/components/responses/500Error"
security:
- TPPOAuth2Security:
- openid
- payments
/payment-consents/{ConsentId}:
get:
tags:
- "Payment Initiation"
summary: "Retrieve a Payment Consent"
description: |
Retrieve a Payment Consent
operationId: "RetrievePaymentConsent"
parameters:
- $ref: "#/components/parameters/authorization"
- $ref: "#/components/parameters/x-fapi-auth-date"
- $ref: "#/components/parameters/x-fapi-customer-ip-address"
- $ref: "#/components/parameters/x-fapi-interaction-id-request"
- $ref: "#/components/parameters/x-customer-user-agent"
- $ref: "#/components/parameters/ConsentId"
responses:
"200":
$ref: "#/components/responses/200PaymentConsentRetrieve"
"400":
$ref: "#/components/responses/400Error"
"401":
$ref: "#/components/responses/401Error"
"403":
$ref: "#/components/responses/403Error"
"404":
$ref: "#/components/responses/404Error"
"405":
$ref: "#/components/responses/405Error"
"406":
$ref: "#/components/responses/406Error"
"415":
$ref: "#/components/responses/415Error"
"429":
$ref: "#/components/responses/429Error"
"500":
$ref: "#/components/responses/500Error"
security:
- TPPOAuth2Security:
- openid
- payments
patch:
tags:
- "Payment Initiation"
summary: "Modify a Payment Consent"
description: |
Modify a Payment Consent
operationId: "PatchPaymentConsent"
parameters:
- $ref: "#/components/parameters/authorization"
- $ref: "#/components/parameters/ConsentId"
- $ref: "#/components/parameters/x-fapi-auth-date"
- $ref: "#/components/parameters/x-fapi-customer-ip-address"
- $ref: "#/components/parameters/x-fapi-interaction-id-request"
- $ref: "#/components/parameters/x-customer-user-agent"
requestBody:
description: |
Request Body
content:
application/jwt:
schema:
$ref: "#/components/schemas/OBPatchPaymentConsentSigned"
responses:
"204":
$ref: "#/components/responses/204NoContent"
"400":
$ref: "#/components/responses/400Error"
"401":
$ref: "#/components/responses/401Error"
"403":
$ref: "#/components/responses/403Error"
"405":
$ref: "#/components/responses/405Error"
"406":
$ref: "#/components/responses/406Error"
"415":
$ref: "#/components/responses/415Error"
"429":
$ref: "#/components/responses/429Error"
"500":
$ref: "#/components/responses/500Error"
security:
- TPPOAuth2Security:
- openid
- payments
/payments:
post:
tags:
- "Payment Instruction"
summary: "Create a Payment"
description: |
Create a Payment
operationId: "CreatePayment"
parameters:
- $ref: "#/components/parameters/authorization"
- $ref: "#/components/parameters/x-fapi-auth-date"
- $ref: "#/components/parameters/x-fapi-customer-ip-address"
- $ref: "#/components/parameters/x-fapi-interaction-id-request"
- $ref: "#/components/parameters/x-customer-user-agent"
- $ref: "#/components/parameters/x-idempotency-key"
requestBody:
description: |
Request Body
content:
application/jwt:
schema:
$ref: "#/components/schemas/OBPaymentRequestSigned"
responses:
"201":
$ref: "#/components/responses/201PaymentId"
"400":
$ref: "#/components/responses/400Error"
"401":
$ref: "#/components/responses/401Error"
"403":
$ref: "#/components/responses/403Error"
"405":
$ref: "#/components/responses/405Error"
"406":
$ref: "#/components/responses/406Error"
"415":
$ref: "#/components/responses/415Error"
"429":
$ref: "#/components/responses/429Error"
"500":
$ref: "#/components/responses/500Error"
security:
- UserOAuth2Security:
- openid
- payments
head:
tags:
- "Payment Instruction"
summary: "Query for a PaymentId"
description: |
Lookup the Payments Resource (PaymentId) using the x-idempotency-key.
The Location response Header must return the full Url of the Payment resource associated with the x-idempotency-key.
This is an alternative way for TPPs to obtain a PaymentId where they did not receive any response body from the LFI (due to network error or timeout).
operationId: "QueryPaymentResource"
parameters:
- $ref: "#/components/parameters/authorization"
- $ref: "#/components/parameters/x-fapi-auth-date"
- $ref: "#/components/parameters/x-fapi-customer-ip-address"
- $ref: "#/components/parameters/x-fapi-interaction-id-request"
- $ref: "#/components/parameters/x-customer-user-agent"
- $ref: "#/components/parameters/x-idempotency-key"
responses:
"204":
$ref: "#/components/responses/204NoContentHead"
security:
- TPPOAuth2Security:
- openid
- payments
/payments/{PaymentId}:
get:
tags:
- "Payment Instruction"
summary: "Retrieve a Payment"
description: |
Retrieve a Payment
operationId: "RetrievePayment"
parameters:
- $ref: "#/components/parameters/authorization"
- $ref: "#/components/parameters/x-fapi-auth-date"
- $ref: "#/components/parameters/x-fapi-customer-ip-address"
- $ref: "#/components/parameters/x-fapi-interaction-id-request"
- $ref: "#/components/parameters/x-customer-user-agent"
- $ref: "#/components/parameters/PaymentId"
responses:
"200":
$ref: "#/components/responses/200PaymentId"
"400":
$ref: "#/components/responses/400Error"
"401":
$ref: "#/components/responses/401Error"
"403":
$ref: "#/components/responses/403Error"
"404":
$ref: "#/components/responses/404Error"
"405":
$ref: "#/components/responses/405Error"
"406":
$ref: "#/components/responses/406Error"
"415":
$ref: "#/components/responses/415Error"
"429":
$ref: "#/components/responses/429Error"
"500":
$ref: "#/components/responses/500Error"
security:
- TPPOAuth2Security:
- openid
- payments
components:
############################################
# RESPONSES
############################################
responses:
TPPWebhookResponse:
description: "Response Status Code"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
403Error:
description: "Forbidden"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
content:
application/jwt:
schema:
$ref: "#/components/schemas/OBErrorResponseSigned"
examples:
Forbidden:
$ref: "#/components/examples/Error403ForbiddenSigned"
404Error:
description: "Not found"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
405Error:
description: "Method Not Allowed"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
406Error:
description: "Not Acceptable"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
415Error:
description: "Unsupported Media Type"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
429Error:
description: "Too Many Requests"
headers:
Retry-After:
description: "Number in seconds to wait"
schema:
type: "integer"
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
500Error:
description: "Internal Server Error"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
content:
application/jwt:
schema:
$ref: "#/components/schemas/OBErrorResponseSigned"
examples:
Internal Server Error:
$ref: "#/components/examples/Error500InternalServerErrorSigned"
401Error:
description: "Unauthorized"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
400Error:
description: "Bad request"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
content:
application/jwt:
schema:
$ref: "#/components/schemas/OBErrorResponseSigned"
examples:
Bad Request:
$ref: "#/components/examples/Error400BadRequestSigned"
200PaymentConsentRetrieve:
description: "Payment Consent Retrieve"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
content:
application/jwt:
schema:
$ref: "#/components/schemas/OBPaymentConsentResponseSigned"
200BaseConsentIdConsentsRetrieve:
description: "Retrieve Payment Consents by BaseConsentId"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
content:
application/jwt:
schema:
$ref: "#/components/schemas/OBPaymentConsentsByBaseConsentIdResponseSigned"
201PaymentId:
description: "Payment Id"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
x-idempotency-key:
$ref: "#/components/parameters/x-idempotency-key-consent"
Location:
$ref: "#/components/parameters/Location"
content:
application/jwt:
schema:
$ref: "#/components/schemas/OBPaymentIdResponseSigned"
200PaymentId:
description: "Payment Id"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
content:
application/jwt:
schema:
$ref: "#/components/schemas/OBPaymentIdResponseSigned"
204NoContent:
description: "No Content"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
204NoContentHead:
description: "No Content"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
Location:
$ref: "#/components/parameters/Location"
204NoContentConsent:
description: "No Content"
headers:
x-fapi-interaction-id:
$ref: "#/components/parameters/x-fapi-interaction-id-response"
Preference-Applied:
$ref: "#/components/parameters/Preference-Applied"
############################################
# SCHEMAS
############################################
schemas:
OBJwt:
title: "OBJwt"
description: |
[https://www.rfc-editor.org/rfc/rfc7519](https://www.rfc-editor.org/rfc/rfc7519)
type: "object"
properties:
iss:
description: |
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1)
type: string
exp:
description: |
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4)
type: number
nbf:
description: |
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)
type: number
aud:
description: |
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3)
type: array
items:
type: string
iat:
description: |
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6)
type: number
required: [iss, exp, nbf]
OBPaymentConsentResponseSigned:
title: "OBPaymentConsentResponseSigned"
description: |
Payment Consent Response Signed Schema
allOf:
- $ref: "#/components/schemas/OBJwt"
- type: "object"
properties:
message:
$ref: "#/components/schemas/OBPaymentConsentResponse"
required: [message]
OBPaymentConsentsByBaseConsentIdResponseSigned:
title: "OBPaymentConsentsByBaseConsentIdResponseSigned"
description: |
Payment Consents By BaseConsentId Response Signed Schema
allOf:
- $ref: "#/components/schemas/OBJwt"
- type: "object"
properties:
message:
type: "array"
items:
$ref: "#/components/schemas/OBPaymentConsentResponse"
required: [message]
OBPaymentIdResponseSigned:
title: "OBPaymentIdResponseSigned"
description: |
Payment Response Signed Schema
allOf:
- $ref: "#/components/schemas/OBJwt"
- type: "object"
properties:
message:
$ref: "#/components/schemas/OBPaymentIdResponse"
required: [message]
OBPaymentRequestSigned:
title: "OBPaymentRequestSigned"
description: |
Payment Request Signed Schema
allOf:
- $ref: "#/components/schemas/OBJwt"
- type: "object"
properties:
message:
$ref: "#/components/schemas/OBPaymentRequest"
required: [message]
OBErrorResponseSigned:
title: "OBErrorResponseSigned"
description: |
Error Signed Schema
allOf:
- $ref: "#/components/schemas/OBJwt"
- type: "object"
properties:
message:
$ref: "#/components/schemas/OBErrorResponse"
required: [message]
OBWebhookEventSigned:
title: "OBWebhookEventSigned"
description: |
Webhook Event Signed Schema
allOf:
- $ref: "#/components/schemas/OBJwt"
- type: "object"
properties:
message:
$ref: "#/components/schemas/OBWebhookEvent"
required: [message]
OBEventNotification:
title: "OBEventNotification"
type: "object"
description: |
A Webhook Subscription Schema
required:
- "Webhook"
properties:
Webhook:
description: |
A Webhook Schema
type: "object"
properties:
Url:
description: |
The TPP Callback URL being registered with the LFI
type: "string"
example: "https://api.tpp.com/webhook/callbackUrl"
IsActive:
description: |
The TPP specifying whether the LFI should send (IsActive true) or not send (IsActive false) Webhook Notifications to the TPP's Webhook URL
type: "boolean"
example: false
additionalProperties: false
additionalProperties: false
OBWebhookEvent:
title: "OBWebhookEvent"
type: "object"
description: "Webhook Event"
required:
- "Data"
- "EventMeta"
properties:
Data:
type: "object"
description: "Event Data. This Data Object will contain the same API resource and Schema that has triggered the Event."
Links:
$ref: "#/components/schemas/OBLinksSelf"
EventMeta:
type: "object"
description: "Event Metadata"
required:
- "EventDateTime"
- "EventResource"
- "EventType"
- "ConsentId"
properties:
EventDateTime:
type: "string"
format: "date-time"
description: "Date Time of the first Event in the Message"
EventResource:
type: "string"
description: "The API resource to which the Event itself is associated"
example: ""
EventType:
type: "string"
enum:
[
"UAEOF.Resource.Created",
"UAEOF.Resource.Updated",
"UAEOF.Resource.Deleted",
]
description: "The Type of Event"
ConsentId:
description: "Unique identification as assigned to identify the consents resource."
type: "string"
minLength: 1
maxLength: 128
additionalProperties: false
additionalProperties: false
OBSingleInstantPayment:
title: "OBSingleInstantPayment"
type: "object"
description: |
A single immediate payment consent that MUST be be used for a single payment which will be initiated immediately after User authorization at the LFI.
required:
- "Type"
- "Amount"
properties:
Type:
type: "string"
description: "The Payment Type"
enum:
- UAEOF.SingleInstantPayment
Amount:
$ref: "#/components/schemas/OBActiveCurrencyAmount"
ExpectedInitiationTimeWindow:
$ref: "#/components/schemas/OBExpectedInitiationTimeWindow"
additionalProperties: false
OBSingleFutureDatedPayment:
title: "OBSingleFutureDatedPayment"
type: "object"
description: |
A long-lived consent that MUST be used for a single payment which will be authorized by the User during the payment journey, but the payment will be initiated by the TPP in the future.
required:
- "Type"
- "Amount"
- "RequestedExecutionDate"
properties:
Type:
type: "string"
description: "The Payment Type"
enum:
- UAEOF.SingleFutureDatedPayment
Amount:
$ref: "#/components/schemas/OBActiveCurrencyAmount"
RequestedExecutionDate:
$ref: "#/components/schemas/OBSingleFutureDatedPaymentRequestedExecutionDate"
additionalProperties: false
OBLongLivedPaymentConsent:
title: "OBLongLivedPaymentConsent"
type: "object"
description: |
A long-lived payment consent.
properties:
Amount:
$ref: "#/components/schemas/OBActiveCurrencyAmount"
MaximumIndividualPaymentAmount:
$ref: "#/components/schemas/OBMaximumIndividualPaymentAmount"
MaximumCumulativeValueOfPayments:
$ref: "#/components/schemas/OBMaximumCumulativeValueOfPayments"
MaximumCumulativeNumberOfPayments:
$ref: "#/components/schemas/OBMaximumCumulativeNumberOfPayments"
PeriodicSchedule:
description: |
The definition for a schedule
oneOf:
- $ref: "#/components/schemas/OBDefinedSchedule"
- $ref: "#/components/schemas/OBFixedPeriodicSchedule"
- $ref: "#/components/schemas/OBVariablePeriodicSchedule"
discriminator:
propertyName: Type
additionalProperties: false
OBTransactionType:
type: "string"
description: |
Type of the transaction to do (donation or normal payment, SCT or SCT inst)
OBMaximumCumulativeValueOfPayments:
type: "string"
description: |
The maximum cumulative value of all successful payment rails executions under the Consent.
Each successful payment rails execution amount (related to the Consent) is added to the total cumulative value of the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
type: "object"
required:
- "Amount"
- "Currency"
properties:
Amount:
pattern: "^\\d{1,16}\\.\\d{2}$" $ref: "#/components/schemas/OBActiveOrHistoricAmount"
Currency:
example $ref: "100.00#/components/schemas/OBActiveOrHistoricCurrencyCode"
OBMaximumCumulativeNumberOfPayments:
type: "integer"
description: |
The maximum cumulative number of all successful payment rails executions under the Consent.
Each successful payment rails execution (related to the Consent) is added to the total cumulative number of payments for the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
OBPeriodTypeMaximumCumulativeValueOfPayments:
type: "string" description: |
The maximum cumulative payment value of all payment initiations per Period Type.
patterntype: "^\\d{1,16}\\.\\d{2}$object"
example: "100.00"
required:
OBPeriodTypeMaximumCumulativeNumberOfPayments: - type: "integerAmount"
description: | - "Currency"
Theproperties:
maximum frequency of payment initiations per Period Type. Amount:
OBMaximumIndividualPaymentAmount: description: $ref: "#/components/schemas/OBActiveOrHistoricAmount"
Currency:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyCode"
OBPeriodTypeMaximumCumulativeNumberOfPayments:
type: "integer"
description: |
The maximum frequency of payment initiations per Period Type.
OBMaximumIndividualPaymentAmount:
description: |
This is the Maximum amount a variable payment related to the Consent can take.
All payment amounts must be smaller or equal to this value.
type: "string"
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
OBPeriodType:
title: "OBPeriodType"
type: "string"
description: |
A Period may begin from the Consent CreationDateTime if a PeriodStartDate is not provided.
|Period Type|Description|
|-----------|-----------|
|Day|A continuous period of time, consisting of 24 consecutive hours, starting from midnight (00:00:00) and finishing at 23:59:59 of the same day. |
|Week|A continuous period of time, consisting of seven consecutive days, starting from midnight (00:00:00) and finishing at 23:59:59 of the 7th day. |
|Month|A continuous period of time starting from midnight (00:00:00) of the first day of a month and finishing at 23:59:59 of the last day of that month.|
|Year|A continuous period of time, consisting of 12 months.|
enum:
- UAEOF.Day
- UAEOF.Week
- UAEOF.Month
- UAEOF.Year
OBPeriodStartDate:
title: "OBPeriodStartDate"
type: "string"
description: |
* Payments: Specifies the start date of when a payment schedule begins.
Where this is an optional field, if a value is not provided, then it must default to the Consent CreationDateTime, starting from midnight 00:00:00.
format: "date"
OBVariablePeriodicSchedule:
title: "OBVariablePeriodicSchedule"
description: |
Payment Controls that apply to all payment instructions in a given period under this payment consent.
type: "object"
additionalProperties: false
required:
- "PeriodType"
- "Type"
properties:
Type:
type: "string"
description: "The Periodic Schedule Type"
enum:
- UAEOF.VariablePeriodicSchedule
PeriodType:
$ref: "#/components/schemas/OBPeriodType"
PeriodStartDate:
$ref: "#/components/schemas/OBPeriodStartDate"
MaximumCumulativeValueOfPaymentsPerPeriodType:
$ref: "#/components/schemas/OBPeriodTypeMaximumCumulativeValueOfPayments"
MaximumCumulativeNumberOfPaymentsPerPeriodType:
$ref: "#/components/schemas/OBPeriodTypeMaximumCumulativeNumberOfPayments"
OBFixedPeriodicSchedule:
title: "OBFixedPeriodicSchedule"
description: |
Payment Controls that apply to all payment instructions in a given period under this payment consent.
type: "object"
additionalProperties: false
required:
- "PeriodType"
- "PeriodStartDate"
- "Amount"
- "Type"
properties:
Type:
type: "string"
description: "The Periodic Schedule Type"
enum:
- UAEOF.FixedPeriodicSchedule
PeriodType:
$ref: "#/components/schemas/OBPeriodType"
PeriodStartDate:
$ref: "#/components/schemas/OBPeriodStartDate"
Amount:
$ref: "#/components/schemas/OBActiveCurrencyAmount"
OBDefinedSchedule:
title: "OBDefinedSchedule"
type: "object"
description: |
Payment Schedule denoting a list of pre-defined future dated payments all with fixed amounts and dates.
additionalProperties: false
required:
- "Schedule"
- "Type"
properties:
Type:
type: "string"
description: "The Periodic Schedule Type"
enum:
- UAEOF.DefinedSchedule
Schedule:
type: "array"
minItems: 1
uniqueItems: false
items:
type: "object"
additionalProperties: false
required:
- "PaymentExecutionDate"
- "Amount"
properties:
PaymentExecutionDate:
$ref: "#/components/schemas/OBPaymentExecutionDate"
Amount:
$ref: "#/components/schemas/OBActiveCurrencyAmount"
OBPaymentSequenceNumber:
title: "OBPaymentSequenceNumber"
type: "string"
description: |
This indicates the underlying sequence of the recurring payment that is being instructed.
For example:
* 1 can represent the first payment instruction
* 12 can represent the twelfth payment instruction
minLength: 1
maxLength: 10
pattern: "^[1-9]\\d*$"
OBErrorResponse:
title: "OBErrorResponse"
description: "An array of detail error codes, and messages, and URLs to documentation to help remediation."
type: "object"
properties:
Errors:
items:
$ref: "#/components/schemas/OBError"
type: "array"
minItems: 1
required:
- "Errors"
additionalProperties: false
OBMessage:
title: "OBMessage"
description: "A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'\nUAEOF doesn't standardise this field"
type: "object"
required:
- "en"
properties:
en:
type: "string"
description: "English value of the string"
minLength: 1
maxLength: 500
ar:
type: "string"
description: "Arabic value of the string"
minLength: 1
maxLength: 500
additionalProperties: false
OBError:
title: "OBError"
description: "Error"
type: "object"
required:
- "Code"
- "Message"
additionalProperties: false
minProperties: 1
properties:
Code:
description: "Low level textual error code"
type: "string"
enum:
- "UAEOF.AccessToken.Unauthorized"
- "UAEOF.AccessToken.InvalidScope"
- "UAEOF.Consent.TransientAccountAccessFailure"
- "UAEOF.Consent.AccountTemporarilyBlocked"
- "UAEOF.Consent.PermanentAccountAccessFailure"
- "UAEOF.Consent.Invalid"
- "UAEOF.Consent.BusinessRuleViolation"
- "UAEOF.Consent.FailsControlParameters"
- "UAEOF.Consent.InvalidUserIdentifier"
- "UAEOF.JWS.InvalidSignature"
- "UAEOF.JWS.Malformed"
- "UAEOF.JWS.InvalidClaim"
- "UAEOF.JWS.InvalidHeader"
- "UAEOF.JWE.DecryptionError"
- "UAEOF.JWE.InvalidHeader"
- "UAEOF.GenericRecoverableError"
- "UAEOF.GenericError"
- "UAEOF.Event.UnexpectedEvent"
- "UAEOF.Body.InvalidFormat"
- "UAEOF.Resource.InvalidResourceId"
- "UAEOF.Resource.InvalidFormat"
Message:
$ref: "#/components/schemas/OBMessage"
Path:
description: "Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency"
type: "string"
minLength: 1
maxLength: 500
Url:
description: "URL to help remediate the problem, or provide more information, or to API Reference, or help etc"
type: "string"
OBLinksSelf:
title: "OBLinksSelf"
type: "object"
description: "Links relevant to the resource"
required:
- "Self"
properties:
Self:
$ref: "#/components/schemas/OBSelf"
additionalProperties: false
OBLinksRelatedConsent:
title: "OBLinksRelatedConsent"
type: "object"
description: "Links relevant to the resource"
required:
- "Self"
- "Related"
properties:
Self:
$ref: "#/components/schemas/OBRelatedSinglePayment"
Related:
$ref: "#/components/schemas/OBSelfConsent"
additionalProperties: false
OBLinksRelatedPayment:
title: "OBLinksRelatedPayment"
type: "object"
description: "Links relevant to the resource"
required:
- "Self"
- "Related"
properties:
Self:
$ref: "#/components/schemas/OBSelfConsent"
Related:
$ref: "#/components/schemas/OBRelatedPayment"
additionalProperties: false
OBPaymentConsumption:
title: "OBPaymentConsumption"
type: "object"
description: |
Data to track the consumption of Payments in relation to an authorized Consent Schedule
required:
- "CumulativeNumberOfPayments"
- "CumulativeValueOfPayments"
- "CumulativeValueOfPaymentsPerCurrentPeriod"
properties:
CumulativeNumberOfPayments:
type: "number"
description: |
The cumulative number of payment instructions successfully accepted under the current consent schedule (Settlement on the Creditor's account has been completed)
minLength: 1
example: 4
CumulativeValueOfPayments:
description: |
The cumulative value of payment instructions successfully accepted under the current consent schedule (Settlement on the Creditor's account has been completed)
A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."
type: "stringobject"
patternrequired:
"^\\d{1,16}\\.\\d{2}$" example:- "4.00Amount"
CumulativeNumberOfPaymentsPerCurrentPeriod: type: "number- "Currency"
descriptionproperties:
| Amount:
The cumulative number of payment instructions in the current period that are successfully accepted (Settlement on the Creditor's account has been completed)$ref: "#/components/schemas/OBActiveOrHistoricAmount"
Currency:
minLength: 1 example: 1
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyCode"
CumulativeNumberOfPaymentsPerCurrentPeriod:
CumulativeValueOfPaymentsPerCurrentPeriod type: "number"
description: |
The cumulative valuenumber of payment instructions in the current period that are successfully accepted (Settlement on the Creditor's account has been completed)
minLength: 1
A number of monetary units specified in an active currencyexample: where1
the unit of currency is explicit and compliant withCumulativeValueOfPaymentsPerCurrentPeriod:
ISO 4217." description: |
type: "string" pattern: "^\\d{1,16}\\.\\d{2}$"
example: "1.00"
additionalProperties: falseThe cumulative value of payment instructions in the current period that are successfully accepted (Settlement on the Creditor's account has been completed)
OBMeta: title: "OBMetaData"A number of monetary units specified in type: "object"
description: "Meta Data relevant to the resourcean active currency where the unit of currency is explicit and compliant with ISO 4217."
additionalProperties: false type: "object"
OBMetaMultiAuthorization: title: "OBMetaMultiAuthorization" required:
type: "object" - description:"Amount"
| Meta Data with Multi-Authorization "Currency"
relevant to the payload. properties:
For a payment, it represents any Authorizers within the LFI domainAmount:
that are involved in approving the payment request. properties$ref: "#/components/schemas/OBActiveOrHistoricAmount"
MultipleAuthorizers: Currency:
type: "object" description$ref: "Multiple Authorizers Schema#/components/schemas/OBActiveOrHistoricCurrencyCode"
propertiesadditionalProperties: false
OBMeta:
TotalRequiredtitle: "OBMetaData"
type: "object"
description: |"Meta Data relevant to the resource"
additionalProperties: false
The totalOBMetaMultiAuthorization:
number of Authorizers required to process the requesttitle: "OBMetaMultiAuthorization"
type: "object"
typedescription: "number"|
Meta Data with Multi-Authorization Authorizations:relevant to the payload.
For a type: "array"
items:payment, it represents any Authorizers within the LFI domain that are involved in approving the payment request.
properties:
descriptionMultipleAuthorizers:
| type: "object"
Authorizer description: "Multiple Authorizers Schema"
typeproperties:
"object" TotalRequired:
properties: description: |
AuthorizerId: The total number of Authorizers required to process the request
description: | type: "number"
The Authorizer's IdentifierAuthorizations:
type: "array"
items:
description: |
Authorizer
type: "object"
properties:
AuthorizerId:
description: |
The Authorizer's Identifier
type: "string"
AuthorizerType:
description: |
The Type of Authorizer. For example, Financial, Management, etc.
type: "string"
AuthorizationDate:
description: |
The DateTime of when the Authorization occurred. All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00
type: "string"
format: "date-time"
AuthorizationStatus:
description: |
The Status reflecting the Authorizer's final decision regarding the request
type: "string"
enum:
- "Pending"
- "Approved"
- "Rejected"
additionalProperties: false
additionalProperties: false
additionalProperties: false
OBSelf:
title: "OBSelf"
description: "A link to the current resource"
type: "string"
format: "uri"
OBSelfConsent:
title: "OBSelfConsent"
description: "A link to the related payment consents resource"
type: "string"
format: "uri"
example: "https://api.pasp.sa/open-banking/payment/2023.11.01-final/payment-consents/aac-69255d98-ab0e-4758-92a7-cacbf3073efa"
OBRelatedSinglePayment:
title: "OBRelatedSinglePayment"
type: string
format: "uri"
description: "A link to the current payment resource"
example: "https://api.pasp.sa/open-banking/payment/2023.11.01-final/payments/83b47199-90c2-4c05-9ef1-aeae68b0fc7c"
OBRelatedPayment:
title: "OBRelatedPayment"
description: |
A link to the related payments resource.
* For a Single Payment, this Array must have have 1 entry, associated with the Single Payment resource created against this consent.
* For Multi-Payment, this Array will have 1 or more entries of all the Payment resources created against this Consent
type: "array"
items:
type: "string"
example: []
OBPaymentId:
title: "OBPaymentId"
description: "An API specific unique identification as assigned by the LFI to identify the domestic Payment resource."
type: "string"
minLength: 1
maxLength: 40
example: 83b47199-90c2-4c05-9ef1-aeae68b0fc7c
OBConsentId:
title: "OBConsentId"
description: |
Unique identification assigned by the TPP to identify the consent resource.
type: "string"
minLength: 1
maxLength: 128
example: aac-69255d98-ab0e-4758-92a7-cacbf3073efa
OBBaseConsentId:
title: "OBBaseConsentId"
description: |
The original ConsentId assigned by the TPP.
It is used by the TPP for updating/renewing parameters associated with long-lived consents.
It must be provided when long-lived consent parameters are updated/renewed for a current consent that has not yet finished.
type: "string"
minLength: 1
maxLength: 128
example: abc-19877d98-ab0e-4758-92a7-vvffr1234abv
OBCreationDateTime:
title: "OBCreationDateTime"
description: "Date and time at which the message was created. All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00"
type: "string"
format: "date-time"
OBPaymentStatus:
title: "OBPaymentStatus"
description: |
Specifies the status of the payment information group
* Pending: Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed.
* Rejected: The payment initiation has been rejected
* AcceptedSettlementCompleted: Settlement of the Debtors account has been completed
* AcceptedCreditSettlementCompleted: When the Payee account has been credited with the funds of the payment initiated via the TPP
* AcceptedWithoutPosting: When the Recipient Bank has accepted the payment but has not applied the credit to the Payee account yet.
type: "string"
enum:
- "Pending"
- "AcceptedSettlementCompleted"
- "AcceptedCreditSettlementCompleted"
- "AcceptedWithoutPosting"
- "Rejected"
example: Pending
OBStatusUpdateDateTime:
title: "OBStatusUpdateDateTime"
description: "Date and time at which the resource status was updated.All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00"
type: "string"
format: "date-time"
OBSingleFutureDatedPaymentRequestedExecutionDate:
title: "OBSingleFutureDatedPaymentRequestedExecutionDate"
description: |
The date when the TPP expects the LFI to execute the payment.
The date must be in the future and cannot be on the same day or a day in the past.
The maximum date in the future that can be specified is 1 year from the day of the consent of the User to the TPP.
All dates in the JSON payloads are represented in ISO 8601 date format.
type: "string"
format: "date"
OBConsentStatus:
title: "OBConsentStatus"
description: |
Specifies the status of a consent.
| Consent Status| State Type| Description|
|---------------|-----------|------|
| AwaitingAuthorization | Pending | The consent is awaiting authorization.|
| Authorized | In Use | The consent has been successfully authorized.|
| Rejected | Terminal | The unauthorized consent has been rejected at the LFI.|
| Revoked | Terminal | The consent has been revoked at the TPP or LFI.|
| Expired | Terminal | The consent is now expired.|
| Consumed | Terminal | The consented action(s) have either been completed successfully.|
| Suspended | In Use | The consent has been suspended by the LFI, pending further enquiries.|
type: "string"
enum:
- "AwaitingAuthorization"
- "Authorized"
- "Rejected"
- "Revoked"
- "Expired"
- "Consumed"
- "Suspended"
OBPatchConsentStatus:
title: "OBConsentStatus"
description: |
Specifies the authorization statuses of a consent.
| Consent Status| State Type| Description|
|---------------|-----------|------|
| Revoked | Terminal | The consent has been revoked at the TPP.|
type: "string"
enum:
- "Revoked"
OBAcceptedAuthorizationTypeRequestPayments:
title: "OBAcceptedAuthorizationType"
description: |
Specifies to the LFI the type of consent authorization accepted by the TPP when staging the consent
* Single - The consent should incur a single authorization Step with the LFI
* Multi - The consent should incur a multi-authorization Step with the LFI
* Both - The consent should incur either a single authorization or multi-authorization step with the LFI. The LFI decides.
type: "string"
enum:
- "UAEOF.Single"
- "UAEOF.Multi"
- "UAEOF.Both"
OBAcceptedAuthorizationType:
title: "OBAcceptedAuthorizationType"
description: |
Specifies to the LFI the type of consent authorization accepted by the TPP when staging the consent
* Single - The consent should incur a single authorization Step with the LFI
* Multi - The consent should incur a multi-authorization Step with the LFI
type: "string"
enum:
- "UAEOF.Single"
- "UAEOF.Multi"
OBAuthorizationExpirationTimeWindow:
title: "OBAuthorizationExpirationTimeWindow"
description: |
A time window by which a Consent (in AwaitingAuthorization status) must be Authorized by the User.
The time window starts from the actual CreationDateTime (when the Consent is staged with the LFI).
If the current time window exceeds the Authorization Expiration Time Window (and the Consent status is AwaitingAuthorization) then the Consent Status must be set to Rejected.
The time window is based on a custom time format hhh:mm:ss. e.g. 720:00:00 represents a time window of 720 hours, 00 minutes, 00 seconds (30 days) after the CreationDateTime to Authorize the Consent.
type: "string"
pattern: "^(00[0-9]|0[1-9][0-9]|[1-6][0-9]{2}|7[01][0-9]|720):[0-5][0-9]:[0-5][0-9]$"
example: "720:00:00"
OBExpectedInitiationTimeWindow:
title: "OBExpectedInitiationTimeWindow"
description: |
A time window set by the TPP in which a Payment must be initated by the LFI.
The time window is based on a custom time format hhh:mm:ss. e.g. 000:00:15 represents a time window of 15 seconds to initiate the Payment.
type: "string"
pattern: "^(00[0-9]|0[1-9][0-9]|[1-6][0-9]{2}|7[01][0-9]|720):[0-5][0-9]:[0-5][0-9]$"
example: "000:00:15"
OBPaymentRequest:
title: "OBPaymentRequest"
description: |
Payment Request Schema
type: "object"
additionalProperties: false
required:
- "Data"
properties:
Data:
type: "object"
additionalProperties: false
required:
- "ConsentId"
- "Instruction"
- "PersonalIdentifiableInformation"
- "PaymentPurposeCode"
properties:
ConsentId:
$ref: "#/components/schemas/OBConsentId"
TransactionType:
$ref: "#/components/schemas/OBTransactionType"
Instruction:
$ref: "#/components/schemas/OBPaymentInstruction"
CurrencyRequest:
$ref: "#/components/schemas/OBCurrencyRequest"
PersonalIdentifiableInformation:
$ref: "#/components/schemas/OBJWEPaymentPII"
PaymentPurposeCode:
$ref: "#/components/schemas/OBPaymentPurposeCode"
PayerReference:
$ref: "#/components/schemas/OBReference"
OBCreditorAgent:
title: "OBCreditorAgent"
description: |
Refers to the Financial Institution.
type: "object"
required:
- "IdentificationType"
- "Identification"
properties:
IdentificationType:
type: "string"
description: |
Refers to the Identification scheme for uniquely identifying the Agent.
* UAEOF.OTHER: The ID; A Country Code followed by a Bank Code (UAEOF 4 character code). The full list of LFI names and 6 digits IDs are as follows:
enum:
- "UAEOF.OTHER"
Identification:
description: |
The Agent is the Country Code followed by a Bank Code"
type: "string"
minLength: 6
maxLength: 6
Name:
description: "Name by which an agent is known and which is usually used to identify that agent."
type: "string"
minLength: 1
maxLength: 140
PostalAddress:
$ref: "#/components/schemas/OBAddress"
OBPaymentConsentResponse:
title: "OBPaymentConsentResponse"
description: |
Payment Consent Response Schema
type: "object"
additionalProperties: false
required:
- "Data"
- "Links"
properties:
Data:
type: "object"
additionalProperties: false
required:
- "ConsentId"
- "BaseConsentId"
- "Status"
- "StatusUpdateDateTime"
- "CreationDateTime"
- "ControlParameters"
- "PaymentPurposeCode"
- "PaymentConsumption"
- "AcceptedAuthorizationType"
- "ExpirationDateTime"
properties:
ConsentId:
$ref: "#/components/schemas/OBConsentId"
BaseConsentId:
$ref: "#/components/schemas/OBBaseConsentId"
AcceptedAuthorizationType:
$ref: "#/components/schemas/OBAcceptedAuthorizationType"
AuthorizationExpirationTimeWindow:
$ref: "#/components/schemas/OBAuthorizationExpirationTimeWindow"
Permissions:
$ref: "#/components/schemas/OBConsentPermissions"
ExpirationDateTime:
$ref: "#/components/schemas/OBConsentExpirationDateTime"
Status:
$ref: "#/components/schemas/OBConsentStatus"
RevokedBy:
$ref: "#/components/schemas/OBRevokedBy"
CreationDateTime:
$ref: "#/components/schemas/OBCreationDateTime"
StatusUpdateDateTime:
$ref: "#/components/schemas/OBStatusUpdateDateTime"
Charges:
$ref: "#/components/schemas/OBCharges"
ExchangeRate:
$ref: "#/components/schemas/OBExchangeRateInformation"
CurrencyRequest:
$ref: "#/components/schemas/OBCurrencyRequest"
ControlParameters:
description: |
Control Parameters set the overall rules for the Payment Schedule
type: "object"
additionalProperties: false
required:
- "ConsentSchedule"
properties:
IsPayByAccount:
$ref: "#/components/schemas/OBIsPayByAccount"
ConsentSchedule:
type: "object"
description: |
The various payment types that can be initiated:
* A Single Payment
* A Multi-Payment
* A Combined Payment (one SinglePayment and one MultiPayment)
properties:
SinglePayment:
description: |
A Consent definition for defining Single Payments
oneOf:
- $ref: "#/components/schemas/OBSingleInstantPayment"
- $ref: "#/components/schemas/OBSingleFutureDatedPayment"
discriminator:
propertyName: Type
MultiPayment:
description: |
A Consent definition for defining Multi Payments
$ref: "#/components/schemas/OBLongLivedPaymentConsent"
additionalProperties: false
PayerReference:
description: |
Reason or reference for the payer regarding the Payment
$ref: "#/components/schemas/OBReference"
BeneficiaryReference:
description: |
Reason or reference for the beneficiary regarding the Payment
$ref: "#/components/schemas/OBReference"
TransactionType:
$ref: "#/components/schemas/OBTransactionType"
PaymentPurposeCode:
$ref: "#/components/schemas/OBPaymentPurposeCode"
SponsoredTPPInformation:
$ref: "#/components/schemas/OBSponsoredTPPInformation"
PaymentConsumption:
$ref: "#/components/schemas/OBPaymentConsumption"
Subscription:
$ref: "#/components/schemas/OBEventNotification"
Links:
$ref: "#/components/schemas/OBLinksRelatedPayment"
Meta:
$ref: "#/components/schemas/OBMetaMultiAuthorization"
OBPaymentIdResponse:
title: "OBPaymentIdResponse"
description: |
Payment Id Response Schema
type: "object"
additionalProperties: false
required:
- "Data"
- "Links"
properties:
Data:
type: "object"
additionalProperties: false
required:
- "PaymentId"
- "ConsentId"
- "Status"
- "StatusUpdateDateTime"
- "Instruction"
- "CreationDateTime"
- "PaymentPurposeCode"
- "Charges"
- "PaymentTransactionId"
properties:
PaymentId:
$ref: "#/components/schemas/OBPaymentId"
ConsentId:
$ref: "#/components/schemas/OBConsentId"
PaymentTransactionId:
$ref: "#/components/schemas/OBPaymentTransactionId"
TransactionType:
$ref: "#/components/schemas/OBTransactionType"
Status:
$ref: "#/components/schemas/OBPaymentStatus"
StatusUpdateDateTime:
$ref: "#/components/schemas/OBStatusUpdateDateTime"
CreationDateTime:
$ref: "#/components/schemas/OBCreationDateTime"
Charges:
$ref: "#/components/schemas/OBCharges"
ExchangeRate:
$ref: "#/components/schemas/OBExchangeRateInformation"
CurrencyRequest:
$ref: "#/components/schemas/OBCurrencyRequest"
Instruction:
$ref: "#/components/schemas/OBPaymentInstruction"
PaymentPurposeCode:
$ref: "#/components/schemas/OBPaymentPurposeCode"
PayerReference:
$ref: "#/components/schemas/OBReference"
Links:
$ref: "#/components/schemas/OBLinksRelatedConsent"
Meta:
$ref: "#/components/schemas/OBMeta"
OBPaymentInstruction:
title: "OBPaymentInstruction"
type: "object"
additionalProperties: false
required:
- "Amount"
- "PaymentSequenceNumber"
description: "The Initiation payload is sent by the initiating party to the LFI. It is used to request movement of funds from the debtor account to a creditor for a single domestic payment."
properties:
Amount:
$ref: "#/components/schemas/OBActiveCurrencyAmount"
BeneficiaryReference:
description: |
Reason or reference for the beneficiary regarding the Payment
$ref: "#/components/schemas/OBReference"
PaymentSequenceNumber:
$ref: "#/components/schemas/OBPaymentSequenceNumber"
OBPaymentExecutionDate:
title: "OBPaymentExecutionDate"
description: |
Used to specify the expected payment execution date/time.
All dates in the JSON payloads are represented in ISO 8601 date format.
An example is: 2023-04-05
type: "string"
format: "date"
OBActiveCurrencyAmount:
title: "OBActiveCurrencyAmount"
description: |
The Currency and Amount relating to the Payment, Refund or Request to Pay
type: "object"
required:
- "Amount"
- "Currency"
properties:
Amount:
$ref: "#/components/schemas/OBActiveOrHistoricAmount"
Currency:
$ref: "#/components/schemas/OBActiveOrHistoricCurrencyCode"
OBActiveOrHistoricAmount:
title: "OBActiveOrHistoricAmount"
description: "A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."
type: "string"
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
OBActiveOrHistoricCurrencyCode:
title: "OBActiveOrHistoricCurrencyCode"
description: "A 3 character alphabetic code allocated to a currency under an international currency identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'."
type: "string"
pattern: "^[A-Z]{3,3}$"
example: "AED"
OBExternalAccountIdentificationCode:
title: "OBExternalAccountIdentificationCode"
description: "Name of the identification scheme, in a coded form as published in an external list."
type: "string"
enum:
- "UAEOF.IBAN"
- "UAEOF.AccountNumber"
OBIdentification:
title: "OBIdentification"
description: |
Identification for the account assigned by the LFI based on the Account Scheme Name.
This identification is known by the User account owner.
type: "string"
minLength: 1
OBMobileNumber:
title: "OBMobileNumber"
description: |
Mobile number of the account owner.
type: "string"
maxLength: 16
OBName:
title: "OBName"
type: "object"
description: |
The Account Holder Name is the name or names of the Account owner(s) represented at the account level
properties:
en:
type: "string"
Identification for the account assigned by the LFI based on the Account Scheme Name.
description: "EnglishThis valueidentification ofis theknown string"by the User account owner.
maxLengthtype: 70"string"
minLength: 1
ar: OBMobileNumber:
typetitle: "stringOBMobileNumber"
description: |
description: "Arabic value of theMobile string"number of the account owner.
maxLengthtype: 70"string"
additionalPropertiesmaxLength: false16
OBTradingNameOBName:
title: "OBTradingNameOBName"
type: "object"
description: |
The TradingAccount BrandHolder Name (if applicable) for is the Creditor.name or names of the Account owner(s) represented at the Applicable to Payments.account level
properties:
en:
type: "string"
description: "English value of the string"
maxLength: 70
ar:
type: "string"
description: "Arabic value of the string"
maxLength: 70
additionalProperties: false
OBUserReferenceOBTradingName:
title: "OBUserReferenceOBTradingName"
type: "object"
description: |
The Trading Brand Information supplied by the User against Recurring and Variable Payments.Name (if applicable) for the Creditor.
Applicable to Payments.
required: properties:
- "UserReference" en:
properties: UserReferencetype: "string"
description: |"English value of the string"
Information supplied bymaxLength: the70
User to enable a unique reference for the Payment.ar:
type: "string"
minLengthdescription: 1"Arabic value of the string"
maxLength: 3570
additionalProperties: false
OBReference:
title: "OBReference"
description: |
A reason or reference in relation to a payment.
type: "string"
minLength: 1
maxLength: 120
OBExternalPaymentChargeTypeCode:
title: "OBExternalPaymentChargeTypeCode"
description: "Charge type, in a coded form."
type: "string"
enum:
- "VAT"
- "Fees"
OBCharges:
title: "OBCharges"
type: "array"
items:
type: "object"
additionalProperties: false
description: |
Set of elements used to provide details of a charge for the payment initiation.
* For Payments, these Charges are on the Debtor.
required:
- "ChargeBearer"
- "Type"
- "Amount"
properties:
ChargeBearer:
$ref: "#/components/schemas/OBChargeBearerType1Code"
Type:
$ref: "#/components/schemas/OBExternalPaymentChargeTypeCode"
Amount:
$ref: "#/components/schemas/OBActiveCurrencyAmount"
OBPatchPaymentConsentSigned:
title: "OBPatchPaymentConsentSigned"
description: |
Payment Patch Consent Signed Schema
allOf:
- $ref: "#/components/schemas/OBJwt"
- type: "object"
properties:
message:
$ref: "#/components/schemas/OBPatchPaymentConsent"
required: [message]
OBPatchPaymentConsent:
title: "OBPatchPaymentConsent"
description: "Patch Payment Consent"
type: "object"
properties:
Data:
type: "object"
description: "Primary data for the resource"
required:
- "Status"
properties:
Status:
$ref: "#/components/schemas/OBPatchConsentStatus"
RevokedBy:
$ref: "#/components/schemas/OBRevokedByPatchConsent"
additionalProperties: false
Subscription:
$ref: "#/components/schemas/OBEventNotification"
OBRisk:
title: "OBRisk"
additionalProperties: false
description: |
The Risk section is sent by the TPP to the LFI. It is used to specify additional details for risk/fraud scoring regarding Payments.
type: "object"
properties:
UserIndicators:
$ref: "#/components/schemas/OBUserIndicators"
DestinationDeliveryAddress:
type: "object"
description: |
Destination Delivery Address
properties:
RecipientType:
type: "string"
description: "The recipient of the goods whether an individual or a corporation."
enum:
- "UAEOF.Individual"
- "UAEOF.Corporate"
RecipientName:
type: "object"
description: "The name of the recipient of the goods, whether an individual or a corporation."
properties:
en:
type: "string"
description: "English value of the string"
ar:
type: "string"
description: "Arabic value of the string"
NationalAddress:
$ref: "#/components/schemas/OBAddress"
TransactionIndicators:
$ref: "#/components/schemas/OBTransactionIndicators"
BeneficiaryIndicators:
$ref: "#/components/schemas/OBBeneficiaryIndicators"
OBRiskUserIndicators:
description: |
The Risk section is sent by the TPP to the LFI. It is used to specify additional details for risk/fraud scoring.
type: "object"
properties:
UserIndicators:
$ref: "#/components/schemas/OBUserIndicators"
TransactionIndicators:
$ref: "#/components/schemas/OBTransactionIndicators"
OBPaymentPurposeCode:
title: "OBPaymentPurposeCode:"
description: |
A Category code, related to the type of services or goods that corresponds to the underlying purpose of the Payment, Refund, RTP.
* The ISO20022 External code sets
type: "string"
minLength: 1
maxLength: 4
pattern: "^[A-Z]{3,4}$"
OBPaymentTransactionId:
title: "OBPaymentTransactionId"
type: "string"
description: |
This is an end to end TransactionId that is associated with a payment when it is sent from an Originating LFI to a Receiving LFI.
For IPP transactions, this is the IPP generated TransactionId.
This applies to:
* Same Bank Transfer (Within the same bank)
* Local Bank Transfer (Between 2 banks)
minimum: 1
maximum: 40
OBBeneficiaryNote:
title: "OBBeneficiaryNote"
type: "object"
description: |
Beneficiary Note may be populated by the User (i.e. payer) using information requested by the beneficiary or any other information the User wants to provide to the beneficiary to assist in identifying and reconciling the payment.
This information will be transferred via the payment rails to the beneficiary LFI, if different than the User’s LFI.
Please refer to Generic Business Rules 4.2.8 Beneficiary-Note
required:
- "Notes"
properties:
Notes:
description: |
Notes regarding the payment for the Beneficiary.
type: "string"
minLength: 1
maxLength: 256
additionalProperties: false
OBBeneficiaryOrderId:
title: "OBBeneficiaryOrderId"
type: "object"
description: |
A reference generated by the merchant referencing the order related to the payment or another unique reference in the context of the merchant.
This information will be transferred via the payment rails to the beneficiary LFI.
Please refer to Business Rules 6.4 Order-ID
required:
- "OrderId"
properties:
OrderId:
type: "string"
minLength: 1
maxLength: 256
description: |
A reference generated by the merchant referencing the order related to the payment or another unique reference in the context of the merchant.
This information will be transferred via the payment rails to the beneficiary LFI.
additionalProperties: false
OBSponsoredTPPInformation:
title: "OBSponsoredTPPInformation"
type: "object"
description: |
The Sponsored TPP is:
* A TPP that itself has no direct Open Banking API integrations.
* A TPP that is using the integration of another TPP that does have direct Open Banking API integrations.
properties:
Name:
type: "string"
minLength: 1
maxLength: 50
description: |
The Sponsored TPP Name
Identification:
type: "string"
minLength: 1
maxLength: 50
description: |
The Sponsored TPP Identification
additionalProperties: false
OBIsPayByAccount:
type: boolean
description: |
A flag to denote if the Payment is an E-Commerce transaction
default: false
OBMetaTotalPages:
title: "OBMetaTotalPages"
description: "Meta Data relevant to the resource"
type: "object"
properties:
TotalPages:
$ref: "#/components/schemas/OBTotalPages"
additionalProperties: false
OBTotalPages:
title: "OBTotalPages"
description: "Total number of Pages where a result set is paginated"
type: "integer"
format: "int32"
minimum: 0
OBFirst:
title: "OBFirst"
description: "A link to the first page in a paginated result set"
type: "string"
format: "uri"
OBPrev:
title: "OBPrev"
description: "A link to the previous page in a paginated result set"
type: "string"
format: "uri"
OBNext:
title: "OBNext"
description: "A link to the next page in a paginated result set"
type: "string"
format: "uri"
OBLast:
title: "OBLast"
description: "A link to the last page in a paginated result set"
type: "string"
format: "uri"
OBCreditorAccount:
title: "OBCreditorAccount"
description: "Unambiguous identification of the account of the creditor to which a credit entry will be posted."
type: "object"
additionalProperties: false
required:
- "IdentificationType"
- "Identification"
- "Name"
properties:
IdentificationType:
$ref: "#/components/schemas/OBExternalAccountIdentificationCode"
Identification:
$ref: "#/components/schemas/OBIdentification"
MobileNumber:
$ref: "#/components/schemas/OBMobileNumber"
Name:
$ref: "#/components/schemas/OBName"
TradingName:
$ref: "#/components/schemas/OBTradingName"
OBDebtorAccount:
title: "OBDebtorAccount"
description: "Unambiguous identification of the account of the debtor to which a debit entry will be made."
type: "object"
required:
- "IdentificationType"
- "Identification"
- "Name"
properties:
IdentificationType:
$ref: "#/components/schemas/OBExternalAccountIdentificationCode"
Identification:
$ref: "#/components/schemas/OBIdentification"
MobileNumber:
$ref: "#/components/schemas/OBMobileNumber"
Name:
$ref: "#/components/schemas/OBName"
OBMaximumIndividualRequestsToPayAmount:
description: |
This is the Maximum amount a single request to pay amount related to the Consent can be.
All request to pay amounts must be smaller or equal to this value.
type: "string"
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
OBMaximumCumulativeNumberOfRequestsToPay:
type: "integer"
description: |
The maximum cumulative number of all succesful Request To Pays under the Consent.
Every successful Request To Pay related to the Consent is added to the total cumulative number of Request To Pay initiations of the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
OBMaximumCumulativeValueOfRequestsToPay:
type: "string"
description: |
The maximum cumulative value of all successfully paid request to pay instructions under the Consent.
Each successfully paid request to pay amount (related to the Consent) is added to the total cumulative value of the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
OBPeriodTypeMaximumCumulativeValueOfRequestsToPay:
type: "string"
description: |
The maximum cumulative request to pay value of all request to pay initiations per Period Type.
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
OBRevokedBy:
title: "OBRevokedBy"
description: |
Denotes the Identifier of the revocation.
| Identifier| Description|
|-----------|------------|
| LFI | Revoked by LFI without User initiation|
| TPP | Revoked by TPP without User initiation|
| LFI.InitiatedByUser | Initiated by User via the LFI|
| TPP.InitiatedByUser | Initiated by User via the TPP|
type: "string"
enum:
- "UAEOF.LFI"
- "UAEOF.TPP"
- "UAEOF.LFI.InitiatedByUser"
- "UAEOF.TPP.InitiatedByUser"
OBRevokedByPatchConsent:
title: "OBRevokedByPatchConsent"
description: |
Denotes the Identifier of the revocation.
| Identifier| Description|
|-----------|------------|
| TPP | Revoked by TPP without User initiation|
| TPP.InitiatedByUser | Initiated by User via the TPP|
type: "string"
enum:
- "UAEOF.TPP"
- "UAEOF.TPP.InitiatedByUser"
OBConsentExpirationDateTime:
description: |
Specified date and time the consent will expire.
If this is not populated, the consent will remain active as a long lived consent until the maximum consent validity period as per section 4.1.1 Consent Elements in the API User Guide.
All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is :2023-04-05T10:43:07+00:00
* For Payment Consents, the maximum expiration time limit should be 23:59:59 (1 second before 00:00:00)
type: "string"
format: "date-time"
OBAddress:
title: "OBAddress"
description: |
(Array) Address information that locates and identifes a specific address, as defined by a national or international postal service."
type: "array"
minItems: 1
items:
type: "object"
required:
- "AddressType"
- "Country"
properties:
AddressType:
$ref: "#/components/schemas/OBAddressTypeCode"
ShortAddress:
$ref: "#/components/schemas/OBShortAddress"
UnitNumber:
$ref: "#/components/schemas/OBUnitNumber"
FloorNumber:
$ref: "#/components/schemas/OBFloorNumber"
BuildingNumber:
$ref: "#/components/schemas/OBBuildingNumber"
StreetName:
$ref: "#/components/schemas/OBStreetName"
SecondaryNumber:
$ref: "#/components/schemas/OBSecondaryNumber"
District:
$ref: "#/components/schemas/OBDistrict"
PostalCode:
$ref: "#/components/schemas/OBPostalCode"
POBox:
$ref: "#/components/schemas/OBPOBox"
ZipCode:
$ref: "#/components/schemas/OBZipCode"
City:
$ref: "#/components/schemas/OBCity"
Region:
$ref: "#/components/schemas/OBRegion"
Country:
$ref: "#/components/schemas/OBCountryCode"
additionalProperties: false
OBAddressTypeCode:
title: "OBAddressTypeCode"
description: "Specifies the nature of the Address."
type: "string"
enum:
- "UAEOF.Business"
- "UAEOF.Correspondence"
- "UAEOF.Residential"
example: "UAEOF.Residential"
OBShortAddress:
title: "OBShortAddress"
description: "A short address consists of four letters: region code, branch code, division code, unique code and a four-digit number for the building."
type: "string"
minLength: 1
maxLength: 8
example: "ABCD1234"
OBUnitNumber:
title: "OBUnitNumber"
description: "Identifies the unit or apartment number."
type: "string"
minLength: 1
maxLength: 10
example: "6"
OBFloorNumber:
title: "OBFloorNumber"
description: "Identifies the building floor number."
type: "string"
minLength: 1
maxLength: 10
example: "2"
OBBuildingNumber:
title: "OBBuildingNumber"
description: "Identifies the building number."
type: "string"
minLength: 1
maxLength: 10
example: "34"
OBStreetName:
title: "OBStreetName"
description: "Identifies the street name or road."
type: "string"
minLength: 1
maxLength: 70
example: "Omar Bin Hassan Street"
OBDistrict:
title: "OBDistrict"
description: "Identifies the district of a city."
type: "string"
minLength: 1
maxLength: 35
example: "Olaya Dist."
OBCountryCode:
title: "OBCountryCode"
description: "Indicates the country code in which the address is located (References ISO 3166-1 alpha-2)."
type: "string"
pattern: "^[A-Z]{2,2}$"
example: "SA"
OBPostalCode:
title: "OBPostalCode"
description: " Identifies the postal code; a unique code assigned to a specific geographic area for efficient mail sorting and delivery purposes."
type: "string"
minLength: 1
maxLength: 10
example: "12345"
OBPOBox:
title: "POBox"
description: " Identifies the POBox."
type: "string"
minLength: 1
maxLength: 10
example: "11562"
OBZipCode:
title: "ZipCode"
description: "Identifies the ZIP code; a unique code assigned to a specific geographic area for efficient mail sorting and delivery purposes."
type: "string"
minLength: 1
maxLength: 10
example: "12366"
OBSecondaryNumber:
title: "OBSecondaryNumber"
description: "4 numbers representing the accurate location coordinates of the address"
type: "string"
minLength: 4
maxLength: 4
example: "1233"
OBCity:
title: "OBCity"
description: "Identifies the name of the city or town where the address is situated."
type: "string"
minLength: 1
maxLength: 35
example: "Riyadh"
OBRegion:
title: "OBRegion"
description: "Identifies the region."
type: "string"
minLength: 1
maxLength: 35
example: "North"
OBUserIndicators:
title: "OBUserIndicators"
type: "object"
description: |
User (Payer) Indicators
properties:
UserName:
type: "object"
description: "The Name of the User initiating the Payment"
properties:
en:
type: "string"
description: "English value of the string"
ar:
type: "string"
description: "Arabic value of the string"
GeoLocation:
type: "object"
description: "GPS to identify and track the whereabouts of the connected electronic device."
required:
- "latitude"
- "longitude"
properties:
latitude:
type: "string"
description: "latitude"
longitude:
type: "string"
description: "longitude"
DeviceId:
type: "string"
description: "IMEISV number of the connected electronic device"
DeviceOperatingSystem:
type: "string"
description: "Device operating system"
DeviceOperatingSystemVersion:
type: "string"
description: "Device operating system version"
PasswordChangedDateTime:
type: "string"
format: "date-time"
description: "The date and time of the last password change by the User on their TPP account."
UserOnboardingDateTime:
type: "string"
format: "date-time"
description: "The exact date and time when the User account was activated with the TPP."
OBTransactionIndicators:
title: "OBTransactionIndicators"
type: "object"
description: |
Transaction Indicators
properties:
IsCustomerPresent:
description: "This field differentiates between automatic and manual payment initiation."
type: boolean
IsContractPresent:
description: "Indicates if the Payee has a contractual relationship with the TPP."
type: boolean
Channel:
description: "Where the payment has been initiated from."
type: "string"
enum:
- "UAEOF.Web"
- "UAEOF.Mobile"
OBBeneficiaryIndicators:
title: "OBBeneficiaryIndicators"
type: "object"
description: |
Beneficiary Indicators
properties:
AccountType:
$ref: "#/components/schemas/OBExternalAccountTypeCode"
IsBeneficiaryPrePopulated:
$ref: "#/components/schemas/OBIsBeneficiaryPrePopulated"
TradingName:
$ref: "#/components/schemas/OBTradingName"
IsVerifiedByTPP:
$ref: "#/components/schemas/OBIsVerifiedbyTPP"
AdditionalAccountHolderIdentifiers:
$ref: "#/components/schemas/OBAdditionalAccountHolderIdentifiers"
MerchantDetails:
type: "object"
description: |
Details of the Merchant involved in the transaction.
Merchant Details are specified only for those merchant categories that are generally expected to originate retail financial transactions
properties:
MerchantId:
description: "MerchantId"
type: "string"
minLength: 8
maxLength: 20
MerchantName:
description: "Name by which the merchant is known."
type: "string"
minLength: 1
maxLength: 350
MerchantSICCode:
description: |
SIC code stands for standard industrial classification (SIC) code.
This four digit-number identifies a very specific short descriptor of the type of business a company is engaged in.
SIC can be obtained from the Chamber of Commerce.
type: "string"
minLength: 3
maxLength: 4
additionalProperties: false
OBExternalAccountTypeCode:
title: "OBExternalAccountTypeCode"
description: "Specifies the type of account (Retail or Corporate)."
type: "string"
enum:
- "UAEOF.Retail"
- "UAEOF.Corporate"
OBIsBeneficiaryPrePopulated:
description: "Is Beneficiary populated"
type: "boolean"
OBIsVerifiedbyTPP:
description: "The TPP has onboarded the Beneficiary"
type: "boolean"
OBAdditionalAccountHolderIdentifiers:
title: "OBAdditionalAccountHolderIdentifiers"
type: "array"
items:
type: "object"
description: "Provides the details to identify an account."
required:
- "IdentificationType"
- "Identification"
properties:
IdentificationType:
$ref: "#/components/schemas/OBRiskExternalAccountIdentificationCode"
Identification:
$ref: "#/components/schemas/OBIdentification"
Name:
$ref: "#/components/schemas/OBName"
additionalProperties: false
OBRiskExternalAccountIdentificationCode:
title: "OBRiskExternalAccountIdentificationCode"
description: "Name of the identification scheme, in a coded form as published in an external list."
type: "string"
enum:
- "UAEOF.EmiratesID"
- "UAEOF.UnifiedCommercialNumber"
- "UAEOF.PassportNumber"
OBServiceInitiationAuthorizationDetail:
title: "OBServiceInitiationAuthorizationDetail"
description: "The schema for service initiation object in the authorization_details"
type: "object"
additionalProperties: false
required:
- "type"
- "consent"
properties:
type:
type: "string"
description: "The type of the service initiation object"
enum:
- "urn:openfinanceuae:service-initiation-consent:v1.0-draft2"
consent:
type: "object"
additionalProperties: false
required:
- "ConsentId"
- "ControlParameters"
- "PaymentPurposeCode"
- "AcceptedAuthorizationType"
- "PersonalIdentifiableInformation"
properties:
ConsentId:
description: "Unique identification as assigned to identify the service initiation consent resource."
type: "string"
minLength: 1
maxLength: 128
BaseConsentId:
$ref: "#/components/schemas/OBBaseConsentId"
AcceptedAuthorizationType:
$ref: "#/components/schemas/OBAcceptedAuthorizationTypeRequestPayments"
AuthorizationExpirationTimeWindow:
$ref: "#/components/schemas/OBAuthorizationExpirationTimeWindow"
ExpirationDateTime:
$ref: "#/components/schemas/OBConsentExpirationDateTime"
Permissions:
$ref: "#/components/schemas/OBConsentPermissions"
CurrencyRequest:
$ref: "#/components/schemas/OBCurrencyRequest"
PersonalIdentifiableInformation:
$ref: "#/components/schemas/OBJWEPaymentPII"
ControlParameters:
description: |
Control Parameters set the overall rules for the Payment Schedule
type: "object"
additionalProperties: false
required:
- "ConsentSchedule"
properties:
IsPayByAccount:
$ref: "#/components/schemas/OBIsPayByAccount"
ConsentSchedule:
type: "object"
description: |
The various payment types that can be initiated:
* A Single Payment
* A Multi-Payment
* A Combined Payment (one SinglePayment and one MultiPayment)
properties:
SinglePayment:
description: |
A Consent definition for defining Single Payments
oneOf:
- $ref: "#/components/schemas/OBSingleInstantPayment"
- $ref: "#/components/schemas/OBSingleFutureDatedPayment"
discriminator:
propertyName: Type
MultiPayment:
description: |
A Consent definition for defining Multi Payments
$ref: "#/components/schemas/OBLongLivedPaymentConsent"
additionalProperties: false
PayerReference:
description: |
Reason or reference for the payer regarding the Payment
$ref: "#/components/schemas/OBReference"
BeneficiaryReference:
description: |
Reason or reference for the beneficiary regarding the Payment
$ref: "#/components/schemas/OBReference"
PaymentPurposeCode:
$ref: "#/components/schemas/OBPaymentPurposeCode"
SponsoredTPPInformation:
$ref: "#/components/schemas/OBSponsoredTPPInformation"
Subscription:
$ref: "#/components/schemas/OBEventNotification"
OBConsentPermissions:
title: "OBConsentPermissions"
type: "array"
description: |
Specifies the permitted Account Access data types.
This is a list of the data groups being consented by the User, and requested for authorization with the LFI.
This allows a TPP to request a balance check permission.
items:
type: "string"
enum:
- "ReadAccountsBasic" # Ability to read basic account information
- "ReadAccountsDetail" # Ability to read account identification details
- "ReadBalances" # Ability to read all balance information
minItems: 1
OBCurrencyRequest:
title: "OBCurrencyRequest"
description: |
The details of the non-local currency or FX request that has been agreed between the User and the TPP.
The requested ChargeBearer and ExchangeRateInformation are included in this object may be overwritten by the LFI in the returned Consent object.
type: "object"
additionalProperties: false
required:
- "CurrencyOfTransfer"
properties:
InstructionPriority:
description: "Indicator of the urgency or order of importance that the instructing party would like the instructed party to apply to the processing of the instruction."
type: "string"
enum:
- "Normal"
- "Urgent"
ExtendedPurpose:
description: "Specifies the purpose of an international payment, when there is no corresponding 4 character code available in the ISO20022 list of Purpose Codes."
type: "string"
minLength: 1
maxLength: 140
ChargeBearer:
$ref: "#/components/schemas/OBChargeBearerType1Code"
CurrencyOfTransfer:
description: "Specifies the currency of the to be transferred amount, which is different from the currency of the debtor's account."
type: "string"
pattern: "^[A-Z]{3,3}$"
DestinationCountryCode:
description: "Country in which Credit Account is domiciled. Code to identify a country, a dependency, or another area of particular geopolitical interest, on the basis of country names obtained from the United Nations (ISO 3166, Alpha-2 code)."
type: "string"
pattern: "[A-Z]{2,2}"
ExchangeRateInformation:
type: "object"
additionalProperties: false
required:
- "UnitCurrency"
- "RateType"
description: "Provides details on the currency exchange rate and contract."
properties:
UnitCurrency:
description: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
type: "string"
pattern: "^[A-Z]{3,3}$"
ExchangeRate:
description: "The factor used for conversion of an amount from one currency to another. This reflects the price at which one currency was bought with another currency."
type: "number"
RateType:
description: "Specifies the type used to complete the currency exchange."
type: "string"
enum:
- "Actual"
- "Agreed"
- "Indicative"
ContractIdentification:
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent."
type: "string"
minLength: 1
maxLength: 256
OBChargeBearerType1Code:
description: "Specifies which party/parties will bear the charges associated with the processing of the payment transaction."
type: "string"
enum:
- "BorneByCreditor"
- "BorneByDebtor"
- "FollowingServiceLevel"
- "Shared"
OBExchangeRateInformation:
type: "object"
additionalProperties: false
required:
- "UnitCurrency"
- "ExchangeRate"
- "RateType"
description: "Further detailed information on the exchange rate that has been used in the payment transaction."
properties:
UnitCurrency:
description: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
type: "string"
pattern: "^[A-Z]{3,3}$"
ExchangeRate:
description: "The factor used for conversion of an amount from one currency to another. This reflects the price at which one currency was bought with another currency."
type: "number"
RateType:
description: "Specifies the type used to complete the currency exchange."
type: "string"
enum:
- "Actual"
- "Agreed"
- "Indicative"
ContractIdentification:
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent."
type: "string"
minLength: 1
maxLength: 256
ExpirationDateTime:
description: "Specified date and time the exchange rate agreement will expire.All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00"
type: "string"
format: "date-time"
OBPaymentPII:
type: "object"
additionalProperties: false
description: "Elements of Personal Identifiable Information data"
properties:
Initiation:
type: "object"
additionalProperties: false
description: "The Initiation payload is sent by the initiating party to the LFI. It is used to request movement of funds from the debtor account to a creditor."
properties:
DebtorAccount:
type: "object"
additionalProperties: false
required:
- "IdentificationType"
- "Identification"
description: "Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction."
properties:
IdentificationType:
$ref: "#/components/schemas/OBExternalAccountIdentificationCode"
Identification:
$ref: "#/components/schemas/OBIdentification"
MobileNumber:
$ref: "#/components/schemas/OBMobileNumber"
Name:
$ref: "#/components/schemas/OBName"
CreditorAgent:
$ref: "#/components/schemas/OBCreditorAgent"
Creditor:
type: "object"
additionalProperties: false
description: "Party to which an amount of money is due."
properties:
Name:
description: |
Name by which a party is known and which is usually used to identify that party.
This may be used to identify the Creditor for international payments.
type: "string"
minLength: 1
maxLength: 140
PostalAddress:
$ref: "#/components/schemas/OBAddress"
CreditorAccount:
$ref: "#/components/schemas/OBCreditorAccount"
Risk:
$ref: "#/components/schemas/OBRisk"
OBJWEPaymentPII:
type: string
description: |
A JSON Web Encryption (JWE) object, which encapsulates a JWS. The value is a compact serialization
of a JWE, which is a string consisting of five base64url-encoded parts joined by dots. It encapsulates encrypted content using JSON data structures.
The decrypted JWS content has the structure of the OBPaymentPII schema.
example: "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ...."
############################################
# PARAMETERS
############################################
parameters:
#################################################
# HEADER PARAMETERS
#################################################
authorization:
in: "header"
name: "authorization"
required: true
description: "An authorization Token as per https://tools.ietf.org/html/rfc6750"
schema:
type: "string"
example: Bearer 12773da5-81c5-45e7-893c-381ca3cecc30
x-customer-user-agent:
in: "header"
name: "x-customer-user-agent"
description: "Indicates the user-agent that the User is using."
required: false
schema:
type: "string"
example: Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_1 like Mac OS X) AppleWebKit/603.1.30 (KHTML, like Gecko) Version/10.0 Mobile/14E304 Safari/602.1
x-fapi-customer-ip-address:
in: "header"
name: "x-fapi-customer-ip-address"
required: false
description: "The User's IP address if the User is currently logged in with the TPP."
schema:
type: "string"
example: 51.235.115.203
x-fapi-auth-date:
in: "header"
name: "x-fapi-auth-date"
required: false
description: "The time when the User last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2023 19:43:31 UTC"
schema:
type: "string"
pattern: "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$"
example: Thu, 26 Jan 2023 16:31:32 UTC
x-fapi-interaction-id-request:
in: "header"
name: "x-fapi-interaction-id"
required: false
description: "An RFC4122 UID used as a correlation id."
schema:
type: "string"
example: 49df2c2c-6b80-40ee-96a1-71910a248048
x-fapi-interaction-id-response:
in: "header"
name: "x-fapi-interaction-id"
required: true
description: "An RFC4122 UID used as a correlation id."
schema:
type: "string"
example: 49df2c2c-6b80-40ee-96a1-71910a248048
x-idempotency-key:
name: "x-idempotency-key"
in: "header"
description: "Ensures the LFI processes the resource successfully only once per x-idempotency-key"
required: true
schema:
type: "string"
maxLength: 40
pattern: "^(\\S*)$"
example: 78dae4513b8847f98e2d4173b4ed0eb6
x-idempotency-key-consent:
name: "x-idempotency-key"
in: "header"
description: "Ensures the LFI processes the resource successfully only once per x-idempotency-key"
schema:
type: "string"
maxLength: 40
pattern: "^(\\S*)$"
example: 78dae4513b8847f98e2d4173b4ed0eb6
Location:
name: "Location"
in: "header"
description: "URI location to the created resource"
required: true
schema:
type: "string"
maxLength: 40
Prefer:
name: "Prefer"
in: "header"
description: |
Preferences that allow certain behaviours on the API.
* Request To Pay: CancelAllPendingRequestsToPay=true - Can be used to cancel all Requests to Pay that are in a Pending Status
required: false
schema:
type: "string"
maxLength: 40
example: CancelAllPendingRequestsToPay=true
Preference-Applied:
name: "Preference-Applied"
in: "header"
description: |
Determines that the requested Preference was applied by the API
* Request to Pay: CancelAllPendingRequestsToPay=true - Confirms that all Requests to Pay in a Pending Status were successfully Cancelled.
required: false
schema:
type: "string"
maxLength: 40
example: CancelAllPendingRequestsToPay=true
#################################################
# PATH PARAMETERS
#################################################
PaymentId:
name: "PaymentId"
in: "path"
description: "Unique identification as assigned by the LFI to uniquely identify the domestic payment resource."
schema:
type: "string"
minLength: 1
maxLength: 40
required: true
example: 83b47199-90c2-4c05-9ef1-aeae68b0fc7c
ConsentId:
name: "ConsentId"
in: "path"
description: "Unique identification as assigned by the LFI to uniquely identify the Consent resource"
required: true
schema:
type: "string"
example: aac-69255d98-ab0e-4758-92a7-cacbf3073efa
#################################################
# QUERY PARAMETERS
#################################################
paymentTransactionId:
in: "query"
name: "paymentTransactionId"
description: |
A series of one or more payment rails transactionIds. For example:
* A single transactionId:
```
paymentTransactionId=oz2c8wpre1vy34tx7q
```
* Multiple transactionIds:
```
paymentTransactionId=oz2c8wpre1vy34tx7q,aa2c8wpre1vy34txbb,cc2c8wpre1vy34txdd
```
schema:
type: "array"
items:
type: "string"
style: "form"
explode: false
examples:
singleTransactionId:
summary: "Example of a single transaction"
value: ["oz2c8wpre1vy34tx7q"]
multiTransactionId:
summary: "Example of multiple transactions"
value:
["oz2c8wpre1vy34tx7q", "aa2c8wpre1vy34txbb", "cc2c8wpre1vy34txdd"]
allowEmptyValue: false
baseConsentId:
in: "query"
name: "baseConsentId"
required: true
description: |
A specific baseConsentId. For example:
```
baseConsentId=abc-19877d98-ab0e-4758-92a7-vvffr1234abv
```
schema:
type: "string"
allowEmptyValue: false
example: abc-19877d98-ab0e-4758-92a7-vvffr1234abv
#################################################
# SECURITY SCHEMES
#################################################
securitySchemes:
TPPOAuth2Security:
type: oauth2
description: "TPP confidential client authorization with the LFI to stage a consent. **Please refer to [OpenID FAPI Security Profile 1.0 -Part 2 Advanced](https://openid.net/specs/openid-financial-api-part-2-1_0.html#authorization-server) - 5.2.2 point 14 - shall authenticate the confidential client using one of the following methods private_key_jwt and [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication) 9. Client Authentication private_key_jwt**"
flows:
clientCredentials:
tokenUrl: "https://authserver.example/token"
scopes:
openid: Activates OpenID Connect Support
payments: Ability for accessing payments.
accounts: Ability for accessing account information.
UserOAuth2Security:
type: oauth2
description: "[OAuth2 PAR flow](https://datatracker.ietf.org/doc/html/rfc9126), it is required when the User needs to perform SCA with the LFI when a TPP wants to access an LFI resource owned by the User. **Please refer to [OpenID FAPI Security Profile 1.0 -Part 2 Advanced](https://openid.net/specs/openid-financial-api-part-2-1_0.html#authorization-server) - 5.2.2 point 14 - shall authenticate the confidential client using one of the following methods private_key_jwt and [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication) 9. Client Authentication private_key_jwt**"
flows:
authorizationCode:
authorizationUrl: "https://authserver.example/authorization"
tokenUrl: "https://authserver.example/token"
scopes:
openid: Activates OpenID Connect Support
payments: Ability for initiating payments. This is a parameterized scope with the ConsentId
accounts: Ability for accessing account information.
LFIWebhookSecurity:
type: http
description: "The LFI generates a Self Signed JWT Authorization Token for Client Authentication with the TPP. **Please refer to Self-Signed JWT Authorization Token Specification in the UAE Standard API User Guide**"
scheme: bearer
bearerFormat: JWT
############################################
# EXAMPLES
############################################
examples:
Error400BadRequestSigned:
summary: 400 Bad Request
description: 400 Bad Request
value:
{
"iss": "c50f0152-49bb-4dc4-b866-b625271c4e78",
"exp": 3349494246,
"nbf": 1675765189,
"aud": ["e63df191-5fff-4e9c-bba2-b273c94e87f0"],
"iat": 1675765189,
"message":
{
"Errors":
[
{
"Code": "UAEOF.GenericError",
"Message": { "en": "A mandatory field is missing." },
},
],
},
}
Error403ForbiddenSigned:
summary: 403 Forbidden
description: 403 Forbidden
value:
{
"iss": "c50f0152-49bb-4dc4-b866-b625271c4e78",
"exp": 3349494246,
"nbf": 1675765189,
"aud": ["e63df191-5fff-4e9c-bba2-b273c94e87f0"],
"iat": 1675765189,
"message":
{
"Errors":
[
{
"Code": "UAEOF.AccessToken.InvalidScope",
"Message":
{
"en": "The access token did not have an appropriate scope attached to it.",
},
},
],
},
}
Error500InternalServerErrorSigned:
summary: 500 Internal Server Error
description: 500 Internal Server Error
value:
{
"iss": "c50f0152-49bb-4dc4-b866-b625271c4e78",
"exp": 3349494246,
"nbf": 1675765189,
"aud": ["e63df191-5fff-4e9c-bba2-b273c94e87f0"],
"iat": 1675765189,
"message":
{
"Errors":
[
{
"Code": "UAEOF.GenericError",
"Message":
{
"en": "An Internal Server error has occurred. Please retry in 60 seconds.",
},
},
],
},
}
|