SHARE
TWEET

Untitled

a guest Jun 25th, 2019 89 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. openapi: 3.0.1
  2. info:
  3.   title: BACAR Open API
  4.   version: "1.3 Dec 20th 2018"
  5.   description: |
  6.     # Summary
  7.     This document provides the specification of Banco Carregosa's Open API.
  8.    
  9.     The PSD2 section follows the 1.3 release of the Berlin Group XS2A specifications, containing the REST-API definitions for requests from PISP's.
  10.    
  11.     Banco Carregosa only supports the Redirect SCA Approach.
  12.    
  13.     If there is a name field "Accept", "Content-Type" or "Authorization" in the "header", the parameter definition SHALL be ignored.
  14.      
  15.     The element "Accept" will not be defined in this file at any place.
  16.      
  17.     The elements "Content-Type" and "Authorization" are implicitly defined by the OpenApi tags "content" and "security".
  18.            
  19.     ## General Remarks on Data Types
  20.    
  21.     The PSD2 API supports at least the following characters
  22.    
  23.     a b c d e f g h i j k l m n o p q r s t u v w x y z
  24.    
  25.     A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
  26.    
  27.     0 1 2 3 4 5 6 7 8 9
  28.    
  29.     / - ? : ( ) . , ' +
  30.    
  31.     Space
  32.  
  33.     ## Important Notes
  34.    
  35.     Banco Carregosa has a multi-currency and sub-account structure.
  36.     Information consents are granted for an account identified by an IBAN.
  37.    
  38.    
  39.     This API extends the Berlin Group XS2A in regards to internal transfers according.
  40.    
  41.     Fund-Confirmations should be accessed through the Account Information Service with a valid consent and accountId.
  42.    
  43.  
  44.   license:
  45.     name: Creative Commons Attribution 4.0 International Public License
  46.     url: https://creativecommons.org/licenses/by/4.0/
  47.   #termsOfService: URL for Terms of Service of the API
  48.   contact:
  49.     name: Banco Carregosa SA
  50.     url: https://www.bancocarregosa.com
  51.     email: geral@bancocarregosa.com
  52.  
  53. externalDocs:
  54.   description: |
  55.     Full Documentation of NextGenPSD2 Access to Account Interoperability Framework
  56.     (General Introduction Paper, Operational Rules, Implementation Guidelines)
  57.   url: https://www.berlin-group.org/nextgenpsd2-downloads
  58.  
  59. servers:
  60.   - url: https://api.testbank.com/psd2
  61.     description: PSD2 server
  62.   - url: https://test-api.testbank.com/psd2
  63.     description: Optional PSD2 test server
  64.  
  65. paths:
  66.  
  67.  
  68.   #####################################################
  69.   # Account Information Service
  70.   #####################################################
  71.  
  72.       #####################################################
  73.       # Accounts
  74.       #####################################################
  75.  
  76.  
  77.   /v1/accounts:
  78.     get:
  79.       summary: Read Account List
  80.       description: |
  81.         Read the identifiers of the available payment accounts.
  82.        
  83.         Balances and transactions require an explicit request to these account references.
  84.        
  85.         It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.
  86.         The addressed list of accounts depends then on the PSU ID and the stored consent addressed by consentId.
  87.        
  88.         Returns all identifiers of the accounts, to which an account access has been granted to through
  89.         the /consents endpoint by the PSU.
  90.         In addition, relevant information about the accounts and hyperlinks to corresponding account
  91.         information resources are provided if a related consent has been already granted.
  92.        
  93.       operationId: getAccountList
  94.       tags:
  95.         - Account Information Service (AIS)
  96.      
  97.       security:
  98.       #####################################################
  99.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  100.       #In this file only the basic security element to transport
  101.       # the bearer token of an an OAuth2 process, which has to
  102.       # be included inthe HTTP header ist described.
  103.       #
  104.       # WARNING:
  105.       # If you want to use this file for a productive implementation,
  106.       # it is recommandes to adjust the security schemes according to
  107.       # your system enviroments and security policies.
  108.       #####################################################
  109.         - {}
  110.         - BearerAuthOAuth: []
  111.      
  112.       parameters:
  113.       #path # NO PATH PARAMETER
  114.       #query
  115.         - $ref: "#/components/parameters/withBalanceQuery"
  116.       #header
  117.           #common header parameter
  118.         - $ref: "#/components/parameters/X-Request-ID"
  119.           #header to support the signature function
  120.         - $ref: "#/components/parameters/Digest"
  121.         - $ref: "#/components/parameters/Signature"
  122.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  123.           #method specific header elements
  124.         - $ref: "#/components/parameters/consentId_HEADER_mandatory"
  125.           #conditional elemention for AIS
  126.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  127.           #optional additional PSU Information in header
  128.         - $ref: "#/components/parameters/PSU-IP-Port"
  129.         - $ref: "#/components/parameters/PSU-Accept"
  130.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  131.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  132.         - $ref: "#/components/parameters/PSU-Accept-Language"
  133.         - $ref: "#/components/parameters/PSU-User-Agent"
  134.         - $ref: "#/components/parameters/PSU-Http-Method"
  135.         - $ref: "#/components/parameters/PSU-Device-ID"
  136.         - $ref: "#/components/parameters/PSU-Geo-Location"
  137.       #NO REQUEST BODY
  138.      
  139.       responses:
  140.         '200':
  141.           $ref: "#/components/responses/OK_200_AccountList"
  142.        
  143.         '400':
  144.           $ref: "#/components/responses/BAD_REQUEST_400"
  145.         '401':
  146.           $ref: "#/components/responses/UNAUTHORIZED_401"
  147.         '403':
  148.           $ref: "#/components/responses/FORBIDDEN_403"
  149.         '404':
  150.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  151.         '405':
  152.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  153.         '408':
  154.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  155.         '429':
  156.           $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
  157.         '500':
  158.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  159.         '503':
  160.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  161.  
  162.   /v1/accounts/{accountId}:
  163.     get:
  164.       summary: Read Account Details
  165.       description: |
  166.         Reads details about an account, with balances where required.
  167.         It is assumed that a consent of the PSU to
  168.         this access is already given and stored on the ASPSP system.
  169.         The addressed details of this account depends then on the stored consent addressed by consentId,
  170.         respectively the OAuth2 access token.
  171.        
  172.         **NOTE:** The accountId can represent a multicurrency account.
  173.         In this case the currency code is set to "XXX".
  174.        
  175.         Give detailed information about the addressed account.
  176.        
  177.         Give detailed information about the addressed account together with balance information
  178.       operationId: readAccountDetails
  179.       tags:
  180.         - Account Information Service (AIS)
  181.      
  182.       security:
  183.       #####################################################
  184.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  185.       #In this file only the basic security element to transport
  186.       # the bearer token of an an OAuth2 process, which has to
  187.       # be included inthe HTTP header ist described.
  188.       #
  189.       # WARNING:
  190.       # If you want to use this file for a productive implementation,
  191.       # it is recommandes to adjust the security schemes according to
  192.       # your system enviroments and security policies.
  193.       #####################################################
  194.         - {}
  195.         - BearerAuthOAuth: []
  196.      
  197.       parameters:
  198.       #path
  199.         - $ref: "#/components/parameters/accountId"
  200.       #query
  201.         - $ref: "#/components/parameters/withBalanceQuery"
  202.       #header
  203.           #common header parameter
  204.         - $ref: "#/components/parameters/X-Request-ID"
  205.           #header to support the signature function
  206.         - $ref: "#/components/parameters/Digest"
  207.         - $ref: "#/components/parameters/Signature"
  208.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  209.           #method specific header elements
  210.         - $ref: "#/components/parameters/consentId_HEADER_mandatory"
  211.           #conditional elemention for AIS
  212.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  213.           #optional additional PSU Information in header
  214.         - $ref: "#/components/parameters/PSU-IP-Port"
  215.         - $ref: "#/components/parameters/PSU-Accept"
  216.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  217.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  218.         - $ref: "#/components/parameters/PSU-Accept-Language"
  219.         - $ref: "#/components/parameters/PSU-User-Agent"
  220.         - $ref: "#/components/parameters/PSU-Http-Method"
  221.         - $ref: "#/components/parameters/PSU-Device-ID"
  222.         - $ref: "#/components/parameters/PSU-Geo-Location"
  223.       #NO REQUEST BODY
  224.      
  225.       responses:
  226.         '200':
  227.           $ref: "#/components/responses/OK_200_AccountList"
  228.        
  229.         '400':
  230.           $ref: "#/components/responses/BAD_REQUEST_400"
  231.         '401':
  232.           $ref: "#/components/responses/UNAUTHORIZED_401"
  233.         '403':
  234.           $ref: "#/components/responses/FORBIDDEN_403"
  235.         '404':
  236.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  237.         '405':
  238.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  239.         '408':
  240.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  241.         '429':
  242.           $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
  243.         '500':
  244.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  245.         '503':
  246.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  247.          
  248.   /v1/accounts/{accountId}/balances:
  249.  
  250.     get:
  251.       summary: Read Balance
  252.       description: |
  253.         Reads account data from a given account addressed by "accountId".
  254.        
  255.         information might be logged on intermediary servers within the ASPSP sphere.
  256.         This accountId then can be retrieved by the "GET Account List" call.
  257.        
  258.         The accountId is constant at least throughout the lifecycle of a given consent.
  259.        
  260.         Balances have been extended by including a subaccount reference.
  261.       operationId: getBalances
  262.       tags:
  263.         - Account Information Service (AIS)
  264.      
  265.       security:
  266.       #####################################################
  267.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  268.       #In this file only the basic security element to transport
  269.       # the bearer token of an an OAuth2 process, which has to
  270.       # be included inthe HTTP header ist described.
  271.       #
  272.       # WARNING:
  273.       # If you want to use this file for a productive implementation,
  274.       # it is recommandes to adjust the security schemes according to
  275.       # your system enviroments and security policies.
  276.       #####################################################
  277.         - {}
  278.         - BearerAuthOAuth: []
  279.      
  280.       parameters:
  281.       #path
  282.         - $ref: "#/components/parameters/accountId"
  283.       #query # NO QUERY PARAMETER
  284.       #header
  285.           #common header parameter
  286.         - $ref: "#/components/parameters/X-Request-ID"
  287.           #header to support the signature function
  288.         - $ref: "#/components/parameters/Digest"
  289.         - $ref: "#/components/parameters/Signature"
  290.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  291.           #method specific header elements
  292.         - $ref: "#/components/parameters/consentId_HEADER_mandatory"
  293.           #conditional elemention for AIS
  294.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  295.           #optional additional PSU Information in header
  296.         - $ref: "#/components/parameters/PSU-IP-Port"
  297.         - $ref: "#/components/parameters/PSU-Accept"
  298.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  299.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  300.         - $ref: "#/components/parameters/PSU-Accept-Language"
  301.         - $ref: "#/components/parameters/PSU-User-Agent"
  302.         - $ref: "#/components/parameters/PSU-Http-Method"
  303.         - $ref: "#/components/parameters/PSU-Device-ID"
  304.         - $ref: "#/components/parameters/PSU-Geo-Location"
  305.       #NO REQUEST BODY
  306.      
  307.       responses:
  308.         '200':
  309.           $ref: "#/components/responses/OK_200_Balances"
  310.        
  311.         '400':
  312.           $ref: "#/components/responses/BAD_REQUEST_400"
  313.         '401':
  314.           $ref: "#/components/responses/UNAUTHORIZED_401"
  315.         '403':
  316.           $ref: "#/components/responses/FORBIDDEN_403"
  317.         '404':
  318.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  319.         '405':
  320.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  321.         '408':
  322.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  323.         '429':
  324.           $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
  325.         '500':
  326.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  327.         '503':
  328.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  329.  
  330.   /v1/accounts/{accountId}/transactions/:
  331.     get:
  332.       summary: Read transaction list of an account
  333.       description: |
  334.         Read transaction reports or transaction lists of a given account ddressed by "accountId", depending on the steering parameter
  335.         "bookingStatus" together with balances.
  336.        
  337.         For a given account, additional parameters are e.g. the attributes "dateFrom" and "dateTo".
  338.         Transactions have been extended by including a subaccount reference.
  339.       operationId: getTransactionList
  340.       tags:
  341.         - Account Information Service (AIS)
  342.      
  343.       security:
  344.       #####################################################
  345.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  346.       #In this file only the basic security element to transport
  347.       # the bearer token of an an OAuth2 process, which has to
  348.       # be included inthe HTTP header ist described.
  349.       #
  350.       # WARNING:
  351.       # If you want to use this file for a productive implementation,
  352.       # it is recommandes to adjust the security schemes according to
  353.       # your system enviroments and security policies.
  354.       #####################################################
  355.         - {}
  356.         - BearerAuthOAuth: []
  357.      
  358.       parameters:
  359.       #path
  360.         - $ref: "#/components/parameters/accountId"
  361.       #query
  362.         - $ref: "#/components/parameters/dateFrom"
  363.         - $ref: "#/components/parameters/dateTo"
  364.         - $ref: "#/components/parameters/entryReferenceFrom"
  365.         - $ref: "#/components/parameters/bookingStatus"
  366.         - $ref: "#/components/parameters/deltaList"
  367.         - $ref: "#/components/parameters/withBalanceQuery"
  368.       #header
  369.           #common header parameter
  370.         - $ref: "#/components/parameters/X-Request-ID"
  371.           #header to support the signature function
  372.         - $ref: "#/components/parameters/Digest"
  373.         - $ref: "#/components/parameters/Signature"
  374.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  375.           #method specific header elements
  376.         - $ref: "#/components/parameters/consentId_HEADER_mandatory"
  377.         #- $ref: "#/components/parameters/Accept" #Can not defined in Open API. See general comments in the description attached to the top level of the file.
  378.           #conditional elemention for AIS
  379.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  380.           #optional additional PSU Information in header
  381.         - $ref: "#/components/parameters/PSU-IP-Port"
  382.         - $ref: "#/components/parameters/PSU-Accept"
  383.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  384.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  385.         - $ref: "#/components/parameters/PSU-Accept-Language"
  386.         - $ref: "#/components/parameters/PSU-User-Agent"
  387.         - $ref: "#/components/parameters/PSU-Http-Method"
  388.         - $ref: "#/components/parameters/PSU-Device-ID"
  389.         - $ref: "#/components/parameters/PSU-Geo-Location"
  390.       #NO REQUEST BODY
  391.      
  392.       responses:
  393.         '200':
  394.           $ref: "#/components/responses/OK_200_AccountsTransactions"
  395.        
  396.         '400':
  397.           $ref: "#/components/responses/BAD_REQUEST_400"
  398.         '401':
  399.           $ref: "#/components/responses/UNAUTHORIZED_401"
  400.         '403':
  401.           $ref: "#/components/responses/FORBIDDEN_403"
  402.         '404':
  403.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  404.         '405':
  405.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  406.         '408':
  407.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  408.         '429':
  409.           $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
  410.         '500':
  411.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  412.         '503':
  413.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  414.  
  415.  
  416.   /v1/accounts/{accountId}/transactions/{resourceId}:
  417.     get:
  418.       summary: Read Transaction Details
  419.       description: |
  420.         Reads transaction details from a given transaction addressed by "resourceId" on a given account addressed by "accountId".
  421.         This call is only available on transactions as reported in a JSON format.
  422.        
  423.         **Remark:** Please note that the PATH might be already given in detail by the corresponding entry of the response of the
  424.         "Read Transaction List" call within the _links subfield.
  425.       operationId: getTransactionDetails
  426.       tags:
  427.         - Account Information Service (AIS)
  428.      
  429.       security:
  430.       #####################################################
  431.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  432.       #In this file only the basic security element to transport
  433.       # the bearer token of an an OAuth2 process, which has to
  434.       # be included inthe HTTP header ist described.
  435.       #
  436.       # WARNING:
  437.       # If you want to use this file for a productive implementation,
  438.       # it is recommandes to adjust the security schemes according to
  439.       # your system enviroments and security policies.
  440.       #####################################################
  441.         - {}
  442.         - BearerAuthOAuth: []
  443.      
  444.       parameters:
  445.       #path
  446.         - $ref: "#/components/parameters/accountId"
  447.         - $ref: "#/components/parameters/resourceId"
  448.       #query # NO QUERY PARAMETER
  449.       #header
  450.           #common header parameter
  451.         - $ref: "#/components/parameters/X-Request-ID"
  452.           #header to support the signature function
  453.         - $ref: "#/components/parameters/Digest"
  454.         - $ref: "#/components/parameters/Signature"
  455.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  456.           #method specific header elements
  457.         - $ref: "#/components/parameters/consentId_HEADER_mandatory"
  458.           #conditional elemention for AIS
  459.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  460.           #optional additional PSU Information in header
  461.         - $ref: "#/components/parameters/PSU-IP-Port"
  462.         - $ref: "#/components/parameters/PSU-Accept"
  463.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  464.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  465.         - $ref: "#/components/parameters/PSU-Accept-Language"
  466.         - $ref: "#/components/parameters/PSU-User-Agent"
  467.         - $ref: "#/components/parameters/PSU-Http-Method"
  468.         - $ref: "#/components/parameters/PSU-Device-ID"
  469.         - $ref: "#/components/parameters/PSU-Geo-Location"
  470.       #NO REQUEST BODY
  471.      
  472.       responses:
  473.         '200':
  474.           $ref: "#/components/responses/OK_200_TransactionDetails"
  475.        
  476.         '400':
  477.           $ref: "#/components/responses/BAD_REQUEST_400"
  478.         '401':
  479.           $ref: "#/components/responses/UNAUTHORIZED_401"
  480.         '403':
  481.           $ref: "#/components/responses/FORBIDDEN_403"
  482.         '404':
  483.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  484.         '405':
  485.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  486.         '408':
  487.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  488.         '429':
  489.           $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
  490.         '500':
  491.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  492.         '503':
  493.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  494.  
  495.   /v1/accounts/{accountId}/funds-confirmations:
  496.     post:
  497.       summary: Confirmation of Funds Request
  498.       description:
  499.         This request was placed under the account information service. It requires a valid consent for balance or transaction information on the selected account.
  500.       operationId: checkAvailabilityOfFunds
  501.       tags:
  502.         - Account Information Service (AIS)
  503.      
  504.       parameters:
  505.       #path
  506.         - $ref: "#/components/parameters/accountId"
  507.       #query # NO QUERY PARAMETER
  508.       #header
  509.           #common header parameter
  510.         - $ref: "#/components/parameters/X-Request-ID"
  511.           #method specific header elements
  512.         - $ref: "#/components/parameters/consentId_HEADER_mandatory"
  513.           #header to support the signature function
  514.         - $ref: "#/components/parameters/Digest"
  515.         - $ref: "#/components/parameters/Signature"
  516.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  517.      
  518.       requestBody:
  519.         $ref: "#/components/requestBodies/confirmationOfFunds"
  520.      
  521.       responses:
  522.         '200':
  523.           $ref: "#/components/responses/OK_200_ConfirmationOfFunds"
  524.         '400':
  525.           $ref: "#/components/responses/BAD_REQUEST_400"
  526.         '401':
  527.           $ref: "#/components/responses/UNAUTHORIZED_401"
  528.         '403':
  529.           $ref: "#/components/responses/FORBIDDEN_403"
  530.         '404':
  531.           $ref: "#/components/responses/NOT_FOUND_404_PIIS"
  532.         '405':
  533.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  534.         '408':
  535.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  536.         '500':
  537.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  538.         '503':
  539.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  540.  
  541.       #####################################################
  542.       # Consents
  543.       #####################################################
  544.  
  545.   /v1/consents:
  546.     post:
  547.       summary: Create consent
  548.       description: |
  549.         This method creates a consent resource, defining access rights to dedicated accounts of
  550.         a given PSU-ID.
  551.        
  552.         **Side Effects**
  553.         When this Consent Request is a request where the "recurringIndicator" equals "true",
  554.         and if it exists already a former consent for recurring access on account information
  555.         for the addressed PSU, then the former consent automatically expires as soon as the new
  556.         consent request is authorised by the PSU.
  557.        
  558.         Accepts a specific access on all psd2 related services for all psd2 accounts.
  559.        
  560.       operationId: createConsent
  561.       tags:
  562.         - Account Information Service (AIS)
  563.      
  564.       security:
  565.       #####################################################
  566.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  567.       #In this file only the basic security element to transport
  568.       # the bearer token of an an OAuth2 process, which has to
  569.       # be included inthe HTTP header ist described.
  570.       #
  571.       # WARNING:
  572.       # If you want to use this file for a productive implementation,
  573.       # it is recommandes to adjust the security schemes according to
  574.       # your system enviroments and security policies.
  575.       #####################################################
  576.         - {}
  577.         - BearerAuthOAuth: []
  578.      
  579.       parameters:
  580.         #path # NO PATH PARAMETER
  581.         #query # NO QUERY PARAMETER
  582.         #header
  583.           #common header parameter
  584.         - $ref: "#/components/parameters/X-Request-ID"
  585.           #header to support the signature function
  586.         - $ref: "#/components/parameters/Digest"
  587.         - $ref: "#/components/parameters/Signature"
  588.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  589.           #method specific header elements
  590.         - $ref: "#/components/parameters/PSU-ID"
  591.         - $ref: "#/components/parameters/PSU-ID-Type"
  592.         - $ref: "#/components/parameters/PSU-Corporate-ID"
  593.         - $ref: "#/components/parameters/PSU-Corporate-ID-Type"
  594.         - $ref: "#/components/parameters/TPP-Redirect-Preferred"
  595.         - $ref: "#/components/parameters/TPP-Redirect-URI"
  596.         - $ref: "#/components/parameters/TPP-Nok-Redirect-URI"
  597.         - $ref: "#/components/parameters/TPP-Explicit-Authorisation-Preferred"
  598.           #conditional elemention for AIS
  599.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  600.           #optional additional PSU Information in header
  601.         - $ref: "#/components/parameters/PSU-IP-Port"
  602.         - $ref: "#/components/parameters/PSU-Accept"
  603.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  604.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  605.         - $ref: "#/components/parameters/PSU-Accept-Language"
  606.         - $ref: "#/components/parameters/PSU-User-Agent"
  607.         - $ref: "#/components/parameters/PSU-Http-Method"
  608.         - $ref: "#/components/parameters/PSU-Device-ID"
  609.         - $ref: "#/components/parameters/PSU-Geo-Location"
  610.      
  611.       requestBody:
  612.         $ref: "#/components/requestBodies/consents"
  613.      
  614.       responses:
  615.         '201':
  616.           $ref: "#/components/responses/CREATED_201_Consents"
  617.        
  618.         '400':
  619.           $ref: "#/components/responses/BAD_REQUEST_400"
  620.         '401':
  621.           $ref: "#/components/responses/UNAUTHORIZED_401"
  622.         '403':
  623.           $ref: "#/components/responses/FORBIDDEN_403"
  624.         '404':
  625.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  626.         '405':
  627.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  628.         '408':
  629.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  630.         '500':
  631.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  632.         '503':
  633.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  634.  
  635.  
  636.   /v1/consents/{consentId}:
  637.     get:
  638.       summary: Get Consent Request
  639.       description: |
  640.         Returns the content of an account information consent object.
  641.         This is returning the data for the TPP especially in cases,
  642.         where the consent was directly managed between ASPSP and PSU e.g. in a re-direct SCA Approach.
  643.       operationId: getConsentInformation
  644.       tags:
  645.         - Account Information Service (AIS)
  646.      
  647.       security:
  648.       #####################################################
  649.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  650.       #In this file only the basic security element to transport
  651.       # the bearer token of an an OAuth2 process, which has to
  652.       # be included inthe HTTP header ist described.
  653.       #
  654.       # WARNING:
  655.       # If you want to use this file for a productive implementation,
  656.       # it is recommandes to adjust the security schemes according to
  657.       # your system enviroments and security policies.
  658.       #####################################################
  659.         - {}
  660.         - BearerAuthOAuth: []
  661.      
  662.       parameters:
  663.       #path
  664.         - $ref: "#/components/parameters/consentId_PATH"
  665.       #query # NO QUERY PARAMETER
  666.       #header
  667.           #common header parameter
  668.         - $ref: "#/components/parameters/X-Request-ID"
  669.           #header to support the signature function
  670.         - $ref: "#/components/parameters/Digest"
  671.         - $ref: "#/components/parameters/Signature"
  672.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  673.           #conditional elemention for AIS
  674.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  675.           #optional additional PSU Information in header
  676.         - $ref: "#/components/parameters/PSU-IP-Port"
  677.         - $ref: "#/components/parameters/PSU-Accept"
  678.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  679.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  680.         - $ref: "#/components/parameters/PSU-Accept-Language"
  681.         - $ref: "#/components/parameters/PSU-User-Agent"
  682.         - $ref: "#/components/parameters/PSU-Http-Method"
  683.         - $ref: "#/components/parameters/PSU-Device-ID"
  684.         - $ref: "#/components/parameters/PSU-Geo-Location"
  685.       #NO REQUEST BODY
  686.      
  687.       responses:
  688.         '200':
  689.           $ref: "#/components/responses/OK_200_ConsentInformation"
  690.        
  691.         '400':
  692.           $ref: "#/components/responses/BAD_REQUEST_400"
  693.         '401':
  694.           $ref: "#/components/responses/UNAUTHORIZED_401"
  695.         '403':
  696.           $ref: "#/components/responses/FORBIDDEN_403"
  697.         '404':
  698.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  699.         '405':
  700.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  701.         '408':
  702.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  703.         '500':
  704.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  705.         '503':
  706.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  707.  
  708.  
  709.     delete:
  710.       summary: Delete Consent
  711.       description: The TPP can delete an account information consent object if needed.
  712.       operationId: deleteConsent
  713.       tags:
  714.         - Account Information Service (AIS)
  715.      
  716.       security:
  717.       #####################################################
  718.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  719.       #In this file only the basic security element to transport
  720.       # the bearer token of an an OAuth2 process, which has to
  721.       # be included inthe HTTP header ist described.
  722.       #
  723.       # WARNING:
  724.       # If you want to use this file for a productive implementation,
  725.       # it is recommandes to adjust the security schemes according to
  726.       # your system enviroments and security policies.
  727.       #####################################################
  728.         - {}
  729.         - BearerAuthOAuth: []
  730.      
  731.       parameters:
  732.       #path
  733.         - $ref: "#/components/parameters/consentId_PATH"
  734.       #query # NO QUERY PARAMETER
  735.       #header
  736.           #common header parameter
  737.         - $ref: "#/components/parameters/X-Request-ID"
  738.           #header to support the signature function
  739.         - $ref: "#/components/parameters/Digest"
  740.         - $ref: "#/components/parameters/Signature"
  741.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  742.           #conditional elemention for AIS
  743.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  744.           #optional additional PSU Information in header
  745.         - $ref: "#/components/parameters/PSU-IP-Port"
  746.         - $ref: "#/components/parameters/PSU-Accept"
  747.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  748.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  749.         - $ref: "#/components/parameters/PSU-Accept-Language"
  750.         - $ref: "#/components/parameters/PSU-User-Agent"
  751.         - $ref: "#/components/parameters/PSU-Http-Method"
  752.         - $ref: "#/components/parameters/PSU-Device-ID"
  753.         - $ref: "#/components/parameters/PSU-Geo-Location"
  754.       #NO REQUEST BODY
  755.      
  756.       responses:
  757.         '204':
  758.           $ref: "#/components/responses/NO_CONTENT_204_Consents"
  759.        
  760.         '400':
  761.           $ref: "#/components/responses/BAD_REQUEST_400"
  762.         '401':
  763.           $ref: "#/components/responses/UNAUTHORIZED_401"
  764.         '403':
  765.           $ref: "#/components/responses/FORBIDDEN_403"
  766.         '404':
  767.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  768.         '405':
  769.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  770.         '408':
  771.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  772.         '500':
  773.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  774.         '503':
  775.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  776.  
  777.  
  778.   /v1/consents/{consentId}/status:
  779.     get:
  780.       summary: Consent status request
  781.       description: Read the status of an account information consent resource.
  782.       operationId: getConsentStatus
  783.       tags:
  784.         - Account Information Service (AIS)
  785.      
  786.       security:
  787.       #####################################################
  788.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  789.       #In this file only the basic security element to transport
  790.       # the bearer token of an an OAuth2 process, which has to
  791.       # be included inthe HTTP header ist described.
  792.       #
  793.       # WARNING:
  794.       # If you want to use this file for a productive implementation,
  795.       # it is recommandes to adjust the security schemes according to
  796.       # your system enviroments and security policies.
  797.       #####################################################
  798.         - {}
  799.         - BearerAuthOAuth: []
  800.      
  801.       parameters:
  802.       #path
  803.         - $ref: "#/components/parameters/consentId_PATH"
  804.       #query # NO QUERY PARAMETER
  805.       #header
  806.           #common header parameter
  807.         - $ref: "#/components/parameters/X-Request-ID"
  808.           #header to support the signature function
  809.         - $ref: "#/components/parameters/Digest"
  810.         - $ref: "#/components/parameters/Signature"
  811.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  812.           #conditional elemention for AIS
  813.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  814.           #optional additional PSU Information in header
  815.         - $ref: "#/components/parameters/PSU-IP-Port"
  816.         - $ref: "#/components/parameters/PSU-Accept"
  817.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  818.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  819.         - $ref: "#/components/parameters/PSU-Accept-Language"
  820.         - $ref: "#/components/parameters/PSU-User-Agent"
  821.         - $ref: "#/components/parameters/PSU-Http-Method"
  822.         - $ref: "#/components/parameters/PSU-Device-ID"
  823.         - $ref: "#/components/parameters/PSU-Geo-Location"
  824.       #NO REQUEST BODY
  825.      
  826.       responses:
  827.         '200':
  828.           $ref: "#/components/responses/OK_200_ConsentStatus"
  829.        
  830.         '400':
  831.           $ref: "#/components/responses/BAD_REQUEST_400"
  832.         '401':
  833.           $ref: "#/components/responses/UNAUTHORIZED_401"
  834.         '403':
  835.           $ref: "#/components/responses/FORBIDDEN_403"
  836.         '404':
  837.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  838.         '405':
  839.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  840.         '408':
  841.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  842.         '500':
  843.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  844.         '503':
  845.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  846.  
  847.  
  848.   /v1/consents/{consentId}/authorisations:
  849.  
  850.     post:
  851.       summary: Start the authorisation process for a consent
  852.       description: |
  853.         Create an authorisation sub-resource and start the authorisation process of a consent.
  854.         The message might in addition transmit authentication and authorisation related data.
  855.        
  856.         his method is iterated n times for a n times SCA authorisation in a
  857.         corporate context, each creating an own authorisation sub-endpoint for
  858.         the corresponding PSU authorising the consent.
  859.        
  860.         The ASPSP might make the usage of this access method unnecessary,
  861.         since the related authorisation resource will be automatically created by
  862.         the ASPSP after the submission of the consent data with the first POST consents call.
  863.        
  864.         The start authorisation process is a process which is needed for creating a new authorisation
  865.         or cancellation sub-resource.
  866.        
  867.         This applies in the following scenarios:
  868.        
  869.           * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding Payment
  870.             Initiation Response that an explicit start of the authorisation process is needed by the TPP.
  871.             The 'startAuthorisation' hyperlink can transport more information about data which needs to be
  872.             uploaded by using the extended forms.
  873.             * 'startAuthorisationWithPsuIdentfication',
  874.             * 'startAuthorisationWithPsuAuthentication' #TODO
  875.             * 'startAuthorisationWithAuthentciationMethodSelection'
  876.           * The related payment initiation cannot yet be executed since a multilevel SCA is mandated.
  877.           * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding
  878.             Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP.
  879.             The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded
  880.             by using the extended forms as indicated above.
  881.           * The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for
  882.             executing the cancellation.
  883.           * The signing basket needs to be authorised yet.
  884.       operationId: startConsentAuthorisation
  885.       tags:
  886.         - Account Information Service (AIS)
  887.       security:
  888.       #####################################################
  889.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  890.       #In this file only the basic security element to transport
  891.       # the bearer token of an an OAuth2 process, which has to
  892.       # be included inthe HTTP header ist described.
  893.       #
  894.       # WARNING:
  895.       # If you want to use this file for a productive implementation,
  896.       # it is recommandes to adjust the security schemes according to
  897.       # your system enviroments and security policies.
  898.       #####################################################
  899.         - {}
  900.         - BearerAuthOAuth: []
  901.       parameters:
  902.       #path
  903.         - $ref: "#/components/parameters/consentId_PATH"
  904.       #query # NO QUERY PARAMETER
  905.       #header
  906.           #common header parameter
  907.         - $ref: "#/components/parameters/X-Request-ID"
  908.           #header to support the signature function
  909.         - $ref: "#/components/parameters/Digest"
  910.         - $ref: "#/components/parameters/Signature"
  911.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  912.           #method specific header elements
  913.         - $ref: "#/components/parameters/PSU-ID"
  914.         - $ref: "#/components/parameters/PSU-ID-Type"
  915.         - $ref: "#/components/parameters/PSU-Corporate-ID"
  916.         - $ref: "#/components/parameters/PSU-Corporate-ID-Type"
  917.           #conditional elemention for AIS
  918.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  919.           #optional additional PSU Information in header
  920.         - $ref: "#/components/parameters/PSU-IP-Port"
  921.         - $ref: "#/components/parameters/PSU-Accept"
  922.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  923.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  924.         - $ref: "#/components/parameters/PSU-Accept-Language"
  925.         - $ref: "#/components/parameters/PSU-User-Agent"
  926.         - $ref: "#/components/parameters/PSU-Http-Method"
  927.         - $ref: "#/components/parameters/PSU-Device-ID"
  928.         - $ref: "#/components/parameters/PSU-Geo-Location"
  929.       #NO REQUEST BODY
  930.      
  931.       responses:
  932.         '201':
  933.           $ref: "#/components/responses/CREATED_201_StartScaProcess"
  934.        
  935.         '400':
  936.           $ref: "#/components/responses/BAD_REQUEST_400"
  937.         '401':
  938.           $ref: "#/components/responses/UNAUTHORIZED_401"
  939.         '403':
  940.           $ref: "#/components/responses/FORBIDDEN_403"
  941.         '404':
  942.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  943.         '405':
  944.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  945.         '408':
  946.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  947.         '429':
  948.           $ref: "#/components/responses/TOO_MANY_REQUESTS_429_AIS"
  949.         '500':
  950.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  951.         '503':
  952.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  953.  
  954.  
  955.     get:
  956.       summary: Get Consent Authorisation Sub-Resources Request
  957.       description: |
  958.         Return a list of all authorisation subresources IDs which have been created.
  959.        
  960.         This function returns an array of hyperlinks to all generated authorisation sub-resources.
  961.       operationId: getConsentAuthorisation
  962.       tags:
  963.         - Account Information Service (AIS)
  964.      
  965.       security:
  966.       #####################################################
  967.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  968.       #In this file only the basic security element to transport
  969.       # the bearer token of an an OAuth2 process, which has to
  970.       # be included inthe HTTP header ist described.
  971.       #
  972.       # WARNING:
  973.       # If you want to use this file for a productive implementation,
  974.       # it is recommandes to adjust the security schemes according to
  975.       # your system enviroments and security policies.
  976.       #####################################################
  977.         - {}
  978.         - BearerAuthOAuth: []
  979.      
  980.       parameters:
  981.       #path
  982.         - $ref: "#/components/parameters/consentId_PATH"
  983.       #query # NO QUERY PARAMETER
  984.       #header
  985.           #common header parameter
  986.         - $ref: "#/components/parameters/X-Request-ID"
  987.           #header to support the signature function
  988.         - $ref: "#/components/parameters/Digest"
  989.         - $ref: "#/components/parameters/Signature"
  990.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  991.           #conditional elemention for AIS
  992.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  993.           #optional additional PSU Information in header
  994.         - $ref: "#/components/parameters/PSU-IP-Port"
  995.         - $ref: "#/components/parameters/PSU-Accept"
  996.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  997.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  998.         - $ref: "#/components/parameters/PSU-Accept-Language"
  999.         - $ref: "#/components/parameters/PSU-User-Agent"
  1000.         - $ref: "#/components/parameters/PSU-Http-Method"
  1001.         - $ref: "#/components/parameters/PSU-Device-ID"
  1002.         - $ref: "#/components/parameters/PSU-Geo-Location"
  1003.       #NO REQUEST BODY
  1004.      
  1005.       responses:
  1006.         '200':
  1007.           $ref: "#/components/responses/OK_200_Authorisations"
  1008.        
  1009.         '400':
  1010.           $ref: "#/components/responses/BAD_REQUEST_400"
  1011.         '401':
  1012.           $ref: "#/components/responses/UNAUTHORIZED_401"
  1013.         '403':
  1014.           $ref: "#/components/responses/FORBIDDEN_403"
  1015.         '404':
  1016.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  1017.         '405':
  1018.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  1019.         '408':
  1020.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  1021.         '500':
  1022.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  1023.         '503':
  1024.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  1025.  
  1026.  
  1027.   /v1/consents/{consentId}/authorisations/{authorisationId}:
  1028.  
  1029.     get:
  1030.       summary: Read the SCA status of the consent authorisation.
  1031.       description: |
  1032.         This method returns the SCA status of a consent initiation's authorisation sub-resource.
  1033.       operationId: getConsentScaStatus
  1034.       tags:
  1035.         - Account Information Service (AIS)
  1036.      
  1037.       security:
  1038.       #####################################################
  1039.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  1040.       #In this file only the basic security element to transport
  1041.       # the bearer token of an an OAuth2 process, which has to
  1042.       # be included inthe HTTP header ist described.
  1043.       #
  1044.       # WARNING:
  1045.       # If you want to use this file for a productive implementation,
  1046.       # it is recommandes to adjust the security schemes according to
  1047.       # your system enviroments and security policies.
  1048.       #####################################################
  1049.         - {}
  1050.         - BearerAuthOAuth: []
  1051.      
  1052.       parameters:
  1053.       #path
  1054.         - $ref: "#/components/parameters/consentId_PATH"
  1055.         - $ref: "#/components/parameters/authorisationId"
  1056.       #query # NO QUERY PARAMETER
  1057.       #header
  1058.           #common header parameter
  1059.         - $ref: "#/components/parameters/X-Request-ID"
  1060.           #header to support the signature function
  1061.         - $ref: "#/components/parameters/Digest"
  1062.         - $ref: "#/components/parameters/Signature"
  1063.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  1064.           #conditional elemention for AIS
  1065.         - $ref: "#/components/parameters/PSU-IP-Address_conditionalForAis"
  1066.           #optional additional PSU Information in header
  1067.         - $ref: "#/components/parameters/PSU-IP-Port"
  1068.         - $ref: "#/components/parameters/PSU-Accept"
  1069.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  1070.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  1071.         - $ref: "#/components/parameters/PSU-Accept-Language"
  1072.         - $ref: "#/components/parameters/PSU-User-Agent"
  1073.         - $ref: "#/components/parameters/PSU-Http-Method"
  1074.         - $ref: "#/components/parameters/PSU-Device-ID"
  1075.         - $ref: "#/components/parameters/PSU-Geo-Location"
  1076.       #NO REQUEST BODY
  1077.      
  1078.       responses:
  1079.         '200':
  1080.           $ref: "#/components/responses/OK_200_ScaStatus"
  1081.        
  1082.         '400':
  1083.           $ref: "#/components/responses/BAD_REQUEST_400"
  1084.         '401':
  1085.           $ref: "#/components/responses/UNAUTHORIZED_401"
  1086.         '403':
  1087.           $ref: "#/components/responses/FORBIDDEN_403"
  1088.         '404':
  1089.           $ref: "#/components/responses/NOT_FOUND_404_AIS"
  1090.         '405':
  1091.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  1092.         '408':
  1093.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  1094.         '500':
  1095.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  1096.         '503':
  1097.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  1098.  
  1099.   #####################################################
  1100.   # Payment Information Service
  1101.   #####################################################
  1102.  
  1103.   /v1/{payment-service}/{payment-product}:
  1104.  
  1105.     post:
  1106.       summary: Payment initiation request
  1107.       description: |
  1108.         This method is used to initiate a payment at the ASPSP.
  1109.      
  1110.         ## Adaptation of Payment Initiation Requests
  1111.        
  1112.         Payment initiations should be sent following the JSON body implementation.
  1113.         This service was extended to accept internal transfers.
  1114.         Only Single SCA Processes are accepted, limiting payment initiation services to accounts that may be authenticated in such a way.
  1115.        
  1116.         There are the following **payment products** in *JSON* format:
  1117.           - ***sepa-credit-transfers***
  1118.           - ***internal-transfers***
  1119.        
  1120.         The request body depends on the **payment-service** which accepts:
  1121.           * ***payments***: A single payment initiation request.
  1122.            
  1123.        
  1124.       operationId: initiatePayment
  1125.       tags:
  1126.         - Payment Initiation Service (PIS)
  1127.      
  1128.       security:
  1129.       #####################################################
  1130.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  1131.       #In this file only the basic security element to transport
  1132.       # the bearer token of an an OAuth2 process, which has to
  1133.       # be included inthe HTTP header ist described.
  1134.       #
  1135.       # WARNING:
  1136.       # If you want to use this file for a productive implementation,
  1137.       # it is recommandes to adjust the security schemes according to
  1138.       # your system enviroments and security policies.
  1139.       #####################################################
  1140.         - {}
  1141.         - BearerAuthOAuth: []
  1142.      
  1143.       parameters:
  1144.       #path
  1145.         - $ref: "#/components/parameters/paymentService"
  1146.         - $ref: "#/components/parameters/paymentProduct"
  1147.       #query # NO QUERY PARAMETER
  1148.       #header
  1149.           #common header parameter
  1150.         - $ref: "#/components/parameters/X-Request-ID"
  1151.           #header to support the signature function
  1152.         - $ref: "#/components/parameters/Digest"
  1153.         - $ref: "#/components/parameters/Signature"
  1154.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  1155.           #method specific header elements
  1156.         - $ref: "#/components/parameters/PSU-ID"
  1157.         - $ref: "#/components/parameters/PSU-ID-Type"
  1158.         - $ref: "#/components/parameters/PSU-Corporate-ID"
  1159.         - $ref: "#/components/parameters/PSU-Corporate-ID-Type"
  1160.         - $ref: "#/components/parameters/consentId_HEADER_optional"
  1161.         - $ref: "#/components/parameters/PSU-IP-Address_mandatory"
  1162.         - $ref: "#/components/parameters/TPP-Redirect-Preferred"
  1163.         - $ref: "#/components/parameters/TPP-Redirect-URI"
  1164.         - $ref: "#/components/parameters/TPP-Nok-Redirect-URI"
  1165.         - $ref: "#/components/parameters/TPP-Explicit-Authorisation-Preferred"
  1166.           #optional additional PSU Information in header
  1167.         - $ref: "#/components/parameters/PSU-IP-Port"
  1168.         - $ref: "#/components/parameters/PSU-Accept"
  1169.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  1170.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  1171.         - $ref: "#/components/parameters/PSU-Accept-Language"
  1172.         - $ref: "#/components/parameters/PSU-User-Agent"
  1173.         - $ref: "#/components/parameters/PSU-Http-Method"
  1174.         - $ref: "#/components/parameters/PSU-Device-ID"
  1175.         - $ref: "#/components/parameters/PSU-Geo-Location"
  1176.        
  1177.       requestBody:
  1178.         $ref: "#/components/requestBodies/paymentInitiation"
  1179.      
  1180.       responses:
  1181.         '201':
  1182.           $ref: "#/components/responses/CREATED_201_PaymentInitiation"
  1183.         '400':
  1184.           $ref: "#/components/responses/BAD_REQUEST_400"
  1185.         '401':
  1186.           $ref: "#/components/responses/UNAUTHORIZED_401"
  1187.         '403':
  1188.           $ref: "#/components/responses/FORBIDDEN_403"
  1189.         '404':
  1190.           $ref: "#/components/responses/NOT_FOUND_404_PIS"
  1191.         '405':
  1192.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  1193.         '408':
  1194.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  1195.         '500':
  1196.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  1197.         '503':
  1198.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  1199.  
  1200.   /v1/{payment-service}/{payment-product}/{paymentId}:
  1201.  
  1202.     get:
  1203.       summary: Get Payment Information
  1204.       description: Returns the content of a payment object
  1205.       operationId: getPaymentInformation
  1206.       tags:
  1207.         - Payment Initiation Service (PIS)
  1208.       security:
  1209.       #####################################################
  1210.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  1211.       #In this file only the basic security element to transport
  1212.       # the bearer token of an an OAuth2 process, which has to
  1213.       # be included inthe HTTP header ist described.
  1214.       #
  1215.       # WARNING:
  1216.       # If you want to use this file for a productive implementation,
  1217.       # it is recommandes to adjust the security schemes according to
  1218.       # your system enviroments and security policies.
  1219.       #####################################################
  1220.         - {}
  1221.         - BearerAuthOAuth: []
  1222.       parameters:
  1223.       #path
  1224.         - $ref: "#/components/parameters/paymentService"
  1225.         - $ref: "#/components/parameters/paymentProduct"
  1226.         - $ref: "#/components/parameters/paymentId"
  1227.       #query # NO QUERY PARAMETER
  1228.       #header
  1229.           #common header parameter
  1230.         - $ref: "#/components/parameters/X-Request-ID"
  1231.           #header to support the signature function
  1232.         - $ref: "#/components/parameters/Digest"
  1233.         - $ref: "#/components/parameters/Signature"
  1234.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  1235.           #optional additional PSU Information in header
  1236.         - $ref: "#/components/parameters/PSU-IP-Address_optional"
  1237.         - $ref: "#/components/parameters/PSU-IP-Port"
  1238.         - $ref: "#/components/parameters/PSU-Accept"
  1239.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  1240.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  1241.         - $ref: "#/components/parameters/PSU-Accept-Language"
  1242.         - $ref: "#/components/parameters/PSU-User-Agent"
  1243.         - $ref: "#/components/parameters/PSU-Http-Method"
  1244.         - $ref: "#/components/parameters/PSU-Device-ID"
  1245.         - $ref: "#/components/parameters/PSU-Geo-Location"
  1246.       #NO REQUEST BODY
  1247.      
  1248.       responses:
  1249.         '200':
  1250.           $ref: "#/components/responses/OK_200_PaymentInitiationInformation"
  1251.         '400':
  1252.           $ref: "#/components/responses/BAD_REQUEST_400"
  1253.         '401':
  1254.           $ref: "#/components/responses/UNAUTHORIZED_401"
  1255.         '403':
  1256.           $ref: "#/components/responses/FORBIDDEN_403"
  1257.         '404':
  1258.           $ref: "#/components/responses/NOT_FOUND_404_PIS"
  1259.         '405':
  1260.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  1261.         '408':
  1262.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  1263.         '500':
  1264.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  1265.         '503':
  1266.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  1267.  
  1268.     delete:
  1269.       summary: Payment Cancellation Request
  1270.       description: |
  1271.         This method initiates the cancellation of a payment pending authorisation.
  1272.  
  1273.         An authorisation process is created by this request.
  1274.        
  1275.       operationId: cancelPayment
  1276.       tags:
  1277.         - Payment Initiation Service (PIS)
  1278.      
  1279.       security:
  1280.       #####################################################
  1281.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  1282.       #In this file only the basic security element to transport
  1283.       # the bearer token of an an OAuth2 process, which has to
  1284.       # be included inthe HTTP header ist described.
  1285.       #
  1286.       # WARNING:
  1287.       # If you want to use this file for a productive implementation,
  1288.       # it is recommandes to adjust the security schemes according to
  1289.       # your system enviroments and security policies.
  1290.       #####################################################
  1291.         - {}
  1292.         - BearerAuthOAuth: []
  1293.      
  1294.       parameters:
  1295.       #path
  1296.         - $ref: "#/components/parameters/paymentService"
  1297.         - $ref: "#/components/parameters/paymentProduct"
  1298.         - $ref: "#/components/parameters/paymentId"
  1299.       #query # NO QUERY PARAMETER
  1300.       #header
  1301.           #common header parameter
  1302.         - $ref: "#/components/parameters/X-Request-ID"
  1303.           #header to support the signature function
  1304.         - $ref: "#/components/parameters/Digest"
  1305.         - $ref: "#/components/parameters/Signature"
  1306.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  1307.           #optional additional PSU Information in header
  1308.         - $ref: "#/components/parameters/PSU-IP-Address_optional"
  1309.         - $ref: "#/components/parameters/PSU-IP-Port"
  1310.         - $ref: "#/components/parameters/PSU-Accept"
  1311.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  1312.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  1313.         - $ref: "#/components/parameters/PSU-Accept-Language"
  1314.         - $ref: "#/components/parameters/PSU-User-Agent"
  1315.         - $ref: "#/components/parameters/PSU-Http-Method"
  1316.         - $ref: "#/components/parameters/PSU-Device-ID"
  1317.         - $ref: "#/components/parameters/PSU-Geo-Location"
  1318.       #NO REQUEST BODY
  1319.      
  1320.       responses:
  1321.         '204':
  1322.           $ref: "#/components/responses/NO_CONTENT_204_PaymentInitiationCancel"
  1323.         '400':
  1324.           $ref: "#/components/responses/BAD_REQUEST_400"
  1325.         '401':
  1326.           $ref: "#/components/responses/UNAUTHORIZED_401"
  1327.         '403':
  1328.           $ref: "#/components/responses/FORBIDDEN_403"
  1329.         '404':
  1330.           $ref: "#/components/responses/NOT_FOUND_404_PIS"
  1331.         '405':
  1332.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  1333.         '408':
  1334.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  1335.         '500':
  1336.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  1337.         '503':
  1338.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  1339.  
  1340.  
  1341.   /v1/{payment-service}/{payment-product}/{paymentId}/status:
  1342.  
  1343.     get:
  1344.       summary: Payment initiation status request
  1345.       description: Check the transaction status of a payment initiation.
  1346.       operationId: getPaymentInitiationStatus
  1347.       tags:
  1348.         - Payment Initiation Service (PIS)
  1349.      
  1350.       security:
  1351.       #####################################################
  1352.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  1353.       #In this file only the basic security element to transport
  1354.       # the bearer token of an an OAuth2 process, which has to
  1355.       # be included inthe HTTP header ist described.
  1356.       #
  1357.       # WARNING:
  1358.       # If you want to use this file for a productive implementation,
  1359.       # it is recommandes to adjust the security schemes according to
  1360.       # your system enviroments and security policies.
  1361.       #####################################################
  1362.         - {}
  1363.         - BearerAuthOAuth: []
  1364.      
  1365.       parameters:
  1366.       #path
  1367.         - $ref: "#/components/parameters/paymentService"
  1368.         - $ref: "#/components/parameters/paymentProduct"
  1369.         - $ref: "#/components/parameters/paymentId"
  1370.       #query # NO QUERY PARAMETER
  1371.       #header
  1372.           #common header parameter
  1373.         - $ref: "#/components/parameters/X-Request-ID"
  1374.           #header to support the signature function
  1375.         - $ref: "#/components/parameters/Digest"
  1376.         - $ref: "#/components/parameters/Signature"
  1377.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  1378.           #optional additional PSU Information in header
  1379.         - $ref: "#/components/parameters/PSU-IP-Address_optional"
  1380.         - $ref: "#/components/parameters/PSU-IP-Port"
  1381.         - $ref: "#/components/parameters/PSU-Accept"
  1382.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  1383.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  1384.         - $ref: "#/components/parameters/PSU-Accept-Language"
  1385.         - $ref: "#/components/parameters/PSU-User-Agent"
  1386.         - $ref: "#/components/parameters/PSU-Http-Method"
  1387.         - $ref: "#/components/parameters/PSU-Device-ID"
  1388.         - $ref: "#/components/parameters/PSU-Geo-Location"
  1389.       #NO REQUEST BODY
  1390.      
  1391.       responses:
  1392.         '200':
  1393.           $ref: "#/components/responses/OK_200_PaymentInitiationStatus"
  1394.         '400':
  1395.           $ref: "#/components/responses/BAD_REQUEST_400"
  1396.         '401':
  1397.           $ref: "#/components/responses/UNAUTHORIZED_401"
  1398.         '403':
  1399.           $ref: "#/components/responses/FORBIDDEN_403"
  1400.         '404':
  1401.           $ref: "#/components/responses/NOT_FOUND_404_PIS"
  1402.         '405':
  1403.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  1404.         '408':
  1405.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  1406.         '500':
  1407.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  1408.         '503':
  1409.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  1410.  
  1411.   /v1/{payment-service}/{payment-product}/{paymentId}/authorisations:
  1412.     post:
  1413.       summary: Start the authorisation process for a payment initiation
  1414.       description: |
  1415.         Create an authorisation sub-resource and start the authorisation process.
  1416.         The message might in addition transmit authentication and authorisation related data.
  1417.        
  1418.         This method is iterated n times for a n times SCA authorisation in a
  1419.         corporate context, each creating an own authorisation sub-endpoint for
  1420.         the corresponding PSU authorising the transaction.
  1421.        
  1422.         The ASPSP might make the usage of this access method unnecessary in case
  1423.         of only one SCA process needed, since the related authorisation resource
  1424.         might be automatically created by the ASPSP after the submission of the
  1425.         payment data with the first POST payments/{payment-product} call.
  1426.        
  1427.         The start authorisation process is a process which is needed for creating a new authorisation
  1428.         or cancellation sub-resource.
  1429.        
  1430.         This applies in the following scenarios:
  1431.        
  1432.           * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding Payment
  1433.             Initiation Response that an explicit start of the authorisation process is needed by the TPP.
  1434.             The 'startAuthorisation' hyperlink can transport more information about data which needs to be
  1435.             uploaded by using the extended forms.
  1436.             * 'startAuthorisationWithPsuIdentfication',
  1437.             * 'startAuthorisationWithPsuAuthentication' #TODO
  1438.             * 'startAuthorisationWithAuthentciationMethodSelection'
  1439.           * The related payment initiation cannot yet be executed since a multilevel SCA is mandated.
  1440.           * The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding
  1441.             Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP.
  1442.             The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded
  1443.             by using the extended forms as indicated above.
  1444.           * The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for
  1445.             executing the cancellation.
  1446.           * The signing basket needs to be authorised yet.
  1447.       operationId: startPaymentAuthorisation
  1448.       tags:
  1449.         - Payment Initiation Service (PIS)
  1450.       security:
  1451.       #####################################################
  1452.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  1453.       #In this file only the basic security element to transport
  1454.       # the bearer token of an an OAuth2 process, which has to
  1455.       # be included inthe HTTP header ist described.
  1456.       #
  1457.       # WARNING:
  1458.       # If you want to use this file for a productive implementation,
  1459.       # it is recommandes to adjust the security schemes according to
  1460.       # your system enviroments and security policies.
  1461.       #####################################################
  1462.         - {}
  1463.         - BearerAuthOAuth: []
  1464.       parameters:
  1465.       #path
  1466.         - $ref: "#/components/parameters/paymentService"
  1467.         - $ref: "#/components/parameters/paymentProduct"
  1468.         - $ref: "#/components/parameters/paymentId"
  1469.       #query # NO QUERY PARAMETER
  1470.       #header
  1471.           #common header parameter
  1472.         - $ref: "#/components/parameters/X-Request-ID"
  1473.           #method specific header elements
  1474.         - $ref: "#/components/parameters/PSU-ID"
  1475.         - $ref: "#/components/parameters/PSU-ID-Type"
  1476.         - $ref: "#/components/parameters/PSU-Corporate-ID"
  1477.         - $ref: "#/components/parameters/PSU-Corporate-ID-Type"
  1478.           #header to support the signature function
  1479.         - $ref: "#/components/parameters/Digest"
  1480.         - $ref: "#/components/parameters/Signature"
  1481.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  1482.           #optional additional PSU Information in header
  1483.         - $ref: "#/components/parameters/PSU-IP-Address_optional"
  1484.         - $ref: "#/components/parameters/PSU-IP-Port"
  1485.         - $ref: "#/components/parameters/PSU-Accept"
  1486.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  1487.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  1488.         - $ref: "#/components/parameters/PSU-Accept-Language"
  1489.         - $ref: "#/components/parameters/PSU-User-Agent"
  1490.         - $ref: "#/components/parameters/PSU-Http-Method"
  1491.         - $ref: "#/components/parameters/PSU-Device-ID"
  1492.         - $ref: "#/components/parameters/PSU-Geo-Location"
  1493.       #NO REQUEST BODY
  1494.      
  1495.       responses:
  1496.         '201':
  1497.           $ref: "#/components/responses/CREATED_201_StartScaProcess"
  1498.        
  1499.         '400':
  1500.           $ref: "#/components/responses/BAD_REQUEST_400"
  1501.         '401':
  1502.           $ref: "#/components/responses/UNAUTHORIZED_401"
  1503.         '403':
  1504.           $ref: "#/components/responses/FORBIDDEN_403"
  1505.         '404':
  1506.           $ref: "#/components/responses/NOT_FOUND_404_PIS"
  1507.         '405':
  1508.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  1509.         '408':
  1510.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  1511.         '500':
  1512.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  1513.         '503':
  1514.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  1515.  
  1516.  
  1517.  
  1518.  
  1519.     get:
  1520.       summary: Get Payment Initiation Authorisation Sub-Resources Request
  1521.       description: |
  1522.         Read a list of all authorisation subresources IDs which have been created.
  1523.        
  1524.         This function returns an array of hyperlinks to all generated authorisation sub-resources.
  1525.       operationId: getPaymentInitiationAuthorisation
  1526.       tags:
  1527.         - Payment Initiation Service (PIS)
  1528.      
  1529.       security:
  1530.       #####################################################
  1531.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  1532.       #In this file only the basic security element to transport
  1533.       # the bearer token of an an OAuth2 process, which has to
  1534.       # be included inthe HTTP header ist described.
  1535.       #
  1536.       # WARNING:
  1537.       # If you want to use this file for a productive implementation,
  1538.       # it is recommandes to adjust the security schemes according to
  1539.       # your system enviroments and security policies.
  1540.       #####################################################
  1541.         - {}
  1542.         - BearerAuthOAuth: []
  1543.      
  1544.       parameters:
  1545.       #path
  1546.         - $ref: "#/components/parameters/paymentService"
  1547.         - $ref: "#/components/parameters/paymentProduct"
  1548.         - $ref: "#/components/parameters/paymentId"
  1549.       #query # NO QUERY PARAMETER
  1550.       #header
  1551.           #common header parameter
  1552.         - $ref: "#/components/parameters/X-Request-ID"
  1553.           #header to support the signature function
  1554.         - $ref: "#/components/parameters/Digest"
  1555.         - $ref: "#/components/parameters/Signature"
  1556.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  1557.           #optional additional PSU Information in header
  1558.         - $ref: "#/components/parameters/PSU-IP-Address_optional"
  1559.         - $ref: "#/components/parameters/PSU-IP-Port"
  1560.         - $ref: "#/components/parameters/PSU-Accept"
  1561.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  1562.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  1563.         - $ref: "#/components/parameters/PSU-Accept-Language"
  1564.         - $ref: "#/components/parameters/PSU-User-Agent"
  1565.         - $ref: "#/components/parameters/PSU-Http-Method"
  1566.         - $ref: "#/components/parameters/PSU-Device-ID"
  1567.         - $ref: "#/components/parameters/PSU-Geo-Location"
  1568.       #NO REQUEST BODY
  1569.      
  1570.       responses:
  1571.         '200':
  1572.           $ref: "#/components/responses/OK_200_Authorisations"
  1573.         '400':
  1574.           $ref: "#/components/responses/BAD_REQUEST_400"
  1575.         '401':
  1576.           $ref: "#/components/responses/UNAUTHORIZED_401"
  1577.         '403':
  1578.           $ref: "#/components/responses/FORBIDDEN_403"
  1579.         '404':
  1580.           $ref: "#/components/responses/NOT_FOUND_404_PIS"
  1581.         '405':
  1582.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  1583.         '408':
  1584.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  1585.         '500':
  1586.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  1587.         '503':
  1588.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  1589.  
  1590.  
  1591.   /v1/{payment-service}/{payment-product}/{paymentId}/authorisations/{authorisationId}:
  1592.    
  1593.     get:
  1594.       summary: Read the SCA Status of the payment authorisation
  1595.       description: |
  1596.         This method returns the SCA status of a payment initiation's authorisation sub-resource, including payment cancels.
  1597.       operationId: getPaymentInitiationScaStatus
  1598.       tags:
  1599.         - Payment Initiation Service (PIS)
  1600.      
  1601.       security:
  1602.       #####################################################
  1603.       # REMARKS ON SECURITY IN THIS OPENAPI FILE
  1604.       #In this file only the basic security element to transport
  1605.       # the bearer token of an an OAuth2 process, which has to
  1606.       # be included inthe HTTP header ist described.
  1607.       #
  1608.       # WARNING:
  1609.       # If you want to use this file for a productive implementation,
  1610.       # it is recommandes to adjust the security schemes according to
  1611.       # your system enviroments and security policies.
  1612.       #####################################################
  1613.         - {}
  1614.         - BearerAuthOAuth: []
  1615.      
  1616.       parameters:
  1617.       #path
  1618.         - $ref: "#/components/parameters/paymentService"
  1619.         - $ref: "#/components/parameters/paymentProduct"
  1620.         - $ref: "#/components/parameters/paymentId"
  1621.         - $ref: "#/components/parameters/authorisationId"
  1622.       #query # NO QUERY PARAMETER
  1623.       #header
  1624.           #common header parameter
  1625.         - $ref: "#/components/parameters/X-Request-ID"
  1626.           #header to support the signature function
  1627.         - $ref: "#/components/parameters/Digest"
  1628.         - $ref: "#/components/parameters/Signature"
  1629.         - $ref: "#/components/parameters/TPP-Signature-Certificate"
  1630.           #optional additional PSU Information in header
  1631.         - $ref: "#/components/parameters/PSU-IP-Address_optional"
  1632.         - $ref: "#/components/parameters/PSU-IP-Port"
  1633.         - $ref: "#/components/parameters/PSU-Accept"
  1634.         - $ref: "#/components/parameters/PSU-Accept-Charset"
  1635.         - $ref: "#/components/parameters/PSU-Accept-Encoding"
  1636.         - $ref: "#/components/parameters/PSU-Accept-Language"
  1637.         - $ref: "#/components/parameters/PSU-User-Agent"
  1638.         - $ref: "#/components/parameters/PSU-Http-Method"
  1639.         - $ref: "#/components/parameters/PSU-Device-ID"
  1640.         - $ref: "#/components/parameters/PSU-Geo-Location"
  1641.       #NO REQUEST BODY
  1642.      
  1643.       responses:
  1644.         '200':
  1645.           $ref: "#/components/responses/OK_200_ScaStatus"
  1646.         '400':
  1647.           $ref: "#/components/responses/BAD_REQUEST_400"
  1648.         '401':
  1649.           $ref: "#/components/responses/UNAUTHORIZED_401"
  1650.         '403':
  1651.           $ref: "#/components/responses/FORBIDDEN_403"
  1652.         '404':
  1653.           $ref: "#/components/responses/NOT_FOUND_404_PIS"
  1654.         '405':
  1655.           $ref: "#/components/responses/METHOD_NOT_ALLOWED_405"
  1656.         '408':
  1657.           $ref: "#/components/responses/REQUEST_TIMEOUT_408"
  1658.         '500':
  1659.           $ref: "#/components/responses/INTERNAL_SERVER_ERROR_500"
  1660.         '503':
  1661.           $ref: "#/components/responses/SERVICE_UNAVAILABLE_503"
  1662.  
  1663.  
  1664.  
  1665.   #####################################################
  1666.   # Funds Confirmation Service
  1667.   #####################################################
  1668.  
  1669.  
  1670.  
  1671.  
  1672. components:
  1673. #####################################################
  1674. # Predefined Components
  1675. #####################################################
  1676.  
  1677.   securitySchemes:
  1678.   #####################################################
  1679.   # Predefined Security Schemes:
  1680.   #
  1681.   # In this file only the basic security element to transport
  1682.   # the bearer token of an an OAuth2 process, which has to
  1683.   # be included inthe HTTP header ist described.
  1684.   #
  1685.   # WARNING:
  1686.   # If you want to use this file for a productive implementation,
  1687.   # it is recommandes to adjust the security schemes according to
  1688.   # your system enviroments and security policies.
  1689.   #####################################################
  1690.     BearerAuthOAuth:
  1691.       description: |
  1692.         Bearer Token.
  1693.        
  1694.         Is contained only, if an OAuth2 based authentication was performed in a pre-step or
  1695.         an OAuth2 based SCA was performed in an preceding AIS service in the same session.
  1696.       type: http
  1697.       scheme: bearer
  1698.  
  1699.  
  1700.   schemas:
  1701.   #####################################################
  1702.   # Predefined Schemas
  1703.   #####################################################
  1704.  
  1705.     paymentId:
  1706.       description:
  1707.         Resource identification of the generated payment initiation resource.
  1708.       type: string
  1709.       example: "1234-wertiq-983"
  1710.  
  1711.  
  1712.     authorisationId:
  1713.       description: Resource identification of the related SCA
  1714.       type: string
  1715.       example: "123auth456"
  1716.  
  1717.  
  1718.     authenticationMethodId:
  1719.       description: |
  1720.             An identification provided by the ASPSP for the later identification of the authentication method selection.
  1721.       type: string
  1722.       maxLength: 35
  1723.       example: "myAuthenticationID"
  1724.  
  1725.  
  1726.     accountId:
  1727.       description: This identification is denoting the addressed account, where the transaction has been performed.
  1728.       type: string
  1729.       example: "qwer3456tzui7890"
  1730.      
  1731.  
  1732.     consentId:
  1733.       description: |
  1734.         ID of the corresponding consent object as returned by an Account Information Consent Request.
  1735.       type: string
  1736.  
  1737.  
  1738.     resourceId:
  1739.       description: |
  1740.         This identification is given by the attribute resourceId of the corresponding entry of a transaction list.
  1741.       type: string
  1742.       example: "3dc3d5b3-7023-4848-9853-f5400a64e80f"
  1743.  
  1744.  
  1745.     cancellationId:
  1746.       description: Identification for cancellation resource
  1747.       type: string
  1748.       example: "123auth456"
  1749.  
  1750.  
  1751.     entryReference:
  1752.       description: |
  1753.         Is the identification of the transaction as used e.g. for reference for deltafunction on application level.
  1754.       type: string
  1755.       maxLength: 35
  1756.  
  1757.  
  1758.     transactionStatus:
  1759.       description: |
  1760.         The transaction status is filled with codes of the ISO 20022 data table:
  1761.         - 'ACCC': 'AcceptedSettlementCompleted' -
  1762.           Settlement on the creditor's account has been completed.
  1763.         - 'ACCP': 'AcceptedCustomerProfile' -
  1764.           Preceding check of technical validation was successful.
  1765.           Customer profile check was also successful.
  1766.         - 'ACSC': 'AcceptedSettlementCompleted' -
  1767.           Settlement on the debtor�s account has been completed.
  1768.          
  1769.           **Usage:** this can be used by the first agent to report to the debtor that the transaction has been completed.
  1770.          
  1771.           **Warning:** this status is provided for transaction status reasons, not for financial information.
  1772.           It can only be used after bilateral agreement.
  1773.         - 'ACSP': 'AcceptedSettlementInProcess' -
  1774.           All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution.
  1775.         - 'ACTC': 'AcceptedTechnicalValidation' -
  1776.           Authentication and syntactical and semantical validation are successful.
  1777.         - 'ACWC': 'AcceptedWithChange' -
  1778.           Instruction is accepted but a change will be made, such as date or remittance not sent.
  1779.         - 'ACWP': 'AcceptedWithoutPosting' -
  1780.           Payment instruction included in the credit transfer is accepted without being posted to the creditor customer�s account.
  1781.         - 'RCVD': 'Received' -
  1782.           Payment initiation has been received by the receiving agent.
  1783.         - 'PDNG': 'Pending' -
  1784.           Payment initiation or individual transaction included in the payment initiation is pending.
  1785.           Further checks and status update will be performed.
  1786.         - 'RJCT': 'Rejected' -
  1787.           Payment initiation or individual transaction included in the payment initiation has been rejected.
  1788.         - 'CANC': 'Cancelled'
  1789.           Payment initiation has been cancelled before execution
  1790.           Remark: This code is still requested from ISO20022.
  1791.         - 'ACFC': 'AcceptedFundsChecked' -
  1792.           Preceeding check of technical validation and customer profile was successful and an automatic funds check was positive .
  1793.           Remark: This code is still requested from ISO20022.
  1794.         - 'PATC': 'PartiallyAcceptedTechnical'
  1795.           Correct The payment initiation needs multiple authentications, where some but not yet all have been performed. Syntactical and semantical validations are successful.
  1796.           Remark: This code is still requested from ISO20022.
  1797.        
  1798.       type: string
  1799.       enum:
  1800.         - "ACCC"
  1801.         - "ACCP"
  1802.         - "ACSC"
  1803.         - "ACSP"
  1804.         - "ACTC"
  1805.         - "ACWC"
  1806.         - "ACWP"
  1807.         - "RCVD"
  1808.         - "PDNG"
  1809.         - "RJCT"
  1810.         - "CANC"
  1811.         - "ACFC"
  1812.         - "PATC"
  1813.       example: "ACCP"
  1814.  
  1815.  
  1816.     scaStatus:
  1817.       description: |
  1818.         This data element is containing information about the status of the SCA method applied.
  1819.        
  1820.         The following codes are defined for this data type.
  1821.        
  1822.           * 'psuAuthenticated':
  1823.             The PSU related to the authorisation resource has been identified and authenticated e.g. by a password.
  1824.           * 'scaMethodSelected':
  1825.             First status to be reported instead since method is predetermined.
  1826.           * 'finalised':
  1827.             The SCA routine has been finalised successfully.
  1828.           * 'failed':
  1829.             The SCA routine failed
  1830.           * 'exempted':
  1831.             SCA was exempted for the related transaction, the related authorisation is successful.
  1832.       type: string
  1833.       enum:
  1834.         - "psuAuthenticated"
  1835.         - "scaMethodSelected"
  1836.         - "finalised"
  1837.         - "failed"
  1838.         - "exempted"
  1839.        
  1840.       example: "psuAuthenticated"
  1841.  
  1842.  
  1843.     scaAuthenticationData:
  1844.       description: |
  1845.         SCA authentication data, depending on the chosen authentication method.
  1846.         If the data is binary, then it is base64 encoded.
  1847.       type: string
  1848.  
  1849.     consentStatus:
  1850.       description: |
  1851.         This is the overall lifecycle status of the consent.
  1852.        
  1853.         Valid values are:
  1854.           - 'received': The consent data have been received and are technically correct.
  1855.             The data is not authorised yet.
  1856.           - 'rejected': The consent data have been rejected e.g. since no successful authorisation has taken place.
  1857.           - 'valid': The consent is accepted and valid for GET account data calls and others as specified in the consent object.
  1858.           - 'revokedByPsu': The consent has been revoked by the PSU towards the ASPSP.
  1859.           - 'expired': The consent expired.
  1860.           - 'terminatedByTpp': The corresponding TPP has terminated the consent by applying the DELETE method to the consent resource.
  1861.        
  1862.         The ASPSP might add further codes. These codes then shall be contained in the ASPSP's documentation of the XS2A interface
  1863.         and has to be added to this API definition as well.
  1864.       type: string
  1865.       enum:
  1866.         - "received"
  1867.         - "rejected"
  1868.         - "valid"
  1869.         - "revokedByPsu"
  1870.         - "expired"
  1871.         - "terminatedByTpp"
  1872.  
  1873.  
  1874.     transactionFeeIndicator:
  1875.       description: |
  1876.         If equals 'true', the transaction will involve specific transaction cost as shown by the ASPSP in
  1877.         their public price list or as agreed between ASPSP and PSU.
  1878.         If equals 'false', the transaction will not involve additional specific transaction costs to the PSU.
  1879.       type: boolean
  1880.  
  1881.     recurringIndicator:
  1882.       description: |
  1883.         "true", if the consent is for recurring access to the account data.
  1884.        
  1885.         "false", if the consent is for one access to the account data.
  1886.       type: boolean
  1887.       example: false
  1888.  
  1889.     authenticationType:
  1890.       description: |
  1891.         Type of the authentication method.
  1892.        
  1893.         More authentication types might be added during implementation projects and documented in the ASPSP documentation.
  1894.        
  1895.           - 'SMS_OTP': An SCA method, where an OTP linked to the transaction to be authorised is sent to the PSU through a SMS channel.
  1896.           - 'CHIP_OTP': An SCA method, where an OTP is generated by a chip card, e.g. an TOP derived from an EMV cryptogram.
  1897.             To contact the card, the PSU normally needs a (handheld) device.
  1898.             With this device, the PSU either reads the challenging data through a visual interface like flickering or
  1899.             the PSU types in the challenge through the device key pad.
  1900.             The device then derives an OTP from the challenge data and displays the OTP to the PSU.
  1901.           - 'PHOTO_OTP': An SCA method, where the challenge is a QR code or similar encoded visual data
  1902.             which can be read in by a consumer device or specific mobile app.
  1903.             The device resp. the specific app than derives an OTP from the visual challenge data and displays
  1904.             the OTP to the PSU.
  1905.           - 'PUSH_OTP': An OTP is pushed to a dedicated authentication APP and displayed to the PSU.
  1906.        
  1907.       type: string
  1908.       enum:
  1909.         - "SMS_OTP"
  1910.         - "CHIP_OTP"
  1911.         - "PHOTO_OTP"
  1912.         - "PUSH_OTP"
  1913.  
  1914.  
  1915.     hrefType:
  1916.       description: Link to a resource
  1917.       type: string
  1918.       example: "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
  1919.      
  1920.     hrefTypeAccount:
  1921.       description: Link to an account detail
  1922.       type: string
  1923.       example: "/v1/accounts/1234-wertiq-983"
  1924.      
  1925.     hrefTypeAccountList:
  1926.       description: Link to the account list
  1927.       type: string
  1928.       example: "/v1/accounts"
  1929.  
  1930.     hrefTypeSCT:
  1931.       description: Link to an SCT
  1932.       type: string
  1933.       example: "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
  1934.      
  1935.     hrefTypeIT:
  1936.       description: Link to an IT
  1937.       type: string
  1938.       example: "/v1/payments/internal-transfers/1234-wertiq-983"
  1939.      
  1940.     hrefTypeBalances:
  1941.       description: Link to balances
  1942.       type: string
  1943.       example: "/v1/accounts/1234-wertiq-983/balances"
  1944.      
  1945.     hrefTypeTransactions:
  1946.       description: Link to transactions
  1947.       type: string
  1948.       example: "/v1/accounts/1234-wertiq-983/transactions"
  1949.  
  1950.     hrefTypeTransactionDetails:
  1951.       description: Link to a transaction detail
  1952.       type: string
  1953.       example: "/v1/accounts/1234-wertiq-983/transactions/1234-wertiq-983"
  1954.  
  1955.     hrefTypeSCARedirect:
  1956.       description: Link to a resource
  1957.       type: string
  1958.       example: "/v1/payments/sepa-credit-transfers/1234-wertiq-983/authorisations/1234-wertiq-983/redirect"
  1959.  
  1960.     hrefTypeSCAStatus:
  1961.       description: Link to a resource
  1962.       type: string
  1963.       example: "/v1/payments/sepa-credit-transfers/1234-wertiq-983/authorisations/1234-wertiq-983/status"
  1964.  
  1965.     hrefTypeStatus:
  1966.       description: Link to a resource
  1967.       type: string
  1968.       example: "/v1/payments/sepa-credit-transfers/1234-wertiq-983/authorisations/1234-wertiq-983/status"
  1969.  
  1970.     authorisationsList:
  1971.       description: An array of all authorisationIds
  1972.       type: array
  1973.       items:
  1974.         $ref: "#/components/schemas/authorisationId"
  1975.  
  1976.     authorisations:
  1977.       description: An array of all authorisationIds
  1978.       type: object
  1979.       required:
  1980.         - authorisationIds
  1981.       properties:
  1982.         authorisationIds:
  1983.           $ref: "#/components/schemas/authorisationsList"
  1984.  
  1985.     accountReference:
  1986.       description: |
  1987.         Reference to an account by either
  1988.           * IBAN, of a payment accounts
  1989.       type: object
  1990.       properties:
  1991.         iban:
  1992.           $ref: "#/components/schemas/iban"
  1993.  
  1994.  
  1995.     subAccountReference:
  1996.       description: |
  1997.         Reference to a subaccount by an ASPSP reference
  1998.       type: object
  1999.       properties:
  2000.         subAccountId:
  2001.           $ref: "#/components/schemas/subAccountId"
  2002.         subAccountName:
  2003.           $ref: "#/components/schemas/subAccountName"
  2004.          
  2005.          
  2006.     subAccountId:
  2007.       description: |
  2008.         Reference to a subaccount by an ASPSP reference
  2009.       type: string
  2010.       example: "0"
  2011.      
  2012.      
  2013.     subAccountName:
  2014.       description: |
  2015.         Name of the subaccount
  2016.       type: string
  2017.       example: "DO"
  2018.      
  2019.     balanceType:
  2020.       description: |
  2021.         The following balance types are defined:
  2022.           - "closingBooked":
  2023.             Balance of the account at the end of the pre-agreed account reporting period.
  2024.             It is the sum of the opening booked balance at the beginning of the period and all entries booked
  2025.             to the account during the pre-agreed account reporting period.
  2026.            
  2027.           - "valueDate":
  2028.             Value date balance composed of booked entries and pending items known at the time of calculation ,
  2029.             which projects the end of day balance for interest calculation if everything is booked on the account and no other entry is posted.            
  2030.            
  2031.           - "expected":
  2032.             Balance composed of booked entries and pending items known at the time of calculation,
  2033.             which projects the end of day balance if everything is booked on the account and no other entry is posted.
  2034.            
  2035.           - "available":
  2036.             The Value Date balance deducted of credits awayting good collection, capital market buys and other debits pending settlement.
  2037.            
  2038.           - "authorised":
  2039.             The available balance together with the value of a pre-approved credit line the ASPSP makes permanently available to the user.
  2040.            
  2041.       type: string
  2042.       enum:
  2043.           - "closingBooked"
  2044.           - "expected"
  2045.           - "authorised"
  2046.           - "available"
  2047.           - "valueDate"
  2048.  
  2049.     accountAccess:
  2050.       description: |
  2051.         Requested access services for a consent.
  2052.       type: object
  2053.       properties:
  2054.         accounts:
  2055.           description: |
  2056.             Is asking for detailed account information.
  2057.           type: array
  2058.           items:
  2059.             $ref: "#/components/schemas/accountReference"
  2060.         balances:
  2061.           description: |
  2062.             Is asking for balances of the addressed accounts.
  2063.           type: array
  2064.           items:
  2065.             $ref: "#/components/schemas/accountReference"
  2066.         transactions:
  2067.           description: |
  2068.             Is asking for transactions of the addressed accounts.
  2069.           type: array
  2070.           items:
  2071.             $ref: "#/components/schemas/accountReference"
  2072.         availableAccounts:
  2073.           description: |
  2074.             Not supported by API provider.
  2075.           type: string
  2076.           enum:
  2077.             - "allAccounts"
  2078.             - "allAccountsWithBalances"
  2079.         allPsd2:
  2080.           description: |
  2081.             Supported by API provider.
  2082.            
  2083.             Only the value "allAccounts" is admitted.
  2084.           type: string
  2085.           enum:
  2086.             - "allAccounts"
  2087.  
  2088.     cashAccountType:
  2089.       description: |
  2090.         ExternalCashAccountType1Code from ISO 20022.
  2091.       type: string
  2092.  
  2093.     accountStatus:
  2094.       description: |
  2095.         Account status. The value is one of the following:
  2096.           - "enabled": account is available
  2097.           - "deleted": account is terminated
  2098.           - "blocked": account is blocked e.g. for legal reasons
  2099.         If this field is not used, than the account is available in the sense of this specification.
  2100.       type: string
  2101.       enum:
  2102.         - "enabled"
  2103.         - "deleted"
  2104.         - "blocked"
  2105.  
  2106.     accountDetails:
  2107.       description: |
  2108.         The ASPSP shall give the following account reference identifiers:
  2109.           - iban
  2110.       type: object
  2111.       required:
  2112.         - currency
  2113.       properties:
  2114.         resourceId:
  2115.           description: This shall be filled, if addressable resource are created by the ASPSP on the /accounts endpoint.
  2116.           type: string
  2117.         iban:
  2118.           $ref: "#/components/schemas/iban"
  2119.         name:
  2120.           description: Name of the account given by the bank or the PSU in online-banking.
  2121.           type: string
  2122.           maxLength: 35
  2123.         product:
  2124.           description: Product name of the bank for this account, proprietary definition.
  2125.           type: string
  2126.           maxLength: 35
  2127.         cashAccountType:
  2128.           $ref: "#/components/schemas/cashAccountType"
  2129.         status:
  2130.           $ref: "#/components/schemas/accountStatus"
  2131.         bic:
  2132.           $ref: "#/components/schemas/bicfi"
  2133.         linkedAccounts:
  2134.           description: Case of a set of pending card transactions, the APSP will provide the relevant cash account the card is set up on.
  2135.           type: string
  2136.           maxLength: 70
  2137.         usage:
  2138.           description: |
  2139.             Specifies the usage of the account
  2140.               * PRIV: private personal account
  2141.               * ORGA: professional account
  2142.           type: string
  2143.           maxLength: 4
  2144.           enum:
  2145.             - "PRIV"
  2146.             - "ORGA"
  2147.         details:
  2148.           description: |
  2149.             Specifications that might be provided by the ASPSP
  2150.               - characteristics of the account
  2151.               - characteristics of the relevant card
  2152.           type: string
  2153.           maxLength: 140
  2154.         _links:
  2155.           $ref: "#/components/schemas/_linksAccountDetails"
  2156.  
  2157.     accountList:
  2158.       description: |
  2159.         List of accounts with details.
  2160.       type: object
  2161.       properties:
  2162.         accounts:
  2163.           type: array
  2164.           items:
  2165.             $ref: "#/components/schemas/accountDetails"
  2166.  
  2167.  
  2168.     accountReport:
  2169.       description: |
  2170.         JSON based account report.
  2171.         This account report contains transactions resulting from the query parameters.
  2172.        
  2173.         'booked' shall be contained if bookingStatus parameter is set to "booked" or "both".
  2174.        
  2175.         'pending' is not contained if the bookingStatus parameter is set to "booked".
  2176.       type: object
  2177.       required:
  2178.         - _links
  2179.       properties:
  2180.         booked:
  2181.           $ref: "#/components/schemas/transactionList"
  2182.         pending:
  2183.           $ref: "#/components/schemas/transactionList"
  2184.         _links:
  2185.           $ref: "#/components/schemas/_linksAccountReport"
  2186.  
  2187.  
  2188.     transactionList:
  2189.       description: Array of transaction details
  2190.       type: array
  2191.       items:
  2192.         $ref: "#/components/schemas/transactionDetails"
  2193.  
  2194.  
  2195.     transactionDetails:
  2196.       description: Transaction details
  2197.       type: object
  2198.       required:
  2199.         - transactionAmount
  2200.       properties:
  2201.         transactionId:
  2202.           description: |
  2203.             the Transaction Id can be used as access-ID in the API, where more details on an transaction is offered.
  2204.             If this data attribute is provided this shows that the AIS can get access on more details about this
  2205.             transaction using the GET Transaction Details Request
  2206.           type: string
  2207.         entryReference:
  2208.           description: |
  2209.             Is the identification of the transaction as used e.g. for reference for deltafunction on application level.
  2210.           type: string
  2211.           maxLength: 35
  2212.         endToEndId:
  2213.           description: Unique end to end identity.
  2214.           type: string
  2215.           maxLength: 35
  2216.         mandateId:
  2217.           description: Identification of Mandates, e.g. a SEPA Mandate ID.
  2218.           type: string
  2219.           maxLength: 35
  2220.         checkId:
  2221.           description: Identification of a Cheque.
  2222.           type: string
  2223.           maxLength: 35
  2224.         creditorId:
  2225.           description: Identification of Creditors, e.g. a SEPA Creditor ID.
  2226.           type: string
  2227.           maxLength: 35
  2228.         bookingDate:
  2229.           $ref: "#/components/schemas/bookingDate"
  2230.         valueDate:
  2231.           description: The Date at which assets become available to the account owner in case of a credit.
  2232.           type: string
  2233.           format: date
  2234.         transactionAmount:
  2235.           $ref: "#/components/schemas/amount"
  2236.         exchangeRate:
  2237.           $ref: "#/components/schemas/exchangeRateList"
  2238.         creditorName:
  2239.           $ref: "#/components/schemas/creditorName"
  2240.         creditorAccount:
  2241.           $ref: "#/components/schemas/accountReference"
  2242.         ultimateCreditor:
  2243.           $ref: "#/components/schemas/ultimateCreditor"
  2244.         debtorName:
  2245.           $ref: "#/components/schemas/debtorName"
  2246.         debtorAccount:
  2247.           $ref: "#/components/schemas/accountReference"
  2248.         ultimateDebtor:
  2249.           $ref: "#/components/schemas/ultimateDebtor"
  2250.         remittanceInformationUnstructured:
  2251.           type: string
  2252.           maxLength: 140
  2253.         purposeCode:
  2254.           $ref: "#/components/schemas/purposeCode"
  2255.         bankTransactionCode:
  2256.           $ref: "#/components/schemas/bankTransactionCode"
  2257.         proprietaryBankTransactionCode:
  2258.           $ref: "#/components/schemas/proprietaryBankTransactionCode"
  2259.         _links:
  2260.           $ref: "#/components/schemas/_linksTransactionDetails"
  2261.  
  2262.  
  2263.     exchangeRateList:
  2264.       description: Array of exchange rates
  2265.       type: array
  2266.       items:
  2267.         $ref: "#/components/schemas/exchangeRate"
  2268.  
  2269.  
  2270.     exchangeRate:
  2271.       description: Exchange Rate
  2272.       type: object
  2273.       required:
  2274.         - sourceCurrency
  2275.         - rate
  2276.         - unitCurrency
  2277.         - targetCurrency
  2278.         - rateDate
  2279.       properties:
  2280.         sourceCurrency:
  2281.           $ref: "#/components/schemas/currencyCode"
  2282.         rate:
  2283.           type: string
  2284.         unitCurrency:
  2285.           type: string
  2286.         targetCurrency:
  2287.           $ref: "#/components/schemas/currencyCode"
  2288.         rateDate:
  2289.           type: string
  2290.           format: date
  2291.         rateContract:
  2292.           type: string
  2293.  
  2294.  
  2295.     balance:
  2296.       description: |
  2297.         A single balance element
  2298.       type:
  2299.         object
  2300.       required:
  2301.         - balanceAmount
  2302.         - balanceType
  2303.         - balanceSubAccount
  2304.       properties:
  2305.         balanceAmount:
  2306.           $ref: "#/components/schemas/amount"
  2307.         balanceType:
  2308.           $ref: "#/components/schemas/balanceType"
  2309.         balanceSubAccount:
  2310.           $ref: "#/components/schemas/subAccountReference"
  2311.         lastChangeDateTime:
  2312.           description: |
  2313.             This data element might be used to indicate e.g. with the expected or booked balance that no action is known
  2314.             on the account, which is not yet booked.
  2315.           type: string
  2316.           format: date-time
  2317.         referenceDate:
  2318.           description: Reference date of the balance
  2319.           type: string
  2320.           format: date
  2321.         lastCommittedTransaction:
  2322.           description: |
  2323.             "entryReference" of the last commited transaction to support the TPP in identifying whether all
  2324.             PSU transactions are already known.
  2325.           type: string
  2326.           maxLength: 35
  2327.  
  2328.  
  2329.     balanceList:
  2330.       description: |
  2331.         A list of balances regarding this account, e.g. the current balance, the last booked balance.
  2332.         The list migght be restricted to the current ballance.
  2333.       type: array
  2334.       items:
  2335.         $ref: "#/components/schemas/balance"
  2336.  
  2337.  
  2338.     cancellationList:
  2339.       description: An array of all cancellationIds connected to this resource.
  2340.       type: array
  2341.       items:
  2342.         $ref: "#/components/schemas/cancellationId"
  2343.  
  2344.  
  2345.     bicfi:
  2346.       description: |
  2347.         BICFI
  2348.       type: string
  2349.       pattern: "[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}"
  2350.       example: "AAAADEBBXXX"
  2351.  
  2352.  
  2353.     iban:
  2354.       type: string
  2355.       description: IBAN of an account
  2356.       pattern: "[A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30}"
  2357.       example: "FR7612345987650123456789014"
  2358.  
  2359.  
  2360.     address:
  2361.       type: object
  2362.       required:
  2363.         - country
  2364.       properties:
  2365.         street:
  2366.           type: string
  2367.           maxLength: 70
  2368.         buildingNumber:
  2369.           type: string
  2370.         city:
  2371.           type: string
  2372.         postalCode:
  2373.           type: string
  2374.         country:
  2375.           $ref: "#/components/schemas/countryCode"
  2376.       example:
  2377.         {
  2378.           street: "rue blue",
  2379.           buildingnNumber: "89",
  2380.           city: "Paris",
  2381.           postalCode: "75000",
  2382.           country: "FR"
  2383.         }
  2384.  
  2385.  
  2386.     countryCode:
  2387.       description: ISO 3166 ALPHA2 country code
  2388.       type: string
  2389.       pattern: "[A-Z]{2}"
  2390.       example: "SE"
  2391.  
  2392.  
  2393.     amount:
  2394.       type: object
  2395.       required:
  2396.         - currency
  2397.         - amount
  2398.       properties:
  2399.         currency:
  2400.           $ref: "#/components/schemas/currencyCode"
  2401.         amount:
  2402.           $ref: "#/components/schemas/amountValue"
  2403.       example:
  2404.         {
  2405.           "currency": "EUR",
  2406.           "amount": "123"
  2407.         }
  2408.  
  2409.  
  2410.     currencyCode:
  2411.       description: |
  2412.         ISO 4217 Alpha 3 currency code
  2413.       type: string
  2414.       pattern: "[A-Z]{3}"
  2415.       example: "EUR"
  2416.  
  2417.  
  2418.     amountValue:
  2419.       description: |
  2420.         The amount given with fractional digits, where fractions must be compliant to the currency definition.
  2421.         Up to 14 significant figures. Negative amounts are signed by minus.
  2422.         The decimal separator is a dot.
  2423.        
  2424.         **Example:**
  2425.         Valid representations for EUR with up to two decimals are:
  2426.        
  2427.           * 1056
  2428.           * 5768.2
  2429.           * -1.50
  2430.           * 5877.78
  2431.       type: string
  2432.       pattern: "-?[0-9]{1,14}(\\.[0-9]{1,3})?"
  2433.       example: "5877.78"
  2434.  
  2435.  
  2436.     remittanceInformationUnstructured:
  2437.       description: |
  2438.         Unstructured remittance information
  2439.       type: string
  2440.       maxLength: 140
  2441.       example: "Ref Number Merchant"
  2442.  
  2443.  
  2444.     #####################################################
  2445.     # Predefined Text Formats
  2446.     #####################################################
  2447.  
  2448.     purposeCode:
  2449.       description: |
  2450.         ExternalPurpose1Code from ISO 20022.
  2451.        
  2452.         Values from ISO 20022 External Code List ExternalCodeSets_1Q2018 June 2018.
  2453.        
  2454.       type: string
  2455.       enum:
  2456.         - "BKDF"
  2457.         - "BKFE"
  2458.         - "BKFM"
  2459.         - "BKIP"
  2460.         - "BKPP"
  2461.         - "CBLK"
  2462.         - "CDCB"
  2463.         - "CDCD"
  2464.         - "CDCS"
  2465.         - "CDDP"
  2466.         - "CDOC"
  2467.         - "CDQC"
  2468.         - "ETUP"
  2469.         - "FCOL"
  2470.         - "MTUP"
  2471.         - "ACCT"
  2472.         - "CASH"
  2473.         - "COLL"
  2474.         - "CSDB"
  2475.         - "DEPT"
  2476.         - "INTC"
  2477.         - "LIMA"
  2478.         - "NETT"
  2479.         - "BFWD"
  2480.         - "CCIR"
  2481.         - "CCPC"
  2482.         - "CCPM"
  2483.         - "CCSM"
  2484.         - "CRDS"
  2485.         - "CRPR"
  2486.         - "CRSP"
  2487.         - "CRTL"
  2488.         - "EQPT"
  2489.         - "EQUS"
  2490.         - "EXPT"
  2491.         - "EXTD"
  2492.         - "FIXI"
  2493.         - "FWBC"
  2494.         - "FWCC"
  2495.         - "FWSB"
  2496.         - "FWSC"
  2497.         - "MARG"
  2498.         - "MBSB"
  2499.         - "MBSC"
  2500.         - "MGCC"
  2501.         - "MGSC"
  2502.         - "OCCC"
  2503.         - "OPBC"
  2504.         - "OPCC"
  2505.         - "OPSB"
  2506.         - "OPSC"
  2507.         - "OPTN"
  2508.         - "OTCD"
  2509.         - "REPO"
  2510.         - "RPBC"
  2511.         - "RPCC"
  2512.         - "RPSB"
  2513.         - "RPSC"
  2514.         - "RVPO"
  2515.         - "SBSC"
  2516.         - "SCIE"
  2517.         - "SCIR"
  2518.         - "SCRP"
  2519.         - "SHBC"
  2520.         - "SHCC"
  2521.         - "SHSL"
  2522.         - "SLEB"
  2523.         - "SLOA"
  2524.         - "SWBC"
  2525.         - "SWCC"
  2526.         - "SWPT"
  2527.         - "SWSB"
  2528.         - "SWSC"
  2529.         - "TBAS"
  2530.         - "TBBC"
  2531.         - "TBCC"
  2532.         - "TRCP"
  2533.         - "AGRT"
  2534.         - "AREN"
  2535.         - "BEXP"
  2536.         - "BOCE"
  2537.         - "COMC"
  2538.         - "CPYR"
  2539.         - "GDDS"
  2540.         - "GDSV"
  2541.         - "GSCB"
  2542.         - "LICF"
  2543.         - "MP2B"
  2544.         - "POPE"
  2545.         - "ROYA"
  2546.         - "SCVE"
  2547.         - "SERV"
  2548.         - "SUBS"
  2549.         - "SUPP"
  2550.         - "TRAD"
  2551.         - "CHAR"
  2552.         - "COMT"
  2553.         - "MP2P"
  2554.         - "ECPG"
  2555.         - "ECPR"
  2556.         - "ECPU"
  2557.         - "EPAY"
  2558.         - "CLPR"
  2559.         - "COMP"
  2560.         - "DBTC"
  2561.         - "GOVI"
  2562.         - "HLRP"
  2563.         - "HLST"
  2564.         - "INPC"
  2565.         - "INPR"
  2566.         - "INSC"
  2567.         - "INSU"
  2568.         - "INTE"
  2569.         - "LBRI"
  2570.         - "LIFI"
  2571.         - "LOAN"
  2572.         - "LOAR"
  2573.         - "PENO"
  2574.         - "PPTI"
  2575.         - "RELG"
  2576.         - "RINP"
  2577.         - "TRFD"
  2578.         - "FORW"
  2579.         - "FXNT"
  2580.         - "ADMG"
  2581.         - "ADVA"
  2582.         - "BCDM"
  2583.         - "BCFG"
  2584.         - "BLDM"
  2585.         - "BNET"
  2586.         - "CBFF"
  2587.         - "CBFR"
  2588.         - "CCRD"
  2589.         - "CDBL"
  2590.         - "CFEE"
  2591.         - "CGDD"
  2592.         - "CORT"
  2593.         - "COST"
  2594.         - "CPKC"
  2595.         - "DCRD"
  2596.         - "DSMT"
  2597.         - "DVPM"
  2598.         - "EDUC"
  2599.         - "FACT"
  2600.         - "FAND"
  2601.         - "FCPM"
  2602.         - "FEES"
  2603.         - "GOVT"
  2604.         - "ICCP"
  2605.         - "IDCP"
  2606.         - "IHRP"
  2607.         - "INSM"
  2608.         - "IVPT"
  2609.         - "MCDM"
  2610.         - "MCFG"
  2611.         - "MSVC"
  2612.         - "NOWS"
  2613.         - "OCDM"
  2614.         - "OCFG"
  2615.         - "OFEE"
  2616.         - "OTHR"
  2617.         - "PADD"
  2618.         - "PTSP"
  2619.         - "RCKE"
  2620.         - "RCPT"
  2621.         - "REBT"
  2622.         - "REFU"
  2623.         - "RENT"
  2624.         - "REOD"
  2625.         - "RIMB"
  2626.         - "RPNT"
  2627.         - "RRBN"
  2628.         - "RVPM"
  2629.         - "SLPI"
  2630.         - "SPLT"
  2631.         - "STDY"
  2632.         - "TBAN"
  2633.         - "TBIL"
  2634.         - "TCSC"
  2635.         - "TELI"
  2636.         - "TMPG"
  2637.         - "TPRI"
  2638.         - "TPRP"
  2639.         - "TRNC"
  2640.         - "TRVC"
  2641.         - "WEBI"
  2642.         - "ANNI"
  2643.         - "CAFI"
  2644.         - "CFDI"
  2645.         - "CMDT"
  2646.         - "DERI"
  2647.         - "DIVD"
  2648.         - "FREX"
  2649.         - "HEDG"
  2650.         - "INVS"
  2651.         - "PRME"
  2652.         - "SAVG"
  2653.         - "SECU"
  2654.         - "SEPI"
  2655.         - "TREA"
  2656.         - "UNIT"
  2657.         - "FNET"
  2658.         - "FUTR"
  2659.         - "ANTS"
  2660.         - "CVCF"
  2661.         - "DMEQ"
  2662.         - "DNTS"
  2663.         - "HLTC"
  2664.         - "HLTI"
  2665.         - "HSPC"
  2666.         - "ICRF"
  2667.         - "LTCF"
  2668.         - "MAFC"
  2669.         - "MARF"
  2670.         - "MDCS"
  2671.         - "VIEW"
  2672.         - "CDEP"
  2673.         - "SWFP"
  2674.         - "SWPP"
  2675.         - "SWRS"
  2676.         - "SWUF"
  2677.         - "ADCS"
  2678.         - "AEMP"
  2679.         - "ALLW"
  2680.         - "ALMY"
  2681.         - "BBSC"
  2682.         - "BECH"
  2683.         - "BENE"
  2684.         - "BONU"
  2685.         - "CCHD"
  2686.         - "COMM"
  2687.         - "CSLP"
  2688.         - "GFRP"
  2689.         - "GVEA"
  2690.         - "GVEB"
  2691.         - "GVEC"
  2692.         - "GVED"
  2693.         - "GWLT"
  2694.         - "HREC"
  2695.         - "PAYR"
  2696.         - "PEFC"
  2697.         - "PENS"
  2698.         - "PRCP"
  2699.         - "RHBS"
  2700.         - "SALA"
  2701.         - "SSBE"
  2702.         - "LBIN"
  2703.         - "LCOL"
  2704.         - "LFEE"
  2705.         - "LMEQ"
  2706.         - "LMFI"
  2707.         - "LMRK"
  2708.         - "LREB"
  2709.         - "LREV"
  2710.         - "LSFL"
  2711.         - "ESTX"
  2712.         - "FWLV"
  2713.         - "GSTX"
  2714.         - "HSTX"
  2715.         - "INTX"
  2716.         - "NITX"
  2717.         - "PTXP"
  2718.         - "RDTX"
  2719.         - "TAXS"
  2720.         - "VATX"
  2721.         - "WHLD"
  2722.         - "TAXR"
  2723.         - "B112"
  2724.         - "BR12"
  2725.         - "TLRF"
  2726.         - "TLRR"
  2727.         - "AIRB"
  2728.         - "BUSB"
  2729.         - "FERB"
  2730.         - "RLWY"
  2731.         - "TRPT"
  2732.         - "CBTV"
  2733.         - "ELEC"
  2734.         - "ENRG"
  2735.         - "GASB"
  2736.         - "NWCH"
  2737.         - "NWCM"
  2738.         - "OTLC"
  2739.         - "PHON"
  2740.         - "UBIL"
  2741.         - "WTER"
  2742.  
  2743.  
  2744.     cardAcceptorCategoryCode:
  2745.       description: |
  2746.         Card Acceptor Category Code of the Card Acceptor as given in the related card transaction.
  2747.       type: string #TODO Type in IG not defined probably identical to merchant category code.
  2748.  
  2749.     bankTransactionCode:
  2750.       description: |
  2751.         Bank transaction code as used by the ASPSP and using the sub elements of this structured code defined by ISO 20022.
  2752.        
  2753.         This code type is concatenating the three ISO20022 Codes
  2754.           * Domain Code,
  2755.           * Family Code, and
  2756.           * SubFamiliy Code
  2757.         by hyphens, resulting in �DomainCode�-�FamilyCode�-�SubFamilyCode�.
  2758.       type: string
  2759.       example: "PMNT-RCDT-ESCT"
  2760.  
  2761.  
  2762.     proprietaryBankTransactionCode:
  2763.       description: |
  2764.         Proprietary bank transaction code as used within a community or within an ASPSP e.g.
  2765.         for MT94x based transaction reports.
  2766.       type: string
  2767.       maxLength: 35
  2768.  
  2769.  
  2770.     frequencyCode:
  2771.       description: |
  2772.         The following codes from the "EventFrequency7Code" of ISO 20022 are supported.
  2773.         - "Daily"
  2774.         - "Weekly"
  2775.         - "EveryTwoWeeks"
  2776.         - "Monthly"
  2777.         - "EveryTwoMonths"
  2778.         - "Quarterly"
  2779.         - "SemiAnnual"
  2780.         - "Annual"
  2781.       type: string
  2782.       enum:
  2783.         - "Daily"
  2784.         - "Weekly"
  2785.         - "EveryTwoWeeks"
  2786.         - "Monthly"
  2787.         - "EveryTwoMonths"
  2788.         - "Quarterly"
  2789.         - "SemiAnnual"
  2790.         - "Annual"
  2791.  
  2792.  
  2793.     frequencyPerDay:
  2794.       description: |
  2795.         This field indicates the requested maximum frequency for an access without PSU involvement per day.
  2796.         For a one-off access, this attribute is set to "1".
  2797.       type: integer
  2798.       example: 4
  2799.  
  2800.  
  2801.     dayOfExecution:
  2802.       description: |
  2803.         Day of execution as string.
  2804.        
  2805.         This string consists of up two characters.
  2806.         Leading zeroes are not allowed.
  2807.        
  2808.         31 is ultimo of the month.
  2809.       type: string
  2810.       maxLength: 2
  2811.       enum:
  2812.         - "1"
  2813.         - "2"
  2814.         - "3"
  2815.         - "4"
  2816.         - "5"
  2817.         - "6"
  2818.         - "7"
  2819.         - "8"
  2820.         - "9"
  2821.         - "10"
  2822.         - "11"
  2823.         - "12"
  2824.         - "13"
  2825.         - "14"
  2826.         - "15"
  2827.         - "16"
  2828.         - "17"
  2829.         - "18"
  2830.         - "19"
  2831.         - "20"
  2832.         - "21"
  2833.         - "22"
  2834.         - "23"
  2835.         - "24"
  2836.         - "25"
  2837.         - "26"
  2838.         - "27"
  2839.         - "28"
  2840.         - "29"
  2841.         - "30"
  2842.         - "31"
  2843.  
  2844.  
  2845.     executionRule:
  2846.       description: |
  2847.         "following" or "preceeding" supported as values.
  2848.         This data attribute defines the behavior when recurring payment dates falls on a weekend or bank holiday.
  2849.         The payment is then executed either the "preceeding" or "following" working day.
  2850.         ASPSP might reject the request due to the communicated value, if rules in Online-Banking are not supporting
  2851.         this execution rule.
  2852.       type: string
  2853.       enum:
  2854.         - "following"
  2855.         - "preceeding"
  2856.  
  2857.     psuData:
  2858.       description: PSU Data for Update PSU Authentication.
  2859.       type: object
  2860.       required:
  2861.         - password
  2862.       properties:
  2863.         password:
  2864.           description: Password
  2865.           type: string
  2866.  
  2867.     psuMessageText:
  2868.       description: Text to be displayed to the PSU
  2869.       type: string
  2870.       maxLength: 512
  2871.    
  2872.     creditorName:
  2873.       description: Creditor Name
  2874.       type: string
  2875.       maxLength: 70
  2876.       example: "Creditor Name"
  2877.  
  2878.     debtorName:
  2879.       description: Debtor Name
  2880.       type: string
  2881.       maxLength: 70
  2882.       example: "Debtor Name"
  2883.  
  2884.     ultimateDebtor:
  2885.       description: Ultimate Debtor
  2886.       type: string
  2887.       maxLength: 70
  2888.       example: "Ultimate Debtor"
  2889.  
  2890.     ultimateCreditor:
  2891.       description: Ultimate Creditor
  2892.       type: string
  2893.       maxLength: 70
  2894.       example: "Ultimate Creditor"
  2895.  
  2896.     #####################################################
  2897.     # Predefined Date and Time Related Formats
  2898.     #####################################################
  2899.  
  2900.     transactionDate:
  2901.       description: Date of the actual card transaction
  2902.       type: string
  2903.       format: date
  2904.  
  2905.     startDate:
  2906.       description: |
  2907.         The first applicable day of execution starting from this date is the first payment.
  2908.       type: string
  2909.       format: date
  2910.  
  2911.     endDate:
  2912.       description: |
  2913.         The last applicable day of execution
  2914.         If not given, it is an infinite standing order.
  2915.       type: string
  2916.       format: date
  2917.  
  2918.     bookingDate:
  2919.       description: |
  2920.         The Date when an entry is posted to an account on the ASPSPs books.
  2921.       type: string
  2922.       format: date
  2923.  
  2924.     validUntil:
  2925.       description: |
  2926.         This parameter is requesting a valid until date for the requested consent.
  2927.         The content is the local ASPSP date in ISO-Date Format, e.g. 2017-10-30.
  2928.        
  2929.         Future dates might get adjusted by ASPSP.
  2930.        
  2931.         If a maximal available date is requested, a date in far future is to be used: "9999-12-31".
  2932.        
  2933.         In both cases the consent object to be retrieved by the GET Consent Request will contain the adjusted date.
  2934.       type: string
  2935.       format: date
  2936.       example: "2020-12-31"
  2937.  
  2938.     lastActionDate:
  2939.       description: |
  2940.         This date is containing the date of the last action on the consent object either through
  2941.         the XS2A interface or the PSU/ASPSP interface having an impact on the status.
  2942.       type: string
  2943.       format: date
  2944.       example: "2018-07-01"
  2945.  
  2946.  
  2947. #####################################################
  2948. # Content of Request Bodies
  2949. #####################################################
  2950.  
  2951.  
  2952.  
  2953.     #####################################################
  2954.     # Content of Request Bodies - JSON
  2955.     #####################################################
  2956.  
  2957.     paymentInitiationSct_json:
  2958.       description: |
  2959.         Body for a SCT payment initation.
  2960.       type: object
  2961.       required:
  2962.         - debtorAccount
  2963.         - instructedAmount
  2964.         - creditorAccount
  2965.         - creditorName
  2966.       properties:
  2967.         endToEndIdentification:
  2968.           type: string
  2969.           maxLength: 35
  2970.         debtorAccount:
  2971.           $ref: "#/components/schemas/accountReference"
  2972.         instructedAmount:
  2973.           $ref: "#/components/schemas/amount"
  2974.         creditorAccount:
  2975.           $ref: "#/components/schemas/accountReference"
  2976.         creditorAgent:
  2977.           $ref: "#/components/schemas/bicfi"
  2978.         creditorName:
  2979.           $ref: "#/components/schemas/creditorName"
  2980.         creditorAddress:
  2981.           $ref: "#/components/schemas/address"
  2982.         remittanceInformationUnstructured:
  2983.           $ref: "#/components/schemas/remittanceInformationUnstructured"
  2984.  
  2985.  
  2986.     paymentInitiationIt_json:
  2987.       description: |
  2988.         Body for a Internal Transfer payment initation.
  2989.       type: object
  2990.       required:
  2991.         - account
  2992.         - fromSubAccount
  2993.         - toSubAccount
  2994.         - instructedAmount
  2995.         - currency
  2996.       properties:
  2997.         endToEndIdentification:
  2998.           type: string
  2999.           maxLength: 35
  3000.         account:
  3001.           $ref: "#/components/schemas/accountReference"
  3002.         instructedAmount:
  3003.           $ref: "#/components/schemas/amount"
  3004.         fromSubAccount:
  3005.           $ref: "#/components/schemas/subAccountReference"
  3006.         toSubAccount:
  3007.           $ref: "#/components/schemas/subAccountReference"
  3008.  
  3009.     confirmationOfFunds:
  3010.       description: |
  3011.         JSON Request body for the "Confirmation of Funds Service"
  3012.  
  3013.       type: object
  3014.       required:
  3015.         - account
  3016.         - instructedAmount
  3017.       properties:
  3018.         subAccount:
  3019.           $ref: "#/components/schemas/subAccountId"
  3020.         payee:
  3021.           description: Name payee
  3022.           type: string
  3023.           maxLength: 70
  3024.         instructedAmount:
  3025.           $ref: "#/components/schemas/amount"
  3026.  
  3027.  
  3028.     consents:
  3029.       description: |
  3030.         Content of the body of a consent request.
  3031.       type: object
  3032.       required:
  3033.         - access
  3034.         - recurringIndicator
  3035.         - validUntil
  3036.         - frequencyPerDay
  3037.         - combinedServiceIndicator
  3038.       properties:
  3039.         access:
  3040.           $ref: "#/components/schemas/accountAccess"
  3041.         recurringIndicator:
  3042.           $ref: "#/components/schemas/recurringIndicator"
  3043.         validUntil:
  3044.           $ref: "#/components/schemas/validUntil"
  3045.         frequencyPerDay:
  3046.           $ref: "#/components/schemas/frequencyPerDay"
  3047.         combinedServiceIndicator:
  3048.           description: |
  3049.             If "true" indicates that a payment initiation service will be addressed in the same "session".
  3050.           type: boolean
  3051.           example: false
  3052.  
  3053.     transactionAuthorisation:
  3054.       description: |
  3055.         Content of the body of a Transaction Authorisation Request
  3056.       type: object
  3057.       required:
  3058.         - scaAuthenticationData
  3059.       properties:
  3060.         scaAuthenticationData:
  3061.           $ref: "#/components/schemas/scaAuthenticationData"
  3062.  
  3063.  
  3064.  
  3065. #####################################################
  3066. # Content of Response Bodies
  3067. #####################################################
  3068.  
  3069.  
  3070.     paymentInitiationStatusResponse-200_json:
  3071.       description: Body of the response for a successful payment initiation status request in case of an JSON based endpoint.
  3072.       type: object
  3073.       required:
  3074.         - transactionStatus
  3075.       properties:
  3076.         transactionStatus:
  3077.           $ref: "#/components/schemas/transactionStatus"
  3078.  
  3079.  
  3080.     paymentInitiationStatusResponse-200_xml:
  3081.       description: |
  3082.         Body of the response for a successful payment initiation status request in case of an XML based endpoint.
  3083.        
  3084.         The status is returned as a pain.002 structure.
  3085.        
  3086.         urn:iso:std:iso:20022:tech:xsd:pain.002.001.03
  3087.        
  3088.         The chosen XML schema of the Status Request is following the XML schema definitions of the original pain.001 schema.
  3089.       type: string
  3090.  
  3091.  
  3092.     paymentInitationRequestResponse-201:
  3093.       description: Body of the response for a successful payment initiation request.
  3094.       type: object
  3095.       required:
  3096.         - transactionStatus
  3097.         - paymentId
  3098.         - _links
  3099.      
  3100.       properties:
  3101.         transactionStatus:
  3102.           $ref: "#/components/schemas/transactionStatus"
  3103.         paymentId:
  3104.           $ref: "#/components/schemas/paymentId"
  3105.         transactionFees:
  3106.           # description: Can be used by the ASPSP to transport transaction fees relevant for the underlying payments.
  3107.           $ref: "#/components/schemas/amount"
  3108.         transactionFeeIndicator:
  3109.           $ref: "#/components/schemas/transactionFeeIndicator"
  3110.         _links:
  3111.           $ref: "#/components/schemas/_linksPaymentInitiation"
  3112.         psuMessage:
  3113.           $ref: "#/components/schemas/psuMessageText"
  3114.         tppMessages:
  3115.           type: array
  3116.           items:
  3117.             $ref: "#/components/schemas/tppMessage2XX"
  3118.  
  3119.  
  3120.     paymentInitiationCancelResponse-204_202:
  3121.       description: Body of the response for a successful cancel payment request.
  3122.       type: object
  3123.       required:
  3124.         - transactionStatus
  3125.       properties:
  3126.         transactionStatus:
  3127.           $ref: "#/components/schemas/transactionStatus"
  3128.         _links:
  3129.           $ref: "#/components/schemas/_linksPaymentInitiationCancel"
  3130.  
  3131.  
  3132.     paymentInitiationSctWithStatusResponse:
  3133.       description: |
  3134.         JSON response body consistion of the corresponding SCT payment initation JSON body together with an optional transaction status field.
  3135.       type: object
  3136.       required:
  3137.         - debtorAccount
  3138.         - instructedAmount
  3139.         - creditorAccount
  3140.         - creditorName
  3141.       properties:
  3142.         endToEndIdentification:
  3143.           type: string
  3144.           maxLength: 35
  3145.         debtorAccount:
  3146.           $ref: "#/components/schemas/accountReference"
  3147.         instructedAmount:
  3148.           $ref: "#/components/schemas/amount"
  3149.         creditorAccount:
  3150.           $ref: "#/components/schemas/accountReference"
  3151.         creditorAgent:
  3152.           $ref: "#/components/schemas/bicfi"
  3153.         creditorName:
  3154.           $ref: "#/components/schemas/creditorName"
  3155.         creditorAddress:
  3156.           $ref: "#/components/schemas/address"
  3157.         remittanceInformationUnstructured:
  3158.           $ref: "#/components/schemas/remittanceInformationUnstructured"
  3159.         transactionStatus:
  3160.           $ref: "#/components/schemas/transactionStatus"
  3161.  
  3162.     paymentInitiationItWithStatusResponse:
  3163.       description: |
  3164.         JSON response body consistion of the corresponding Internal Transfer payment initation JSON body together with an optional transaction status field.
  3165.       type: object
  3166.       required:
  3167.         - account
  3168.         - instructedAmount
  3169.         - currency
  3170.         - fromSubAccount
  3171.         - toSubAccount
  3172.       properties:
  3173.         endToEndIdentification:
  3174.           type: string
  3175.           maxLength: 35
  3176.         account:
  3177.           $ref: "#/components/schemas/accountReference"
  3178.         instructedAmount:
  3179.           $ref: "#/components/schemas/amount"
  3180.         currency:
  3181.           $ref: "#/components/schemas/currencyCode"
  3182.         fromSubAccount:
  3183.           $ref: "#/components/schemas/subAccountReference"
  3184.         toSubAccount:
  3185.           $ref: "#/components/schemas/subAccountReference"
  3186.         remittanceInformationUnstructured:
  3187.           type: string
  3188.           maxLength: 140
  3189.         transactionStatus:
  3190.           $ref: "#/components/schemas/transactionStatus"
  3191.  
  3192.     scaStatusResponse:
  3193.       description: Body of the JSON response with SCA Status
  3194.       type: object
  3195.       properties:
  3196.         scaStatus:
  3197.           $ref: "#/components/schemas/scaStatus"
  3198.  
  3199.     startScaprocessResponse:
  3200.       description: Body of the JSON response for a Start SCA authorisation request.
  3201.       type: object
  3202.       required:
  3203.         - scaStatus
  3204.         - _links
  3205.       properties:
  3206.         scaStatus:
  3207.           $ref: "#/components/schemas/scaStatus"
  3208.         _links:
  3209.            $ref: "#/components/schemas/_linksStartScaProcess"
  3210.         psuMessage:
  3211.           $ref: "#/components/schemas/psuMessageText"
  3212.  
  3213.  
  3214.     consentsResponse-201:
  3215.       description: Body of the JSON response for a successful conset request.
  3216.       type: object
  3217.       required:
  3218.         - consentStatus
  3219.         - consentId
  3220.         - _links
  3221.       properties:
  3222.         consentStatus:
  3223.           $ref: "#/components/schemas/consentStatus"
  3224.         consentId:
  3225.           $ref: "#/components/schemas/consentId"
  3226.         _links:
  3227.           $ref: "#/components/schemas/_linksConsents"
  3228.         message:
  3229.           description: Text to be displayed to the PSU, e.g. in a Decoupled SCA Approach.
  3230.           type: string
  3231.           maxLength: 512
  3232.  
  3233.  
  3234.     consentStatusResponse-200:
  3235.       description: Body of the JSON response for a successful get status request for a consent.
  3236.       type: object
  3237.       required:
  3238.         - consentStatus
  3239.       properties:
  3240.         consentStatus:
  3241.           $ref: "#/components/schemas/consentStatus"
  3242.  
  3243.     consentInformationResponse-200_json:
  3244.       description: Body of the JSON response for a successfull get consent request.
  3245.       type: object
  3246.       required:
  3247.         - access
  3248.         - recurringIndicator
  3249.         - validUntil
  3250.         - frequencyPerDay
  3251.         - lastActionDate
  3252.         - consentStatus
  3253.       properties:
  3254.         access:
  3255.           $ref: "#/components/schemas/accountAccess"
  3256.         recurringIndicator:
  3257.           $ref: "#/components/schemas/recurringIndicator"
  3258.         validUntil:
  3259.           $ref: "#/components/schemas/validUntil"
  3260.         frequencyPerDay:
  3261.           $ref: "#/components/schemas/frequencyPerDay"
  3262.         lastActionDate:
  3263.           $ref: "#/components/schemas/lastActionDate"
  3264.         consentStatus:
  3265.           $ref: "#/components/schemas/consentStatus"
  3266.  
  3267.          
  3268.     readAccountBalanceResponse-200:
  3269.       description: Body of the response for a successful read balance for an account request.
  3270.       type: object
  3271.       required:
  3272.         - balances
  3273.       properties:
  3274.         account:
  3275.           $ref: "#/components/schemas/accountReference"
  3276.         balances:
  3277.           $ref: "#/components/schemas/balanceList"
  3278.  
  3279.  
  3280.     transactionsResponse-200_json:
  3281.       description: |
  3282.         Body of the JSON response for a successful read transaction list request.
  3283.         This account report contains transactions resulting from the query parameters.
  3284.       type: object
  3285.       properties:
  3286.         account:
  3287.           $ref: "#/components/schemas/accountReference"
  3288.         transactions:
  3289.           $ref: "#/components/schemas/accountReport"
  3290.         balances:
  3291.           $ref: "#/components/schemas/balanceList"
  3292.         _links:
  3293.           $ref: "#/components/schemas/_linksDownload"
  3294.  
  3295.  
  3296.  
  3297. #####################################################
  3298. # _links
  3299. #####################################################
  3300.  
  3301.     _linksAll:
  3302.       description: |
  3303.         A _link object with all availabel link types
  3304.       type: object
  3305.       properties:
  3306.         scaRedirect:
  3307.           $ref: "#/components/schemas/hrefType"
  3308.         authoriseTransaction:
  3309.           $ref: "#/components/schemas/hrefType"
  3310.         self:
  3311.           $ref: "#/components/schemas/hrefType"
  3312.         status:
  3313.           $ref: "#/components/schemas/hrefTypeStatus"
  3314.         scaStatus:
  3315.           $ref: "#/components/schemas/hrefTypeSCAStatus"
  3316.         account:
  3317.           $ref: "#/components/schemas/hrefTypeAccount"
  3318.         balances:
  3319.           $ref: "#/components/schemas/hrefTypeBalances"
  3320.         transactions:
  3321.           $ref: "#/components/schemas/hrefTypeTransactions"
  3322.         transactionDetails:
  3323.           $ref: "#/components/schemas/hrefTypeTransactionDetails"
  3324.         first:
  3325.           $ref: "#/components/schemas/hrefType"
  3326.         next:
  3327.           $ref: "#/components/schemas/hrefType"
  3328.         previous:
  3329.           $ref: "#/components/schemas/hrefType"
  3330.         last:
  3331.           $ref: "#/components/schemas/hrefType"
  3332.         download:
  3333.           $ref: "#/components/schemas/hrefType"
  3334.  
  3335.  
  3336.     _linksPaymentInitiation:
  3337.       description: |
  3338.         A list of hyperlinks to be recognised by the TPP.
  3339.         Banco Carregosa only accepts scaRedirect.
  3340.  
  3341.         Type of links admitted in this response:
  3342.        
  3343.         * 'scaRedirect':
  3344.           The ASPSP transmits the link to which to redirect the PSU browser.
  3345.         * 'self':
  3346.           The link to the payment initiation resource created by this request.
  3347.           This link can be used to retrieve the resource data.
  3348.         * 'status':
  3349.           The link to retrieve the transaction status of the payment initiation.
  3350.         * 'scaStatus':
  3351.           The link to retrieve the scaStatus of the corresponding authorisation sub-resource.
  3352.           This link is only contained, if an authorisation sub-resource has been already created.
  3353.  
  3354.       type: object
  3355.       properties:
  3356.         scaRedirect:
  3357.           $ref: "#/components/schemas/hrefTypeSCARedirect"
  3358.         self:
  3359.           $ref: "#/components/schemas/hrefType"
  3360.         status:
  3361.           $ref: "#/components/schemas/hrefTypeStatus"
  3362.         scaStatus:
  3363.           $ref: "#/components/schemas/hrefTypeSCAStatus"
  3364.       example:
  3365.         {
  3366.         "scaRedirect": {"href": "https://www.testbank.com/asdfasdfasdf"},
  3367.         "self": {"href": "/v1/payments/sepa-credit-transfers/1234-wertiq-983"}
  3368.         }
  3369.  
  3370.     _linksStartScaProcess:
  3371.       description: |
  3372.         A list of hyperlinks to be recognised by the TPP. The actual hyperlinks used in the
  3373.         response depend on the dynamical decisions of the ASPSP when processing the request.
  3374.        
  3375.       type: object
  3376.       properties:
  3377.         scaRedirect:
  3378.           $ref: "#/components/schemas/hrefType"
  3379.         scaStatus:
  3380.           $ref: "#/components/schemas/hrefType"
  3381.  
  3382.     _linksPaymentInitiation_IT:
  3383.       description: |
  3384.         A list of hyperlinks to be recognised by the TPP.
  3385.         Banco Carregosa only accepts scaRedirect.
  3386.  
  3387.         Type of links admitted in this response:
  3388.           * 'scaRedirect':
  3389.           The ASPSP transmits the link to which to redirect the PSU browser.
  3390.           * 'self':
  3391.             The link to the payment initiation resource created by this request. This link can be used to retrieve the resource data.
  3392.           * 'status':
  3393.             The link to retrieve the transaction status of the payment initiation.
  3394.      
  3395.       type: object
  3396.       properties:
  3397.         scaRedirect:
  3398.           $ref: "#/components/schemas/hrefTypeSCARedirect"
  3399.         self:
  3400.           $ref: "#/components/schemas/hrefType"
  3401.         status:
  3402.           $ref: "#/components/schemas/hrefTypeStatus"
  3403.         scaStatus:
  3404.           $ref: "#/components/schemas/hrefTypeSCAStatus"
  3405.  
  3406.     _linksPaymentInitiationCancel:
  3407.       description: |
  3408.         A list of hyperlinks to be recognised by the TPP.
  3409.         Banco Carregosa only accepts scaRedirect.
  3410.  
  3411.         Type of links admitted in this response:
  3412.           * 'scaRedirect':
  3413.             The ASPSP transmits the link to which to redirect the PSU browser.
  3414.  
  3415.       type: object
  3416.       properties:
  3417.         scaRedirect:
  3418.           $ref: "#/components/schemas/hrefTypeSCARedirect"
  3419.  
  3420.  
  3421.     _linksDownload:
  3422.       description: |
  3423.         A list of hyperlinks to be recognised by the TPP.
  3424.        
  3425.         Type of links admitted in this response:
  3426.           - "download": a link to a resource, where the transaction report might be downloaded from in
  3427.           case where transaction reports have a huge size.
  3428.        
  3429.       type: object
  3430.       required:
  3431.         - download
  3432.       properties:
  3433.         download:
  3434.           $ref: "#/components/schemas/hrefType"
  3435.  
  3436.  
  3437.  
  3438.     _linksConsents:
  3439.       description: |
  3440.         A list of hyperlinks to be recognised by the TPP.
  3441.         Banco Carregosa only accepts scaRedirect.
  3442.        
  3443.         Type of links admitted in this response:
  3444.           - 'scaRedirect':
  3445.             The ASPSP transmits the link to which to redirect the PSU browser.
  3446.           - 'self':
  3447.             The link to the Establish Account Information Consent resource created by this request.
  3448.             This link can be used to retrieve the resource data.
  3449.           - 'status':
  3450.             The link to retrieve the status of the account information consent.
  3451.           - 'scaStatus': The link to retrieve the scaStatus of the corresponding authorisation sub-resource.
  3452.             This link is only contained, if an authorisation sub-resource has been already created.
  3453.  
  3454.       type: object
  3455.       properties:
  3456.         scaRedirect:
  3457.           $ref: "#/components/schemas/hrefTypeSCARedirect"
  3458.         self:
  3459.           $ref: "#/components/schemas/hrefType"
  3460.         status:
  3461.           $ref: "#/components/schemas/hrefType"
  3462.         scaStatus:
  3463.           $ref: "#/components/schemas/hrefType"
  3464.  
  3465.  
  3466.     _linksAccountReport:
  3467.       type: object
  3468.       required:
  3469.         - account
  3470.       properties:
  3471.         account:
  3472.           $ref: "#/components/schemas/hrefType"
  3473.         first:
  3474.           $ref: "#/components/schemas/hrefType"
  3475.         next:
  3476.           $ref: "#/components/schemas/hrefType"
  3477.         previous:
  3478.           $ref: "#/components/schemas/hrefType"
  3479.         last:
  3480.           $ref: "#/components/schemas/hrefType"
  3481.  
  3482.  
  3483.     _linksTransactionDetails:
  3484.       type: object
  3485.       required:
  3486.         - transactionDetails
  3487.       properties:
  3488.         transactionDetails:
  3489.           $ref: "#/components/schemas/hrefType"
  3490.      
  3491.     _linksAccountDetails:
  3492.       description: |
  3493.         Links to the account, which can be directly used for retrieving account information from this dedicated account.
  3494.        
  3495.         Links to "balances" and/or "transactions"
  3496.        
  3497.         These links are only supported, when the corresponding consent has been already granted.
  3498.       type: object
  3499.       properties:
  3500.         account:
  3501.           $ref: "#/components/schemas/hrefTypeAccount"
  3502.         accountList:
  3503.           $ref: "#/components/schemas/hrefTypeAccountList"
  3504.         balances:
  3505.           $ref: "#/components/schemas/hrefTypeBalances"
  3506.         transactions:
  3507.           $ref: "#/components/schemas/hrefTypeTransactions"
  3508.  
  3509.     _linksAccountList:
  3510.       description: |
  3511.         Links to the account, which can be directly used for retrieving account information from this dedicated account.
  3512.        
  3513.         Links to "balances" and/or "transactions"
  3514.        
  3515.         These links are only supported, when the corresponding consent has been already granted.
  3516.       type: object
  3517.       properties:
  3518.         self:
  3519.           $ref: "#/components/schemas/hrefTypeAccountList"
  3520.         balances:
  3521.           $ref: "#/components/schemas/hrefTypeBalances"
  3522.         transactions:
  3523.           $ref: "#/components/schemas/hrefTypeTransactions"
  3524.  
  3525. #####################################################
  3526. # Tpp-Messages to Communicate Error Information
  3527. #####################################################
  3528.  
  3529.  
  3530.   #####################################################
  3531.   # Generic Elements
  3532.   #####################################################
  3533.  
  3534.     tppMessageCategory:
  3535.       description: Category of the TPP message category
  3536.       type: string
  3537.       enum:
  3538.         - "ERROR"
  3539.         - "WARNING"
  3540.  
  3541.     MessageCode2XX: #TODO: Ask os wether it should be included or not
  3542.       description: Message codes for HTTP Error codes 2XX.
  3543.       type: string
  3544.       enum:
  3545.         - "WARNING"
  3546.  
  3547.  
  3548.     MessageCode400:
  3549.       description: Message codes defined for HTTP Error code 400 (BAD_REQUEST).
  3550.       type: string
  3551.       enum:
  3552.         - "FORMAT_ERROR"              #gen
  3553.  
  3554.  
  3555.     MessageCode401:
  3556.       description: Message codes defined for HTTP Error code 401 (UNAUTHORIZED).
  3557.       type: string
  3558.       enum:
  3559.         - "CERTIFICATE_INVALID"       #gen
  3560.         - "CERTIFICATE_EXPIRED"       #gen
  3561.         - "CERTIFICATE_BLOCKED"       #gen
  3562.         - "CERTIFICATE_REVOKE"        #gen
  3563.         - "CERTIFICATE_MISSING"       #gen
  3564.         - "SIGNATURE_INVALID"         #gen
  3565.         - "SIGNATURE_MISSING"         #gen
  3566.         - "CORPORATE_ID_INVALID"      #gen
  3567.         - "PSU_CREDENTIALS_INVALID"   #gen
  3568.         - "CONSENT_INVALID"           #gen, AIS
  3569.         - "CONSENT_EXPIRED"           #gen
  3570.         - "TOKEN_UNKNOWN"             #gen
  3571.         - "TOKEN_INVALID"             #gen
  3572.         - "TOKEN_EXPIRED"             #gen
  3573.  
  3574.  
  3575.     MessageCode403:
  3576.       description: Message codes defined defined for HTTP Error code 403 (FORBIDDEN).
  3577.       type: string
  3578.       enum:
  3579.         - "CONSENT_UNKNOWN"           #gen
  3580.         - "SERVICE_BLOCKED"           #gen
  3581.         - "RESOURCE_UNKNOWN"          #gen
  3582.         - "RESOURCE_EXPIRED"          #gen
  3583.         - "PRODUCT_INVALID"           #PIS
  3584.  
  3585.  
  3586.     MessageCode404_AIS:
  3587.       description: Message codes defined for AIS for HTTP Error code 404 (NOT FOUND).
  3588.       type: string
  3589.       enum:
  3590.         - "RESOURCE_UNKNOWN"          #gens
  3591.  
  3592.  
  3593.     MessageCode404_PIS:
  3594.       description: Message codes defined for PIS for HTTP Error code 404 (NOT FOUND).
  3595.       type: string
  3596.       enum:
  3597.         - "RESOURCE_UNKNOWN"          #gens
  3598.         - "PRODUCT_UNKNOWN"           #PIS
  3599.  
  3600.     MessageCode404_PIIS:
  3601.       description: Message codes defined for PIIS for HTTP Error code 404 (NOT FOUND).
  3602.       type: string
  3603.       enum:
  3604.         - "RESOURCE_UNKNOWN"          #gens
  3605.  
  3606.  
  3607.     MessageCode405:
  3608.       description: Message codes defined for payment cancelations PIS for HTTP Error code 405 (METHOD NOT ALLOWED).
  3609.       type: string
  3610.       enum:
  3611.         - "SERVICE_INVALID"           #gens
  3612.  
  3613.     MessageCode429_AIS:
  3614.       description: Message codes for HTTP Error code 429 (TOO MANY REQUESTS).
  3615.       type: string
  3616.       enum:
  3617.         - "ACCESS_EXCEEDED"           #AIS
  3618.  
  3619.  
  3620.  
  3621.   #####################################################
  3622.   # Next Gen propriatary Tpp-Messages
  3623.   #####################################################
  3624.  
  3625.  
  3626.     tppMessageText:
  3627.       description: Additional explaining text to the TPP.
  3628.       type: string
  3629.       maxLength: 512
  3630.  
  3631.  
  3632.     tppMessage2XX: #TODO Ask Ortwin whether do it or not
  3633.       type: object
  3634.       required:
  3635.         - category
  3636.         - code
  3637.       properties:
  3638.         category:
  3639.            $ref: "#/components/schemas/tppMessageCategory"
  3640.         code:
  3641.           $ref: "#/components/schemas/MessageCode2XX"
  3642.         path:
  3643.           type: string
  3644.         text:
  3645.           $ref: "#/components/schemas/tppMessageText"
  3646.  
  3647.  
  3648.     tppMessage400:
  3649.       type: object
  3650.       required:
  3651.         - category
  3652.         - code
  3653.       properties:
  3654.         category:
  3655.            $ref: "#/components/schemas/tppMessageCategory"
  3656.         code:
  3657.           $ref: "#/components/schemas/MessageCode400"
  3658.         path:
  3659.           type: string
  3660.         text:
  3661.           $ref: "#/components/schemas/tppMessageText"
  3662.  
  3663.  
  3664.     tppMessage401:
  3665.       type: object
  3666.       required:
  3667.         - category
  3668.         - code
  3669.       properties:
  3670.         category:
  3671.            $ref: "#/components/schemas/tppMessageCategory"
  3672.         code:
  3673.           $ref: "#/components/schemas/MessageCode401"
  3674.         path:
  3675.           type: string
  3676.         text:
  3677.           $ref: "#/components/schemas/tppMessageText"
  3678.  
  3679.  
  3680.     tppMessage403:
  3681.       type: object
  3682.       required:
  3683.         - category
  3684.         - code
  3685.       properties:
  3686.         category:
  3687.            $ref: "#/components/schemas/tppMessageCategory"
  3688.         code:
  3689.           $ref: "#/components/schemas/MessageCode403"
  3690.         path:
  3691.           type: string
  3692.         text:
  3693.           $ref: "#/components/schemas/tppMessageText"
  3694.  
  3695.  
  3696.     tppMessage404_PIS:
  3697.       type: object
  3698.       required:
  3699.         - category
  3700.         - code
  3701.       properties:
  3702.         category:
  3703.            $ref: "#/components/schemas/tppMessageCategory"
  3704.         code:
  3705.           $ref: "#/components/schemas/MessageCode404_PIS"
  3706.         path:
  3707.           type: string
  3708.         text:
  3709.           $ref: "#/components/schemas/tppMessageText"
  3710.  
  3711.  
  3712.     tppMessage404_AIS:
  3713.       type: object
  3714.       required:
  3715.         - category
  3716.         - code
  3717.       properties:
  3718.         category:
  3719.            $ref: "#/components/schemas/tppMessageCategory"
  3720.         code:
  3721.           $ref: "#/components/schemas/MessageCode404_AIS"
  3722.         path:
  3723.           type: string
  3724.         text:
  3725.           $ref: "#/components/schemas/tppMessageText"
  3726.  
  3727.  
  3728.     tppMessage404_PIIS:
  3729.       type: object
  3730.       required:
  3731.         - category
  3732.         - code
  3733.       properties:
  3734.         category:
  3735.            $ref: "#/components/schemas/tppMessageCategory"
  3736.         code:
  3737.           $ref: "#/components/schemas/MessageCode404_PIIS"
  3738.         path:
  3739.           type: string
  3740.         text:
  3741.           $ref: "#/components/schemas/tppMessageText"
  3742.  
  3743.  
  3744.     tppMessage405:
  3745.       type: object
  3746.       required:
  3747.         - category
  3748.         - code
  3749.       properties:
  3750.         category:
  3751.            $ref: "#/components/schemas/tppMessageCategory"
  3752.         code:
  3753.           $ref: "#/components/schemas/MessageCode405"
  3754.         path:
  3755.           type: string
  3756.         text:
  3757.           $ref: "#/components/schemas/tppMessageText"
  3758.  
  3759.  
  3760.     tppMessage429_AIS:
  3761.       type: object
  3762.       required:
  3763.         - category
  3764.         - code
  3765.       properties:
  3766.         category:
  3767.            $ref: "#/components/schemas/tppMessageCategory"
  3768.         code:
  3769.           $ref: "#/components/schemas/MessageCode429_AIS"
  3770.         path:
  3771.           type: string
  3772.         text:
  3773.           $ref: "#/components/schemas/tppMessageText"
  3774.  
  3775.  
  3776.   #####################################################
  3777.   # RFC7807 Messages
  3778.   #####################################################
  3779.  
  3780.     tppErrorTitle:
  3781.       description: |
  3782.         Short human readable description of error type.
  3783.         Could be in local language.
  3784.         To be provided by ASPSPs.
  3785.       type: string
  3786.       maxLength: 70
  3787.  
  3788.     tppErrorDetail:
  3789.       description: |
  3790.         Detailed human readable text specific to this instance of the error.
  3791.         XPath might be used to point to the issue generating the error in addition.
  3792.         Remark for Future: In future, a dedicated field might be introduced for the XPath.
  3793.       type: string
  3794.       maxLength: 512
  3795.  
  3796.  
  3797.  
  3798.  
  3799.   #####################################################
  3800.   # RFC7807 Messages
  3801.   #####################################################
  3802.  
  3803.  
  3804.     Error400:
  3805.       description: |
  3806.         Specific definition of reporting error information in case of a HTTP error code 400.
  3807.       type: object
  3808.       properties:
  3809.         tppMessages:
  3810.           type: array
  3811.           items:
  3812.             $ref: "#/components/schemas/tppMessage400"
  3813.  
  3814.     Error401:
  3815.       description: |
  3816.         Specific definition of reporting error information in case of a HTTP error code 401.
  3817.       type: object
  3818.       properties:
  3819.         tppMessages:
  3820.           type: array
  3821.           items:
  3822.             $ref: "#/components/schemas/tppMessage401"
  3823.  
  3824.  
  3825.     Error403:
  3826.       description: |
  3827.         Specific definition of reporting error information in case of a HTTP error code 403.
  3828.       type: object
  3829.       properties:
  3830.         tppMessages:
  3831.           type: array
  3832.           items:
  3833.             $ref: "#/components/schemas/tppMessage403"
  3834.  
  3835.  
  3836.     Error404_NG_PIS:
  3837.       description: |
  3838.         NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.
  3839.       type: object
  3840.       properties:
  3841.         tppMessages:
  3842.           type: array
  3843.           items:
  3844.             $ref: "#/components/schemas/tppMessage404_PIS"
  3845.         _links:
  3846.           $ref: "#/components/schemas/_linksAll"
  3847.  
  3848.  
  3849.     Error404_NG_AIS:
  3850.       description: |
  3851.         NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.
  3852.       type: object
  3853.       properties:
  3854.         tppMessages:
  3855.           type: array
  3856.           items:
  3857.             $ref: "#/components/schemas/tppMessage404_AIS"
  3858.         _links:
  3859.           $ref: "#/components/schemas/_linksAccountDetails"
  3860.  
  3861.  
  3862.     Error404_NG_PIIS:
  3863.       description: |
  3864.         NextGenPSD2 specific definition of reporting error information in case of a HTTP error code 404.
  3865.       type: object
  3866.       properties:
  3867.         tppMessages:
  3868.           type: array
  3869.           items:
  3870.             $ref: "#/components/schemas/tppMessage404_PIIS"
  3871.         _links:
  3872.           $ref: "#/components/schemas/_linksAll"
  3873.  
  3874.  
  3875.     Error405:
  3876.       description: |
  3877.         Specific definition of reporting error information in case of a HTTP error code 401.
  3878.       type: object
  3879.       properties:
  3880.         tppMessages:
  3881.           type: array
  3882.           items:
  3883.             $ref: "#/components/schemas/tppMessage405"
  3884.  
  3885.  
  3886.     Error429_NG_AIS:
  3887.       description: |
  3888.         Specific definition of reporting error information in case of a HTTP error code 429.
  3889.       type: object
  3890.       properties:
  3891.         tppMessages:
  3892.           type: array
  3893.           items:
  3894.             $ref: "#/components/schemas/tppMessage429_AIS"
  3895.         _links:
  3896.           $ref: "#/components/schemas/_linksAll"
  3897.       example:
  3898.         [{
  3899.           "category": "ERROR",
  3900.           "code": "ACCESS_EXCEEDED",
  3901.           "text": "additional text information of the ASPSP up to 512 characters"
  3902.         }]
  3903.  
  3904.  
  3905.   parameters:
  3906.   #####################################################
  3907.   # Predefined Parameters
  3908.   #####################################################
  3909.  
  3910.     paymentService:
  3911.       name: payment-service
  3912.       in: path
  3913.       description: |
  3914.         Payment service:
  3915.        
  3916.         Possible values are:
  3917.         * payments
  3918.       required: true
  3919.       schema:
  3920.         type: string
  3921.         enum:
  3922.           - "payments"
  3923.  
  3924.  
  3925.     paymentProduct:
  3926.       name: payment-product
  3927.       in: path
  3928.       description: |
  3929.         The addressed payment product endpoint, e.g. for SEPA Credit Transfers (SCT).
  3930.  
  3931.         The following payment products are supported:
  3932.           - sepa-credit-transfers
  3933.           - internal-transfers
  3934.        
  3935.       required: true
  3936.       schema:
  3937.         type: string
  3938.         enum:
  3939.           - "sepa-credit-transfers"
  3940.           - "internal-transfers"
  3941.  
  3942.  
  3943.     paymentId:
  3944.       name: paymentId
  3945.       in: path
  3946.       description: Resource identification of the generated payment initiation resource.
  3947.       required: true
  3948.       schema:
  3949.         $ref: "#/components/schemas/paymentId"
  3950.  
  3951.  
  3952.     cancellationId:
  3953.       name: cancellationId
  3954.       in: path
  3955.       description: Identification for cancellation resource.
  3956.       required: true
  3957.       schema:
  3958.         $ref: "#/components/schemas/cancellationId"
  3959.  
  3960.  
  3961.     authorisationId:
  3962.       name: authorisationId
  3963.       in: path
  3964.       description: Resource identification of the related SCA.
  3965.       required: true
  3966.       schema:
  3967.         $ref: "#/components/schemas/authorisationId"
  3968.  
  3969.  
  3970.     accountId:
  3971.       name: accountId
  3972.       in: path
  3973.       description: |
  3974.         This identification is denoting the addressed account.
  3975.         The accountId is retrieved by using a "Read Account List" call.
  3976.         The accountId is the "id" attribute of the account structure.
  3977.         Its value is constant at least throughout the lifecycle of a given consent.
  3978.       required: true
  3979.       schema:
  3980.         $ref: "#/components/schemas/accountId"
  3981.  
  3982.     resourceId:
  3983.       name: resourceId
  3984.       in: path
  3985.       description: |
  3986.         This identification is given by the attribute resourceId of the corresponding entry of a transaction list.
  3987.       required: true
  3988.       schema:
  3989.         $ref: "#/components/schemas/resourceId"
  3990.  
  3991.     consentId_PATH:
  3992.       name: consentId
  3993.       in: path
  3994.       description: >
  3995.         ID of the corresponding consent object as returned by an Account
  3996.         Information Consent Request.
  3997.       required: true
  3998.       schema:
  3999.         $ref: '#/components/schemas/consentId'
  4000.        
  4001.     consentId_HEADER_optional:
  4002.       name: ConsentId
  4003.       in: header
  4004.       description: |
  4005.         This data element may be contained, if the payment initiation transaction is part of a session, i.e. combined AIS/PIS/PIIS service.
  4006.         This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
  4007.       required: false
  4008.       schema:
  4009.         $ref: "#/components/schemas/consentId"
  4010.  
  4011.  
  4012.     consentId_HEADER_mandatory:
  4013.       name: ConsentId
  4014.       in: header
  4015.       description: |
  4016.         This then contains the consentId of the related AIS consent, which was performed prior to this payment initiation.
  4017.       required: true
  4018.       schema:
  4019.         $ref: "#/components/schemas/consentId"
  4020.  
  4021.  
  4022.     withBalanceQuery:
  4023.       name: withBalance
  4024.       in: query
  4025.       description: |
  4026.         Ignored by the ASPSP.
  4027.       required: false
  4028.       schema:
  4029.         type: boolean
  4030.  
  4031.  
  4032.     dateFrom:
  4033.       name: dateFrom
  4034.       in: query
  4035.       description: |
  4036.         Conditional: Starting date (inclusive the date dateFrom) of the transaction list, mandated if no delta access is required.
  4037.        
  4038.         For booked transactions, the relevant date is the booking date.
  4039.        
  4040.         For pending transactions, the relevant date is the entry date, which may not be transparent
  4041.         neither in this API nor other channels of the ASPSP.
  4042.       required: false
  4043.       schema:
  4044.         type: string
  4045.         format: date
  4046.  
  4047.  
  4048.     dateTo:
  4049.       name: dateTo
  4050.       in: query
  4051.       description: |
  4052.         End date (inclusive the data dateTo) of the transaction list, default is "now" if not given.
  4053.        
  4054.         Might be ignored if a delta function is used.
  4055.        
  4056.         For booked transactions, the relevant date is the booking date.
  4057.        
  4058.         For pending transactions, the relevant date is the entry date, which may not be transparent
  4059.         neither in this API nor other channels of the ASPSP.
  4060.  
  4061.       required: false
  4062.       schema:
  4063.         type: string
  4064.         format: date
  4065.  
  4066.  
  4067.     entryReferenceFrom:
  4068.       name: entryReferenceFrom
  4069.       in: query
  4070.       description: |
  4071.         This data attribute is indicating that the AISP is in favour to get all transactions after
  4072.         the transaction with identification entryReferenceFrom alternatively to the above defined period.
  4073.         This is a implementation of a delta access.
  4074.         If this data element is contained, the entries "dateFrom" and "dateTo" might be ignored by the ASPSP
  4075.         if a delta report is supported.
  4076.        
  4077.         Optional if supported by API provider.
  4078.       required: false
  4079.       schema:
  4080.         type: string
  4081.  
  4082.  
  4083.     bookingStatus:
  4084.       name: bookingStatus
  4085.       in: query
  4086.       description: |
  4087.         Permitted codes are
  4088.           * "booked",
  4089.           * "pending" and
  4090.           * "both"
  4091.         "booked" shall be supported by the ASPSP.
  4092.         To support the "pending" and "both" feature is optional for the ASPSP,
  4093.         Error code if not supported in the online banking frontend
  4094.       required: true
  4095.       schema:
  4096.         type: string
  4097.         enum:
  4098.           - "booked"
  4099.           - "pending"
  4100.           - "both"
  4101.  
  4102.  
  4103.     deltaList:
  4104.       name: deltaList
  4105.       in: query
  4106.       description:
  4107.         This data attribute is indicating that the AISP is in favour to get all transactions after the last report access
  4108.         for this PSU on the addressed account.
  4109.         This is another implementation of a delta access-report.
  4110.        
  4111.         This delta indicator might be rejected by the ASPSP if this function is not supported.
  4112.        
  4113.         Optional if supported by API provider
  4114.       schema:
  4115.         type: boolean
  4116.  
  4117.  
  4118.     X-Request-ID:
  4119.       name: X-Request-ID
  4120.       in: header
  4121.       description: ID of the request, unique to the call, as determined by the initiating party.
  4122.       required: true
  4123.       example: "99391c7e-ad88-49ec-a2ad-99ddcb1f7721"
  4124.       schema:
  4125.         type: string
  4126.         format: uuid
  4127.  
  4128.  
  4129.     Digest:
  4130.       name: Digest
  4131.       in: header
  4132.       description: Is contained if and only if the "Signature" element is contained in the header of the request.
  4133.       schema:
  4134.         type: string
  4135.       required: false # conditional
  4136.       example: "SHA-256=hl1/Eps8BEQW58FJhDApwJXjGY4nr1ArGDHIT25vq6A="
  4137.  
  4138.  
  4139.     Signature:
  4140.       name: Signature
  4141.       in: header
  4142.       description: |
  4143.         A signature of the request by the TPP on application level. This might be mandated by ASPSP.
  4144.       schema:
  4145.         type: string
  4146.       required: false # conditional
  4147.       example: >
  4148.         keyId="SN=9FA1,CA=CN=D-TRUST%20CA%202-1%202015,O=D-Trust%20GmbH,C=DE",algorithm="rsa-sha256",
  4149.         headers="Digest X-Request-ID PSU-ID TPP-Redirect-URI Date",
  4150.         signature="Base64(RSA-SHA256(signing string))"
  4151.  
  4152.  
  4153.     TPP-Signature-Certificate:
  4154.       name: TPP-Signature-Certificate
  4155.       in: header
  4156.       description: |
  4157.         The certificate used for signing the request, in base64 encoding.
  4158.         Must be contained if a signature is contained.
  4159.       schema:
  4160.         type: string
  4161.         format: byte
  4162.       required: false # conditional
  4163.  
  4164.  
  4165.     TPP-Redirect-Preferred:
  4166.       name: TPP-Redirect-Preferred
  4167.       in: header
  4168.       description: |
  4169.         Ignored by ASPSP
  4170.       schema:
  4171.         type: string
  4172.         enum:
  4173.           - "true"
  4174.           - "false"
  4175.         #type: boolean
  4176.       required: false
  4177.  
  4178.  
  4179.     TPP-Redirect-URI:
  4180.       name: TPP-Redirect-URI
  4181.       in: header
  4182.       description: |
  4183.         URI of the TPP, where the transaction flow shall be redirected to after a Redirect.
  4184.        
  4185.         It is recommended to always use this header field.
  4186.        
  4187.         **Remark for Future:**
  4188.         This field might be changed to mandatory in the next version of the specification.
  4189.       schema:
  4190.         type: string
  4191.         format: uri
  4192.       required: false # conditional
  4193.  
  4194.  
  4195.     TPP-Nok-Redirect-URI:
  4196.       name: TPP-Nok-Redirect-URI
  4197.       in: header
  4198.       description: |
  4199.         Ignored by the ASPSP.
  4200.       schema:
  4201.         type: string
  4202.         format: uri
  4203.       required: false
  4204.  
  4205.  
  4206.     TPP-Explicit-Authorisation-Preferred:
  4207.       name: TPP-Explicit-Authorisation-Preferred
  4208.       in: header
  4209.       description: |
  4210.         Ignored by the ASPSP. TPP should assume a direct authorisation of the transaction in the next step.
  4211.        
  4212.       schema:
  4213.         type: string
  4214.         enum:
  4215.           - "true"
  4216.           - "false"
  4217.         #type: boolean
  4218.       required: false
  4219.  
  4220.  
  4221.     PSU-ID:
  4222.       name: PSU-ID
  4223.       in: header
  4224.       description: |
  4225.         Client ID of the PSU in the ASPSP client interface. Might be mandated in the ASPSP's documentation.
  4226.         Is not contained if an OAuth2 based authentication was performed in a pre-step or an OAuth2 based SCA was performed in an preceeding
  4227.         AIS service in the same session.
  4228.       schema:
  4229.         type: string
  4230.       required: false
  4231.       example: "PSU-1234"
  4232.  
  4233.  
  4234.     PSU-ID-Type:
  4235.       name: PSU-ID-Type
  4236.       in: header
  4237.       description: |
  4238.         Type of the PSU-ID, needed in scenarios where PSUs have several PSU-IDs as access possibility.
  4239.       schema:
  4240.         type: string
  4241.       required: false
  4242.  
  4243.  
  4244.     PSU-Corporate-ID:
  4245.       name: PSU-Corporate-ID
  4246.       in: header
  4247.       description: |
  4248.         Might be mandated in the ASPSP's documentation. Only used in a corporate context.
  4249.       schema:
  4250.         type: string
  4251.       required: false
  4252.  
  4253.  
  4254.     PSU-Corporate-ID-Type:
  4255.       name: PSU-Corporate-ID-Type
  4256.       in: header
  4257.       description: |
  4258.         Might be mandated in the ASPSP's documentation. Only used in a corporate context.
  4259.       schema:
  4260.         type: string
  4261.       required: false
  4262.  
  4263.  
  4264.     PSU-IP-Address_mandatory:
  4265.       name: PSU-IP-Address
  4266.       in: header
  4267.       description: |
  4268.         The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
  4269.       schema:
  4270.         type: string
  4271.         format: ipv4
  4272.       required: true
  4273.       example: 192.168.8.78
  4274.  
  4275.  
  4276.     PSU-IP-Address_optional:
  4277.       name: PSU-IP-Address
  4278.       in: header
  4279.       description: |
  4280.         The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.
  4281.       schema:
  4282.         type: string
  4283.         format: ipv4
  4284.       required: false
  4285.       example: 192.168.8.78
  4286.  
  4287.  
  4288.     PSU-IP-Address_conditionalForAis:
  4289.       name: PSU-IP-Address
  4290.       in: header
  4291.       description: |
  4292.         The forwarded IP Address header field consists of the corresponding HTTP request
  4293.         IP Address field between PSU and TPP.
  4294.         It shall be contained if and only if this request was actively initiated by the PSU.
  4295.       schema:
  4296.         type: string
  4297.         format: ipv4
  4298.       required: false
  4299.       example: 192.168.8.78
  4300.  
  4301.     PSU-IP-Port:
  4302.       name: PSU-IP-Port
  4303.       in: header
  4304.       description: |
  4305.         The forwarded IP Port header field consists of the corresponding HTTP request IP Port field between PSU and TPP, if available.
  4306.       schema:
  4307.         type: string
  4308.       required: false
  4309.       example: "1234"
  4310.  
  4311.  
  4312.     PSU-Accept:
  4313.       name: PSU-Accept
  4314.       in: header
  4315.       description: |
  4316.         The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
  4317.       schema:
  4318.         type: string
  4319.       required: false
  4320.  
  4321.  
  4322.     PSU-Accept-Charset:
  4323.       name: PSU-Accept-Charset
  4324.       in: header
  4325.       description: |
  4326.         The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
  4327.       schema:
  4328.         type: string
  4329.       required: false
  4330.  
  4331.  
  4332.     PSU-Accept-Encoding:
  4333.       name: PSU-Accept-Encoding
  4334.       in: header
  4335.       description: |
  4336.         The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
  4337.       schema:
  4338.         type: string
  4339.       required: false
  4340.  
  4341.  
  4342.     PSU-Accept-Language:
  4343.       name: PSU-Accept-Language
  4344.       in: header
  4345.       description: |
  4346.         The forwarded IP Accept header fields consist of the corresponding HTTP request Accept header fields between PSU and TPP, if available.
  4347.       schema:
  4348.         type: string
  4349.       required: false
  4350.  
  4351.  
  4352.     PSU-User-Agent:
  4353.       name: PSU-User-Agent
  4354.       in: header
  4355.       description: |
  4356.         The forwarded Agent header field of the HTTP request between PSU and TPP, if available.
  4357.       schema:
  4358.         type: string
  4359.       required: false
  4360.  
  4361.  
  4362.     PSU-Http-Method:
  4363.       name: PSU-Http-Method
  4364.       in: header
  4365.       description: |
  4366.         HTTP method used at the PSU ? TPP interface, if available.
  4367.         Valid values are:
  4368.         * GET
  4369.         * POST
  4370.         * PUT
  4371.         * PATCH
  4372.         * DELETE
  4373.       schema:
  4374.         type: string
  4375.         enum:
  4376.           - "GET"
  4377.           - "POST"
  4378.           - "PUT"
  4379.           - "PATCH"
  4380.           - "DELETE"
  4381.       required: false
  4382.  
  4383.  
  4384.     PSU-Device-ID:
  4385.       name: PSU-Device-ID
  4386.       in: header
  4387.       description: |
  4388.         UUID (Universally Unique Identifier) for a device, which is used by the PSU, if available.
  4389.         UUID identifies either a device or a device dependant application installation.
  4390.         In case of an installation identification this ID need to be unaltered until removal from device.
  4391.       schema:
  4392.         type: string
  4393.         format: uuid
  4394.       required: false
  4395.       example: "99435c7e-ad88-49ec-a2ad-99ddcb1f5555"
  4396.  
  4397.     PSU-Geo-Location:
  4398.       name: PSU-Geo-Location
  4399.       in: header
  4400.       description: |
  4401.         The forwarded Geo Location of the corresponding http request between PSU and TPP if available.
  4402.       schema:
  4403.         type: string
  4404.         pattern: '(GEO:)[0-9]{1,3}\.[-][0-9]{6}\,[-][0-9]{1,3}\.[0-9]{6}'
  4405.       required: false
  4406.       example: GEO:52.506931,13.144558
  4407.  
  4408.  
  4409.  
  4410.  
  4411.   requestBodies:
  4412.   #####################################################
  4413.   # Reusable Request Bodies
  4414.   #####################################################
  4415.  
  4416.     paymentInitiation:
  4417.       description: |
  4418.       required: true
  4419.       content:
  4420.         application/json:
  4421.           schema:
  4422.             oneOf:
  4423.               - $ref: "#/components/schemas/paymentInitiationSct_json"
  4424.               - $ref: "#/components/schemas/paymentInitiationIt_json"
  4425.              
  4426.           examples:
  4427.             "Example 1: 'payments' - 'sepa-credit-transfers'":
  4428.               $ref: "#/components/examples/paymentInitiationSctBody_payments_json"
  4429.             "Example 2: 'payments' - 'internal-transfers'":
  4430.               $ref: "#/components/examples/paymentInitiationItBody_payments_json"
  4431.  
  4432.     confirmationOfFunds:
  4433.       description: |
  4434.         When subaccount reference is missing funds availability is checked against main subaccount.
  4435.       content:
  4436.         application/json:
  4437.           schema:
  4438.             $ref: "#/components/schemas/confirmationOfFunds"
  4439.           examples:
  4440.             "Example":
  4441.               $ref: "#/components/examples/confirmationOfFundsExample"
  4442.       required: true
  4443.  
  4444.  
  4445.     consents:
  4446.       description: |
  4447.         Requestbody for a consents request
  4448.       content:
  4449.         application/json:
  4450.           schema:
  4451.             $ref: "#/components/schemas/consents"
  4452.           examples:
  4453.             "Consent Request on Dedicated Accounts":
  4454.               $ref: "#/components/examples/consentsExample_DedicatedAccounts"
  4455.             "Consent on Account List of Available Accounts":
  4456.               $ref: "#/components/examples/consentsExample_AccountList"
  4457.             "Consent Request on Account List or without Indication of dedicated Accounts":
  4458.               $ref: "#/components/examples/consentsExample_without_Accounts"
  4459.  
  4460.   headers:
  4461.   #####################################################
  4462.   # Reusable Response Header Elements
  4463.   #####################################################
  4464.  
  4465.     X-Request-ID:
  4466.       description: ID of the request, unique to the call, as determined by the initiating party.
  4467.       required: true
  4468.       example: "99391c7e-ad88-49ec-a2ad-99ddcb1f7721"
  4469.       schema:
  4470.         type: string
  4471.         format: uuid
  4472.  
  4473.     ASPSP-SCA-Approach:
  4474.       description: |
  4475.         This data element must be contained, if the SCA Approach is already fixed.
  4476.         Possible values are
  4477.           * EMBEDDED
  4478.           * DECOUPLED
  4479.           * REDIRECT
  4480.         The OAuth SCA approach will be subsumed by REDIRECT.
  4481.       schema:
  4482.         type: string
  4483.         enum:
  4484.           - "EMBEDDED"
  4485.           - "DECOUPLED"
  4486.           - "REDIRECT"
  4487.         example: "EMBEDDED"
  4488.       required: false
  4489.  
  4490.     Location:
  4491.       description: |
  4492.         Location of the created resource.
  4493.       schema:
  4494.         type: string
  4495.         format: url
  4496.       required: false
  4497.  
  4498.   responses:
  4499.   #####################################################
  4500.   # Reusabale Responses
  4501.   #####################################################
  4502.     #####################################################
  4503.     # Positive Responses
  4504.     #####################################################
  4505.  
  4506.     OK_200_PaymentInitiationInformation:
  4507.       description: OK
  4508.      
  4509.       headers:
  4510.         X-Request-ID:
  4511.           $ref: "#/components/headers/X-Request-ID"
  4512.       content:
  4513.         application/json:
  4514.            schema:
  4515.             oneOf:
  4516.               - $ref: "#/components/schemas/paymentInitiationSctWithStatusResponse"
  4517.               - $ref: "#/components/schemas/paymentInitiationItWithStatusResponse"
  4518.              
  4519.     OK_200_PaymentInitiationStatus:
  4520.       description: OK
  4521.      
  4522.       headers:
  4523.         X-Request-ID:
  4524.           $ref: "#/components/headers/X-Request-ID"
  4525.      
  4526.       content:
  4527.         application/json:
  4528.           schema:
  4529.             $ref: "#/components/schemas/paymentInitiationStatusResponse-200_json"
  4530.           examples:
  4531.             simple:
  4532.               $ref: "#/components/examples/paymentInitiationStatusResponse_json_Simple"
  4533.             extended:
  4534.               $ref: "#/components/examples/paymentInitiationStatusResponse_json_Extended"
  4535.  
  4536.  
  4537.     OK_200_Authorisations:
  4538.       description: OK
  4539.      
  4540.       headers:
  4541.         X-Request-ID:
  4542.           $ref: "#/components/headers/X-Request-ID"
  4543.  
  4544.       content:
  4545.         application/json:
  4546.           schema:
  4547.             $ref: "#/components/schemas/authorisations"
  4548.           examples:
  4549.             Example:
  4550.               $ref: "#/components/examples/authorisationListExample"
  4551.  
  4552.  
  4553.     OK_200_ScaStatus:
  4554.       description: OK
  4555.      
  4556.       headers:
  4557.         X-Request-ID:
  4558.           $ref: "#/components/headers/X-Request-ID"
  4559.      
  4560.       content:
  4561.         application/json:
  4562.           schema:
  4563.             $ref: "#/components/schemas/scaStatusResponse"
  4564.  
  4565.  
  4566.     OK_200_AccountList:
  4567.       description: OK
  4568.      
  4569.       headers:
  4570.         X-Request-ID:
  4571.           $ref: "#/components/headers/X-Request-ID"
  4572.      
  4573.       content:
  4574.         application/json:
  4575.           schema:
  4576.             $ref: "#/components/schemas/accountList"
  4577.           examples:
  4578.             "Example 1":
  4579.               $ref: "#/components/examples/accountListExample1"
  4580.             "Example 2":
  4581.               $ref: "#/components/examples/accountListExample2"
  4582.             "Example 3":
  4583.               $ref: "#/components/examples/accountListExample3"
  4584.  
  4585.  
  4586.  
  4587.     OK_200_CancellationList:
  4588.       description: OK
  4589.      
  4590.       headers:
  4591.         X-Request-ID:
  4592.           $ref: "#/components/headers/X-Request-ID"
  4593.      
  4594.       content:
  4595.         application/json:
  4596.           schema:
  4597.             $ref: "#/components/schemas/cancellationList"
  4598.           examples:
  4599.             "Example 1":
  4600.               $ref: "#/components/examples/cancellationListExample"
  4601.  
  4602.  
  4603.  
  4604.     OK_200_TransactionDetails:
  4605.       description: OK
  4606.      
  4607.       headers:
  4608.         X-Request-ID:
  4609.           $ref: "#/components/headers/X-Request-ID"
  4610.      
  4611.       content:
  4612.         application/json:
  4613.           schema:
  4614.             $ref: "#/components/schemas/transactionDetails"
  4615.           examples:
  4616.             Example:
  4617.               $ref: "#/components/examples/transactionDetailsExample"
  4618.  
  4619.  
  4620.     OK_200_Balances:
  4621.       description: OK
  4622.      
  4623.       headers:
  4624.         X-Request-ID:
  4625.           $ref: "#/components/headers/X-Request-ID"
  4626.      
  4627.       content:
  4628.         application/json:
  4629.           schema:
  4630.             $ref: "#/components/schemas/readAccountBalanceResponse-200"
  4631.           examples:
  4632.             "Example 1: Multicurrency Account":
  4633.               $ref: "#/components/examples/balancesExample2_MulticurrencyAcount"
  4634.  
  4635.  
  4636.     OK_200_AccountsTransactions:
  4637.       description: OK
  4638.      
  4639.       headers:
  4640.         X-Request-ID:
  4641.           $ref: "#/components/headers/X-Request-ID"
  4642.      
  4643.       content:
  4644.         application/json:
  4645.           schema:
  4646.             $ref: "#/components/schemas/transactionsResponse-200_json"
  4647.           examples:
  4648.             "Example 1":
  4649.               $ref: "#/components/examples/transactionsExample1_RegularAccount_json"
  4650.        
  4651.  
  4652.     OK_200_ConsentInformation:
  4653.       description: OK
  4654.      
  4655.       headers:
  4656.         X-Request-ID:
  4657.           $ref: "#/components/headers/X-Request-ID"
  4658.      
  4659.       content:
  4660.         application/json:
  4661.           schema:
  4662.             $ref: "#/components/schemas/consentInformationResponse-200_json"
  4663.           examples:
  4664.             Example:
  4665.               $ref: "#/components/examples/consentsInformationResponseExample"
  4666.  
  4667.  
  4668.     OK_200_ConsentStatus:
  4669.       description: OK
  4670.      
  4671.       headers:
  4672.         X-Request-ID:
  4673.           $ref: "#/components/headers/X-Request-ID"
  4674.      
  4675.       content:
  4676.         application/json:
  4677.           schema:
  4678.             $ref: "#/components/schemas/consentStatusResponse-200"
  4679.           examples:
  4680.             Example:
  4681.               $ref: "#/components/examples/consentStatusResponseExample1"
  4682.  
  4683.  
  4684.  
  4685.     OK_200_ConfirmationOfFunds:
  4686.       description: OK
  4687.      
  4688.       headers:
  4689.         Location:
  4690.           $ref: "#/components/headers/Location"
  4691.         X-Request-ID:
  4692.           $ref: "#/components/headers/X-Request-ID"
  4693.      
  4694.       content:
  4695.         application/json:
  4696.           schema:
  4697.             description: |
  4698.               Equals "true" if sufficient funds are available at the time of the request,
  4699.               "false" otherwise.
  4700.             type: object
  4701.             required:
  4702.               - fundsAvailable
  4703.             properties:
  4704.               fundsAvailable:
  4705.                 type: boolean
  4706.           examples:
  4707.             "Example":
  4708.               $ref: "#/components/examples/confirmationOfFundsResponseExample"
  4709.  
  4710.  
  4711.     CREATED_201_PaymentInitiation:
  4712.       description: CREATED
  4713.      
  4714.       headers:
  4715.         X-Request-ID:
  4716.           $ref: "#/components/headers/X-Request-ID"
  4717.         Location:
  4718.           $ref: "#/components/headers/Location"
  4719.         ASPSP-SCA-Approach:
  4720.           $ref: "#/components/headers/ASPSP-SCA-Approach"
  4721.      
  4722.       content:
  4723.         application/json:
  4724.           schema:
  4725.             oneOf:
  4726.               - $ref: "#/components/schemas/paymentInitationRequestResponse-201"
  4727.           examples:
  4728.             "Response with redirect":
  4729.               $ref: "#/components/examples/paymentInitiationExample_json_Redirect"
  4730.  
  4731.     CREATED_201_StartScaProcess:
  4732.       description: Created
  4733.      
  4734.       headers:
  4735.         X-Request-ID:
  4736.           $ref: "#/components/headers/X-Request-ID"
  4737.         ASPSP-SCA-Approach:
  4738.           $ref: "#/components/headers/ASPSP-SCA-Approach"
  4739.      
  4740.       content:
  4741.         application/json:
  4742.           schema:
  4743.             $ref: "#/components/schemas/startScaprocessResponse"
  4744.           examples:
  4745.             "Example 1: payments - Decoupled Approach":
  4746.                $ref: "#/components/examples/startScaProcessResponseExample1"
  4747.  
  4748.  
  4749.     CREATED_201_Consents:
  4750.       description: Created
  4751.      
  4752.       headers:
  4753.         Location:
  4754.           $ref: "#/components/headers/Location"
  4755.         X-Request-ID:
  4756.           $ref: "#/components/headers/X-Request-ID"
  4757.         ASPSP-SCA-Approach:
  4758.           $ref: "#/components/headers/ASPSP-SCA-Approach"
  4759.      
  4760.       content:
  4761.         application/json:
  4762.           schema:
  4763.             $ref: "#/components/schemas/consentsResponse-201"
  4764.          
  4765.           examples:
  4766.             "Response with redirect":
  4767.               $ref: "#/components/examples/consentResponseExample1a_Redirect"
  4768.  
  4769.  
  4770.  
  4771.  
  4772.     NO_CONTENT_204_PaymentInitiationCancel:
  4773.       description: OK
  4774.      
  4775.       headers:
  4776.         X-Request-ID:
  4777.           $ref: "#/components/headers/X-Request-ID"
  4778.      
  4779.       content:
  4780.         application/json:
  4781.           schema:
  4782.             $ref: "#/components/schemas/paymentInitiationCancelResponse-204_202"
  4783.           examples:
  4784.             Example:
  4785.               $ref: "#/components/examples/paymentInitiationCancelResponse-204_202"
  4786.  
  4787.     NO_CONTENT_204_Consents:
  4788.       description: No Content
  4789.      
  4790.       headers:
  4791.         X-Request-ID:
  4792.           $ref: "#/components/headers/X-Request-ID"
  4793.       #NO RESPONSE BODY
  4794.  
  4795.  
  4796.  
  4797.     #####################################################
  4798.     # Negative Responses
  4799.     #####################################################
  4800.  
  4801.     BAD_REQUEST_400:
  4802.       description: Bad Request
  4803.      
  4804.       headers:
  4805.         Location:
  4806.           $ref: "#/components/headers/Location"
  4807.         X-Request-ID:
  4808.           $ref: "#/components/headers/X-Request-ID"
  4809.      
  4810.       content:
  4811.         application/json:
  4812.           schema:
  4813.             $ref: "#/components/schemas/Error400"
  4814.  
  4815.  
  4816.     UNAUTHORIZED_401:
  4817.       description: Unauthorized
  4818.      
  4819.       headers:
  4820.         Location:
  4821.           $ref: "#/components/headers/Location"
  4822.         X-Request-ID:
  4823.           $ref: "#/components/headers/X-Request-ID"
  4824.      
  4825.       content:
  4826.         application/json:
  4827.           schema:
  4828.             $ref: "#/components/schemas/Error401"
  4829.  
  4830.  
  4831.     FORBIDDEN_403:
  4832.       description: Forbidden
  4833.      
  4834.       headers:
  4835.         Location:
  4836.           $ref: "#/components/headers/Location"
  4837.         X-Request-ID:
  4838.           $ref: "#/components/headers/X-Request-ID"
  4839.      
  4840.       content:
  4841.         application/json:
  4842.           schema:
  4843.             $ref: "#/components/schemas/Error403"
  4844.  
  4845.     NOT_FOUND_404_PIS:
  4846.       description: Not found
  4847.      
  4848.       headers:
  4849.         Location:
  4850.           $ref: "#/components/headers/Location"
  4851.         X-Request-ID:
  4852.           $ref: "#/components/headers/X-Request-ID"
  4853.      
  4854.       content:
  4855.         application/json:
  4856.           schema:
  4857.             $ref: "#/components/schemas/Error404_NG_PIS"
  4858.  
  4859.  
  4860.     NOT_FOUND_404_AIS:
  4861.       description: Not found
  4862.      
  4863.       headers:
  4864.         Location:
  4865.           $ref: "#/components/headers/Location"
  4866.         X-Request-ID:
  4867.           $ref: "#/components/headers/X-Request-ID"
  4868.      
  4869.       content:
  4870.         application/json:
  4871.           schema:
  4872.             $ref: "#/components/schemas/Error404_NG_AIS"
  4873.  
  4874.  
  4875.     NOT_FOUND_404_PIIS:
  4876.       description: Not found
  4877.      
  4878.       headers:
  4879.         Location:
  4880.           $ref: "#/components/headers/Location"
  4881.         X-Request-ID:
  4882.           $ref: "#/components/headers/X-Request-ID"
  4883.      
  4884.       content:
  4885.         application/json:
  4886.           schema:
  4887.             $ref: "#/components/schemas/Error404_NG_PIIS"
  4888.  
  4889.  
  4890.  
  4891.     METHOD_NOT_ALLOWED_405:
  4892.       description: Method Not Allowed
  4893.      
  4894.       headers:
  4895.         Location:
  4896.           $ref: "#/components/headers/Location"
  4897.         X-Request-ID:
  4898.           $ref: "#/components/headers/X-Request-ID"
  4899.      
  4900.       content:
  4901.         application/json:
  4902.           schema:
  4903.             $ref: "#/components/schemas/Error405"
  4904.  
  4905.  
  4906.     REQUEST_TIMEOUT_408:
  4907.       description: Request Timeout
  4908.      
  4909.       headers:
  4910.         Location:
  4911.           $ref: "#/components/headers/Location"
  4912.         X-Request-ID:
  4913.           $ref: "#/components/headers/X-Request-ID"
  4914.       #No Response body because there are no valid message codes for PIS in case of HTTP code 408
  4915.  
  4916.  
  4917.     TOO_MANY_REQUESTS_429_AIS:
  4918.       description: Too Many Requests
  4919.      
  4920.       headers:
  4921.         Location:
  4922.           $ref: "#/components/headers/Location"
  4923.         X-Request-ID:
  4924.           $ref: "#/components/headers/X-Request-ID"
  4925.      
  4926.       content:
  4927.         application/json:
  4928.           schema:
  4929.             $ref: "#/components/schemas/Error429_NG_AIS"
  4930.            
  4931.     INTERNAL_SERVER_ERROR_500:
  4932.       description: Internal Server Error
  4933.       headers:
  4934.         Location:
  4935.           $ref: "#/components/headers/Location"
  4936.         X-Request-ID:
  4937.           $ref: "#/components/headers/X-Request-ID"
  4938.       #No Response body because there are no valid message codes for PIS in case of HTTP code 500
  4939.  
  4940.  
  4941.     SERVICE_UNAVAILABLE_503:
  4942.       description: Service Unavailable
  4943.       headers:
  4944.         Location:
  4945.           $ref: "#/components/headers/Location"
  4946.         X-Request-ID:
  4947.           $ref: "#/components/headers/X-Request-ID"
  4948.       #No Response body because there are no valid message codes for PIS in case of HTTP code 503
  4949.  
  4950.  
  4951.   examples:
  4952.   #####################################################
  4953.   # Predefined Examples
  4954.   #####################################################
  4955.  
  4956.     ibanExampleDe_01:
  4957.       value: "DE02100100109307118603"
  4958.  
  4959.  
  4960.     ibanExampleDe_02:
  4961.       value: "DE23100120020123456789"
  4962.  
  4963.  
  4964.     ibanExampleDe_03:
  4965.       value: "DE40100100103307118608"
  4966.  
  4967.  
  4968.     ibanExampleDe_04:
  4969.       value: "DE67100100101306118605"
  4970.  
  4971.  
  4972.     ibanExampleDe_05:
  4973.       value: "DE87200500001234567890"
  4974.  
  4975.  
  4976.     ibanExampleFr_01:
  4977.       value: "FR7612345987650123456789014"
  4978.  
  4979.  
  4980.     ibanExampleNl_01:
  4981.       value: "NL76RABO0359400371"
  4982.  
  4983.  
  4984.     ibanExampleSe_01:
  4985.       value: "SE9412309876543211234567"
  4986.  
  4987.  
  4988.     uuidExample:
  4989.       value: "99391c7e-ad88-49ec-a2ad-99ddcb1f7721"
  4990.  
  4991.     paymentInitiationSctBody_payments_json:
  4992.       value:
  4993.         {    
  4994.           "instructedAmount": {"currency": "EUR", "amount": "123.50"},
  4995.           "debtorAccount": {"iban": "DE40100100103307118608"},
  4996.           "creditorName": "Merchant123",
  4997.           "creditorAccount": {"iban": "DE02100100109307118603"},
  4998.           "remittanceInformationUnstructured": "Ref Number Merchant"
  4999.         }
  5000.  
  5001.     paymentInitiationItBody_payments_json:
  5002.       value:
  5003.         {    
  5004.           "instructedAmount": {"currency": "EUR", "amount": "123.50"},
  5005.           "fromSubAccount": "1",
  5006.           "toSubAccount": "2",
  5007.           "remittanceInformationUnstructured": "Ref Number Merchant"
  5008.         }
  5009.  
  5010.  
  5011.  
  5012.     accountListExample1:
  5013.       summary: Account list Example 1
  5014.       description: Response in case of an example, where the consent has been given on two different IBANs
  5015.       value:
  5016.         {"accounts":
  5017.            [
  5018.               {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e80f",
  5019.                "iban": "DE2310010010123456789",
  5020.                "currency": "EUR",
  5021.                "product": "Girokonto",
  5022.                "cashAccountType": "CurrentAccount",
  5023.                "name": "Main Account",
  5024.                "_links": {
  5025.             "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/balances"},
  5026.             "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/transactions"}}
  5027.               },
  5028.               {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e81g",
  5029.                "iban": "DE2310010010123456788",
  5030.                "currency": "USD",
  5031.                "product": "Fremdw?hrungskonto",
  5032.                "cashAccountType": "CurrentAccount",
  5033.                "name": "US Dollar Account",
  5034.                "_links": {
  5035.             "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81g/balances" }}
  5036.                }
  5037.         ]}
  5038.  
  5039.  
  5040.     accountListExample2:
  5041.       summary: Account list Example 2
  5042.       description: |
  5043.         Response in case of an example where consent on transactions and balances has been given to a multicurrency account which has two sub-accounts with currencies EUR and USD, and where the ASPSP is giving the data access only on sub-account level
  5044.       value:
  5045.         {"accounts":
  5046.            [
  5047.               {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e80f",
  5048.                "iban": "DE2310010010123456788",
  5049.                "currency": "EUR",
  5050.                "product": "Girokonto",
  5051.                "cashAccountType": "CurrentAccount",
  5052.                "name": "Main Account",
  5053.                "_links": {
  5054.             "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/balances"},
  5055.             "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/transactions"}}
  5056.               },
  5057.               {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e81g",
  5058.                "iban": "DE2310010010123456788",
  5059.                "currency": "USD",
  5060.                "product": "Fremdw?hrungskonto",
  5061.                "cashAccountType": "CurrentAccount",
  5062.                "name": "US Dollar Account",
  5063.                "_links": {
  5064.                  "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81g/balances"},
  5065.                  "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81g/transactions"} }
  5066.                }
  5067.         ]}
  5068.  
  5069.  
  5070.     accountListExample3:
  5071.       summary: Account list Example 3
  5072.       description: |
  5073.         Account list response in case of an example where consent on balances and transactions has been given to
  5074.         a multicurrency account which has two sub-accounts with currencies EUR and USD and where the ASPSP is giving
  5075.         the data access on aggregation level and on sub-account level
  5076.       value:
  5077.         {"accounts":
  5078.            [
  5079.               {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e80f",
  5080.                "iban": "DE2310010010123456788",
  5081.                "currency": "XXX",
  5082.                "product": "Multi currency account",
  5083.                "cashAccountType": "CurrentAccount",
  5084.                "name": "Aggregation Account",
  5085.                "_links": {
  5086.             "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e333/balances"},
  5087.             "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e333/transactions"}}
  5088.               },
  5089.         {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e80f",
  5090.                "iban": "DE2310010010123456788",
  5091.                "currency": "EUR",
  5092.                "product": "Girokonto",
  5093.                "cashAccountType": "CurrentAccount",
  5094.                "name": "Main Account",
  5095.                "_links": {
  5096.             "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/balances"},
  5097.             "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f/transactions"}}
  5098.               },
  5099.               {"resourceId": "3dc3d5b3-7023-4848-9853-f5400a64e81g",
  5100.                "iban": "DE2310010010123456788",
  5101.                "currency": "USD",
  5102.                "product": "Fremdw?hrungskonto",
  5103.                "cashAccountType": "CurrentAccount",
  5104.                "name": "US Dollar Account",
  5105.                "_links": {
  5106.             "balances": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81g/balances"},
  5107.             "transactions": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e81g/transactions"} }
  5108.                }
  5109.         ]}
  5110.  
  5111.  
  5112.     startScaProcessResponseExample1:
  5113.       value:
  5114.         {
  5115.            "scaStatus": "received",
  5116.            "psuMessage": "Please use your BankApp for transaction Authorisation.",
  5117.            "_links":
  5118.             {
  5119.               "scaStatus":  {"href":"/v1/payments/qwer3456tzui7890/authorisations/123auth456"}
  5120.             }
  5121.         }
  5122.  
  5123.  
  5124.     consentsExample_DedicatedAccounts:
  5125.       description: Consent request on dedicated accounts
  5126.       value:
  5127.         {
  5128.         "access":
  5129.           {
  5130.             "balances": [
  5131.                 { "iban": "DE40100100103307118608" },
  5132.                 { "iban": "DE02100100109307118603",
  5133.           "currency": "USD"
  5134.                 },
  5135.                 { "iban": "DE67100100101306118605" }
  5136.               ],
  5137.             "transactions": [
  5138.                 { "iban": "DE40100100103307118608" },
  5139.                 { "maskedPan": "123456xxxxxx1234" }
  5140.               ]
  5141.            },
  5142.         "recurringIndicator": "true",
  5143.         "validUntil": "2017-11-01",
  5144.         "frequencyPerDay": "4"
  5145.        }
  5146.      
  5147.  
  5148.  
  5149.     consentsExample_AccountList:
  5150.       description: Consent on Account List of Available Accounts
  5151.       value:
  5152.         {"access":
  5153.           {"availableAccounts": "allAccounts"},
  5154.          "recurringIndicator": "false",
  5155.          "validUntil": "2017-08-06",
  5156.          "frequencyPerDay": "1"
  5157.         }
  5158.  
  5159.  
  5160.     consentsExample_without_Accounts:
  5161.       description: Consent request on account list or without indication of accounts
  5162.       value:
  5163.         {"access":
  5164.         {
  5165.           "balances": [],
  5166.           "transactions": []
  5167.         },
  5168.         "recurringIndicator": "true",
  5169.         "validUntil": "2017-11-01",
  5170.         "frequencyPerDay": "4"
  5171.         }
  5172.  
  5173.  
  5174.  
  5175.     consentsInformationResponseExample:
  5176.       description: Consent request on account list or without indication of accounts
  5177.       value:
  5178.         {
  5179.           "access": {
  5180.             "balances": [
  5181.               {"iban": "DE2310010010123456789"}
  5182.                 ],
  5183.             "transactions":
  5184.               [
  5185.               {"iban": "DE2310010010123456789"},
  5186.               {"pan": "123456xxxxxx3457"}
  5187.               ]
  5188.             },
  5189.           "recurringIndicator": "true",
  5190.           "validUntil": "2017-11-01",
  5191.           "frequencyPerDay": "4",
  5192.           "consentStatus": "valid",
  5193.           "_links": {"account": {"href": "/v1/accounts"}}
  5194.         }
  5195.  
  5196.  
  5197.     consentResponseExample1a_Redirect:
  5198.       description: Consent request Response in case of a redirect
  5199.       value:
  5200.         {
  5201.           "consentStatus": "received",
  5202.           "consentId": "1234-wertiq-983",
  5203.           "_links":
  5204.             {
  5205.             "scaRedirect": {"href": "https://www.testbank.com/authentication/1234-wertiq-983"},
  5206.             "status": {"href": "/v1/consents/1234-wertiq-983/status"},
  5207.             "scaStatus": {"href": "v1/consents/1234-wertiq-983/authorisations/123auth567"}
  5208.             }
  5209.         }
  5210.  
  5211.  
  5212.     consentResponseExample1b_Redirect:
  5213.       description: Consent request Response in case of a redirect with a dedicated start of the authorisation process
  5214.       value:
  5215.         {
  5216.           "consentStatus": "received",
  5217.           "consentId": "1234-wertiq-983",
  5218.           "_links":
  5219.             {
  5220.             "startAuthorisation": {"href": "v1/consents/1234-wertiq-983/authorisations"}
  5221.             }
  5222.         }
  5223.  
  5224.  
  5225.  
  5226.     consentStatusResponseExample1:
  5227.       description: Response for a consent status request.
  5228.       value:
  5229.         {
  5230.           "consentStatus": "valid",
  5231.         }
  5232.  
  5233.  
  5234.     paymentInitiationExample_json_Redirect:
  5235.       description: "Response in case of a redirect with an implicitly created authorisation sub-resource"
  5236.       value:
  5237.         {
  5238.           "transactionStatus": "RCVD",
  5239.           "paymentId": "1234-wertiq-983",
  5240.           "_links":
  5241.             {
  5242.             "scaRedirect": {"href": "https://www.testbank.com/asdfasdfasdf"},
  5243.             "self": {"href": "/v1/payments/sepa-credit-transfers/1234-wertiq-983"},
  5244.             "status": {"href": "/v1/payments/1234-wertiq-983/status"},
  5245.             "scaStatus": {"href": "/v1/payments/1234-wertiq-983/authorisations/123auth456"}
  5246.             }
  5247.         }
  5248.  
  5249.  
  5250.     paymentInitiationExample_json__RedirectExplicitAuthorisation:
  5251.       description: "Response in case of a redirect with an explicit authorisation start"
  5252.       value:
  5253.         {
  5254.           "transactionStatus": "RCVD",
  5255.           "paymentId": "1234-wertiq-983",
  5256.           "_links":
  5257.             {
  5258.             "self": {"href": "/v1/payments/1234-wertiq-983"},
  5259.             "status": {"href": "/v1/payments/1234-wertiq-983/status"},
  5260.             "startAuthorisation": {"href": "/v1/payments1234-wertiq-983/authorisations"}
  5261.             }
  5262.         }
  5263.  
  5264.    
  5265.     paymentInitiationStatusResponse_json_Simple:
  5266.       value:
  5267.         {
  5268.         "transactionStatus": "ACCP"
  5269.         }
  5270.  
  5271.  
  5272.     paymentInitiationCancelResponse-204_202:
  5273.       value:
  5274.         {
  5275.           "transactionStatus": "CANC"
  5276.         }
  5277.  
  5278.  
  5279.     paymentInitiationStatusResponse_json_Extended:
  5280.       value: |
  5281.         {
  5282.           "transactionStatus": "ACCP",
  5283.           "scaStatus": "Some SCA Status"
  5284.         }
  5285.  
  5286.  
  5287.     transactionAuthorisationResponseExample:
  5288.       description: Response of a Transaction Authorisation request for the embedded approach.
  5289.       value:
  5290.         {
  5291.           "scaStatus": "finalised"
  5292.         }
  5293.  
  5294.  
  5295.     confirmationOfFundsExample:
  5296.       description: Request body for a confirmation of funds.
  5297.       value:
  5298.         {  
  5299.           "cardNumber": "12345678901234",
  5300.           "account": {"iban": "DE23100120020123456789"},
  5301.           "instructedAmount": {"currency": "EUR", "amount": "123"}
  5302.         }
  5303.  
  5304.  
  5305.     confirmationOfFundsResponseExample:
  5306.       description: Response for a confirmation of funds request.
  5307.       value:
  5308.         {
  5309.           "fundsAvailable": "true"
  5310.         }
  5311.  
  5312.  
  5313.     balancesExample2_MulticurrencyAcount:
  5314.       description: |
  5315.         Response in case of a multicurrency account with one account in EUR,
  5316.         one in USD, where the ASPSP has delivered a link to the balance endpoint relative to the aggregated
  5317.         multicurrency account (aggregation level).
  5318.       value:
  5319.         {
  5320.           "balances":
  5321.               [{"balanceType": "closingBooked",
  5322.                 "balanceAmount": {"currency": "EUR", "amount": "500.00"},
  5323.                 "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
  5324.                 "referenceDate": "2017-10-25"
  5325.                    },
  5326.               {"balanceType": "expected",
  5327.               "balanceAmount": {"currency": "EUR", "amount": "900.00"},
  5328.               "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
  5329.               "lastChangeDateTime": "2017-10-25T15:30:35.035Z"
  5330.               },
  5331.            {"balanceType": "closingBooked",
  5332.                 "balanceAmount": {"currency": "USD", "amount": "350.00"},
  5333.                 "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
  5334.                 "referenceDate": "2017-10-25"
  5335.                    },
  5336.               {"balanceType": "expected",
  5337.                "balanceAmount": {"currency": "USD", "amount": "350.00"},
  5338.                "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
  5339.                "lastChangeDateTime": "2017-10-24T14:30:21Z"
  5340.                    }]
  5341.         }
  5342.  
  5343.  
  5344.     transactionsExample1_RegularAccount_json:
  5345.       description: Response in JSON format for an access on a regular account
  5346.       value:
  5347.         {
  5348.           "account": {"iban": "DE2310010010123456788" },
  5349.           "transactions":
  5350.             {
  5351.             "booked":
  5352.               [{
  5353.               "transactionId": "1234567",
  5354.               "creditorName": "John Miles",
  5355.               "creditorAccount": {"iban": "DE67100100101306118605"},
  5356.               "transactionAmount": {"currency": "EUR", "amount": "256.67"},
  5357.               "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
  5358.               "bookingDate": "2017-10-25",
  5359.               "valueDate": "2017-10-26",
  5360.               "remittanceInformationUnstructured": "Example 1"
  5361.                 },{
  5362.                  "transactionId": "1234568",
  5363.                  "debtorName": "Paul Simpson",
  5364.                  "debtorAccount": {"iban": "NL76RABO0359400371"},
  5365.                  "transactionAmount": {"currency": "EUR", "amount": "343.01"},
  5366.                  "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
  5367.                  "bookingDate": "2017-10-25",
  5368.                  "valueDate": "2017-10-26",
  5369.                  "remittanceInformationUnstructured": "Example 2"
  5370.                 }],
  5371.             "pending":
  5372.               [{
  5373.                  "transactionId": "1234569",
  5374.                  "creditorName": "Claude Renault",
  5375.                  "creditorAccount": {"iban": "FR7612345987650123456789014"},
  5376.                  "subAccount": {"subAccountID": 0 , "subAccountName": "DO"},
  5377.                  "transactionAmount": {"currency": "EUR", "amount": "-100.03"},
  5378.                  "valueDate": "2017-10-26",
  5379.                  "remittanceInformationUnstructured": "Example 3"
  5380.                 }],
  5381.             "_links": {"account": {"href": "/v1/accounts/3dc3d5b3-7023-4848-9853-f5400a64e80f"}}
  5382.              }
  5383.         }
  5384.  
  5385.     transactionDetailsExample:
  5386.       description: Example for transaction details
  5387.       value:
  5388.         {
  5389.           "transactionsDetails":
  5390.              {
  5391.                "transactionId": "1234567",
  5392.                "creditorName": "John Miles",
  5393.                "creditorAccount": {"iban": "DE67100100101306118605"},
  5394.                "mandateId": "Mandate-2018-04-20-1234",
  5395.                "transactionAmount": {"currency": "EUR", "amount": "-256.67"},
  5396.                "bookingDate": "2017-10-25",
  5397.                "valueDate": "2017-10-26",
  5398.                "remittanceInformationUnstructured": "Example 1",
  5399.                "bankTransactionCode": "PMNT-RCVD-ESDD",
  5400.              }
  5401.         }
  5402.        
  5403.  
  5404.  
  5405.     authorisationListExample:
  5406.       value:
  5407.         {
  5408.           "authorisationIds": ["123auth456"]
  5409.         }
  5410.    
  5411.     cancellationListExample:
  5412.       value:
  5413.         {
  5414.           "cancellationIds": ["123auth456"]
  5415.         }
  5416.  
  5417.  
  5418. security:
  5419. #####################################################
  5420. # Global security options
  5421. #####################################################
  5422.   - {}
  5423.  
  5424.  
  5425. tags:
  5426. #####################################################
  5427. # Predefined Tags to Group Methods
  5428. #####################################################
  5429.  
  5430.   - name: Account Information Service (AIS)
  5431.     description: |
  5432.       The Account Information Service (AIS) offers the following services
  5433.         * Transaction reports for a given account including balances if applicable.
  5434.         * Balances of a given account ,
  5435.         * A list of available accounts ,
  5436.         * Account details of a given account or of the list of all accessible accounts relative to a granted consent
  5437.   - name: Payment Initiation Service (PIS)
  5438.     description: |
  5439.       The Decription for Payment Initiation Service (PIS) offers the following services:
  5440.         * Initiation and update of a payment request
  5441.         * Status information of a payment
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top