...
| Awesome api app render macro | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
openapi: 3.0.1
servers:
- url: https://<your-ozone-connect-server>
info:
title: Ozone Connect - Service Initiation APIs
description: |
This document provides an API description in [OpenAPI](https://spec.openapis.org/oas/v3.0.1.html)
for Service Initiation APIs for Ozone Connect.
These APIs should be implemented by a Financial Institution so that Ozone can deliver Service Initiation capabilities to TPPs
### #### ChangesChanges in VersionRelease 2024.3746.0
* Added missing `description` properties through the document.
#### Changes in Version 2024.34.1
Changed PersonalIdentifiableInformation to optional in AEPaymentRequest
* Changed AERisk object to provide details of enhanced risk data encrypted as the
* Removed propagateError fieldpayload fromof the JWE
Error
object. * Correct casing *of Updateproperties exchangeRatein and`post rateType/payments` propertiesoperation
* RefactoredAdded Securitypayment Schemefile Objectsupload tooperation
use
common definitions across all API Hub* APIsAdded file payment consent operation
* ImplementedChanged the`tpp` correctproperty Securityin Requirements`post for/payments` thisto APIprovide description,more reflectinginformation securityabout patternsthe available
in API Hub TPP and ####the ChangesClient in Version 2024.34software statement
* IntroducedRemoved new`FollowingServiceLevel` endpointenum Get /payment-consents/{consentId}/refund.from `CurrencyRequest.ChargeBearer`
* CosmeticRemoved changes`PaymentSequenceNumber` - Request Response Changesfrom `instruction.PaymentSequenceNumber`
contact: #### Changes in name: Ozone Financial Technology Limited
version: 2024.37Release 2024.43.0
tags: - name:* paymentsAdded `OpenFinanceBilling` object to request description:and |response body of POST Payments and in APIsGET thatPayments.
should
be implemented by Financial Institutions#### toChanges exposein Service Initiation capability to TPPs.
security:
- {}
- OzoneConnectApiKey: []
- OzoneConnectClientCredentials: [Release 2024.37.0
* Added `default` response to each operation to aid understanding of error handling requirements.
* "placeholder"Added missing `description` properties through ]the document.
- OzoneConnectJwtAuth: [] paths:* Removed /payments`additionalProperties: true` as not required post:and causes tooling issues
tags: #### Changes in Version 2024.34.1
- payments * Removed propagateError field from summary:the MakeError aobject.
payment
* Update description:exchangeRate |and rateType properties
* ThisRefactored APISecurity isScheme calledObjects byto Ozoneuse Connectcommon todefinitions instructacross aall FinancialAPI InstitutionHub toAPIs
initiate
a payment once it has* receivedImplemented athe paymentcorrect Security Requirements for this API description, reflecting security instructionpatterns fromavailable ain TPPAPI thatHub
has
passed all local validations. #### Changes in Version 2024.34
The Financial* InstitutionIntroduced mustnew processendpoint theGet /payment and indicate a failure response (if the payment fails technical validation) or a
-consents/{consentId}/refund.
* Cosmetic changes - Request Response Changes
contact:
name: successOzone responseFinancial (ifTechnology theLimited
payment
passess technical validation and is submitted to the payment rails for processing)version: 2024.46.0
tags:
- name: payments
description: |
The Financial Institution must generate a unique `PaymentId` APIs that canshould be sentimplemented onby toFinancial theInstitutions TPPto asexpose aService referenceInitiation forcapability theto paymentTPPs.
security:
- {}
- IfOzoneConnectApiKey: the[]
underlying consent has- beenOzoneConnectClientCredentials: patched[
with a `bankConnectToken`, then the token is passed in as the authorization header. "placeholder"
]
- OzoneConnectJwtAuth: []
operationIdpaths:
makePayment /payments:
parameterspost:
tags:
# common header parameters that set context - payments
- $refsummary: "#/components/parameters/providerId"
Make a payment
- $refdescription: "#/components/parameters/aspspId"|
-This $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"API is called by Ozone Connect to instruct a Financial Institution to initiate a payment once it has received a payment
instruction from a -TPP $ref: "#/components/parameters/apiUri"
that has passed all local validations.
- $ref: "#/components/parameters/apiOperation" The Financial Institution must process the -payment $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"and indicate a failure response (if the payment fails technical validation) or a
-success $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
response (if the payment passess technical validation and is submitted to the payment rails for processing)
security: The Financial Institution must -generate {}a unique `PaymentId` that can be sent on to -the OzoneConnectApiKey:TPP []as a reference for the payment.
- OzoneConnectClientCredentials: [ If the underlying consent has been patched with a "placeholder"`bankConnectToken`, then the token is passed in as the authorization header.
]
operationId: makePayment
- OzoneConnectJwtAuth: [] parameters:
- OzoneConnectServiceInitiationToken: [] # common header parameters that set context
requestBody: - required: true$ref: "#/components/parameters/providerId"
- content$ref: "#/components/parameters/aspspId"
- application/json$ref: "#/components/parameters/callerOrgId"
- schema$ref: "#/components/parameters/callerClientId"
- $ref: "#/components/schemasparameters/PaymentPostRequestcallerSoftwareStatementId"
responses: - $ref: "#/components/parameters/apiUri"
- '201'$ref: "#/components/parameters/apiOperation"
- description$ref: successful operation"#/components/parameters/consentId"
- $ref: content:"#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
application/json: - $ref: "#/components/parameters/psuIdentifier"
schema security:
- {}
$ref: "#/components/schemas/AEPaymentIdResponse" - OzoneConnectApiKey: []
'400': - OzoneConnectClientCredentials: [
description: failed operation "placeholder"
content: ]
application/json: - OzoneConnectJwtAuth: []
- schemaOzoneConnectServiceInitiationToken: []
requestBody:
$refrequired: "#/components/schemas/Error"true
/payments/{paymentId}: getcontent:
operationId: getPayment application/json:
tags: -schema:
payments summary: Get a payment $ref: "#/components/schemas/PaymentPostRequest"
description: | responses:
Ozone can call this API from'201':
Financial Institutions to retrieve payment information. parametersdescription: successful operation
# common header parameters thatcontent:
set context - $ref: "#/components/parameters/providerId"application/json:
- $ref: "#/components/parameters/aspspId" schema:
- $ref: "#/components/parameters/callerOrgId" - $ref: "#/components/parametersschemas/callerClientIdAEPaymentIdResponse"
- $ref'400':
"#/components/parameters/callerSoftwareStatementId" - $refdescription: "#/components/parameters/apiUri"failed operation
- $refcontent:
"#/components/parameters/apiOperation" - $ref: "#/components/parameters/consentId"application/json:
- $ref: "#/components/parameters/callerInteractionId" schema:
- $ref: "#/components/parameters/ozoneInteractionId" - $ref: "#/components/parametersschemas/psuIdentifierError"
default:
- $ref: "# $ref: "#/components/parametersresponses/paymentIdError"
/payments/{paymentId}:
responsesget:
operationId: getPayment
'200': tags:
description: successful operation - payments
contentsummary: Get a payment
application/jsondescription: |
Ozone can call this API schema:from Financial Institutions to retrieve payment information.
parameters:
$ref: "#/components/schemas/AEPaymentIdResponse" # common header parameters that '400':set context
- description$ref: failed operation"#/components/parameters/providerId"
- content$ref: "#/components/parameters/aspspId"
- application/json:$ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
schema: - $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/schemasparameters/ErrorapiUri"
/payments/{paymentId}/report-file:
get:
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- tags$ref: "#/components/parameters/ozoneInteractionId"
- payments $ref: "#/components/parameters/psuIdentifier"
- summary: report file for bulk payments$ref: "#/components/parameters/paymentId"
responses:
description'200':
| Thisdescription: APIsuccessful isoperation
called by Ozone Bank Connect to get a report file forcontent:
a set of bulk payments operationIdapplication/json:
reportFile parameters: schema:
# common header parameters that set context - $ref: "#/components/parametersschemas/providerIdAEPaymentIdResponse"
- $ref'400':
"#/components/parameters/aspspId" - $refdescription: "#/components/parameters/callerOrgId"failed operation
- $refcontent:
"#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId"application/json:
- $ref: "#/components/parameters/apiUri" schema:
- $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parametersschemas/consentIdError"
- $refdefault:
"#/components/parameters/callerInteractionId" - $ref: "#/components/parametersresponses/ozoneInteractionIdError"
/payments/{paymentId}/report-file:
- $refget:
"#/components/parameters/psuIdentifier" - $reftags:
"#/components/parameters/paymentId" responses:- payments
'200'summary: report file for bulk payments
description: successful|
operation This API content:
'*/*':is called by Ozone Bank Connect to get a report file for a set of bulk payments
operationId: reportFile
schemaparameters:
# common header parameters that set context
type: string - $ref: "#/components/parameters/providerId"
description- $ref: Any content type."#/components/parameters/aspspId"
- '400'$ref: "#/components/parameters/callerOrgId"
- description$ref: failed operation"#/components/parameters/callerClientId"
- content$ref: "#/components/parameters/callerSoftwareStatementId"
- application/json:$ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
schema: - $ref: "#/components/parameters/consentId"
- $ref: "#/components/schemasparameters/ErrorcallerInteractionId"
/payment-consents/{consentId}/refund: - $ref: "#/components/parameters/ozoneInteractionId"
get: - $ref: tags:"#/components/parameters/psuIdentifier"
- payments
$ref: "#/components/parameters/paymentId"
summary: Retrieve aresponses:
Payment Consent description'200':
| Ozonedescription: cansuccessful calloperation
this API from Financial Institutions to retrieve payment information. content:
operationId: getRefund parameters:'*/*':
# common header parametersschema:
that set context - $ref: "#/components/parameters/providerId" type: string
- $ref: "#/components/parameters/aspspId" - $ref: "#/components/parameters/callerOrgId"description: Any content type.
- $ref'400':
"#/components/parameters/callerClientId" - $refdescription: "#/components/parameters/callerSoftwareStatementId"
failed operation
- $refcontent:
"#/components/parameters/apiUri" - $ref: "#/components/parameters/apiOperation"application/json:
- $refschema: "#/components/parameters/consentId"
- $ref: "#/components/parametersschemas/callerInteractionIdError"
- $refdefault:
"#/components/parameters/ozoneInteractionId" - $ref: "#/components/parametersresponses/psuIdentifierError"
/payment-consents:
- namepost:
consentId tags:
in: path - payments
schemasummary: Create a payment consent for file payment operations
type: string description: |
required:This trueoperation allows a consent to be created for Bulk/Batch payment operations description:
| **ONLY**. This is supported due Identifiesto the consentordering byof anBulk/Batch idpayment
responses: instructions, where the Pushed Authorization Request is '200':submitted and
description:the successfulpayment operationfile is then uploaded before Authentication and Authorization
content: takes place. Creating the consent at the application/json:LFI allows the payment file data to
schema:be validated on receipt.
Please note that the Consent $ref: "#/components/schemas/RefundGetResponse"
'400':Manager API continues to be the source-of-truth for
all consent types.
description: failed operation operationId: createBulkBatchPaymentConsent
contentrequestBody:
description: Properties of the application/json:file payment consent.
content:
schema: application/json:
$ref: "#/components/schemas/Error" componentsschema:
schemas: PaymentPostRequest: description: The properties of a file payment requestconsent
type: object propertiestype: object
requestUrl: required:
type: string description:- |consentId
The (Ozone) URL at which- therequest
TPP requested for the payment paymentTypeproperties:
$ref: "#/components/schemas/PaymentType" consentId:
request: $ref: "#/components/schemas/AEPaymentAndFilePaymentRequestAEConsentId"
requestHeaders: request:
$ref: "'#/components/schemas/PaymentRequestHeaders"AEFilePaymentConsent'
tppparameters:
- $ref: "#/components/schemasparameters/tppproviderId"
- supplementaryInformation$ref: "#/components/parameters/aspspId"
- $ref: "#/components/schemasparameters/SupplementaryInformationcallerOrgId"
- required$ref: "#/components/parameters/callerClientId"
- paymentType$ref: "#/components/parameters/callerSoftwareStatementId"
- request $ref: "#/components/parameters/apiUri"
- requestHeaders$ref: "#/components/parameters/apiOperation"
- tpp
$ref: "#/components/parameters/consentId"
additionalProperties: false - $ref: "#/components/parameters/callerInteractionId"
AEPaymentAndFilePaymentRequest: - description$ref: The payment request body as received from the TPP
oneOf:
"#/components/parameters/ozoneInteractionId"
- $ref: "#/components/schemasparameters/AEPaymentRequestpsuIdentifier"
responses:
- $ref: "#/components/schemas/AEFilePaymentRequest" AEPaymentRequest'201':
description: | description: File payment consent successfully created
Payment Request Schema type'400':
"object" additionalProperties: false description: failed operation
required: content:
- "Data" properties: application/json:
Data: schema:
description: Primary data for the request type$ref: "object#/components/schemas/Error"
additionalPropertiesdefault:
false required$ref: "#/components/responses/Error"
/payment-consents/{consentId}/file:
post:
- "ConsentId" tags:
- "Instruction"payments
summary: Submit payment instruction file for - "PersonalIdentifiableInformation"bulk/batch payments
description: This operation allows a Bulk/Batch -payment "PaymentPurposeCode"file to be transmitted to the LFI. The
properties: data herein will be encoded according to ConsentId:the format already supported by the
$ref: "#/components/schemas/AEConsentId"
LFI, with the API Hub acting as a passthrough.
InstructionoperationId: createBulkBatchPaymentInstructionFile
requestBody:
$ref: "#/components/schemas/AEPaymentInstruction"
description: File containing payment instructions in LFI prescribed format
CurrencyRequest: content:
$ref: "#/components/schemas/AECurrencyRequest"'*/*':
PersonalIdentifiableInformationschema:
$reftype: "#/components/schemas/AEJWEPaymentPII"string
parameters:
PaymentPurposeCode: - $ref: "#/components/parameters/providerId"
- $ref: "#/components/schemasparameters/AEPaymentPurposeCodeaspspId"
- $ref: "#/components/parameters/callerOrgId"
DebtorReference: - $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/schemasparameters/AEStructuredDebtorReferencecallerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
CreditorReference: - $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/schemasparameters/AEStructuredCreditorReferenceconsentId"
AEJWEPaymentPII: - $ref: "#/components/parameters/callerInteractionId"
type: string - description$ref: |2-"#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
A JSON Web Encryption (JWE) object, which encapsulates- aname: JWS.consentId
The value is a compact serialization in: path
of a JWE, which isschema:
a string consisting of five base64url-encoded parts joined by dots. It encapsulates encryptedtype: contentstring
using JSON data structures. required: true
The decrypted JWS content has thedescription: structure|
of the AEPaymentPII schema. AEConsentId: Identifies the consent by type:an stringid
minLengthresponses:
1 maxLength'204':
128 description: >- description: File uploaded successfully
Unique identification assigned by the TPP'400':
to identify the consent description: failed resource.operation
AEFilePaymentRequest: descriptioncontent:
| File Payment Request Schemaapplication/json:
type: "object" additionalPropertiesschema:
false required: -$ref: "Data#/components/schemas/Error"
properties default:
Data: $ref: "#/components/responses/Error"
/payment-consents/{consentId}/refund:
descriptionget:
Primary data for the request tags:
type: "object"- payments
additionalPropertiessummary: falseRetrieve a Payment Consent
requireddescription: |
Ozone can call -this "ConsentId"API from Financial Institutions to retrieve payment information.
- "PaymentPurposeCode"operationId: getRefund
propertiesparameters:
# common header parameters ConsentId:that set context
- $ref: $ref: "#/components/schemasparameters/AEConsentIdproviderId"
- $ref: "#/components/parameters/aspspId"
Instruction: - $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/schemasparameters/AEFilePaymentConsentcallerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
PaymentPurposeCode: - $ref: "#/components/parameters/apiUri"
- $ref: "#/components/schemasparameters/AEPaymentPurposeCodeapiOperation"
- DebtorReference$ref: "#/components/parameters/consentId"
- $ref: "#/components/schemasparameters/AEStructuredDebtorReferencecallerInteractionId"
AEFilePaymentConsent: - $ref: "#/components/parameters/ozoneInteractionId"
type: "object" - description$ref: |"#/components/parameters/psuIdentifier"
A file- basedname: paymentconsentId
consent. A Consentin: definitionpath
for defining Multi Payments requiredschema:
- "FileType" type: string
- "FileHash" required: true
- "NumberOfTransactions"
description: |
- "ControlSum" Identifies the properties:consent by an id
FileType: responses:
$ref'200':
"#/components/schemas/AEFileType" FileHashdescription: successful operation
$ref: "#/components/schemas/AEFileHash" content:
FileReferenceapplication/json:
$ref: "#/components/schemas/AEReference" schema:
NumberOfTransactions: $ref: "#/components/schemas/AEFileNumberOfTransactionsRefundGetResponse"
ControlSum'400':
$refdescription: "#/components/schemas/AEControlSum"
failed operation
RequestedExecutionDate: content:
$ref: "#/components/schemas/AERequestedExecutionDate" application/json:
additionalProperties: false AERequestedExecutionDate: descriptionschema:
| The date when the TPP expects the LFI to execute the payment.$ref: "#/components/schemas/Error"
default:
The date must be in the future and cannot be on the same day or a day in the past.$ref: "#/components/responses/Error"
components:
responses:
Error:
description: Default error Theresponse
maximum date in the future that cancontent:
be specified is 1 year from the day ofapplication/json:
the consent of the User to the TPP. schema:
All dates in the JSON payloads are represented in ISO 8601 date format.$ref: "#/components/schemas/Error"
schemas:
type: "string"PaymentPostRequest:
formatdescription: "date"The properties of a payment request
AEFileNumberOfTransactions: type: "integer"object
descriptionproperties:
| requestUrl:
Number of individual transactions contained in the payment information group.type: string
AEControlSum: description: |
Total of allThe individual(Ozone) amountsURL includedat inwhich the group, irrespective of currencies.TPP requested for the payment
type: "string" paymentType:
pattern: "^\\d{1,16}\\.\\d{2}$" example$ref: "100.00#/components/schemas/PaymentType"
AEReference: request:
description: | $ref: "#/components/schemas/AEPaymentAndFilePaymentRequest"
A reason or reference in relation to arequestHeaders:
payment. Reason or reference for the beneficiary regarding the Payment$ref: "#/components/schemas/PaymentRequestHeaders"
tpp:
type: "string" minLength$ref: 1"#/components/schemas/tpp"
maxLength: 120 supplementaryInformation:
AEFileType: type$ref: "string#/components/schemas/SupplementaryInformation"
description required:
"Specifies the payment file type" - paymentType
minLength: 1 - maxLength:request
40 AEFileHash: - requestHeaders
type: "string" - tpp
description:
"A base64 encoding of a SHA256 hashadditionalProperties: false
of
the file to be uploaded."AEPaymentAndFilePaymentRequest:
minLengthdescription: 1The payment request body as received from the maxLength:TPP
44 AEStructuredCreditorReferenceoneOf:
description - $ref: |"#/components/schemas/AEPaymentRequest"
A- reason or reference in relation to a payment, set to facilitate a structured Creditor reference consisting of:$ref: "#/components/schemas/AEFilePaymentRequest"
AEPaymentRequest:
description: |
Payment Request *Schema
TPP ID and BIC for the Debtor Account, followed by freeform text to a maximum of 120 characters.type: "object"
additionalProperties: false
required:
The TPP ID value will- match"Data"
the organization ID value from the Trustproperties:
Framework, and therefore will be a v4 UUID. Data:
A BIC isdescription: specificPrimary accordingdata tofor the standardrequest
format for ISO 20022, and can therefore be either 8 or 11 characters in length. type: "object"
additionalProperties: false
required:
- "ConsentId"
If the- value"Instruction"
of the concatenated string exceeds 120 characters, the TPP must first omit or- truncate"PaymentPurposeCode"
the freeform element of the reference. type:- "stringOpenFinanceBilling"
minLength properties:
1 maxLengthConsentId:
120 pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"$ref: "#/components/schemas/AEConsentId"
Instruction:
AEPaymentInstruction: type: "object"
additionalProperties: false
required:
- "Amount"
- "PaymentSequenceNumber"
description: "The Initiation payload is sent by the initiating party to the LFI. It is used to request movement of funds from the debtor account to a creditor for a single payment."
properties: properties:
Amount: $ref: "#/components/schemas/AEActiveCurrencyAmount"
Amount:
PaymentSequenceNumber: $refdescription: "#/components/schemas/AEPaymentSequenceNumber"
AEPaymentSequenceNumber:
The Currency and Amount relating to the Payment
type: "string" description: | type: "object"
This indicates the underlying sequence of the recurring payment that is being instructed. required:
For example: * 1 can represent the- first"Amount"
payment instruction * 12 can represent the twelfth payment instruction - "Currency"
minLength: 1 maxLength: 10 patternproperties:
"^[1-9]\\d*$" PaymentType: type: string descriptionAmount:
| The type of the payment that is being created. $ref: "#/components/schemas/AEActiveOrHistoricAmount"
Each LFI's instance may support a different set of payment types Currency:
depending on the standards supported. For example, $ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
- cbuae-payment (Single Instant Payment, Multi Payment - FixedCurrencyRequest:
and Variable Recurring Payment, Future Dated Payment etc) description: The details of the non-local cbuae-file-paymentcurrency or FX request that has PaymentRequestHeaders:been agreed
type: object description: | between the User and the TPP. The entirerequested setChargeBearer ofand HTTP
request headers that was received by Ozone from the TPP additionalProperties:ExchangeRateInformation trueare included in this object may tpp:be overwritten
type: object description: | by the LFI in the returned TheConsent TPPobject.
record as held by Ozone. If Ozone TPP Connect has been integrated into a directory, the `directoryRecord` provides the TPP's directory record as held by Ozone in base 64 encoded format.type: "object"
additionalProperties: false
required:
- clientId - "ExtendedPurpose"
- orgId - softwareStatementId - "CurrencyOfTransfer"
- tppName properties: properties:
clientId: typeInstructionPriority:
string description: The clientId for the TPP as issueddescription: by"Indicator Ozoneof the urgency or order of importance that the instructing orgId:party would like the instructed party to apply to the processing type:of stringthe instruction."
description: The organization id for the TPP type: "string"
softwareStatementId: type: string enum:
description: The organization id for the TPP - tppName:"Normal"
type: string - "Urgent"
description: The name of the TPP directoryRecordExtendedPurpose:
type: string description: "Specifies the purpose description:of Thean latestinternational copypayment, ofwhen thethere TPPis directoryno recordcorresponding if4 thecharacter TPPcode hasavailable registeredin withthe aISO20022 directorylist of Purpose Codes."
additionalProperties: false SupplementaryInformation: type: object"string"
description: | The `SupplementaryInformation`minLength: object1
may have arbitrary custom fields that a Financial Institution may use additionalPropertiesmaxLength: true140
AEPaymentIdResponse: description: | ChargeBearer:
The payment response to be passed on to the TPP. $ref: "#/components/schemas/AEChargeBearerType1Code"
The structure of this response is aligned to the structure of the responseCurrencyOfTransfer:
for the CBUAE payment initiation API. type: "object" description: "Specifies additionalProperties:the falsecurrency of the to be transferred amount, required:which is different from the currency of the - "datadebtor's account."
properties: data: type: "string"
type: "object" descriptionpattern: "Required fields are common for all the payments including file payment. Apart from that, paymentTransactionId is required for all payments except file payments"^[A-Z]{3,3}$"
DestinationCountryCode:
additionalProperties: false description: "Country in which Credit Account is domiciled. Code required:to identify a country, a dependency, or another area of particular geopolitical interest, -on "id"the basis of country names obtained from the United Nations (ISO 3166, Alpha-2 code)."status"
- "statusUpdateDateTime" type: "string"
- "creationDateTime" pattern: - "paymentPurposeCode""[A-Z]{2,2}"
properties: ExchangeRateInformation:
id: type: "object"
description: An API specific unique identification as assigned by the LFI to identify the domestic Payment resource. additionalProperties: false
type: string required:
consentId: - "UnitCurrency"
description: Unique identification assigned by the TPP to identify the consent resource. - "RateType"
type: string paymentTransactionIddescription: "Provides details on the currency exchange rate and contract."
description: | properties:
This is an end-to-end identifier that is generated by the underlying payment rails when it is sentUnitCurrency:
from an Originating LFI to a Receiving LFI. description: "Currency Forin IPPwhich transactions,the thisrate isof theexchange IPPis generatedexpressed identifier.in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
This property is not the same as the `transactionId` in the Bank Data Sharing Transactions API.type: "string"
pattern: "^[A-Z]{3,3}$"
The `paymentTransactionId` must be populated if the payment is processed by the LFI, and updated at theExchangeRate:
Consent Manager Payment Log API using the `patch` operation. typedescription: string"The factor used for conversion of an amount from one currency to another. status:This reflects the price at which one currency was bought with another currency."
description: | Specifies the status of the payment information grouptype: "number"
* PendingRateType:
Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed. description: "Specifies the type used to complete the currency exchange."
* Rejected: The payment initiation has been rejected type: "string"
* AcceptedSettlementCompleted: Settlement of the Debtor's account has been completed enum:
* AcceptedCreditSettlementCompleted: When the Creditor account has been credited with the funds of the payment initiated via the- TPP"Actual"
* AcceptedWithoutPosting: When the Recipient Bank has accepted- the"Agreed"
payment but has not applied the credit to the Creditor account yet. - "Indicative"
type: string enum: ContractIdentification:
- "Pending" description: "Unique and unambiguous reference to the foreign -exchange "AcceptedSettlementCompleted"contract agreed between the initiating party/creditor and the debtor agent."
- "AcceptedCreditSettlementCompleted" type: "string"
- "AcceptedWithoutPosting" minLength: 1
- "Rejected" - "Received"maxLength: 256
statusUpdateDateTimePersonalIdentifiableInformation:
description: DatePersonal andIdentifiable timeInformation, atrepresented whichin theboth resourceencoded statusand wasdecoded updated.form
type: string using a `oneOf`, to help implementers readily understand both the structure and
format: date-time creationDateTime: serialized form of the property.
description: Date and time at which the message was created.**Implementations MUST reflect the AEJWEPaymentPII Schema Object**
type: string **structure and the notes provided on implementing a format: date-time
JWS and JWE**
charges: **The decoded form AEPaymentPII is for guidance on content only**
$ref: "#/components/schemas/AECharges" exchangeRateoneOf:
- $ref: "#/components/schemas/AEExchangeRateInformationAEJWEPaymentPII"
currencyRequest: - $ref: "$ref: "#/components/schemas/AECurrencyRequestAEPaymentPII"
instructionPaymentPurposeCode:
$ref: "#/components/schemas/AEPaymentInstructionAEPaymentPurposeCode"
paymentPurposeCodeDebtorReference:
$ref: "#/components/schemas/AEPaymentPurposeCodeAEStructuredDebtorReference"
debtorReferenceCreditorReference:
$ref: "#/components/schemas/AEStructuredDebtorReferenceAEStructuredCreditorReference"
meta OpenFinanceBilling:
$ref: "#/components/schemas/MetaAEServiceInitiationOpenFinancePaymentBilling"
AEChargesAEServiceInitiationOpenFinancePaymentBilling:
descriptiontype: Listobject
of charges associated with therequired:
payment request type: "array"- Type
itemsproperties:
typeType:
"object" additionalPropertiesenum:
false description: | - Collection
Set of elements used to provide- detailsLargeValueCollection
of a charge for the payment initiation. - PushP2P
* For Payments, these Charges are on the Debtor. - PullP2P
required: - Me2Me
- "chargeBearer" description: The type payment for -billing
"type" type: -string
"amount" propertiesMerchantId:
chargeBearerdescription: "MerchantId"
$reftype: "#/components/schemas/AEChargeBearerType1Codestring"
typeminLength: 8
$ref: "#/components/schemas/AEExternalPaymentChargeTypeCode"maxLength: 20
description: Billing parameters specified by the TPP amount:for a payment initiation
additionalProperties: false
$ref: "#/components/schemas/AEActiveCurrencyAmount" AEServiceInitiationOpenFinancePaymentBillingGet:
AEChargeBearerType1Code: type: object
description: "Specifies which party/parties will bearrequired:
the charges associated with the processing of the payment- transaction."Type
typeproperties:
"string" enumNumberOfSuccessfulTransactions:
- type: "BorneByCreditorinteger"
- "BorneByDebtor" description: |
- "FollowingServiceLevel" Number of individual transactions successfully executed -by "Shared"the LFI.
AEExternalPaymentChargeTypeCode: description: "ChargeThis type,is inreturned aby codedthe form."LFI after the file is fully processed.
type: "string" enumType:
- "VAT" enum:
- "Fees" - Collection
AEActiveCurrencyAmount: description: | - LargeValueCollection
The Currency and Amount relating to the Payment, Refund - orPushP2P
Request to Pay type: "object" - PullP2P
required: - "amount"Me2Me
- "currency"description: The type payment for billing
properties: amounttype: string
MerchantId:
$ref: "#/components/schemas/AEActiveOrHistoricAmount" currencydescription: "MerchantId"
$ref type: "#/components/schemas/AEActiveOrHistoricCurrencyCodestring"
AEActiveOrHistoricAmount: descriptionminLength: "A8
number of monetary units specified in an active currency where themaxLength: unit20
of currency is explicit and compliant withdescription: ISOBilling 4217."parameters specified by the TPP for a type: "string"payment initiation
patternadditionalProperties: "^\\d{1,16}\\.\\d{2}$"false
exampleAEJWEPaymentPII:
"100.00" AEActiveOrHistoricCurrencyCodetype: string
description: "A|2-
3 character alphabetic code allocated to a currency under an international currency identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'."
type: "string"
pattern: "^[A-Z]{3,3}$"
example: "AED" A JSON Web Encryption (JWE) object, which encapsulates a JWS. The value is a compact serialization
of a JWE, which is a string consisting of five base64url-encoded parts joined by dots. It encapsulates encrypted content using JSON data structures.
AEExchangeRateInformation: type: "object"
additionalProperties: false
The decrypted JWS content has the structure of the AEPaymentPII schema.
requiredAEPaymentPII:
type: - "unitCurrencyobject"
additionalProperties: false
- "exchangeRate" description: "Elements of Personal Identifiable -Information data"rateType"
descriptionproperties:
"Further detailed information on the exchange rate that hasInitiation:
been used in the payment transaction." type: "object"
properties: unitCurrencyadditionalProperties: false
description: "Currency in whichThe Initiation payload is sent by the rateinitiating ofparty exchangeto isthe expressedLFI. inIt ais currencyused exchange.to Inrequest themovement exampleof 1GBPfunds =from xxxCUR,the thedebtor unitaccount currencyto isa GBPcreditor."
typeproperties:
"string" pattern: "^[A-Z]{3,3}$"CreditorAgent:
exchangeRate: $ref: "#/components/schemas/AECreditorAgent"
description: "The factor used for conversion of an amount fromCreditor:
one currency to another. This reflects the price at which one currency was bought with another currency.type: "object"
type: "number" additionalProperties: false
rateType: description: "SpecifiesParty theto typewhich usedan toamount completeof themoney currencyis exchangedue."
typeproperties: "string"
enumName:
- "Actual" description: |
-Name "Agreed"by which a party is known and which is usually used to identify - "Indicative"that party.
contractIdentification: description: "UniqueThis andmay unambiguousbe referenceused to identify the foreignCreditor exchangefor contractinternational agreedpayments.
between the initiating party/creditor and the debtor agent." type: "string"
minLength: 1 minLength: 1
maxLength: 256 expirationDateTime: maxLength: 140
description: "Specified date and time the exchange rate agreement will expire.All dates in thePostalAddress:
JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00"$ref: "#/components/schemas/AEAddress"
typeCreditorAccount:
"string" format$ref: "date-time#/components/schemas/AECreditorAccount"
AECurrencyRequest ConfirmationOfPayeeResponse:
description: | $ref: The details of the non-local currency or FX request that has been agreed between the User and the TPP.
"#/components/schemas/AEConfirmationOfPayeeResponse"
Risk:
$ref: "#/components/schemas/AERisk"
AECreditorAgent:
The requested ChargeBearer and ExchangeRateInformation aredescription: included|
in this object may be overwritten by the LFIRefers into the returnedFinancial Consent objectInstitution.
type: "object"
additionalPropertiesrequired:
false - required:"SchemeName"
- "currencyOfTransferIdentification"
properties:
instructionPrioritySchemeName:
descriptiontype: "string"Indicator
of the urgency or order of importance that the instructing partydescription: would like the instructed party to apply|
Refers to the processing of Identification scheme for uniquely identifying the instructionAgent."
type: "string" * BICFI: The BIC/SWIFT Code
enum: * Other: The ID; A - "Normal"
- "Urgent"
extendedPurpose:Country Code followed by a Bank Code (4 character code). The full list of LFI names and 6 digits IDs are as follows:
enum:
description: "Specifies the purpose of an international payment, when there is- no"BICFI"
corresponding 4 character code available in the ISO20022 list of Purpose Codes." - "Other"
typeIdentification:
"string" description: minLength:|
1 maxLength:The 140Agent is the Country Code followed by a Bank chargeBearer:Code"
$reftype: "#/components/schemas/AEChargeBearerType1Codestring"
currencyOfTransferName:
description: "SpecifiesName theby currencywhich ofan theagent tois be transferred amount,known and which is differentusually fromused theto currencyidentify of the debtor's accountthat agent."
type: "string"
patternminLength: "^[A-Z]{3,3}$" 1
destinationCountryCodemaxLength: 140
PostalAddress:
description: "Country in which Credit Account is domiciled. Code to identify a country, a dependency, or another area of particular geopolitical interest, on the basis of country names obtained from the United Nations (ISO 3166, Alpha-2 code)."
$ref: "#/components/schemas/AEAddress"
AECreditorAccount:
description: "Unambiguous identification of the account of the creditor to which a credit entry will be posted."
type: "stringobject"
additionalProperties: false
pattern: "[A-Z]{2,2}" required:
exchangeRateInformation: - "SchemeName"
type: - "objectIdentification"
- "Name"
additionalProperties: false properties:
required: SchemeName:
-$ref: "unitCurrency#/components/schemas/AECreditorExternalAccountIdentificationCode"
Identification:
- "rateType" $ref: "#/components/schemas/AEIdentification"
description: "Provides details onName:
the currency exchange rate and contract." $ref: "#/components/schemas/AEName"
properties: TradingName:
unitCurrency: $ref: "#/components/schemas/AETradingName"
AEAddress:
description: "Currency|
in which the rate of exchange is expressed in(Array) aAddress currencyinformation exchange.that Inlocates theand exampleidentifes 1GBPa =specific xxxCURaddress, the unit currency is GBP as defined by a national or international postal service."
type: "array"
typeminItems: "string"1
items:
pattern type: "^[A-Z]{3,3}$""object"
required:
exchangeRate: - "AddressType"
description: "The factor- used"Country"
for conversion of an amount from one currency toproperties:
another. This reflects the price at which one currency was boughtAddressType:
with another currency." type$ref: "number#/components/schemas/AEAddressTypeCode"
rateTypeShortAddress:
description$ref: "Specifies the type used to complete the currency exchange."
"#/components/schemas/AEShortAddress"
UnitNumber:
type$ref: "string#/components/schemas/AEUnitNumber"
FloorNumber:
enum: $ref: "#/components/schemas/AEFloorNumber"
- "Actual" BuildingNumber:
$ref: - "Agreed"#/components/schemas/AEBuildingNumber"
StreetName:
- "Indicative" $ref: "#/components/schemas/AEStreetName"
contractIdentification: SecondaryNumber:
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent." $ref: "#/components/schemas/AESecondaryNumber"
District:
$ref: "#/components/schemas/AEDistrict"
type: "string" PostalCode:
minLength: 1 $ref: "#/components/schemas/AEPostalCode"
POBox:
maxLength: 256 AEPaymentPurposeCode:$ref: "#/components/schemas/AEPOBox"
description: A categoryZipCode:
code that relates to the type of services or goods that corresponds to the underlying purpose of the payment. The code must conform to the published AANI payment purpose code list.$ref: "#/components/schemas/AEZipCode"
City:
type$ref: "string"#/components/schemas/AECity"
minLength: 1 Region:
maxLength: 4 pattern$ref: "^[A-Z]{3}$#/components/schemas/AERegion"
AEStructuredDebtorReference: Country:
description: | A reason or reference in relation to a payment, set to facilitate a structured Debtor reference consisting of$ref: "#/components/schemas/AECountryCode"
additionalProperties: false
AEAddressTypeCode:
description: "Specifies the *nature Forof paymentsthe toAddress."
Merchants: TPP ID, Merchant ID, BIC for the Creditor Account, followed by freeform text to a maximum of 120 characters.type: "string"
enum:
- "Business"
* For other payments: TPP- ID"Correspondence"
and BIC for the Creditor Account, followed by freeform- text"Residential"
to a maximum of 120 characters. example: "Residential"
AEShortAddress:
The TPP ID value willdescription: match"A theshort organizationaddress IDconsists valueof fromfour theletters: Trustregion Frameworkcode, andbranch therefore will be a v4 UUID.code, division code, unique code and a four-digit number for the building."
type: "string"
The Merchant ID wil be asminLength: per1
the existing IPP rules for the MerchantmaxLength: identification,8
and will incorporate the Trade License number for the Merchant.example: "ABCD1234"
AEUnitNumber:
Adescription: BIC"Identifies isthe specificunit accordingor toapartment thenumber."
standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.type: "string"
minLength: 1
maxLength: 10
If the value of the concatenated string exceeds 120 characters, the TPP must omit or truncate the freeform element of the reference.example: "6"
AEFloorNumber:
description: "Identifies the building floor number."
oneOftype: "string"
minLength: -1
description: Merchant-initiated payment, containing Merchant identifier
maxLength: 10
example: "2"
AEBuildingNumber:
description: "Identifies the building number."
type: "string"
minLength: 1
maxLength: 10
example: "34"
AEStreetName:
description: "Identifies the street name or road."
type: "string"
minLength: 1
maxLength: 70
maxLength example: 120 "Omar Bin Hassan Street"
AEDistrict:
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},Merchant=[A-Z0-9]{3}-[A-Z]{4}-TL.+-[0-9]{4},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
- description: Non-merchant payment, containing TPP ID, BIC, and free form text
description: "Identifies the district of a city."
type: "string"
minLength: 1
maxLength: 35
example: "Olaya Dist."
AECountryCode:
description: "Indicates the country code in which the address is located (References ISO 3166-1 alpha-2)."
type: "string"
pattern: "^[A-Z]{2,2}$"
example: "SA"
AEPostalCode:
description: " Identifies the postal code; a unique code assigned to a specific geographic area for efficient mail sorting and delivery purposes."
type: "string"
minLength: 1
maxLength: 10
example: "12345"
AEPOBox:
description: " Identifies the POBox."
type: "string"
minLength: 1
maxLength: 10
example: "11562"
AEZipCode:
description: "Identifies the ZIP code; a unique code assigned to a specific geographic area for efficient mail sorting and delivery purposes."
type: "string"
minLength: 1
maxLength: 10
example: "12366"
AESecondaryNumber:
description: "4 numbers representing the accurate location coordinates of the address"
type: "string"
minLength: 4
maxLength: 4
example: "1233"
AECity:
description: "Identifies the name of the city or town where the address is situated."
type: "string"
minLength: 1
maxLength: 35
example: "Riyadh"
AERegion:
description: "Identifies the region."
type: "string"
minLength: 1
maxLength: 35
example: "North"
AEDebtorIndicators:
type: "object"
description: |
Debtor (User) Indicators
properties:
Authentication:
type: "object"
description: "The authentication method used by the User to access their account with the TPP"
properties:
AuthenticationChannel:
description: Channel on which the User was authenticated
type: string
enum:
- App
- Web
PossessionFactor:
type: "object"
description: "The User's possession, that only the User possesses"
properties:
IsUsed:
type: "boolean"
Type:
type: "string"
enum:
- FIDO2SecurityKey
- Passkey
- OTPDevice
- OTPApp
- SMSOTP
- EmailOTP
- PushNotification
- WebauthnToken
- SecureEnclaveKey
- HardwareOTPKey
- TrustedDevice
- Other
KnowledgeFactor:
type: "object"
description: "The User's knowledge, that only the User knows"
properties:
IsUsed:
type: "boolean"
Type:
type: "string"
enum:
- PIN
- Password
- SecurityQuestion
- SMSOTP
- EmailOTP
- OTPPush
- Other
InherenceFactor:
type: "object"
description: "The User's inherance, that is unique to the User's physical characteristics"
properties:
IsUsed:
type: "boolean"
Type:
type: "string"
enum:
- Biometric
- Fingerprint
- FaceRecognition
- IrisScan
- VoiceRecognition
- FIDOBiometric
- DeviceBiometrics
- Other
ChallengeOutcome:
type: "string"
description: "The result of multi-factor authentication performed by the TPP, with NotPerformed indication the User was not required to authenticate before consenting to the requested payment"
enum:
- Pass
- Fail
- NotPerformed
AuthenticationFlow:
type: "string"
enum:
- MFA
- Other
AuthenticationValue:
type: "string"
description: "Cryptographic proof of authentication where supported by the device and protocol."
ChallengeDateTime:
type: "string"
format: "date-time"
UserName:
type: "object"
description: "The Name of the User initiating the Payment"
properties:
en:
type: "string"
description: "English value of the string"
ar:
type: "string"
description: "Arabic value of the string"
GeoLocation:
type: "object"
description: "GPS to identify and track the whereabouts of the connected electronic device."
required:
- Latitude
- Longitude
properties:
Latitude:
type: "string"
description: "latitude"
Longitude:
type: "string"
description: "longitude"
DeviceInformation:
type: "object"
description: "Detailed device information"
properties:
DeviceId:
type: "string"
description: "IMEISV number of the connected electronic device"
AlternativeDeviceId:
type: "string"
description: "Alternative identifier for the connected electronic device"
DeviceOperatingSystem:
type: "string"
description: "Device operating system"
DeviceOperatingSystemVersion:
type: "string"
description: "Device operating system version"
DeviceBindingId:
type: "string"
description: "An identifier that associates a device uniquely with a specific application"
LastBindingDateTime:
type: "string"
format: "date-time"
description: "Date and time when the device was last bound to the application"
BindingDuration:
type: "string"
format: "duration"
description: "ISO 8601 duration since device was last bound (e.g., P30D for 30 days)"
BindingStatus:
type: "string"
description: "Current status of the device binding"
enum:
- Active
- Expired
- Revoked
- Suspended
DeviceType:
type: "string"
description: "Type of device used"
enum:
- Mobile
- Desktop
- Tablet
- Wearable
- Other
DeviceManufacturer:
type: "object"
properties:
Model:
type: "string"
description: "Device model name"
maxLength: 50
Manufacturer:
type: "string"
description: "Device manufacturer"
maxLength: 50
DeviceLanguage:
type: "string"
description: "Device language"
DeviceLocalDateTime:
type: "string"
description: "Device local time"
ConnectionType:
type: "string"
description: "Type of connection to the internet"
enum:
- WiFi
- Cellular
- Other
ScreenInformation:
type: "object"
properties:
PixelDensity:
type: "number"
description: "Screen pixel density"
Orientation:
type: "string"
enum:
- Portrait
- Landscape
BatteryStatus:
type: "object"
properties:
Level:
type: "number"
minimum: 0
maximum: 100
IsCharging:
type: "boolean"
TouchSupport:
type: "object"
properties:
Supported:
type: "boolean"
MaxTouchPoints:
type: "integer"
minimum: 0
MotionSensors:
type: "object"
properties:
Status:
type: "string"
enum:
- InMotion
- Stationary
Accelerometer:
type: "boolean"
Gyroscope:
type: "boolean"
DeviceEnvironmentContext:
type: "array"
description: "List of device environment context"
items:
type: "string"
enum:
- VPNDetected
- EmulatorDetected
BiometricCapabilities:
type: "object"
description: "Device biometric capabilities"
properties:
SupportsBiometric:
type: "boolean"
description: "Whether device supports biometric authentication"
BiometricTypes:
type: "array"
description: "Types of biometric authentication supported"
items:
type: "string"
enum:
- Fingerprint
- FacialRecognition
- Iris
- VoicePrint
- Other
AppInformation:
type: "object"
description: "Mobile application specific information"
properties:
AppVersion:
type: "string"
description: "Version of the mobile application"
PackageName:
type: "string"
description: "Application package identifier"
BuildNumber:
type: "string"
description: "Application build number"
BrowserInformation:
type: "object"
description: "Browser-specific information"
properties:
UserAgent:
type: "string"
description: "Complete browser user agent string"
IsCookiesEnabled:
type: "boolean"
description: "Whether cookies are enabled in the browser"
AvailableFonts:
type: "array"
description: "List of available fonts"
items:
type: "string"
Plugins:
type: "array"
description: "List of installed browser plugins"
items:
type: "string"
PixelRatio:
type: "number"
description: "Device pixel ratio for scaling"
UserBehavior:
type: "object"
description: "User behavior indicators"
properties:
ScrollBehavior:
type: "object"
properties:
Direction:
type: "string"
enum:
- Up
- Down
- Both
Speed:
type: "number"
description: "Average scroll speed in pixels per second"
Frequency:
type: "number"
description: "Number of scroll events per minute"
AccountRiskIndicators:
type: "object"
description: "Risk indicators related to the account"
properties:
UserOnboardingDateTime:
type: "string"
format: "date-time"
description: "The exact date and time when the User account was activated with the TPP."
LastAccountChangeDate:
type: "string"
format: "date"
description: "Date that the User's account was last changed"
LastPasswordChangeDate:
type: "string"
format: "date"
description: "Date of the last password change by the User"
SuspiciousActivity:
type: "string"
description: "Indicates any suspicious activity associated with the account"
enum:
- NoSuspiciousActivity
- SuspiciousActivityDetected
TransactionHistory:
type: "object"
properties:
LastDay:
type: "integer"
description: "Total transactions made by the account in the last 24 hours"
minimum: 0
LastYear:
type: "integer"
description: "Total transactions made by the account in the past year"
minimum: 0
SupplementaryData:
type: "object"
description: |
Additional information that cannot be captured in the structured fields and/or any other specific block
This may include information that is not available in the structured fields, such as a user's behavioural data
like their typing speed and typing patterns.
properties: {}
AETransactionIndicators:
type: "object"
description: |
Transaction Indicators
properties:
IsCustomerPresent:
description: "This field differentiates between automatic and manual payment initiation."
type: boolean
IsContractPresent:
description: "Indicates if the Creditor has a contractual relationship with the TPP."
type: boolean
Channel:
description: "Where the payment has been initiated from."
type: "string"
enum:
- Web
- Mobile
ChannelType:
type: "string"
description: "The channel through which the transaction is being conducted"
enum:
- ECommerce
- InStore
- InApp
- Telephone
- Mail
- RecurringPayment
- Other
SubChannelType:
type: "string"
description: "More specific classification of the transaction channel"
enum:
- WebBrowser
- MobileApp
- SmartTV
- WearableDevice
- POSTerminal
- ATM
- KioskTerminal
- Other
PaymentProcess:
type: "object"
description: "Metrics related to the payment process duration and attempts"
properties:
TotalDuration:
type: "integer"
description: "Total time in seconds from payment initiation to completion"
minimum: 0
CurrentSessionAttempts:
type: "integer"
description: "Number of payment attempts in the current session"
minimum: 1
CurrentSessionFailedAttempts:
type: "integer"
description: "Number of failed payment attempts in the current session"
minimum: 0
Last24HourAttempts:
type: "integer"
description: "Number of payment attempts in the last 24 hours"
minimum: 0
Last24HourFailedAttempts:
type: "integer"
description: "Number of failed payment attempts in the last 24 hours"
minimum: 0
MerchantRisk:
type: "object"
description: "Risk indicator details provided by the merchant"
properties:
DeliveryTimeframe:
type: "string"
description: "Timeframe for the delivery of purchased items"
enum:
- ElectronicDelivery
- SameDayShipping
- OvernightShipping
- MoreThan1DayShipping
ReorderItemsIndicator:
type: "string"
description: "Indicates if the transaction is a reorder"
enum:
- FirstTimeOrder
- Reorder
PreOrderPurchaseIndicator:
type: "string"
description: "Indicates if this is a pre-ordered item"
enum:
- MerchandiseAvailable
- FutureAvailability
IsGiftCardPurchase:
type: "boolean"
description: "Indicates if the transaction includes a gift card"
IsDeliveryAddressMatchesBilling:
type: "boolean"
description: "Indicates if delivery address matches billing address"
AddressMatchLevel:
type: "string"
description: "Level of match between delivery and billing addresses"
enum:
- FullMatch
- PartialMatch
- NoMatch
- NotApplicable
SupplementaryData:
type: "object"
description: |
Additional information that cannot be captured in the structured fields and/or any other specific block
properties: {}
AECreditorIndicators:
type: "object"
description: |
Creditor Indicators
properties:
AccountType:
$ref: "#/components/schemas/AEAccountTypeCode"
IsCreditorPrePopulated:
$ref: "#/components/schemas/AEIsCreditorPrePopulated"
TradingName:
$ref: "#/components/schemas/AETradingName"
IsVerifiedByTPP:
$ref: "#/components/schemas/AEIsVerifiedbyTPP"
AdditionalAccountHolderIdentifiers:
$ref: "#/components/schemas/AEAdditionalAccountHolderIdentifiers"
MerchantDetails:
type: "object"
description: |
Details of the Merchant involved in the transaction.
Merchant Details are specified only for those merchant categories that are generally expected to originate retail financial transactions
properties:
MerchantId:
description: "MerchantId"
type: "string"
minLength: 8
maxLength: 20
MerchantName:
description: "Name by which the merchant is known."
type: "string"
minLength: 1
maxLength: 350
MerchantSICCode:
description: |
SIC code stands for standard industrial classification (SIC) code.
This four digit-number identifies a very specific short descriptor of the type of business a company is engaged in.
SIC can be obtained from the Chamber of Commerce.
type: "string"
minLength: 3
maxLength: 4
MerchantCategoryCode:
description: >
Category code values are used to enable the classification of
merchants into specific categories based on the type of business,
trade or services supplied.
Category code conforms to ISO 18245, related to the type of services
or goods the merchant provides for the transaction."
type: string
minLength: 3
maxLength: 4
additionalProperties: false
IsCreditorConfirmed:
description: Creditor account details have been confirmed successfully using Confirmation of Payee
type: boolean
ConfirmationOfPayeeResponse:
$ref: "#/components/schemas/AEConfirmationOfPayeeResponse"
SupplementaryData:
type: "object"
description: |
Additional information that cannot be captured in the structured fields and/or any other specific block
properties: {}
AEAccountTypeCode:
type: string
enum:
- Retail
- SME
- Corporate
description: Specifies the type of account (Retail, SME or Corporate).
AEIsCreditorPrePopulated:
description: "Is Creditor populated"
type: "boolean"
AEIsVerifiedbyTPP:
description: "The TPP has onboarded the Creditor"
type: "boolean"
AEAdditionalAccountHolderIdentifiers:
type: "array"
items:
type: "object"
description: "Provides the details to identify an account."
required:
- "SchemeName"
- "Identification"
properties:
SchemeName:
$ref: "#/components/schemas/AERiskExternalAccountIdentificationCode"
Identification:
$ref: "#/components/schemas/AEIdentification"
Name:
$ref: "#/components/schemas/AEName"
additionalProperties: false
AERiskExternalAccountIdentificationCode:
description: "Name of the identification scheme, in a coded form as published in an external list."
type: "string"
enum:
- "EmiratesID"
- "TradeLicenceNumber"
AEConfirmationOfPayeeResponse:
description: The JSON Web Signature returned by the Payee Confirmation operation at the Confirmation of Payee API. The value must be the full JWS string, including the header and signature, without decoding to an object. If Confirmation of Payee is not performed this property can be omitted
type: string
pattern: '^.+\..+\..+$'
AECreditorExternalAccountIdentificationCode:
description: "Name of the identification scheme, in a coded form as published in an external list."
type: "string"
enum:
- "IBAN"
- "AccountNumber"
AEIdentification:
description: |
Identification for the account assigned by the LFI based on the Account Scheme Name.
This identification is known by the User account owner.
type: "string"
minLength: 1
AETradingName:
type: "object"
description: |
The Trading Brand Name (if applicable) for the Creditor.
Applicable to Payments.
properties:
en:
type: "string"
description: "English value of the string"
maxLength: 70
ar:
type: "string"
description: "Arabic value of the string"
maxLength: 70
additionalProperties: false
AERisk:
additionalProperties: false
description: |
The Risk section is sent by the TPP to the LFI. It is used to specify additional details for risk/fraud scoring regarding Payments.
type: "object"
properties:
DebtorIndicators:
$ref: "#/components/schemas/AEDebtorIndicators"
DestinationDeliveryAddress:
type: "object"
description: |
Destination Delivery Address
properties:
RecipientType:
type: "string"
description: "The recipient of the goods whether an individual or a corporation."
enum:
- "Individual"
- "Corporate"
RecipientName:
type: "object"
description: "The name of the recipient of the goods, whether an individual or a corporation."
properties:
en:
type: "string"
description: "English value of the string"
ar:
type: "string"
description: "Arabic value of the string"
NationalAddress:
$ref: "#/components/schemas/AEAddress"
TransactionIndicators:
$ref: "#/components/schemas/AETransactionIndicators"
CreditorIndicators:
$ref: "#/components/schemas/AECreditorIndicators"
AEConsentId:
type: string
minLength: 1
maxLength: 128
description: >-
Unique identification assigned by the TPP to identify the consent
resource.
AEFilePaymentRequest:
description: |
File Payment Request Schema
type: "object"
additionalProperties: false
required:
- "Data"
properties:
Data:
description: Primary data for the request
type: "object"
additionalProperties: false
required:
- "ConsentId"
- "PaymentPurposeCode"
properties:
ConsentId:
$ref: "#/components/schemas/AEConsentId"
Instruction:
$ref: "#/components/schemas/AEFilePaymentConsent"
PaymentPurposeCode:
$ref: "#/components/schemas/AEPaymentPurposeCode"
DebtorReference:
$ref: "#/components/schemas/AEStructuredDebtorReference"
AEFilePaymentConsent:
type: "object"
description: |
A file based payment consent.
A Consent definition for defining Multi Payments
required:
- "FileType"
- "FileHash"
- "NumberOfTransactions"
- "ControlSum"
properties:
FileType:
$ref: "#/components/schemas/AEFileType"
FileHash:
$ref: "#/components/schemas/AEFileHash"
FileReference:
$ref: "#/components/schemas/AEReference"
NumberOfTransactions:
$ref: "#/components/schemas/AEFileNumberOfTransactions"
ControlSum:
$ref: "#/components/schemas/AEControlSum"
RequestedExecutionDate:
$ref: "#/components/schemas/AERequestedExecutionDate"
additionalProperties: false
AERequestedExecutionDate:
description: |
The date when the TPP expects the LFI to execute the payment.
The date must be in the future and cannot be on the same day or a day in the past.
The maximum date in the future that can be specified is 1 year from the day of the consent of the User to the TPP.
All dates in the JSON payloads are represented in ISO 8601 date format.
type: "string"
format: "date"
AEFileNumberOfTransactions:
type: "integer"
description: |
Number of individual transactions contained in the payment information group.
AEControlSum:
description: |
Total of all individual amounts included in the group, irrespective of currencies.
type: "string"
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
AEReference:
description: |
A reason or reference in relation to a payment.
Reason or reference for the beneficiary regarding the Payment
type: "string"
minLength: 1
maxLength: 120
AEFileType:
type: "string"
description: "Specifies the payment file type"
minLength: 1
maxLength: 40
AEFileHash:
type: "string"
description: "A base64 encoding of a SHA256 hash of the file to be uploaded."
minLength: 1
maxLength: 44
AEStructuredCreditorReference:
description: |
A reason or reference in relation to a payment, set to facilitate a structured Creditor reference consisting of:
* TPP ID and BIC for the Debtor Account, followed by freeform text to a maximum of 120 characters.
The TPP ID value will match the organization ID value from the Trust Framework, and therefore will be a v4 UUID.
A BIC is specific according to the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.
If the value of the concatenated string exceeds 120 characters, the TPP must first omit or truncate the freeform element of the reference.
type: "string"
minLength: 1
maxLength: 120
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
AEPaymentInstruction:
type: "object"
additionalProperties: false
required:
- "Amount"
description: "The Initiation payload is sent by the initiating party to the LFI. It is used to request movement of funds from the debtor account to a creditor for a single payment."
properties:
Amount:
$ref: "#/components/schemas/AEActiveCurrencyAmount"
PaymentType:
type: string
description: |
The type of the payment that is being created.
Each LFI's instance may support a different set of payment types
depending on the standards supported.
For example,
- cbuae-payment (Single Instant Payment, Multi Payment - Fixed and Variable Recurring Payment, Future Dated Payment etc)
- cbuae-file-payment
PaymentRequestHeaders:
type: object
description: |
The entire set of HTTP request headers that was received by Ozone from the TPP
tpp:
description: The TPP record as held by Ozone. If Ozone TPP Connect has been integrated into a
directory, the `directoryRecord` provides the TPP's directory record as held by Ozone in
base 64 encoded format.
type: object
required:
- clientId
- orgId
- softwareStatementId
- tppId
- tppName
- decodedSsa
properties:
clientId:
description: The client identifier for the TPP as issued by the Trust Framework
type: string
pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$'
tppId:
description: The identifier used by the API Hub to uniquely identify the TPP
type: string
tppName:
description: The TPP name recorded in the Trust Framework
type: string
obieTppId:
description: The UK market TPP identifier. This property is not used for CBUAE and is therefore
marked as deprecated.
type: string
deprecated: true
softwareStatementId:
description: The software statement identifier for the Client.
type: string
obieSoftwareStatementId:
description: The UK market software statement identifier. This property is not used for CBUAE
and is therefore marked as deprecated.
type: string
deprecated: true
obieSoftwareStatementName:
description: The UK market software statement name. This property is not used for CBUAE and
is therefore marked as deprecated.
type: string
deprecated: true
directoryRecord:
type: string
description: The latest copy of the TPP directory record retrieve from the CBUAE Trust Framework
directory, encoded as a Base 64 string
format: base64
ssa:
description: The encoded Software Statement Assertion. This property is not used for CBUAE and is
therefore marked as deprecated.
type: string
deprecated: true
decodedSsa:
$ref: "#/components/schemas/softwareStatementProperties"
orgId:
description: The organization identifier for the TPP
type: string
pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$'
softwareStatementProperties:
description: |
The decoded software statement retrieved from the Trust Framework that provides
the properties of the Client.
Please note:
- The JSON payload will contain other properties in addition to those listed
here. The properties listed here are considered most relevant for activities
such as TPP logo retrieval and JWS verification.
- The content reflects elements of discovery metadata, which in generally
defined as a file rather than an API. Providing constraints such as
`minLength` and `maxLength` is impractical in this context
The full software statement record is also available in the Trust Framework.
Please also refer the Registration Framework page in the CBUAE standards for
additional guidance on these properties.
type: object
properties:
redirect_uris:
description: The redirect URIs registered by the TPP at the Trust Framework
type: array
items:
type: string
client_name:
description: Name of the Client to be presented to the End-User.
type: string
client_uri:
description: URL of the home page of the Client.
type: string
logo_uri:
description: URL of the Client logo.
type: string
jwks_uri:
description: URL of the Client JSON Web Key Set (JWKS) at the Trust Framework.
type: string
client_id:
description: Unique Client Identifier.
type: string
roles:
description: The roles under which the organization is registered at the Trust Framework.
type: array
items:
type: string
sector_identifier_uri:
description: URL using the https scheme to be used in calculating Pseudonymous Identifiers
by the OP. Allows redirect URI values to be grouped, easing registration
management.
type: string
application_type:
description: Client application type.
type: string
organisation_id:
description: Organization identifier for organization that owns the Client.
type: string
SupplementaryInformation:
type: object
description: |
The `SupplementaryInformation` object may have arbitrary custom fields that a Financial Institution may use
AEPaymentIdResponse:
description: |
The payment response to be passed on to the TPP.
The structure of this response is aligned to the structure of the response for the CBUAE payment initiation API.
type: "object"
additionalProperties: false
required:
- "data"
properties:
data:
type: "object"
description: "Required fields are common for all the payments including file payment. Apart from that, paymentTransactionId is required for all payments except file payments"
additionalProperties: false
required:
- "id"
- "status"
- "statusUpdateDateTime"
- "creationDateTime"
- "paymentPurposeCode"
properties:
id:
description: An API specific unique identification as assigned by the LFI to identify the domestic Payment resource.
type: string
consentId:
description: Unique identification assigned by the TPP to identify the consent resource.
type: string
paymentTransactionId:
description: |
This is an end-to-end identifier that is generated by the underlying payment rails when it is sent from an Originating LFI to a Receiving LFI.
For IPP transactions, this is the IPP generated identifier.
This property is not the same as the `transactionId` in the Bank Data Sharing Transactions API.
The `paymentTransactionId` must be populated if the payment is processed by the LFI, and updated at the Consent Manager Payment Log API using the `patch` operation.
type: string
status:
description: |
Specifies the status of the payment information group
* Pending: Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed.
* Rejected: The payment initiation has been rejected
* AcceptedSettlementCompleted: Settlement of the Debtor's account has been completed
* AcceptedCreditSettlementCompleted: When the Creditor account has been credited with the funds of the payment initiated via the TPP
* AcceptedWithoutPosting: When the Recipient Bank has accepted the payment but has not applied the credit to the Creditor account yet.
type: string
enum:
- "Pending"
- "AcceptedSettlementCompleted"
- "AcceptedCreditSettlementCompleted"
- "AcceptedWithoutPosting"
- "Rejected"
- "Received"
statusUpdateDateTime:
description: Date and time at which the resource status was updated.
type: string
format: date-time
creationDateTime:
description: Date and time at which the message was created.
type: string
format: date-time
charges:
$ref: "#/components/schemas/AECharges"
exchangeRate:
$ref: "#/components/schemas/AEExchangeRateInformation"
currencyRequest:
$ref: "#/components/schemas/AECurrencyRequest"
instruction:
$ref: "#/components/schemas/AEPaymentInstruction"
paymentPurposeCode:
$ref: "#/components/schemas/AEPaymentPurposeCode"
debtorReference:
$ref: "#/components/schemas/AEStructuredDebtorReference"
openFinanceBilling:
$ref: "#/components/schemas/AEServiceInitiationOpenFinancePaymentBillingGet"
meta:
$ref: "#/components/schemas/Meta"
AECharges:
description: List of charges associated with the payment request
type: "array"
items:
type: "object"
additionalProperties: false
description: |
Set of elements used to provide details of a charge for the payment initiation.
* For Payments, these Charges are on the Debtor.
required:
- "chargeBearer"
- "type"
- "amount"
properties:
chargeBearer:
$ref: "#/components/schemas/AEChargeBearerType1Code"
type:
$ref: "#/components/schemas/AEExternalPaymentChargeTypeCode"
amount:
$ref: "#/components/schemas/AEActiveCurrencyAmount"
AEChargeBearerType1Code:
description: "Specifies which party/parties will bear the charges associated with the processing of the payment transaction."
type: "string"
enum:
- "BorneByCreditor"
- "BorneByDebtor"
- "Shared"
AEExternalPaymentChargeTypeCode:
description: "Charge type, in a coded form."
type: "string"
enum:
- "VAT"
- "Fees"
AEActiveCurrencyAmount:
description: The Currency and Amount relating to the Payment
type: "object"
required:
- "amount"
- "currency"
properties:
amount:
$ref: "#/components/schemas/AEActiveOrHistoricAmount"
currency:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
AEActiveOrHistoricAmount:
description: "A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."
type: "string"
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
AEActiveOrHistoricCurrencyCode:
description: "A 3 character alphabetic code allocated to a currency under an international currency identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'."
type: "string"
pattern: "^[A-Z]{3,3}$"
example: "AED"
AEExchangeRateInformation:
type: "object"
additionalProperties: false
required:
- "unitCurrency"
- "exchangeRate"
- "rateType"
description: "Further detailed information on the exchange rate that has been used in the payment transaction."
properties:
unitCurrency:
description: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
type: "string"
pattern: "^[A-Z]{3,3}$"
exchangeRate:
description: "The factor used for conversion of an amount from one currency to another. This reflects the price at which one currency was bought with another currency."
type: "number"
rateType:
description: "Specifies the type used to complete the currency exchange."
type: "string"
enum:
- "Actual"
- "Agreed"
- "Indicative"
contractIdentification:
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent."
type: "string"
minLength: 1
maxLength: 256
expirationDateTime:
description: "Specified date and time the exchange rate agreement will expire.All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00"
type: "string"
format: "date-time"
AECurrencyRequest:
description: |
The details of the non-local currency or FX request that has been agreed between the User and the TPP.
The requested ChargeBearer and ExchangeRateInformation are included in this object may be overwritten by the LFI in the returned Consent object.
type: "object"
additionalProperties: false
required:
- "currencyOfTransfer"
properties:
instructionPriority:
description: "Indicator of the urgency or order of importance that the instructing party would like the instructed party to apply to the processing of the instruction."
type: "string"
enum:
- "Normal"
- "Urgent"
extendedPurpose:
description: "Specifies the purpose of an international payment, when there is no corresponding 4 character code available in the ISO20022 list of Purpose Codes."
type: "string"
minLength: 1
maxLength: 140
chargeBearer:
$ref: "#/components/schemas/AEChargeBearerType1Code"
currencyOfTransfer:
description: "Specifies the currency of the to be transferred amount, which is different from the currency of the debtor's account."
type: "string"
pattern: "^[A-Z]{3,3}$"
destinationCountryCode:
description: "Country in which Credit Account is domiciled. Code to identify a country, a dependency, or another area of particular geopolitical interest, on the basis of country names obtained from the United Nations (ISO 3166, Alpha-2 code)."
type: "string"
pattern: "[A-Z]{2,2}"
exchangeRateInformation:
type: "object"
additionalProperties: false
required:
- "unitCurrency"
- "rateType"
description: "Provides details on the currency exchange rate and contract."
properties:
unitCurrency:
description: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
type: "string"
pattern: "^[A-Z]{3,3}$"
exchangeRate:
description: "The factor used for conversion of an amount from one currency to another. This reflects the price at which one currency was bought with another currency."
type: "number"
rateType:
description: "Specifies the type used to complete the currency exchange."
type: "string"
enum:
- "Actual"
- "Agreed"
- "Indicative"
contractIdentification:
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent."
type: "string"
minLength: 1
maxLength: 256
AEPaymentPurposeCode:
description: A category code that relates to the type of services or goods that corresponds to the underlying purpose of the payment. The code must conform to the published AANI payment purpose code list.
type: "string"
minLength: 1
maxLength: 4
pattern: "^[A-Z]{3}$"
AEStructuredDebtorReference:
description: |
A reason or reference in relation to a payment, set to facilitate a structured Debtor reference consisting of:
* For payments to Merchants: TPP ID, Merchant ID, BIC for the Creditor Account, followed by freeform text to a maximum of 120 characters.
* For other payments: TPP ID and BIC for the Creditor Account, followed by freeform text to a maximum of 120 characters.
The TPP ID value will match the organization ID value from the Trust Framework, and therefore will be a v4 UUID.
The Merchant ID wil be as per the existing IPP rules for the Merchant identification, and will incorporate the Trade License number for the Merchant.
A BIC is specific according to the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.
If the value of the concatenated string exceeds 120 characters, the TPP must omit or truncate the freeform element of the reference.
type: "string"
minLength: 1
maxLength: 120
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},(Merchant=[A-Z0-9]{3}-[A-Z]{4}-TL.+-[0-9]{4},|)BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
RefundGetResponse:
description: Response to a request to the Debtor details for a given payment, in order to initiate a refund. Requires the consent of the Debtor to be retrieved, enforced at the API Hub.
type: object
properties:
data:
$ref: "#/components/schemas/RefundGetResponseBody"
meta:
$ref: "#/components/schemas/Meta"
RefundGetResponseBody:
description: Primary data for the response
type: object
required:
- refundAccount
properties:
consentId:
description: |
Unique identification assigned by the TPP to identify the consent resource.
type: "string"
minLength: 1
maxLength: 128
refundAccount:
$ref: "#/components/schemas/AEDebtorAccount"
AEDebtorAccount:
description: "Unambiguous identification of the account of the debtor to which a debit entry will be made."
type: "object"
required:
- "schemeName"
- "identification"
- "name"
properties:
schemeName:
description: "Name of the identification scheme, in a coded form as published in an external list."
type: "string"
enum:
- "IBAN"
- "AccountNumber"
identification:
description: |
Identification for the account assigned by the LFI based on the Account Scheme Name.
This identification is known by the User account owner.
type: "string"
minLength: 1
name:
$ref: "#/components/schemas/AEName"
AEName:
type: "object"
description: |
The Account Holder Name is the name or names of the Account owner(s) represented at the account level
properties:
en:
type: "string"
description: "English value of the string"
maxLength: 70
ar:
type: "string"
description: "Arabic value of the string"
maxLength: 70
additionalProperties: false
#
# Common types
#
Meta:
description: Metadata relevant to the resource.
type: object
additionalProperties: false
Error:
description: StandardDefault Ozone Connect error response payload. structure for Ozone Connect
type: object
properties:
errorCode:
type: string
description: Error code identifying the problem occuredthat occurred
errorMessage:
type: string
description: Message describing what problem has occuredoccurred
parameters:
providerId:
name: o3-provider-id
in: header
schema:
type: string
required: true
description: Identifier for the Financial Institution that the request is targetted to
aspspId:
name: o3-aspsp-id
in: header
schema:
type: string
required: true
deprecated: true
description:
Identifier for the financial institution that the request is targetted to.
This header is deprecated and will be removed in a future version of Ozone Connect. Use `o3-provider-id` instead.
callerOrgId:
name: o3-caller-org-id
in: header
schema:
type: string
required: true
description: An identifier for the organization calling the API
callerClientId:
name: o3-caller-client-id
in: header
schema:
type: string
required: true
description: An identifier for the OIDC clientId calling the API
callerSoftwareStatementId:
name: o3-caller-software-statement-id
in: header
schema:
type: string
required: true
description: An identifier for the software statement calling the API
apiUri:
name: o3-api-uri
in: header
schema:
type: string
required: true
description: The parameterised URL of the API being called by the caller
apiOperation:
name: o3-api-operation
in: header
schema:
type: string
required: true
description: The API operation carried out by the caller (e.g. GET, POST, PUT, DELETE, PATCH)
consentId:
name: o3-consent-id
in: header
schema:
type: string
required: true
description: The consentId for which this call is being made
callerInteractionId:
name: o3-caller-interaction-id
in: header
schema:
type: string
required: true
description: The interaction ID passed in by the caller, if any
ozoneInteractionId:
name: o3-ozone-interaction-id
in: header
schema:
type: string
required: true
description: An interaction ID generated by Ozone if the caller did not send in one. If the callerInteractionId is specified, this takes the same value.
psuIdentifier:
name: o3-psu-identifier
in: header
schema:
type: string
required: true
description: A Base64 encoded representation of the psuIdentifier JSON object.
paymentId:
name: paymentId
description: The identifier for a given payment instruction
in: path
required: true
schema:
type: string
securitySchemes:
OzoneConnectApiKey:
description: Communications between the API Hub and the LFI Ozone Connect implementation are secured using an API Key, which is a secret shared between the API Hub and the LFI.
type: apiKey
in: header
name: Authorization
OzoneConnectClientCredentials:
type: oauth2
description: |
Communications between the API Hub and the LFI Ozone Connect implementation are secured using a Client Credentials grant type.
LFIs must host an OAuth 2.0 Authorization Server to utilise this security pattern. Scope values are set during the onboarding process, and represented by a placeholder in this API description.
flows:
clientCredentials:
tokenUrl: "https://example.lfi.ae/token"
scopes:
placeholder: Placeholder for scopes, which are set by the LFI during onboarding
OzoneConnectJwtAuth:
description: |
Communications between the API Hub and the LFI Ozone Connect implementation are secured using the "JWT Auth" mechanism, where the Client presents a signed JSON Web Token as a credential.
The Server MUST verify the signature in order to authenticate the Client.
Please note that the value of the `scheme` parameter is not a registered HTTP Authentication Scheme, to indicate it is specific to Ozone Connect. Please refer to API Hub documentation for further details.
type: http
scheme: Ozone-Connect-JWT-Auth
OzoneConnectServiceInitiationToken:
description: |
Communications between the API Hub and the LFI Ozone Connect implementation are secured using a Service Initiation Token.
The API Hub will set an Access Token based on a value set by the LFI, which has been patched onto the associated consent. The value will be transmitted in the `Authorization` header, which is represented as a `Bearer` in this Security Scheme Object.
type: http
scheme: Bearer |
...