openapi: 3.1.0 info: title: Notification Rule Service API description: API for managing notification rules. Allows to define notification targets (e.g. a webhook URL) endpoints that receive notifications when specific transaction events occur. version: 1.0.0 servers: - url: https://api-test.bankfrick.li/onlinebanking/notifications description: Test - url: https://api.bankfrick.li/onlinebanking/notifications description: Production paths: /topics/instant-transactions/rules: get: tags: - instant-transactions-topic-rules-controller summary: List instant transaction notification rules description: Retrieves a paginated list of notification rules for the authenticated user operationId: listRules parameters: - name: pageSize in: query required: false schema: type: integer format: int32 default: 100 minimum: 1 - name: pageIndex in: query required: false schema: type: integer format: int32 default: 0 minimum: 0 responses: "200": description: Rules found content: application/json: schema: $ref: "#/components/schemas/InstantTransactionsRulesDto" "401": description: Missing or invalid authentication content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: unauthorized: description: unauthorized value: type: about:blank title: Unauthorized status: 401 detail: "Authentication failure: header missing" instance: /topics/instant-transactions/rules "403": description: Insufficient permissions content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: forbidden: description: forbidden value: type: about:blank title: Forbidden status: 403 detail: Insufficient permissions for this operation instance: /topics/instant-transactions/rules "500": description: Internal server error content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: internal_server_error: description: internal_server_error value: type: about:blank title: Internal Server Error status: 500 detail: An unexpected error occurred while processing your request instance: /topics/instant-transactions/rules security: - bearerAuth: [] post: tags: - instant-transactions-topic-rules-controller summary: Create new instant transaction notification rules description: Create new notification rules that define which transaction events trigger notifications. operationId: createRule parameters: - name: Algorithm in: header description: Signature algorithm used to sign the webhook payload required: true schema: type: string enum: - rsa-sha512 example: rsa-sha512 - name: Signature in: header description: Base64-encoded RSA signature of the webhook payload. Verify using the public key to ensure the webhook came from Bank Frick required: true schema: type: string example: MEUCIQDf...truncated... requestBody: content: application/json: schema: $ref: "#/components/schemas/CreateInstantTransactionsRulesDto" required: true responses: "201": description: Rules created successfully content: application/json: schema: $ref: "#/components/schemas/CreatedInstantTransactionsRulesDto" "400": description: Invalid webhook URL or invalid input content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: invalid_webhook_url: description: invalid_webhook_url value: type: about:blank title: Bad Request status: 400 detail: "Invalid webhook URL: not a valid URL" instance: /topics/instant-transactions/rules "401": description: Missing or invalid authentication content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: unauthorized: description: unauthorized value: type: about:blank title: Unauthorized status: 401 detail: "Authentication failure: header missing" instance: /topics/instant-transactions/rules "403": description: Insufficient permissions content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: forbidden: description: forbidden value: type: about:blank title: Forbidden status: 403 detail: Insufficient permissions for this operation instance: /topics/instant-transactions/rules "500": description: Internal server error content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: internal_server_error: description: internal_server_error value: type: about:blank title: Internal Server Error status: 500 detail: An unexpected error occurred while processing your request instance: /topics/instant-transactions/rules security: - bearerAuth: [] /topics/instant-transactions/rules/deactivation: post: tags: - instant-transactions-topic-rules-controller summary: Deactivate an instant transaction notification rule description: Deactivate an instant transaction notification rule which the authenticated user is allowed to manage operationId: deactivateRule requestBody: content: application/json: schema: $ref: "#/components/schemas/DeactivateInstantTransactionsRuleDto" required: true responses: "200": description: Rule deactivated content: application/json: schema: $ref: "#/components/schemas/InstantTransactionsRuleDto" "401": description: Missing or invalid authentication content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: unauthorized: description: unauthorized value: type: about:blank title: Unauthorized status: 401 detail: "Authentication failure: header missing" instance: /topics/instant-transactions/rules/deactivation "403": description: Insufficient permissions content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: forbidden: description: forbidden value: type: about:blank title: Forbidden status: 403 detail: Insufficient permissions for this operation instance: /topics/instant-transactions/rules/deactivation "500": description: Internal server error content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: internal_server_error: description: internal_server_error value: type: about:blank title: Internal Server Error status: 500 detail: An unexpected error occurred while processing your request instance: /topics/instant-transactions/rules/deactivation security: - bearerAuth: [] /topics/instant-transactions/rules/activation: post: tags: - instant-transactions-topic-rules-controller summary: Activate an instant transaction notification rule description: Activate an instant transaction notification rule which the authenticated user is allowed to manage operationId: activateRule requestBody: content: application/json: schema: $ref: "#/components/schemas/ActivateInstantTransactionsRuleDto" required: true responses: "200": description: Rule activated content: application/json: schema: $ref: "#/components/schemas/InstantTransactionsRuleDto" "401": description: Missing or invalid authentication content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: unauthorized: description: unauthorized value: type: about:blank title: Unauthorized status: 401 detail: "Authentication failure: header missing" instance: /topics/instant-transactions/rules/activation "403": description: Insufficient permissions content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: forbidden: description: forbidden value: type: about:blank title: Forbidden status: 403 detail: Insufficient permissions for this operation instance: /topics/instant-transactions/rules/activation "500": description: Internal server error content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDetail" examples: internal_server_error: description: internal_server_error value: type: about:blank title: Internal Server Error status: 500 detail: An unexpected error occurred while processing your request instance: /topics/instant-transactions/rules/activation security: - bearerAuth: [] components: schemas: CreateInstantTransactionsRulesDto: type: object description: Request to create new instant transaction notification rules properties: name: type: string description: Name of the rule example: All incoming instant transactions maxLength: 255 minLength: 3 accountNumbers: type: array description: Account numbers (IBANs) that this rule applies to example: - LI6808811000000001234 - LI11188110101101K001E - LI12345610609195K000E items: type: string minLength: 1 maxItems: 25 minItems: 1 uniqueItems: true targets: $ref: "#/components/schemas/NotificationTargetsDto" description: Notification targets (e.g. a webhook) for this rule events: type: array description: List of transaction events that trigger this rule items: $ref: "#/components/schemas/InstantTransactionsEventDto" minItems: 1 uniqueItems: true required: - accountNumbers - events - name - targets InstantTransactionsEventDto: type: object description: Transaction event that triggers a rule properties: type: $ref: "#/components/schemas/InstantTransactionsEventTypeDto" description: Type of instant transaction event required: - type InstantTransactionsEventTypeDto: type: string description: Type of instant transaction event enum: - INSTANT_TRANSACTION_RECEIVED NotificationTargetsDto: type: object description: Notification targets for a rule properties: webhookUrl: type: string format: uri description: |- Webhook URL that will receive notifications. Requirements: - Must use HTTPS protocol - Must point to a publicly resolvable domain (no IP addresses) example: https://api.example.com/webhooks/transactions maxLength: 2048 minLength: 1 required: - webhookUrl CreatedInstantTransactionsRulesDto: type: object description: List of instant transaction notification rules properties: rules: type: array description: List of rules that were created by the request items: $ref: "#/components/schemas/InstantTransactionsRuleDto" required: - rules InstantTransactionsRuleDto: type: object description: Instant transaction notification rule properties: id: type: string format: uuid description: Unique identifier of the rule status: type: string description: Current status of the rule (ACTIVE or INACTIVE) enum: - ACTIVE - INACTIVE name: type: string description: Name of the rule accountNumber: type: string description: Account number (IBAN) that this rule applies to targets: $ref: "#/components/schemas/NotificationTargetsDto" description: Notification targets for this rule events: type: array description: Transaction events that trigger this rule items: $ref: "#/components/schemas/InstantTransactionsEventDto" createdBy: type: string example: Contact 1234567 createdAt: type: string format: date-time lastModifiedBy: type: string example: Contact 1234567 lastModifiedAt: type: string format: date-time required: - accountNumber - events - id - name - status - targets ProblemDetail: type: object properties: type: type: string format: uri title: type: string status: type: integer format: int32 detail: type: string instance: type: string format: uri properties: type: object additionalProperties: {} DeactivateInstantTransactionsRuleDto: type: object description: Request to deactivate an existing instant transaction notification rule properties: id: type: string format: uuid description: Rule ID example: d73102e6-4741-4998-9bda-24f54200be84 required: - id ActivateInstantTransactionsRuleDto: type: object description: Request to activate an existing instant transaction notification rule properties: id: type: string format: uuid description: Rule ID example: d73102e6-4741-4998-9bda-24f54200be84 required: - id InstantTransactionsRulesDto: type: object description: Paginated list of instant transaction notification rules properties: rules: type: array description: List of rules on this page items: $ref: "#/components/schemas/InstantTransactionsRuleDto" pagination: $ref: "#/components/schemas/PaginationDto" description: Pagination metadata required: - pagination - rules PaginationDto: type: object description: Pagination metadata properties: totalCount: type: integer format: int64 description: Total number of items across all pages example: 101 pageIndex: type: integer format: int32 description: Index of the current page (0-based) example: 0 pageSize: type: integer format: int32 description: Number of items per page example: 100 hasMore: type: boolean description: Whether there are more items available on subsequent pages example: true required: - hasMore - pageIndex - pageSize - totalCount securitySchemes: bearerAuth: type: http description: JWT token from Online Banking WebAPI scheme: bearer bearerFormat: JWT