openapi: 3.0.0
info:
title: UAE Pushed Authorization Endpoint
description: >-
## UAE Open Finance Pushed Authorization Endpoint Specification
This API description provides the definitions for the supported Rich
Authorization Request (RAR) payloads in the context of the Pushed
Authorization Request endpoint.
Please note that RAR definitions are provided for information and **do not**
accurately reflect a serialized, signed JSON Web Token. The Schema Object
provide the correct message payload definition to create the RAR before
createcreating a JWT-Secured AuthenticationAuthorization Request (JAR).
version: v1.0-draft3
tags:
- name: Pushed Authorization Requests
paths:
/open-finance/v1/par:
post:
tags:
- Pushed Authorization Requests
operationId: InsuranceConsents_create
summary: >-
Submit a Rich Authorization Request (RAR) to the Pushed Authorization
Request (PAR) Endpoint
parameters: []
responses:
'201':
description: >-
The request has succeeded and a new resource has been created as a
result.
content:
application/json:
schema:
$ref: '#/components/schemas/PushedAuthorizationResponseBody'
'400':
description: The server could not understand the request due to invalid syntax.
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthBadRequestErrorResponse'
'405':
description: Method Not Allowed
'413':
description: Content Too Large
'429':
description: Too Many Requests
headers:
retry-after:
required: true
description: Number in seconds to wait
schema:
type: integer
format: int64
requestBody:
required: true
content:
application/x-www-form-urlencoded:
schema:
$ref: '#/components/schemas/PushedAuthorizationRequest'
components:
schemas:
AEAcceptedAuthorizationTypeRequestPayments:
type: string
enum:
- UAEOF.Single
- UAEOF.Multi
- UAEOF.Both
description: |2-
Specifies to the LFI the type of consent authorization accepted by the TPP when staging the consent
* Single - The consent should incur a single authorization Step with the LFI
* Multi - The consent should incur a multi-authorization Step with the LFI
* Both - The consent should incur either a single authorization or multi-authorization step with the LFI. The LFI decides.
AEAccountAccessAuthorizationDetailConsentProperties:
type: object
required:
- ConsentId
- Permissions
properties:
ConsentId:
$ref: '#/components/schemas/AEConsentId'
Permissions:
$ref: '#/components/schemas/AEAccountAccesssConsentPermissionCodes'
allOf:
- $ref: '#/components/schemas/AEAccountAccessAuthorizationDetailProperties'
additionalProperties: false
AEAccountAccessAuthorizationDetailProperties:
type: object
properties:
BaseConsentId:
$ref: '#/components/schemas/AEBaseConsentId'
ExpirationDateTime:
type: string
format: date-time
description: >-
Specified date and time the permissions will expire.
If this is not populated, the permissions will be open ended.All
dates in the JSON payloads are represented in ISO 8601 date-time
format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
TransactionFromDateTime:
type: string
format: date-time
description: |2-
Specified start date and time for the transaction query period.
If this is not populated, the start date will be open ended, and
data will be returned from the earliest available
transaction.All dates in the JSON payloads are represented in
ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
TransactionToDateTime:
type: string
format: date-time
description: |2-
Specified end date and time for the transaction query period.
If this is not populated, the end date will be open ended, and
data will be returned to the latest available transaction.All
dates in the JSON payloads are represented in ISO 8601 date-time
format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
AccountType:
type: array
items:
$ref: '#/components/schemas/AEAccountTypeCode'
AccountSubType:
type: array
items:
$ref: '#/components/schemas/AEAccountSubTypeCode'
OnBehalfOf:
$ref: '#/components/schemas/AEOnBehalfOf'
Purpose:
type: array
items:
$ref: '#/components/schemas/AEAccountAccessConsentPurpose'
additionalProperties: false
AEAccountAccessAuthorizationDetailReconsentProperties:
type: object
required:
- ConsentId
properties:
ConsentId:
$ref: '#/components/schemas/AEConsentId'
Permissions:
$ref: '#/components/schemas/AEAccountAccesssConsentPermissionCodes'
allOf:
- $ref: '#/components/schemas/AEAccountAccessAuthorizationDetailProperties'
additionalProperties: false
AEAccountAccessAuthorizationDetailsConsent:
type: object
required:
- Type
- Consent
- Subscription
properties:
Type:
type: string
enum:
- urn:openfinanceuae:account-access-consent:v1.0-draft3
Consent:
$ref: >-
#/components/schemas/AEAccountAccessAuthorizationDetailConsentProperties
Subscription:
$ref: '#/components/schemas/EventNotification'
description: >-
Properties for creating a consent object for the first time a User
consents to TPP access to account information data
additionalProperties: false
AEAccountAccessAuthorizationDetailsReconsent:
type: object
required:
- Type
- Consent
- Subscription
properties:
Type:
type: string
enum:
- urn:openfinanceuae:account-access-consent:v1.0-draft3
Consent:
$ref: >-
#/components/schemas/AEAccountAccessAuthorizationDetailReconsentProperties
Subscription:
$ref: '#/components/schemas/EventNotification'
description: >-
Properties for creating a consent object when a User reconsents to TPP
access to account information data
additionalProperties: false
AEAccountAccessConsentPurpose:
type: string
enum:
- Account Aggregation
- Personal Finance Manager
- Credit Assessment
- Tax Filing
- Enterprise Financial Management
- Other
AEAccountAccesssConsentPermissionCodes:
type: string
enum:
- ReadAccountsBasic
- ReadAccountsDetail
- ReadBalances
- ReadBeneficiariesBasic
- ReadBeneficiariesDetail
- ReadTransactionsBasic
- ReadTransactionsDetail
- ReadTransactionsCredits
- ReadTransactionsDebits
- ReadProduct
- ReadScheduledPaymentsBasic
- ReadScheduledPaymentsDetail
- ReadDirectDebits
- ReadStandingOrdersBasic
- ReadStandingOrdersDetail
- ReadConsents
- ReadPartyPSU
- ReadPartyPSUIdentity
- ReadParty
description: >-
Specifies the permitted account access policy data types.
This is a list of the data groups being consented by the User, and
requested for authorization with the LFI.
AEAccountSubTypeCode:
type: string
enum:
- CurrentAccount
- Savings
- CreditCard
- PrePaidCard
- EMoney
- ChargeCard
- Other
description: Specifies the sub type of account (product family group)
AEAccountTypeCode:
type: string
enum:
- UAEOF.Retail
- UAEOF.Corporate
description: Specifies the type of account (Retail or Corporate).
AEAmountAndCurrency:
type: object
required:
- Currency
- Amount
properties:
Currency:
$ref: '#/components/schemas/CurrencyCode'
Amount:
$ref: '#/components/schemas/Amount'
description: >-
The Currency and Amount relating to the Payment, Refund or Request to
Pay
additionalProperties: false
AEBaseConsentId:
type: string
minLength: 1
maxLength: 128
description: >-
The original ConsentId assigned by the TPP.
It is used by the TPP for updating/renewing parameters associated with
long-lived consents.
It must be provided when long-lived consent parameters are
updated/renewed for a current consent that has not yet finished.
AEChargeBearerType1Code:
type: string
enum:
- BorneByCreditor
- BorneByDebtor
- FollowingServiceLevel
- Shared
description: >-
Specifies which party/parties will bear the charges associated with the
processing of the payment transaction.
AEConsentId:
type: string
minLength: 1
maxLength: 128
description: >-
Unique identification assigned by the TPP to identify the consent
resource.
AECurrencyRequest:
type: object
required:
- ExtendedPurpose
- CurrencyOfTransfer
properties:
InstructionPriority:
allOf:
- $ref: '#/components/schemas/AEInstructionPriority'
description: >-
Indicator of the urgency or order of importance that the instructing
party would like the instructed party to apply to the processing of
the instruction.
ExtendedPurpose:
type: string
minLength: 1
maxLength: 140
description: >-
Specifies the purpose of an international payment, when there is no
corresponding 4 character code available in the ISO20022 list of
Purpose Codes.
ChargeBearer:
$ref: '#/components/schemas/AEChargeBearerType1Code'
CurrencyOfTransfer:
type: string
pattern: ^[A-Z]{3,3}$
description: >-
Specifies the currency of the to be transferred amount, which is
different from the currency of the debtor's account.
DestinationCountryCode:
type: string
pattern: '[A-Z]{2,2}'
description: >-
Country in which Credit Account is domiciled. Code to identify a
country, a dependency, or another area of particular geopolitical
interest, on the basis of country names obtained from the United
Nations (ISO 3166, Alpha-2 code).
ExchangeRateInformation:
$ref: '#/components/schemas/AEExchangeRateInformation'
description: >-
The details of the non-local currency or FX request that has been agreed
between the User and the TPP.
The requested ChargeBearer and ExchangeRateInformation are included in
this object may be overwritten by the LFI in the returned Consent
object.
additionalProperties: false
AEExchangeRateInformation:
type: object
required:
- UnitCurrency
- RateType
properties:
UnitCurrency:
type: string
pattern: ^[A-Z]{3,3}$
description: >-
Currency in which the rate of exchange is expressed in a currency
exchange. In the example 1GBP = xxxCUR, the unit currency is GBP.
ExchangeRate:
type: number
description: >-
The factor used for conversion of an amount from one currency to
another. This reflects the price at which one currency was bought
with another currency.
RateType:
$ref: '#/components/schemas/AERateType'
ContractIdentification:
type: string
minLength: 1
maxLength: 256
description: >-
Unique and unambiguous reference to the foreign exchange contract
agreed between the initiating party/creditor and the debtor agent.
description: Provides details on the currency exchange rate and contract.
additionalProperties: false
AEExpectedInitiationTimeWindow:
type: string
pattern: >-
^(00[0-9]|0[1-9][0-9]|[1-6][0-9]{2}|7[01][0-9]|720):[0-5][0-9]:[0-5][0-9]$
description: |2-
A time window set by the TPP in which a Payment must be initated by the LFI.
The time window is based on a custom time format hhh:mm:ss. e.g. 000:00:15 represents a time window of 15 seconds to initiate the Payment.
AEInstructionPriority:
type: string
enum:
- Normal
- Urgent
AEInsuranceAuthorizationDetailsConsent:
type: object
required:
- Type
- Consent
- Subscription
properties:
Type:
type: string
enum:
- urn:openfinanceuae:insurance-consent:v1.0-draft3
Consent:
$ref: '#/components/schemas/OBInsuranceAuthorizationDetailConsentProperties'
Subscription:
$ref: '#/components/schemas/EventNotification'
description: >-
Properties for creating a consent object for the first time a User
consents to TPP access to insurance data or services
additionalProperties: false
AEInsuranceAuthorizationDetailsReconsent:
type: object
required:
- Type
- Consent
- Subscription
properties:
Type:
type: string
enum:
- urn:openfinanceuae:insurance-consent:v1.0-draft3
Consent:
$ref: >-
#/components/schemas/OBInsuranceAuthorizationDetailReconsentProperties
Subscription:
$ref: '#/components/schemas/EventNotification'
description: >-
Properties for creating a consent object when a User reconsents to TPP
access to insurance data or services
additionalProperties: false
AEJWEPaymentPII:
type: string
description: |2-
A JSON Web Encryption (JWE) object, which encapsulates a JWS. The value is a compact serialization
of a JWE, which is a string consisting of five base64url-encoded parts joined by dots. It encapsulates encrypted content using JSON data structures.
The decrypted JWS content has the structure of the OBPaymentPII schema.
AEOnBehalfOf:
type: object
properties:
TradingName:
type: string
description: Trading Name
LegalName:
type: string
description: Legal Name
IdentifierType:
allOf:
- $ref: '#/components/schemas/AEOnBehalfOfIdentifierType'
description: Identifier Type
Identifier:
type: string
description: Identifier
additionalProperties: false
AEOnBehalfOfIdentifierType:
type: string
enum:
- Other
AEPeriodStartDate:
type: string
format: date
description: |2-
* Payments: Specifies the start date of when a payment schedule begins.
Where this is an optional field, if a value is not provided, then it must default to the Consent CreationDateTime, starting from midnight 00:00:00.
AEPeriodType:
type: string
enum:
- UAEOF.Day
- UAEOF.Week
- UAEOF.Month
- UAEOF.Year
description: |2-
A Period may begin from the Consent CreationDateTime if a PeriodStartDate is not provided.
|Period Type|Description|
|-----------|-----------|
|Day|A continuous period of time, consisting of 24 consecutive hours, starting from midnight (00:00:00) and finishing at 23:59:59 of the same day. |
|Week|A continuous period of time, consisting of seven consecutive days, starting from midnight (00:00:00) and finishing at 23:59:59 of the 7th day. |
|Month|A continuous period of time starting from midnight (00:00:00) of the first day of a month and finishing at 23:59:59 of the last day of that month.|
|Year|A continuous period of time, consisting of 12 months.|
AERateType:
type: string
enum:
- Actual
- Agreed
- Indicative
description: Specifies the type used to complete the currency exchange.
AERequestedExecutionDate:
type: string
format: date
description: |2-
The date when the TPP expects the LFI to execute the payment.
The date must be in the future and cannot be on the same day or a day in the past.
The maximum date in the future that can be specified is 1 year from the day of the consent of the User to the TPP.
All dates in the JSON payloads are represented in ISO 8601 date format.
AEServiceInitiationAuthorizationDetailConsent:
type: object
required:
- Type
- Consent
- Subscription
properties:
Type:
type: string
enum:
- urn:openfinanceuae:service-initiation-consent:v1.0-draft3
Consent:
$ref: >-
#/components/schemas/AEServiceInitiationAuthorizationDetailProperties
Subscription:
$ref: '#/components/schemas/EventNotification'
description: >-
Properties for creating a consent object for the first time a User
consents to TPP access to service initiation APIs
additionalProperties: false
AEServiceInitiationAuthorizationDetailProperties:
type: object
required:
- ConsentId
- AcceptedAuthorizationType
- PersonalIdentifiableInformation
- ControlParameters
- PaymentPurposeCode
properties:
ConsentId:
$ref: '#/components/schemas/AEConsentId'
BaseConsentId:
$ref: '#/components/schemas/AEBaseConsentId'
AcceptedAuthorizationType:
$ref: '#/components/schemas/AEAcceptedAuthorizationTypeRequestPayments'
AuthorizationExpirationTimeWindow:
type: string
pattern: >-
^(00[0-9]|0[1-9][0-9]|[1-6][0-9]{2}|7[01][0-9]|720):[0-5][0-9]:[0-5][0-9]$
description: |2-
A time window by which a Consent (in AwaitingAuthorization status) must be Authorized by the User.
The time window starts from the actual CreationDateTime (when the Consent is staged with the LFI).
If the current time window exceeds the Authorization Expiration Time Window (and the Consent status is AwaitingAuthorization) then the Consent Status must be set to Rejected.
The time window is based on a custom time format hhh:mm:ss. e.g. 720:00:00 represents a time window of 720 hours, 00 minutes, 00 seconds (30 days) after the CreationDateTime to Authorize the Consent.
ExpirationDateTime:
allOf:
- $ref: '#/components/schemas/ARConsentExpirationDateTime'
description: |2-
Specified date and time the consent will expire.
If this is not populated, the consent will remain active as a long lived consent until the maximum consent validity period as per section 4.1.1 Consent Elements in the API User Guide.
All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is :2023-04-05T10:43:07+00:00
* For Payment Consents, the maximum expiration time limit should be 23:59:59 (1 second before 00:00:00)
Permissions:
type: array
items:
$ref: '#/components/schemas/AEServiceInitiationConsentPermissionCodes'
description: |2-
Specifies the permitted Account Access data types.
This is a list of the data groups being consented by the User, and requested for authorization with the LFI.
This allows a TPP to request a balance check permission.
ReadRefundAccount:
type: boolean
description: Allows the LFI to share the refund account details with TPP
CurrencyRequest:
$ref: '#/components/schemas/AECurrencyRequest'
PersonalIdentifiableInformation:
$ref: '#/components/schemas/AEJWEPaymentPII'
ControlParameters:
$ref: '#/components/schemas/AEServiceInitiationConsentControlParameters'
PayerReference:
allOf:
- $ref: '#/components/schemas/AEServiceInitiationReference'
description: Reason or reference for the payer regarding the Payment
BeneficiaryReference:
allOf:
- $ref: '#/components/schemas/AEServiceInitiationReference'
description: Reason or reference for the beneficiary regarding the Payment
PaymentPurposeCode:
$ref: '#/components/schemas/AEServiceInitiationPaymentPurposeCode'
SponsoredTPPInformation:
$ref: '#/components/schemas/AEServiceInitiationSponsoredTPPInformation'
additionalProperties: false
AEServiceInitiationConsentControlParameters:
type: object
required:
- ConsentSchedule
properties:
IsPayByAccount:
type: boolean
description: A flag to denote if the Payment is an E-Commerce transaction
ConsentSchedule:
$ref: '#/components/schemas/AEServiceInitiationConsentSchedule'
description: Control Parameters set the overall rules for the Payment Schedule
additionalProperties: false
AEServiceInitiationConsentPermissionCodes:
type: string
enum:
- ReadAccountsBasic
- ReadAccountsDetail
- ReadBalances
AEServiceInitiationConsentSchedule:
type: object
properties:
SinglePayment:
$ref: '#/components/schemas/AEServiceInitiationSinglePayment'
MultiPayment:
$ref: '#/components/schemas/AEServiceInitiationLongLivedPaymentConsent'
FilePayment:
$ref: '#/components/schemas/AEServiceInitiationFilePaymentConsent'
description: |2-
The various payment types that can be initiated:
* A Single Payment
* A Multi-Payment
* A Combined Payment (one SinglePayment and one MultiPayment)
additionalProperties: false
AEServiceInitiationDefinedSchedule:
type: object
required:
- Type
- Schedule
properties:
Type:
type: string
enum:
- UAEOF.DefinedSchedule
description: The Periodic Schedule Type
Schedule:
type: array
items:
$ref: '#/components/schemas/AEServiceInitiationSchedule'
minItems: 1
description: >-
Payment Schedule denoting a list of pre-defined future dated payments
all with fixed amounts and dates.
additionalProperties: false
AEServiceInitiationFilePaymentConsent:
type: object
required:
- FileType
- FileHash
- NumberOfTransactions
- ControlSum
properties:
FileType:
type: string
minLength: 1
maxLength: 40
description: Specifies the payment file type
FileHash:
type: string
minLength: 1
maxLength: 44
description: A base64 encoding of a SHA256 hash of the file to be uploaded.
FileReference:
$ref: '#/components/schemas/AEServiceInitiationReference'
NumberOfTransactions:
type: integer
description: >-
Number of individual transactions contained in the payment
information group.
ControlSum:
type: string
pattern: ^\d{1,16}\.\d{2}$
description: >-
Total of all individual amounts included in the group, irrespective
of currencies.
RequestedExecutionDateTime:
$ref: '#/components/schemas/AERequestedExecutionDate'
description: A Consent definition for defining Bulk/Batch Payments
additionalProperties: false
AEServiceInitiationFixedPeriodicSchedule:
type: object
required:
- Type
- PeriodType
- PeriodStartDate
- Amount
properties:
Type:
type: string
enum:
- UAEOF.FixedPeriodicSchedule
PeriodType:
$ref: '#/components/schemas/AEPeriodType'
PeriodStartDate:
$ref: '#/components/schemas/AEPeriodStartDate'
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
Payment Controls that apply to all payment instructions in a given
period under this payment consent.
additionalProperties: false
AEServiceInitiationFutureDatedPayment:
type: object
required:
- Type
- Amount
- RequestedExecutionDate
properties:
Type:
type: string
enum:
- UAEOF.SingleFutureDatedPayment
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
RequestedExecutionDate:
$ref: '#/components/schemas/AERequestedExecutionDate'
description: >-
A long-lived consent that MUST be used for a single payment which will
be authorized by the User during the payment journey, but the payment
will be initiated by the TPP in the future.
additionalProperties: false
AEServiceInitiationLongLivedPaymentConsent:
type: object
required:
- Amount
- MaximumIndividualPaymentAmount
- PeriodicSchedule
properties:
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
MaximumIndividualPaymentAmount:
allOf:
- $ref: '#/components/schemas/AEAmountAndCurrency'
description: |2-
This is the Maximum amount a variable payment related to the Consent can take.
All payment amounts must be smaller or equal to this value.
MaximumCumulativeValueOfPayments:
allOf:
- $ref: '#/components/schemas/AEAmountAndCurrency'
description: |2-
The maximum cumulative value of all successful payment rails executions under the Consent.
Each successful payment rails execution amount (related to the Consent) is added to the total cumulative value of the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
MaximumCumulativeNumberOfPayments:
type: integer
description: |2-
The maximum cumulative number of all successful payment rails executions under the Consent.
Each successful payment rails execution (related to the Consent) is added to the total cumulative number of payments for the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
PeriodicSchedule:
$ref: >-
#/components/schemas/AEServiceInitiationLongLivedPaymentConsentPeriodicSchedule
description: A Consent definition for defining Multi Payments
additionalProperties: false
AEServiceInitiationLongLivedPaymentConsentPeriodicSchedule:
type: object
required:
- DefinedSchedule
- FixedPeriodicSchedule
- VariablePeriodicSchedule
properties:
DefinedSchedule:
$ref: '#/components/schemas/AEServiceInitiationDefinedSchedule'
FixedPeriodicSchedule:
$ref: '#/components/schemas/AEServiceInitiationFixedPeriodicSchedule'
VariablePeriodicSchedule:
$ref: '#/components/schemas/AEServiceInitiationVariablePeriodicSchedule'
Type:
type: string
description: >-
Discriminator property for
AEServiceInitiationLongLivedPaymentConsentPeriodicSchedule.
discriminator:
propertyName: Type
description: The definition for a schedule
additionalProperties: false
AEServiceInitiationPaymentPurposeCode:
type: string
minLength: 1
maxLength: 4
pattern: ^[A-Z]{4}$
description: |2-
A Category code, related to the type of services or goods that corresponds to the underlying purpose of the Payment.
* The ISO20022 External code sets
AEServiceInitiationReference:
type: string
minLength: 1
maxLength: 120
description: A reason or reference in relation to a payment.
AEServiceInitiationSchedule:
type: object
required:
- PaymentExecutionDate
- Amount
properties:
PaymentExecutionDate:
type: string
format: date
description: |2-
Used to specify the expected payment execution date/time.
All dates in the JSON payloads are represented in ISO 8601 date format.
An example is: 2023-04-05
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
additionalProperties: false
AEServiceInitiationSingleInstantPayment:
type: object
required:
- Type
- Amount
properties:
Type:
type: string
enum:
- UAEOF.SingleInstantPayment
description: The Payment Type
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
ExpectedInitiationTimeWindow:
$ref: '#/components/schemas/AEExpectedInitiationTimeWindow'
description: >-
A single immediate payment consent that MUST be be used for a single
payment which will be initiated immediately after User authorization at
the LFI.
additionalProperties: false
AEServiceInitiationSinglePayment:
anyOf:
- $ref: '#/components/schemas/AEServiceInitiationSingleInstantPayment'
- $ref: '#/components/schemas/AEServiceInitiationFutureDatedPayment'
discriminator:
propertyName: Type
mapping:
UAEOF.SingleInstantPayment: '#/components/schemas/AEServiceInitiationSingleInstantPayment'
UAEOF.SingleFutureDatedPayment: '#/components/schemas/AEServiceInitiationFutureDatedPayment'
description: A Consent definition for defining Single Payments
AEServiceInitiationSponsoredTPPInformation:
type: object
required:
- Name
- Identification
properties:
Name:
type: string
minLength: 1
maxLength: 50
description: The Sponsored TPP Name
Identification:
type: string
minLength: 1
maxLength: 50
description: The Sponsored TPP Identification
description: |2-
The Sponsored TPP is:
* A TPP that itself has no direct Open Banking API integrations.
* A TPP that is using the integration of another TPP that does have direct Open Banking API integrations.
additionalProperties: false
AEServiceInitiationVariablePeriodicSchedule:
type: object
required:
- Type
- PeriodType
- MaximumCumulativeValueOfPaymentsPerPeriodType
- MaximumCumulativeNumberOfPaymentsPerPeriodType
properties:
Type:
type: string
enum:
- UAEOF.VariablePeriodicSchedule
PeriodType:
$ref: '#/components/schemas/AEPeriodType'
PeriodStartDate:
$ref: '#/components/schemas/AEPeriodStartDate'
MaximumCumulativeValueOfPaymentsPerPeriodType:
allOf:
- $ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
The maximum cumulative payment value of all payment initiations per
Period Type.
MaximumCumulativeNumberOfPaymentsPerPeriodType:
type: integer
description: The maximum frequency of payment initiations per Period Type.
description: >-
Payment Controls that apply to all payment instructions in a given
period under this payment consent.
additionalProperties: false
ARConsentExpirationDateTime:
type: string
format: date-time
Amount:
type: number
CurrencyCode:
type: string
pattern: ^[A-Z]{3}$
EventNotification:
type: object
required:
- Webhook
properties:
Webhook:
$ref: '#/components/schemas/OBWebhook'
additionalProperties: false
OAuthBadRequestErrorResponse:
type: object
allOf:
- $ref: '#/components/schemas/OAuthErrorResponse'
description: Bad Request
additionalProperties: false
OAuthErrorCodes:
type: string
enum:
- invalid_request
- invalid_client
- invalid_grant
- unauthorized_client
- unsupported_grant_type
- invalid_scope
description: >-
Status code corresponding to error condition to be returned to the
client
OAuthErrorResponse:
type: object
required:
- error
properties:
error:
$ref: '#/components/schemas/OAuthErrorCodes'
error_description:
type: string
description: Description of the error providing additional information
error_uri:
type: string
description: >-
A URI identifying a human-readable web page with information about
the error
description: Error returned from endpoints compliant with security profile
additionalProperties: false
OBBaseConsentId:
type: string
minLength: 1
maxLength: 128
description: >-
The original ConsentId assigned by the TPP.
It is used by the TPP for updating/renewing parameters associated with
long-lived consents.
It must be provided when long-lived consent parameters are
updated/renewed for a current consent that has not yet finished.
OBConsentId:
type: string
minLength: 1
maxLength: 128
description: >-
Unique identification assigned by the TPP to identify the consent
resource.
OBConsentPermissions:
type: string
enum:
- ReadInsurancePoliciesMotor
description: >-
Specifies the permitted insurance policy data types.
This is a list of the data groups being consented by the User, and
requested for authorization with the LFI.
OBConsentPurpose:
type: string
enum:
- AccountAggregation
- PersonalFinanceManager
- CreditAssessment
- MotorInsuranceQuote
- EnterpriseFinancialManagement
- Other
OBInsuranceAuthorizationDetailConsentProperties:
type: object
required:
- ConsentId
- Permissions
properties:
ConsentId:
$ref: '#/components/schemas/OBConsentId'
BaseConsentId:
$ref: '#/components/schemas/OBBaseConsentId'
Permissions:
type: array
items:
$ref: '#/components/schemas/OBConsentPermissions'
minItems: 1
allOf:
- $ref: '#/components/schemas/OBInsuranceAuthorizationDetailProperties'
additionalProperties: false
OBInsuranceAuthorizationDetailProperties:
type: object
properties:
ExpirationDateTime:
type: string
format: date-time
description: >-
Specified date and time the permissions will expire.
If this is not populated, the permissions will be open ended.All
dates in the JSON payloads are represented in ISO 8601 date-time
format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
OnBehalfOf:
$ref: '#/components/schemas/AEOnBehalfOf'
Purpose:
type: array
items:
$ref: '#/components/schemas/OBConsentPurpose'
description: Primary data for the resource
additionalProperties: false
OBInsuranceAuthorizationDetailReconsentProperties:
type: object
required:
- ConsentId
properties:
ConsentId:
$ref: '#/components/schemas/OBConsentId'
allOf:
- $ref: '#/components/schemas/OBInsuranceAuthorizationDetailProperties'
additionalProperties: false
OBWebhook:
type: object
required:
- Url
- IsActive
properties:
Url:
type: string
description: The TPP Callback URL being registered with the LFI
IsActive:
type: boolean
description: >-
The TPP specifying whether the LFI should send (IsActive true) or
not send (IsActive false) Webhook Notifications to the TPP's Webhook
URL
description: A Webhook Subscription Schema
additionalProperties: false
PushedAuthorizationRequest:
type: object
required:
- client_assertion_type
- client_assertion
- request
properties:
client_assertion_type:
type: string
enum:
- urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
client_assertion:
type: string
description: private_key_jwt client assertion
request:
allOf:
- $ref: '#/components/schemas/RichAuthorizationJar'
description: >-
Rich Authorization Request (RAR) that defines the required JSON Web
Token (JWT) payload. This **does not** represent a correctly
serialized JWT, but provides a Schema Object that correctly defines
the supported RARs.
additionalProperties: false
PushedAuthorizationRequestSigned:
type: object
required:
- requestBody
properties:
requestBody:
$ref: '#/components/schemas/PushedAuthorizationRequest'
additionalProperties: false
PushedAuthorizationResponseBody:
type: object
required:
- request_uri
- expires_in
properties:
request_uri:
type: string
description: The request URI corresponding to the authorization request posted
expires_in:
type: integer
description: >-
A JSON number that represents the lifetime of the request URI in
seconds as a positive integer
additionalProperties: false
RichAuthorizationJar:
type: object
required:
- iss
- response_type
- redirect_uri
- scope
- state
- authorization_details
properties:
iss:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1)
aud:
type: array
items:
type: string
description: >-
[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3)
response_type:
type: string
redirect_uri:
type: string
scope:
type: string
state:
type: string
authorization_details:
type: array
items:
$ref: '#/components/schemas/RichAuthorizationRequestObjects'
additionalProperties: false
RichAuthorizationRequestObjects:
oneOf:
- $ref: '#/components/schemas/AEAccountAccessAuthorizationDetailsConsent'
- $ref: '#/components/schemas/AEAccountAccessAuthorizationDetailsReconsent'
- $ref: '#/components/schemas/AEInsuranceAuthorizationDetailsConsent'
- $ref: '#/components/schemas/AEInsuranceAuthorizationDetailsReconsent'
- $ref: '#/components/schemas/AEServiceInitiationAuthorizationDetailConsent'
Versions:
type: string
enum:
- v1.0-draft3
|