--- swagger: "2.0" info: version: 1.0.0 title: AIS API description: Account Information Service Provider API x-ibm-name: account-information contact: name: Postbank email: api@postbank.bg url: https://www.postbank.bg externalDocs: description: Latest update is published here url: https://www.postbank.bg schemes: - https securityDefinitions: api-key-1: type: apiKey description: "" in: header name: X-IBM-Client-Id OAuth2: type: oauth2 description: "" flow: accessCode scopes: ais: "" authorizationUrl: https://gate.postbank.bg/postbank/psd2/oauth2/authorize tokenUrl: https://gate.postbank.bg/postbank/psd2/oauth2/token x-tokenIntrospect: url: "" security: - api-key-1: [] OAuth2: - ais parameters: account-id: name: account-id in: path description: The account-id is retrieved by using a "Read Account List" call. The account-id is the "resourceId" attribute of the account structure. Its value is constant at least throughout the lifecycle of a given consent. required: true type: string transaction-id: name: transaction-id in: path description: Transaction ID required: true type: integer definitions: Amount: type: object required: - currency - amount properties: currency: type: string description: ISO 4217 code amount: type: string Account: type: object required: - currency - resourceId - iban - name - product properties: resourceId: type: string description: This is the data element to be used in the path when retrieving data from a dedicated account. iban: type: string description: IBAN of account name: type: string description: Name given by the bank or the PSU in OnlineBanking. product: type: string description: Product Name of the Bank for this account currency: type: string description: ISO 4217 code _links: $ref: '#/definitions/Links' description: Links to the account, which can be directly used for retrieving account information from this dedicated account. Links to “balances” and/or “transactions” AccountReport: type: object required: - booked properties: booked: type: array items: $ref: '#/definitions/Transactions' pending: type: array items: $ref: '#/definitions/Transactions' Balances: type: object properties: interimAvailable: $ref: '#/definitions/SingleBalance' description: Available balance calculated in the course of the account ’ervicer's business day, at the time specified, and subject to further changes during the business day. The interim balance is calculated on the basis of booked credit and debit items during the calculation time/period specified. SingleBalance: type: object required: - balanceAmount properties: balanceType: type: string balanceAmount: $ref: '#/definitions/Amount' Transactions: type: object required: - transactionAmount properties: transactionId: type: string description: Can be used as access-id in the API, where more details on an transaction is offered. bookingDate: type: string format: date valueDate: type: string format: date transactionAmount: $ref: '#/definitions/Amount' creditorName: type: string description: Name of the creditor if a “Debited” transaction creditorAccount: $ref: '#/definitions/AccountReference' debtorName: type: string description: Name of the debtor if a “Credited” transaction debtorAccount: $ref: '#/definitions/AccountReference' remittanceInformationUnstructured: type: string Links: type: object properties: scaRedirect: type: string description: A link to a Postbank site where SCA is performed within the Redirect SCA approach. self: type: string description: The link to the resource created by the undergoing request. This link can be used to retrieve the resource data. status: type: string account: type: string description: A link to an account, which can be directly used for retrieving account information from this dedicated account. balances: type: string description: A link to the resource providing the balance of a dedicated account. transactions: type: string description: A link to the resource providing the transaction history of a dedicated account. first: type: string description: Navigation link for account reports. next: type: string description: Navigation link for account reports. previous: type: string description: Navigation link for account reports. last: type: string description: Navigation link for account reports. ErrorModel: type: object properties: tppMessages: type: array items: type: object properties: category: type: string code: type: string text: type: string ConsentRequestBody: type: object required: - access - frequencyPerDay - recurringIndicator - validUntil properties: access: type: object properties: balances: type: array items: type: string default: "" transactions: type: array items: type: string default: "" recurringIndicator: type: string format: boolean description: TRUE, if the consent is for recurring access to the account data. FALSE, if the consent is for one access to the account data. pattern: (true|false) default: "true" validUntil: type: string format: date description: This parameter is requesting a valid until date for the requested consent. Max validity is 90 day. If the consent is for one access to the account data value is current date.The content is the local Postbank date in ISODate Format, e.g. 2018-11-25 pattern: ([12]\d{3}-(0[1-9]|1[0-2])-(0[1-9]|[12]\d|3[01])) default: "2019-01-18" frequencyPerDay: type: string format: integer description: This field indicates the requested maximum frequency for an access per day. For a one-off access, this attribute is set to “1”. Max value is “4”. pattern: '[1-4]' default: "4" Consent: required: - access - recurringIndicator - validUntil - frequencyPerDay - consentStatus - _links type: object properties: access: $ref: '#/definitions/AccountAccess' recurringIndicator: type: boolean description: TRUE, if the consent is for recurring access to the account data FALSE, if the consent is for one access to the account data validUntil: type: string format: date description: This parameter is requesting a valid until date for the requested consent. The content is the local Postbank date in ISODate Format, e.g. 2017-10-30 frequencyPerDay: type: integer description: Max value is "4". consentStatus: $ref: '#/definitions/ConsentStatus' _links: $ref: '#/definitions/Links' AccountReference: properties: iban: type: string bban: type: string additionalProperties: false ConsentStatus: type: string description: The following code values are permitted “received”, “rejected”, “valid”, “revokedByPsu”, “expired”, “terminatedByTpp” properties: consentStatus: type: string enum: - received - rejected - valid - revokedByPsu - expired - terminatedByTpp additionalProperties: false AccountAccess: properties: balances: type: array items: $ref: '#/definitions/AccountReference' transactions: type: array items: $ref: '#/definitions/AccountReference' additionalProperties: false paths: /accounts: get: tags: - account summary: Read account list description: Read the list of all accessible accounts relative to a granted consent. It is assumed that a consent of the PSU to this access is already given and stored on the Postbank system. The addressed list of accounts depends then on the PSU ID and OAuth2 access token. Returns all identifiers of the accounts, to which an account access has been granted to through the /consents endpoint by the PSU. In addition, relevant information about the accounts and hyperlinks to corresponding account information resources are provided if a related consent has been already granted. operationId: getAccounts consumes: - application/json produces: - application/json responses: 200: description: OK schema: type: object properties: accounts: type: array items: $ref: '#/definitions/Account' example: accounts: - resourceId: BG77BPBI000001 iban: BG77BPBI000001 currency: BGN product: Postbank Product name: salary _links: balances: href: /v1/accounts/BG77BPBI000001/balances transactions: href: /v1/accounts/BG77BPBI000001/transactions - resourceId: BG77BPBI000002 iban: BG77BPBI000002 currency: EUR product: Postbank Product name: за спестяване“ _links: balances: href: /v1/accounts/BG77BPBI000002/balances headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 400: description: Bad Request schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 401: description: Unauthorized schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 403: description: Forbidden schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. parameters: - name: X-Request-ID type: string required: true in: header description: ID of the request, unique to the call, as determined by the initiating party. - name: PSU-User-Agent in: header type: string description: The forwarded Agent header field of the http request between PSU and TPP, if available. - name: PSU-IP-Port in: header type: string description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP, if available. required: false - name: PSU-Geo-Location in: header type: string description: The forwarded Geo Location header field of the corresponding http request between PSU and TPP if available. required: false - name: PSU-Accept type: string required: false in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. - name: PSU-Accept-Charset type: string required: false in: header - name: PSU-Accept-Encoding type: string required: false in: header - name: PSU-Accept-Language type: string required: false in: header - name: PSU-Http-Method type: string enum: - GET - POST - PUT - PATCH - DELETE required: false description: | HTTP method used at the PSU – TPP interface, if available. Valid values are\: * GET * POST * PUT * PATCH * DELETE in: header - name: PSU-Device-ID type: string required: false in: header description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. - name: PSU-IP-Address type: string pattern: ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ required: false in: header description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. /accounts/{account-id}: get: tags: - account summary: Read Account Details description: Reads details about the addressed account. It is assumed that a consent of the PSU to this access is already given and stored on the Postbank system. The addressed details of this account depends then on the stored consent addressed by the OAuth2 access token. operationId: getAccountByAccountId consumes: - application/json produces: - application/json parameters: - $ref: '#/parameters/account-id' - name: X-Request-ID type: string required: true in: header description: ID of the request, unique to the call, as determined by the initiating party. - name: PSU-User-Agent in: header type: string description: The forwarded Agent header field of the http request between PSU and TPP, if available. - name: PSU-IP-Port in: header type: string description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP, if available. required: false - name: PSU-Geo-Location in: header type: string description: The forwarded Geo Location header field of the corresponding http request between PSU and TPP if available. required: false - name: PSU-Accept type: string required: false in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. - name: PSU-Accept-Charset type: string required: false in: header - name: PSU-Accept-Encoding type: string required: false in: header - name: PSU-Accept-Language type: string required: false in: header - name: PSU-Http-Method type: string enum: - GET - POST - PUT - PATCH - DELETE required: false in: header description: | HTTP method used at the PSU – TPP interface, if available. Valid values are\: * GET * POST * PUT * PATCH * DELETE - name: PSU-Device-ID type: string required: false in: header description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. - name: PSU-IP-Address type: string pattern: ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ required: false in: header description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. responses: 200: description: OK schema: type: object properties: account: $ref: '#/definitions/Account' example: account: resourceId: BG77BPBI000001 iban: BG77BPBI000001 currency: BGN product: Postbank Product name: salary _links: balances: href: /v1/accounts/BG77BPBI000001/balances transactions: href: /v1/accounts/BG77BPBI000001/transactions headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 400: description: Bad Request schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 401: description: Unauthorized schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 403: description: Forbidden schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. /accounts/{account-id}/balances: get: tags: - account summary: Read Balance description: Reads the balance list for a given account addressed by "account-id". operationId: getBalanceForAccountByAccountId consumes: - application/json produces: - application/json parameters: - $ref: '#/parameters/account-id' - name: X-Request-ID type: string required: true in: header description: ID of the request, unique to the call, as determined by the initiating party. - name: PSU-User-Agent in: header type: string description: The forwarded Agent header field of the http request between PSU and TPP, if available. - name: PSU-IP-Port in: header type: string description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP, if available. required: false - name: PSU-Geo-Location in: header type: string description: The forwarded Geo Location header field of the corresponding http request between PSU and TPP if available. required: false - name: PSU-Accept type: string required: false in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. - name: PSU-Accept-Charset type: string required: false in: header - name: PSU-Accept-Encoding type: string required: false in: header - name: PSU-Accept-Language type: string required: false in: header - name: PSU-Http-Method type: string enum: - GET - POST - PUT - PATCH - DELETE required: false in: header description: | HTTP method used at the PSU – TPP interface, if available. Valid values are\: * GET * POST * PUT * PATCH * DELETE - name: PSU-Device-ID type: string required: false in: header description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. - name: PSU-IP-Address type: string pattern: ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ required: false in: header description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. responses: 200: description: OK schema: type: object properties: account: $ref: '#/definitions/AccountReference' balances: type: array items: $ref: '#/definitions/SingleBalance' example: account: iban: BG77BPBI000001 balances: - balanceType: interimAvailable balanceAmount: currency: BGN amount: 123.450000 headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 400: description: Bad Request schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 401: description: Unauthorized schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 403: description: Forbidden schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. /accounts/{account-id}/transactions: get: tags: - account summary: Read Transaction List description: Read transaction lists of a given account аddressed by "account-id", depending on the steering parameter "bookingStatus" and the attributes "dateFrom" and "dateTo". operationId: getTransactionsForAccountByAccountId consumes: - application/json produces: - application/json parameters: - $ref: '#/parameters/account-id' - name: X-Request-ID type: string required: true in: header description: ID of the request, unique to the call, as determined by the initiating party. - name: dateFrom type: string pattern: ([12]\d{3}-(0[1-9]|1[0-2])-(0[1-9]|[12]\d|3[01])) format: ISODate in: query description: Starting date (inclusive the date dateFrom) of the transaction list. required: true - name: dateTo type: string pattern: ([12]\d{3}-(0[1-9]|1[0-2])-(0[1-9]|[12]\d|3[01])) format: ISOdate in: query description: End date (inclusive the data dateTo) of the transaction list, default is now if not given. required: false - name: bookingStatus type: string pattern: (booked|pending|both) in: query required: true description: Permitted codes are “booked”, “pending” and “both” - name: PSU-User-Agent in: header type: string description: The forwarded Agent header field of the http request between PSU and TPP, if available. - name: PSU-IP-Port in: header type: string description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP, if available. required: false - name: PSU-Geo-Location in: header type: string description: The forwarded Geo Location header field of the corresponding http request between PSU and TPP if available. required: false - name: PSU-Accept type: string required: false in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. - name: PSU-Accept-Charset type: string required: false in: header - name: PSU-Accept-Encoding type: string required: false in: header - name: PSU-Accept-Language type: string required: false in: header - name: PSU-Http-Method type: string enum: - GET - POST - PUT - PATCH - DELETE required: false in: header description: | HTTP method used at the PSU – TPP interface, if available. Valid values are\: * GET * POST * PUT * PATCH * DELETE - name: PSU-Device-ID type: string required: false in: header description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. - name: PSU-IP-Address type: string pattern: ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ required: false in: header description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. responses: 200: description: OK schema: type: object properties: account: $ref: '#/definitions/AccountReference' transactions: $ref: '#/definitions/AccountReport' _links: $ref: '#/definitions/Links' example: account: iban: BG77BPBI000001 transactions: booked: - creditorName: Иван Иванов creditorAccount: iban: BG77BPBI000001 transactionAmount: currency: BGN amount: "200.00" bookingDate: "2018-07-02" valueDate: "2018-07-03" remittanceInformationUnstructured: Захранване на сметка - debtorName: Фирма ЕООД debtorAccount: iban: BG77BPBI000001 transactionAmount: currency: BGN amount: "49.51" bookingDate: "2018-07-04" valueDate: "2018-07-05" remittanceInformationUnstructured: Такса курс pending: - creditorName: Booking Co creditorAccount: iban: BG77BPBI000002 transactionAmount: currency: BGN amount: "1080.04" valueDate: "2017-10-26" remittanceInformationUnstructured: hotel _links: account: href: /v1/accounts/BG77BPBI000002 headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 400: description: Bad Request schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 401: description: Unauthorized schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 403: description: Forbidden schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. /consents: get: tags: - Consent summary: Get Consent description: Return valid Consent Id for PSU-TPP consent. operationId: getAllConsets produces: - application/json parameters: - name: X-Request-ID type: string required: true in: header description: ID of the request, unique to the call, as determined by the initiating party. - name: PSU-User-Agent in: header type: string description: The forwarded Agent header field of the http request between PSU and TPP, if available. - name: PSU-IP-Port in: header type: string description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP, if available. required: false - name: PSU-Geo-Location in: header type: string description: The forwarded Geo Location header field of the corresponding http request between PSU and TPP if available. required: false - name: PSU-Accept type: string required: false in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. - name: PSU-Accept-Charset type: string required: false in: header - name: PSU-Accept-Encoding type: string required: false in: header - name: PSU-Accept-Language type: string required: false in: header - name: PSU-Http-Method type: string enum: - GET - POST - PUT - PATCH - DELETE required: false in: header description: | HTTP method used at the PSU – TPP interface, if available. Valid values are\: * GET * POST * PUT * PATCH * DELETE - name: PSU-Device-ID type: string required: false in: header description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. - name: PSU-IP-Address type: string pattern: ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ required: false in: header description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. responses: 200: description: OK schema: type: object properties: consents: type: array items: type: object properties: consentId: type: string headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 400: description: Bad Request schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. post: tags: - Consent summary: Create consent description: This method create a consent resource, defining access rights to dedicated accounts of a given PSU. Only access rights are inserted without mentioning the addressed account. The relation to accounts is then handled afterwards between PSU and Postbank. operationId: postConsent consumes: - application/json produces: - application/json parameters: - name: X-Request-ID in: header required: true type: string description: ID of the request, unique to the call, as determined by the initiating party. - name: TPP-Redirect-URI in: header required: true type: string description: URI of the TPP, where the transaction flow shall be redirected to after a Redirect - name: PSU-User-Agent in: header type: string description: The forwarded Agent header field of the http request between PSU and TPP, if available. - name: PSU-IP-Port in: header type: string description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP, if available. required: false - name: PSU-Geo-Location in: header type: string description: The forwarded Geo Location header field of the corresponding http request between PSU and TPP if available. required: false - name: PSU-Accept type: string required: false in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. - name: PSU-Accept-Charset type: string required: false in: header - name: PSU-Accept-Encoding type: string required: false in: header - name: PSU-Accept-Language type: string required: false in: header - name: PSU-Http-Method type: string enum: - GET - POST - PUT - PATCH - DELETE required: false in: header description: | HTTP method used at the PSU – TPP interface, if available. Valid values are\: * GET * POST * PUT * PATCH * DELETE - name: PSU-Device-ID type: string required: false in: header description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. - name: PSU-IP-Address type: string pattern: ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ required: true in: header description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. - name: body in: body required: true schema: $ref: '#/definitions/ConsentRequestBody' responses: 201: description: Created schema: type: object properties: consentStatus: $ref: '#/definitions/ConsentStatus' consentId: type: string _links: $ref: '#/definitions/Links' example: consentStatus: received consentId: "12345687878" _links: scaRedirect: href: https://www.postbank.bg/authentication/12345687878 self: href: /v1/consents/12345687878 status: href: /v1/consents/12345687878/status headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. Location: type: string description: hyperlink for the status of the resource. ASPSP-SCA-Approach: type: string description: Possible value is REDIRECT. 400: description: Bad Request schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. /consents/{consent-id}: get: tags: - Consent summary: Get Consent Request description: Reads the exact definition of the given consent resource {consent-id} produces: - application/json parameters: - name: X-Request-ID in: header required: true type: string description: ID of the request, unique to the call, as determined by the initiating party. - name: PSU-User-Agent in: header type: string description: The forwarded Agent header field of the http request between PSU and TPP, if available. - name: PSU-IP-Port in: header type: string description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP, if available. required: false - name: PSU-Geo-Location in: header type: string description: The forwarded Geo Location header field of the corresponding http request between PSU and TPP if available. required: false - name: PSU-Accept type: string required: false in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. - name: PSU-Accept-Charset type: string required: false in: header - name: PSU-Accept-Encoding type: string required: false in: header - name: PSU-Accept-Language type: string required: false in: header - name: PSU-Http-Method type: string enum: - GET - POST - PUT - PATCH - DELETE required: false in: header description: | HTTP method used at the PSU – TPP interface, if available. Valid values are\: * GET * POST * PUT * PATCH * DELETE - name: PSU-Device-ID type: string required: false in: header description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. - name: PSU-IP-Address type: string pattern: ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ required: false in: header description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. responses: 200: description: OK schema: type: object properties: consent: $ref: '#/definitions/Consent' example: access: balances: - iban: BG77BPBI000001 transactions: - iban: BG77BPBI000001 - iban: BG77BPBI000002 recurringIndicator: true validUntil: "2018-12-25" frequencyPerDay: 2 consentStatus: valid _links: account: href: /v1/accounts/ headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 400: description: Bad Request schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. operationId: getConsent delete: tags: - Consent summary: Delete consent description: The TPP can delete an account information consent object if needed. operationId: deleteConsentWithID produces: - application/json parameters: - name: X-Request-ID in: header required: true type: integer format: string description: ID of the request, unique to the call, as determined by the initiating party. - name: PSU-User-Agent in: header type: string description: The forwarded Agent header field of the http request between PSU and TPP, if available. - name: PSU-IP-Port in: header type: string description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP, if available. required: false - name: PSU-Geo-Location in: header type: string description: The forwarded Geo Location header field of the corresponding http request between PSU and TPP if available. required: false - name: PSU-Accept type: string required: false in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. - name: PSU-Accept-Charset type: string required: false in: header - name: PSU-Accept-Encoding type: string required: false in: header - name: PSU-Accept-Language type: string required: false in: header - name: PSU-Http-Method type: string enum: - GET - POST - PUT - PATCH - DELETE required: false in: header description: | HTTP method used at the PSU – TPP interface, if available. Valid values are\: * GET * POST * PUT * PATCH * DELETE - name: PSU-Device-ID type: string required: false in: header description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. - name: PSU-IP-Address type: string pattern: ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ required: false in: header description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. responses: 204: description: No Content headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 400: description: Bad Request schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. parameters: - name: consent-id in: path required: true type: string description: ID of the corresponding consent object as returned by an Account Information Consent Request /consents/{consent-id}/status: get: tags: - Consent summary: Consent status request description: Reads the transaction status of the addressed consent resource. produces: - application/json parameters: - name: X-Request-ID type: string required: true in: header description: ID of the request, unique to the call, as determined by the initiating party. - name: PSU-User-Agent in: header type: string description: The forwarded Agent header field of the http request between PSU and TPP, if available. - name: PSU-IP-Port in: header type: string description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP, if available. required: false - name: PSU-Geo-Location in: header type: string description: The forwarded Geo Location header field of the corresponding http request between PSU and TPP if available. required: false - name: PSU-Accept type: string required: false in: header description: The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available. - name: PSU-Accept-Charset type: string required: false in: header - name: PSU-Accept-Encoding type: string required: false in: header - name: PSU-Accept-Language type: string required: false in: header - name: PSU-Http-Method type: string enum: - GET - POST - PUT - PATCH - DELETE required: false in: header description: | HTTP method used at the PSU – TPP interface, if available. Valid values are\: * GET * POST * PUT * PATCH * DELETE - name: PSU-Device-ID type: string required: false in: header description: UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available. - name: PSU-IP-Address type: string pattern: ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ required: false in: header description: The forwarded IP Address header field consists of the corresponding HTTP request IP Address field between PSU and TPP. responses: 200: description: OK schema: type: object required: - consentStatus properties: consentStatus: $ref: '#/definitions/ConsentStatus' scaStatus: type: string enum: - finalised example: consentStatus: terminatedByTpp scaStatus: finalised headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 400: description: Bad Request schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorModel' headers: X-Request-ID: type: string description: ID of the request, unique to the call, as determined by the initiating party. operationId: getConsentStatus parameters: - name: consent-id in: path required: true type: string description: ID of the corresponding consent object as returned by an Account Information Consent Request x-ibm-configuration: phase: realized enforced: true testable: true consumes: - application/json produces: - application/json basePath: /v1 x-ibm-endpoints: - endpointUrl: https://gate.postbank.bg/postbank/psd2 type: - production - development ...