...
| Awesome api app render macro | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
openapi: 3.0.1
servers:
- url: https://<your-ozone-connect-server>
info:
title: Ozone Connect - Service Initiation APIs
description: |
This document provides an API description in [OpenAPI](https://spec.openapis.org/oas/v3.0.1.html)
for Service Initiation APIs for Ozone Connect.
These APIs should be implemented by a Financial Institution so that Ozone can deliver Service Initiation capabilities to TPPs
####### Changes in Release 2024.3746.0
* AddedChanged `default`PersonalIdentifiableInformation responseto tooptional eachin operationAEPaymentRequest
to
aid understanding of error handling* requirements.Changed AERisk object to provide details *of Addedenhanced missingrisk `description`data propertiesencrypted throughas the
document. *payload Removedof `additionalProperties:the true`JWE
as
not required and causes tooling* issuesCorrect casing of properties in `post ####/payments` Changesoperation
in
Version 2024.34.1
* RemovedAdded propagateErrorpayment fieldfile from the Error object.upload operation
* UpdateAdded exchangeRatefile andpayment rateTypeconsent propertiesoperation
* RefactoredChanged Security`tpp` Schemeproperty Objectsin to`post use/payments` commonto definitionsprovide acrossmore allinformation APIabout Hubthe APIs
TPP and the *Client Implementedsoftware thestatement
correct
Security Requirements for this API* description,Removed reflecting`FollowingServiceLevel` securityenum patternsfrom available`CurrencyRequest.ChargeBearer`
in
API Hub * Removed `PaymentSequenceNumber` #### Changes in Version 2024.34from `instruction.PaymentSequenceNumber`
*#### IntroducedChanges newin endpoint Get /payment-consents/{consentId}/refund.Release 2024.43.0
* CosmeticAdded `OpenFinanceBilling` changesobject -to Requestrequest Responseand Changesresponse body of POST contact:Payments and in GET Payments.
name:
Ozone Financial Technology Limited #### Changes in version:Release 2024.37.0
tags: - name:* paymentsAdded `default` response to each description:operation |to aid understanding of error handling requirements.
APIs
that should be implemented by* FinancialAdded Institutionsmissing to`description` exposeproperties Servicethrough Initiation capability to TPPsthe document.
security: - {}* Removed - OzoneConnectApiKey`additionalProperties: []true` as not -required OzoneConnectClientCredentials:and [causes tooling issues
"placeholder" #### Changes in Version ]2024.34.1
- OzoneConnectJwtAuth: [] * paths:Removed propagateError field /payments:from the Error object.
post: * Update exchangeRate tags:and rateType properties
* -Refactored paymentsSecurity Scheme Objects to use common definitions summary:across Makeall aAPI paymentHub APIs
description:* |Implemented the correct Security Requirements for this API description, Thisreflecting APIsecurity ispatterns calledavailable byin OzoneAPI ConnectHub
to
instruct a Financial Institution to#### initiateChanges ain paymentVersion once2024.34
it
has received a payment * Introduced new endpoint Get /payment-consents/{consentId}/refund.
instruction from a TPP* thatCosmetic haschanges passed- allRequest localResponse validations.Changes
contact:
name: TheOzone Financial InstitutionTechnology mustLimited
process
the payment and indicate a failure response (if the payment fails technical validation) or a
version: 2024.46.0
tags:
- name: payments
description: |
successAPIs response (if the payment passess technical validation and is submitted to the payment rails for processing)
The Financial Institution must generate a unique `PaymentId` that can be sent on to the TPP as a reference for the payment.
If the underlying consent has been patched with a `bankConnectToken`, then the token is passed in as the authorization header.
operationId: makePayment
parameters:that should be implemented by Financial Institutions to expose Service Initiation capability to TPPs.
security:
- {}
- OzoneConnectApiKey: []
- OzoneConnectClientCredentials: [
"placeholder"
]
- OzoneConnectJwtAuth: []
paths:
/payments:
post:
tags:
- payments
summary: Make a payment
description: |
This API is #called commonby headerOzone parametersConnect thatto setinstruct contexta Financial Institution to initiate a payment once it -has $ref: "#/components/parameters/providerId"
received a payment
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"instruction from a TPP that has passed all local validations.
The Financial -Institution $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
must process the payment and indicate a failure response (if the payment fails technical validation) or a
- $ref: "#/components/parameters/apiUri" success response (if the payment passess technical -validation $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"and is submitted to the payment rails for processing)
The Financial Institution -must $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
generate a unique `PaymentId` that can be sent on to the TPP as a reference for the payment.
- $ref: "#/components/parameters/psuIdentifier" If the underlying consent security:has been patched with a `bankConnectToken`, then the token -is {}passed in as the authorization header.
- OzoneConnectApiKey: [] operationId: makePayment
- OzoneConnectClientCredentialsparameters:
[ # common header parameters "placeholder"that set context
- ]$ref: "#/components/parameters/providerId"
- OzoneConnectJwtAuth$ref: []"#/components/parameters/aspspId"
- OzoneConnectServiceInitiationToken$ref: []"#/components/parameters/callerOrgId"
requestBody: - $ref: "#/components/parameters/callerClientId"
required: true - content$ref: "#/components/parameters/callerSoftwareStatementId"
- application/json$ref: "#/components/parameters/apiUri"
- schema$ref: "#/components/parameters/apiOperation"
- $ref: "#/components/schemasparameters/PaymentPostRequestconsentId"
responses: - $ref: "#/components/parameters/callerInteractionId"
'201': - $ref: "#/components/parameters/ozoneInteractionId"
description: successful operation - $ref: "#/components/parameters/psuIdentifier"
contentsecurity:
- {}
application/json: - OzoneConnectApiKey: []
schema: - OzoneConnectClientCredentials: [
$ref: "#/components/schemas/AEPaymentIdResponse"placeholder"
'400': ]
- descriptionOzoneConnectJwtAuth: failed[]
operation - contentOzoneConnectServiceInitiationToken: []
requestBody:
application/json: required: true
schemacontent:
application/json:
$ref: "#/components/schemas/Error" schema:
default: $ref: "#/components/responsesschemas/ErrorPaymentPostRequest"
/payments/{paymentId}: getresponses:
operationId'201':
getPayment tags: description: successful operation
- payments summarycontent:
Get a payment description: | application/json:
Ozone can call this API from Financial Institutions to retrieve payment information.
parameters schema:
# common header parameters that set context - $ref: "#/components/parametersschemas/providerIdAEPaymentIdResponse"
- $ref'400':
"#/components/parameters/aspspId" - $refdescription: "#/components/parameters/callerOrgId" failed operation
- $refcontent:
"#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId"application/json:
- $ref: "#/components/parameters/apiUri" schema:
- $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parametersschemas/consentIdError"
- $refdefault:
"#/components/parameters/callerInteractionId" - $ref: "#/components/parametersresponses/ozoneInteractionIdError"
/payments/{paymentId}:
get:
- $ref: "#/components/parameters/psuIdentifier" operationId: getPayment
- $reftags:
"#/components/parameters/paymentId" responses:- payments
'200'summary: Get a payment
description: successful|
operation Ozone can call content:this API from Financial Institutions to retrieve payment information.
application/json: parameters:
# common header parameters schema:that set context
- $ref: "#/components/schemasparameters/AEPaymentIdResponseproviderId"
- '400'$ref: "#/components/parameters/aspspId"
- description$ref: failed operation"#/components/parameters/callerOrgId"
- content$ref: "#/components/parameters/callerClientId"
- application/json:$ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
schema: - $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/schemasparameters/ErrorconsentId"
default- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/responsesparameters/ErrorozoneInteractionId"
/payments/{paymentId}/report-file: get: - $ref: "#/components/parameters/psuIdentifier"
tags: - $ref: - payments"#/components/parameters/paymentId"
summaryresponses:
report file for bulk payments '200':
description: | description: successful Thisoperation
API is called by Ozone Bank Connect to get a report file for a set of bulk paymentscontent:
operationIdapplication/json:
reportFile parameters: schema:
# common header parameters that set context - $ref: "#/components/parametersschemas/providerIdAEPaymentIdResponse"
- $ref'400':
"#/components/parameters/aspspId" - $refdescription: "#/components/parameters/callerOrgId" failed operation
- $refcontent:
"#/components/parameters/callerClientId" - $ref: "#/components/parameters/callerSoftwareStatementId"application/json:
- $ref: "#/components/parameters/apiUri" schema:
- $ref: "#/components/parameters/apiOperation" - $ref: "#/components/parametersschemas/consentIdError"
- $refdefault:
"#/components/parameters/callerInteractionId" - $ref: "#/components/parametersresponses/ozoneInteractionIdError"
/payments/{paymentId}/report-file:
- $refget:
"#/components/parameters/psuIdentifier" - $reftags:
"#/components/parameters/paymentId" responses:- payments
'200':
summary: report file for bulk payments
description: successful|
operation This API is content:called by Ozone Bank Connect to get a report file for a '*/*':
set of bulk payments
schemaoperationId: reportFile
parameters:
type:# stringcommon header parameters that set context
- description: Any content type.$ref: "#/components/parameters/providerId"
- '400'$ref: "#/components/parameters/aspspId"
- description$ref: failed operation"#/components/parameters/callerOrgId"
- content$ref: "#/components/parameters/callerClientId"
- application/json:$ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
schema: - $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/schemasparameters/ErrorconsentId"
default- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/responsesparameters/ErrorozoneInteractionId"
/payment-consents/{consentId}/refund: get: - $ref: "#/components/parameters/psuIdentifier"
tags: - $ref: "#/components/parameters/paymentId"
- payments summaryresponses:
Retrieve a Payment Consent '200':
description: successful operation
| Ozonecontent:
can call this API from Financial Institutions to retrieve payment information. '*/*':
operationId: getRefund parametersschema:
# common header parameters that set context type: string
- $ref: "#/components/parameters/providerId" description: -Any $ref: "#/components/parameters/aspspId"content type.
- $ref'400':
"#/components/parameters/callerOrgId" - $refdescription: "#/components/parameters/callerClientId"failed operation
- $refcontent:
"#/components/parameters/callerSoftwareStatementId" - $ref: "#/components/parameters/apiUri"application/json:
- $ref: "#/components/parameters/apiOperation" schema:
- $ref: "#/components/parameters/consentId" - $ref: "#/components/parametersschemas/callerInteractionIdError"
- $refdefault:
"#/components/parameters/ozoneInteractionId" - $ref: "#/components/parametersresponses/psuIdentifierError"
/payment-consents:
post:
- name: consentId tags:
in: path- payments
summary: Create a schema:payment consent for file payment operations
typedescription: string|
This operation required:allows truea consent to be created for Bulk/Batch payment operations
description: | **ONLY**. This is supported due to the Identifiesordering theof consentBulk/Batch bypayment an
id responses:instructions, where the Pushed Authorization Request is submitted and '200':
the payment description:file successfulis operationthen uploaded before Authentication and Authorization
content: takes place. Creating the consent at the LFI allows application/json:the payment file data to
be validated schema:on receipt.
Please note that the Consent Manager $ref: "#/components/schemas/RefundGetResponse"
API continues to be the source-of-truth for
'400': all consent types.
descriptionoperationId: failedcreateBulkBatchPaymentConsent
operation requestBody:
content: description: Properties of the file payment consent.
application/json: content:
schemaapplication/json:
schema:
$ref: "#/components/schemas/Error" defaultdescription: The properties of a file payment consent
$ref: "#/components/responses/Error" components: responses: Errortype: object
description: Default error response required:
content: application/json: - consentId
schema: $ref: "#/components/schemas/Error"
schemas: - request
PaymentPostRequest: descriptionproperties:
The properties of a payment request type: object consentId:
properties: requestUrl: $ref: "#/components/schemas/AEConsentId"
type: string descriptionrequest:
| The (Ozone) URL at which the TPP requested for the payment $ref: '#/components/schemas/AEFilePaymentConsent'
parameters:
- paymentType$ref: "#/components/parameters/providerId"
- $ref: "#/components/schemasparameters/PaymentTypeaspspId"
- request$ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/schemasparameters/AEPaymentAndFilePaymentRequestcallerClientId"
- requestHeaders$ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/schemasparameters/PaymentRequestHeadersapiUri"
- tpp$ref: "#/components/parameters/apiOperation"
- $ref: "#/components/schemasparameters/tppconsentId"
- supplementaryInformation$ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/schemasparameters/SupplementaryInformationozoneInteractionId"
required: - $ref: "#/components/parameters/psuIdentifier"
- paymentTyperesponses:
-'201':
request - requestHeadersdescription: File payment consent successfully created
- tpp '400':
additionalProperties: false AEPaymentAndFilePaymentRequestdescription: failed operation
description: The payment request body ascontent:
received from the TPP oneOf: application/json:
- $refschema: "#/components/schemas/AEPaymentRequest"
- $ref: "#/components/schemas/AEFilePaymentRequestError"
AEPaymentRequest: descriptiondefault:
| Payment Request Schema
type $ref: "object#/components/responses/Error"
/payment-consents/{consentId}/file:
additionalProperties post:
false requiredtags:
- "Data"payments
propertiessummary: Submit payment instruction file for bulk/batch payments
Data: description: This operation allows a Bulk/Batch description:payment Primaryfile datato forbe thetransmitted requestto the LFI. The
type: "object" data herein will be encoded according to the format already additionalProperties:supported falseby the
required:LFI, with the API Hub acting as a passthrough.
- "ConsentId" operationId: createBulkBatchPaymentInstructionFile
requestBody:
- "Instruction" description: File containing payment instructions in LFI prescribed format
- "PersonalIdentifiableInformation" content:
- "PaymentPurposeCode"'*/*':
propertiesschema:
ConsentId type: string
parameters:
- $ref: "#/components/schemasparameters/AEConsentIdproviderId"
- Instruction$ref: "#/components/parameters/aspspId"
- $ref: "#/components/schemasparameters/AEPaymentInstructioncallerOrgId"
- CurrencyRequest$ref: "#/components/parameters/callerClientId"
- $ref: "#/components/schemasparameters/AECurrencyRequestcallerSoftwareStatementId"
- PersonalIdentifiableInformation$ref: "#/components/parameters/apiUri"
- $ref: "#/components/schemasparameters/AEJWEPaymentPIIapiOperation"
- PaymentPurposeCode$ref: "#/components/parameters/consentId"
- $ref: "#/components/schemasparameters/AEPaymentPurposeCodecallerInteractionId"
- DebtorReference$ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/schemasparameters/AEStructuredDebtorReferencepsuIdentifier"
- name: consentId
CreditorReference: in: path
$ref: "#/components/schemas/AEStructuredCreditorReference" AEJWEPaymentPIIschema:
type: string type: string
description: |2- required: true
A JSON Web Encryption (JWE) object, which encapsulates adescription: JWS.|
The value is a compact serialization Identifies the consent by an id
of a JWE, which is a stringresponses:
consisting of five base64url-encoded parts joined by dots. It encapsulates encrypted content using JSON data structures. '204':
description: File uploaded successfully
The decrypted JWS'400':
content has the structure of the AEPaymentPII schema. description: failed operation
AEConsentId: type: string content:
minLength: 1 maxLengthapplication/json:
128 description: >- schema:
Unique identification assigned by the TPP to identify the consent $ref: "#/components/schemas/Error"
resource. AEFilePaymentRequestdefault:
description: | File Payment Request Schema
type$ref: "object#/components/responses/Error"
/payment-consents/{consentId}/refund:
additionalProperties get:
false requiredtags:
- "Data"payments
propertiessummary: Retrieve a Payment Consent
Data: description: |
description: PrimaryOzone datacan forcall thethis requestAPI from Financial Institutions to retrieve payment information.
type: "object" operationId: getRefund
additionalPropertiesparameters:
false # common header required:parameters that set context
- -$ref: "ConsentId#/components/parameters/providerId"
- $ref: - "PaymentPurposeCode"#/components/parameters/aspspId"
- properties$ref: "#/components/parameters/callerOrgId"
- ConsentId$ref: "#/components/parameters/callerClientId"
- $ref: "#/components/schemasparameters/AEConsentIdcallerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
Instruction: - $ref: "#/components/schemasparameters/AEFilePaymentConsentapiOperation"
- PaymentPurposeCode$ref: "#/components/parameters/consentId"
- $ref: "#/components/schemasparameters/AEPaymentPurposeCodecallerInteractionId"
- DebtorReference$ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/schemasparameters/AEStructuredDebtorReferencepsuIdentifier"
AEFilePaymentConsent: - name: consentId
type: "object" descriptionin: |path
A fileschema:
based payment consent. A Consenttype: definitionstring
for defining Multi Payments required: true
- "FileType" description: |
- "FileHash" Identifies the consent -by "NumberOfTransactions"an id
- "ControlSum"responses:
properties'200':
FileType: description: successful operation
$refcontent: "#/components/schemas/AEFileType"
FileHashapplication/json:
$ref: schema:
$ref: "#/components/schemas/AEFileHashRefundGetResponse"
FileReference'400':
$refdescription: "#/components/schemas/AEReference"failed operation
NumberOfTransactionscontent:
$ref: "#/components/schemas/AEFileNumberOfTransactions" application/json:
ControlSumschema:
$ref: "#/components/schemas/AEControlSumError"
RequestedExecutionDatedefault:
$ref: "#/components/schemasresponses/AERequestedExecutionDateError"
components:
responses:
additionalProperties Error:
false AERequestedExecutionDatedescription: Default error response
description: | content:
The date whenapplication/json:
the TPP expects the LFI to execute the payment. schema:
The date must be in the future and cannot be on the same day or a day in the past.$ref: "#/components/schemas/Error"
schemas:
PaymentPostRequest:
description: The properties of Thea maximumpayment daterequest
in the future that can be specifiedtype: object
is 1 year from the day ofproperties:
the consent of the User to the TPP. requestUrl:
All dates in thetype: JSONstring
payloads are represented in ISO 8601 date format. description: |
type: "string" format: "date" The (Ozone) URL at which AEFileNumberOfTransactions:the TPP requested for the payment
type: "integer" descriptionpaymentType:
| Number of individual transactions contained in the payment information group.$ref: "#/components/schemas/PaymentType"
AEControlSumrequest:
description: | $ref: "#/components/schemas/AEPaymentAndFilePaymentRequest"
Total of all individual amounts includedrequestHeaders:
in the group, irrespective of currencies. type$ref: "string#/components/schemas/PaymentRequestHeaders"
pattern: "^\\d{1,16}\\.\\d{2}$" tpp:
example $ref: "100.00#/components/schemas/tpp"
AEReference: supplementaryInformation:
description: | $ref: A reason or reference in relation to a payment."#/components/schemas/SupplementaryInformation"
required:
- ReasonpaymentType
or reference for the beneficiary regarding the Payment - request
type: "string" - requestHeaders
minLength: 1 - tpp
maxLength:
120 AEFileTypeadditionalProperties: false
typeAEPaymentAndFilePaymentRequest:
"string" description: "Specifies theThe payment filerequest type"body as received from the TPP
minLength: 1 maxLengthoneOf:
40 AEFileHash: - $ref: "#/components/schemas/AEPaymentRequest"
type: "string" - description$ref: "A base64 encoding of a SHA256 hash of the file to be uploaded."
#/components/schemas/AEFilePaymentRequest"
AEPaymentRequest:
description: |
minLength: 1 Payment Request Schema
maxLength: 44 type: AEStructuredCreditorReference:"object"
additionalProperties: false
descriptionrequired:
| - A"Data"
reason or reference in relation to aproperties:
payment, set to facilitate a structured Creditor reference consisting ofData:
* TPP IDdescription: andPrimary BICdata for the request
Debtor Account, followed by freeform text to a maximum of 120 characters.type: "object"
The TPPadditionalProperties: IDfalse
value will match the organization ID value from the Trust Framework,required:
and therefore will be a v4 UUID. - "ConsentId"
A BIC is specific according to the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.
- "Instruction"
- "PaymentPurposeCode"
If the value of the concatenated string- exceeds"OpenFinanceBilling"
120 characters, the TPP must first omit or truncate the freeformproperties:
element of the reference. type: "string" ConsentId:
minLength: 1 maxLength$ref: 120"#/components/schemas/AEConsentId"
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"Instruction:
AEPaymentInstruction: type: "object"
additionalProperties: false requiredadditionalProperties: false
- "Amount" required:
- "PaymentSequenceNumber" description: "The Initiation payload is - "Amount"
description: "The Initiation payload is sent by the initiating party to the LFI. It is used to request movement of funds from the debtor account to a creditor for a single payment."
properties:
Amount:
$ref: "#/components/schemas/AEActiveCurrencyAmount" description: The PaymentSequenceNumber:Currency and Amount relating to the Payment
$ref: "#/components/schemas/AEPaymentSequenceNumber" AEPaymentSequenceNumber: type: "stringobject"
description: | This indicates therequired:
underlying sequence of the recurring payment that is being instructed. For example: - "Amount"
* 1 can represent the first payment instruction - "Currency"
* 12 can represent the twelfth payment instruction minLength: 1 properties:
maxLength: 10 pattern: "^[1-9]\\d*$" PaymentType: Amount:
type: string description: | The type of the payment that is being created.$ref: "#/components/schemas/AEActiveOrHistoricAmount"
Each LFI's instance may supportCurrency:
a different set of payment types depending on the standards supported. $ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
For example, CurrencyRequest:
- cbuae-payment (Single Instant Payment, Multi Payment - Fixed and Variabledescription: RecurringThe Payment,details Futureof Datedthe Payment etc)
non-local currency or FX request that has been agreed
- cbuae-file-payment PaymentRequestHeaders: type:between objectthe User and the TPP. The requested description:ChargeBearer |and
The entire set of HTTP request headers that was receivedExchangeRateInformation byare Ozoneincluded fromin thethis TPPobject may be overwritten
tpp: type: object description:by |the LFI in the returned Consent object.
The TPP record as held by Ozone. type: "object"
If Ozone TPP Connect has been integrated into a directory, the `directoryRecord` provides the TPP's directory record as held by Ozone in base 64 encoded format.
additionalProperties: false
required:
- clientId - orgId"ExtendedPurpose"
- softwareStatementId - tppName
"CurrencyOfTransfer"
properties: clientIdproperties:
type: string InstructionPriority:
description: The clientId for the TPP as issued by Ozone description: "Indicator of the urgency or orgId:order of importance that the instructing party would like the instructed type:party stringto apply to the processing of the instruction."
description: The organization id for the TPP softwareStatementIdtype: "string"
type: string enum:
description: The organization id for the TPP tppName: - "Normal"
type: string description: The- name"Urgent"
of the TPP directoryRecord: ExtendedPurpose:
type: string description: The"Specifies latestthe copypurpose of the TPP directory record if the TPP has registered with a directory
an international payment, when there is no corresponding 4 character code available in the ISO20022 list of Purpose Codes."
additionalProperties: false SupplementaryInformation: type: object"string"
description: | The `SupplementaryInformation` objectminLength: may1
have arbitrary custom fields that a Financial Institution may use AEPaymentIdResponse: maxLength: 140
description: | The payment response toChargeBearer:
be passed on to the TPP. The structure of this response is aligned to the structure of the response for the CBUAE payment initiation API.
$ref: "#/components/schemas/AEChargeBearerType1Code"
CurrencyOfTransfer:
type: "object" additionalProperties: false requireddescription: "Specifies the currency of the to be transferred amount, -which "data"is different from the currency of the properties:
debtor's account."
data: type: "objectstring"
description: "Required fields are common for all the payments including file payment. Apart from that, paymentTransactionId is required for all payments except file payments"pattern: "^[A-Z]{3,3}$"
DestinationCountryCode:
additionalProperties: false requireddescription: "Country in which Credit Account is domiciled. Code to identify a country, - "id"
- "status"
a dependency, or another area of particular geopolitical interest, on the basis of country names obtained from the United Nations (ISO 3166, Alpha-2 code)."
- "statusUpdateDateTime" -type: "creationDateTimestring"
- "paymentPurposeCode" pattern: "[A-Z]{2,2}"
properties: ExchangeRateInformation:
id: descriptiontype: An"object"
API specific unique identification as assigned by the LFI to identify the domestic Payment resource. additionalProperties: false
type: string required:
consentId: - "UnitCurrency"
description: Unique identification assigned by the TPP to identify the consent resource. - "RateType"
type: string paymentTransactionIddescription: "Provides details on the currency exchange rate and contract."
description: | properties:
This is an end-to-end identifier that is generated by the underlying payment rails when itUnitCurrency:
is sent from an Originating LFI to a Receiving LFI. description: "Currency in which Forthe IPPrate transactions,of thisexchange is theexpressed in IPPa generatedcurrency identifierexchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
This property is not the same as the `transactionId` in the Bank Data Sharing Transactions API.type: "string"
pattern: "^[A-Z]{3,3}$"
The `paymentTransactionId` must be populated if the payment is processed by the LFI, andExchangeRate:
updated at the Consent Manager Payment Log API using the `patch` operation. description: "The factor used type:for stringconversion of an amount from one currency to another. This reflects the price status:at which one currency was bought with another currency."
description: | type: "number"
Specifies the status of the payment information group RateType:
* Pending: Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update willdescription: be"Specifies performed.the type used to complete the currency exchange."
* Rejected: The payment initiation has been rejected type: "string"
* AcceptedSettlementCompleted: Settlement of the Debtor's account has been completed enum:
* AcceptedCreditSettlementCompleted: When the Creditor account has been credited with the funds of- the"Actual"
payment initiated via the TPP * AcceptedWithoutPosting: When- the"Agreed"
Recipient Bank has accepted the payment but has not applied the credit to the Creditor account yet. - "Indicative"
type: string enumContractIdentification:
- "Pending" description: "Unique and unambiguous reference to the foreign exchange contract agreed between -the "AcceptedSettlementCompleted"
initiating party/creditor and the debtor agent."
- "AcceptedCreditSettlementCompleted" - "AcceptedWithoutPostingtype: "string"
- "Rejected" minLength: 1
- "Received" statusUpdateDateTimemaxLength: 256
descriptionPersonalIdentifiableInformation:
Date and time at which the resource status was updated. description: Personal Identifiable Information, represented in both encoded and decoded type:form string
format: date-time using a `oneOf`, to help implementers readily understand both the structure and creationDateTime:
description: Date andserialized timeform atof which the messageproperty.
was
created. type: string**Implementations MUST reflect the AEJWEPaymentPII Schema Object**
format: date-time **structure and the notes provided on charges:implementing a JWS and JWE**
$ref: "#/components/schemas/AECharges" **The decoded form AEPaymentPII is for guidance on content exchangeRate:only**
$refoneOf:
"#/components/schemas/AEExchangeRateInformation" currencyRequest- $ref: "#/components/schemas/AEJWEPaymentPII"
- $ref: "#/components/schemas/AECurrencyRequestAEPaymentPII"
instructionPaymentPurposeCode:
$ref: "#/components/schemas/AEPaymentInstructionAEPaymentPurposeCode"
paymentPurposeCodeDebtorReference:
$ref: "#/components/schemas/AEPaymentPurposeCodeAEStructuredDebtorReference"
debtorReferenceCreditorReference:
$ref: "#/components/schemas/AEStructuredDebtorReferenceAEStructuredCreditorReference"
meta OpenFinanceBilling:
$ref: "#/components/schemas/MetaAEServiceInitiationOpenFinancePaymentBilling"
AEChargesAEServiceInitiationOpenFinancePaymentBilling:
descriptiontype: object
List of charges associated with therequired:
payment request type: "array"- Type
itemsproperties:
typeType:
"object" additionalPropertiesenum:
false description: | - Collection
Set of elements used to provide- detailsLargeValueCollection
of a charge for the payment initiation. - PushP2P
* For Payments, these Charges are on the Debtor. - PullP2P
required: - Me2Me
- "chargeBearer" description: The type payment for - "type"billing
- "amount"type: string
propertiesMerchantId:
chargeBearerdescription: "MerchantId"
$reftype: "#/components/schemas/AEChargeBearerType1Codestring"
typeminLength: 8
$refmaxLength: "#/components/schemas/AEExternalPaymentChargeTypeCode"20
description: Billing parameters specified amount:by the TPP for a payment initiation
$refadditionalProperties: "#/components/schemas/AEActiveCurrencyAmount"false
AEChargeBearerType1CodeAEServiceInitiationOpenFinancePaymentBillingGet:
descriptiontype: object
"Specifies which party/parties will bearrequired:
the charges associated with the processing of the payment- transaction."Type
typeproperties:
"string" enumNumberOfSuccessfulTransactions:
- type: "BorneByCreditorinteger"
- "BorneByDebtor" description: |
- "FollowingServiceLevel" Number of individual transactions - "Shared"
successfully executed by the LFI.
AEExternalPaymentChargeTypeCode: description: "ChargeThis type,is inreturned aby codedthe form."LFI after the file is fully processed.
type: "string" enumType:
- "VAT"enum:
- "Fees" - Collection
AEActiveCurrencyAmount: description: | - LargeValueCollection
The Currency and Amount relating to the Payment, Refund- orPushP2P
Request to Pay type: "object" - PullP2P
required: - Me2Me
"amount" - "currency"description: The type payment for billing
properties: amounttype: string
MerchantId:
$ref: "#/components/schemas/AEActiveOrHistoricAmount" currencydescription: "MerchantId"
$ref type: "#/components/schemas/AEActiveOrHistoricCurrencyCodestring"
AEActiveOrHistoricAmount: minLength: 8
description: "A number of monetary units specified in an active currencymaxLength: where20
the unit of currency is explicit anddescription: compliantBilling withparameters ISOspecified 4217."by the TPP for a payment initiation
type: "string" pattern: "^\\d{1,16}\\.\\d{2}$"additionalProperties: false
exampleAEJWEPaymentPII:
"100.00" AEActiveOrHistoricCurrencyCodetype: string
description: "A 3 character alphabetic code allocated to a currency under an international currency identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'."|2-
A JSON Web Encryption (JWE) object, which encapsulates a JWS. The value is a compact serialization
of type: "string"
pattern: "^[A-Z]{3,3}$"
example: "AED"
AEExchangeRateInformation:a JWE, which is a string consisting of five base64url-encoded parts joined by dots. It encapsulates encrypted content using JSON data structures.
type: "object" The decrypted JWS content has the additionalProperties:structure falseof the AEPaymentPII schema.
required: AEPaymentPII:
-type: "unitCurrencyobject"
additionalProperties: false
- "exchangeRate" description: "Elements of Personal Identifiable -Information "rateTypedata"
descriptionproperties:
"Further detailed information on the exchange rate thatInitiation:
has been used in the payment transaction." type: "object"
properties: unitCurrencyadditionalProperties: false
description: "Currency in whichThe Initiation payload is sent by the rateinitiating ofparty exchangeto isthe expressedLFI. inIt ais currencyused exchange.to Inrequest themovement exampleof 1GBPfunds =from xxxCUR,the thedebtor unitaccount currencyto isa GBPcreditor."
typeproperties:
"string" patternCreditorAgent:
"^[A-Z]{3,3}$" exchangeRate: $ref: "#/components/schemas/AECreditorAgent"
description: "The factor used for conversion of an amountCreditor:
from one currency to another. This reflects the price at which one currency was bought with another currency.type: "object"
type: "number" additionalProperties: false
rateType: description: "SpecifiesParty theto typewhich usedan toamount completeof themoney currencyis exchangedue."
type: "string" properties:
enum: Name:
- "Actual" - "Agreed"description: |
- "Indicative" Name contractIdentification:by which a party is known and which is usually used description:to "Uniqueidentify andthat unambiguousparty.
reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent." This may be used to type: "string"
identify the Creditor for international payments.
minLength: 1 maxLengthtype: 256"string"
expirationDateTime: descriptionminLength: "Specified1
date and time the exchange rate agreement will expire.All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00"maxLength: 140
PostalAddress:
type: "string" format$ref: "date-time#/components/schemas/AEAddress"
AECurrencyRequest: descriptionCreditorAccount:
| The details of the non-local currency or FX request that has been agreed between the User and the TPP.
$ref: "#/components/schemas/AECreditorAccount"
ConfirmationOfPayeeResponse:
The requested ChargeBearer and ExchangeRateInformation are included in this object may be overwritten by the LFI in the returned Consent object.$ref: "#/components/schemas/AEConfirmationOfPayeeResponse"
Risk:
type: "object$ref: "#/components/schemas/AERisk"
AECreditorAgent:
additionalProperties: false description: |
required: Refers to the - "currencyOfTransfer"Financial Institution.
propertiestype: "object"
instructionPriorityrequired:
- "SchemeName"
description: "Indicator of the urgency or order of importance- that"Identification"
the instructing party would like the instructedproperties:
party to apply to the processing of the instruction."SchemeName:
type: "string"
enumdescription: |
- "Normal"
Refers to the Identification scheme for uniquely identifying the Agent.
- "Urgent" * extendedPurposeBICFI: The BIC/SWIFT Code
description: "Specifies the purpose of an international payment, when there is no corresponding * Other: The ID; A Country Code followed by a Bank Code (4 character code). availableThe infull the ISO20022 list of PurposeLFI Codes."names and 6 digits IDs are as typefollows:
"string" minLengthenum:
1 maxLength: 140- "BICFI"
chargeBearer: $ref: "#/components/schemas/AEChargeBearerType1Code- "Other"
currencyOfTransferIdentification:
description: "Specifies|
the currency of the to be transferred amount, which is different from theThe currencyAgent ofis the debtor's account."
type: "string"Country Code followed by a Bank Code"
patterntype: "^[A-Z]{3,3}$string"
destinationCountryCodeName:
description: "CountryName inby which Creditan Accountagent is domiciled.known Codeand towhich identifyis ausually country,used ato dependency,identify orthat anotheragent."
area of particular geopolitical interest, on the basis of country names obtained from the United Nations (ISO 3166, Alpha-2 code)."
type: "string"
minLength: 1
type: "string" pattern: "[A-Z]{2,2}"maxLength: 140
exchangeRateInformationPostalAddress:
type$ref: "object#/components/schemas/AEAddress"
AECreditorAccount:
additionalPropertiesdescription: false"Unambiguous identification of the account of the creditor to which a required:credit entry will be posted."
type: - "unitCurrencyobject"
additionalProperties: false
- "rateType" required:
- description: "SchemeName"Provides
details on the currency exchange rate and contract." - "Identification"
properties:- "Name"
properties:
unitCurrency: SchemeName:
description$ref: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."#/components/schemas/AECreditorExternalAccountIdentificationCode"
Identification:
$ref: "#/components/schemas/AEIdentification"
Name:
type $ref: "string"#/components/schemas/AEName"
TradingName:
pattern $ref: "^[A-Z]{3,3}$#/components/schemas/AETradingName"
AEAddress:
exchangeRatedescription: |
(Array) Address information that locates description:and "Theidentifes factora usedspecific foraddress, conversionas ofdefined anby amounta fromnational oneor currencyinternational topostal anotherservice."
This reflects the price at which one currency was bought with another currency."type: "array"
minItems: 1
items:
type: "numberobject"
rateTyperequired:
- "AddressType"
description: "Specifies the type used to complete the currency- exchange."Country"
properties:
type: "string" AddressType:
enum: $ref: "#/components/schemas/AEAddressTypeCode"
ShortAddress:
- "Actual" $ref: "#/components/schemas/AEShortAddress"
- "Agreed" UnitNumber:
-$ref: "Indicative#/components/schemas/AEUnitNumber"
contractIdentificationFloorNumber:
description$ref: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent.""#/components/schemas/AEFloorNumber"
BuildingNumber:
$ref: "#/components/schemas/AEBuildingNumber"
type: "string" StreetName:
minLength: 1 $ref: "#/components/schemas/AEStreetName"
SecondaryNumber:
maxLength: 256 AEPaymentPurposeCode$ref: "#/components/schemas/AESecondaryNumber"
description: A category codeDistrict:
that relates to the type of services or goods that corresponds to the underlying purpose of the payment. The code must conform to the published AANI payment purpose code list.$ref: "#/components/schemas/AEDistrict"
PostalCode:
type: "string"$ref: "#/components/schemas/AEPostalCode"
minLength: 1 POBox:
maxLength: 4 pattern$ref: "^[A-Z]{3}$#/components/schemas/AEPOBox"
AEStructuredDebtorReference: ZipCode:
description: | A reason or reference in relation to a payment, set to facilitate a structured Debtor reference consisting of:$ref: "#/components/schemas/AEZipCode"
City:
* For payments to Merchants: TPP ID, Merchant ID, BIC for the Creditor Account, followed by freeform text to a maximum of 120 characters.
$ref: "#/components/schemas/AECity"
Region:
$ref: "#/components/schemas/AERegion"
* For other paymentsCountry:
TPP ID and BIC for the Creditor Account, followed by freeform text to a maximum of 120 characters.$ref: "#/components/schemas/AECountryCode"
additionalProperties: false
The TPPAEAddressTypeCode:
ID value will match the organization IDdescription: value"Specifies fromthe thenature Trustof Framework, and therefore will be a v4 UUID.
the Address."
type: "string"
enum:
The Merchant ID wil be as per the existing- IPP"Business"
rules for the Merchant identification, and will incorporate the- Trade"Correspondence"
License number for the Merchant. - "Residential"
A BIC is specific according to the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.
If the value of the concatenated string exceeds 120 characters, the TPP must omit or truncate the freeform element of the reference.example: "Residential"
AEShortAddress:
description: "A short address consists of four letters: region code, branch code, division code, unique code and a four-digit number for the building."
type: "string"
minLength: 1
maxLength: 8
example: "ABCD1234"
AEUnitNumber:
description: "Identifies the unit or apartment number."
oneOftype: "string"
- description: Merchant-initiated payment, containing Merchant identifierminLength: 1
maxLength: 10
example: "6"
AEFloorNumber:
typedescription: "stringIdentifies the building floor number."
type: "string"
minLength: 1
maxLength: 10
maxLengthexample: 120"2"
AEBuildingNumber:
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},Merchant=[A-Z0-9]{3}-[A-Z]{4}-TL.+-[0-9]{4},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
- description: Non-merchant payment, containing TPP ID, BIC, and free form text
description: "Identifies the building number."
type: "string"
minLength: 1
maxLength: 10
example: "34"
AEStreetName:
description: "Identifies the street name or road."
type: "string"
minLength: 1
maxLength: 70
example: "Omar Bin Hassan Street"
AEDistrict:
description: "Identifies the district of a city."
type: "string"
minLength: 1
maxLength: 35
example: "Olaya Dist."
AECountryCode:
description: "Indicates the country code in which the address is located (References ISO 3166-1 alpha-2)."
type: "string"
pattern: "^[A-Z]{2,2}$"
example: "SA"
AEPostalCode:
description: " Identifies the postal code; a unique code assigned to a specific geographic area for efficient mail sorting and delivery purposes."
type: "string"
minLength: 1
maxLength: 10
example: "12345"
AEPOBox:
description: " Identifies the POBox."
type: "string"
minLength: 1
maxLength: 10
example: "11562"
AEZipCode:
description: "Identifies the ZIP code; a unique code assigned to a specific geographic area for efficient mail sorting and delivery purposes."
type: "string"
minLength: 1
maxLength: 10
example: "12366"
AESecondaryNumber:
description: "4 numbers representing the accurate location coordinates of the address"
type: "string"
minLength: 4
maxLength: 4
example: "1233"
AECity:
description: "Identifies the name of the city or town where the address is situated."
type: "string"
minLength: 1
maxLength: 35
example: "Riyadh"
AERegion:
description: "Identifies the region."
type: "string"
minLength: 1
maxLength: 35
example: "North"
AEDebtorIndicators:
type: "object"
description: |
Debtor (User) Indicators
properties:
Authentication:
type: "object"
description: "The authentication method used by the User to access their account with the TPP"
properties:
AuthenticationChannel:
description: Channel on which the User was authenticated
type: string
enum:
- App
- Web
PossessionFactor:
type: "object"
description: "The User's possession, that only the User possesses"
properties:
IsUsed:
type: "boolean"
Type:
type: "string"
enum:
- FIDO2SecurityKey
- Passkey
- OTPDevice
- OTPApp
- SMSOTP
- EmailOTP
- PushNotification
- WebauthnToken
- SecureEnclaveKey
- HardwareOTPKey
- TrustedDevice
- Other
KnowledgeFactor:
type: "object"
description: "The User's knowledge, that only the User knows"
properties:
IsUsed:
type: "boolean"
Type:
type: "string"
enum:
- PIN
- Password
- SecurityQuestion
- SMSOTP
- EmailOTP
- OTPPush
- Other
InherenceFactor:
type: "object"
description: "The User's inherance, that is unique to the User's physical characteristics"
properties:
IsUsed:
type: "boolean"
Type:
type: "string"
enum:
- Biometric
- Fingerprint
- FaceRecognition
- IrisScan
- VoiceRecognition
- FIDOBiometric
- DeviceBiometrics
- Other
ChallengeOutcome:
type: "string"
description: "The result of multi-factor authentication performed by the TPP, with NotPerformed indication the User was not required to authenticate before consenting to the requested payment"
enum:
- Pass
- Fail
- NotPerformed
AuthenticationFlow:
type: "string"
enum:
- MFA
- Other
AuthenticationValue:
type: "string"
description: "Cryptographic proof of authentication where supported by the device and protocol."
ChallengeDateTime:
type: "string"
format: "date-time"
UserName:
type: "object"
description: "The Name of the User initiating the Payment"
properties:
en:
type: "string"
description: "English value of the string"
ar:
type: "string"
description: "Arabic value of the string"
GeoLocation:
type: "object"
description: "GPS to identify and track the whereabouts of the connected electronic device."
required:
- Latitude
- Longitude
properties:
Latitude:
type: "string"
description: "latitude"
Longitude:
type: "string"
description: "longitude"
DeviceInformation:
type: "object"
description: "Detailed device information"
properties:
DeviceId:
type: "string"
description: "IMEISV number of the connected electronic device"
AlternativeDeviceId:
type: "string"
description: "Alternative identifier for the connected electronic device"
DeviceOperatingSystem:
type: "string"
description: "Device operating system"
DeviceOperatingSystemVersion:
type: "string"
description: "Device operating system version"
DeviceBindingId:
type: "string"
description: "An identifier that associates a device uniquely with a specific application"
LastBindingDateTime:
type: "string"
format: "date-time"
description: "Date and time when the device was last bound to the application"
BindingDuration:
type: "string"
format: "duration"
description: "ISO 8601 duration since device was last bound (e.g., P30D for 30 days)"
BindingStatus:
type: "string"
description: "Current status of the device binding"
enum:
- Active
- Expired
- Revoked
- Suspended
DeviceType:
type: "string"
description: "Type of device used"
enum:
- Mobile
- Desktop
- Tablet
- Wearable
- Other
DeviceManufacturer:
type: "object"
properties:
Model:
type: "string"
description: "Device model name"
maxLength: 50
Manufacturer:
type: "string"
description: "Device manufacturer"
maxLength: 50
DeviceLanguage:
type: "string"
description: "Device language"
DeviceLocalDateTime:
type: "string"
description: "Device local time"
ConnectionType:
type: "string"
description: "Type of connection to the internet"
enum:
- WiFi
- Cellular
- Other
ScreenInformation:
type: "object"
properties:
PixelDensity:
type: "number"
description: "Screen pixel density"
Orientation:
type: "string"
enum:
- Portrait
- Landscape
BatteryStatus:
type: "object"
properties:
Level:
type: "number"
minimum: 0
maximum: 100
IsCharging:
type: "boolean"
TouchSupport:
type: "object"
properties:
Supported:
type: "boolean"
MaxTouchPoints:
type: "integer"
minimum: 0
MotionSensors:
type: "object"
properties:
Status:
type: "string"
enum:
- InMotion
- Stationary
Accelerometer:
type: "boolean"
Gyroscope:
type: "boolean"
DeviceEnvironmentContext:
type: "array"
description: "List of device environment context"
items:
type: "string"
enum:
- VPNDetected
- EmulatorDetected
BiometricCapabilities:
type: "object"
description: "Device biometric capabilities"
properties:
SupportsBiometric:
type: "boolean"
description: "Whether device supports biometric authentication"
BiometricTypes:
type: "array"
description: "Types of biometric authentication supported"
items:
type: "string"
enum:
- Fingerprint
- FacialRecognition
- Iris
- VoicePrint
- Other
AppInformation:
type: "object"
description: "Mobile application specific information"
properties:
AppVersion:
type: "string"
description: "Version of the mobile application"
PackageName:
type: "string"
description: "Application package identifier"
BuildNumber:
type: "string"
description: "Application build number"
BrowserInformation:
type: "object"
description: "Browser-specific information"
properties:
UserAgent:
type: "string"
description: "Complete browser user agent string"
IsCookiesEnabled:
type: "boolean"
description: "Whether cookies are enabled in the browser"
AvailableFonts:
type: "array"
description: "List of available fonts"
items:
type: "string"
Plugins:
type: "array"
description: "List of installed browser plugins"
items:
type: "string"
PixelRatio:
type: "number"
description: "Device pixel ratio for scaling"
UserBehavior:
type: "object"
description: "User behavior indicators"
properties:
ScrollBehavior:
type: "object"
properties:
Direction:
type: "string"
enum:
- Up
- Down
- Both
Speed:
type: "number"
description: "Average scroll speed in pixels per second"
Frequency:
type: "number"
description: "Number of scroll events per minute"
AccountRiskIndicators:
type: "object"
description: "Risk indicators related to the account"
properties:
UserOnboardingDateTime:
type: "string"
format: "date-time"
description: "The exact date and time when the User account was activated with the TPP."
LastAccountChangeDate:
type: "string"
format: "date"
description: "Date that the User's account was last changed"
LastPasswordChangeDate:
type: "string"
format: "date"
description: "Date of the last password change by the User"
SuspiciousActivity:
type: "string"
description: "Indicates any suspicious activity associated with the account"
enum:
- NoSuspiciousActivity
- SuspiciousActivityDetected
TransactionHistory:
type: "object"
properties:
LastDay:
type: "integer"
description: "Total transactions made by the account in the last 24 hours"
minimum: 0
LastYear:
type: "integer"
description: "Total transactions made by the account in the past year"
minimum: 0
SupplementaryData:
type: "object"
description: |
Additional information that cannot be captured in the structured fields and/or any other specific block
This may include information that is not available in the structured fields, such as a user's behavioural data
like their typing speed and typing patterns.
properties: {}
AETransactionIndicators:
type: "object"
description: |
Transaction Indicators
properties:
IsCustomerPresent:
description: "This field differentiates between automatic and manual payment initiation."
type: boolean
IsContractPresent:
description: "Indicates if the Creditor has a contractual relationship with the TPP."
type: boolean
Channel:
description: "Where the payment has been initiated from."
type: "string"
enum:
- Web
- Mobile
ChannelType:
type: "string"
description: "The channel through which the transaction is being conducted"
enum:
- ECommerce
- InStore
- InApp
- Telephone
- Mail
- RecurringPayment
- Other
SubChannelType:
type: "string"
description: "More specific classification of the transaction channel"
enum:
- WebBrowser
- MobileApp
- SmartTV
- WearableDevice
- POSTerminal
- ATM
- KioskTerminal
- Other
PaymentProcess:
type: "object"
description: "Metrics related to the payment process duration and attempts"
properties:
TotalDuration:
type: "integer"
description: "Total time in seconds from payment initiation to completion"
minimum: 0
CurrentSessionAttempts:
type: "integer"
description: "Number of payment attempts in the current session"
minimum: 1
CurrentSessionFailedAttempts:
type: "integer"
description: "Number of failed payment attempts in the current session"
minimum: 0
Last24HourAttempts:
type: "integer"
description: "Number of payment attempts in the last 24 hours"
minimum: 0
Last24HourFailedAttempts:
type: "integer"
description: "Number of failed payment attempts in the last 24 hours"
minimum: 0
MerchantRisk:
type: "object"
description: "Risk indicator details provided by the merchant"
properties:
DeliveryTimeframe:
type: "string"
description: "Timeframe for the delivery of purchased items"
enum:
- ElectronicDelivery
- SameDayShipping
- OvernightShipping
- MoreThan1DayShipping
ReorderItemsIndicator:
type: "string"
description: "Indicates if the transaction is a reorder"
enum:
- FirstTimeOrder
- Reorder
PreOrderPurchaseIndicator:
type: "string"
description: "Indicates if this is a pre-ordered item"
enum:
- MerchandiseAvailable
- FutureAvailability
IsGiftCardPurchase:
type: "boolean"
description: "Indicates if the transaction includes a gift card"
IsDeliveryAddressMatchesBilling:
type: "boolean"
description: "Indicates if delivery address matches billing address"
AddressMatchLevel:
type: "string"
description: "Level of match between delivery and billing addresses"
enum:
- FullMatch
- PartialMatch
- NoMatch
- NotApplicable
SupplementaryData:
type: "object"
description: |
Additional information that cannot be captured in the structured fields and/or any other specific block
properties: {}
AECreditorIndicators:
type: "object"
description: |
Creditor Indicators
properties:
AccountType:
$ref: "#/components/schemas/AEAccountTypeCode"
IsCreditorPrePopulated:
$ref: "#/components/schemas/AEIsCreditorPrePopulated"
TradingName:
$ref: "#/components/schemas/AETradingName"
IsVerifiedByTPP:
$ref: "#/components/schemas/AEIsVerifiedbyTPP"
AdditionalAccountHolderIdentifiers:
$ref: "#/components/schemas/AEAdditionalAccountHolderIdentifiers"
MerchantDetails:
type: "object"
description: |
Details of the Merchant involved in the transaction.
Merchant Details are specified only for those merchant categories that are generally expected to originate retail financial transactions
properties:
MerchantId:
description: "MerchantId"
type: "string"
minLength: 8
maxLength: 20
MerchantName:
description: "Name by which the merchant is known."
type: "string"
minLength: 1
maxLength: 350
MerchantSICCode:
description: |
SIC code stands for standard industrial classification (SIC) code.
This four digit-number identifies a very specific short descriptor of the type of business a company is engaged in.
SIC can be obtained from the Chamber of Commerce.
type: "string"
minLength: 3
maxLength: 4
MerchantCategoryCode:
description: >
Category code values are used to enable the classification of
merchants into specific categories based on the type of business,
trade or services supplied.
Category code conforms to ISO 18245, related to the type of services
or goods the merchant provides for the transaction."
type: string
minLength: 3
maxLength: 4
additionalProperties: false
IsCreditorConfirmed:
description: Creditor account details have been confirmed successfully using Confirmation of Payee
type: boolean
ConfirmationOfPayeeResponse:
$ref: "#/components/schemas/AEConfirmationOfPayeeResponse"
SupplementaryData:
type: "object"
description: |
Additional information that cannot be captured in the structured fields and/or any other specific block
properties: {}
AEAccountTypeCode:
type: string
enum:
- Retail
- SME
- Corporate
description: Specifies the type of account (Retail, SME or Corporate).
AEIsCreditorPrePopulated:
description: "Is Creditor populated"
type: "boolean"
AEIsVerifiedbyTPP:
description: "The TPP has onboarded the Creditor"
type: "boolean"
AEAdditionalAccountHolderIdentifiers:
type: "array"
items:
type: "object"
description: "Provides the details to identify an account."
required:
- "SchemeName"
- "Identification"
properties:
SchemeName:
$ref: "#/components/schemas/AERiskExternalAccountIdentificationCode"
Identification:
$ref: "#/components/schemas/AEIdentification"
Name:
$ref: "#/components/schemas/AEName"
additionalProperties: false
AERiskExternalAccountIdentificationCode:
description: "Name of the identification scheme, in a coded form as published in an external list."
type: "string"
enum:
- "EmiratesID"
- "TradeLicenceNumber"
AEConfirmationOfPayeeResponse:
description: The JSON Web Signature returned by the Payee Confirmation operation at the Confirmation of Payee API. The value must be the full JWS string, including the header and signature, without decoding to an object. If Confirmation of Payee is not performed this property can be omitted
type: string
pattern: '^.+\..+\..+$'
AECreditorExternalAccountIdentificationCode:
description: "Name of the identification scheme, in a coded form as published in an external list."
type: "string"
enum:
- "IBAN"
- "AccountNumber"
AEIdentification:
description: |
Identification for the account assigned by the LFI based on the Account Scheme Name.
This identification is known by the User account owner.
type: "string"
minLength: 1
AETradingName:
type: "object"
description: |
The Trading Brand Name (if applicable) for the Creditor.
Applicable to Payments.
properties:
en:
type: "string"
description: "English value of the string"
maxLength: 70
ar:
type: "string"
description: "Arabic value of the string"
maxLength: 70
additionalProperties: false
AERisk:
additionalProperties: false
description: |
The Risk section is sent by the TPP to the LFI. It is used to specify additional details for risk/fraud scoring regarding Payments.
type: "object"
properties:
DebtorIndicators:
$ref: "#/components/schemas/AEDebtorIndicators"
DestinationDeliveryAddress:
type: "object"
description: |
Destination Delivery Address
properties:
RecipientType:
type: "string"
description: "The recipient of the goods whether an individual or a corporation."
enum:
- "Individual"
- "Corporate"
RecipientName:
type: "object"
description: "The name of the recipient of the goods, whether an individual or a corporation."
properties:
en:
type: "string"
description: "English value of the string"
ar:
type: "string"
description: "Arabic value of the string"
NationalAddress:
$ref: "#/components/schemas/AEAddress"
TransactionIndicators:
$ref: "#/components/schemas/AETransactionIndicators"
CreditorIndicators:
$ref: "#/components/schemas/AECreditorIndicators"
AEConsentId:
type: string
minLength: 1
maxLength: 128
description: >-
Unique identification assigned by the TPP to identify the consent
resource.
AEFilePaymentRequest:
description: |
File Payment Request Schema
type: "object"
additionalProperties: false
required:
- "Data"
properties:
Data:
description: Primary data for the request
type: "object"
additionalProperties: false
required:
- "ConsentId"
- "PaymentPurposeCode"
properties:
ConsentId:
$ref: "#/components/schemas/AEConsentId"
Instruction:
$ref: "#/components/schemas/AEFilePaymentConsent"
PaymentPurposeCode:
$ref: "#/components/schemas/AEPaymentPurposeCode"
DebtorReference:
$ref: "#/components/schemas/AEStructuredDebtorReference"
AEFilePaymentConsent:
type: "object"
description: |
A file based payment consent.
A Consent definition for defining Multi Payments
required:
- "FileType"
- "FileHash"
- "NumberOfTransactions"
- "ControlSum"
properties:
FileType:
$ref: "#/components/schemas/AEFileType"
FileHash:
$ref: "#/components/schemas/AEFileHash"
FileReference:
$ref: "#/components/schemas/AEReference"
NumberOfTransactions:
$ref: "#/components/schemas/AEFileNumberOfTransactions"
ControlSum:
$ref: "#/components/schemas/AEControlSum"
RequestedExecutionDate:
$ref: "#/components/schemas/AERequestedExecutionDate"
additionalProperties: false
AERequestedExecutionDate:
description: |
The date when the TPP expects the LFI to execute the payment.
The date must be in the future and cannot be on the same day or a day in the past.
The maximum date in the future that can be specified is 1 year from the day of the consent of the User to the TPP.
All dates in the JSON payloads are represented in ISO 8601 date format.
type: "string"
format: "date"
AEFileNumberOfTransactions:
type: "integer"
description: |
Number of individual transactions contained in the payment information group.
AEControlSum:
description: |
Total of all individual amounts included in the group, irrespective of currencies.
type: "string"
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
AEReference:
description: |
A reason or reference in relation to a payment.
Reason or reference for the beneficiary regarding the Payment
type: "string"
minLength: 1
maxLength: 120
AEFileType:
type: "string"
description: "Specifies the payment file type"
minLength: 1
maxLength: 40
AEFileHash:
type: "string"
description: "A base64 encoding of a SHA256 hash of the file to be uploaded."
minLength: 1
maxLength: 44
AEStructuredCreditorReference:
description: |
A reason or reference in relation to a payment, set to facilitate a structured Creditor reference consisting of:
* TPP ID and BIC for the Debtor Account, followed by freeform text to a maximum of 120 characters.
The TPP ID value will match the organization ID value from the Trust Framework, and therefore will be a v4 UUID.
A BIC is specific according to the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.
If the value of the concatenated string exceeds 120 characters, the TPP must first omit or truncate the freeform element of the reference.
type: "string"
minLength: 1
maxLength: 120
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
AEPaymentInstruction:
type: "object"
additionalProperties: false
required:
- "Amount"
description: "The Initiation payload is sent by the initiating party to the LFI. It is used to request movement of funds from the debtor account to a creditor for a single payment."
properties:
Amount:
$ref: "#/components/schemas/AEActiveCurrencyAmount"
PaymentType:
type: string
description: |
The type of the payment that is being created.
Each LFI's instance may support a different set of payment types
depending on the standards supported.
For example,
- cbuae-payment (Single Instant Payment, Multi Payment - Fixed and Variable Recurring Payment, Future Dated Payment etc)
- cbuae-file-payment
PaymentRequestHeaders:
type: object
description: |
The entire set of HTTP request headers that was received by Ozone from the TPP
tpp:
description: The TPP record as held by Ozone. If Ozone TPP Connect has been integrated into a
directory, the `directoryRecord` provides the TPP's directory record as held by Ozone in
base 64 encoded format.
type: object
required:
- clientId
- orgId
- softwareStatementId
- tppId
- tppName
- decodedSsa
properties:
clientId:
description: The client identifier for the TPP as issued by the Trust Framework
type: string
pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$'
tppId:
description: The identifier used by the API Hub to uniquely identify the TPP
type: string
tppName:
description: The TPP name recorded in the Trust Framework
type: string
obieTppId:
description: The UK market TPP identifier. This property is not used for CBUAE and is therefore
marked as deprecated.
type: string
deprecated: true
softwareStatementId:
description: The software statement identifier for the Client.
type: string
obieSoftwareStatementId:
description: The UK market software statement identifier. This property is not used for CBUAE
and is therefore marked as deprecated.
type: string
deprecated: true
obieSoftwareStatementName:
description: The UK market software statement name. This property is not used for CBUAE and
is therefore marked as deprecated.
type: string
deprecated: true
directoryRecord:
type: string
description: The latest copy of the TPP directory record retrieve from the CBUAE Trust Framework
directory, encoded as a Base 64 string
format: base64
ssa:
description: The encoded Software Statement Assertion. This property is not used for CBUAE and is
therefore marked as deprecated.
type: string
deprecated: true
decodedSsa:
$ref: "#/components/schemas/softwareStatementProperties"
orgId:
description: The organization identifier for the TPP
type: string
pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$'
softwareStatementProperties:
description: |
The decoded software statement retrieved from the Trust Framework that provides
the properties of the Client.
Please note:
- The JSON payload will contain other properties in addition to those listed
here. The properties listed here are considered most relevant for activities
such as TPP logo retrieval and JWS verification.
- The content reflects elements of discovery metadata, which in generally
defined as a file rather than an API. Providing constraints such as
`minLength` and `maxLength` is impractical in this context
The full software statement record is also available in the Trust Framework.
Please also refer the Registration Framework page in the CBUAE standards for
additional guidance on these properties.
type: object
properties:
redirect_uris:
description: The redirect URIs registered by the TPP at the Trust Framework
type: array
items:
type: string
client_name:
description: Name of the Client to be presented to the End-User.
type: string
client_uri:
description: URL of the home page of the Client.
type: string
logo_uri:
description: URL of the Client logo.
type: string
jwks_uri:
description: URL of the Client JSON Web Key Set (JWKS) at the Trust Framework.
type: string
client_id:
description: Unique Client Identifier.
type: string
roles:
description: The roles under which the organization is registered at the Trust Framework.
type: array
items:
type: string
sector_identifier_uri:
description: URL using the https scheme to be used in calculating Pseudonymous Identifiers
by the OP. Allows redirect URI values to be grouped, easing registration
management.
type: string
application_type:
description: Client application type.
type: string
organisation_id:
description: Organization identifier for organization that owns the Client.
type: string
SupplementaryInformation:
type: object
description: |
The `SupplementaryInformation` object may have arbitrary custom fields that a Financial Institution may use
AEPaymentIdResponse:
description: |
The payment response to be passed on to the TPP.
The structure of this response is aligned to the structure of the response for the CBUAE payment initiation API.
type: "object"
additionalProperties: false
required:
- "data"
properties:
data:
type: "object"
description: "Required fields are common for all the payments including file payment. Apart from that, paymentTransactionId is required for all payments except file payments"
additionalProperties: false
required:
- "id"
- "status"
- "statusUpdateDateTime"
- "creationDateTime"
- "paymentPurposeCode"
properties:
id:
description: An API specific unique identification as assigned by the LFI to identify the domestic Payment resource.
type: string
consentId:
description: Unique identification assigned by the TPP to identify the consent resource.
type: string
paymentTransactionId:
description: |
This is an end-to-end identifier that is generated by the underlying payment rails when it is sent from an Originating LFI to a Receiving LFI.
For IPP transactions, this is the IPP generated identifier.
This property is not the same as the `transactionId` in the Bank Data Sharing Transactions API.
The `paymentTransactionId` must be populated if the payment is processed by the LFI, and updated at the Consent Manager Payment Log API using the `patch` operation.
type: string
status:
description: |
Specifies the status of the payment information group
* Pending: Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed.
* Rejected: The payment initiation has been rejected
* AcceptedSettlementCompleted: Settlement of the Debtor's account has been completed
* AcceptedCreditSettlementCompleted: When the Creditor account has been credited with the funds of the payment initiated via the TPP
* AcceptedWithoutPosting: When the Recipient Bank has accepted the payment but has not applied the credit to the Creditor account yet.
type: string
enum:
- "Pending"
- "AcceptedSettlementCompleted"
- "AcceptedCreditSettlementCompleted"
- "AcceptedWithoutPosting"
- "Rejected"
- "Received"
statusUpdateDateTime:
description: Date and time at which the resource status was updated.
type: string
format: date-time
creationDateTime:
description: Date and time at which the message was created.
type: string
format: date-time
charges:
$ref: "#/components/schemas/AECharges"
exchangeRate:
$ref: "#/components/schemas/AEExchangeRateInformation"
currencyRequest:
$ref: "#/components/schemas/AECurrencyRequest"
instruction:
$ref: "#/components/schemas/AEPaymentInstruction"
paymentPurposeCode:
$ref: "#/components/schemas/AEPaymentPurposeCode"
debtorReference:
$ref: "#/components/schemas/AEStructuredDebtorReference"
openFinanceBilling:
$ref: "#/components/schemas/AEServiceInitiationOpenFinancePaymentBillingGet"
meta:
$ref: "#/components/schemas/Meta"
AECharges:
description: List of charges associated with the payment request
type: "array"
items:
type: "object"
additionalProperties: false
description: |
Set of elements used to provide details of a charge for the payment initiation.
* For Payments, these Charges are on the Debtor.
required:
- "chargeBearer"
- "type"
- "amount"
properties:
chargeBearer:
$ref: "#/components/schemas/AEChargeBearerType1Code"
type:
$ref: "#/components/schemas/AEExternalPaymentChargeTypeCode"
amount:
$ref: "#/components/schemas/AEActiveCurrencyAmount"
AEChargeBearerType1Code:
description: "Specifies which party/parties will bear the charges associated with the processing of the payment transaction."
type: "string"
enum:
- "BorneByCreditor"
- "BorneByDebtor"
- "Shared"
AEExternalPaymentChargeTypeCode:
description: "Charge type, in a coded form."
type: "string"
enum:
- "VAT"
- "Fees"
AEActiveCurrencyAmount:
description: The Currency and Amount relating to the Payment
type: "object"
required:
- "amount"
- "currency"
properties:
amount:
$ref: "#/components/schemas/AEActiveOrHistoricAmount"
currency:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
AEActiveOrHistoricAmount:
description: "A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."
type: "string"
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
AEActiveOrHistoricCurrencyCode:
description: "A 3 character alphabetic code allocated to a currency under an international currency identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'."
type: "string"
pattern: "^[A-Z]{3,3}$"
example: "AED"
AEExchangeRateInformation:
type: "object"
additionalProperties: false
required:
- "unitCurrency"
- "exchangeRate"
- "rateType"
description: "Further detailed information on the exchange rate that has been used in the payment transaction."
properties:
unitCurrency:
description: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
type: "string"
pattern: "^[A-Z]{3,3}$"
exchangeRate:
description: "The factor used for conversion of an amount from one currency to another. This reflects the price at which one currency was bought with another currency."
type: "number"
rateType:
description: "Specifies the type used to complete the currency exchange."
type: "string"
enum:
- "Actual"
- "Agreed"
- "Indicative"
contractIdentification:
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent."
type: "string"
minLength: 1
maxLength: 256
expirationDateTime:
description: "Specified date and time the exchange rate agreement will expire.All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00"
type: "string"
format: "date-time"
AECurrencyRequest:
description: |
The details of the non-local currency or FX request that has been agreed between the User and the TPP.
The requested ChargeBearer and ExchangeRateInformation are included in this object may be overwritten by the LFI in the returned Consent object.
type: "object"
additionalProperties: false
required:
- "currencyOfTransfer"
properties:
instructionPriority:
description: "Indicator of the urgency or order of importance that the instructing party would like the instructed party to apply to the processing of the instruction."
type: "string"
enum:
- "Normal"
- "Urgent"
extendedPurpose:
description: "Specifies the purpose of an international payment, when there is no corresponding 4 character code available in the ISO20022 list of Purpose Codes."
type: "string"
minLength: 1
maxLength: 140
chargeBearer:
$ref: "#/components/schemas/AEChargeBearerType1Code"
currencyOfTransfer:
description: "Specifies the currency of the to be transferred amount, which is different from the currency of the debtor's account."
type: "string"
pattern: "^[A-Z]{3,3}$"
destinationCountryCode:
description: "Country in which Credit Account is domiciled. Code to identify a country, a dependency, or another area of particular geopolitical interest, on the basis of country names obtained from the United Nations (ISO 3166, Alpha-2 code)."
type: "string"
pattern: "[A-Z]{2,2}"
exchangeRateInformation:
type: "object"
additionalProperties: false
required:
- "unitCurrency"
- "rateType"
description: "Provides details on the currency exchange rate and contract."
properties:
unitCurrency:
description: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
type: "string"
pattern: "^[A-Z]{3,3}$"
exchangeRate:
description: "The factor used for conversion of an amount from one currency to another. This reflects the price at which one currency was bought with another currency."
type: "number"
rateType:
description: "Specifies the type used to complete the currency exchange."
type: "string"
enum:
- "Actual"
- "Agreed"
- "Indicative"
contractIdentification:
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent."
type: "string"
minLength: 1
maxLength: 256
AEPaymentPurposeCode:
description: A category code that relates to the type of services or goods that corresponds to the underlying purpose of the payment. The code must conform to the published AANI payment purpose code list.
type: "string"
minLength: 1
maxLength: 4
pattern: "^[A-Z]{3}$"
AEStructuredDebtorReference:
description: |
A reason or reference in relation to a payment, set to facilitate a structured Debtor reference consisting of:
* For payments to Merchants: TPP ID, Merchant ID, BIC for the Creditor Account, followed by freeform text to a maximum of 120 characters.
* For other payments: TPP ID and BIC for the Creditor Account, followed by freeform text to a maximum of 120 characters.
The TPP ID value will match the organization ID value from the Trust Framework, and therefore will be a v4 UUID.
The Merchant ID wil be as per the existing IPP rules for the Merchant identification, and will incorporate the Trade License number for the Merchant.
A BIC is specific according to the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.
If the value of the concatenated string exceeds 120 characters, the TPP must omit or truncate the freeform element of the reference.
type: "string"
minLength: 1
maxLength: 120
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},(Merchant=[A-Z0-9]{3}-[A-Z]{4}-TL.+-[0-9]{4},|)BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
RefundGetResponse:
description: Response to a request to the Debtor details for a given payment, in order to initiate a refund. Requires the consent of the Debtor to be retrieved, enforced at the API Hub.
type: object
properties:
data:
$ref: "#/components/schemas/RefundGetResponseBody"
meta:
$ref: "#/components/schemas/Meta"
RefundGetResponseBody:
description: Primary data for the response
type: object
required:
- refundAccount
properties:
consentId:
description: |
Unique identification assigned by the TPP to identify the consent resource.
type: "string"
minLength: 1
maxLength: 128
refundAccount:
$ref: "#/components/schemas/AEDebtorAccount"
AEDebtorAccount:
description: "Unambiguous identification of the account of the debtor to which a debit entry will be made."
type: "object"
required:
- "schemeName"
- "identification"
- "name"
properties:
schemeName:
description: "Name of the identification scheme, in a coded form as published in an external list."
type: "string"
enum:
- "IBAN"
- "AccountNumber"
identification:
description: |
Identification for the account assigned by the LFI based on the Account Scheme Name.
This identification is known by the User account owner.
type: "string"
minLength: 1
name:
$ref: "#/components/schemas/AEName"
AEName:
type: "object"
description: |
The Account Holder Name is the name or names of the Account owner(s) represented at the account level
properties:
en:
type: "string"
description: "English value of the string"
maxLength: 70
ar:
type: "string"
description: "Arabic value of the string"
maxLength: 70
additionalProperties: false
# # Common types
#
Meta:
description: Metadata relevant to the resource.
type: object
additionalProperties: false
Error:
description: Default error response payload structure for Ozone Connect
type: object
properties:
errorCode:
type: string
description: Error code identifying the problem that occurred
errorMessage:
type: string
description: Message describing what problem has occurred
parameters:
providerId:
name: o3-provider-id
in: header
schema:
type: string
required: true
description: Identifier for the Financial Institution that the request is targetted to
aspspId:
name: o3-aspsp-id
in: header
schema:
type: string
required: true
deprecated: true
description:
Identifier for the financial institution that the request is targetted to.
This header is deprecated and will be removed in a future version of Ozone Connect. Use `o3-provider-id` instead.
callerOrgId:
name: o3-caller-org-id
in: header
schema:
type: string
required: true
description: An identifier for the organization calling the API
callerClientId:
name: o3-caller-client-id
in: header
schema:
type: string
required: true
description: An identifier for the OIDC clientId calling the API
callerSoftwareStatementId:
name: o3-caller-software-statement-id
in: header
schema:
type: string
required: true
description: An identifier for the software statement calling the API
apiUri:
name: o3-api-uri
in: header
schema:
type: string
required: true
description: The parameterised URL of the API being called by the caller
apiOperation:
name: o3-api-operation
in: header
schema:
type: string
required: true
description: The API operation carried out by the caller (e.g. GET, POST, PUT, DELETE, PATCH)
consentId:
name: o3-consent-id
in: header
schema:
type: string
required: true
description: The consentId for which this call is being made
callerInteractionId:
name: o3-caller-interaction-id
in: header
schema:
type: string
required: true
description: The interaction ID passed in by the caller, if any
ozoneInteractionId:
name: o3-ozone-interaction-id
in: header
schema:
type: string
required: true
description: An interaction ID generated by Ozone if the caller did not send in one. If the callerInteractionId is specified, this takes the same value.
psuIdentifier:
name: o3-psu-identifier
in: header
schema:
type: string
required: true
description: A Base64 encoded representation of the psuIdentifier JSON object.
paymentId:
name: paymentId
description: The identifier for a given payment instruction
in: path
required: true
schema:
type: string
securitySchemes:
OzoneConnectApiKey:
description: Communications between the API Hub and the LFI Ozone Connect implementation are secured using an API Key, which is a secret shared between the API Hub and the LFI.
type: apiKey
in: header
name: Authorization
OzoneConnectClientCredentials:
type: oauth2
description: |
Communications between the API Hub and the LFI Ozone Connect implementation are secured using a Client Credentials grant type.
LFIs must host an OAuth 2.0 Authorization Server to utilise this security pattern. Scope values are set during the onboarding process, and represented by a placeholder in this API description.
flows:
clientCredentials:
tokenUrl: "https://example.lfi.ae/token"
scopes:
placeholder: Placeholder for scopes, which are set by the LFI during onboarding
OzoneConnectJwtAuth:
description: |
Communications between the API Hub and the LFI Ozone Connect implementation are secured using the "JWT Auth" mechanism, where the Client presents a signed JSON Web Token as a credential.
The Server MUST verify the signature in order to authenticate the Client.
Please note that the value of the `scheme` parameter is not a registered HTTP Authentication Scheme, to indicate it is specific to Ozone Connect. Please refer to API Hub documentation for further details.
type: http
scheme: Ozone-Connect-JWT-Auth
OzoneConnectServiceInitiationToken:
description: |
Communications between the API Hub and the LFI Ozone Connect implementation are secured using a Service Initiation Token.
The API Hub will set an Access Token based on a value set by the LFI, which has been patched onto the associated consent. The value will be transmitted in the `Authorization` header, which is represented as a `Bearer` in this Security Scheme Object.
type: http
scheme: Bearer |
...