| Awesome api app render macro | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
openapi: 3.0.0 info: title: UAE Confirmation of Payee API description: '## UAE Open Finance Confirmation of Payee API Specification' version: v1.0-draft5rc1 tags: - name: Discovery Operations description: Discovery operations and resources - name: Confirmation Operations description: Payee confirmation operations and resources paths: /confirmation: post: tags: - Confirmation Operations operationId: ConfirmationOfPayeeConfirmation_signedConfirmationRequest summary: Confirm the account details are correct based on the parameters supplied description: >- Provide the properties that can be used to verify the payee account. At version 1.0.0 this will be the account name and eitherthe IBANCreditor orAccount Account NumberIBAN. Future version of this API may support verification through other through other identifiers. parameters: - $ref: '#/components/parameters/Authorization' - $ref: '#/components/parameters/x-customer-user-agent' - $ref: '#/components/parameters/x-fapi-auth-date' - $ref: '#/components/parameters/x-fapi-customer-ip-address' - $ref: '#/components/parameters/x-fapi-interaction-id' responses: '200': description: The request has succeeded. headers: x-fapi-interaction-id: required: false description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '#/components/schemas/NameConfirmationResponseBodySigned' '400': description: Bad request headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '#/components/schemas/AEErrorSignedResponse' '401': description: Unauthorized headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '403': description: Forbidden headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '#/components/schemas/AEErrorSignedResponse' '404': description: Not found headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '405': description: Method Not Allowed headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '406': description: Not Acceptable headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '415': description: Unsupported Media Type headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '429': description: Too Many Requests headers: retry-after: required: true description: Number in seconds to wait schema: type: integer format: int64 x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '500': description: Internal Server Error headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '#/components/schemas/AEErrorSignedResponse' requestBody: required: true content: application/jwt: schema: $ref: '#/components/schemas/NameConfirmationRequestBodySigned' security: - TPPOAuth2Security: - openid - confirmation-of-payee /discovery: post: tags: - Discovery Operations operationId: ConfirmationOfPayeeDiscovery_signedDiscoveryRequest summary: Discover the LFI that will confirm the payee attributes description: >- Before a Confirmation of Payee (CoP) operation takes place the TPP will need to resolve the LFI that will service the account properties request. This requirement is based on the separation of concerns implemented in the OFP, which ensures that the APIs for a given LFI are always physically separated. At version 1.0.0 the TPP will call this endpoint with the Creditor account IBAN, Account IBAN, which will be used to resolve the correct URL with which to make the CoP to make the CoP operation. parameters: - $ref: '#/components/parameters/Authorization' - $ref: '#/components/parameters/x-customer-user-agent' - $ref: '#/components/parameters/x-fapi-auth-date' - $ref: '#/components/parameters/x-fapi-customer-ip-address' - $ref: '#/components/parameters/x-fapi-interaction-id' responses: '200': description: The request has succeeded. headers: x-fapi-interaction-id: required: false description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: >- #/components/schemas/DiscoverConfirmationSourceResponseBodySigned '400': description: Bad request headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '#/components/schemas/AEErrorSignedResponse' '401': description: Unauthorized headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '403': description: Forbidden headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '#/components/schemas/AEErrorSignedResponse' '404': description: Not found headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '405': description: Method Not Allowed headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '406': description: Not Acceptable headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '415': description: Unsupported Media Type headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '429': description: Too Many Requests headers: retry-after: required: true description: Number in seconds to wait schema: type: integer format: int64 x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string '500': description: Internal Server Error headers: x-fapi-interaction-id: required: true description: An RFC4122 UID used as a correlation id. schema: type: string content: application/jwt: schema: $ref: '#/components/schemas/AEErrorSignedResponse' requestBody: required: true content: application/jwt: schema: $ref: '#/components/schemas/DiscoverConfirmationSourceRequestBodySigned' security: - TPPOAuth2Security: - openid - confirmation-of-payee components: parameters: Authorization: name: authorization in: header required: true description: An authorization Token as per https://tools.ietf.org/html/rfc6750 schema: type: string x-customer-user-agent: name: x-customer-user-agent in: header required: false description: Indicates the user-agent that the User is using. schema: type: string x-fapi-auth-date: name: x-fapi-auth-date in: header required: false description: >- The time when the User last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC schema: type: string pattern: >- ^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \d{4} \d{2}:\d{2}:\d{2} (GMT|UTC)$ x-fapi-customer-ip-address: name: x-fapi-customer-ip-address in: header required: false description: The User's IP address if the User is currently logged in with the TPP. schema: type: string x-fapi-interaction-id: name: x-fapi-interaction-id in: header required: false description: An RFC4122 UID used as a correlation id. schema: type: string schemas: AEAccountConfirmationRequest: type: object required: - Data properties: Data: $ref: '#/components/schemas/AEAccountConfirmationRequestProperties' additionalProperties: false AEAccountConfirmationRequestProperties: type: object oneOfrequired: - $ref: '#/components/schemas/AEIbanConfirmationProperties'SchemeName - $ref: '#/components/schemas/AEAccountNumberConfirmationProperties'Identification discriminator: - Name propertyNameproperties: IdentificationType mappingSchemeName: UAEOF.IBANtype: '#/components/schemas/AEIbanConfirmationProperties'string UAEOF.AccountNumberenum: '#/components/schemas/AEAccountNumberConfirmationProperties' AEAccountConfirmationResponse: type:- objectIBAN required: description: >- - Data Name -of Linksthe identification scheme, in a coded form as published -in Meta properties: an external list. Data: Identification: $ref: '#/components/schemas/AEAccountConfirmationResponseProperties' type: string Links: minLength: 1 $ref: '#/components/schemas/LinksSelf' MetamaxLength: 34 $refdescription: '#/components/schemas/Meta' >- additionalProperties: false Identification AEAccountConfirmationResponseProperties:for the account assigned by the LFI type:based objecton the required: Account Scheme -Name, AccountNameMatchIndicatoras understood by the Debtor. properties: AccountNameMatchIndicatorName: $ref: '#/components/schemas/AEAccountNameMatchIndicatorsAEAccountNameConfirmationProperties' description: Properties to request MaskedAccountName:a the Confirmation of Payee typeadditionalProperties: stringfalse AEAccountConfirmationResponse: minLength type: object 1 required: maxLength: 70 - Data description: >- Links - Meta The masked matched account name. Thisproperties: is provided to allow the User Data: to review the account name return from the Confirmation operation. $ref: '#/components/schemas/AEAccountConfirmationResponseProperties' Links: additionalProperties: false AEAccountDiscoveryByBankCode$ref: '#/components/schemas/LinksSelf' type: object Meta: required: $ref: '#/components/schemas/Meta' - IdentificationType additionalProperties: false - BankCodeAEAccountConfirmationResponseProperties: propertiestype: object required: IdentificationType: - AccountNameMatchIndicator type: string properties: enum: AccountNameMatchIndicator: - UAEOF.BankCode$ref: '#/components/schemas/AEAccountNameMatchIndicators' BankCodeMaskedAccountName: type: string patternminLength: ^[0-9]{3}$1 descriptionmaxLength: >-70 description: >- Bank identification code issued by CBUAE that identifies the LFI at The masked matched account name. This is provided to whichallow the accountUser is held additionalProperties: false to review AEAccountDiscoveryByIban:the account name return from the type: objectConfirmation operation. requiredadditionalProperties: false AEAccountNameConfirmationProperties: - IdentificationType oneOf: - Identification - $ref: '#/components/schemas/AEPersonalAccountNameConfirmationProperties' properties: - $ref: IdentificationType:'#/components/schemas/AEBusinessAccountNameConfirmationProperties' AEAccountNameMatchIndicators: type: string enum: enum: - ConfirmationOfPayee.Yes - UAEOFConfirmationOfPayee.IBANNo description: >- Identification: Indicator for whether the type:payee stringname is matched with the account name minLength: 1 held at the LFI maxLengthAEBusinessAccountNameConfirmationProperties: 400 type: object description required: >- - BusinessName Identification for the accountproperties: assigned by the LFI based on the BusinessName: type: Accountstring Scheme Name, and as understood by the payer. This minLength: 1 identification ismaxLength: known140 by the User account owner. For IBAN, refer description: The business name of the account holder, as understood toby the ISODebtor Standard 13616. description: The additionalProperties:properties falserequired to verify a business AEAccountNameConfirmationProperties:account oneOfadditionalProperties: false AEConfirmationDiscovery: - $ref: '#/components/schemas/AEPersonalAccountNameConfirmationProperties' type: object - $refrequired: '#/components/schemas/AEBusinessAccountNameConfirmationProperties' AEAccountNameMatchIndicators: - SchemeName type: string - Identification enum: properties: - UAEOF.ConfirmationOfPayee.Yes SchemeName: - UAEOF.ConfirmationOfPayee.No descriptiontype: >-string Indicator for whetherenum: the payee name is matched with the account name - IBAN held at the LFI AEAccountNumberConfirmationPropertiesdescription: >- type: object Name of required:the identification scheme, in a coded form as published -in IdentificationType - Identification an external list. - BankCode Identification: - Name type: string properties: IdentificationTypeminLength: 1 typemaxLength: string34 enumdescription: >- - UAEOF.AccountNumberIdentification for the account assigned by the LFI based Identification:on the type: string Account Scheme Name, as understood by the Debtor. minLength: 1 additionalProperties: false maxLengthAEConfirmationDiscoveryRequest: 400 type: object description: >- required: - Data Identification for the account assigned by theproperties: LFI based on the Data: Account Scheme Name, and as understood by the payer. This $ref: '#/components/schemas/AEConfirmationDiscovery' additionalProperties: false AEConfirmationDiscoveryResponse: identification is knowntype: byobject the User account owner. For IBAN, referrequired: - Data to the ISO Standard 13616. - Links BankCode: - Meta typeproperties: string patternData: ^[0-9]{3}$ description: >-$ref: '#/components/schemas/AEConfirmationSourceProperties' Links: Bank identification code issued by CBUAE that identifies the LFI at$ref: '#/components/schemas/LinksSelf' which the account is held NameMeta: $ref: '#/components/schemas/AEAccountNameConfirmationPropertiesMeta' additionalProperties: false AEBusinessAccountNameConfirmationPropertiesAEConfirmationSourceProperties: type: object required: - AuthorizationServerUrl - BusinessNameResourceServerUrl properties: BusinessNameAuthorizationServerUrl: type: string minLength: 1 maxLength: 140500 description: The business>- name of the account holder, as understood by the payer Authorization Server URL at description:which Thean propertiesAccess requiredToken to verifyinvoke athe business account additionalProperties: false Confirmation of AEConfirmationDiscovery:Payee operation should be sought oneOf: ResourceServerUrl: - $ref: '#/components/schemas/AEAccountDiscoveryByIban' type: string - $ref: '#/components/schemas/AEAccountDiscoveryByBankCode' discriminatorminLength: 1 propertyNamemaxLength: IdentificationType500 mapping: description: >- UAEOF.IBAN: '#/components/schemas/AEAccountDiscoveryByIban' Resource Server URL at which the Confirmation UAEOF.BankCode: '#/components/schemas/AEAccountDiscoveryByBankCode' of Payee operation AEConfirmationDiscoveryRequest: type: object should be invoked required: additionalProperties: false - DataAEError: propertiestype: object Datarequired: - Code $ref: '#/components/schemas/AEConfirmationDiscovery' - Message additionalProperties: false AEConfirmationDiscoveryResponseproperties: type Code: object required: allOf: - Data - $ref: - Links'#/components/schemas/AEErrorCode' -description: MetaLow level textual error code, e.g., UAEOF.Field.Missing properties: DataMessage: $reftype: '#/components/schemas/AEConfirmationSourceProperties' string LinksminLength: 1 $refmaxLength: '#/components/schemas/LinksSelf'500 Meta: description: >- $ref: '#/components/schemas/Meta' A description of additionalProperties:the falseerror that occurred. e.g., 'A AEConfirmationSourceProperties:mandatory field type: object required: isn't supplied' or 'RequestedExecutionDateTime must be in future' - AuthorizationServerUrl - ResourceServerUrlUAEOF doesn't standardise this field properties: AuthorizationServerUrlPath: type: string minLength: 1 maxLength: 500 description: >- AuthorizationRecommended Serverbut URLoptional atreference whichto anthe AccessJSON TokenPath to invokeof the field Confirmation ofwith Payee operation should be soughterror, e.g., Data.Initiation.InstructedAmount.Currency ResourceServerUrlUrl: type: string minLengthdescription: 1>- maxLength: 500 URL to help remediate the problem, or provide more information, description:or >- to ResourceAPI ServerReference, URLor athelp whichetc the Confirmation of Payee operation description: Error should be invoked additionalProperties: false AEErrorAEErrorCode: type: objectstring requiredenum: - CodeUAEOF.AccessToken.Unauthorized - MessageUAEOF.AccessToken.InvalidScope properties: - UAEOF.Consent.Revoked Code: - UAEOF.Consent.TransientAccountAccessFailure allOf: - UAEOF.Consent.AccountTemporarilyBlocked - - $ref: '#/components/schemas/AEErrorCode'UAEOF.Consent.PermanentAccountAccessFailure - UAEOF.Consent.Invalid description: Low level textual error code, e.g., - UAEOF.FieldJWS.MissingInvalidSignature - UAEOF.JWS.Malformed Message: - UAEOF.JWS.InvalidClaim type: string - UAEOF.JWS.InvalidHeader minLength: 1 - UAEOF.GenericRecoverableError maxLength: 500 - UAEOF.GenericError description: >- UAEOF.JWE.DecryptionError - UAEOF.JWE.InvalidHeader A description of the error that occurred.- eUAEOF.gEvent.,UnexpectedEvent 'A mandatory field - UAEOF.Body.InvalidFormat isn't supplied' or 'RequestedExecutionDateTime must be in future'- UAEOF.Resource.InvalidResourceId - UAEOF.Resource.InvalidFormat UAEOF doesn't standardise this field- UAEOF.Consent.BusinessRuleViolation AEErrorResponse: Path type: object required: type: string - Errors minLength: 1 properties: maxLengthErrors: 500 descriptiontype: >-array items: Recommended but optional reference to the JSON Path of the field $ref: '#/components/schemas/AEError' withminItems: error, e.g., Data.Initiation.InstructedAmount.Currency1 description: >- Url: An array of detail error type:codes, stringand messages, and URLs to documentation description: >- to help remediation. additionalProperties: false URL to help remediate theAEErrorSignedResponse: problem, or provide more information, or type: object required: to API Reference, or help etc- iss description: Error - exp additionalProperties: false - AEErrorCode:nbf type: string - message enum: properties: - UAEOF.AccessToken.Unauthorized iss: - UAEOF.AccessToken.InvalidScope type: string - UAEOF.Consent.Revoked description: >- - UAEOF.Consent.TransientAccountAccessFailure - UAEOF.Consent.AccountTemporarilyBlocked - UAEOF.Consent.PermanentAccountAccessFailure - UAEOF.Consent.Invalid - UAEOF.JWS.InvalidSignature - UAEOF.JWS.Malformed - UAEOF.JWS.InvalidClaim - UAEOF.JWS.InvalidHeader - UAEOF.GenericRecoverableError - UAEOF.GenericError - UAEOF.JWE.DecryptionError - UAEOF.JWE.InvalidHeader - UAEOF.Event.UnexpectedEvent - UAEOF.Body.InvalidFormat - UAEOF.Resource.InvalidResourceId - UAEOF.Resource.InvalidFormat - UAEOF.Consent.BusinessRuleViolation AEErrorResponse: type: object required: - Errors properties: Errors: type: array items: $ref: '#/components/schemas/AEError' minItems: 1 description: >- An array of detail error codes, and messages, and URLs to documentation to help remediation. additionalProperties: false AEErrorSignedResponse: type: object required: - iss - exp - nbf - message properties: iss: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1) exp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) nbf: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5) aud: type: array items: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3) iat: type: number description: >- [https://www [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) message: $ref: '#/components/schemas/AEErrorResponse' description: Signed error response payload additionalProperties: false AEIbanConfirmationProperties: type: object1) requiredexp: - IdentificationType type: number - Identification description: >- - Name properties:[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) IdentificationTypenbf: type: stringnumber enumdescription: >- - UAEOF.IBAN[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5) Identificationaud: type: stringarray minLengthitems: 1 maxLengthtype: 400string description: >- Identification for the account assigned by the LFI based on the[https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3) iat: Account Scheme Name, and as understood by the payer. This identification is known by the User account owner. For IBAN, refer type: number description: >- to the ISO Standard 13616. [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) Namemessage: $ref: '#/components/schemas/AEAccountNameConfirmationProperties'AEErrorResponse' description: Signed error response payload additionalProperties: false AEPersonalAccountNameConfirmationProperties: type: object required: - GivenName - LastName properties: GivenName: type: string minLength: 1 maxLength: 70 description: >- The given or first name of the account holder, as understood by the payerDebtor LastName: type: string minLength: 1 maxLength: 70 description: >- The family or surname of the account holder, as understood by the payerDebtor description: The properties required to verify a personal account additionalProperties: false DiscoverConfirmationSourceRequestBodySigned: type: object required: - iss - exp - nbf - message properties: iss: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1) exp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) nbf: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5) aud: type: array items: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3) iat: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) message: $ref: '#/components/schemas/AEConfirmationDiscoveryRequest' additionalProperties: false DiscoverConfirmationSourceResponseBodySigned: type: object required: - iss - exp - nbf - message properties: iss: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1) exp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) nbf: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5) aud: type: array items: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3) iat: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6)) message: $ref: '#/components/schemas/AEConfirmationDiscoveryResponse' additionalProperties: false message: ErrorTemplate: $reftype: '#/components/schemas/AEConfirmationDiscoveryResponse'object additionalProperties: false LinksSelf: type: object required: - Self properties: Self: $ref: '#/components/schemas/Self' description: Links relevant to the resource additionalProperties: false Meta: type: object description: Metadata relevant to the resource additionalProperties: false MethodNotAllowedErrorResponse: type: object allOf: - $ref: '#/components/schemas/ErrorTemplate' description: Method Not Allowed additionalProperties: false NameConfirmationRequestBodySigned: type: object required: - iss - exp - nbf - message properties: iss: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1) exp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) nbf: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5) aud: type: array items: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3) iat: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) message: $ref: '#/components/schemas/AEAccountConfirmationRequest' additionalProperties: false NameConfirmationResponseBodySigned: type: object required: - iss - exp - nbf - message properties: iss: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1) exp: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4) nbf: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5) aud: type: array items: type: string description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.3) iat: type: number description: >- [https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6) message: $ref: '#/components/schemas/AEAccountConfirmationResponse' additionalProperties: false Self: type: string format: uri description: A link to the current resource securitySchemes: TPPOAuth2Security: type: oauth2 description: >- TPP confidential client authorization with the LFI to stage a consent. **Please refer to [OpenID FAPI Security Profile 1.0 -Part 2 Advanced](https://openid.net/specs/openid-financial-api-part-2-1_0.html#authorization-server) - 5.2.2 point 14 - shall authenticate the confidential client using one of the following methods private_key_jwt and [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication) 9. Client Authentication private_key_jwt** flows: clientCredentials: tokenUrl: https://authserver.example/token scopes: openid: Activates OpenID Connect Support confirmation-of-payee: Right to invoke a Confirmation of Payee operation accounts: Ability to read Accounts Information insurance: Right to read insurance policies servers: - url: /open-finance/confirmation-of-payee/v1.0-draft5 description: Default URL variables: {}rc1 |
Attachments
The Confirmation of Payee OpenAPI description is attached, together with a spreadsheet that lists all properties by operation.
...