{ "swagger": "2.0", "info": { "title": "Confirmation of Funds API Specification", "description": "Swagger for Confirmation of Funds API Specification", "termsOfService": "https://www.openbanking.org.uk/terms", "contact": { "name": "Service Desk", "email": "ServiceDesk@openbanking.org.uk" }, "license": { "name": "open-licence", "url": "https://www.openbanking.org.uk/open-licence" }, "version": "v3.0.0" }, "basePath": "/open-banking/v3.0/cbpii", "schemes": [ "https" ], "consumes": [ "application/json; charset=utf-8" ], "produces": [ "application/json; charset=utf-8" ], "paths": { "/funds-confirmation-consents": { "post": { "tags": [ "Funds Confirmations" ], "summary": "Create Funds Confirmation Consent", "operationId": "CreateFundsConfirmationConsents", "parameters": [ { "$ref": "#/parameters/OBFundsConfirmationConsent1Param" }, { "$ref": "#/parameters/x-fapi-financial-id-Param" }, { "$ref": "#/parameters/x-fapi-customer-last-logged-time-Param" }, { "$ref": "#/parameters/x-fapi-customer-ip-address-Param" }, { "$ref": "#/parameters/x-fapi-interaction-id-Param" }, { "$ref": "#/parameters/AuthorizationParam" }, { "$ref": "#/parameters/x-customer-user-agent-Param" } ], "responses": { "201": { "$ref": "#/responses/201FundsConfirmationConsentsCreated" }, "400": { "$ref": "#/responses/400ErrorResponse" }, "401": { "$ref": "#/responses/401ErrorResponse" }, "403": { "$ref": "#/responses/403ErrorResponse" }, "404": { "$ref": "#/responses/404ErrorResponse" }, "405": { "$ref": "#/responses/405ErrorResponse" }, "406": { "$ref": "#/responses/406ErrorResponse" }, "415": { "$ref": "#/responses/415ErrorResponse" }, "429": { "$ref": "#/responses/429ErrorResponse" }, "500": { "$ref": "#/responses/500ErrorResponse" } }, "security": [ { "TPPOAuth2Security": [ "fundsconfirmations" ] } ] } }, "/funds-confirmation-consents/{ConsentId}": { "get": { "tags": [ "Funds Confirmations" ], "summary": "Get Funds Confirmation Consent", "operationId": "GetFundsConfirmationConsentsConsentId", "parameters": [ { "$ref": "#/parameters/ConsentId" }, { "$ref": "#/parameters/x-fapi-financial-id-Param" }, { "$ref": "#/parameters/x-fapi-customer-last-logged-time-Param" }, { "$ref": "#/parameters/x-fapi-customer-ip-address-Param" }, { "$ref": "#/parameters/x-fapi-interaction-id-Param" }, { "$ref": "#/parameters/AuthorizationParam" }, { "$ref": "#/parameters/x-customer-user-agent-Param" } ], "responses": { "200": { "$ref": "#/responses/200FundsConfirmationConsentsConsentIdRead" }, "400": { "$ref": "#/responses/400ErrorResponse" }, "401": { "$ref": "#/responses/401ErrorResponse" }, "403": { "$ref": "#/responses/403ErrorResponse" }, "404": { "$ref": "#/responses/404ErrorResponse" }, "405": { "$ref": "#/responses/405ErrorResponse" }, "406": { "$ref": "#/responses/406ErrorResponse" }, "429": { "$ref": "#/responses/429ErrorResponse" }, "500": { "$ref": "#/responses/500ErrorResponse" } }, "security": [ { "TPPOAuth2Security": [ "fundsconfirmations" ] } ] }, "delete": { "tags": [ "Funds Confirmations" ], "summary": "Delete Funds Confirmation Consent", "operationId": "DeleteFundsConfirmationConsentsConsentId", "parameters": [ { "$ref": "#/parameters/ConsentId" }, { "$ref": "#/parameters/x-fapi-financial-id-Param" }, { "$ref": "#/parameters/x-fapi-customer-last-logged-time-Param" }, { "$ref": "#/parameters/x-fapi-customer-ip-address-Param" }, { "$ref": "#/parameters/x-fapi-interaction-id-Param" }, { "$ref": "#/parameters/AuthorizationParam" }, { "$ref": "#/parameters/x-customer-user-agent-Param" } ], "responses": { "204": { "$ref": "#/responses/204FundsConfirmationConsentsConsentIdDeleted" }, "400": { "$ref": "#/responses/400ErrorResponse" }, "401": { "$ref": "#/responses/401ErrorResponse" }, "403": { "$ref": "#/responses/403ErrorResponse" }, "404": { "$ref": "#/responses/404ErrorResponse" }, "405": { "$ref": "#/responses/405ErrorResponse" }, "406": { "$ref": "#/responses/406ErrorResponse" }, "429": { "$ref": "#/responses/429ErrorResponse" }, "500": { "$ref": "#/responses/500ErrorResponse" } }, "security": [ { "TPPOAuth2Security": [ "fundsconfirmations" ] } ] } }, "/funds-confirmations": { "post": { "tags": [ "Funds Confirmations" ], "summary": "Create Funds Confirmation", "operationId": "CreateFundsConfirmations", "parameters": [ { "$ref": "#/parameters/OBFundsConfirmation1Param" }, { "$ref": "#/parameters/x-fapi-financial-id-Param" }, { "$ref": "#/parameters/x-fapi-customer-last-logged-time-Param" }, { "$ref": "#/parameters/x-fapi-customer-ip-address-Param" }, { "$ref": "#/parameters/x-fapi-interaction-id-Param" }, { "$ref": "#/parameters/AuthorizationParam" }, { "$ref": "#/parameters/x-customer-user-agent-Param" } ], "responses": { "201": { "$ref": "#/responses/201FundsConfirmationsCreated" }, "400": { "$ref": "#/responses/400ErrorResponse" }, "401": { "$ref": "#/responses/401ErrorResponse" }, "403": { "$ref": "#/responses/403ErrorResponse" }, "404": { "$ref": "#/responses/404ErrorResponse" }, "405": { "$ref": "#/responses/405ErrorResponse" }, "406": { "$ref": "#/responses/406ErrorResponse" }, "415": { "$ref": "#/responses/415ErrorResponse" }, "429": { "$ref": "#/responses/429ErrorResponse" }, "500": { "$ref": "#/responses/500ErrorResponse" } }, "security": [ { "PSUOAuth2Security": [ "fundsconfirmations" ] } ] } } }, "parameters": { "x-fapi-financial-id-Param": { "in": "header", "name": "x-fapi-financial-id", "type": "string", "required": true, "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." }, "x-fapi-customer-ip-address-Param": { "in": "header", "name": "x-fapi-customer-ip-address", "type": "string", "required": false, "description": "The PSU's IP address if the PSU is currently logged in with the TPP." }, "x-fapi-interaction-id-Param": { "in": "header", "name": "x-fapi-interaction-id", "type": "string", "required": false, "description": "An RFC4122 UID used as a correlation id." }, "x-fapi-customer-last-logged-time-Param": { "in": "header", "name": "x-fapi-customer-last-logged-time", "type": "string", "required": false, "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" }, "AuthorizationParam": { "in": "header", "name": "Authorization", "type": "string", "required": true, "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" }, "OBFundsConfirmation1Param": { "name": "OBFundsConfirmation1Param", "in": "body", "description": "Default", "required": true, "schema": { "$ref": "#/definitions/OBFundsConfirmation1" } }, "OBFundsConfirmationConsent1Param": { "name": "OBFundsConfirmationConsent1Param", "in": "body", "description": "Default", "required": true, "schema": { "$ref": "#/definitions/OBFundsConfirmationConsent1" } }, "ConsentId": { "name": "ConsentId", "in": "path", "description": "ConsentId", "required": true, "type": "string" }, "x-customer-user-agent-Param": { "in": "header", "name": "x-customer-user-agent", "type": "string", "description": "Indicates the user-agent that the PSU is using.", "required": false } }, "responses": { "201FundsConfirmationsCreated": { "description": "Funds Confirmation Created", "headers": { "x-fapi-interaction-id": { "type": "string", "description": "An RFC4122 UID used as a correlation id." } }, "schema": { "$ref": "#/definitions/OBFundsConfirmationResponse1" } }, "201FundsConfirmationConsentsCreated": { "description": "Funds Confirmation Consent Created", "headers": { "x-fapi-interaction-id": { "type": "string", "description": "An RFC4122 UID used as a correlation id." } }, "schema": { "$ref": "#/definitions/OBFundsConfirmationConsentResponse1" } }, "200FundsConfirmationConsentsConsentIdRead": { "description": "Funds Confirmation Consent Read", "headers": { "x-fapi-interaction-id": { "type": "string", "description": "An RFC4122 UID used as a correlation id." } }, "schema": { "$ref": "#/definitions/OBFundsConfirmationConsentResponse1" } }, "204FundsConfirmationConsentsConsentIdDeleted": { "description": "Funds Confirmation Consent Deleted", "headers": { "x-fapi-interaction-id": { "type": "string", "description": "An RFC4122 UID used as a correlation id." } } }, "400ErrorResponse": { "description": "Bad request", "schema": { "$ref": "#/definitions/OBErrorResponse1" } }, "401ErrorResponse": { "description": "Unauthorized" }, "403ErrorResponse": { "description": "Forbidden" }, "404ErrorResponse": { "description": "Not found" }, "405ErrorResponse": { "description": "Method Not Allowed" }, "406ErrorResponse": { "description": "Not Acceptable" }, "415ErrorResponse": { "description": "Unsupported Media Type" }, "429ErrorResponse": { "description": "Too Many Requests", "headers": { "Retry-After": { "description": "Number in seconds to wait", "type": "integer" } } }, "500ErrorResponse": { "description": "Internal Server Error", "schema": { "$ref": "#/definitions/OBErrorResponse1" } } }, "securityDefinitions": { "PSUOAuth2Security": { "type": "oauth2", "flow": "accessCode", "tokenUrl": "https://authserver.example/token", "authorizationUrl": "https://authserver.example/authorization", "scopes": { "fundsconfirmations": "Funds confirmation entitlement" }, "description": "OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU" }, "TPPOAuth2Security": { "type": "oauth2", "flow": "application", "tokenUrl": "https://authserver.example/token", "scopes": { "fundsconfirmations": "Funds confirmation entitlement" }, "description": "TPP client credential authorisation flow with the ASPSP" } }, "definitions": { "OBActiveCurrencyAndAmount_SimpleType": { "description": "A number of monetary units specified in an active currency where the unit of currency is explicit and compliant with ISO 4217.", "type": "string", "pattern": "^\\d{1,13}\\.\\d{1,5}$" }, "OBActiveOrHistoricCurrencyAndAmount": { "description": "Amount of money to be confirmed as available funds in the debtor account. Contains an Amount and a Currency.", "type": "object", "properties": { "Amount": { "$ref": "#/definitions/OBActiveCurrencyAndAmount_SimpleType" }, "Currency": { "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 \"Codes for the representation of currencies and funds\".", "type": "string", "pattern": "^[A-Z]{3,3}$" } }, "required": [ "Amount", "Currency" ], "additionalProperties": false }, "OBCashAccountDebtor3": { "description": "Unambiguous identification of the account of the debtor to which a confirmation of funds consent will be applied.", "type": "object", "properties": { "SchemeName": { "description": "Name of the identification scheme, in a coded form as published in an external list.", "type": "string", "minLength": 1, "maxLength": 40 }, "Identification": { "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", "type": "string", "minLength": 1, "maxLength": 256 }, "Name": { "description": "Name of the account, as assigned by the account servicing institution.\nUsage: The account name is the name or names of the account owner(s) represented at an account level. The account name is not the product name or the nickname of the account.", "type": "string", "minLength": 1, "maxLength": 70 }, "SecondaryIdentification": { "description": "This is secondary identification of the account, as assigned by the account servicing institution. \nThis can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).", "type": "string", "minLength": 1, "maxLength": 34 } }, "required": [ "SchemeName", "Identification" ], "additionalProperties": false }, "OBExternalRequestStatus1Code": { "description": "Specifies the status of consent resource in code form.", "type": "string", "enum": [ "Authorised", "AwaitingAuthorisation", "Rejected", "Revoked" ] }, "OBFundsConfirmation1": { "type": "object", "properties": { "Data": { "$ref": "#/definitions/OBFundsConfirmationData1" } }, "required": [ "Data" ], "additionalProperties": false }, "OBFundsConfirmationConsent1": { "type": "object", "properties": { "Data": { "$ref": "#/definitions/OBFundsConfirmationConsentData1" } }, "required": [ "Data" ], "additionalProperties": false }, "OBFundsConfirmationConsentData1": { "type": "object", "properties": { "ExpirationDateTime": { "description": "Specified date and time the funds confirmation authorisation will expire.\n If this is not populated, the authorisation will be open ended.\nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", "type": "string", "format": "date-time" }, "DebtorAccount": { "$ref": "#/definitions/OBCashAccountDebtor3" } }, "required": [ "DebtorAccount" ], "additionalProperties": false }, "OBFundsConfirmationConsentDataResponse1": { "type": "object", "properties": { "ConsentId": { "description": "Unique identification as assigned to identify the funds confirmation consent resource.", "type": "string", "minLength": 1, "maxLength": 128 }, "CreationDateTime": { "description": "Date and time at which the resource was created.\nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", "type": "string", "format": "date-time" }, "Status": { "$ref": "#/definitions/OBExternalRequestStatus1Code" }, "StatusUpdateDateTime": { "description": "Date and time at which the resource status was updated.\nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", "type": "string", "format": "date-time" }, "ExpirationDateTime": { "description": "Specified date and time the funds confirmation authorisation will expire.\nIf this is not populated, the authorisation will be open ended.\nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", "type": "string", "format": "date-time" }, "DebtorAccount": { "$ref": "#/definitions/OBCashAccountDebtor3" } }, "required": [ "ConsentId", "CreationDateTime", "Status", "StatusUpdateDateTime", "DebtorAccount" ], "additionalProperties": false }, "OBFundsConfirmationConsentResponse1": { "type": "object", "properties": { "Data": { "$ref": "#/definitions/OBFundsConfirmationConsentDataResponse1" }, "Links": { "$ref": "#/definitions/Links" }, "Meta": { "$ref": "#/definitions/Meta" } }, "required": [ "Data", "Links", "Meta" ], "additionalProperties": false }, "OBFundsConfirmationData1": { "type": "object", "properties": { "ConsentId": { "description": "Unique identification as assigned by the ASPSP to uniquely identify the funds confirmation consent resource.", "type": "string", "minLength": 1, "maxLength": 128 }, "Reference": { "description": "Unique reference, as assigned by the CBPII, to unambiguously refer to the request related to the payment transaction.", "type": "string", "minLength": 1, "maxLength": 35 }, "InstructedAmount": { "$ref": "#/definitions/OBActiveOrHistoricCurrencyAndAmount" } }, "required": [ "ConsentId", "Reference", "InstructedAmount" ], "additionalProperties": false }, "OBFundsConfirmationDataResponse1": { "type": "object", "properties": { "FundsConfirmationId": { "description": "Unique identification as assigned by the ASPSP to uniquely identify the funds confirmation resource.", "type": "string", "minLength": 1, "maxLength": 40 }, "ConsentId": { "description": "Unique identification as assigned by the ASPSP to uniquely identify the funds confirmation consent resource.", "type": "string", "minLength": 1, "maxLength": 128 }, "CreationDateTime": { "description": "Date and time at which the resource was created.\nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", "type": "string", "format": "date-time" }, "FundsAvailable": { "description": "Flag to indicate the result of a confirmation of funds check.", "type": "boolean" }, "Reference": { "description": "Unique reference, as assigned by the CBPII, to unambiguously refer to the request related to the payment transaction.", "type": "string", "minLength": 1, "maxLength": 35 }, "InstructedAmount": { "$ref": "#/definitions/OBActiveOrHistoricCurrencyAndAmount" } }, "required": [ "FundsConfirmationId", "ConsentId", "CreationDateTime", "FundsAvailable", "Reference", "InstructedAmount" ], "additionalProperties": false }, "OBFundsConfirmationResponse1": { "type": "object", "properties": { "Data": { "$ref": "#/definitions/OBFundsConfirmationDataResponse1" }, "Links": { "$ref": "#/definitions/Links" }, "Meta": { "$ref": "#/definitions/Meta" } }, "required": [ "Data", "Links", "Meta" ], "additionalProperties": false }, "Links": { "type": "object", "description": "Links relevant to the payload", "properties": { "Self": { "type": "string", "format": "uri" }, "First": { "type": "string", "format": "uri" }, "Prev": { "type": "string", "format": "uri" }, "Next": { "type": "string", "format": "uri" }, "Last": { "type": "string", "format": "uri" } }, "additionalProperties": false, "required": [ "Self" ] }, "Meta": { "title": "MetaData", "type": "object", "description": "Meta Data relevant to the payload", "properties": { "TotalPages": { "type": "integer", "format": "int32" }, "FirstAvailableDateTime": { "$ref": "#/definitions/ISODateTime" }, "LastAvailableDateTime": { "$ref": "#/definitions/ISODateTime" } }, "additionalProperties": false }, "ISODateTime": { "description": "All dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", "type": "string", "format": "date-time" }, "OBError1": { "type": "object", "properties": { "ErrorCode": { "description": "Low level textual error code, e.g., UK.OBIE.Field.Missing", "type": "string", "minLength": 1, "maxLength": 128 }, "Message": { "description": "A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'\nOBIE doesn't standardise this field", "type": "string", "minLength": 1, "maxLength": 500 }, "Path": { "description": "Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency", "type": "string", "minLength": 1, "maxLength": 500 }, "Url": { "description": "URL to help remediate the problem, or provide more information, or to API Reference, or help etc", "type": "string" } }, "required": [ "ErrorCode", "Message" ], "additionalProperties": false, "minProperties": 1 }, "OBErrorResponse1": { "description": "An array of detail error codes, and messages, and URLs to documentation to help remediation.", "type": "object", "properties": { "Code": { "description": "High level textual error code, to help categorize the errors.", "type": "string", "minLength": 1, "maxLength": 40 }, "Id": { "description": "A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.", "type": "string", "minLength": 1, "maxLength": 40 }, "Message": { "description": "Brief Error message, e.g., 'There is something wrong with the request parameters provided'", "type": "string", "minLength": 1, "maxLength": 500 }, "Errors": { "items": { "$ref": "#/definitions/OBError1" }, "type": "array", "minItems": 1 } }, "required": [ "Code", "Message", "Errors" ], "additionalProperties": false } } }