...
| Awesome api app render macro | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
openapi: 3.0.1
info:
title: Ozone Connect - Consent Event & Action APIs
contact:
name: Ozone Financial Technology Limited
description: |
This document provides the OAS3 specification for APIs that are called by Ozone Connect to inform a financial institution that a consent has been created or modified.
These are also used to carry out actions to verify and augment a consent when it is being created.
These APIs should be implemented by an financial institution.
#### Test Case References
This description contains a number of references in the form `XXX-999-999`. These are references
to test case numbers in the Ozone Connect Test Harness that financial institutions may use to test
their Ozone Connect implementations. Please note that these errors are intended for pre-production
testing by the financial institution and are therefore not mandated for implementation.
#### Changes in Release 2024.46.0
* Changed PeriodicSchedule to mandatory in AEServiceInitiationLongLivedPaymentConsent
* Changed AEServiceInitiationFixedDefinedSchedule and
AEServiceInitiationVariableDefinedSchedule to a maximum of 53 items
* Changed ExpirationDateTime to mandatory for insurance consents
* Changed AEPaymentConsumption to match v1.1 of the standards
* Changed AERisk object to provide details of enhanced risk data encrypted as the
payload of the JWE
* Changed ReadPartyPSU and ReadPartyPSUIdentity to ReadPartyUser and
ReadPartyUserIdentity respectively
* Changed PaymentPurposeCode from 4 to 3 characters to match Aani code format
* Changes as per V1.1
* Updated description of `ExpirationDateTime` and `BaseConsentId`
* Removed `FollowingServiceLevel` enum from `CurrencyRequest.ChargeBearer`
* Removed `IsPayByAccount`, `ExpectedInitiationTimeWindow` and added `IsDelegatedAuthentication`
* Added new periodic Schedule type
* Introduced `oneOf` in `PersonalIdentifiableInformation`
* Removed `oneOf` from `DebtorReference`
* Added `ReadRefundAccount` enum in Service Initiation `Permissions`
* Changed `tpp` property in to provide more information about the
TPP and the Client software statement
#### Changes in Release 2024.43.0
* Added OpenFinanceBilling object to AEAccountAccessConsentBody, AEInsuranceConsentBody, AEPaymentConsentResponse, augmentConsentResponse
* Added authorizationChannel
#### Changes in Version 2024.37.0
* Added `default` response to each operation to aid understanding of error handling requirements.
* Removed `additionalProperties: true` as not required and causes tooling issues
#### Changes in Release 2024.34.1
* CreditCard, PrePaidCard, EMoney, ChargeCard and Other enums have been removed from the AccountSubType.
* In AEAccountAccessConsentBody, Purpose field has been made mandatory and it has been made optional in AEInsuranceConsentBody.
* Amount field has been changed from number type to string.
* Amount, MaximumIndividualPaymentAmount and PeriodicSchedule have been made optional in MultiPayment.
* In PeriodicSchedule, DefinedSchedule, FixedPeriodicSchedule and VariablePeriodicSchedule have been made optional.
* In VariablePeriodicSchedule, MaximumCumulativeValueOfPaymentsPerPeriodType and MaximumCumulativeNumberOfPaymentsPerPeriodType have been made optional.
* In VariablePeriodicSchedule, Type field has been removed.
* In FilePayment, RequestedExecutionDateTime has been changed to RequestedExecutionDate
* In AEServiceInitiationDefinedSchedule, maxItems has been updated to 50
* ConnectToken has been added to cbuaePatchBody
* Refactored Security Scheme Objects to use common definitions across all API Hub APIs
* Implemented the correct Security Requirements for this API description, reflecting security patterns available in API Hub
version: Version 2024.46.0
servers:
- url: https://<your-ozone-connect-server>
tags:
- name: consent-events
description: |
APIs that are called when a consent is created or modified.
- name: consent-actions
description: |
APIs that are called to take actions on a consent
security:
- {}
- OzoneConnectApiKey: []
- OzoneConnectClientCredentials: [
"placeholder"
]
- OzoneConnectJwtAuth: []
paths:
/consent/event/{operation}:
post:
tags:
- consent-events
summary: Called to inform a financial institution that a consent has been created or modified
description: |
Used by financial institution to get a notification for updated consent.
operationId: consentEvent
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
# Path param definitions
- name: operation
in: path
description: specifies whether this is a POST or PATCH operation
required: true
schema:
type: string
enum:
- post
- patch
requestBody:
description: |
Sends an event indicating the created or updated consent to an financial institution.
This consists of the entire consent as stored in the consent Manager.
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/consent"
responses:
"204":
description: |
Indicates the successful notification response.
The response does not have a body
"400":
description: |
Indicates that the financial institution could not process the event.
Ozone will ignore these errors.
The notification *will not* be retried.
The change to the consent *will not* be rolled back.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/consent/action/augment:
post:
tags:
- consent-actions
summary: Account action augmentation
description: |
The API is called by Ozone to allow a Financial Institution to augment additional information that may apply to the account consent
The request body contains the entire consent record as stored in the Consent Manager.
operationId: augmentAccountConsent
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/consent"
responses:
"200":
description: |
Indicates a successful operation
The response consists of fields that must be augmented into the consent.
These fields will be different for each consent type.
content:
application/json:
schema:
$ref: "#/components/schemas/augmentConsentResponse"
"400":
description: failed operation
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
/consent/action/validate:
post:
tags:
- consent-actions
summary: Provides an opportunity for a financial institution to validate a consent before it is created
description: |
The API is called by Ozone to allow a financial institution to carry out additional validations before a consent is created.
The request body contains the entire consent along with contextual information.
Typically this could be used for situations like:
- soft validation of the debtor account (e.g. to ensure that it is a debtor account managed by the financial institution)
- populating charges and exchange rate information
Note that a financial institution only need to implement this API where it needs to correlate information in the consent payload
with data held in its systems. If this is not the case, "local" validations can be configured in Ozone that do not require a remote call.
The financial institution must return a response that includes a status. If the status is set to `valid`, the consent is saved and processing continues.
If the status is set to `invalid` the processing fails and an error response is sent to the TPP.
operationId: validateConsent
parameters:
# common header parameters that set context
- $ref: "#/components/parameters/providerId"
- $ref: "#/components/parameters/aspspId"
- $ref: "#/components/parameters/callerOrgId"
- $ref: "#/components/parameters/callerClientId"
- $ref: "#/components/parameters/callerSoftwareStatementId"
- $ref: "#/components/parameters/apiUri"
- $ref: "#/components/parameters/apiOperation"
- $ref: "#/components/parameters/consentId"
- $ref: "#/components/parameters/callerInteractionId"
- $ref: "#/components/parameters/ozoneInteractionId"
- $ref: "#/components/parameters/psuIdentifier"
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/consent"
responses:
'200':
description: successful operation
content:
application/json:
schema:
$ref: "#/components/schemas/consentValidateResponse"
'400':
description: failed operation
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
default:
$ref: "#/components/responses/Error"
components:
responses:
Error:
description: Default error response
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
schemas:
augmentConsentResponse:
description: |
Fields to be added to the consent
type: object
properties:
Charges:
$ref: "#/components/schemas/AECharges"
ExchangeRate:
$ref: "#/components/schemas/AEExchangeRateInformation"
OpenFinanceBilling:
$ref: "#/components/schemas/AEOpenFinanceBilling"
AEOpenFinanceBilling:
type: object
properties:
IsLargeCorporate:
type: "boolean"
description: Customer has more than 100 million AED turnover
description: Billing parameters specified by the LFI
additionalProperties: false
AECharges:
type: "array"
items:
type: "object"
additionalProperties: false
description: |
Set of elements used to provide details of a charge for the payment initiation.
* For Payments, these Charges are on the Debtor.
required:
- "ChargeBearer"
- "Type"
- "Amount"
properties:
ChargeBearer:
$ref: "#/components/schemas/AEChargeBearerType1Code"
Type:
$ref: "#/components/schemas/AEExternalPaymentChargeTypeCode"
Amount:
$ref: "#/components/schemas/AEActiveCurrencyAmount"
AEChargeBearerType1Code:
description: "Specifies which party/parties will bear the charges associated with the processing of the payment transaction."
type: "string"
enum:
- "BorneByCreditor"
- "BorneByDebtor"
- "Shared"
AEExternalPaymentChargeTypeCode:
description: "Charge type, in a coded form."
type: "string"
enum:
- "VAT"
- "Fees"
AEActiveCurrencyAmount:
description: |
The Currency and Amount relating to the Payment
type: "object"
required:
- "Amount"
- "Currency"
properties:
Amount:
$ref: "#/components/schemas/AEActiveOrHistoricAmount"
Currency:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
AEActiveOrHistoricAmount:
description: "A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."
type: "string"
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
AEActiveOrHistoricCurrencyCode:
description: "A 3 character alphabetic code allocated to a currency under an international currency identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'."
type: "string"
pattern: "^[A-Z]{3,3}$"
example: "AED"
AEExchangeRateInformation:
type: "object"
additionalProperties: false
required:
- "UnitCurrency"
- "ExchangeRate"
- "RateType"
description: "Further detailed information on the exchange rate that has been used in the payment transaction."
properties:
UnitCurrency:
description: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
type: "string"
pattern: "^[A-Z]{3,3}$"
ExchangeRate:
description: "The factor used for conversion of an amount from one currency to another. This reflects the price at which one currency was bought with another currency."
type: "number"
RateType:
description: "Specifies the type used to complete the currency exchange."
type: "string"
enum:
- "Actual"
- "Agreed"
- "Indicative"
ContractIdentification:
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent."
type: "string"
minLength: 1
maxLength: 256
ExpirationDateTime:
description: "Specified date and time the exchange rate agreement will expire.All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00"
type: "string"
format: "date-time"
consent:
description: |
A consent in its current state.
If the consent has been authorised, then it can be expected that the financial institution would have patched in `accountIds` and `psuIdentifier` fields.
Additionally, the financial institution may also patch in an arbitrary set of fields along with consent in the `supplementaryInformation` field.
allOf:
- $ref: "#/components/schemas/newConsent"
- $ref: "#/components/schemas/patchedConsent"
newConsent:
type: object
properties:
id:
type: string
description: |
A unique identifier for the consent in uuid-v4 format.
consentGroupId:
type: string
description: |
A unique identifier for the consent group in uuid-v4 format.
The consent group id is used to group together consents that are related to each other.
requestUrl:
type: string
format: url
description: |
The request url of Http request that was received by Ozone from the TPP
consentType:
type: string
description: |
The type of the consent that is being created.
Each financial institution's instance may support a different set of consent types
The Consent Manager supports the creation of consents of different consent types depending on the standards supported.
- cbuae-account-access-consents
- cbuae-service-initiation-consents
- cbuae-insurance-consents
status:
$ref: "#/components/schemas/AEConsentStatus"
request:
$ref: "#/components/schemas/AuthorizationDetails"
requestHeaders:
type: object
description: |
The entire set of Http request headers that was received by Ozone from the TPP
consentBody:
$ref: "#/components/schemas/cbuaeConsentBody"
authorizationChannel:
type: string
enum:
- App
- Web
interactionId:
type: string
description: |
The heimdall interaction id that this consent is associated with.
tpp:
$ref: "#/components/schemas/tpp"
ozoneSupplementaryInformation:
type: object
updatedAt:
type: number
required:
- id
- consentType
- request
- requestHeaders
- tpp
patchedConsent:
type: object
properties:
psuIdentifiers:
$ref: "#/components/schemas/psuIdentifiers"
accountIds:
type: array
items:
type: string
minItems: 1
description: |-
An array of account ids associated with the consent. The array must be populated once consent has been authorised.
For payment consents, the array must always have one element - the debtor account from which the payment will be made
For CBPII consents, the array must always have one element - the account for which CoF requests will be answered
For AIS requests, the array may contain multiple values, representing each of the payment accounts for which an AIS service will be provided.
supplementaryInformation:
description:
Contains additional information at the discretion of the financial institution.
type: object
interactionId:
type: string
description: The heimdall interaction id that this consent is associated with. This is updated by heimdall and must not be set by financial institutions.
paymentContext:
type: object
ConnectToken:
type: string
description: A bearer token that will be sent as the `Authorization` header for calls to Ozone Connect made under this consent.
tpp:
description: The TPP record as held by Ozone. If Ozone TPP Connect has been integrated into a
directory, the `directoryRecord` provides the TPP's directory record as held by Ozone in
base 64 encoded format.
type: object
required:
- clientId
- orgId
- softwareStatementId
- tppId
- tppName
- decodedSsa
properties:
clientId:
description: The client identifier for the TPP as issued by the Trust Framework
type: string
pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$'
tppId:
description: The identifier used by the API Hub to uniquely identify the TPP
type: string
tppName:
description: The TPP name recorded in the Trust Framework
type: string
obieTppId:
description: The UK market TPP identifier. This property is not used for CBUAE and is therefore
marked as deprecated.
type: string
deprecated: true
softwareStatementId:
description: The software statement identifier for the Client.
type: string
obieSoftwareStatementId:
description: The UK market software statement identifier. This property is not used for CBUAE
and is therefore marked as deprecated.
type: string
deprecated: true
obieSoftwareStatementName:
description: The UK market software statement name. This property is not used for CBUAE and
is therefore marked as deprecated.
type: string
deprecated: true
directoryRecord:
type: string
description: The latest copy of the TPP directory record retrieve from the CBUAE Trust Framework
directory, encoded as a Base 64 string
format: base64
ssa:
description: The encoded Software Statement Assertion. This property is not used for CBUAE and is
therefore marked as deprecated.
type: string
deprecated: true
decodedSsa:
$ref: "#/components/schemas/softwareStatementProperties"
orgId:
description: The organization identifier for the TPP
type: string
pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$'
softwareStatementProperties:
description: |
The decoded software statement retrieved from the Trust Framework that provides
the properties of the Client.
Please note:
- The JSON payload will contain other properties in addition to those listed
here. The properties listed here are considered most relevant for activities
such as TPP logo retrieval and JWS verification.
- The content reflects elements of discovery metadata, which in generally
defined as a file rather than an API. Providing constraints such as
`minLength` and `maxLength` is impractical in this context
The full software statement record is also available in the Trust Framework.
Please also refer the Registration Framework page in the CBUAE standards for
additional guidance on these properties.
type: object
properties:
redirect_uris:
description: The redirect URIs registered by the TPP at the Trust Framework
type: array
items:
type: string
client_name:
description: Name of the Client to be presented to the End-User.
type: string
client_uri:
description: URL of the home page of the Client.
type: string
logo_uri:
description: URL of the Client logo.
type: string
jwks_uri:
description: URL of the Client JSON Web Key Set (JWKS) at the Trust Framework.
type: string
client_id:
description: Unique Client Identifier.
type: string
roles:
description: The roles under which the organization is registered at the Trust Framework.
type: array
items:
type: string
sector_identifier_uri:
description: URL using the https scheme to be used in calculating Pseudonymous Identifiers
by the OP. Allows redirect URI values to be grouped, easing registration
management.
type: string
application_type:
description: Client application type.
type: string
organisation_id:
description: Organization identifier for organization that owns the Client.
type: string
cbuaeConsentBody:
type: object
description: |
An object representing the current state of the consent.
This includes the entire request, augmented by additional computed properties
(e.g. ids, charges etc)
oneOf:
- $ref: "#/components/schemas/AEAccountAccessConsentBody"
- $ref: "#/components/schemas/AEInsuranceConsentBody"
- $ref: "#/components/schemas/AEPaymentConsentResponse"
AuthorizationDetails:
description: |
The request body for creating a new consent.
The body consists of the RAR request that is sent by the TPP to the authorization server.
oneOf:
- $ref: "#/components/schemas/DataSharingAuthorizationDetails"
- $ref: "#/components/schemas/InsuranceAuthorizationDetails"
- $ref: "#/components/schemas/ServiceInitiationAuthorizationDetails"
DataSharingAuthorizationDetails:
type: object
properties:
type:
description: The Rich Authorization Request (RAR) type
type: string
enum:
- urn:openfinanceuae:account-access-consent:v1.1
consent:
$ref: "#/components/schemas/AuthorizationDetailsDataSharingConsent"
subscription:
$ref: '#/components/schemas/EventNotification'
InsuranceAuthorizationDetails:
type: object
properties:
type:
description: The Rich Authorization Request (RAR) type
type: string
enum:
- urn:openfinanceuae:insurance-consent:v1.1
consent:
$ref: "#/components/schemas/AuthorizationDetailsInsuranceConsent"
subscription:
$ref: '#/components/schemas/EventNotification'
ServiceInitiationAuthorizationDetails:
type: object
properties:
type:
description: The Rich Authorization Request (RAR) type
type: string
enum:
- urn:openfinanceuae:service-initiation-consent:v1.1
consent:
$ref: "#/components/schemas/AEServiceInitiationAuthorizationDetailProperties"
subscription:
$ref: '#/components/schemas/EventNotification'
AEAccountAccessOpenFinanceBillingPost:
type: object
required:
- UserType
- Purpose
properties:
UserType:
description: Type of Customer
type: string
enum:
- Retail
- SME
- Corporate
Purpose:
description: Purpose of data sharing request
type: string
enum:
- AccountAggregation
- RiskAssessment
- TaxFiling
- Onboarding
- Verification
- QuoteComparison
- BudgetingAnalysis
- FinancialAdvice
- AuditReconciliation
description: Billing parameters specified by the TPP
additionalProperties: false
AEServiceInitiationAuthorizationDetailProperties:
type: object
required:
- ConsentId
- PersonalIdentifiableInformation
- ControlParameters
- PaymentPurposeCode
- ExpirationDateTime
properties:
ConsentId:
$ref: '#/components/schemas/AEConsentId'
BaseConsentId:
$ref: '#/components/schemas/AEBaseConsentId'
IsSingleAuthorization:
$ref: '#/components/schemas/IsSingleAuthorization'
AuthorizationExpirationDateTime:
type: string
format: date-time
description: |2-
A time by which a Consent (in AwaitingAuthorization status) must be Authorized by the User.
The time window starts from the actual CreationDateTime (when the Consent is staged with the LFI).
If the current time window exceeds the Authorization Expiration Time Window (and the Consent status is AwaitingAuthorization) then the Consent Status must be set to Rejected.
The time window is based on a custom time format hhh:mm:ss. e.g. 720:00:00 represents a time window of 720 hours, 00 minutes, 00 seconds (30 days) after the CreationDateTime to Authorize the Consent.
ExpirationDateTime:
allOf:
- $ref: '#/components/schemas/ARConsentExpirationDateTime'
description: |2-
Specified date and time the consent will expire.
All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is :2023-04-05T10:43:07+00:00
Permissions:
type: array
items:
$ref: '#/components/schemas/AEServiceInitiationConsentPermissionCodes'
description: |2-
Specifies the permitted Account Access data types.
This is a list of the data groups being consented by the User, and requested for authorization with the LFI.
This allows a TPP to request a balance check permission.
CurrencyRequest:
$ref: '#/components/schemas/AECurrencyRequest'
PersonalIdentifiableInformation:
description: Personal Identifiable Information, represented in both encoded and decoded form
using a `oneOf`, to help implementers readily understand both the structure and
serialized form of the property.
**Implementations MUST reflect the AEJWEPaymentPII Schema Object**
**structure and the notes provided on implementing a JWS and JWE**
**The decoded form AEPaymentPII is for guidance on content only**
oneOf:
- $ref: "#/components/schemas/AEJWEPaymentPII"
- $ref: "#/components/schemas/AEPaymentPII"
ControlParameters:
$ref: '#/components/schemas/AEServiceInitiationConsentControlParameters'
DebtorReference:
$ref: '#/components/schemas/AEServiceInitiationStructuredDebtorReference'
CreditorReference:
$ref: '#/components/schemas/AEServiceInitiationStructuredCreditorReference'
PaymentPurposeCode:
$ref: '#/components/schemas/AEServiceInitiationPaymentPurposeCode'
SponsoredTPPInformation:
$ref: '#/components/schemas/AEServiceInitiationSponsoredTPPInformation'
additionalProperties: false
ARConsentExpirationDateTime:
type: string
format: date-time
AEServiceInitiationSponsoredTPPInformation:
type: object
required:
- Name
- Identification
properties:
Name:
type: string
minLength: 1
maxLength: 50
description: The Sponsored TPP Name
Identification:
type: string
minLength: 1
maxLength: 50
description: The Sponsored TPP Identification
description: |2-
The Sponsored TPP is:
* A TPP that itself has no direct Open Banking API integrations.
* A TPP that is using the integration of another TPP that does have direct Open Banking API integrations.
additionalProperties: false
AEServiceInitiationPaymentPurposeCode:
type: string
minLength: 1
maxLength: 43
pattern: ^[A-Z]{43}$
description: |2-
A Category code, related to the type of services or goods that corresponds to the underlying purpose of the Payment.
* The ISO20022 External code sets
AEServiceInitiationStructuredCreditorReference:
description: |
A reason or reference in relation to a payment, set to facilitate a structured Creditor reference consisting of:
* TPP ID and BIC for the Debtor Account, followed by freeform text to a maximum of 120 characters.
The TPP ID value will match the organization ID value from the Trust Framework, and therefore will be a v4 UUID.
A BIC is specific according to the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.
If the value of the concatenated string exceeds 120 characters, the TPP must first omit or truncate the freeform element of the reference.
type: "string"
minLength: 1
maxLength: 120
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
AEServiceInitiationConsentControlParameters:
type: object
properties:
IsDelegatedAuthentication:
type: boolean
description: AIndicates flagwhether tothe denoteall ifpayment thecontrols Paymentwill isbe andefined E-Commerceand transactionmanaged by the
TPP under the Payment with Delegated Authentication capability
ConsentSchedule:
$ref: '#/components/schemas/AEServiceInitiationConsentSchedule'
description: Control Parameters set the overall rules for the Payment Schedule
additionalProperties: false
AEServiceInitiationConsentSchedule:
type: object
properties:
SinglePayment:
$ref: '#/components/schemas/AEServiceInitiationSinglePayment'
MultiPayment:
$ref: '#/components/schemas/AEServiceInitiationLongLivedPaymentConsent'
FilePayment:
$ref: '#/components/schemas/AEServiceInitiationFilePaymentConsent'
description: |2-
The various payment types that can be initiated:
* A Single Payment
* A Multi-Payment
* A Combined Payment (one SinglePayment and one MultiPayment)
additionalProperties: false
AEServiceInitiationFilePaymentConsent:
type: object
required:
- FileType
- FileHash
- NumberOfTransactions
- ControlSum
properties:
FileType:
type: string
minLength: 1
maxLength: 40
description: Specifies the payment file type
FileHash:
type: string
minLength: 1
maxLength: 44
description: A base64 encoding of a SHA256 hash of the file to be uploaded.
FileReference:
$ref: '#/components/schemas/AEServiceInitiationReference'
NumberOfTransactions:
type: integer
description: >-
Number of individual transactions contained in the payment
information group.
ControlSum:
type: string
pattern: ^\d{1,16}\.\d{2}$
description: >-
Total of all individual amounts included in the group, irrespective
of currencies.
RequestedExecutionDate:
$ref: '#/components/schemas/AERequestedExecutionDate'
description: A Consent definition for defining Bulk/Batch Payments
additionalProperties: false
AEServiceInitiationReference:
type: string
minLength: 1
maxLength: 120
description: A reason or reference in relation to a payment.
AEServiceInitiationLongLivedPaymentConsent:
type: object
required:
- PeriodicSchedule
properties:
MaximumCumulativeValueOfPayments:
allOf:
- $ref: '#/components/schemas/AEAmountAndCurrency'
description: |2-
The maximum cumulative value of all successful payment rails executions under the Consent.
Each successful payment rails execution amount (related to the Consent) is added to the total cumulative value of the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
MaximumCumulativeNumberOfPayments:
type: integer
description: |2-
The maximum cumulative number of all successful payment rails executions under the Consent.
Each successful payment rails execution (related to the Consent) is added to the total cumulative number of payments for the Consent which cannot exceed the maximum value agreed with the User at the point of consent.
PeriodicSchedule:
$ref: >-
#/components/schemas/AEServiceInitiationLongLivedPaymentConsentPeriodicSchedule
description: A Consent definition for defining Multi Payments
additionalProperties: false
AEServiceInitiationLongLivedPaymentConsentPeriodicSchedule:
oneOf:
- $ref: '#/components/schemas/AEServiceInitiationFixedDefinedSchedule'
- $ref: '#/components/schemas/AEServiceInitiationVariableDefinedSchedule'
- $ref: '#/components/schemas/AEServiceInitiationFixedPeriodicSchedule'
- $ref: '#/components/schemas/AEServiceInitiationVariablePeriodicSchedule'
- $ref: '#/components/schemas/AEServiceInitiationFixedOnDemand'
- $ref: '#/components/schemas/AEServiceInitiationVariableOnDemand'
discriminator:
propertyName: Type
description: The definition for a schedule
additionalProperties: false
AEServiceInitiationVariablePeriodicSchedule:
type: object
required:
- Type
- PeriodType
- PeriodStartDate
- MaximumIndividualAmount
properties:
Type:
type: string
enum:
- VariablePeriodicSchedule
PeriodType:
$ref: '#/components/schemas/AEPeriodType'
PeriodStartDate:
$ref: '#/components/schemas/AEPeriodStartDate'
MaximumIndividualAmount:
allOf:
- $ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
This is the Maximum amount a variable payment can take per period.
description: >-
Payment Controls that apply to all payment instructions in a given
period under this payment consent.
The payments for this consent must be executed only on the PeriodStartDate, and
dates recurring based on the PeriodType.
additionalProperties: false
AEServiceInitiationFixedDefinedSchedule:
type: object
required:
- Type
- Schedule
properties:
Type:
type: string
enum:
- FixedDefinedSchedule
description: The Periodic Schedule Type
Schedule:
type: array
items:
$ref: '#/components/schemas/AEServiceInitiationFixedSchedule'
minItems: 1
maxItems: 53
description: >-
Payment Schedule denoting a list of pre-defined future dated payments
all with fixed amounts and dates.
additionalProperties: false
AEServiceInitiationVariableDefinedSchedule:
type: object
required:
- Type
- Schedule
properties:
Type:
type: string
enum:
- VariableDefinedSchedule
description: The Periodic Schedule Type
Schedule:
type: array
items:
$ref: '#/components/schemas/AEServiceInitiationVariableSchedule'
minItems: 1
maxItems: 53
description: >-
Payment Schedule denoting a list of pre-defined future dated payments
all with variable amounts and dates.
additionalProperties: false
AEServiceInitiationFixedPeriodicSchedule:
type: object
required:
- Type
- PeriodType
- PeriodStartDate
- Amount
properties:
Type:
type: string
enum:
- FixedPeriodicSchedule
PeriodType:
$ref: '#/components/schemas/AEPeriodType'
PeriodStartDate:
$ref: '#/components/schemas/AEPeriodStartDate'
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
Payment Controls that apply to all payment instructions in a given
period under this payment consent.
The payments for this consent must be executed only on the PeriodStartDate, and
dates recurring based on the PeriodType.
additionalProperties: false
AEServiceInitiationFixedOnDemand:
type: object
required:
- Type
- PeriodType
- PeriodStartDate
- Amount
- Controls
properties:
Type:
type: string
enum:
- FixedOnDemand
PeriodType:
$ref: '#/components/schemas/AEPeriodType'
PeriodStartDate:
$ref: '#/components/schemas/AEPeriodStartDate'
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
Controls:
type: "object"
minProperties: 1
additionalProperties: false
properties:
MaximumCumulativeValueOfPaymentsPerPeriod:
allOf:
- $ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
The maximum cumulative payment value of all payment initiations per
Period Type.
MaximumCumulativeNumberOfPaymentsPerPeriod:
type: integer
description: The maximum frequency of payment initiations per Period Type.
description: >-
Payment Controls that apply to all payment instructions in a given
period under this payment consent.
The payments for this consent may be executed on any date, as long as they are within the Controls for a PeriodType
additionalProperties: false
AEServiceInitiationVariableOnDemand:
type: object
required:
- Type
- PeriodType
- PeriodStartDate
- Controls
properties:
Type:
type: string
enum:
- VariableOnDemand
PeriodType:
$ref: '#/components/schemas/AEPeriodType'
PeriodStartDate:
$ref: '#/components/schemas/AEPeriodStartDate'
Controls:
type: "object"
minProperties: 1
additionalProperties: false
properties:
MaximumIndividualAmount:
allOf:
- $ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
This is the Maximum amount a variable payment can take per period.
MaximumCumulativeValueOfPaymentsPerPeriod:
allOf:
- $ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
The maximum cumulative payment value of all payment initiations per
Period Type.
MaximumCumulativeNumberOfPaymentsPerPeriod:
type: integer
description: The maximum frequency of payment initiations per Period Type.
description: >-
Payment Controls that apply to all payment instructions in a given
period under this payment consent.
The payments for this consent may be executed on any date, as long as they are within the Controls for a PeriodType
additionalProperties: false
AEServiceInitiationFixedSchedule:
type: object
required:
- PaymentExecutionDate
- Amount
properties:
PaymentExecutionDate:
type: string
format: date
description: |2-
Used to specify the expected payment execution date/time.
All dates in the JSON payloads are represented in ISO 8601 date format.
An example is: 2023-04-05
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
additionalProperties: false
AEServiceInitiationVariableSchedule:
type: object
required:
- PaymentExecutionDate
- MaximumIndividualAmount
properties:
PaymentExecutionDate:
type: string
format: date
description: >-
Used to specify the expected payment execution date/time.
All dates in the JSON payloads are represented in ISO 8601 date format.
An example is: 2023-04-05
MaximumIndividualAmount:
allOf:
- $ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
This is the Maximum amount a variable payment can take per period.
additionalProperties: false
AEServiceInitiationSinglePayment:
anyOf:
- $ref: '#/components/schemas/AEServiceInitiationSingleInstantPayment'
- $ref: '#/components/schemas/AEServiceInitiationFutureDatedPayment'
discriminator:
propertyName: Type
mapping:
SingleInstantPayment: '#/components/schemas/AEServiceInitiationSingleInstantPayment'
SingleFutureDatedPayment: '#/components/schemas/AEServiceInitiationFutureDatedPayment'
description: A Consent definition for defining Single Payments
AEServiceInitiationFutureDatedPayment:
type: object
required:
- Type
- Amount
- RequestedExecutionDate
properties:
Type:
type: string
enum:
- SingleFutureDatedPayment
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
RequestedExecutionDate:
$ref: '#/components/schemas/AERequestedExecutionDate'
description: >-A single A long-lived payment consent that MUST be used for a single payment which will executed by the LFI
on a future date. This payment consent will be authorized by the User during the
payment journey, but the payment the payment journey, and the payment will be initiatedexecuted by the TPP in the futureimmediately.
additionalProperties: false
AEServiceInitiationSingleInstantPayment:
type: object
required:
- Type
- Amount
properties:
Type:
type: string
enum:
- SingleInstantPayment
description: The Payment Type
Amount:
$ref: '#/components/schemas/AEAmountAndCurrency'
description: >-
A single immediate payment consent that MUST be used for a single
payment which will be initiated immediately after User authorization at
the LFI.
additionalProperties: false
AEAmountAndCurrency:
type: object
required:
- Currency
- Amount
properties:
Currency:
$ref: '#/components/schemas/CurrencyCode'
Amount:
$ref: '#/components/schemas/Amount'
description: >-
The Currency and Amount relating to the Payment
additionalProperties: false
Amount:
type: string
pattern: ^\\d{1,16}\\.\\d{2}$
CurrencyCode:
type: string
pattern: ^[A-Z]{3}$
IsSingleAuthorization:
description: |
Specifies to the LFI that the consent authorization must be completed in a single authorization Step
with the LFI
type: "boolean"
AEServiceInitiationConsentPermissionCodes:
type: string
enum:
- ReadAccountsBasic
- ReadAccountsDetail
- ReadBalances
- ReadRefundAccount
AEJWEPaymentPII:
type: string
description: |
A JSON Web Encryption (JWE) object, which encapsulates a JWS. The value is a
compact serialization of a JWE, which is a string consisting of five
base64url-encoded parts joined by dots. It encapsulates encrypted content
using JSON data structures.
The decrypted JWS content has the structure of the AEPaymentPII schema.
example: "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ...."
AEPaymentPII:
type: "object"
additionalProperties: false
description: "Elements of Personal Identifiable Information data"
properties:
Initiation:
type: "object"
additionalProperties: false
description: "The Initiation payload is sent by the initiating party to the LFI. It is used to request movement of funds from the debtor account to a creditor."
properties:
CreditorAgentDebtorAccount:
$reftype: "#/components/schemas/AECreditorAgentobject"
Creditor: additionalProperties: false
type: "object" required:
additionalProperties: false - "SchemeName"
description: "Party to which an amount of money is due.- "Identification"
propertiesdescription: "Unambiguous identification of the account of the debtor to which a debit entry will be made Name:as a result of the transaction."
descriptionproperties:
| SchemeName:
Name by which a party is known and which is usually used to identify that party.
description: "Name of the identification scheme, in a coded form as published in an external list."
This may be used to identify the Creditor for international payments.type: "string"
typeenum:
"string" minLength: 1 - "IBAN"
maxLengthIdentification:
140 PostalAddressdescription: |
$ref: "#/components/schemas/AEAddress" Identification for the account assigned by the LFI based on the Account CreditorAccount:Scheme Name.
$ref: "#/components/schemas/AECreditorAccount" This identification is known by the ConfirmationOfPayeeResponse:
User account owner.
$ref: "#/components/schemas/AEConfirmationOfPayeeResponse" type: "string"
Risk: $ref: "#/components/schemas/AERisk" minLength: 1
AEDebtorIndicators: type: "object" descriptionName:
| Debtor (User) Indicators propertiestype: "object"
UserName: typedescription: |
"object" description: "The Name of the User initiating the Payment" The Account Holder Name is the name or names of properties:the Account owner(s) represented at the account level
en: properties:
type: "string" description: "English valueen:
of the string" ar: type: "string"
type: "string" description: "ArabicEnglish value of the string"
GeoLocation: typemaxLength: "object"70
description: "GPS to identify and track the whereabouts of the connectedar:
electronic device." required: type: "string"
- "latitude" - "longitude" description: "Arabic value of properties:the string"
latitude: maxLength: 70
type: "string" descriptionadditionalProperties: "latitude"false
longitudeCreditor:
typedescription: "string" |
(Array) description: "longitude"
DeviceId:Identification elements for a Creditor associated with the consent
type: "stringarray"
description: "IMEISV number of the connected electronic device"minItems: 1
DeviceOperatingSystem: items:
type: "string" description$ref: "Device operating system#/components/schemas/AECreditor"
DeviceOperatingSystemVersionRisk:
type$ref: "string"#/components/schemas/AERisk"
AECreditor:
descriptionadditionalProperties: "Devicefalse
operating system version" type: object
UserOnboardingDateTime: description: Identification elements for a Creditor.
type: "string" properties:
formatCreditorAgent:
"date-time"
description: |
"The exact date and time when the User account was activatedRefers withto the TPP."Financial Institution.
AuthenticationChanneltype: "object"
description required:
Channel on which the User was authenticated - "SchemeName"
type: string - "Identification"
enum: properties:
- App SchemeName:
- Web AERisktype: "string"
additionalProperties: false description: |
The Risk section is sentRefers byto the TPP toIdentification scheme for uniquely identifying the LFIAgent.
It is used to specify additional details for risk/fraud scoring regarding Payments.
type: "object" properties: * DebtorIndicatorsBICFI: The BIC/SWIFT Code
$ref: "#/components/schemas/AEDebtorIndicators" * DestinationDeliveryAddressOther: The ID; A Country Code followed by a Bank Code type: "object"
description: |
(4 character code). The full list of LFI names and 6 digits IDs are as follows:
Destination Delivery Address enum:
properties: - "BICFI"
RecipientType: type:- "stringOther"
descriptionIdentification:
"The recipient of the goods whether an individual or a corporation." description: |
enum: The Agent is the Country Code followed by a Bank - "IndividualCode"
-type: "Corporatestring"
RecipientNameName:
typedescription: "object"Name by which an agent is known and which is usually used to identify that description: agent."The
name of the recipient of the goods, whether an individual or a corporation. type: "string"
propertiesminLength: 1
enmaxLength: 140
PostalAddress:
type: "string" $ref: "#/components/schemas/AEAddress"
descriptionCreditor:
"English value of the string" type: "object"
aradditionalProperties: false
description: "Party to which an amount of money type:is "string"due."
properties:
descriptionName:
"Arabic value of the string" description: |
NationalAddress: Name $ref: "#/components/schemas/AEAddress"
TransactionIndicators:
by which a party is known and which is usually used to identify that party.
$ref: "#/components/schemas/AETransactionIndicators" CreditorIndicators:This may be used to identify the Creditor for international payments.
$ref: "#/components/schemas/AECreditorIndicators" AETransactionIndicators: type: "objectstring"
description: | minLength: 1
Transaction Indicators properties: maxLength: 140
IsCustomerPresent: descriptionPostalAddress:
"This field differentiates between automatic and manual payment initiation." description: |
type: boolean IsContractPresent: (Array) Address information that locates and identifes a description: "Indicates if the Creditor has a contractual relationship with the TPPspecific address, as defined by a national or international postal service."
type: boolean type: "array"
ChannelminItems: 1
description items:
"Where the payment has been initiated from." type: "stringobject"
enum: required:
- "WebAddressType"
- "Mobile" AECreditorIndicators:- "Country"
type: "object" descriptionproperties:
| Creditor Indicators propertiesAddressType:
AccountType: $ref: "#/components/schemas/AEExternalAccountTypeCodeAEAddressTypeCode"
IsCreditorPrePopulated: $refShortAddress:
"#/components/schemas/AEIsCreditorPrePopulated" TradingName: $ref: "#/components/schemas/AETradingNameAEShortAddress"
IsVerifiedByTPP: $refUnitNumber:
"#/components/schemas/AEIsVerifiedbyTPP" AdditionalAccountHolderIdentifiers: $ref: "#/components/schemas/AEAdditionalAccountHolderIdentifiersAEUnitNumber"
MerchantDetails: FloorNumber:
type: "object" description: | $ref: "#/components/schemas/AEFloorNumber"
Details of the Merchant involved in the transaction. BuildingNumber:
Merchant Details are specified only for those merchant categories that are generally expected to originate retail financial transactions$ref: "#/components/schemas/AEBuildingNumber"
properties: StreetName:
MerchantId: description$ref: "MerchantId#/components/schemas/AEStreetName"
type: "string" SecondaryNumber:
minLength: 8 $ref: "#/components/schemas/AESecondaryNumber"
maxLength: 20 MerchantNameDistrict:
description: "Name by which the merchant is known."$ref: "#/components/schemas/AEDistrict"
type: "string" PostalCode:
minLength: 1 $ref: "#/components/schemas/AEPostalCode"
maxLength: 350 POBox:
MerchantSICCode: description: | $ref: "#/components/schemas/AEPOBox"
SIC code stands for standard industrial classificationZipCode:
(SIC) code. This four digit-number identifies a very specific short descriptor of the type of business a company is engaged in.$ref: "#/components/schemas/AEZipCode"
City:
SIC can be obtained from the Chamber of Commerce.
$ref: "#/components/schemas/AECity"
type: "string" Region:
minLength: 3 $ref: "#/components/schemas/AERegion"
maxLength: 4 MerchantCategoryCodeCountry:
description: > $ref: "#/components/schemas/AECountryCode"
Category code values are used to enableadditionalProperties: thefalse
classification of CreditorAccount:
merchants intodescription: specific"Unambiguous categoriesidentification based onof the typeaccount of business,the creditor to which a credit entry will be posted."
trade or services supplied.
type: "object"
additionalProperties: false
Category code conforms to ISO 18245, relatedrequired:
to the type of services - "SchemeName"
or goods the merchant provides for the transaction.- "Identification"
type: string- "Name"
minLengthproperties:
3 SchemeName:
maxLength: 4 additionalProperties$ref: false"#/components/schemas/AECreditorExternalAccountIdentificationCode"
IsCreditorConfirmed: Identification:
description: Creditor account details have been confirmed successfully using Confirmation of Payee$ref: "#/components/schemas/AEIdentification"
typeName: boolean
ConfirmationOfPayeeResponse: $ref: "#/components/schemas/AEConfirmationOfPayeeResponseAEName"
AEIsCreditorPrePopulated: descriptionTradingName:
"Is Creditor populated" type: "boolean" AEIsVerifiedbyTPP:
description: "The TPP has onboarded the Creditor"$ref: "#/components/schemas/AETradingName"
type: "boolean"
ConfirmationOfPayeeResponse:
AEAdditionalAccountHolderIdentifiers: type$ref: "array#/components/schemas/AEConfirmationOfPayeeResponse"
itemsAERisk:
typeadditionalProperties: "object"
false
description: "Provides|
the details to identify an account." The Risk section is sent by required:the TPP to the LFI. It is used to specify additional -details "SchemeName"
for risk/fraud scoring regarding Payments.
-type: "Identificationobject"
properties:
SchemeNameDebtorIndicators:
$ref: "#/components/schemas/AERiskExternalAccountIdentificationCodeAEDebtorIndicators"
DestinationDeliveryAddress:
Identification: type: "object"
$ref: "#/components/schemas/AEIdentification" description: |
Name: Destination Delivery Address
$ref: "#/components/schemas/AEName" additionalPropertiesproperties: false
AERiskExternalAccountIdentificationCode: descriptionRecipientType:
"Name of the identification scheme, in a coded form as published in an external list.type: "string"
type: "string" enumdescription: "The recipient of the goods whether an individual or -a corporation."EmiratesID"
- "TradeLicenceNumber" AEConfirmationOfPayeeResponseenum:
description: The JSON Web Signature returned by the Payee Confirmation operation at the Confirmation of Payee API. The value must be the full JWS string, including the header and signature, without decoding to an object. If Confirmation of Payee is not performed this property can be omitted- "Individual"
- "Corporate"
RecipientName:
type: string type: "object"
pattern: '^.+\..+\..+$' AECreditorAccount: description: "UnambiguousThe identificationname of the accountrecipient of the creditorgoods, towhether whichan aindividual creditor entry will be posteda corporation."
type: "object" additionalPropertiesproperties:
false required: -en:
"SchemeName" - "Identification" type: - "Namestring"
properties: SchemeName: description: "English value of the string"
ar:
$ref type: "#/components/schemas/AECreditorExternalAccountIdentificationCodestring"
Identification: $refdescription: "#/components/schemas/AEIdentification"Arabic value of the string"
NameNationalAddress:
$ref: "#/components/schemas/AENameAEAddress"
TradingNameTransactionIndicators:
$ref: "#/components/schemas/AETradingNameAETransactionIndicators"
AEAddress CreditorIndicators:
description: | $ref: "#/components/schemas/AECreditorIndicators"
(Array) Address information that locates and identifes a specific address, as defined by a national or international postal service." AEDebtorIndicators:
type: "object"
description: |
Debtor type: "array"(User) Indicators
minItemsproperties:
1 itemsAuthentication:
type: "object"
requireddescription: "The authentication method used by the User to access their - "AddressTypeaccount with the TPP"
-properties:
"Country" properties: AuthenticationChannel:
AddressType: description: Channel on which the User $ref: "#/components/schemas/AEAddressTypeCode"was authenticated
ShortAddress: type: string
$ref: "#/components/schemas/AEShortAddress" enum:
UnitNumber: - $ref: "#/components/schemas/AEUnitNumber"App
FloorNumber: - Web
$ref: "#/components/schemas/AEFloorNumber" PossessionFactor:
BuildingNumber: $reftype: "#/components/schemas/AEBuildingNumberobject"
StreetName: description: "The User's possession, that only the User possesses"
$ref: "#/components/schemas/AEStreetName" SecondaryNumber: properties:
$ref: "#/components/schemas/AESecondaryNumber" IsUsed:
District: $reftype: "#/components/schemas/AEDistrictboolean"
PostalCode: Type:
$ref: "#/components/schemas/AEPostalCode" POBoxtype: "string"
$ref: "#/components/schemas/AEPOBox" enum:
ZipCode: $ref: "#/components/schemas/AEZipCode" - FIDO2SecurityKey
City: $ref: "#/components/schemas/AECity"- Passkey
Region: - OTPDevice
$ref: "#/components/schemas/AERegion" Country: - OTPApp
$ref: "#/components/schemas/AECountryCode" additionalProperties: false - AEAddressTypeCode:SMSOTP
description: "Specifies the nature of the Address." type: "string"- EmailOTP
enum: - "Business" - PushNotification
- "Correspondence" - "Residential" example: "Residential"- WebauthnToken
AEShortAddress: description: "A short address consists of four letters: region- code,SecureEnclaveKey
branch code, division code, unique code and a four-digit number for the building." type: "string"- HardwareOTPKey
minLength: 1 maxLength: 8 - example:TrustedDevice
"ABCD1234" AEUnitNumber: description: "Identifies the unit or apartment number." - Other
type: "string" minLengthKnowledgeFactor:
1 maxLength: 10 exampletype: "6object"
AEFloorNumber: description: "IdentifiesThe the building floor number."
type: "string"User's knowledge, that only the User knows"
minLength: 1 properties:
maxLength: 10 example: "2" AEBuildingNumberIsUsed:
description: "Identifies the building number." type: "stringboolean"
minLength: 1 maxLength: 10 Type:
example: "34" AEStreetName: descriptiontype: "string"Identifies
the street name or road." type: "string" enum:
minLength: 1 maxLength: 70 example: "Omar Bin Hassan Street"- PIN
AEDistrict: description: "Identifies the district of a city." - Password
type: "string" minLength: 1 maxLength: 35 - SecurityQuestion
example: "Olaya Dist." AECountryCode: description: "Indicates- theSMSOTP
country code in which the address is located (References ISO 3166-1 alpha-2)." type: "string" - EmailOTP
pattern: "^[A-Z]{2,2}$" example: "SA" AEPostalCode: - OTPPush
description: " Identifies the postal code; a unique code assigned to a specific geographic area for efficient- mailOther
sorting and delivery purposes." type: "string" minLengthInherenceFactor:
1 maxLength: 10 exampletype: "12345object"
AEPOBox: description: "The Identifies the POBox."
type: "stringUser's inherance, that is unique to the User's physical characteristics"
minLength: 1 maxLengthproperties:
10 example: "11562" AEZipCode: IsUsed:
description: "Identifies the ZIP code; a unique code assigned to a specific geographic area for efficient mail sorting and delivery purposes."type: "boolean"
type: "string" Type:
minLength: 1 maxLength: 10 exampletype: "12366string"
AESecondaryNumber: description: "4 numbers representing the accurateenum:
location coordinates of the address" type: "string" minLength: 4- Biometric
maxLength: 4 example: "1233" AECity:- Fingerprint
description: "Identifies the name of the city or town where the address is situated." - FaceRecognition
type: "string" minLength: 1 maxLength: 35- IrisScan
example: "Riyadh" AERegion: description: "Identifies- theVoiceRecognition
region." type: "string" minLength: 1 - FIDOBiometric
maxLength: 35 example: "North" AECreditorExternalAccountIdentificationCode: - DeviceBiometrics
description: "Name of the identification scheme, in a coded form as published in an external list." - Other
type: "string" enum: ChallengeOutcome:
- "IBAN" -type: "AccountNumberstring"
AEIdentification: description: |"The result of multi-factor authentication Identification forperformed by the accountTPP, assignedwith by the LFI based onNotPerformed indication the AccountUser Schemewas Name.not required to authenticate before consenting to the requested Thispayment"
identification is known by the User account owner. typeenum:
"string" minLength: 1 AEName: - Pass
type: "object" description: | - Fail
The Account Holder Name is the name or names of the Account owner(s) represented- at the account levelNotPerformed
properties: AuthenticationFlow:
en: type: "string"
description enum:
"English value of the string" maxLength: 70- MFA
ar: - Other
type: "string" descriptionAuthenticationValue: "Arabic
value of the string" maxLengthtype: 70"string"
additionalProperties: false AETradingNamedescription: "Cryptographic proof of authentication where supported type: "objectby the device and protocol."
description: | ChallengeDateTime:
The Trading Brand Name (if applicable) for the Creditor. type: "string"
Applicable to Payments. propertiesformat: "date-time"
en UserName:
type: "stringobject"
description: "EnglishThe valueName of the User initiating the stringPayment"
maxLengthproperties:
70 aren:
type: "string"
description: "ArabicEnglish value of the string"
maxLengthar:
70 additionalPropertiestype: "string"
false AECreditorAgent: description: | "Arabic value of the string"
RefersGeoLocation:
to the Financial Institution. type: "object"
required: description: "GPS to identify and -track "SchemeName"the whereabouts of the connected electronic device."
- "Identification" propertiesrequired:
SchemeName: - Latitude
type: "string" - Longitude
description: | properties:
Refers to the Identification scheme for uniquelyLatitude:
identifying the Agent. type: "string"
* BICFI: The BIC/SWIFT Code description: "latitude"
* Other: The ID; A Country Code followed by a Bank Code (4Longitude:
character code). The full list of LFI names and 6 digits IDs are as followstype: "string"
enum: description: "longitude"
- "BICFI" DeviceInformation:
type: - "Otherobject"
Identification: description: "Detailed device information"
description: | properties:
The Agent is the CountryDeviceId:
Code followed by a Bank Code" type: "string"
Name: description: "IMEISV number of the connected description:electronic device"Name
by which an agent is known and which is usually usedAlternativeDeviceId:
to identify that agent." type: "string"
minLength description: 1"Alternative identifier for the connected electronic device"
maxLength: 140 DeviceOperatingSystem:
PostalAddress: $reftype: "#/components/schemas/AEAddressstring"
AuthorizationDetailsDataSharingConsent: typedescription: object"Device operating system"
required: DeviceOperatingSystemVersion:
- ConsentId - Permissions type: "string"
- OpenFinanceBilling -description: ExpirationDateTime"Device operating system version"
properties: ConsentIdDeviceBindingId:
$ref: '#/components/schemas/AEConsentId' type: "string"
Permissions: typedescription: array"An identifier that associates a device uniquely with a specific items:application"
$refLastBindingDateTime:
'#/components/schemas/AEAccountAccesssConsentPermissionCodes' minItems: 1 type: "string"
OpenFinanceBilling: format: "date-time"
$ref: '#/components/schemas/AEAccountAccessOpenFinanceBillingPost' allOf: description: "Date and -time $ref: '#/components/schemas/AEAccountAccessAuthorizationDetailsProperties'
additionalProperties: falsewhen the device was last bound to the application"
AuthorizationDetailsInsuranceConsent: typeBindingDuration:
object required: type: "string"
- ConsentId - Permissions format: "duration"
- OpenFinanceBilling description: -"ISO ExpirationDateTime8601 duration since device was last properties:
bound (e.g., P30D for 30 days)"
BaseConsentId: BindingStatus:
type: string descriptiontype: "string"
>- The originaldescription: ConsentId"Current assignedstatus byof the TPPdevice binding"
ExpirationDateTime: enum:
type: string format: date-time Active
description: >- - Expired
Specified date and time the permissions will expire. All date-time fieldsRevoked
in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00 - Suspended
OnBehalfOf: $refDeviceType:
'#/components/schemas/OnBehalfOf' ConsentId: type: "string"
$ref: '#/components/schemas/AEConsentId' Permissionsdescription: "Type of device used"
$ref: '#/components/schemas/AEInsuranceConsentPermissions' enum:
OpenFinanceBilling: $ref: '#/components/schemas/AEInsuranceOpenFinanceBillingPost'
- Mobile
AEInsuranceOpenFinanceBillingPost: type: object - Desktop
required: - Purpose - Tablet
properties: Purpose: - Wearable
description: Purpose of data sharing request - Other
type: string enumDeviceManufacturer:
- AccountAggregation type: "object"
- RiskAssessment properties:
- PremiumHistory Model:
- ClaimHistory type: "string"
- Onboarding - Verification description: "Device model name"
- QuoteComparison maxLength: 50
- FinancialAdvice description: Billing parameters specified by the TPP Manufacturer:
additionalProperties: false OBConsentPurpose: type: "string"
enum: - InsurancePolicyAggregation description: "Device manufacturer"
- PersonalFinanceManager - CreditAssessment maxLength: 50
- MotorInsuranceQuote DeviceLanguage:
- EnterpriseFinancialManagement - Other type: "string"
AEAccountAccessAuthorizationDetailsProperties: type: object propertiesdescription: "Device language"
BaseConsentId: DeviceLocalDateTime:
$ref: '#/components/schemas/AEBaseConsentId' ExpirationDateTimetype: "string"
type: string description: "Device local time"
format: date-time ConnectionType:
description: >- type: "string"
Specified date and time the permissions will expire. description: "Type of connection to the internet"
All date-time fields in responses must include the timezone. An enum:
example is below: - WiFi
2017-04-05T10:43:07+00:00 TransactionFromDateTime: - Cellular
type: string - Other
format: date-time descriptionScreenInformation:
|2- type: "object"
Specified start date and time for the transaction query period. properties:
If this is notPixelDensity:
populated, the start date will be open ended, and type: "number"
data will be returned from the earliest available description: "Screen pixel density"
transaction.All dates in the JSON payloads are represented in Orientation:
ISO 8601 date-time format.
type: "string"
All date-time fieldsenum:
in responses must include the timezone. An - Portrait
example is below: 2017-04-05T10:43:07+00:00
Landscape
TransactionToDateTime: BatteryStatus:
type: string type: "object"
format: date-time descriptionproperties:
|2- Level:
Specified end date and time for the transaction query period. type: "number"
If this is not populated, the end date will be open ended,minimum: and0
data will bemaximum: returned100
to the latest available transaction.All IsCharging:
dates in the JSON payloads are represented in ISO 8601 date-time type: "boolean"
format. TouchSupport:
type: "object"
All date-time fields in responses must include the timezone. An properties:
example is belowSupported:
2017-04-05T10:43:07+00:00 type: "boolean"
AccountType: MaxTouchPoints:
type: array items: type: "integer"
$ref: '#/components/schemas/AEExternalAccountTypeCode' AccountSubTypeminimum: 0
type: array MotionSensors:
items: type: "object"
$ref: '#/components/schemas/AEAccountSubTypeCode' OnBehalfOfproperties:
$ref: '#/components/schemas/AEOnBehalfOf' Status:
additionalProperties: false AEExternalAccountTypeCode: description: Specifies the type: of"string"
account (Retail, SME or Corporate). type: string enum:
- Retail - SME - InMotion
- Corporate OnBehalfOf: type:- objectStationary
description: On Behalf Of propertiesAccelerometer:
TradingName: type: string"boolean"
description: Trading Name Gyroscope:
example: Acme Accounting Trading Name LegalName:type: "boolean"
DeviceEnvironmentContext:
type: "array"
string description: Legal"List Nameof device environment context"
example: Acme Accounting Legal Name items:
IdentifierType: type: "string"
description: Identifier Type enum:
enum: - OtherVPNDetected
Identifier: - type:EmulatorDetected
string BiometricCapabilities:
description: Identifier type: "object"
example: abcd1234 additionalPropertiesdescription: false"Device biometric capabilities"
AEInsuranceConsentPermissions: typeproperties:
string enum: SupportsBiometric:
- ReadMotorInsurancePolicies - ReadMotorInsuranceCustomerBasictype: "boolean"
- ReadMotorInsuranceCustomerDetail description: "Whether device supports biometric authentication"
- ReadMotorInsuranceCustomerPaymentDetails - ReadMotorInsuranceProduct BiometricTypes:
- ReadMotorInsuranceTransactions EventNotificationtype: "array"
type: object description: |"Types of biometric authentication supported"
A Webhook Subscription Schema requireditems:
- Webhook properties:type: "string"
Webhookenum:
description: | - Fingerprint
A Webhook Schema - type:FacialRecognition
object required: - Iris
- Url - VoicePrint
IsActive properties: - Other
Url: AppInformation:
descriptiontype: |"object"
description: "Mobile application specific information"
The TPP Callback URL being registered with the LFI properties:
typeAppVersion: string
example: https://api.tpp.com/webhook/callbackUrltype: "string"
IsActivedescription: "Version of the mobile application"
description PackageName:
> type: "string"
The TPP specifying whether the LFI should send (IsActive true) description: "Application package identifier"
or not send (IsActiveBuildNumber:
false) Webhook Notifications to the TPP's type: "string"
Webhook URL description: "Application build number"
type: boolean BrowserInformation:
exampletype: false"object"
additionalPropertiesdescription: false
"Browser-specific information"
additionalProperties: false AEInsuranceConsentBodyproperties:
type: object UserAgent:
required: - Data type: "string"
properties: Data: description: "Complete browser user agent string"
type: object IsCookiesEnabled:
required: -type: "ConsentIdboolean"
-description: "OpenFinanceBillingWhether cookies are enabled in the browser"
- "Permissions"AvailableFonts:
-type: "ExpirationDateTimearray"
properties: description: "List of available fonts"
ConsentId: items:
$ref: '#/components/schemas/AEConsentId' Permissionstype: "string"
Plugins:
$ref: '#/components/schemas/AEInsuranceConsentPermissions' OpenFinanceBillingtype: "array"
$refdescription: '#/components/schemas/AEInsuranceOpenFinanceBilling'
"List of installed browser plugins"
allOf: items:
- $ref: '#/components/schemas/AEInsuranceAuthorizationDetailProperties' additionalPropertiestype: false"string"
Meta: PixelRatio:
type: object propertiestype: "number"
MultipleAuthorizers: description: "Device pixel ratio for scaling"
$ref: '#/components/schemas/AEMetaMultiAuthorization' SubscriptionUserBehavior:
type: "object"
propertiesdescription: "User behavior indicators"
Webhook properties:
$refScrollBehavior: '#/components/schemas/Webhook'
AEAccountAccessConsentBody: type: "object"
required: -properties:
Data properties: DataDirection:
type: object requiredtype: "string"
- "ConsentId" enum:
- "OpenFinanceBilling" - Up
"Permissions" - "ExpirationDateTime" - Down
properties: ConsentId: - Both
$ref: '#/components/schemas/AEConsentId' Speed:
Permissions: type: "number"
$ref: '#/components/schemas/AEAccountAccesssConsentPermissionCodes' OpenFinanceBilling: description: "Average scroll speed in pixels per second"
$ref: '#/components/schemas/AEAccountAccessOpenFinanceBilling' allOfFrequency:
- $ref: '#/components/schemas/AEAccountAccessAuthorizationDetailProperties' type: "number"
additionalProperties: false Metadescription: "Number of scroll events per minute"
type AccountRiskIndicators:
object propertiestype: "object"
MultipleAuthorizersdescription: "Risk indicators related to the account"
$ref: '#/components/schemas/AEMetaMultiAuthorization' properties:
Subscription: UserOnboardingDateTime:
type: object requiredtype: "string"
- Webhook
format: "date-time"
properties: description: "The exact date and time when Webhook:the User account was activated with the TPP."
$ref: '#/components/schemas/Webhook' AEInsuranceAuthorizationDetailPropertiesLastAccountChangeDate:
type: object propertiestype: "string"
BaseConsentId: format: "date"
$ref: '#/components/schemas/AEBaseConsentId' ExpirationDateTimedescription: "Date that the User's account was last changed"
type: string LastPasswordChangeDate:
format: date-time descriptiontype: >-"string"
Specified date and time the permissions will expire.format: "date"
description: "Date of Ifthe thislast ispassword notchange populated,by the User"
permissions will be open ended.All SuspiciousActivity:
dates in the JSON payloads are represented in ISO 8601 date-time
type: "string"
format. description: "Indicates any suspicious activity associated with the account"
All date-time fields in responses must include the timezone. An enum:
example is below: - NoSuspiciousActivity
2017-04-05T10:43:07+00:00 TransactionFromDateTime: - SuspiciousActivityDetected
type: string TransactionHistory:
format: date-time descriptiontype: |2-"object"
properties:
Specified start date and time for the transaction query period. LastDay:
If this is not populated, the start date will be open ended, andtype: "integer"
description: "Total datatransactions willmade beby returned from the earliestaccount availablein the last 24 hours"
transaction.All dates in the JSON payloads areminimum: represented0
in LastYear:
ISO 8601 date-time format. type: "integer"
All date-time fields in responses must include the timezone. An description: "Total transactions made by the account in the examplepast isyear"
below: 2017-04-05T10:43:07+00:00minimum: 0
TransactionToDateTimeSupplementaryData:
type: string"object"
formatdescription: date-time|
description: |2- Additional information that cannot be captured in the structured fields and/or any other specific block
Specified end date and time for the transaction query period. This may include information that is not available in the structured fields, such as a user's Ifbehavioural thisdata
is not populated, the end date will be open ended, and like their typing speed and typing patterns.
data will beproperties: returned{}
to
the latest available transaction.All AETransactionIndicators:
type: "object"
description: dates|
in the JSON payloads are represented in ISO 8601Transaction date-timeIndicators
properties:
IsCustomerPresent:
format. description: "This field differentiates between automatic and manual All date-time fields in responses must include the timezone. An
payment initiation."
type: boolean
IsContractPresent:
example is below: description: "Indicates if the Creditor has a contractual relationship with the TPP."
2017-04-05T10:43:07+00:00 AccountTypetype: boolean
typeChannel:
array itemsdescription: "Where the payment has been initiated from."
$ref: '#/components/schemas/AEAccountTypeCode' type: "string"
AccountSubType: enum:
type: array - Web
items: - Mobile
$ref: '#/components/schemas/AEAccountSubTypeCode' OnBehalfOfChannelType:
$reftype: '#/components/schemas/AEOnBehalfOf'"string"
Status: description: "The channel through which the transaction is being conducted"
$ref: '#/components/schemas/AEAccountAccessConsentStatus' Purposeenum:
type: array - ECommerce
items: - InStore
$ref: '#/components/schemas/AEInsuranceConsentPurpose' - InApp
RevokedBy: - Telephone
$ref: '#/components/schemas/AERevokedBy' additionalProperties:- falseMail
AEInsuranceOpenFinanceBilling: type:- objectRecurringPayment
required: - Purpose
Other
properties: IsLargeCorporateSubChannelType:
type: "booleanstring"
description: "More Customerspecific hasclassification moreof thanthe 100transaction millionchannel"
AED turnover Purposeenum:
- description:WebBrowser
Purpose of data sharing request - MobileApp
type: string - enum:SmartTV
- AccountAggregationWearableDevice
- RiskAssessmentPOSTerminal
- PremiumHistoryATM
- ClaimHistoryKioskTerminal
- OnboardingOther
PaymentProcess:
- Verification type: "object"
- QuoteComparison description: "Metrics related to the payment process duration and -attempts"
FinancialAdvice description: Billing parameters specifiedproperties:
by the TPP additionalProperties: false AEInsuranceConsentPurposeTotalDuration:
type: string enumtype: "integer"
- InsurancePolicyAggregation description: "Total time -in PersonalFinanceManagerseconds from payment initiation to completion"
- CreditAssessment - MotorInsuranceQuoteminimum: 0
- EnterpriseFinancialManagement CurrentSessionAttempts:
- Other
AEMetaMultiAuthorization: type: "objectinteger"
description: | description: Meta Data with Multi-Authorization relevant to the payload."Number of payment attempts in the current session"
For aminimum: payment,1
it represents any Authorizers within the financial institution domain that are involved inCurrentSessionFailedAttempts:
approving the payment request. properties: type: "integer"
TotalRequired: description: |"Number of failed payment attempts in the current session"
The total number of Authorizers required to process the request minimum: 0
type: "number" Last24HourAttempts:
Authorizations: type: "arrayinteger"
items: description: "Number of payment attempts in the last 24 description:hours"
| minimum: Authorizer0
typeLast24HourFailedAttempts:
"object" propertiestype: "integer"
AuthorizerId description: "Number of failed payment attempts in the last 24 hours"
description: | minimum: 0
MerchantRisk:
The Authorizer's Identifier type: "object"
typedescription: "string"Risk indicator details provided by the merchant"
AuthorizerType properties:
DeliveryTimeframe:
description: | type: "string"
The Type of Authorizer. For example, Financial, Management, etc.
description: "Timeframe for the delivery of purchased items"
type: "string" enum:
AuthorizationDate: - ElectronicDelivery
description: | - SameDayShipping
The DateTime of when the - OvernightShipping
Authorization occurred. All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time MoreThan1DayShipping
fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00 ReorderItemsIndicator:
type: "string"
description: "Indicates if format: "date-timethe transaction is a reorder"
AuthorizationStatusenum:
description:- FirstTimeOrder
| - Reorder
The Status reflecting the Authorizer's final decision regarding the request PreOrderPurchaseIndicator:
type: "string"
description: "Indicates enum:if this is a pre-ordered item"
- "Pending"enum:
- -MerchandiseAvailable
"Approved" - FutureAvailability
- "Rejected" IsGiftCardPurchase:
additionalProperties: false additionalPropertiestype: false"boolean"
additionalProperties: false AEConsentIddescription: "Indicates if the transaction includes a type:gift stringcard"
minLength: 1 IsDeliveryAddressMatchesBilling:
maxLength: 128 description: >- type: "boolean"
Unique identification assigned by the TPP to identify the consent description: "Indicates if delivery address matches billing resource.address"
AEAccountAccesssConsentPermissionCodes: typeAddressMatchLevel:
string enum: type: "string"
- ReadAccountsBasic - ReadAccountsDetail description: "Level of match between delivery -and ReadBalancesbilling addresses"
- ReadBeneficiariesBasic enum:
- ReadBeneficiariesDetail - FullMatch
ReadTransactionsBasic - ReadTransactionsDetail - PartialMatch
- ReadTransactionsCredits - ReadTransactionsDebits - NoMatch
- ReadProduct - ReadScheduledPaymentsBasic - NotApplicable
- ReadScheduledPaymentsDetail SupplementaryData:
- ReadDirectDebits type: "object"
- ReadStandingOrdersBasic description: |
- ReadStandingOrdersDetail -Additional ReadConsentsinformation that cannot be captured in the structured fields - ReadPartyPSU
and/or any other specific block
- ReadPartyPSUIdentity properties: {}
- ReadPartyAECreditorIndicators:
descriptiontype: >-"object"
description: |
Specifies the permitted account access policy data types. Creditor Indicators
properties:
This is a list of the data groups beingAccountType:
consented by the User, and $ref: "#/components/schemas/AEAccountTypeCode"
requested for authorization with the LFI. IsCreditorPrePopulated:
AEAccountAccessAuthorizationDetailProperties: type: object$ref: "#/components/schemas/AEIsCreditorPrePopulated"
requiredTradingName:
- $ref: "#/components/schemas/AETradingName"
Purpose IsVerifiedByTPP:
- OpenFinanceBilling properties$ref: "#/components/schemas/AEIsVerifiedbyTPP"
BaseConsentId AdditionalAccountHolderIdentifiers:
$ref: '"#/components/schemas/AEBaseConsentId'AEAdditionalAccountHolderIdentifiers"
ExpirationDateTimeMerchantDetails:
type: string"object"
formatdescription: date-time|
description: >- Details of the Merchant involved in the transaction.
Specified date and time the permissions will expire. Merchant Details are specified only for those merchant categories that are generally expected Ifto thisoriginate isretail notfinancial populated,transactions
the permissions will be open ended.All properties:
dates in the JSON payloads areMerchantId:
represented in ISO 8601 date-time description: "MerchantId"
format. type: All date-time fields in responses must include the timezone. An"string"
minLength: 8
example is below: maxLength: 20
2017-04-05T10:43:07+00:00 MerchantName:
TransactionFromDateTime: type: string description: "Name by which the merchant is known."
format: date-time descriptiontype: |2-"string"
minLength: 1
Specified start date and time for the transaction query period. maxLength: 350
If thisMerchantSICCode:
is not populated, the start date will be open ended, and description: |
data will be returned from theSIC earliestcode availablestands for standard industrial classification (SIC) code.
transaction.All dates in the JSON payloads areThis representedfour indigit-number identifies a very specific short descriptor of the type of business a company is engaged in.
ISO 8601 date-time format. SIC can be obtained from Allthe date-timeChamber fieldsof inCommerce.
responses must include the timezone. An type: "string"
example is belowminLength: 3
maxLength: 4
2017-04-05T10:43:07+00:00 TransactionToDateTimeMerchantCategoryCode:
type: string description: >
format: date-time Category code values description: |2-
are used to enable the classification of
Specified end date and time formerchants theinto transactionspecific querycategories period.based on the type of business,
If this is not populated,trade theor endservices datesupplied. will
be
open ended, and Category code conforms datato willISO be18245, returnedrelated to the latesttype availableof transaction.Allservices
datesor ingoods the JSONmerchant payloadsprovides arefor representedthe intransaction."
ISO 8601 date-time type: string
format. minLength: 3
All date-time fields in responses must include the timezone. AnmaxLength: 4
additionalProperties: false
example is below: IsCreditorConfirmed:
description: Creditor account 2017-04-05T10:43:07+00:00
AccountType:
details have been confirmed successfully using Confirmation of Payee
type: arrayboolean
itemsConfirmationOfPayeeResponse:
$ref: '"#/components/schemas/AEAccountTypeCode'AEConfirmationOfPayeeResponse"
AccountSubTypeSupplementaryData:
type: array"object"
itemsdescription: |
$ref: '#/components/schemas/AEAccountSubTypeCode'
OnBehalfOf:
Additional information that cannot be captured in the structured fields and/or any other specific block
$ref: '#/components/schemas/AEOnBehalfOf' properties: {}
Status: AEIsCreditorPrePopulated:
description: "Is Creditor $ref: '#/components/schemas/AEAccountAccessConsentStatus'populated"
type: "boolean"
Purpose: AEIsVerifiedbyTPP:
typedescription: array"The TPP has onboarded the Creditor"
itemstype: "boolean"
AEAdditionalAccountHolderIdentifiers:
$reftype: '#/components/schemas/AEAccountAccessConsentPurpose'"array"
items:
RevokedBy: type: "object"
$ref: '#/components/schemas/AERevokedBy' description: "Provides the details to OpenFinanceBilling:identify an account."
$refrequired:
'#/components/schemas/AEAccountAccessOpenFinanceBilling' additionalProperties: false- "SchemeName"
AEAccountAccessOpenFinanceBilling: - "Identification"
type: object requiredproperties:
- UserType SchemeName:
- Purpose $ref: "#/components/schemas/AERiskExternalAccountIdentificationCode"
properties: IsLargeCorporateIdentification:
type$ref: "boolean#/components/schemas/AEIdentification"
descriptionName:
Customer has more than 100 million AED turnover $ref: "#/components/schemas/AEName"
UserType: additionalProperties: false
description: Type ofAERiskExternalAccountIdentificationCode:
Customer description: "Name of the type: string
enum:identification scheme, in a coded form as published in an external list."
type: "string"
enum:
- Retail - "EmiratesID"
- SME - "TradeLicenceNumber"
AEConfirmationOfPayeeResponse:
- Corporate description: The JSON Web Signature returned Purpose:by the Payee Confirmation operation at the Confirmation of Payee API. description:The Purposevalue ofmust databe sharingthe requestfull JWS string, including the header and signature, without decoding to type:an stringobject. If Confirmation of Payee is not performed this property can enum:be omitted
type: string
- AccountAggregation pattern: '^.+\..+\..+$'
AEAddress:
- RiskAssessment description: |
(Array) -Address TaxFilinginformation that locates and identifes a specific address, as defined by a national -or Onboardinginternational postal service."
type: "array"
- Verification minItems: 1
items:
- QuoteComparison type: "object"
- BudgetingAnalysis required:
- FinancialAdvice"AddressType"
- "Country"
- AuditReconciliation descriptionproperties:
Billing parameters specified by the TPP additionalPropertiesAddressType:
false AEAccountAccessConsentStatus: description$ref: >-"#/components/schemas/AEAddressTypeCode"
Consent Status isShortAddress:
set to either Authorized ,Revoked ,Rejected or AwaitingAuthorization$ref: "#/components/schemas/AEShortAddress"
typeUnitNumber:
string enum: $ref: "#/components/schemas/AEUnitNumber"
- Authorized FloorNumber:
- AwaitingAuthorization - Rejected
$ref: "#/components/schemas/AEFloorNumber"
- Revoked BuildingNumber:
- Expired $ref: "#/components/schemas/AEBuildingNumber"
- Suspended AEAccountAccessConsentPurpose: StreetName:
type: string enum$ref: "#/components/schemas/AEStreetName"
- Account Aggregation SecondaryNumber:
- Personal Finance Manager $ref: "#/components/schemas/AESecondaryNumber"
- Credit Assessment District:
- Tax Filing $ref: "#/components/schemas/AEDistrict"
- Enterprise Financial Management PostalCode:
- Other AEAccountSubTypeCode: $ref: "#/components/schemas/AEPostalCode"
type: string enumPOBox:
- CurrentAccount $ref: "#/components/schemas/AEPOBox"
- Savings ZipCode:
description: Specifies the sub type of account (product family group) $ref: "#/components/schemas/AEZipCode"
AEAccountTypeCode: typeCity:
string enum: $ref: "#/components/schemas/AECity"
- Retail Region:
- Corporate description: Specifies the type of account (Retail or Corporate).$ref: "#/components/schemas/AERegion"
AEPaymentConsentResponseCountry:
description: | $ref: "#/components/schemas/AECountryCode"
Payment Consent Response Schema additionalProperties: false
type: "object" AEAddressTypeCode:
additionalProperties: false description: "Specifies the nature of the required:Address."
-type: "Datastring"
propertiesenum:
Data:- "Business"
type:- "objectCorrespondence"
- "Residential"
additionalProperties: false example: "Residential"
requiredAEShortAddress:
description: "A short address consists of four - "ConsentId"
- "Statusletters: region code, branch code, division code, unique code and a four-digit number for the building."
type: "string"
- "ExpirationDateTime" minLength: 1
maxLength: 8
properties: example: "ABCD1234"
ConsentIdAEUnitNumber:
description: "Identifies the unit or apartment number."
$ref: "#/components/schemas/AEConsentId" type: "string"
minLength: BaseConsentId:1
maxLength: 10
$refexample: "#/components/schemas/AEBaseConsentId6"
AEFloorNumber:
IsSingleAuthorizationdescription: "Identifies the building floor number."
type: "string"
description: | minLength: 1
maxLength: 10
Specifies to the LFI that the consent authorization must be completed in a single authorization Step
example: "2"
AEBuildingNumber:
description: "Identifies the building number."
type: "string"
with theminLength: LFI1
maxLength: 10
typeexample: "boolean34"
AEStreetName:
AuthorizationExpirationDateTimedescription: "Identifies the street name or road."
$reftype: "#/components/schemas/AEAuthorizationExpirationDateTimestring"
minLength: 1
Permissions: maxLength: 70
example: "Omar Bin Hassan $ref: "#/components/schemas/AEConsentPermissions"Street"
AEDistrict:
AcceptedAuthorizationTypedescription: "Identifies the district of a city."
$reftype: "#/components/schemas/AEAcceptedAuthorizationTypestring"
minLength: 1
ExpirationDateTime maxLength: 35
example: "Olaya Dist."
$ref AECountryCode:
"#/components/schemas/AEConsentExpirationDateTime" description: "Indicates the country code in which Status:the address is located (References ISO 3166-1 alpha-2)."
$reftype: "#/components/schemas/AEConsentStatusstring"
pattern: "^[A-Z]{2,2}$"
RevokedBy example: "SA"
AEPostalCode:
$refdescription: "#/components/schemas/AERevokedBy"
CreationDateTime:
Identifies the postal code; a unique code assigned to a specific geographic area for efficient mail sorting and delivery purposes."
$reftype: "#/components/schemas/AECreationDateTimestring"
minLength: 1
StatusUpdateDateTime: maxLength: 10
$refexample: "#/components/schemas/AEStatusUpdateDateTime12345"
AEPOBox:
Chargesdescription: " Identifies the POBox."
$reftype: "#/components/schemas/AECharges"string"
minLength: 1
ExchangeRatemaxLength: 10
example: "11562"
$refAEZipCode:
"#/components/schemas/AEExchangeRateInformation" description: "Identifies the ZIP code; a unique CurrencyRequest:code assigned to a specific geographic area for efficient mail sorting and delivery purposes."
$ref: "#/components/schemas/AECurrencyRequest" type: "string"
ControlParametersminLength: 1
maxLength: 10
$refexample: '#/components/schemas/AEServiceInitiationConsentControlParameters'"12366"
AESecondaryNumber:
DebtorReferencedescription: "4 numbers representing the accurate location coordinates of the address"
$ref type: "#/components/schemas/AEServiceInitiationStructuredDebtorReferencestring"
minLength: 4
CreditorReferencemaxLength: 4
example: "1233"
$refAECity:
"#/components/schemas/AEReference" description: "Identifies the name of the city PaymentPurposeCode:or town where the address is situated."
type: "string"
$ref: "#/components/schemas/AEPaymentPurposeCode" minLength: 1
SponsoredTPPInformationmaxLength: 35
example: "Riyadh"
$refAERegion:
"#/components/schemas/AESponsoredTPPInformation" description: "Identifies the region."
PaymentConsumption: type: "string"
minLength: 1
$ref: "#/components/schemas/AEPaymentConsumption" maxLength: 35
OpenFinanceBillingexample: "North"
AECreditorExternalAccountIdentificationCode:
$refdescription: "#/components/schemas/AEServiceInitiationOpenFinanceBilling"
Subscription:
Name of the identification scheme, in a coded form as published in an external list."
$reftype: "#/components/schemas/AEEventNotificationstring"
enum:
Meta: - "IBAN"
$ref: "#/components/schemas/AEMetaMultiAuthorization" AEServiceInitiationOpenFinanceBilling:- "AccountNumber"
typeAEIdentification:
object propertiesdescription: |
IsLargeCorporate: Identification for the account assigned by the LFI based on type: "boolean"
the Account Scheme Name.
description:This Customeridentification hasis moreknown thanby 100the millionUser AEDaccount turnoverowner.
descriptiontype: Billing"string"
parameters specified by the LFI additionalPropertiesminLength: false1
AEPaymentConsumptionAEName:
type: "object"
description: |
The DataAccount Holder toName trackis the consumptionname ofor Paymentsnames inof relationthe to an authorized Consent ScheduleAccount owner(s) represented at the account level
requiredproperties:
en:
- "CumulativeNumberOfPayments" -type: "CumulativeValueOfPaymentsstring"
-description: "CumulativeValueOfPaymentsInCurrentPeriod"English value of the string"
propertiesmaxLength: 70
CumulativeNumberOfPaymentsar:
type: "numberstring"
description: |"Arabic value of the string"
The cumulativemaxLength: number70
of payment instructions successfully accepted under theadditionalProperties: currentfalse
consent
schedule (Settlement on the Creditor'sAETradingName:
account has been completed) type: "object"
minLengthdescription: 1|
The Trading example:Brand 4Name (if applicable) for the Creditor.
CumulativeValueOfPayments: Applicable to Payments.
description: | properties:
en:
The cumulative value of payment instructions successfully accepted under the current consent schedule (Settlement on the Creditor's account has been completed)
type: "string"
description: "English value of the string"
A number of monetary unitsmaxLength: specified70
in an active currency where the unit of currency isar:
explicit and compliant with ISO 4217."
type: "objectstring"
requireddescription: "Arabic value of the string"
- "Amount" maxLength: 70
additionalProperties: false
- "Currency" AuthorizationDetailsDataSharingConsent:
properties:type: object
required:
- ConsentId
Amount: - Permissions
- OpenFinanceBilling
$ref: "#/components/schemas/AEActiveOrHistoricAmount" - ExpirationDateTime
Currencyproperties:
ConsentId:
$ref: "'#/components/schemas/AEActiveOrHistoricCurrencyCode"AEConsentId'
CumulativeNumberOfPaymentsInCurrentPeriodPermissions:
type: "number"array
descriptionitems:
| $ref: The cumulative number of payment instructions in the current period initiated under the consent schedule, excluding instructions in a Rejected state.'#/components/schemas/AEAccountAccesssConsentPermissionCodes'
minItems: 1
OpenFinanceBilling:
minLength$ref: 1'#/components/schemas/AEAccountAccessOpenFinanceBillingPost'
exampleallOf:
1 - CumulativeValueOfPaymentsInCurrentPeriod$ref: '#/components/schemas/AEAccountAccessAuthorizationDetailsProperties'
descriptionadditionalProperties: |false
AuthorizationDetailsInsuranceConsent:
Thetype: cumulativeobject
value of payment instructions in the currentrequired:
period initiated under the consent schedule, excluding instructions in- aConsentId
Rejected state. - Permissions
A number of monetary units- specifiedOpenFinanceBilling
in an active currency where the unit of currency- is explicitExpirationDateTime
and compliant with ISO 4217." properties:
typeBaseConsentId:
"object" requiredtype: string
description: >-
"Amount" The -original "Currency"ConsentId assigned by the TPP
properties: ExpirationDateTime:
Amounttype: string
format: date-time
$ref: "#/components/schemas/AEActiveOrHistoricAmount" description: >-
Currency: Specified date and time the permissions $ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
additionalProperties: false
AEFilePaymentConsent:will expire. All date-time fields in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00
type: "object" OnBehalfOf:
description: | $ref: '#/components/schemas/OnBehalfOf'
A file based payment consent. ConsentId:
A Consent definition for defining Multi Payments$ref: '#/components/schemas/AEConsentId'
requiredPermissions:
- "FileType" $ref: '#/components/schemas/AEInsuranceConsentPermissions'
- "FileHash" OpenFinanceBilling:
- "NumberOfTransactions" $ref: '#/components/schemas/AEInsuranceOpenFinanceBillingPost'
- "ControlSum"AEInsuranceOpenFinanceBillingPost:
propertiestype: object
FileTyperequired:
- Purpose
$ref: "#/components/schemas/AEFileType" properties:
FileHash: Purpose:
$ref: "#/components/schemas/AEFileHash" description: Purpose of data sharing FileReference:request
$reftype: "#/components/schemas/AEReference"string
NumberOfTransactions: enum:
$ref: "#/components/schemas/AEFileNumberOfTransactions" - AccountAggregation
ControlSum: - RiskAssessment
$ref: "#/components/schemas/AEControlSum" - PremiumHistory
RequestedExecutionDate: $ref: "#/components/schemas/AERequestedExecutionDate"
- ClaimHistory
additionalProperties: false AERequestedExecutionDate:- Onboarding
description: | - Verification
The date when the TPP expects the LFI to execute the payment.- QuoteComparison
The date must be in the- futureFinancialAdvice
and cannot be on the same daydescription: orBilling aparameters dayspecified inby the past.TPP
additionalProperties: false
The maximum date in theAEAccountAccessAuthorizationDetailsProperties:
future that can be specified is 1type: yearobject
from the day of the consent ofproperties:
the User to the TPP. BaseConsentId:
All dates in the JSON payloads are represented in ISO 8601 date format.$ref: '#/components/schemas/AEBaseConsentId'
ExpirationDateTime:
type: "string" formattype: string
"date" AEFileType: format: date-time
type: "string" description: "Specifies>-
the payment file type" minLength: 1 Specified date and time the permissions maxLength:will 40expire.
AEFileHash: type: "string" All date-time fields in responses must description:include "Athe base64timezone. encodingAn
of a SHA256 hash of the file to beexample uploaded."is below:
minLength: 1 maxLength: 442017-04-05T10:43:07+00:00
AEConsentExpirationDateTimeTransactionFromDateTime:
description: |2- type: string
Specified date andformat: date-time
the consent will expire. description: |2-
All dates in the JSON payloads are represented in ISOSpecified 8601start date- and time format.for the transaction query period.
All date-time fields in responses must include the timezone. AnIf examplethis is :2023-04-05T10:43:07+00:00
type: "string"
not populated, the start date will be open ended, and
format: "date-time" AEConsentStatus: data will description:be |returned from the earliest available
Specifies the status of a payment consent. transaction.All dates in the |JSON Consentpayloads Status|are Staterepresented Type|in
Description| |---------------|-----------|------| ISO 8601 | AwaitingAuthorization | Pending | The consent is awaiting authorization.|date-time format.
| Authorized | In Use | The consent has been successfully authorized.| All date-time fields in responses must include the timezone. An
| Rejected | Terminal | The unauthorizedexample consentis hasbelow:
been
rejected at the LFI.| | Revoked | Terminal | The consent has been revoked at the TPP or LFI.| 2017-04-05T10:43:07+00:00
TransactionToDateTime:
| Expiredtype: |string
Terminal | The consent is now expired.| format: date-time
| Consumed | Terminal | The consented action(s) have either been completed successfully.| description: |2-
| Suspended | In UseSpecified |end Thedate consentand hastime beenfor suspended,the pendingtransaction furtherquery enquiriesperiod.|
type: "string" enum: If this is not populated, the -end "AwaitingAuthorization"date will be open ended, and
- "Authorized" - "Rejected" data will be returned to the latest - "Revoked"available transaction.All
- "Expired" dates in -the "Consumed"JSON payloads are represented in ISO 8601 date-time
- "Suspended" AECreationDateTime: description: "Date andformat.
time
at which the message was created. All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll All date-time fields in responses must include the timezone. An
example is below:\n2023
2017-04-05T10:43:07+00:00"
type: "string" AccountType:
format: "date-time" AEStatusUpdateDateTimetype: array
description: "Date and time atitems:
which the resource status was updated.All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00"
type: "string"$ref: '#/components/schemas/AEExternalAccountTypeCode'
AccountSubType:
type: array
formatitems:
"date-time" AECurrencyRequest: description$ref: |'#/components/schemas/AEAccountSubTypeCode'
TheOnBehalfOf:
details of the non-local currency or FX request that has been agreed between the User and the TPP.
$ref: '#/components/schemas/AEOnBehalfOf'
additionalProperties: false
AEExternalAccountTypeCode:
The requested ChargeBearer and ExchangeRateInformation are includeddescription: inSpecifies thisthe objecttype mayof beaccount overwritten(Retail, bySME the LFI in the returned Consent objector Corporate).
type: "object"string
additionalPropertiesenum:
false - required:Retail
- "CurrencyOfTransfer"SME
properties: - Corporate
InstructionPriorityOnBehalfOf:
type: object
description: "Indicator of the urgencydescription: orOn orderBehalf ofOf
importance that the instructing party would likeproperties:
the instructed party to apply to the processing of the instruction." TradingName:
type: "string"
enumdescription: Trading Name
- "Normal"
example: Acme Accounting Trading Name
LegalName:
- "Urgent" ExtendedPurposetype: string
description: "Specifies the purpose of an international payment, when there is no corresponding 4 character code available in the ISO20022 list of Purpose Codes." Legal Name
example: Acme Accounting Legal Name
IdentifierType:
type: "string"
minLengthdescription: Identifier 1Type
maxLengthenum:
140 ChargeBearer: - Other
$ref Identifier: "#/components/schemas/AEChargeBearerType1Code"
CurrencyOfTransfertype: string
description: "Specifies the currency of the to be transferred amount, which is different from the currency of the debtor's account." Identifier
example: abcd1234
additionalProperties: false
AEInsuranceConsentPermissions:
type: "string"
enum:
pattern: "^[A-Z]{3,3}$" - ReadMotorInsurancePolicies
DestinationCountryCode: - ReadMotorInsuranceCustomerBasic
description: "Country in which- CreditReadMotorInsuranceCustomerDetail
Account is domiciled. Code to identify a country, a- dependency,ReadMotorInsuranceCustomerPaymentDetails
or another area of particular geopolitical interest, on the- basisReadMotorInsuranceProduct
of country names obtained from the United Nations (ISO- 3166,ReadMotorInsuranceTransactions
Alpha-2
code)." EventNotification:
type: "string"object
description: |
pattern: "[A-Z]{2,2}" A Webhook Subscription Schema
ExchangeRateInformation: required:
type: "object" - Webhook
additionalPropertiesproperties:
false Webhook:
required: description: |
- "UnitCurrency" A Webhook Schema
- "RateType" type: object
description: "Provides details on the currency exchange rate and contract."required:
properties: - Url
UnitCurrency: - IsActive
descriptionproperties:
"Currency in which the rate of exchange is expressed in a currency exchange.Url:
In the example 1GBP = xxxCUR, the unit currency is GBP." description: |
type: "string" The TPP Callback URL being registered with the LFI
pattern: "^[A-Z]{3,3}$" ExchangeRatetype: string
description example: "The factor used for conversion of an amount from one currency to another. This reflects the price at which one currency was bought with another currency."
https://api.tpp.com/webhook/callbackUrl
IsActive:
description: >
type: "number" The TPP specifying whether the LFI should send RateType:(IsActive true)
description: "Specifies the typeor usednot tosend complete(IsActive thefalse) currencyWebhook exchange."Notifications to the TPP's
type: "string" Webhook URL
enum: type: boolean
- "Actual" example: false
additionalProperties: false
- "Agreed" additionalProperties: false
AEInsuranceConsentBody:
- "Indicative" type: object
required:
ContractIdentification: - Data
properties:
description: "Unique and unambiguous reference to the foreignData:
exchange contract agreed between the initiating party/creditor and the debtor agent."type: object
required:
type: "string" - "ConsentId"
minLength: 1 - "OpenFinanceBilling"
maxLength: 256 - AEFixedPeriodicSchedule:"Permissions"
description: | - "ExpirationDateTime"
Payment Controls that apply to all payment instructions inproperties:
a given period under this payment consent. typeConsentId:
"object" additionalProperties: false required:$ref: '#/components/schemas/AEConsentId'
- "PeriodType" Permissions:
- "PeriodStartDate" $ref: - "Amount"'#/components/schemas/AEInsuranceConsentPermissions'
- "Type" OpenFinanceBilling:
properties: Type$ref: '#/components/schemas/AEInsuranceOpenFinanceBilling'
type allOf:
"string" description: "The- Periodic Schedule Type"$ref: '#/components/schemas/AEInsuranceAuthorizationDetailProperties'
enumadditionalProperties: false
Meta:
- FixedPeriodicSchedule PeriodTypetype: object
$refproperties:
"#/components/schemas/AEPeriodType" PeriodStartDateMultipleAuthorizers:
$ref: "'#/components/schemas/AEPeriodStartDate"AEMetaMultiAuthorization'
AmountSubscription:
$reftype: "#/components/schemas/AEActiveCurrencyAmount"object
AELongLivedPaymentConsent: properties:
type: "object" description: | Webhook:
A long-lived payment consent. $ref: '#/components/schemas/Webhook'
A ConsentAEAccountAccessConsentBody:
definition for defining Multi Payments type: object
properties: required:
Amount: - Data
$ref: "#/components/schemas/AEActiveCurrencyAmount"properties:
MaximumIndividualPaymentAmountData:
$reftype: "#/components/schemas/AEMaximumIndividualPaymentAmount" object
MaximumCumulativeValueOfPaymentsrequired:
$ref:- "#/components/schemas/AEMaximumCumulativeValueOfPayments"ConsentId"
MaximumCumulativeNumberOfPayments: - "OpenFinanceBilling"
$ref: "#/components/schemas/AEMaximumCumulativeNumberOfPayments" - "Permissions"
PeriodicSchedule: - "ExpirationDateTime"
description: | properties:
The definition for a schedule oneOf:ConsentId:
- $ref: "'#/components/schemas/AEDefinedSchedule"AEConsentId'
- $refPermissions:
"#/components/schemas/AEFixedPeriodicSchedule" - $ref: "'#/components/schemas/AEVariablePeriodicSchedule"AEAccountAccesssConsentPermissionCodes'
discriminatorOpenFinanceBilling:
propertyName: Type $ref: '#/components/schemas/AEAccountAccessOpenFinanceBilling'
additionalProperties: false allOf:
AEDefinedSchedule: type: "object" - $ref: description: |'#/components/schemas/AEAccountAccessAuthorizationDetailProperties'
Payment ScheduleadditionalProperties: denotingfalse
a
list of pre-defined future dated payments all with fixedMeta:
amounts and dates. additionalPropertiestype: falseobject
required: properties:
- "Schedule" MultipleAuthorizers:
- "Type" properties$ref: '#/components/schemas/AEMetaMultiAuthorization'
Type Subscription:
type: "string"object
descriptionrequired:
"The Periodic Schedule Type" - Webhook
enum: properties:
- DefinedSchedule ScheduleWebhook:
type: "array" $ref: '#/components/schemas/Webhook'
AEInsuranceAuthorizationDetailProperties:
minItems: 1 type: object
uniqueItemsproperties:
false BaseConsentId:
items: $ref: '#/components/schemas/AEBaseConsentId'
type: "object" ExpirationDateTime:
additionalProperties type: falsestring
format: date-time
required: description: >-
- "PaymentExecutionDate" Specified date and time the permissions will -expire.
"Amount"
properties:All date-time fields in responses must include the timezone. An
PaymentExecutionDate: example is below:
$ref: "#/components/schemas/AEPaymentExecutionDate" 2017-04-05T10:43:07+00:00
AmountTransactionFromDateTime:
type: string
$ref: "#/components/schemas/AEActiveCurrencyAmount" AEPaymentExecutionDateformat: date-time
description: | description: |2-
Used to specify the expected payment execution date/time. Specified start date Alland datestime infor the JSONtransaction payloadsquery areperiod.
represented
in ISO 8601 date format. An example is: 2023-04-05
type: "string"
format: "date" If this is not populated, the start date will be open ended, and
AEMaximumIndividualPaymentAmount: description:data |will be returned from the earliest available
This is the Maximum amount a variable payment related to the Consent can taketransaction.All dates in the JSON payloads are represented in
All payment amounts must be smaller or equal to this value. ISO type: "object"
8601 date-time format.
required: All date-time "Amount"fields in responses must include the timezone. An
- "Currency" properties: example is Amount:below:
$ref: "#/components/schemas/AEActiveOrHistoricAmount" 2017-04-05T10:43:07+00:00
CurrencyTransactionToDateTime:
$reftype: "#/components/schemas/AEActiveOrHistoricCurrencyCode" string
AEPeriodType: format: date-time
type: "string" description: |2-
A Period may begin from the Consent CreationDateTime ifSpecified aend PeriodStartDatedate isand nottime provided.for the transaction query period.
|Period Type|Description| |-----------|-----------| If this is not populated, the end |Day|A continuous period of time, consisting of 24 consecutive hours, starting from midnight (00:00:00) and finishing at 23:59:59 of the same day. |
|Week|A continuous period of time, consisting of seven consecutive days, starting from midnight (00:00:00) and finishing at 23:59:59 of the 7th day. |
date will be open ended, and
data will be returned to the latest available transaction.All
dates in the JSON payloads are represented in ISO 8601 date-time
|Month|A continuous period of time starting from midnight (00:00:00) of the firstformat.
day
of a month and finishing at 23:59:59 of the last day of that month.| All date-time fields in responses must |Year|A continuous period of time, consisting of 12 months.|include the timezone. An
enum: example is below:
- Day - Week 2017-04-05T10:43:07+00:00
- Month AccountType:
- Year AEPeriodStartDatetype: array
type: "string" items:
description: | * Payments$ref: Specifies the start date of when a payment schedule begins.'#/components/schemas/AEAccountTypeCode'
AccountSubType:
Where thistype: isarray
an optional field, if a value is not provided, then ititems:
must default to the Consent CreationDateTime, starting from midnight 00:00:00. $ref: '#/components/schemas/AEAccountSubTypeCode'
format: "date" AEVariablePeriodicScheduleOnBehalfOf:
description: | $ref: '#/components/schemas/AEOnBehalfOf'
Payment Controls that apply toStatus:
all payment instructions in a given period under this payment consent. type: "object"$ref: '#/components/schemas/AEAccountAccessConsentStatus'
additionalPropertiesPurpose:
false required: type: array
- "PeriodType" propertiesitems:
PeriodType:
$ref: "'#/components/schemas/AEPeriodType"AEInsuranceConsentPurpose'
PeriodStartDateRevokedBy:
$ref: "'#/components/schemas/AEPeriodStartDate"AERevokedBy'
additionalProperties: false
MaximumCumulativeValueOfPaymentsPerPeriodType: AEInsuranceOpenFinanceBilling:
$reftype: "#/components/schemas/AEPeriodTypeMaximumCumulativeValueOfPayments"object
MaximumCumulativeNumberOfPaymentsPerPeriodTyperequired:
- Purpose
$ref: "#/components/schemas/AEPeriodTypeMaximumCumulativeNumberOfPayments" AEPeriodTypeMaximumCumulativeValueOfPaymentsproperties:
description: | IsLargeCorporate:
The maximum cumulative payment value of all payment initiations per Period Type.type: "boolean"
typedescription: "object"Customer has more than 100 million AED required:turnover
-Purpose:
"Amount" - "Currency"description: Purpose of data sharing request
properties: Amounttype: string
$refenum:
"#/components/schemas/AEActiveOrHistoricAmount" Currency: - AccountAggregation
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode" AEPeriodTypeMaximumCumulativeNumberOfPayments:- RiskAssessment
type: "integer" - description:PremiumHistory
| The maximum frequency of- paymentClaimHistory
initiations per Period Type. AEMaximumCumulativeNumberOfPayments: - type: "integer"Onboarding
- Verification
- QuoteComparison
- FinancialAdvice
description: | Billing parameters specified by the TPP
additionalProperties: false
The maximumAEInsuranceConsentPurpose:
cumulative number of all successful payment railstype: executionsstring
under the Consent. enum:
Each successful payment rails- executionInsurancePolicyAggregation
(related to the Consent) is added to the total- cumulativePersonalFinanceManager
number of payments for the Consent which cannot exceed- theCreditAssessment
maximum value agreed with the User at the point- ofMotorInsuranceQuote
consent. AEMaximumCumulativeValueOfPayments: - EnterpriseFinancialManagement
description: | - Other
The maximum cumulative valueAEMetaMultiAuthorization:
of all successful payment rails executions under the Consent.type: "object"
description: |
Each successful payment rails execution amount (related toMeta theData Consent) is addedwith Multi-Authorization relevant to the totalpayload.
cumulative value of the Consent which cannot exceed theFor maximuma valuepayment, agreedit withrepresents theany UserAuthorizers atwithin the point of consent.
type: "object"
required:financial institution domain that are involved in approving the payment request.
properties:
TotalRequired:
description: |
The total number of Authorizers required to process the request
type: "number"
Authorizations:
type: "array"
items:
description: |
Authorizer
type: "object"
properties:
AuthorizerId:
description: |
The Authorizer's Identifier
type: "string"
AuthorizerType:
description: |
The Type of Authorizer. For example, Financial, Management, etc.
type: "string"
AuthorizationDate:
description: |
The DateTime of when the Authorization occurred. All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00
type: "string"
format: "date-time"
AuthorizationStatus:
description: |
The Status reflecting the Authorizer's final decision regarding the request
type: "string"
enum:
- "Pending"
- "Approved"
- "Rejected"
additionalProperties: false
additionalProperties: false
additionalProperties: false
AEConsentId:
type: string
minLength: 1
maxLength: 128
description: >-
Unique identification assigned by the TPP to identify the consent
resource.
AEAccountAccesssConsentPermissionCodes:
type: string
enum:
- ReadAccountsBasic
- ReadAccountsDetail
- ReadBalances
- ReadBeneficiariesBasic
- ReadBeneficiariesDetail
- ReadTransactionsBasic
- ReadTransactionsDetail
- ReadTransactionsCredits
- ReadTransactionsDebits
- ReadProduct
- ReadScheduledPaymentsBasic
- ReadScheduledPaymentsDetail
- ReadDirectDebits
- ReadStandingOrdersBasic
- ReadStandingOrdersDetail
- ReadConsents
- ReadPartyUser
- ReadPartyUserIdentity
- ReadParty
description: >-
Specifies the permitted account access policy data types.
This is a list of the data groups being consented by the User, and
requested for authorization with the LFI.
AEAccountAccessAuthorizationDetailProperties:
type: object
required:
- Purpose
- OpenFinanceBilling
properties:
BaseConsentId:
$ref: '#/components/schemas/AEBaseConsentId'
ExpirationDateTime:
type: string
format: date-time
description: >-
Specified date and time the permissions will expire.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
TransactionFromDateTime:
type: string
format: date-time
description: |2-
Specified start date and time for the transaction query period.
If this is not populated, the start date will be open ended, and
data will be returned from the earliest available
transaction.All dates in the JSON payloads are represented in
ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
TransactionToDateTime:
type: string
format: date-time
description: |2-
Specified end date and time for the transaction query period.
If this is not populated, the end date will be open ended, and
data will be returned to the latest available transaction.All
dates in the JSON payloads are represented in ISO 8601 date-time
format.
All date-time fields in responses must include the timezone. An
example is below:
2017-04-05T10:43:07+00:00
AccountType:
type: array
items:
$ref: '#/components/schemas/AEAccountTypeCode'
AccountSubType:
type: array
items:
$ref: '#/components/schemas/AEAccountSubTypeCode'
OnBehalfOf:
$ref: '#/components/schemas/AEOnBehalfOf'
Status:
$ref: '#/components/schemas/AEAccountAccessConsentStatus'
Purpose:
type: array
items:
$ref: '#/components/schemas/AEAccountAccessConsentPurpose'
RevokedBy:
$ref: '#/components/schemas/AERevokedBy'
OpenFinanceBilling:
$ref: '#/components/schemas/AEAccountAccessOpenFinanceBilling'
additionalProperties: false
AEAccountAccessOpenFinanceBilling:
type: object
required:
- UserType
- Purpose
properties:
IsLargeCorporate:
type: "boolean"
description: Customer has more than 100 million AED turnover
UserType:
description: Type of Customer
type: string
enum:
- Retail
- SME
- Corporate
Purpose:
description: Purpose of data sharing request
type: string
enum:
- AccountAggregation
- RiskAssessment
- TaxFiling
- Onboarding
- Verification
- QuoteComparison
- BudgetingAnalysis
- FinancialAdvice
- AuditReconciliation
description: Billing parameters specified by the TPP
additionalProperties: false
AEAccountAccessConsentStatus:
description: >-
Consent Status is set
to either Authorized ,Revoked ,Rejected or AwaitingAuthorization
type: string
enum:
- Authorized
- AwaitingAuthorization
- Rejected
- Revoked
- Expired
- Suspended
AEAccountAccessConsentPurpose:
type: string
enum:
- Account Aggregation
- Personal Finance Manager
- Credit Assessment
- Tax Filing
- Enterprise Financial Management
- Other
AEAccountSubTypeCode:
type: string
enum:
- CurrentAccount
- Savings
description: Specifies the sub type of account (product family group)
AEAccountTypeCode:
type: string
enum:
- Retail
- SME
- Corporate
description: Specifies the type of account (Retail, SME or Corporate).
AEPaymentConsentResponse:
description: |
Payment Consent Response Schema
type: "object"
additionalProperties: false
required:
- "Data"
properties:
Data:
type: "object"
additionalProperties: false
required:
- "ConsentId"
- "Status"
- "ExpirationDateTime"
properties:
ConsentId:
$ref: "#/components/schemas/AEConsentId"
BaseConsentId:
$ref: "#/components/schemas/AEBaseConsentId"
IsSingleAuthorization:
description: |
Specifies to the LFI that the consent authorization must be completed in a single authorization Step
with the LFI
type: "boolean"
AuthorizationExpirationDateTime:
$ref: "#/components/schemas/AEAuthorizationExpirationDateTime"
Permissions:
$ref: "#/components/schemas/AEConsentPermissions"
AcceptedAuthorizationType:
$ref: "#/components/schemas/AEAcceptedAuthorizationType"
ExpirationDateTime:
$ref: "#/components/schemas/AEConsentExpirationDateTime"
Status:
$ref: "#/components/schemas/AEConsentStatus"
RevokedBy:
$ref: "#/components/schemas/AERevokedBy"
CreationDateTime:
$ref: "#/components/schemas/AECreationDateTime"
StatusUpdateDateTime:
$ref: "#/components/schemas/AEStatusUpdateDateTime"
Charges:
$ref: "#/components/schemas/AECharges"
ExchangeRate:
$ref: "#/components/schemas/AEExchangeRateInformation"
CurrencyRequest:
$ref: "#/components/schemas/AECurrencyRequest"
ControlParameters:
$ref: '#/components/schemas/AEServiceInitiationConsentControlParameters'
DebtorReference:
$ref: "#/components/schemas/AEServiceInitiationStructuredDebtorReference"
CreditorReference:
$ref: "#/components/schemas/AEReference"
PaymentPurposeCode:
$ref: "#/components/schemas/AEPaymentPurposeCode"
SponsoredTPPInformation:
$ref: "#/components/schemas/AESponsoredTPPInformation"
PaymentConsumption:
$ref: "#/components/schemas/AEPaymentConsumption"
OpenFinanceBilling:
$ref: "#/components/schemas/AEServiceInitiationOpenFinanceBilling"
Subscription:
$ref: "#/components/schemas/AEEventNotification"
Meta:
$ref: "#/components/schemas/AEMetaMultiAuthorization"
AEServiceInitiationOpenFinanceBilling:
type: object
properties:
IsLargeCorporate:
type: "boolean"
description: Customer has more than 100 million AED turnover
description: Billing parameters specified by the LFI
additionalProperties: false
AEPaymentConsumption:
type: "object"
description: |
Data to track the consumption of Payments in relation to an authorized Consent Schedule
required:
- "CumulativeNumberOfPayments"
- "CumulativeValueOfPayments"
properties:
CumulativeNumberOfPayments:
type: "number"
description: |
The cumulative number of payment instructions initiated under the consent schedule, excluding instructions in a Rejected state.
minLength: 1
example: 4
CumulativeValueOfPayments:
description: |
The cumulative value of payment instructions initiated under the consent schedule, excluding instructions in a Rejected state.
A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."
type: "object"
required:
- "Amount"
- "Currency"
properties:
Amount:
$ref: "#/components/schemas/AEActiveOrHistoricAmount"
Currency:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
CumulativeNumberOfPaymentsInCurrentPeriod:
type: "number"
description: |
The cumulative number of payment instructions in the current period initiated under the consent schedule, excluding instructions in a Rejected state.
minLength: 1
example: 1
CumulativeValueOfPaymentsInCurrentPeriod:
description: |
The cumulative value of payment instructions in the current period initiated under the consent schedule, excluding instructions in a Rejected state.
A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217."
type: "object"
required:
- "Amount"
- "Currency"
properties:
Amount:
$ref: "#/components/schemas/AEActiveOrHistoricAmount"
Currency:
$ref: "#/components/schemas/AEActiveOrHistoricCurrencyCode"
additionalProperties: false
AERequestedExecutionDate:
description: |
The date when the TPP expects the LFI to execute the payment.
The date must be in the future and cannot be on the same day or a day in the past.
The maximum date in the future that can be specified is 1 year from the day of the consent of the User to the TPP.
All dates in the JSON payloads are represented in ISO 8601 date format.
type: "string"
format: "date"
AEConsentExpirationDateTime:
description: |2-
Specified date and time the consent will expire.
All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is :2023-04-05T10:43:07+00:00
type: "string"
format: "date-time"
AEConsentStatus:
description: |
Specifies the status of a payment consent.
| Consent Status| State Type| Description|
|---------------|-----------|------|
| AwaitingAuthorization | Pending | The consent is awaiting authorization.|
| Authorized | In Use | The consent has been successfully authorized.|
| Rejected | Terminal | The unauthorized consent has been rejected at the LFI.|
| Revoked | Terminal | The consent has been revoked at the TPP or LFI.|
| Expired | Terminal | The consent is now expired.|
| Consumed | Terminal | The consented action(s) have either been completed successfully.|
| Suspended | In Use | The consent has been suspended, pending further enquiries.|
type: "string"
enum:
- "AwaitingAuthorization"
- "Authorized"
- "Rejected"
- "Revoked"
- "Expired"
- "Consumed"
- "Suspended"
AECreationDateTime:
description: "Date and time at which the message was created. All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00"
type: "string"
format: "date-time"
AEStatusUpdateDateTime:
description: "Date and time at which the resource status was updated.All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2023-04-05T10:43:07+00:00"
type: "string"
format: "date-time"
AECurrencyRequest:
description: |
The details of the non-local currency or FX request that has been agreed between the User and the TPP.
The requested ChargeBearer and ExchangeRateInformation are included in this object may be overwritten by the LFI in the returned Consent object.
type: "object"
additionalProperties: false
required:
- "CurrencyOfTransfer"
properties:
InstructionPriority:
description: "Indicator of the urgency or order of importance that the instructing party would like the instructed party to apply to the processing of the instruction."
type: "string"
enum:
- "Normal"
- "Urgent"
ExtendedPurpose:
description: "Specifies the purpose of an international payment, when there is no corresponding 4 character code available in the ISO20022 list of Purpose Codes."
type: "string"
minLength: 1
maxLength: 140
ChargeBearer:
$ref: "#/components/schemas/AEChargeBearerType1Code"
CurrencyOfTransfer:
description: "Specifies the currency of the to be transferred amount, which is different from the currency of the debtor's account."
type: "string"
pattern: "^[A-Z]{3,3}$"
DestinationCountryCode:
description: "Country in which Credit Account is domiciled. Code to identify a country, a dependency, or another area of particular geopolitical interest, on the basis of country names obtained from the United Nations (ISO 3166, Alpha-2 code)."
type: "string"
pattern: "[A-Z]{2,2}"
ExchangeRateInformation:
type: "object"
additionalProperties: false
required:
- "UnitCurrency"
- "RateType"
description: "Provides details on the currency exchange rate and contract."
properties:
UnitCurrency:
description: "Currency in which the rate of exchange is expressed in a currency exchange. In the example 1GBP = xxxCUR, the unit currency is GBP."
type: "string"
pattern: "^[A-Z]{3,3}$"
ExchangeRate:
description: "The factor used for conversion of an amount from one currency to another. This reflects the price at which one currency was bought with another currency."
type: "number"
RateType:
description: "Specifies the type used to complete the currency exchange."
type: "string"
enum:
- "Actual"
- "Agreed"
- "Indicative"
ContractIdentification:
description: "Unique and unambiguous reference to the foreign exchange contract agreed between the initiating party/creditor and the debtor agent."
type: "string"
minLength: 1
maxLength: 256
AEPeriodType:
type: "string"
description: |
A Period may begin from the Consent CreationDateTime if a PeriodStartDate is not provided.
|Period Type|Description|
|-----------|-----------|
|Day|A continuous period of time, consisting of 24 consecutive hours, starting from midnight (00:00:00) and finishing at 23:59:59 of the same day. |
|Week|A continuous period of time, consisting of seven consecutive days, starting from midnight (00:00:00) and finishing at 23:59:59 of the 7th day. |
|Month|A continuous period of time starting from midnight (00:00:00) of the first day of a month and finishing at 23:59:59 of the last day of that month.|
|Year|A continuous period of time, consisting of 12 months.|
enum:
- Day
- Week
- "Amount"Month
- "Currency"Year
AEPeriodStartDate:
properties: type: "string"
Amount: description: |
$ref: "#/components/schemas/AEActiveOrHistoricAmount" * Payments: Specifies the start date of Currency:when a payment schedule begins.
$refformat: "#/components/schemas/AEActiveOrHistoricCurrencyCodedate"
AEServiceInitiationStructuredDebtorReference:
description: |
A reason or reference in relation to a payment, set to facilitate a structured Debtor reference consisting of:
* For payments to Merchants: TPP ID, Merchant ID, BIC for the Creditor Account, followed by freeform text to a maximum of 120 characters.
* For other payments: TPP ID and BIC for the Creditor Account, followed by freeform text to a maximum of 120 characters.
The TPP ID value will match the organization ID value from the Trust Framework, and therefore will be a v4 UUID.
The Merchant ID wil be as per the existing IPP rules for the Merchant identification, and will incorporate the Trade License number for the Merchant.
A BIC is specific according to the standard format for ISO 20022, and can therefore be either 8 or 11 characters in length.
If the value of the concatenated string exceeds 120 characters, the TPP must omit or truncate the freeform element of the reference.
type: "string"
minLength: 1
maxLength: 120
pattern: "^TPP=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},(Merchant=[A-Z0-9]{3}-[A-Z]{4}-TL.+-[0-9]{4}|),BIC=[A-Z0-9]{4}[A-Z0-9]{2}[A-Z0-9]{2}([A-Z0-9]{3}){0,1}($|,.+$)"
AEPaymentPurposeCode:
description: A category code that relates to the type of services or goods that corresponds to the underlying purpose of the payment. The code must conform to the published AANI payment purpose code list.
type: "string"
minLength: 1
maxLength: 4
pattern: "^[A-Z]{3}$"
AESponsoredTPPInformation:
type: "object"
description: |
The Sponsored TPP is:
* A TPP that itself has no direct Open Banking API integrations.
* A TPP that is using the integration of another TPP that does have direct Open Banking API integrations.
properties:
Name:
type: "string"
minLength: 1
maxLength: 50
description: |
The Sponsored TPP Name
Identification:
type: "string"
minLength: 1
maxLength: 50
description: |
The Sponsored TPP Identification
additionalProperties: false
AEBaseConsentId:
type: string
minLength: 1
maxLength: 128
description: >-
The original ConsentId assigned by the TPP
AEOnBehalfOf:
type: object
properties:
TradingName:
type: string
description: Trading Name
LegalName:
type: string
description: Legal Name
IdentifierType:
allOf:
- $ref: '#/components/schemas/AEOnBehalfOfIdentifierType'
description: Identifier Type
Identifier:
type: string
description: Identifier
additionalProperties: false
AEOnBehalfOfIdentifierType:
type: string
enum:
- Other
Webhook:
type: object
description: |
A Webhook Subscription Schema
required:
- Url
- IsActive
properties:
Url:
description: |
The TPP Callback URL being registered with the LFI
type: string
example: https://api.tpp.com/webhook/callbackUrl
IsActive:
description: >
The TPP specifying whether the LFI should send (IsActive true)
or not send (IsActive false) Webhook Notifications to the TPP's
Webhook URL
type: boolean
example: false
additionalProperties: false
AERevokedBy:
description: |
Denotes the Identifier of the revocation.
| Identifier| Description|
|-----------|------------|
| LFI | Revoked by LFI without User initiation|
| TPP | Revoked by TPP without User initiation|
| LFI.InitiatedByUser | Initiated by User via the LFI|
| TPP.InitiatedByUser | Initiated by User via the TPP|
type: string
enum:
- LFI
- TPP
- LFI.InitiatedByUser
- TPP.InitiatedByUser
AEReference:
description: |
A reason or reference in relation to a payment.
Reason or reference for the beneficiary regarding the Payment
type: "string"
minLength: 1
maxLength: 120
AEEventNotification:
type: "object"
description: |
A Webhook Subscription Schema
required:
- "Webhook"
properties:
Webhook:
description: |
A Webhook Schema
type: "object"
properties:
Url:
description: |
The TPP Callback URL being registered with the LFI
type: "string"
example: "https://api.tpp.com/webhook/callbackUrl"
IsActive:
description: |
The TPP specifying whether the LFI should send (IsActive true) or not send (IsActive false) Webhook Notifications to the TPP's Webhook URL
type: "boolean"
example: false
additionalProperties: false
additionalProperties: false
AEAcceptedAuthorizationType:
description: |
Specifies to the LFI the type of consent authorization accepted by the TPP when staging the consent
* Single - The consent should incur a single authorization Step with the LFI
* Multi - The consent should incur a multi-authorization Step with the LFI
type: "string"
enum:
- "Single"
- "Multi"
AEAuthorizationExpirationDateTime:
description: |
A time window by which a Consent (in AwaitingAuthorization status) must be Authorized by the User.
The time window starts from the actual CreationDateTime (when the Consent is staged with the LFI).
If the current time window exceeds the Authorization Expiration Time Window (and the Consent status is AwaitingAuthorization) then the Consent Status must be set to Rejected.
The time window is based on a custom time format hhh:mm:ss. e.g. 720:00:00 represents a time window of 720 hours, 00 minutes, 00 seconds (30 days) after the CreationDateTime to Authorize the Consent.
type: "string"
pattern: "^(00[0-9]|0[1-9][0-9]|[1-6][0-9]{2}|7[01][0-9]|720):[0-5][0-9]:[0-5][0-9]$"
example: "720:00:00"
AEConsentPermissions:
type: "array"
description: |
Specifies the permitted Account Access data types.
This is a list of the data groups being consented by the User, and requested for authorization with the LFI.
This allows a TPP to request a balance check permission.
items:
type: "string"
enum:
- "ReadAccountsBasic" # Ability to read basic account information
- "ReadAccountsDetail" # Ability to read account identification details
- "ReadBalances" # Ability to read all balance information
- "ReadRefundAccount"
minItems: 1
AEFileNumberOfTransactions:
type: "integer"
description: |
Number of individual transactions contained in the payment information group.
AEControlSum:
description: |
Total of all individual amounts included in the group, irrespective of currencies.
type: "string"
pattern: "^\\d{1,16}\\.\\d{2}$"
example: "100.00"
psuIdentifiers:
type: object
description: |
The PSU that is associated with this consent.
The `PSUIdentifiers` object may have arbitrary custom fields that an financial institution may use to
identify the PSU.
However, all `PSUIdentifiers` must have a mandatory `userId` field that provides a unique
user id for the PSU.
The consent is initially created without a PSU identified.
The value must be specified once the consent is authorised.
properties:
userId:
type: string
required:
- userId
ValidateResponseStatusEnum:
type: string
enum:
- valid
- invalid
consentValidateResponse:
type: object
properties:
data:
type: object
properties:
status:
$ref: "#/components/schemas/ValidateResponseStatusEnum"
code:
type: string
description:
type: string
meta:
$ref: "#/components/schemas/Meta"
Meta:
type: object
additionalProperties: false
Error:
description: Default error response payload structure for Ozone Connect
type: object
properties:
errorCode:
type: string
description: Error code identifying the problem that occurred
errorMessage:
type: string
description: Message describing what problem has occurred
parameters:
aspspId:
name: o3-aspsp-id
in: header
schema:
type: string
required: true
deprecated: true
description:
Identifier for the financial institution that the request is targetted to.
This header is deprecated and will be removed in a future version of Ozone Connect. Use `o3-provider-id` instead.
providerId:
name: o3-provider-id
in: header
schema:
type: string
required: true
description: Identifier for the financial institution that the request is targetted to
callerOrgId:
name: o3-caller-org-id
in: header
schema:
type: string
required: true
description: An identifier for the organization calling the API
callerClientId:
name: o3-caller-client-id
in: header
schema:
type: string
required: true
description: An identifier for the OIDC clientId calling the API
callerSoftwareStatementId:
name: o3-caller-software-statement-id
in: header
schema:
type: string
required: true
description: An identifier for the software statement calling the API
apiUri:
name: o3-api-uri
in: header
schema:
type: string
required: true
description: The parameterised URL of the API being called by the caller
apiOperation:
name: o3-api-operation
in: header
schema:
type: string
required: true
description: The API operation carried out by the caller (e.g. GET, POST, PUT, DELETE, PATCH)
consentId:
name: o3-consent-id
in: header
schema:
type: string
required: true
description: The consentId for which this call is being made
callerInteractionId:
name: o3-caller-interaction-id
in: header
schema:
type: string
required: true
description: The interaction ID passed in by the caller, if any
ozoneInteractionId:
name: o3-ozone-interaction-id
in: header
schema:
type: string
required: true
description: An interaction ID generated by Ozone if the caller did not send in one. If the callerInteractionId is specified, this takes the same value.
psuIdentifier:
name: o3-psu-identifier
in: header
schema:
type: string
required: true
description: A Base64 encoded representation of the psuIdentifier JSON object.
securitySchemes:
OzoneConnectApiKey:
description: Communications between the API Hub and the LFI Ozone Connect implementation are secured using an API Key, which is a secret shared between the API Hub and the LFI.
type: apiKey
in: header
name: Authorization
OzoneConnectClientCredentials:
type: oauth2
description: |
Communications between the API Hub and the LFI Ozone Connect implementation are secured using a Client Credentials grant type.
LFIs must host an OAuth 2.0 Authorization Server to utilise this security pattern. Scope values are set during the onboarding process, and represented by a placeholder in this API description.
flows:
clientCredentials:
tokenUrl: "https://example.lfi.ae/token"
scopes:
placeholder: Placeholder for scopes, which are set by the LFI during onboarding
OzoneConnectJwtAuth:
description: |
Communications between the API Hub and the LFI Ozone Connect implementation are secured using the "JWT Auth" mechanism, where the Client presents a signed JSON Web Token as a credential.
The Server MUST verify the signature in order to authenticate the Client.
Please note that the value of the `scheme` parameter is not a registered HTTP Authentication Scheme, to indicate it is specific to Ozone Connect. Please refer to API Hub documentation for further details.
type: http
scheme: Ozone-Connect-JWT-Auth
|
...