openapi: 3.0.1
info:
title: Ozone Connect - Consent Event & Action APIs
contact:
name: Ozone Financial Technology Limited
description: |
This document provides the OAS3 specification for APIs that are called by Ozone Connect to inform a financial institution that a consent has been created or modified.
These are also used to carry out actions to verify and augment a consent when it is being created.
These APIs should be implemented by an financial institution.
#### Document Structure
The documentation contains a number of references of the form `XXX-999-999`. These are references
to test case numbers in the Ozone Connect Test Harness that financial institutions may use to test their Ozone Connect implementations.
version: #### Changes in Release 2024.34.1
servers: -
url: https://<your-ozone-connect-server> tags: * CreditCard, - name: consent-events
description: |
PrePaidCard, EMoney, ChargeCard and Other enums have been removed from the AccountSubType.
APIs that are* calledIn whenAEAccountAccessConsentBody, aPurpose consentfield ishas createdbeen ormade modified.mandatory and it has -been name: consent-actions
made optional in AEInsuranceConsentBody.
description: | * Amount field has been APIschanged thatfrom arenumber calledtype to takestring.
actions
on a consent paths:* Amount, MaximumIndividualPaymentAmount /consent/event/{operation}:
post:
and PeriodicSchedule have been made optional in MultiPayment.
tags:* In PeriodicSchedule, DefinedSchedule, FixedPeriodicSchedule and VariablePeriodicSchedule have -been consent-eventsmade optional.
summary:* In CalledVariablePeriodicSchedule, toMaximumCumulativeValueOfPaymentsPerPeriodType informand aMaximumCumulativeNumberOfPaymentsPerPeriodType financialhave instituationbeen thatmade aoptional.
consent
has been created or modified* In VariablePeriodicSchedule, Type field has been description:removed.
|
* In FilePayment, RequestedExecutionDateTime Usedhas bybeen financialchanged institution to getRequestedExecutionDate
a
notification for updated consent. * In AEServiceInitiationDefinedSchedule, maxItems has been updated operationId:to consentEvent50
* parameters:ConnectToken has been added to cbuaePatchBody
# common header* parametersRefactored thatSecurity setScheme contextObjects to use common definitions across all API Hub -APIs
$ref: "#/components/parameters/providerId"
* -Implemented $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
the correct Security Requirements for this API description, reflecting security patterns available in API Hub
version: Version 2024.34.1
-
$refservers:
"#/components/parameters/callerClientId" - url: https://<your-ozone-connect-server>
tags:
- $refname: "#/components/parameters/callerSoftwareStatementId"consent-events
description: |
- $ref: "#/components/parameters/apiUri" APIs that are called when a consent -is $ref: "#/components/parameters/apiOperation"
created or modified.
- $refname: "#/components/parameters/consentId"consent-actions
description: |
- $ref: "#/components/parameters/callerInteractionId" APIs that are called to take actions -on $ref: "#/components/parameters/ozoneInteractionId"a consent
security:
- {}
- $refOzoneConnectApiKey: "#/components/parameters/psuIdentifier"[]
- OzoneConnectClientCredentials: [
# Path param definitions "placeholder"
]
- nameOzoneConnectJwtAuth: operation[]
paths:
/consent/event/{operation}:
inpost:
path tags:
description: specifies whether- thisconsent-events
is a POST or PATCH operation summary: Called to inform a financial instituation that a required:consent truehas been created or modified
schemadescription: |
Used by financial type:institution stringto get a notification for updated consent.
enumoperationId: consentEvent
parameters:
- post # common header parameters that set context
- patch
$ref: "#/components/parameters/providerId"
requestBody: description: |- $ref: "#/components/parameters/aspspId"
- Sends an event indicating the created or updated consent to an financial institution.$ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: This consists of the entire consent as stored in the consent Manager."#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- required: true$ref: "#/components/parameters/apiOperation"
- content$ref: "#/components/parameters/consentId"
- application/json$ref: "#/components/parameters/callerInteractionId"
- schema$ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/schemasparameters/consentpsuIdentifier"
responses: # Path param definitions
"204": - name: operation
description: | in: path
Indicates the successful notification response.
description: specifies whether this is a POST or PATCH operation
The response does not haverequired: atrue
body "400"schema:
descriptiontype: |string
enum:
Indicates that the financial institution could not- processpost
the event. - Ozonepatch
will
ignore these errors. requestBody:
Thedescription: notification|
*will not* be retried. Sends an event indicating the created or Theupdated changeconsent to an financial institution.
This consists of the entire consent as *willstored not*in bethe rolledconsent backManager.
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/Errorconsent"
/consent/action/augment: responses:
post: tags"204":
- consent-actions description: |
summary: Account action augumentation Indicates the description:successful |notification response.
The API is called by OzoneThe to allowresponse does not have a Financialbody
Institution to augment additional information that"400":
may apply to the account consent description: |
The request body contains the entire consent record as storedIndicates inthat the financial Consentinstitution Manager.could not process the event.
operationId: augmentAccountConsent parameters: Ozone will ignore these errors.
# common header parameters that set context The notification *will not* be retried.
-
$ref: "#/components/parameters/providerId" - $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId" The change to the consent *will not* be rolled back.
- $refcontent: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"application/json:
- $ref: "#/components/parameters/apiUri" schema:
- $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parametersschemas/consentIdError"
/consent/action/augment:
-post:
$ref: "#/components/parameters/callerInteractionId" tags:
- $ref: "#/components/parameters/ozoneInteractionId" - consent-actions
- $refsummary: "#/components/parameters/psuIdentifier"
Account action augumentation
requestBodydescription: |
required: trueThe API is called by Ozone to allow a content:Financial Institution to augment additional information that may apply to the application/json:account consent
The request schema:body contains the entire consent record as stored in the Consent Manager.
$ref: "#/components/schemas/consent" responsesoperationId: augmentAccountConsent
"200"parameters:
# common description:header |parameters that set context
- Indicates a successful operation$ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
The response consists of fields- that must be augmented into the consent.$ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
These fields- will be different for each consent type.$ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
content - $ref: "#/components/parameters/apiOperation"
- application/json:$ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
schema: - $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/schemasparameters/augmentConsentResponsepsuIdentifier"
"400"requestBody:
descriptionrequired: failedtrue
operation
content:
application/json:
schema:
$ref: "#/components/schemas/Errorconsent"
/consent/action/validate: responses:
post: tags"200":
- consent-actions description: |
summary: Provides an opportunity for a financial institution to validateIndicates a consentsuccessful beforeoperation
it
is created description: | The response consists of fields that Themust APIbe isaugmented calledinto bythe Ozoneconsent.
to
allow a financial institution to carry out additional validations before a consent isThese created.fields will be different for each consent type.
The request body contains the entire consent along with contextualcontent:
information. Typically this couldapplication/json:
be used for situations like: - softschema:
validation of the debtor account (e.g. to ensure that it is a debtor account managed by the financial institution)$ref: "#/components/schemas/augmentConsentResponse"
"400":
- populating charges and exchange rate information description: failed operation
Note that a financial institution only need tocontent:
implement this API where it needs to correlate information in the consent payloadapplication/json:
with data held in its systems. Ifschema:
this is not the case, "local" validations can be configured in Ozone that do not require a remote call.$ref: "#/components/schemas/Error"
/consent/action/validate:
post:
The financial institution must return atags:
response that includes a status. If the status is- setconsent-actions
to `valid`, the consent is saved andsummary: processingProvides continues.an opportunity for a financial institution to validate a consent Ifbefore the statusit is setcreated
to `invalid` the processing fails and andescription: error|
response is sent to the TPP. The API is called by operationId:Ozone validateConsentto allow a financial institution to carry out parameters:additional validations before a consent is created.
# common header parameters that setThe contextrequest body contains the entire consent along with contextual -information.
$ref:
"#/components/parameters/providerId" Typically -this $ref: "#/components/parameters/aspspId"
could be used for situations like:
- $ref: "#/components/parameters/callerOrgId" - soft validation of the debtor account - $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"(e.g. to ensure that it is a debtor account managed by the financial institution)
- $ref: "#/components/parameters/apiUri"
populating charges and exchange rate information
- $ref: "#/components/parameters/apiOperation" Note that a financial institution only need -to $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"implement this API where it needs to correlate information in the consent payload
-with $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
requestBody:
required: truedata held in its systems. If this is not the case, "local" validations can be configured in Ozone that do not require a remote call.
The financial institution must content:return a response that includes a status. If the status is application/json:set to `valid`, the consent is saved and processing continues.
schema: If the status is set to `invalid` the processing $ref: "#/components/schemas/consent"
responses:fails and an error response is sent to the TPP.
'200'operationId: validateConsent
descriptionparameters:
successful operation # common header parameters content:that set context
- application/json:$ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
schema: - $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/schemasparameters/consentValidateResponsecallerClientId"
- '400'$ref: "#/components/parameters/callerSoftwareStatementId"
- description$ref: failed operation"#/components/parameters/apiUri"
- content$ref: "#/components/parameters/apiOperation"
- application/json:$ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
schema: - $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/schemasparameters/ErrorpsuIdentifier"
components: schemas: requestBody:
augmentConsentResponse: descriptionrequired: |true
Fields tocontent:
be added to the consent typeapplication/json:
object properties: schema:
Charges: $ref: "#/components/schemas/AEChargesconsent"
responses:
ExchangeRate: '200':
$ref: "#/components/schemas/AEExchangeRateInformation" additionalPropertiesdescription: truesuccessful operation
AECharges: content:
type: "array" items:application/json:
type schema:
"object" additionalProperties: false $ref: "#/components/schemas/consentValidateResponse"
description: | '400':
Set of elements used to provide detailsdescription: offailed aoperation
charge for the payment initiation. content:
* For Payments, these Charges are on the Debtor. application/json:
required: schema:
- "ChargeBearer" -$ref: "Type#/components/schemas/Error"
components:
schemas:
-augmentConsentResponse:
"Amount" description: |
properties: Fields to be added ChargeBearer:to the consent
type: object
$ref: "#/components/schemas/AEChargeBearerType1Code" properties:
Type: Charges:
$ref: "#/components/schemas/AEExternalPaymentChargeTypeCodeAECharges"
AmountExchangeRate:
$ref: "#/components/schemas/AEActiveCurrencyAmountAEExchangeRateInformation"
AEChargeBearerType1CodeadditionalProperties: true
descriptionAECharges:
"Specifies which party/parties will bear the charges associated with the processing of the payment transaction."type: "array"
items:
type: "stringobject"
enum additionalProperties: false
- "BorneByCreditor"description: |
- "BorneByDebtor" Set of elements used to provide details -of "FollowingServiceLevel"a charge for the payment initiation.
- "Shared" AEExternalPaymentChargeTypeCode:* For Payments, these Charges are on description: "Charge type, in a coded form."the Debtor.
typerequired:
"string"
enum: - "VATChargeBearer"
- "FeesType"
AEActiveCurrencyAmount: - "Amount"
description: | properties:
The Currency and Amount relating to the Payment, Refund orChargeBearer:
Request to Pay type: "object" required$ref: - "Amount"#/components/schemas/AEChargeBearerType1Code"
- "Currency"
properties:
Amount: Type:
$ref: "#/components/schemas/AEActiveOrHistoricAmountAEExternalPaymentChargeTypeCode"
Currency Amount:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCodeAEActiveCurrencyAmount"
AEActiveOrHistoricAmountAEChargeBearerType1Code:
description: "A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217.Specifies which party/parties will bear the charges associated with the processing of the payment transaction."
type: "string"
typeenum:
"string" pattern: "^\\d{1,16}\\.\\d{2}$- "BorneByCreditor"
example: - "100.00BorneByDebtor"
AEActiveOrHistoricCurrencyCode: - "FollowingServiceLevel"
description: "A 3 character alphabetic code allocated to- a"Shared"
currency
under an international currency identificationAEExternalPaymentChargeTypeCode:
scheme, as described in the latest editiondescription: of"Charge thetype, internationalin standarda ISOcoded 4217form."
'Codes for the representation of currencies and funds'.type: "string"
typeenum:
"string" pattern:- "^[A-Z]{3,3}$VAT"
example: - "AEDFees"
AEExchangeRateInformationAEActiveCurrencyAmount:
typedescription: |
"object" additionalProperties: falseThe Currency and Amount relating to required:
the Payment, Refund or Request to Pay
-type: "UnitCurrencyobject"
required:
- "ExchangeRateAmount"
- "RateTypeCurrency"
descriptionproperties:
"Further detailed information on the exchange rate that hasAmount:
been used in the payment transaction." $ref: properties:"#/components/schemas/AEActiveOrHistoricAmount"
UnitCurrencyCurrency:
description$ref: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
#/components/schemas/AEActiveOrHistoricCurrencyCode"
AEActiveOrHistoricAmount:
description: "A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."
type: "string"
pattern: "^[A-Z]{3,3\\d{1,16}\\.\\d{2}$"
example: "100.00"
ExchangeRate: AEActiveOrHistoricCurrencyCode:
description: "TheA factor3 usedcharacter foralphabetic conversioncode ofallocated an amount from oneto a currency tounder another.an Thisinternational reflectscurrency theidentification pricescheme, atas whichdescribed onein currencythe waslatest boughtedition withof anotherthe currency."international standard ISO 4217 'Codes for the representation of currencies type: "number"and funds'."
RateTypetype: "string"
descriptionpattern: "Specifies the type used to complete the currency exchange."^[A-Z]{3,3}$"
example: "AED"
AEExchangeRateInformation:
type: "stringobject"
additionalProperties: false
enum: required:
- "ActualUnitCurrency"
- "ExchangeRate"
- "Agreed"
- "Indicative""RateType"
description: "Further detailed information on the exchange rate that has been used in the payment transaction."
properties:
ContractIdentificationUnitCurrency:
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agentCurrency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
type: "string"
minLengthpattern: 1"^[A-Z]{3,3}$"
ExchangeRate:
maxLength: 256 ExpirationDateTimedescription: "The factor used for conversion of an amount from one description:currency "Specifiedto dateanother. andThis timereflects the price exchangeat ratewhich agreementone willcurrency expire.Allwas datesbought inwith theanother JSONcurrency."
payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00"type: "number"
RateType:
typedescription: "string"Specifies the type used to complete the currency exchange."
format: "date-time" consenttype: "string"
description: | enum:
A consent in its current state. - "Actual"
If the consent has been authorised, then- it can be expected that the financial institution would have patched in `accountIds` and `psuIdentifier` fields.
"Agreed"
- "Indicative"
Additionally,ContractIdentification:
the financial institution may also patch in an arbitrary set ofdescription: fields"Unique alongand withunambiguous consentreference into the `supplementaryInformation`foreign field.exchange contract agreed between the initiating allOf:
party/creditor and the debtor agent."
- $ref: "#/components/schemas/newConsent" - $reftype: "#/components/schemas/patchedConsent"
string"
newConsent: typeminLength: object1
properties: idmaxLength: 256
typeExpirationDateTime: string
description: |"Specified date and time the exchange rate agreement will expire.All dates in the AJSON uniquepayloads identifierare forrepresented thein consentISO in8601 uuiddate-v4time format. \nAll date-time fields in responses must include the timezone. consentGroupId:An example is below:\n2017-04-05T10:43:07+00:00"
type: "string"
descriptionformat: |"date-time"
consent:
Adescription: unique|
identifier
for the consent group in uuid-v4 format. A consent in its current state.
The consent group id isIf usedthe toconsent grouphas togetherbeen consentsauthorised, thatthen areit relatedcan tobe eachexpected other.that the financial institution would have patched in `accountIds` and requestUrl:`psuIdentifier` fields.
type:Additionally, stringthe financial institution may also patch in an arbitrary set of format:fields urlalong with consent in the `supplementaryInformation` field.
description: | allOf:
- The request url of Http request that was received by Ozone from the TPP
$ref: "#/components/schemas/newConsent"
- $ref: "#/components/schemas/patchedConsent"
newConsent:
consentTypetype: object
type: stringproperties:
descriptionid:
| The type: ofstring
the consent that is being created. description: |
Each financial institution's instance may supportA aunique differentidentifier setfor ofthe consent typesin uuid-v4 format.
consentGroupId:
The Consent Manager supports the creation of consents of different consenttype: typesstring
depending on the standards supported. description: |
- cbuae-account-access-consents A unique identifier for the consent group in uuid- cbuae-service-initiation-consentsv4 format.
The - cbuae-insurance-consents
status:
consent group id is used to group together consents that are related to each other.
$ref: "#/components/schemas/AEConsentStatus"
request requestUrl:
$reftype: "#/components/schemas/AuthorizationDetails"string
requestHeaders:
type format: objecturl
description: |
The entirerequest seturl of Http request headers that was received by Ozone from the TPP
additionalPropertiesconsentType:
true consentBodytype: string
$ref description: "#/components/schemas/cbuaeConsentBody"|
interactionId: The type of the consent that is being type:created.
string
description: | Each financial institution's instance may support a different set of consent types
The heimdall interaction id that this consent is associated with. The Consent Manager supports the creation of tpp:consents of different consent types depending on the standards supported.
$ref: "#/components/schemas/tpp" ozoneSupplementaryInformation: - cbuae-account-access-consents
type: object - cbuae-service-initiation-consents
additionalProperties: true - cbuae-insurance-consents
updatedAt status:
type: number$ref: "#/components/schemas/AEConsentStatus"
requiredrequest:
- id $ref: "#/components/schemas/AuthorizationDetails"
requestHeaders:
- consentType type: -object
request - requestHeadersdescription: |
- tpp The entire set additionalProperties:of trueHttp request headers that was received patchedConsent:by Ozone from the TPP
type: object propertiesadditionalProperties: true
psuIdentifiersconsentBody:
$ref: "#/components/schemas/psuIdentifierscbuaeConsentBody"
accountIdsinteractionId:
type: arraystring
itemsdescription: |
type: stringThe heimdall interaction id that this consent is associated with.
minItems: 1 tpp:
description: |- $ref: "#/components/schemas/tpp"
An array of account idsozoneSupplementaryInformation:
associated with the consent. The array must be populated once consenttype: hasobject
been authorised. additionalProperties: true
For payment consents, the array must always haveupdatedAt:
one element - the debtor account from which the payment willtype: benumber
made
required:
For CBPII consents, the- arrayid
must always have one element - theconsentType
account for which CoF requests- willrequest
be answered - requestHeaders
For AIS requests, the array- maytpp
contain multiple values, representing each of theadditionalProperties: paymenttrue
accounts
for which an AIS servicepatchedConsent:
will be provided. type: object
supplementaryInformation: properties:
descriptionpsuIdentifiers:
Contains additional information at the discretion of the financial institution.
$ref: "#/components/schemas/psuIdentifiers"
accountIds:
type: objectarray
additionalPropertiesitems:
true interactionIdtype: string
typeminItems: string1
description: The|-
heimdall interaction id that this consent is associated with. This is updated byAn heimdallarray andof mustaccount notids beassociated setwith bythe financial institutionsconsent. The array must be populated once consent has been paymentContext:authorised.
type: object For payment consents, the array must always have one element additionalProperties:- truethe debtor account from which the payment will be made
ConnectToken: type: stringFor CBPII consents, the array must always have one element - description: A bearer token thatthe account for which CoF requests will be answered
sent as the `Authorization` header for calls to Ozone Connect madeFor underAIS thisrequests, consent.the array may contain multiple values, representing additionalProperties:each trueof the payment accounts for which tpp:an AIS service will be provided.
type: object descriptionsupplementaryInformation:
| The TPPdescription:
record as held by Ozone. Contains additional Ifinformation Ozoneat TPPthe Connectdiscretion hasof beenthe integratedfinancial intoinstitution.
a
directory, the `directoryRecord` provides the TPP's directory record as held bytype: Ozoneobject
in base 64 encoded format. additionalProperties: true
required:
-interactionId:
clientId - orgIdtype: string
- softwareStatementId description: The heimdall interaction id that this -consent tppNameis associated with. This is updated by heimdall properties:and must not be set by financial institutions.
clientId: paymentContext:
type: string type: object
description: The clientId for the TPP as issued byadditionalProperties: Ozonetrue
orgIdConnectToken:
type: string
description: TheA organizationbearer idtoken forthat thewill TPPbe sent as the `Authorization` header for calls to Ozone softwareStatementId:Connect made under this consent.
typeadditionalProperties: true
string
tpp:
descriptiontype: Theobject
organization id for the TPP description: |
tppName: The TPP record as held by Ozone.
type: string If Ozone TPP Connect has been description:integrated Theinto namea ofdirectory, the `directoryRecord` TPPprovides the TPP's directory record as held by Ozone in directoryRecord:base 64 encoded format.
typerequired:
string - clientId
description: The latest copy of the TPP directory- recordorgId
if the TPP has registered with a directory - softwareStatementId
additionalProperties: false - tppName
cbuaeConsentBody: properties:
type: object descriptionclientId:
| An objecttype: representingstring
the current state of the consent. description: The clientId for This includes the entireTPP request,as augmentedissued by additionalOzone
computed
properties orgId:
(e.g. ids, charges etc) oneOftype: string
- $ref: "#/components/schemas/AEAccountAccessAndInsuranceConsentBody"
- $ref: "#/components/schemas/AEPaymentConsentResponse" description: The organization id for the TPP
AuthorizationDetailssoftwareStatementId:
description: | type: string
description: The requestorganization bodyid for the TPP
creating
a new consent. tppName:
The body consists of the RAR request thattype: isstring
sent by the TPP to the authorization server. description: The name of the oneOf:TPP
- $refdirectoryRecord:
"#/components/schemas/DataSharingAuthorizationDetails" - $reftype: "#/components/schemas/InsuranceAuthorizationDetails" string
- $refdescription: "#/components/schemas/ServiceInitiationAuthorizationDetails"
DataSharingAuthorizationDetails:
type: object
The latest copy of the TPP directory record if the TPP has registered with a directory
properties: additionalProperties: false
TypecbuaeConsentBody:
type: stringobject
Consentdescription: |
An $ref: "#/components/schemas/AuthorizationDetailsDataSharingConsent"
object representing the current state of the consent.
Subscription: This includes the entire request, $ref: '#/components/schemas/EventNotification'
InsuranceAuthorizationDetails:augmented by additional computed properties
type: object
(e.g. ids, charges etc)
properties: TypeoneOf:
- type: string$ref: "#/components/schemas/AEAccountAccessConsentBody"
- Consent$ref: "#/components/schemas/AEInsuranceConsentBody"
- $ref: "#/components/schemas/AuthorizationDetailsInsuranceConsentAEPaymentConsentResponse"
SubscriptionAuthorizationDetails:
$refdescription: '#/components/schemas/EventNotification'|
ServiceInitiationAuthorizationDetails: The request body for type:creating objecta new consent.
properties: The body consists of Type:the RAR request that is sent by the TPP to the type:authorization stringserver.
ConsentoneOf:
- $ref: "#/components/schemas/AEServiceInitiationAuthorizationDetailPropertiesDataSharingAuthorizationDetails"
- Subscription$ref: "#/components/schemas/InsuranceAuthorizationDetails"
- $ref: '"#/components/schemas/EventNotification'ServiceInitiationAuthorizationDetails"
AEServiceInitiationAuthorizationDetailPropertiesDataSharingAuthorizationDetails:
type: object
requiredproperties:
-Type:
ConsentId - PersonalIdentifiableInformationtype: string
- ControlParametersConsent:
- PaymentPurposeCode $ref: "#/components/schemas/AuthorizationDetailsDataSharingConsent"
properties: ConsentIdSubscription:
$ref: '#/components/schemas/AEConsentIdEventNotification'
InsuranceAuthorizationDetails:
BaseConsentId: type: object
$refproperties:
'#/components/schemas/AEBaseConsentId' IsSingleAuthorizationType:
type: string
Consent:
$ref: '"#/components/schemas/IsSingleAuthorization'AuthorizationDetailsInsuranceConsent"
AuthorizationExpirationDateTimeSubscription:
type$ref: string'#/components/schemas/EventNotification'
ServiceInitiationAuthorizationDetails:
formattype: date-time object
properties:
description: |2- Type:
type: string
A time by which a Consent:
(in AwaitingAuthorization status) must be Authorized by the User. $ref: "#/components/schemas/AEServiceInitiationAuthorizationDetailProperties"
Subscription:
The time window starts from the actual CreationDateTime (when the Consent is staged with the LFI).$ref: '#/components/schemas/EventNotification'
AEServiceInitiationAuthorizationDetailProperties:
type: object
required:
If the current time window exceeds- theConsentId
Authorization Expiration Time Window (and the Consent status is- AwaitingAuthorization)PersonalIdentifiableInformation
then the Consent Status must be set to Rejected.- ControlParameters
- PaymentPurposeCode
The timeproperties:
window is based on a custom time format hhh:mm:ss. e.g. 720:00:00 represents a time window of 720 hours, 00 minutes, 00 seconds (30 days) after the CreationDateTime to Authorize the Consent.ConsentId:
$ref: '#/components/schemas/AEConsentId'
BaseConsentId:
ExpirationDateTime$ref: '#/components/schemas/AEBaseConsentId'
allOfIsSingleAuthorization:
- $ref: '#/components/schemas/ARConsentExpirationDateTimeIsSingleAuthorization'
AuthorizationExpirationDateTime:
description: |2- type: string
Specified date andformat: date-time
the consent will expire. description: |2-
If this is not populated, the consent willA remaintime activeby aswhich a longConsent lived(in consentAwaitingAuthorization untilstatus) themust maximumbe consentAuthorized validityby period as per section 4.1.1 Consent Elements in the API User Guide.the User.
The time window starts from the actual All dates inCreationDateTime (when the JSONConsent payloadsis arestaged representedwith in ISO 8601 date-time format.the LFI).
If the Allcurrent date-time fieldswindow inexceeds responsesthe mustAuthorization includeExpiration the timezone. An example is :2023-04-05T10:43:07+00:00
Time Window (and the Consent status is AwaitingAuthorization) then the Consent Status must be set to Rejected.
* For Payment Consents, the maximum expirationThe time limit should be 23:59:59 (1 second before 00:00:00)
Permissions:
window is based on a custom time format hhh:mm:ss. e.g. 720:00:00 represents a time window of 720 hours, 00 minutes, 00 seconds (30 days) after the CreationDateTime to Authorize the Consent.
typeExpirationDateTime:
array allOf:
items: - $ref: '#/components/schemas/AEServiceInitiationConsentPermissionCodesARConsentExpirationDateTime'
description: |2-
Specifies the permittedSpecified Accountdate Accessand datatime types.the consent will expire.
This is a list of the dataIf groupsthis beingis consentednot bypopulated, the User,consent andwill requestedremain foractive authorizationas witha thelong LFI.lived consent until the maximum consent validity period as per section 4.1.1 Consent Elements in the ThisAPI allowsUser aGuide.
TPP to request a balance check permission. ReadRefundAccount: All dates in the JSON payloads are represented in ISO type: boolean
8601 date-time format.
description: Allows the LFI to share the refundAll accountdate-time detailsfields within TPPresponses must include the timezone. An example CurrencyRequest:is :2023-04-05T10:43:07+00:00
$ref: '#/components/schemas/AECurrencyRequest' * For Payment PersonalIdentifiableInformation:Consents, the maximum expiration time limit should be 23:59:59 (1 second $ref: '#/components/schemas/AEJWEPaymentPII'before 00:00:00)
ControlParametersPermissions:
$reftype: '#/components/schemas/AEServiceInitiationConsentControlParameters' array
DebtorReferenceitems:
$ref: '#/components/schemas/AEServiceInitiationStructuredDebtorReferenceAEServiceInitiationConsentPermissionCodes'
CreditorReference: description: |2-
$ref: '#/components/schemas/AEServiceInitiationStructuredCreditorReference' Specifies the permitted PaymentPurposeCode:Account Access data types.
$ref: '#/components/schemas/AEServiceInitiationPaymentPurposeCode' This is a SponsoredTPPInformation:list of the data groups being consented by the User, and $ref: '#/components/schemas/AEServiceInitiationSponsoredTPPInformation'
requested for authorization with the LFI.
additionalProperties: false ARConsentExpirationDateTime: This type:allows stringa TPP to request a balance check format: date-timepermission.
AEServiceInitiationSponsoredTPPInformation: ReadRefundAccount:
type: object requiredtype: boolean
- Name description: Allows the LFI to share the -refund Identificationaccount details with TPP
properties: NameCurrencyRequest:
type$ref: string'#/components/schemas/AECurrencyRequest'
minLengthPersonalIdentifiableInformation:
1 maxLength$ref: 50'#/components/schemas/AEJWEPaymentPII'
descriptionControlParameters:
The Sponsored TPP Name Identification$ref: '#/components/schemas/AEServiceInitiationConsentControlParameters'
typeDebtorReference: string
minLength$ref: 1'#/components/schemas/AEServiceInitiationStructuredDebtorReference'
maxLengthCreditorReference:
50 description$ref: The Sponsored TPP Identification'#/components/schemas/AEServiceInitiationStructuredCreditorReference'
descriptionPaymentPurposeCode:
|2- $ref: '#/components/schemas/AEServiceInitiationPaymentPurposeCode'
The Sponsored TPP is: SponsoredTPPInformation:
* A TPP that itself has no direct Open Banking API integrations.$ref: '#/components/schemas/AEServiceInitiationSponsoredTPPInformation'
additionalProperties: false
ARConsentExpirationDateTime:
*type: Astring
TPP that is using the integration of another TPP that does have direct Open Banking API integrations.format: date-time
AEServiceInitiationSponsoredTPPInformation:
type: object
additionalProperties: false AEServiceInitiationPaymentPurposeCoderequired:
type: string - Name
minLength: 1 - Identification
maxLength: 4 properties:
pattern: ^[A-Z]{4}$ Name:
description: |2- type: string
A Category code, related to the typeminLength: of1
services or goods that corresponds to the underlying purpose of themaxLength: Payment.50
description: The *Sponsored TheTPP ISO20022Name
External code sets AEServiceInitiationStructuredCreditorReferenceIdentification:
description: | type: string
A reason or reference in relationminLength: to1
a payment, set to facilitate a structured Creditor reference consisting ofmaxLength: 50
* TPP IDdescription: andThe BICSponsored forTPP theIdentification
Debtor Account, followed by freeform text to a maximum of 120 characters.description: |2-
The TheSponsored TPP ID value will match the organization ID value from the Trust Framework, and therefore will be a v4 UUID. is:
* A TPP that itself has no direct Open Banking API integrations.
* A BICTPP that is specificusing accordingthe tointegration theof standardanother formatTPP forthat ISOdoes 20022,have anddirect canOpen thereforeBanking beAPI eitherintegrations.
8 or 11 characters in length. additionalProperties: false
AEServiceInitiationPaymentPurposeCode:
If the value of the concatenatedtype: string
exceeds 120 characters, the TPP must firstminLength: omit1
or truncate the freeform element of themaxLength: reference.4
typepattern: "string"^[A-Z]{4}$
minLengthdescription: 1|2-
A Category code, maxLength:related 120to the type of services or goods pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"that corresponds to the underlying purpose of the Payment.
* The ISO20022 External code sets
AEServiceInitiationStructuredDebtorReferenceAEServiceInitiationStructuredCreditorReference:
description: |
A reason or reference in relation to a payment, set to facilitate a structured DebtorCreditor reference consisting of:
* For payments to Merchants: TPP ID, Merchant ID,and BIC for the CreditorDebtor Account, followed by freeform text to a maximum of 120 characters.
* For other payments: TPPThe TPP ID value will match the organization ID andvalue BIC forfrom the CreditorTrust AccountFramework, followedand bytherefore freeformwill text tobe a maximumv4 ofUUID.
120
characters.
The TPP ID value will match the organization ID value from the Trust Framework, and therefore will be a v4 UUID.
The Merchant ID wil be as per the existing IPP rules for the Merchant identification, and will incorporate the Trade License number for the Merchant.
A BIC is specific according to the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.
If the value of the concatenated string exceeds 120 characters, the TPP must first omit or truncate the freeform element of the reference.
oneOf:
- type: "string"
minLength: 1
maxLength: 120
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},Merchant=[A-Z0-9]{3}-[A-Z]{4}-TL.+-[0-9]{4},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
AEServiceInitiationStructuredDebtorReference:
- type: "string" description: |
minLength: 1A reason or reference in relation to a payment, set to facilitate a structured Debtor reference consisting maxLengthof:
120
* For payments to patternMerchants: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
AEServiceInitiationConsentControlParameters:
type: object
properties: TPP ID, Merchant ID, BIC for the Creditor Account, followed by freeform text to a maximum of 120 characters.
* For other IsPayByAccountpayments: TPP ID and BIC for the Creditor Account, followed by type:freeform booleantext to a maximum of 120 characters.
description: A flag to denote ifThe theTPP PaymentID isvalue anwill E-Commercematch transactionthe organization ID value from the Trust Framework, and ConsentSchedule:therefore will be a v4 UUID.
$ref: '#/components/schemas/AEServiceInitiationConsentSchedule' The Merchant ID wil description:be Controlas Parametersper setthe theexisting overallIPP rules for the PaymentMerchant Scheduleidentification, and will incorporate the Trade License additionalProperties:number falsefor the Merchant.
AEServiceInitiationConsentSchedule: A type:BIC objectis specific according to the standard format properties:for ISO 20022, and can therefore be either 8 SinglePayment:or 11 characters in length.
$ref: '#/components/schemas/AEServiceInitiationSinglePayment' If the value of the concatenated string MultiPayment:exceeds 120 characters, the TPP must omit or truncate the freeform $ref: '#/components/schemas/AEServiceInitiationLongLivedPaymentConsent'
element of the reference.
FilePaymentoneOf:
- $reftype: '#/components/schemas/AEServiceInitiationFilePaymentConsent'"string"
description: |2- minLength: 1
The various paymentmaxLength: types120
that can be initiated: pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},Merchant=[A-Z0-9]{3}-[A-Z]{4}-TL.+-[0-9]{4},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
* A Single Payment - type: "string"
* A Multi-PaymentminLength: 1
maxLength: 120
* A Combined Payment (one SinglePayment and one MultiPayment) additionalProperties: false
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
AEServiceInitiationFilePaymentConsent AEServiceInitiationConsentControlParameters:
type: object
requiredproperties:
IsPayByAccount:
- FileType type: boolean
- FileHash -description: NumberOfTransactionsA flag to denote if the Payment is an E-Commerce transaction
ControlSum propertiesConsentSchedule:
FileType: $ref: '#/components/schemas/AEServiceInitiationConsentSchedule'
typedescription: stringControl Parameters set the overall rules for the Payment Schedule
minLength: 1 additionalProperties: false
maxLengthAEServiceInitiationConsentSchedule:
40 type: object
description: Specifies the paymentproperties:
file type FileHashSinglePayment:
type$ref: string'#/components/schemas/AEServiceInitiationSinglePayment'
MultiPayment:
minLength: 1 $ref: '#/components/schemas/AEServiceInitiationLongLivedPaymentConsent'
maxLength: 44 FilePayment:
description: A base64 encoding of a SHA256 hash of the file to be uploaded.
$ref: '#/components/schemas/AEServiceInitiationFilePaymentConsent'
description: |2-
FileReference: The various payment types that $ref: '#/components/schemas/AEServiceInitiationReference'
can be initiated:
NumberOfTransactions: * A Single Payment
type: integer * A description: >Multi-Payment
Number* ofA individualCombined transactionsPayment contained(one inSinglePayment theand paymentone MultiPayment)
additionalProperties: false
information group. AEServiceInitiationFilePaymentConsent:
ControlSumtype: object
required:
type: string - FileType
pattern: ^\d{1,16}\.\d{2}$ - FileHash
description: >- NumberOfTransactions
- ControlSum
Total of all individual amountsproperties:
included in the group, irrespective FileType:
of currencies. type: string
RequestedExecutionDateTime: minLength: 1
$ref: '#/components/schemas/AERequestedExecutionDate' maxLength: 40
description: A Consent definition for defining Bulk/Batch Paymentsdescription: Specifies the payment file type
additionalProperties: false AEServiceInitiationReferenceFileHash:
type: string
minLength: 1
maxLength: 12044
description: A reason or reference in relationbase64 encoding of a SHA256 hash of the file to abe paymentuploaded.
AEServiceInitiationLongLivedPaymentConsent FileReference:
type: object $ref: '#/components/schemas/AEServiceInitiationReference'
requiredNumberOfTransactions:
- Amount type: integer
- MaximumIndividualPaymentAmount description: >-
- PeriodicSchedule properties:Number of individual transactions contained in the payment
Amount: $ref: '#/components/schemas/AEAmountAndCurrency'information group.
MaximumIndividualPaymentAmountControlSum:
allOftype: string
- $ref: '#/components/schemas/AEAmountAndCurrency'pattern: ^\d{1,16}\.\d{2}$
description: |2>-
Total of all individual Thisamounts included isin the Maximumgroup, amountirrespective
a variable payment related to the Consent can take. of currencies.
RequestedExecutionDate:
All payment amounts must be smaller or equal to this value.$ref: '#/components/schemas/AERequestedExecutionDate'
description: A Consent MaximumCumulativeValueOfPayments:definition for defining Bulk/Batch Payments
allOfadditionalProperties: false
AEServiceInitiationReference:
- $reftype: '#/components/schemas/AEAmountAndCurrency'string
descriptionminLength: |2-1
maxLength: 120
description: A Thereason maximumor cumulativereference valuein ofrelation allto successfula payment.
rails
executions under the Consent. AEServiceInitiationLongLivedPaymentConsent:
type: object
properties:
Each successful payment rails execution amount (related to theAmount:
Consent) is added to the total cumulative value of the Consent which cannot exceed the maximum value agreed with the User at the point of consent.$ref: '#/components/schemas/AEAmountAndCurrency'
MaximumIndividualPaymentAmount:
allOf:
MaximumCumulativeNumberOfPayments: - type$ref: integer'#/components/schemas/AEAmountAndCurrency'
description: |2-
TheThis maximumis cumulativethe numberMaximum ofamount alla successfulvariable payment railsrelated executions underto the Consent can take.
Each successfulAll payment railsamounts executionmust (relatedbe tosmaller theor Consent) is added equal to the total cumulative number of payments for the Consent which cannot exceed the maximum value agreed with the User at the point of consentthis value.
PeriodicScheduleMaximumCumulativeValueOfPayments:
$refallOf:
>- - $ref: '#/components/schemas/AEServiceInitiationLongLivedPaymentConsentPeriodicScheduleAEAmountAndCurrency'
description: A Consent definition for defining Multi Paymentsdescription: |2-
additionalProperties: false AEServiceInitiationLongLivedPaymentConsentPeriodicSchedule:The maximum cumulative value of all successful type:payment objectrails executions under the Consent.
required: - DefinedSchedule Each successful payment rails execution -amount FixedPeriodicSchedule(related to the Consent) is added to the total -cumulative VariablePeriodicSchedulevalue of the Consent which cannot exceed properties:the maximum value agreed with the User at the DefinedSchedule:point of consent.
$refMaximumCumulativeNumberOfPayments: '#/components/schemas/AEServiceInitiationDefinedSchedule'
FixedPeriodicScheduletype: integer
$ref description: '#/components/schemas/AEServiceInitiationFixedPeriodicSchedule'|2-
VariablePeriodicSchedule: The maximum cumulative $ref: '#/components/schemas/AEServiceInitiationVariablePeriodicSchedule'
Type:number of all successful payment rails executions under the Consent.
type: string Each successful payment rails execution (related to description: >-
Discriminator property for
AEServiceInitiationLongLivedPaymentConsentPeriodicSchedule.the Consent) is added to the total cumulative number of payments for the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
discriminatorPeriodicSchedule:
propertyName: Type $ref: >-
#/components/schemas/AEServiceInitiationLongLivedPaymentConsentPeriodicSchedule
description: TheA Consent definition for defining aMulti schedulePayments
additionalProperties: false
AEServiceInitiationVariablePeriodicScheduleAEServiceInitiationLongLivedPaymentConsentPeriodicSchedule:
type: object
properties:
required DefinedSchedule:
- Type $ref: '#/components/schemas/AEServiceInitiationDefinedSchedule'
FixedPeriodicSchedule:
- PeriodType $ref: '#/components/schemas/AEServiceInitiationFixedPeriodicSchedule'
- MaximumCumulativeValueOfPaymentsPerPeriodType VariablePeriodicSchedule:
- MaximumCumulativeNumberOfPaymentsPerPeriodType properties:$ref: '#/components/schemas/AEServiceInitiationVariablePeriodicSchedule'
Type:
type: string
enumdescription: >-
- VariablePeriodicSchedule Discriminator property for
PeriodType: AEServiceInitiationLongLivedPaymentConsentPeriodicSchedule.
$ref: discriminator:
propertyName: Type
description: The definition for a schedule
additionalProperties: false
AEServiceInitiationVariablePeriodicSchedule:
type: object
required:
- PeriodType
properties:
PeriodType:
$ref: '#/components/schemas/AEPeriodType'
PeriodStartDate:
$ref: '#/components/schemas/AEPeriodStartDate'
MaximumCumulativeValueOfPaymentsPerPeriodType:
allOf:
- $ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
The maximum cumulative payment value of all payment initiations per
Period Type.
MaximumCumulativeNumberOfPaymentsPerPeriodType:
type: integer
description: The maximum frequency of payment initiations per Period Type.
description: >-
Payment Controls that apply to all payment instructions in a given
period under this payment consent.
additionalProperties: false
AEServiceInitiationSchedule:
type: object
required:
- PaymentExecutionDate
- Amount
properties:
PaymentExecutionDate:
type: string
format: date
description: |2-
Used to specify the expected payment execution date/time.
All dates in the JSON payloads are represented in ISO 8601 date format.
An example is: 2023-04-05
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
additionalProperties: false
AEServiceInitiationFixedPeriodicSchedule:
type: object
required:
- Type
- PeriodType
- PeriodStartDate
- Amount
properties:
Type:
type: string
enum:
- FixedPeriodicSchedule
PeriodType:
$ref: '#/components/schemas/AEPeriodType'
PeriodStartDate:
$ref: '#/components/schemas/AEPeriodStartDate'
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
Payment Controls that apply to all payment instructions in a given
period under this payment consent.
additionalProperties: false
AEServiceInitiationDefinedSchedule:
type: object
required:
- Type
- Schedule
properties:
Type:
type: string
enum:
- DefinedSchedule
description: The Periodic Schedule Type
Schedule:
type: array
items:
$ref: '#/components/schemas/AEServiceInitiationSchedule'
minItems: 1
maxItems: 50
description: >-
Payment Schedule denoting a list of pre-defined future dated payments
all with fixed amounts and dates.
additionalProperties: false
AEServiceInitiationSinglePayment:
anyOf:
- $ref: '#/components/schemas/AEServiceInitiationSingleInstantPayment'
- $ref: '#/components/schemas/AEServiceInitiationFutureDatedPayment'
discriminator:
propertyName: Type
mapping:
SingleInstantPayment: '#/components/schemas/AEServiceInitiationSingleInstantPayment'
SingleFutureDatedPayment: '#/components/schemas/AEServiceInitiationFutureDatedPayment'
description: A Consent definition for defining Single Payments
AEServiceInitiationFutureDatedPayment:
type: object
required:
- Type
- Amount
- RequestedExecutionDate
properties:
Type:
type: string
enum:
- SingleFutureDatedPayment
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
RequestedExecutionDate:
$ref: '#/components/schemas/AERequestedExecutionDate'
description: >-
A long-lived consent that MUST be used for a single payment which will
be authorized by the User during the payment journey, but the payment
will be initiated by the TPP in the future.
additionalProperties: false
AEServiceInitiationSingleInstantPayment:
type: object
required:
- Type
- Amount
properties:
Type:
type: string
enum:
- SingleInstantPayment
description: The Payment Type
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
ExpectedInitiationTimeWindow:
$ref: '#/components/schemas/AEExpectedInitiationTimeWindow'
description: >-
A single immediate payment consent that MUST be be used for a single
payment which will be initiated immediately after User authorization at
the LFI.
additionalProperties: false
AEAmountAndCurrency:
type: object
required:
- Currency
- Amount
properties:
Currency:
$ref: '#/components/schemas/CurrencyCode'
Amount:
$ref: '#/components/schemas/Amount'
description: >-
The Currency and Amount relating to the Payment, Refund or Request to
Pay
additionalProperties: false
Amount:
type: numberstring
pattern: ^\\d{1,16}\\.\\d{2}$
CurrencyCode:
type: string
pattern: ^[A-Z]{3}$
IsSingleAuthorization:
description: |
Specifies to the LFI that the consent authorization must be completed in a single authorization Step
with the LFI
type: "boolean"
AEServiceInitiationConsentPermissionCodes:
type: string
enum:
- ReadAccountsBasic
- ReadAccountsDetail
- ReadBalances
AEJWEPaymentPII:
type: string
description: |2-
A JSON Web Encryption (JWE) object, which encapsulates a JWS. The value is a compact serialization
of a JWE, which is a string consisting of five base64url-encoded parts joined by dots. It encapsulates encrypted content using JSON data structures.
The decrypted JWS content has the structure of the AEPaymentPII schema.
AuthorizationDetailsDataSharingConsent:
type: object
required:
- ConsentId
- Permissions
properties:
ConsentId:
$ref: '#/components/schemas/AEConsentId'
Permissions:
type: array
items:
$ref: '#/components/schemas/AEAccountAccesssConsentPermissionCodes'
minItems: 1
allOf:
- $ref: '#/components/schemas/AEAccountAccessAuthorizationDetailsProperties'
additionalProperties: false
AuthorizationDetailsInsuranceConsent:
type: object
required:
- ConsentId
- Permissions
properties:
BaseConsentId:
type: string
ExpirationDateTime:
type: string
format: date-time
OnBehalfOf:
$ref: '#/components/schemas/OnBehalfOf'
Purpose:
type: array
items:
$ref: '#/components/schemas/OBConsentPurpose'
ConsentId:
$ref: '#/components/schemas/AEConsentId'
Permissions:
$ref: '#/components/schemas/AEInsuranceConsentPermissions'
OBConsentPurpose:
type: string
enum:
- InsurancePolicyAggregation
- PersonalFinanceManager
- CreditAssessment
- MotorInsuranceQuote
- EnterpriseFinancialManagement
- Other
AEAccountAccessAuthorizationDetailsProperties:
type: object
properties:
BaseConsentId:
$ref: '#/components/schemas/AEBaseConsentId'
ExpirationDateTime:
type: string
format: date-time
description: >-
Specified date and time the permissions will expire.
If this is not populated, the permissions will be open ended.All
dates in the JSON payloads are represented in ISO 8601 date-time
format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
TransactionFromDateTime:
type: string
format: date-time
description: |2-
Specified start date and time for the transaction query period.
If this is not populated, the start date will be open ended, and
data will be returned from the earliest available
transaction.All dates in the JSON payloads are represented in
ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
TransactionToDateTime:
type: string
format: date-time
description: |2-
Specified end date and time for the transaction query period.
If this is not populated, the end date will be open ended, and
data will be returned to the latest available transaction.All
dates in the JSON payloads are represented in ISO 8601 date-time
format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
AccountType:
type: array
items:
$ref: '#/components/schemas/AEExternalAccountTypeCode'
AccountSubType:
type: array
items:
$ref: '#/components/schemas/AEAccountSubTypeCode'
OnBehalfOf:
$ref: '#/components/schemas/AEOnBehalfOf'
Purpose:
type: array
items:
$ref: '#/components/schemas/AEAccountAccessConsentPurpose'
additionalProperties: false
AEExternalAccountTypeCode:
description: Specifies the type of account (Retail, SME or Corporate).
type: string
enum:
- Retail
- SME
- Corporate
OnBehalfOf:
type: object
description: On Behalf Of
properties:
TradingName:
type: string
description: Trading Name
example: Acme Accounting Trading Name
LegalName:
type: string
description: Legal Name
example: Acme Accounting Legal Name
IdentifierType:
type: string
description: Identifier Type
enum:
- Other
Identifier:
type: string
description: Identifier
example: abcd1234
additionalProperties: false
AEInsuranceConsentPermissions:
type: string
enum:
- ReadMotorInsurancePolicies
- ReadMotorInsuranceCustomerBasic
- ReadMotorInsuranceCustomerDetail
- ReadMotorInsuranceCustomerPaymentDetails
- ReadMotorInsuranceProduct
- ReadMotorInsuranceTransactions
EventNotification:
type: object
description: |
A Webhook Subscription Schema
required:
- Webhook
properties:
Webhook:
description: |
A Webhook Schema
type: object
properties:
Url:
description: |
The TPP Callback URL being registered with the LFI
type: string
example: https://api.tpp.com/webhook/callbackUrl
IsActive:
description: >
The TPP specifying whether the LFI should send (IsActive true)
or not send (IsActive false) Webhook Notifications to the TPP's
Webhook URL
type: boolean
example: false
additionalProperties: false
additionalProperties: false
AEAccountAccessAndInsuranceConsentBodyAEInsuranceConsentBody:
type: object
required:
- Data
properties:
Data:
type: object
required:
- "ConsentId"
- "BaseConsentId"
- "Status"
properties:
ConsentId:
$ref: '#/components/schemas/AEConsentId'
Permissions:
$ref: '#/components/schemas/AEAccountAccesssConsentPermissionCodes'
allOf:
- $ref: '#/components/schemas/AEAccountAccessAuthorizationDetailPropertiesAEInsuranceAuthorizationDetailProperties'
additionalProperties: false
Meta:
type: object
properties:
MultipleAuthorizers:
$ref: '#/components/schemas/AEMetaMultiAuthorization'
Subscription:
type: object
properties:
Webhook:
$ref: '#/components/schemas/Webhook'
AEMetaMultiAuthorizationAEAccountAccessConsentBody:
type: "object"
descriptionrequired: |
Meta- Data
with Multi-Authorization relevant to the payload. properties:
For aData:
payment, it represents any Authorizers within the financial institution domain thattype: areobject
involved in approving the payment request. propertiesrequired:
TotalRequired: - "ConsentId"
description: | - "BaseConsentId"
The total number of Authorizers required to process- the"Status"
request typeproperties:
"number" Authorizations: ConsentId:
type: "array" $ref: '#/components/schemas/AEConsentId'
items: descriptionPermissions:
| Authorizer$ref: '#/components/schemas/AEAccountAccesssConsentPermissionCodes'
typeallOf:
"object" - properties$ref: '#/components/schemas/AEAccountAccessAuthorizationDetailProperties'
AuthorizerIdadditionalProperties: false
Meta:
description: | type: object
properties:
The Authorizer's Identifier MultipleAuthorizers:
type$ref: "string"'#/components/schemas/AEMetaMultiAuthorization'
Subscription:
AuthorizerType: type: object
descriptionproperties:
| Webhook:
The Type of Authorizer. For example, Financial, Management, etc.$ref: '#/components/schemas/Webhook'
AEInsuranceAuthorizationDetailProperties:
type: object
type: "string" properties:
BaseConsentId:
AuthorizationDate: $ref: '#/components/schemas/AEBaseConsentId'
descriptionExpirationDateTime:
| type: string
The DateTime of when the Authorization occurred. All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00
format: date-time
description: >-
Specified date and time the permissions will expire.
type: "string" If this is not populated, the permissions will be open ended.All
format: "date-time" dates in the JSON payloads are represented in AuthorizationStatus:ISO 8601 date-time
format.
description: | All date-time fields in responses must include the Thetimezone. StatusAn
reflecting the Authorizer's final decision regarding the request example is below:
type: "string" 2017-04-05T10:43:07+00:00
TransactionFromDateTime:
enum: type: string
format: date-time
"Pending" description: |2-
- "Approved" Specified start date and time for the transaction query period.
- "Rejected" additionalProperties: false If this is not populated, the start date will be additionalProperties:open falseended, and
additionalProperties: false AEConsentId: data will be type:returned stringfrom the earliest available
minLength: 1 maxLength: 128 transaction.All dates in description:the >-JSON payloads are represented in
Unique identification assigned by the TPP to identify the consent ISO 8601 resourcedate-time format.
AEAccountAccesssConsentPermissionCodes: type: string All date-time fields enum:in responses must include the timezone. An
- ReadAccountsBasic - ReadAccountsDetail example is below:
- ReadBalances - ReadBeneficiariesBasic 2017-04-05T10:43:07+00:00
- ReadBeneficiariesDetail TransactionToDateTime:
- ReadTransactionsBasic type: string
- ReadTransactionsDetail format: date-time
- ReadTransactionsCredits description: |2-
ReadTransactionsDebits - ReadProduct Specified end date -and ReadScheduledPaymentsBasictime for the transaction query period.
- ReadScheduledPaymentsDetail - ReadDirectDebits If this is not populated, the -end ReadStandingOrdersBasicdate will be open ended, and
- ReadStandingOrdersDetail data will be returned -to ReadConsentsthe latest available transaction.All
- ReadPartyPSU - ReadPartyPSUIdentitydates in the JSON payloads are represented in ISO 8601 date-time
ReadParty description: >- format.
Specifies the permitted account access policy data types. All This is a list of the data groups being consented by the User, and
date-time fields in responses must include the timezone. An
example is below:
requested for authorization with the LFI. AEAccountAccessAuthorizationDetailProperties:2017-04-05T10:43:07+00:00
typeAccountType:
object propertiestype: array
BaseConsentId items:
$ref: '#/components/schemas/AEBaseConsentIdAEAccountTypeCode'
ExpirationDateTimeAccountSubType:
type: stringarray
formatitems:
date-time description$ref: >-'#/components/schemas/AEAccountSubTypeCode'
OnBehalfOf:
Specified date and time the permissions will expire.
$ref: '#/components/schemas/AEOnBehalfOf'
Status:
If this is not populated, the permissions will be open ended.All$ref: '#/components/schemas/AEAccountAccessConsentStatus'
Purpose:
dates in the JSONtype: payloadsarray
are represented in ISO 8601 date-time items:
format. $ref: '#/components/schemas/AEInsuranceConsentPurpose'
All date-timeRevokedBy:
fields in responses must include the timezone. An $ref: '#/components/schemas/AERevokedBy'
example is belowadditionalProperties: false
AEInsuranceConsentPurpose:
2017-04-05T10:43:07+00:00
type: string
TransactionFromDateTimeenum:
- InsurancePolicyAggregation
type: string - PersonalFinanceManager
format: date-time - CreditAssessment
description: |2- - MotorInsuranceQuote
- EnterpriseFinancialManagement
Specified start date and time for- theOther
transaction
query period. AEMetaMultiAuthorization:
type: "object"
Ifdescription: this|
is not populated, the start date will be openMeta ended,Data andwith Multi-Authorization relevant to the payload.
For a payment, datait willrepresents beany returnedAuthorizers fromwithin the earliestfinancial availableinstitution domain that are involved in approving the payment request.
properties:
transaction.All dates in the JSON payloads are represented inTotalRequired:
description: |
ISO 8601 date-time format. The total number of Authorizers required to process the request
All date-time fields in responses must include the timezone. Antype: "number"
Authorizations:
example is belowtype: "array"
items:
2017-04-05T10:43:07+00:00 TransactionToDateTimedescription: |
type: string Authorizer
format: date-time type: "object"
description: |2- properties:
Specified end date and time forAuthorizerId:
the transaction query period. description: |
If this is not populated, the end date will be open ended, and The Authorizer's Identifier
data will be returned to the latest available transaction.Alltype: "string"
AuthorizerType:
dates in the JSON payloads are represented in ISO 8601 date-time description: |
format. The Type of Authorizer. For example, Financial, Management, etc.
All date-time fields in responses must include the timezone. An type: "string"
example is belowAuthorizationDate:
2017-04-05T10:43:07+00:00
description: |
AccountType: type:The arrayDateTime of when the Authorization occurred. All dates in the JSON items:payloads are represented in ISO 8601 date-time format. \nAll date-time fields in $ref: '#/components/schemas/AEAccountTypeCode'
responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00
AccountSubType: type: array"string"
items: format: "date-time"
$ref: '#/components/schemas/AEAccountSubTypeCode' AuthorizationStatus:
OnBehalfOf: $ref: '#/components/schemas/AEOnBehalfOf' description: |
Status: $ref: '#/components/schemas/AEAccountAccessConsentStatus'
Purpose:
The Status reflecting the Authorizer's final decision regarding the request
type: array type: "string"
items: $refenum:
'#/components/schemas/AEAccountAccessConsentPurpose' RevokedBy: - "Pending"
$ref: '#/components/schemas/AERevokedBy' additionalProperties: false - "Approved"
AEAccountAccessConsentStatus: description: >- - Consent"Rejected"
Status is set to eitheradditionalProperties: Authorizedfalse
,Revoked ,Rejected or AwaitingAuthorization typeadditionalProperties: stringfalse
enumadditionalProperties: false
AEConsentId:
- Authorized type: string
- AwaitingAuthorization minLength: 1
- RejectedmaxLength: 128
description: >-
Revoked Unique identification - Expiredassigned by the TPP to identify the consent
-resource.
Suspended
AEAccountAccessConsentPurposeAEAccountAccesssConsentPermissionCodes:
type: string
enum:
- AccountReadAccountsBasic
Aggregation - ReadAccountsDetail
- Personal Finance Manager - ReadBalances
- Credit Assessment - ReadBeneficiariesBasic
- Tax Filing - ReadBeneficiariesDetail
- Enterprise Financial- ManagementReadTransactionsBasic
- OtherReadTransactionsDetail
AEAccountSubTypeCode: - ReadTransactionsCredits
type: string - enum:ReadTransactionsDebits
- CurrentAccountReadProduct
- SavingsReadScheduledPaymentsBasic
- CreditCardReadScheduledPaymentsDetail
- PrePaidCardReadDirectDebits
- EMoneyReadStandingOrdersBasic
- ChargeCardReadStandingOrdersDetail
- OtherReadConsents
description: Specifies the- subReadPartyPSU
type of account (product family group) - ReadPartyPSUIdentity
AEAccountTypeCode: type:- stringReadParty
enumdescription: >-
- RetailSpecifies the permitted account access policy data types.
- Corporate description:This Specifiesis thea typelist of accountthe (Retaildata orgroups Corporate).being consented by the User, and
AEPaymentConsentResponse: description: |requested for authorization with the LFI.
Payment Consent Response SchemaAEAccountAccessAuthorizationDetailProperties:
type: "object"
additionalProperties: false required:
- "Data" Purpose
properties:
DataBaseConsentId:
type$ref: "object"'#/components/schemas/AEBaseConsentId'
additionalPropertiesExpirationDateTime:
false requiredtype: string
format: date-time
"ConsentId" description: >-
"BaseConsentId" Specified -date "Status"and time the permissions will expire.
# - "StatusUpdateDateTime" If this is not populated, the permissions will be #open - "CreationDateTime"ended.All
dates #in -the "ControlParameters"JSON payloads are represented in ISO 8601 date-time
# - "PaymentPurposeCode" format.
# - "PaymentConsumption" All date-time fields in responses must include the timezone. #An
- "AcceptedAuthorizationType" example # - "ExpirationDateTime"is below:
properties: 2017-04-05T10:43:07+00:00
ConsentIdTransactionFromDateTime:
$reftype: "#/components/schemas/AEConsentId"string
BaseConsentIdformat: date-time
description: |2-
$ref: "#/components/schemas/AEBaseConsentId" AcceptedAuthorizationType: Specified start date and time for the transaction query period.
$ref: "#/components/schemas/AEAcceptedAuthorizationType" If AuthorizationExpirationDateTime:this is not populated, the start date will be open ended, and
$ref: "#/components/schemas/AEAuthorizationExpirationDateTime" data Permissions:will be returned from the earliest available
$ref: "#/components/schemas/AEConsentPermissions" transaction.All dates in the JSON payloads ReadRefundAccount:are represented in
$ref: "#/components/schemas/AEReadRefundAccount" ISO 8601 date-time format.
ExpirationDateTime: All date-time fields in $ref: "#/components/schemas/AEConsentExpirationDateTime"
responses must include the timezone. An
Status: example is below:
$ref: "#/components/schemas/AEConsentStatus" RevokedBy:2017-04-05T10:43:07+00:00
$refTransactionToDateTime:
"#/components/schemas/AERevokedBy" CreationDateTimetype: string
$ref: "#/components/schemas/AECreationDateTime"format: date-time
StatusUpdateDateTimedescription: |2-
$ref: "#/components/schemas/AEStatusUpdateDateTime" Specified end date and time for the transaction query period.
Charges: $ref: "#/components/schemas/AECharges"
ExchangeRate: If this is not populated, the end date will be open ended, and
$ref: "#/components/schemas/AEExchangeRateInformation"
data will be returned to the latest available transaction.All
CurrencyRequest: dates in the $ref: "#/components/schemas/AECurrencyRequest"
JSON payloads are represented in ISO 8601 date-time
ControlParameters: format.
description: | All date-time fields in responses Controlmust Parameters setinclude the overalltimezone. rulesAn
for the Payment Schedule example is typebelow: "object"
additionalProperties: false 2017-04-05T10:43:07+00:00
propertiesAccountType:
type: array
IsPayByAccount: items:
$ref: "'#/components/schemas/AEIsPayByAccount"AEAccountTypeCode'
AccountSubType:
ConsentScheduletype: array
items:
type: "object" $ref: '#/components/schemas/AEAccountSubTypeCode'
OnBehalfOf:
description: | $ref: '#/components/schemas/AEOnBehalfOf'
Status:
The various payment types that can be initiated$ref: '#/components/schemas/AEAccountAccessConsentStatus'
Purpose:
*type: Aarray
Single Payment items:
* A Multi-Payment$ref: '#/components/schemas/AEAccountAccessConsentPurpose'
RevokedBy:
* A Combined Payment (one SinglePayment and one MultiPayment)$ref: '#/components/schemas/AERevokedBy'
additionalProperties: false
AEAccountAccessConsentStatus:
propertiesdescription: >-
Consent Status is set
SinglePayment: to either Authorized ,Revoked ,Rejected or AwaitingAuthorization
type: string
descriptionenum:
| - Authorized
- AwaitingAuthorization
A Consent definition for- definingRejected
Single Payments - Revoked
- Expired
oneOf: - Suspended
AEAccountAccessConsentPurpose:
type: string
- $refenum:
"#/components/schemas/AESingleInstantPayment" - Account Aggregation
- Personal Finance Manager
- $ref: "#/components/schemas/AESingleFutureDatedPayment" - Credit Assessment
- Tax Filing
discriminator: - Enterprise Financial Management
- Other
AEAccountSubTypeCode:
propertyName: Type type: string
enum:
- MultiPayment:CurrentAccount
- Savings
description: Specifies the sub type of $ref: "#/components/schemas/AELongLivedPaymentConsent"
account (product family group)
AEAccountTypeCode:
type: string
FilePayment: enum:
- Retail
- Corporate
$ref: "#/components/schemas/AEFilePaymentConsent" description: Specifies the type of account (Retail or Corporate).
additionalPropertiesAEPaymentConsentResponse:
false description: |
DebtorReference: Payment Consent Response Schema
$reftype: "#/components/schemas/AEStructuredDebtorReference"object"
additionalProperties: false
CreditorReferencerequired:
- "Data"
$refproperties:
"#/components/schemas/AEReference" Data:
PaymentPurposeCode: type: "object"
$ref: "#/components/schemas/AEPaymentPurposeCode"
additionalProperties: false
SponsoredTPPInformationrequired:
$ref: "#/components/schemas/AESponsoredTPPInformation- "ConsentId"
PaymentConsumption:- "BaseConsentId"
- $ref: "#/components/schemas/AEPaymentConsumption"Status"
IsSingleAuthorization:# - "StatusUpdateDateTime"
description:# |- "CreationDateTime"
# - "ControlParameters"
Specifies to the LFI that the consent authorization must be completed in a# single- authorization"PaymentPurposeCode"
Step # - "PaymentConsumption"
with the LFI # - "AcceptedAuthorizationType"
type: "boolean" # - Subscription:"ExpirationDateTime"
$refproperties:
"#/components/schemas/AEEventNotification" MetaConsentId:
$ref: "#/components/schemas/AEMetaMultiAuthorization"AEConsentId"
AEPaymentConsumptionBaseConsentId:
type: "object" description$ref: |"#/components/schemas/AEBaseConsentId"
Data to track the consumptionAcceptedAuthorizationType:
of Payments in relation to an authorized Consent Schedule required$ref: "#/components/schemas/AEAcceptedAuthorizationType"
- "CumulativeNumberOfPayments" AuthorizationExpirationDateTime:
- "CumulativeValueOfPayments" -$ref: "CumulativeValueOfPaymentsPerCurrentPeriod"#/components/schemas/AEAuthorizationExpirationDateTime"
properties: Permissions:
CumulativeNumberOfPayments: type$ref: "number"#/components/schemas/AEConsentPermissions"
description ReadRefundAccount:
| The cumulative number of payment instructions successfully accepted under the current consent schedule (Settlement on the Creditor's account has been completed)$ref: "#/components/schemas/AEReadRefundAccount"
ExpirationDateTime:
$ref: minLength: 1"#/components/schemas/AEConsentExpirationDateTime"
exampleStatus:
4 CumulativeValueOfPayments: $ref: "#/components/schemas/AEConsentStatus"
description: | RevokedBy:
The cumulative value of payment instructions successfully accepted under the current consent schedule (Settlement on the Creditor's account has been completed)
$ref: "#/components/schemas/AERevokedBy"
CreationDateTime:
A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."$ref: "#/components/schemas/AECreationDateTime"
StatusUpdateDateTime:
type$ref: "object"#/components/schemas/AEStatusUpdateDateTime"
requiredCharges:
- $ref: "Amount#/components/schemas/AECharges"
-ExchangeRate:
"Currency" properties: $ref: "#/components/schemas/AEExchangeRateInformation"
AmountCurrencyRequest:
$ref: "#/components/schemas/AEActiveOrHistoricAmountAECurrencyRequest"
CurrencyControlParameters:
$refdescription: "#/components/schemas/AEActiveOrHistoricCurrencyCode"|
CumulativeNumberOfPaymentsPerCurrentPeriod: Control Parameters set type: "number"
the overall rules for the Payment Schedule
description: | type: "object"
The cumulative number of payment instructions in the current period that areadditionalProperties: successfullyfalse
accepted (Settlement on the Creditor's account has been completed) properties:
minLength: 1 exampleIsPayByAccount:
1 CumulativeValueOfPaymentsPerCurrentPeriod: $ref: description: |"#/components/schemas/AEIsPayByAccount"
The cumulative valueConsentSchedule:
of payment instructions in the current period that are successfully accepted (Settlement on the Creditor's account has been completed)
type: "object"
A number of monetary units specified in andescription: active|
currency where the unit of currency is explicit and compliant with ISO 4217." The various payment type: "object"
types that can be initiated:
required: -* "Amount"A Single Payment
- "Currency" * properties:A Multi-Payment
Amount: * A Combined Payment (one SinglePayment and one MultiPayment)
$ref: "#/components/schemas/AEActiveOrHistoricAmount" Currency: properties:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode" additionalPropertiesSinglePayment:
false AEFilePaymentConsent: type: "object" description: |
A file based payment consent. A Consent definition for defining MultiSingle Payments
required: - "FileType" oneOf:
- "FileHash" - "NumberOfTransactions" - "ControlSum$ref: "#/components/schemas/AESingleInstantPayment"
properties: FileType: - $ref: "#/components/schemas/AEFileTypeAESingleFutureDatedPayment"
FileHash: discriminator:
$ref: "#/components/schemas/AEFileHash" propertyName: Type
FileReference: $refMultiPayment:
"#/components/schemas/AEReference" NumberOfTransactions: $ref: "#/components/schemas/AEFileNumberOfTransactionsAELongLivedPaymentConsent"
ControlSum: $refFilePayment: "#/components/schemas/AEControlSum"
RequestedExecutionDate: $ref: "#/components/schemas/AERequestedExecutionDateAEFilePaymentConsent"
additionalProperties: false AERequestedExecutionDate: additionalProperties: false
description: | The date DebtorReference:
when the TPP expects the LFI to execute the payment. $ref: "#/components/schemas/AEStructuredDebtorReference"
The date must be in the future andCreditorReference:
cannot be on the same day or a day in the past. $ref: "#/components/schemas/AEReference"
The maximum date in the future that can bePaymentPurposeCode:
specified is 1 year from the day of the consent of the User to the TPP.$ref: "#/components/schemas/AEPaymentPurposeCode"
All dates in the JSONSponsoredTPPInformation:
payloads are represented in ISO 8601 date format. type$ref: "string#/components/schemas/AESponsoredTPPInformation"
format: "date" AEFileTypePaymentConsumption:
type: "string" description$ref: "Specifies the payment file type#/components/schemas/AEPaymentConsumption"
minLength: 1 IsSingleAuthorization:
maxLength: 40 AEFileHash: typedescription: "string"|
description: "A base64 encoding of a SHA256 hash of the fileSpecifies to bethe uploaded."LFI that the consent authorization must be minLength:completed 1in a single authorization Step
maxLength: 44 AEConsentExpirationDateTime: description:with |the LFI
Specified date and time the consent will expire.
type: "boolean"
If thisSubscription:
is not populated, the consent will remain active as a long lived consent until the maximum consent validity period as per section 4.1.1 Consent Elements in the API User Guide.
$ref: "#/components/schemas/AEEventNotification"
Meta:
$ref: "#/components/schemas/AEMetaMultiAuthorization"
AllAEPaymentConsumption:
dates in the JSON payloads are represented in ISO 8601 date-time format.type: "object"
description: |
All date-time fields in responsesData mustto includetrack the timezone.consumption Anof examplePayments is :2023-04-05T10:43:07+00:00
in relation to an authorized Consent Schedule
* For Paymentrequired:
Consents, the maximum expiration time limit should be 23:59:59 (1 second before 00:00:00)- "CumulativeNumberOfPayments"
type: "string"- "CumulativeValueOfPayments"
format:- "date-timeCumulativeValueOfPaymentsPerCurrentPeriod"
AEConsentStatus: properties:
description: | CumulativeNumberOfPayments:
Specifies the status of a payment consent.type: "number"
| Consentdescription: Status|
State Type| Description| |---------------|-----------|------|
| AwaitingAuthorization | Pending | The consent is awaiting authorization.|
| Authorized | In Use | The consent has been successfully authorized.| The cumulative number of payment instructions successfully accepted under the current consent schedule (Settlement on the Creditor's account has been completed)
minLength: 1
|example: Rejected4
| Terminal | The unauthorized consent has been rejectedCumulativeValueOfPayments:
at the LFI.| description: |
Revoked | Terminal | The consent has been revoked at the TPP orThe LFI.|cumulative value of payment instructions successfully accepted under the |current Expiredconsent |schedule Terminal(Settlement |on Thethe consentCreditor's isaccount nowhas expired.|been completed)
| Consumed | Terminal | TheA consented action(s) have either been completed successfully.|
| Suspended | In Use | The consent has been suspended, pending further enquiries.|
type: "string"number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."
type: "object"
enumrequired:
- "AwaitingAuthorizationAmount"
- "AuthorizedCurrency"
- "Rejected" properties:
- "Revoked" Amount:
- "Expired" -$ref: "Consumed"#/components/schemas/AEActiveOrHistoricAmount"
Currency:
- "Suspended" AECreationDateTime: description$ref: "Date and time at which the message was created. All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00"#/components/schemas/AEActiveOrHistoricCurrencyCode"
CumulativeNumberOfPaymentsPerCurrentPeriod:
type: "number"
description: |
type: "string" The cumulative number of payment format: "date-time"
AEStatusUpdateDateTime:
description: "Date and time at which the resource status was updated.All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00"instructions in the current period that are successfully accepted (Settlement on the Creditor's account has been completed)
minLength: 1
example: 1
CumulativeValueOfPaymentsPerCurrentPeriod:
type: "string" description: |
format: "date-time" AECurrencyRequest: The cumulative value of description:payment |instructions in the current period that are successfully accepted The details of(Settlement on the non-local currency or FX request that has been agreed between the User and the TPP.
The requested ChargeBearer and ExchangeRateInformation are included in this object may be overwritten by the LFI in the returned Consent object.Creditor's account has been completed)
A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."
type: "object"
additionalProperties: false required:
required: - "CurrencyOfTransferAmount"
properties: - "Currency"
InstructionPriority: properties:
description: "Indicator of the urgency or order of importance thatAmount:
the instructing party would like the instructed party to apply to the processing of the instruction.$ref: "#/components/schemas/AEActiveOrHistoricAmount"
type: "string" Currency:
enum: $ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
- "Normal"additionalProperties: false
AEFilePaymentConsent:
-type: "Urgentobject"
ExtendedPurposedescription: |
A description:file "Specifiesbased thepayment purposeconsent.
of an international payment, when there is no correspondingA 4Consent characterdefinition codefor availabledefining inMulti thePayments
ISO20022 list of Purpose Codes." required:
type:- "stringFileType"
- "FileHash"
minLength: 1 - "NumberOfTransactions"
maxLength - "ControlSum"
properties:
140 ChargeBearerFileType:
$ref: "#/components/schemas/AEChargeBearerType1CodeAEFileType"
CurrencyOfTransferFileHash:
description$ref: "Specifies the currency of the to be transferred amount, which is different from the currency of the debtor's account."
#/components/schemas/AEFileHash"
FileReference:
$ref: "#/components/schemas/AEReference"
typeNumberOfTransactions:
"string" pattern$ref: "^[A-Z]{3,3}$#/components/schemas/AEFileNumberOfTransactions"
DestinationCountryCodeControlSum:
description$ref: "Country in which Credit Account is domiciled. Code to identify a country, a dependency, or another area of particular geopolitical interest, on the basis of country names obtained from the United Nations (ISO 3166, Alpha-2 code)."#/components/schemas/AEControlSum"
RequestedExecutionDate:
$ref: "#/components/schemas/AERequestedExecutionDate"
additionalProperties: false
AERequestedExecutionDate:
description: |
type: "string" The date when the TPP expects the pattern: "[A-Z]{2,2}"
LFI to execute the payment.
ExchangeRateInformation: The date must be in the future and cannot type: "object"
additionalProperties: falsebe on the same day or a day in the past.
The maximum date in the required:future that can be specified is 1 year from the day of the -consent "UnitCurrency"of the User to the TPP.
- "RateType"All dates in the JSON payloads are represented in ISO 8601 description: "Provides details on the currency exchange rate and contract.date format.
type: "string"
propertiesformat: "date"
UnitCurrencyAEFileType:
type: "string"
description: "CurrencySpecifies in which the ratepayment of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
file type"
minLength: 1
maxLength: 40
AEFileHash:
type: "string"
description: "A base64 encoding of a SHA256 hash of the pattern: "^[A-Z]{3,3}$file to be uploaded."
minLength: 1
ExchangeRate maxLength: 44
AEConsentExpirationDateTime:
description: "The|
factor used for conversion of an amount from oneSpecified currencydate to another. This reflects and time the priceconsent atwill whichexpire.
one currency was bought with another currency." If this is not populated, the consent will remain active as a long type: "number"
RateType:
lived consent until the maximum consent validity period as per section 4.1.1 Consent Elements in the API User Guide.
All dates description: "Specifiesin the typeJSON usedpayloads toare completerepresented thein currencyISO exchange."
8601 date-time format.
All date-time fields in type: "string"
responses must include the timezone. An example is :2023-04-05T10:43:07+00:00
enum: * For Payment Consents, the maximum expiration time limit should be 23:59:59 (1 second - "Actual"before 00:00:00)
type: "string"
format: "date-time"
- "Agreed" AEConsentStatus:
description: |
- "Indicative" Specifies the status of a payment consent.
ContractIdentification: | Consent Status| State Type| Description|
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent."
|---------------|-----------|------|
| AwaitingAuthorization | Pending | The consent is awaiting authorization.|
| Authorized | type: "string"
In Use | The consent has been successfully authorized.|
minLength: 1| Rejected | Terminal | The unauthorized consent has been rejected at the LFI.|
maxLength: 256 AEIsPayByAccount: | Revoked | Terminal | The type:consent booleanhas been revoked at the TPP or description: LFI.|
A| flagExpired to| denoteTerminal if| theThe Paymentconsent is an E-Commerce transactionnow expired.|
default: false| Consumed | Terminal | AESingleInstantPayment:The consented action(s) have either been completed type: "object"successfully.|
description: | Suspended | In Use | The consent has Abeen singlesuspended, immediatepending paymentfurther consentenquiries.|
that MUST be be used for a single payment which will be initiated immediately after User authorization at the LFI.type: "string"
enum:
required:- "AwaitingAuthorization"
- "TypeAuthorized"
- "AmountRejected"
properties: - "Revoked"
Type: - "Expired"
type: - "stringConsumed"
description:- "The Payment TypeSuspended"
enumAECreationDateTime:
description: "Date and time at which -the SingleInstantPaymentmessage was created. All dates in the JSON payloads Amount:are represented in ISO 8601 date-time format. \nAll date-time fields in $ref: "#/components/schemas/AEActiveCurrencyAmount"
ExpectedInitiationTimeWindow:responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00"
type: "string"
$ref format: "#/components/schemas/AEExpectedInitiationTimeWindowdate-time"
additionalPropertiesAEStatusUpdateDateTime:
false AEExpectedInitiationTimeWindowdescription: "Date and time at which the description:resource |status was updated.All dates in the JSON payloads are Arepresented timein windowISO set8601 by the TPP in which a Payment must be initated by the LFI.
date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00"
type: The"string"
time window is based on a customformat: "date-time"
format hhh:mm:ss. e.g. 000AECurrencyRequest:00:15
represents a time window of 15description: seconds|
to initiate the Payment. The details type: "string"
pattern: "^(00[0-9]|0[1-9][0-9]|[1-6][0-9]{2}|7[01][0-9]|720):[0-5][0-9]:[0-5][0-9]$"
example: "000:00:15"of the non-local currency or FX request that has been agreed between the User and the TPP.
AESingleFutureDatedPayment: The requested ChargeBearer and ExchangeRateInformation type: "object"
description: |
A long-lived consent that MUST be used for a single payment which will be authorized by the User during the payment journey, but the payment will be initiated by the TPP in the future.
required:are included in this object may be overwritten by the LFI in the returned Consent object.
type: "object"
additionalProperties: false
required:
- "CurrencyOfTransfer"
properties:
InstructionPriority:
- "Type" description: "Indicator -of "Amount"the urgency or order of importance that the instructing -party "RequestedExecutionDate"would like the instructed party to apply properties:to the processing of the instruction."
Type:
type: "string"
descriptionenum:
"The Payment Type" - enum:"Normal"
- SingleFutureDatedPayment"Urgent"
AmountExtendedPurpose:
$refdescription: "#/components/schemas/AEActiveCurrencyAmount"
RequestedExecutionDate:
$ref: "#/components/schemas/AERequestedExecutionDate"Specifies the purpose of an international payment, when there is no corresponding 4 character code available in the ISO20022 list of Purpose Codes."
additionalPropertiestype: false"string"
AEFixedPeriodicSchedule: minLength: description:1
| Payment ControlsmaxLength: that140
apply to all payment instructions in a given periodChargeBearer:
under this payment consent. type$ref: "object#/components/schemas/AEChargeBearerType1Code"
additionalProperties: false CurrencyOfTransfer:
required: - "PeriodType"
- "PeriodStartDate"
- "Amount"description: "Specifies the currency of the to be transferred amount, which is different from the currency of the debtor's account."
-type: "Typestring"
properties: pattern: "^[A-Z]{3,3}$"
Type: DestinationCountryCode:
type: "string" description: "Country in which Credit Account is description: "The Periodic Schedule Type"
enum:
- FixedPeriodicScheduledomiciled. Code to identify a country, a dependency, or another area of particular geopolitical interest, on the basis of country names obtained from the United Nations (ISO 3166, Alpha-2 code)."
PeriodTypetype: "string"
$ref pattern: "#/components/schemas/AEPeriodType[A-Z]{2,2}"
PeriodStartDateExchangeRateInformation:
$reftype: "#/components/schemas/AEPeriodStartDate"object"
AmountadditionalProperties: false
$refrequired:
"#/components/schemas/AEActiveCurrencyAmount" AELongLivedPaymentConsent: type:- "objectUnitCurrency"
description: | - "RateType"
A long-lived payment consent. description: "Provides details on the currency exchange Arate Consentand definitioncontract."
for defining Multi Payments properties:
Amount: UnitCurrency:
$ref: "#/components/schemas/AEActiveCurrencyAmount" MaximumIndividualPaymentAmount:
$ref: "#/components/schemas/AEMaximumIndividualPaymentAmount"
MaximumCumulativeValueOfPayments:
description: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
$ref: "#/components/schemas/AEMaximumCumulativeValueOfPayments" type: "string"
MaximumCumulativeNumberOfPayments: $refpattern: "#/components/schemas/AEMaximumCumulativeNumberOfPayments"^[A-Z]{3,3}$"
PeriodicSchedule ExchangeRate:
description: |"The factor used for conversion of an amount from one currency to another. TheThis definitionreflects forthe aprice scheduleat which one currency was bought with another currency."
oneOf: - $reftype: "#/components/schemas/AEDefinedSchedulenumber"
- $refRateType:
"#/components/schemas/AEFixedPeriodicSchedule" - $refdescription: "#/components/schemas/AEVariablePeriodicSchedule"
discriminator:Specifies the type used to complete the currency exchange."
propertyName: Typetype: "string"
additionalProperties: false AEDefinedScheduleenum:
type: "object" description: |- "Actual"
Payment Schedule denoting a list of pre-defined future dated payments- all"Agreed"
with fixed amounts and dates. additionalProperties: false - "Indicative"
required: - "Schedule" ContractIdentification:
- "Type" description: properties:"Unique and unambiguous reference to the foreign exchange contract Type:agreed between the initiating party/creditor and the debtor agent."
type: "string" descriptiontype: "string"The
Periodic Schedule Type" enumminLength: 1
- DefinedSchedule maxLength: 256
ScheduleAEIsPayByAccount:
type: "array"boolean
description: |
minItems: 1 A flag to denote if the uniqueItems:Payment falseis an E-Commerce transaction
itemsdefault: false
AESingleInstantPayment:
type: "object"
description: |
additionalProperties: false A single immediate payment consent that MUST be be used required:for a single payment which will be initiated immediately after User authorization at the - "PaymentExecutionDate"LFI.
required:
- "AmountType"
- "Amount"
properties:
Type:
PaymentExecutionDate: type: "string"
$refdescription: "#/components/schemas/AEPaymentExecutionDateThe Payment Type"
enum:
Amount: - SingleInstantPayment
$ref: "#/components/schemas/AEActiveCurrencyAmount"
Amount:
AEPaymentExecutionDate: description$ref: |"#/components/schemas/AEActiveCurrencyAmount"
UsedExpectedInitiationTimeWindow:
to specify the expected payment execution date/time. $ref: "#/components/schemas/AEExpectedInitiationTimeWindow"
All dates in theadditionalProperties: JSONfalse
payloads
are represented in ISO 8601AEExpectedInitiationTimeWindow:
date format. description: |
An example is: 2023-04-05 A time window set type: "string"
format: "date"
AEMaximumIndividualPaymentAmount:by the TPP in which a Payment must be initated by the LFI.
The description:time |window is based on a custom time format This is the Maximum amount a variable payment related to the Consent can takehhh:mm:ss. e.g. 000:00:15 represents a time window of 15 seconds to initiate the Payment.
type: "string"
All payment amounts must be smaller or equal to this value.pattern: "^(00[0-9]|0[1-9][0-9]|[1-6][0-9]{2}|7[01][0-9]|720):[0-5][0-9]:[0-5][0-9]$"
example: "000:00:15"
AESingleFutureDatedPayment:
type: "object"
requireddescription: |
A long-lived "Amount"consent that MUST be used for a single payment which -will "Currency"be authorized by the User during the properties:payment journey, but the payment will be initiated by Amount:the TPP in the future.
$refrequired:
"#/components/schemas/AEActiveOrHistoricAmount" - Currency:"Type"
$ref:- "#/components/schemas/AEActiveOrHistoricCurrencyCodeAmount"
AEPeriodType: type: "string- "RequestedExecutionDate"
descriptionproperties:
| Type:
A Period may begin from the Consent CreationDateTime if a PeriodStartDate is not provided.type: "string"
description: "The |PeriodPayment Type|Description|"
|-----------|-----------| enum:
|Day|A continuous period of time, consisting of- 24 consecutiveSingleFutureDatedPayment
hours, starting from midnight (00:00:00) and finishing at 23Amount:59:59
of the same day. | $ref: "#/components/schemas/AEActiveCurrencyAmount"
|Week|A continuous period of time, consisting ofRequestedExecutionDate:
seven consecutive days, starting from midnight (00:00:00) and finishing at 23:59$ref:59 of the 7th day. | "#/components/schemas/AERequestedExecutionDate"
additionalProperties: false
|Month|A continuous period of time starting from midnight (00:00:00) of the first day of a month and finishing at 23:59:59 of the last day of that month.|AEFixedPeriodicSchedule:
description: |
Payment Controls that apply to all payment instructions in a given period under this payment consent.
type: |Year|A continuous period of time, consisting of 12 months.|"object"
additionalProperties: false
enumrequired:
- Day"PeriodType"
- Week"PeriodStartDate"
- Month"Amount"
- "Type"
Year AEPeriodStartDateproperties:
typeType:
"string" descriptiontype: |"string"
* Paymentsdescription: Specifies"The thePeriodic startSchedule dateType"
of when a payment schedule begins. enum:
Where this is an optional field, if a value- isFixedPeriodicSchedule
not provided, then it must default to the ConsentPeriodType:
CreationDateTime, starting from midnight 00:00:00. format$ref: "date#/components/schemas/AEPeriodType"
AEVariablePeriodicSchedule: descriptionPeriodStartDate:
| Payment Controls that apply to all payment instructions in a given period under this payment consent.$ref: "#/components/schemas/AEPeriodStartDate"
Amount:
type$ref: "object#/components/schemas/AEActiveCurrencyAmount"
additionalPropertiesAELongLivedPaymentConsent: false
requiredtype: - "PeriodType"object"
- "Type"
propertiesdescription: |
Type: A long-lived payment consent.
type: "string" A Consent definition for defining Multi Payments
description: "The Periodic Schedule Type"
enum properties:
- VariablePeriodicSchedule
PeriodTypeAmount:
$ref: "#/components/schemas/AEPeriodTypeAEActiveCurrencyAmount"
PeriodStartDateMaximumIndividualPaymentAmount:
$ref: "#/components/schemas/AEPeriodStartDateAEMaximumIndividualPaymentAmount"
MaximumCumulativeValueOfPaymentsPerPeriodTypeMaximumCumulativeValueOfPayments:
$ref: "#/components/schemas/AEPeriodTypeMaximumCumulativeValueOfPaymentsAEMaximumCumulativeValueOfPayments"
MaximumCumulativeNumberOfPaymentsPerPeriodTypeMaximumCumulativeNumberOfPayments:
$ref: "#/components/schemas/AEPeriodTypeMaximumCumulativeNumberOfPaymentsAEMaximumCumulativeNumberOfPayments"
AEPeriodTypeMaximumCumulativeValueOfPayments: descriptionPeriodicSchedule:
| The maximumdescription: cumulative|
payment value of all payment initiations per Period Type. The definition for type: "object"a schedule
required: oneOf:
- "Amount" - -$ref: "Currency"#/components/schemas/AEDefinedSchedule"
properties: - $ref: "#/components/schemas/AEFixedPeriodicSchedule"
Amount: - $ref: "#/components/schemas/AEActiveOrHistoricAmountAEVariablePeriodicSchedule"
Currencydiscriminator:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode" propertyName: Type
additionalProperties: false
AEPeriodTypeMaximumCumulativeNumberOfPaymentsAEDefinedSchedule:
type: "integerobject"
description: |
The maximum frequencyPayment Schedule denoting a list of paymentpre-defined initiationsfuture perdated Periodpayments Type.all with fixed amounts and AEMaximumCumulativeNumberOfPayments:dates.
typeadditionalProperties: "integer"false
descriptionrequired:
| - "Schedule"
The maximum cumulative number of all successful- payment"Type"
rails executions under the Consent. properties:
Each successful paymentType:
rails execution (related to the Consent) is added to the total cumulative number of payments for the Consent which cannot exceed the maximum value agreed with the User at the point of consent.type: "string"
description: "The Periodic Schedule Type"
AEMaximumCumulativeValueOfPaymentsenum:
description: | - DefinedSchedule
The maximum cumulative value of all successfulSchedule:
payment rails executions under the Consent. type: "array"
Each successful payment rails execution amount (related to theminItems: Consent)1
is added to the total cumulative value of the Consent which cannot exceed the maximum value agreed with the User at the point of consent. uniqueItems: false
items:
type: "object"
additionalProperties: false
required:
- "AmountPaymentExecutionDate"
- "CurrencyAmount"
properties:
AmountPaymentExecutionDate:
$ref: "#/components/schemas/AEActiveOrHistoricAmountAEPaymentExecutionDate"
Currency: Amount:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCodeAEActiveCurrencyAmount"
AEStructuredDebtorReferenceAEPaymentExecutionDate:
description: |
AUsed reasonto orspecify referencethe inexpected relationpayment to a payment, set to facilitate a structured Payer reference consisting of:
* For payments to Merchants: TPP ID, Merchant ID, BIC and PostCode for the Creditor Account, followed by freeform text to a maximum of 120 characters.
execution date/time.
All dates in the JSON payloads are represented in ISO 8601 date format.
An example is: 2023-04-05
type: "string"
format: "date"
* For other payments: TPP ID, followed by freeform text to a maximum of 120 charactersAEMaximumIndividualPaymentAmount:
description: |
This is the Maximum amount a variable payment related to the Consent can take.
The TPP ID value will match the organization ID value from the Trust Framework, and therefore will be a v4 UUID.
All payment amounts must be smaller or equal to this value.
type: "object"
required:
- "Amount"
- "Currency"
properties:
Amount:
$ref: "#/components/schemas/AEActiveOrHistoricAmount"
Currency:
The Merchant ID wil be as per the existing IPP rules for the Merchant identification, and will incorporate the Trade License number for the Merchant.
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
AEPeriodType:
type: "string"
description: |
A Period may begin from the Consent CreationDateTime if a PeriodStartDate is not provided.
|Period Type|Description|
|-----------|-----------|
|Day|A continuous period of time, consisting of 24 consecutive hours, starting from midnight (00:00:00) and finishing at 23:59:59 of the same day. |
|Week|A continuous period of time, consisting of seven consecutive days, starting from midnight (00:00:00) and finishing at 23:59:59 of the 7th day. |
|Month|A continuous period of time starting from midnight (00:00:00) of the first day of a month and finishing at 23:59:59 of the last day of that month.|
|Year|A continuous period of time, consisting of 12 months.|
enum:
- Day
- Week
- Month
- Year
AEPeriodStartDate:
type: "string"
description: |
* Payments: Specifies the start date of when a payment schedule begins.
Where this is an optional field, if a value is not provided, then it must default to the Consent CreationDateTime, starting from midnight 00:00:00.
format: "date"
AEVariablePeriodicSchedule:
description: |
Payment Controls that apply to all payment instructions in a given period under this payment consent.
type: "object"
additionalProperties: false
required:
- "PeriodType"
properties:
PeriodType:
$ref: "#/components/schemas/AEPeriodType"
PeriodStartDate:
$ref: "#/components/schemas/AEPeriodStartDate"
MaximumCumulativeValueOfPaymentsPerPeriodType:
$ref: "#/components/schemas/AEPeriodTypeMaximumCumulativeValueOfPayments"
MaximumCumulativeNumberOfPaymentsPerPeriodType:
$ref: "#/components/schemas/AEPeriodTypeMaximumCumulativeNumberOfPayments"
AEPeriodTypeMaximumCumulativeValueOfPayments:
description: |
The maximum cumulative payment value of all payment initiations per Period Type.
type: "object"
required:
- "Amount"
- "Currency"
properties:
Amount:
$ref: "#/components/schemas/AEActiveOrHistoricAmount"
Currency:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
AEPeriodTypeMaximumCumulativeNumberOfPayments:
type: "integer"
description: |
The maximum frequency of payment initiations per Period Type.
AEMaximumCumulativeNumberOfPayments:
type: "integer"
description: |
The maximum cumulative number of all successful payment rails executions under the Consent.
Each successful payment rails execution (related to the Consent) is added to the total cumulative number of payments for the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
AEMaximumCumulativeValueOfPayments:
description: |
The maximum cumulative value of all successful payment rails executions under the Consent.
Each successful payment rails execution amount (related to the Consent) is added to the total cumulative value of the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
type: "object"
required:
- "Amount"
- "Currency"
properties:
Amount:
$ref: "#/components/schemas/AEActiveOrHistoricAmount"
Currency:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
AEStructuredDebtorReference:
description: |
A reason or reference in relation to a payment, set to facilitate a structured Payer reference consisting of:
* For payments to Merchants: TPP ID, Merchant ID, BIC and PostCode for the Creditor Account, followed by freeform text to a maximum of 120 characters.
* For other payments: TPP ID, followed by freeform text to a maximum of 120 characters.
The TPP ID value will match the organization ID value from the Trust Framework, and therefore will be a v4 UUID.
The Merchant ID wil be as per the existing IPP rules for the Merchant identification, and will incorporate the Trade License number for the Merchant.
A BIC is specific according to the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.
A PostCode is specified according to the standard format for ISO 20022, and can therefore be either a maximum of 16 characters in length.
If the value of the concatenated string exceeds 120 characters, the TPP must first omit or truncate the freeform element of the reference, followed by the PostCode.
oneOf:
- type: "string"
minLength: 1
maxLength: 120
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},Merchant=[A-Z0-9]{3}-[A-Z]{4}-TL.+-[0-9]{4},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1},PostCode=[A-Z0-9]{1,16}($|,.+$)"
- type: "string"
minLength: 1
A BIC is specific accordingmaxLength: to120
the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}($|,.+$)"
AEPaymentPurposeCode:
description: A PostCodecategory iscode specifiedthat accordingrelates to the type standardof formatservices foror ISOgoods 20022,that andcorresponds canto thereforethe beunderlying eitherpurpose aof maximumthe ofpayment. 16The characterscode inmust length.conform to the published AANI payment purpose code list.
If the value of the concatenatedtype: "string"
exceeds 120 characters, the TPP must first omit or truncate the freeform element of the reference, followed by the PostCode.minLength: 1
maxLength: 4
pattern: "^[A-Z]{3}$"
oneOf: AESponsoredTPPInformation:
- type: "stringobject"
description: |
minLength: 1 The Sponsored TPP is:
maxLength: 120 * A TPP that itself has pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},Merchant=[A-Z0-9]{3}-[A-Z]{4}-TL.+-[0-9]{4},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1},PostCode=[A-Z0-9]{1,16}($|,.+$)"no direct Open Banking API integrations.
* A TPP that is using the integration of another TPP that does have direct Open Banking API integrations.
properties:
Name:
- type: "string"
minLength: 1
maxLength: 12050
description: |
The Sponsored TPP Name
Identification:
patterntype: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}($|,.+$)string"
AEPaymentPurposeCode: minLength: 1
description maxLength: 50
A category code that relates to the typedescription: of|
services or goods that corresponds to the underlying purpose of the payment. The code must conform to the published AANI payment purpose code list. Sponsored TPP Identification
additionalProperties: false
AEBaseConsentId:
type: "string"
minLength: 1
maxLength: 4128
patterndescription: "^[A-Z]{3}$"
AESponsoredTPPInformation:>-
The original ConsentId assigned by the TPP.
type: "object"It is used by the TPP for description: |
updating/renewing parameters associated with
The Sponsored TPP is:long-lived consents.
* AIt TPPmust thatbe itselfprovided haswhen nolong-lived directconsent Openparameters Bankingare
API integrations. updated/renewed for *a Acurrent TPPconsent that is using the integration of another TPP that does have direct Open Banking API integrations.has not yet finished.
AEOnBehalfOf:
type: object
properties:
NameTradingName:
type: "string"
minLengthdescription: 1Trading Name
maxLengthLegalName:
50 descriptiontype: |string
description: Legal The Sponsored TPP Name
IdentificationIdentifierType:
typeallOf:
"string" - minLength$ref: 1'#/components/schemas/AEOnBehalfOfIdentifierType'
maxLengthdescription: 50 Identifier Type
Identifier:
description: | type: string
The Sponsored TPPdescription: IdentificationIdentifier
additionalProperties: false
AEBaseConsentIdAEOnBehalfOfIdentifierType:
type: string
minLengthenum:
1 maxLength: 128- Other
descriptionWebhook:
>- type: object
The original ConsentId assigned by thedescription: TPP.|
A Webhook ItSubscription isSchema
used by the TPP for updating/renewing parametersproperties:
associated with long-lived consents. Url:
It must be provided when long-lived consentdescription: parameters|
are updated/renewed for a current consent that has notThe yetTPP finished.Callback URL being registered with the AEOnBehalfOf:LFI
type: object propertiestype: string
TradingName: example: https://api.tpp.com/webhook/callbackUrl
type: string descriptionIsActive:
Trading Name LegalName: description: >
type: string The description:TPP Legalspecifying Namewhether the LFI should send (IsActive true)
IdentifierType: allOf: or not send (IsActive false) Webhook Notifications to the TPP's
- $ref: '#/components/schemas/AEOnBehalfOfIdentifierType' description: Identifier TypeWebhook URL
Identifier: type: boolean
type: string descriptionexample: Identifierfalse
additionalProperties: false
AEOnBehalfOfIdentifierType AERevokedBy:
typedescription: string|
enum: Denotes the Identifier of the revocation.
- Other Webhook: | Identifier| Description|
type: object |-----------|------------|
description: | | LFI | ARevoked Webhookby SubscriptionLFI Schemawithout User initiation|
properties: | TPP | Revoked by TPP without User initiation|
Url: | LFI.InitiatedByUser | Initiated by User via description:the LFI|
| TPP.InitiatedByUser | Initiated by User via the TheTPP|
TPP Callback URL being registered with thetype: LFIstring
enum:
type: string- LFI
- TPP
example: https://api.tpp.com/webhook/callbackUrl - LFI.InitiatedByUser
IsActive: - TPP.InitiatedByUser
AEReference:
description: >|
A reason or reference in relation to a Thepayment.
TPP specifying whether the LFI should send (IsActive true)Reason or reference for the beneficiary regarding the Payment
type: "string"
or not send (IsActive false) Webhook NotificationsminLength: to1
the TPP's maxLength: 120
AEEventNotification:
Webhook URL type: "object"
description: |
type: boolean A Webhook Subscription Schema
required:
example: false - additionalProperties:"Webhook"
false AERevokedByproperties:
description Webhook:
| Denotes thedescription: Identifier|
of the revocation. |A Identifier|Webhook Description|Schema
|-----------|------------| type: "object"
| LFI | Revoked by LFIproperties:
without User initiation| | TPPUrl:
| Revoked by TPP without User initiation| description: |
LFI.InitiatedByUser | Initiated by User via the LFI| |The TPP.InitiatedByUser |Callback InitiatedURL bybeing Userregistered viawith the TPP|LFI
type: string enumtype: "string"
- LFI example: "https://api.tpp.com/webhook/callbackUrl"
- TPP IsActive:
- LFI.InitiatedByUser - TPP.InitiatedByUser description: |
AEReference: description: | The TPP specifying whether Athe reasonLFI orshould referencesend in(IsActive relationtrue) toor anot payment.send (IsActive false) Webhook Notifications to the TPP's Webhook ReasonURL
or reference for the beneficiary regarding the Payment type: "stringboolean"
minLength: 1 maxLengthexample: false
120 AEEventNotificationadditionalProperties: false
typeadditionalProperties: "object"false
descriptionAEAcceptedAuthorizationType:
| description: |
A Webhook Subscription Schema Specifies to the required:LFI the type of consent authorization accepted by the -TPP "Webhook"when staging the consent
properties: * Single - Webhook:The consent should incur a single authorization Step with the LFI
description: | * Multi - The consent should Aincur Webhooka Schemamulti-authorization Step with the LFI
type: "objectstring"
enum:
properties: - "Single"
Url: - "Multi"
AEAuthorizationExpirationDateTime:
description: |
A time window by which a Consent (in TheAwaitingAuthorization TPPstatus) Callbackmust URLbe beingAuthorized registered withby the LFIUser.
The time window starts from the type: "string"
example: "https://api.tpp.com/webhook/callbackUrl"actual CreationDateTime (when the Consent is staged with the LFI).
If the current time IsActive:window exceeds the Authorization Expiration Time Window (and the Consent status is AwaitingAuthorization) then the description:Consent |Status must be set to Rejected.
The time window Theis TPPbased specifyingon whethera thecustom LFItime should send (IsActive true) or not send (IsActive false) Webhook Notifications to the TPP's Webhook URL
format hhh:mm:ss. e.g. 720:00:00 represents a time window of 720 hours, 00 minutes, 00 seconds (30 days) after the CreationDateTime to Authorize the Consent.
type: "booleanstring"
pattern: "^(00[0-9]|0[1-9][0-9]|[1-6][0-9]{2}|7[01][0-9]|720):[0-5][0-9]:[0-5][0-9]$"
example: false"720:00:00"
AEConsentPermissions:
additionalPropertiestype: false"array"
additionalPropertiesdescription: false|
AEAcceptedAuthorizationType: Specifies the permitted description:Account |Access data types.
Specifies to theThis LFIis thea typelist of consentthe authorizationdata acceptedgroups bybeing the TPP when stagingconsented by the consentUser, and requested for authorization with the LFI.
* Single - The consent should incur a single authorization Step with the LFI This allows a TPP to request *a Multibalance -check Thepermission.
consent should incur a multi-authorization Step withitems:
the LFI type: "string"
enum:
- "SingleReadAccountsBasic" # Ability to read basic account information
- "MultiReadAccountsDetail" # Ability to read AEAuthorizationExpirationDateTime:account identification details
description: | - "ReadBalances" # Ability Ato timeread windowall bybalance whichinformation
a Consent (in AwaitingAuthorization status) must beminItems: Authorized1
by the User. AEReadRefundAccount:
description: The"Allows timethe windowLFI startsto fromshare the refund actualaccount CreationDateTimedetails (whenwith theTPP"
Consent is staged with the LFI). type: boolean
AEFileNumberOfTransactions:
If the current time window exceeds the Authorization Expiration Time Window (and the Consent status is AwaitingAuthorization) then the Consent Status must be set to Rejected.
The time window is based on a custom time format hhh:mm:ss. e.g. 720:00:00 represents a time window of 720 hours, 00 minutes, 00 seconds (30 days) after the CreationDateTime to Authorize the Consenttype: "integer"
description: |
Number of individual transactions contained in the payment information group.
AEControlSum:
description: |
Total of all individual amounts included in the group, irrespective of currencies.
type: "string"
pattern: "^(00[0-9]|0[1-9][0-9]|[1-6][0-9]{2}|7[01][0-9]|720):[0-5][0-9]:[0-5][0-9]\\d{1,16}\\.\\d{2}$"
example: "720:100.00:00"
AEConsentPermissionspsuIdentifiers:
type: "array"
description: | object
description: |
The PSU that is associated with this consent.
The `PSUIdentifiers` object may have artitrary custom fields that an financial institution may use to
Specifiesidentify the permittedPSU.
Account
Access data types. However, all `PSUIdentifiers` Thismust ishave a list of the data groups being consented by the User, and requested for authorization with the LFImandatory `userId` field that provides a unique
user id for the PSU.
ThisThe allowsconsent ais TPPinitially tocreated requestwithout a balancePSU check permissionidentified.
items: The value must be specified once type: "string"
the consent is authorised.
enumproperties:
userId:
- "ReadAccountsBasic" # Ability to read basic account information type: string
required:
- "ReadAccountsDetail" # Ability to read account identification- detailsuserId
additionalProperties: true
- "ReadBalances" # Ability to read all balance information ValidateResponseStatusEnum:
type: string
minItems: 1 AEReadRefundAccountenum:
description: "Allows the- LFIvalid
to share the refund account details with TPP" - invalid
type: boolean AEFileNumberOfTransactionsconsentValidateResponse:
type: "integer"object
description: |
properties:
Number of individual transactions contained in thedata:
payment information group. AEControlSum: type: object
description: | properties:
Total of all individual amounts included in the group, irrespective of currencies.status:
type: "string" pattern$ref: "^\\d{1,16}\\.\\d{2}$"
#/components/schemas/ValidateResponseStatusEnum"
example: "100.00" psuIdentifierscode:
type: object descriptiontype: string
| The PSU thatdescription:
is associated with this consent. Thetype: `PSUIdentifiers`string
object
may have artitrary custom fields that an financial institutionmeta:
may use to identify the PSU.$ref: "#/components/schemas/Meta"
Meta:
However, alltype: `PSUIdentifiers`object
must have a mandatory `userId` field thatadditionalProperties: providesfalse
a
unique Error:
user id fortype: theobject
PSU. properties:
The consent is initially created withouterrorCode:
a PSU identified. type: string
The value must be specified once the consent is authorised. description: Error code identifying the problem properties:occured
userIderrorMessage:
type: string
required: description: Message describing what problem -has userIdoccured
additionalProperties: true propogateError:
ValidateResponseStatusEnum: type: stringboolean
enum: description: optional field if error -want validto propogate
parameters:
- invalid
consentValidateResponse aspspId:
typename: objecto3-aspsp-id
propertiesin: header
dataschema:
type: objectstring
required: true
properties: deprecated: true
statusdescription:
Identifier for the financial institution that $ref: "#/components/schemas/ValidateResponseStatusEnum"
the request is targetted to.
This code:header is deprecated and will be removed in a future version of Ozone Connect. type: stringUse `o3-provider-id` instead.
providerId:
descriptionname: o3-provider-id
in: header
typeschema: string
metatype: string
required: true
$ref: "#/components/schemas/Meta" description: Identifier Meta:for the financial institution that the request type:is objecttargetted to
additionalPropertiescallerOrgId:
false Error:name: o3-caller-org-id
typein: objectheader
propertiesschema:
errorCodetype: string
typerequired: stringtrue
description: ErrorAn codeidentifier identifyingfor the problemorganization occuredcalling the API
errorMessagecallerClientId:
name: o3-caller-client-id
type: string in: header
descriptionschema:
Message describing what problem has occured propogateErrortype: string
typerequired: boolean
true
description: optionalAn fieldidentifier iffor errorthe wantOIDC toclientId propogatecalling the API
parameters:
aspspIdcallerSoftwareStatementId:
name: o3-aspspcaller-software-statement-id
in: header
schema:
type: string
required: true
deprecated: truedescription: An identifier for the software statement calling the API
apiUri:
descriptionname: o3-api-uri
in: header
Identifier for theschema:
financial institution that the request is targetted to. type: string
Thisrequired: headertrue
is deprecated and will be removed indescription: aThe futureparameterised versionURL of the Ozone Connect. Use `o3-provider-id` instead.API being called by the caller
providerIdapiOperation:
name: o3-providerapi-idoperation
in: header
schema:
type: string
required: true
description: IdentifierThe forAPI theoperation financialcarried institutionout thatby the request is targetted to caller (e.g. GET, POST, PUT, DELETE, PATCH)
callerOrgIdconsentId:
name: o3-callerconsent-org-id
in: header
schema:
type: string
required: true
description: AnThe identifierconsentId for thewhich this organizationcall callingis thebeing APImade
callerClientIdcallerInteractionId:
name: o3-caller-clientinteraction-id
in: header
schema:
type: string
required: true
description: The Aninteraction identifierID forpassed thein OIDCby clientIdthe callingcaller, theif APIany
callerSoftwareStatementIdozoneInteractionId:
name: o3-callerozone-software-statementinteraction-id
in: header
schema:
type: string
required: true
description: An identifier for the software statement calling the APIinteraction ID generated by Ozone if the caller did not send in one. If the callerInteractionId is specified, this takes the same value.
apiUripsuIdentifier:
name: o3-apipsu-uriidentifier
in: header
schema:
type: string
required: true
description: A TheBase64 parameterisedencoded URLrepresentation of the APIpsuIdentifier beingJSON calledobject.
by
the caller securitySchemes:
apiOperationOzoneConnectApiKey:
namedescription: o3-api-operationCommunications between the API Hub and the in:LFI headerOzone schema:
type: string
required: trueConnect implementation are secured using an API Key, which is a secret shared between the API Hub and the LFI.
descriptiontype: apiKey
The API operation carried out byin: theheader
caller (e.g. GET, POST, PUT, DELETE, PATCH)name: Authorization
consentIdOzoneConnectClientCredentials:
nametype: o3-consent-idoauth2
indescription: header|
schema: Communications between the API Hub and the type:LFI stringOzone Connect implementation are secured using a required:Client trueCredentials grant type.
description: The consentId for which
this call is being made LFIs must callerInteractionId:host an OAuth 2.0 Authorization Server to name: o3-caller-interaction-id
in: header
schema:
utilise this security pattern. Scope values are set during the onboarding process, and represented by a placeholder in this API description.
type: string flows:
required: true clientCredentials:
description: The interaction ID passed in by the caller, if anytokenUrl: "https://example.lfi.ae/token"
ozoneInteractionId: scopes:
name: o3-ozone-interaction-id inplaceholder: headerPlaceholder for scopes, which are set by schema:the LFI during onboarding
typeOzoneConnectJwtAuth:
string description: required:| true
description: An interactionCommunications IDbetween generatedthe byAPI OzoneHub ifand the callerLFI didOzone notConnect sendimplementation inare one.secured Ifusing the callerInteractionId"JWT isAuth" specifiedmechanism, thiswhere takes the sameClient value.presents a signed JSON Web Token psuIdentifier:as a credential.
name: o3-psu-identifier
in: header The Server MUST schema:verify the signature in order to authenticate the Client.
type:
string required: truePlease note that the value of the description:`scheme` Aparameter Base64is encodednot representationa ofregistered theHTTP psuIdentifierAuthentication JSONScheme, object.to indicate it is securitySchemes:specific to Ozone Connect. Please bearerAuth:refer to API Hub documentation for further type:details.
http schemetype: bearerhttp
bearerFormatscheme: Ozone-Connect-JWT-Auth
|
