-
Account
-
The thing that tokens of value (money) come in and out of. An account has one or more `owners` whichMore...
- Create Account
-
-
Account Access
-
Account Access is OBP View system. The Account owners can create the view themselves. And they canMore...
- Create (DAuth) User with Account Access
- Grant User access to View
- Revoke User access to View
- Revoke/Grant User access to View
-
-
Consent
-
Consents provide a mechanism by which a third party App or User can access resources on behalf of aMore...
- Add User to a Consent
- Answer Consent Challenge
- Create Consent (EMAIL)
- Create Consent (SMS)
- Create Consent By CONSENT_REQUEST_ID (EMAIL)
- Create Consent By CONSENT_REQUEST_ID (SMS)
- Create Consent Request
- Get Consent By Consent Request Id
- Get Consent Request
- Get Consents
- Get Consents Info
- Provide client's certificate info of a current call
- Revoke Consent
- Revoke Consent at Bank
- Revoke Consent used in the Current Call
- Update Consent Status
-
-
Customer
-
The legal entity that has the relationship to the bank. Customers are linked to Users via `User CusMore...
- Create User Customer Link
- Get Customers Minimal at Any Bank
- Get Customers Minimal at Bank
- Get Customers at Any Bank
- Get Customers at Bank
- Get Customers for Current User
- Get My Customers
-
-
Role
- Add Entitlement for a User
- Create (DAuth) User with Roles
- Create Entitlement Request for current User
- Delete Entitlement
- Delete Entitlement Request
- Get Entitlement Requests for a User
- Get Entitlement Requests for the current User
- Get Entitlements for One Bank
- Get Entitlements for User
- Get Entitlements for User at Bank
- Get Entitlements for the current User
- Get Roles
- Get all Entitlement Requests
- Get all Entitlements
-
User
-
The entity that accesses the API with a login / authorisation token and has access to zero or moreMore...
- Answer User Auth Context Update Challenge
- Create My Personal User Attribute
- Create Non Personal User Attribute
- Create User
- Create User Auth Context
- Create User Auth Context Update Request
- Create password reset url
- Delete Non Personal User Attribute
- Delete User Auth Context
- Delete User's Auth Contexts
- Delete a User
- Get Logout Link
- Get My Personal User Attributes
- Get My Spaces
- Get Non Personal User Attributes
- Get User (Current)
- Get User Auth Contexts
- Get User Id (Current)
- Get User Lock Status
- Get User by USERNAME
- Get User by USER_ID
- Get User with Attributes by USER_ID
- Get Users by Email Address
- Get all Users
- Lock the user
- Refresh User
- Unlock the user
- Update My Personal User Attribute
-
-
Account
-
Account Access
- Create (DAuth) User with Account Access
- Grant User access to View
- Revoke User access to View
- Revoke/Grant User access to View
-
Consent
- Add User to a Consent
- Answer Consent Challenge
- Create Consent (EMAIL)
- Create Consent (SMS)
- Create Consent By CONSENT_REQUEST_ID (EMAIL)
- Create Consent By CONSENT_REQUEST_ID (SMS)
- Create Consent Request
- Get Consent By Consent Request Id
- Get Consent Request
- Get Consents
- Get Consents Info
- Provide client's certificate info of a current call
- Revoke Consent
- Revoke Consent at Bank
- Revoke Consent used in the Current Call
- Update Consent Status
-
Customer
- Create User Customer Link
- Get Customers Minimal at Any Bank
- Get Customers Minimal at Bank
- Get Customers at Any Bank
- Get Customers at Bank
- Get Customers for Current User
- Get My Customers
-
Role
- Add Entitlement for a User
- Create (DAuth) User with Roles
- Create Entitlement Request for current User
- Delete Entitlement
- Delete Entitlement Request
- Get Entitlement Requests for a User
- Get Entitlement Requests for the current User
- Get Entitlements for One Bank
- Get Entitlements for User
- Get Entitlements for User at Bank
- Get Entitlements for the current User
- Get Roles
- Get all Entitlement Requests
- Get all Entitlements
-
User
- Answer User Auth Context Update Challenge
- Create My Personal User Attribute
- Create Non Personal User Attribute
- Create User
- Create User Auth Context
- Create User Auth Context Update Request
- Create password reset url
- Delete Non Personal User Attribute
- Delete User Auth Context
- Delete User's Auth Contexts
- Delete a User
- Get Logout Link
- Get My Personal User Attributes
- Get My Spaces
- Get Non Personal User Attributes
- Get User (Current)
- Get User Auth Contexts
- Get User Id (Current)
- Get User Lock Status
- Get User by USERNAME
- Get User by USER_ID
- Get User with Attributes by USER_ID
- Get Users by Email Address
- Get all Users
- Lock the user
- Refresh User
- Unlock the user
- Update My Personal User Attribute
-
View Custom
v5.1.0 filtered by tags: User ... (72 APIs)
Create Account
Create Account at bank specified by BANK_ID with Id specified by ACCOUNT_ID.
The User can create an Account for themself - or - the User that has the USER_ID specified in the POST body.
If the PUT body USER_ID is specified, the logged in user must have the Role canCreateAccount. Once created, the Account will be owned by the User specified by USER_ID.
If the PUT body USER_ID is not specified, the account will be owned by the logged in User.
The 'product_code' field SHOULD be a product_code from Product.
If the 'product_code' matches a product_code from Product, account attributes will be created that match the Product Attributes.
Note: The Amount MUST be zero.
Authentication is Mandatory
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
amount: 10.12
balance: 10
branch_id: DERBY6
currency: EUR
label: My Account
name: ACCOUNT_MANAGEMENT_FEE
product_code: 1234BW
scheme: scheme value
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
product_instance_code: product_instance_code
{
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"label":"My Account",
"product_code":"1234BW",
"balance":{
"currency":"EUR",
"amount":"0"
},
"branch_id":"DERBY6",
"account_routings":[{
"scheme":"AccountNumber",
"address":"4930396"
}],
"account_attributes":[{
"product_code":"1234BW",
"account_attribute_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"name":"OVERDRAFT_START_DATE",
"type":"DATE_WITH_DAY",
"value":"2012-04-23",
"product_instance_code":"LKJL98769F"
}]
}
-
CanCreateAccount
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-10001: Incorrect json format.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-20001: User not logged in. Authentication is required!
- OBP-30107: Invalid User Id.
- OBP-30110: Invalid Account Id. The ACCOUNT_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-20006: User is missing one or more roles:
- OBP-30106: Invalid Balance Amount.
- OBP-30112: Invalid Number. Initial balance must be a number, e.g 1000.00
- OBP-30109: Initial Balance of Account must be Zero (0).
- OBP-30105: Invalid Balance Currency.
- OBP-30208: Account_ID already exists at the Bank.
- OBP-50000: Unknown Error.
Create (DAuth) User with Account Access
This endpoint is used as part of the DAuth solution to grant access to account and transaction data to a smart contract on the blockchain.
Put the smart contract address in username
For provider use "dauth"
This endpoint will create the (DAuth) User with username and provider if the User does not already exist.
Authentication is Mandatory and the logged in user needs to be account holder.
For information about DAuth see below:
DAuth
DAuth Introduction, Setup and Usage
DAuth is an experimental authentication mechanism that aims to pin an ethereum or other blockchain Smart Contract to an OBP "User".
In the future, it might be possible to be more specific and pin specific actors (wallets) that are acting within the smart contract, but so far, one smart contract acts on behalf of one User.
Thus, if a smart contract "X" calls the OBP API using the DAuth header, OBP will get or create a user called X and the call will proceed in the context of that User "X".
DAuth is invoked by the REST client (caller) including a specific header (see step 3 below) in any OBP REST call.
When OBP receives the DAuth token, it creates or gets a User with a username based on the smart_contract_address and the provider based on the network_name. The combination of username and provider is unique in OBP.
If you are calling OBP-API via an API3 Airnode, the Airnode will take care of constructing the required header.
When OBP detects a DAuth header / token it first checks if the Consumer is allowed to make such a call. OBP will validate the Consumer ip address and signature etc.
Note: The DAuth flow does not require an explicit POST like Direct Login to create the token.
Permissions may be assigned to an OBP User at any time, via the UserAuthContext, Views, Entitlements to Roles or Consents.
Note: DAuth is enabled.
Note: The DAuth client is responsible for creating a token which will be trusted by OBP absolutely!
To use DAuth:
1) Configure OBP API to accept DAuth.
Set up properties in your props file
# -- DAuth --------------------------------------
# Define secret used to validate JWT token
# jwt.public_key_rsa=path-to-the-pem-file
# Enable/Disable DAuth communication at all
# In case isn't defined default value is false
# allow_dauth=false
# Define comma separated list of allowed IP addresses
# dauth.host=127.0.0.1
# -------------------------------------- DAuth--
Please keep in mind that property jwt.public_key_rsa is used to validate JWT token to check it is not changed or corrupted during transport.
2) Create / have access to a JWT
The following videos are available:
* DAuth in local environment
HEADER:ALGORITHM & TOKEN TYPE
{
"alg": "RS256",
"typ": "JWT"
}
PAYLOAD:DATA
{
"smart_contract_address": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"network_name": "AIRNODE.TESTNET.ETHEREUM",
"msg_sender": "0xe12340927f1725E7734CE288F8367e1Bb143E90fhku767",
"consumer_key": "0x1234a4ec31e89cea54d1f125db7536e874ab4a96b4d4f6438668b6bb10a6adb",
"timestamp": "2021-11-04T14:13:40Z",
"request_id": "0Xe876987694328763492876348928736497869273649"
}
VERIFY SIGNATURE
RSASHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
) your-RSA-key-pair
Here is an example token:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k
3) Try a REST call using the header
Using your favorite http client:
GET https://api3.openbankproject.com/obp/v3.0.0/users/current
Body
Leave Empty!
Headers:
DAuth: your-jwt-from-step-above
Here is it all together:
GET https://api3.openbankproject.com/obp/v3.0.0/users/current HTTP/1.1
Host: localhost:8080
User-Agent: curl/7.47.0
Accept: /
DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k
CURL example
curl -v -H 'DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k' https://api3.openbankproject.com/obp/v3.0.0/users/current
You should receive a response like:
{
"user_id": "4c4d3175-1e5c-4cfd-9b08-dcdc209d8221",
"email": "",
"provider_id": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"provider": "ETHEREUM",
"username": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"entitlements": {
"list": []
}
}
Under the hood
The file, dauth.scala handles the DAuth,
We:
-> Check if Props allow_dauth is true
-> Check if DAuth header exists
-> Check if getRemoteIpAddress is OK
-> Look for "token"
-> parse the JWT token and getOrCreate the user
-> get the data of the user
More information
Parameter names and values are case sensitive.
Each parameter MUST NOT appear more than once per request.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON request body fields:
is_system: true
provider: ETHEREUM
username: felixsmith
view_id: owner
JSON response body fields:
can_add_counterparty: true
can_add_image_url: true
can_add_more_info: true
can_add_tag: true
can_add_transaction_request_to_any_account:
can_add_transaction_request_to_own_account:
can_create_direct_debit: true
can_delete_corporate_location: true
can_delete_image: true
can_delete_where_tag: true
can_edit_owner_comment: true
can_query_available_funds: true
can_see_bank_account_bank_name: true
can_see_bank_account_credit_limit: true
can_see_bank_account_currency:
can_see_bank_account_label: true
can_see_bank_account_national_identifier:
can_see_bank_account_number: true
can_see_bank_account_owners: true
can_see_bank_account_routing_address:
can_see_bank_account_routing_scheme:
can_see_bank_account_swift_bic:
can_see_bank_routing_address: true
can_see_corporate_location: true
can_see_image_url: true
can_see_images: true
can_see_other_account_bank_name:
can_see_other_account_metadata:
can_see_other_account_national_identifier: true
can_see_other_account_number: true
can_see_other_account_routing_address: true
can_see_other_account_routing_scheme:
can_see_other_account_swift_bic: true
can_see_other_bank_routing_address:
can_see_other_bank_routing_scheme:
can_see_transaction_amount: true
can_see_transaction_description: true
can_see_transaction_finish_date:
can_see_transaction_other_bank_account:
can_see_transaction_start_date:
can_see_transaction_this_bank_account:
can_see_url: true
can_see_where_tag: true
description: This an optional field. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
is_public: true
is_system: true
[{
"id":"1234",
"short_name":"short_name",
"description":"description",
"metadata_view":"owner",
"is_public":true,
"is_system":true,
"alias":"No",
"hide_metadata_if_alias_used":true,
"can_add_comment":true,
"can_add_corporate_location":true,
"can_add_image":true,
"can_add_image_url":true,
"can_add_more_info":true,
"can_add_open_corporates_url":true,
"can_add_physical_location":true,
"can_add_private_alias":true,
"can_add_public_alias":true,
"can_add_tag":true,
"can_add_url":true,
"can_add_where_tag":true,
"can_delete_comment":true,
"can_add_counterparty":true,
"can_delete_corporate_location":true,
"can_delete_image":true,
"can_delete_physical_location":true,
"can_delete_tag":true,
"can_delete_where_tag":true,
"can_edit_owner_comment":true,
"can_see_bank_account_balance":true,
"can_query_available_funds":true,
"can_see_bank_account_bank_name":true,
"can_see_bank_account_currency":true,
"can_see_bank_account_iban":true,
"can_see_bank_account_label":true,
"can_see_bank_account_national_identifier":true,
"can_see_bank_account_number":true,
"can_see_bank_account_owners":true,
"can_see_bank_account_swift_bic":true,
"can_see_bank_account_type":true,
"can_see_comments":true,
"can_see_corporate_location":true,
"can_see_image_url":true,
"can_see_images":true,
"can_see_more_info":true,
"can_see_open_corporates_url":true,
"can_see_other_account_bank_name":true,
"can_see_other_account_iban":true,
"can_see_other_account_kind":true,
"can_see_other_account_metadata":true,
"can_see_other_account_national_identifier":true,
"can_see_other_account_number":true,
"can_see_other_account_swift_bic":true,
"can_see_owner_comment":true,
"can_see_physical_location":true,
"can_see_private_alias":true,
"can_see_public_alias":true,
"can_see_tags":true,
"can_see_transaction_amount":true,
"can_see_transaction_balance":true,
"can_see_transaction_currency":true,
"can_see_transaction_description":true,
"can_see_transaction_finish_date":true,
"can_see_transaction_metadata":true,
"can_see_transaction_other_bank_account":true,
"can_see_transaction_start_date":true,
"can_see_transaction_this_bank_account":true,
"can_see_transaction_type":true,
"can_see_url":true,
"can_see_where_tag":true,
"can_see_bank_routing_scheme":true,
"can_see_bank_routing_address":true,
"can_see_bank_account_routing_scheme":true,
"can_see_bank_account_routing_address":true,
"can_see_other_bank_routing_scheme":true,
"can_see_other_bank_routing_address":true,
"can_see_other_account_routing_scheme":true,
"can_see_other_account_routing_address":true,
"can_add_transaction_request_to_own_account":true,
"can_add_transaction_request_to_any_account":true,
"can_see_bank_account_credit_limit":true,
"can_create_direct_debit":true,
"can_create_standing_order":true
}]
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20047: User must have access to the owner view or must be an account holder.
- OBP-10001: Incorrect json format.
- OBP-30252: System view not found. Please specify a valid value for VIEW_ID
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-30063: Cannot grant account access.
- OBP-50000: Unknown Error.
Grant User access to View
Grants the User identified by USER_ID access to the view identified by VIEW_ID.
Authentication is Mandatory and the user needs to be account holder.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON request body fields:
is_system: true
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
view:
view_id: owner
JSON response body fields:
can_add_counterparty: true
can_add_image_url: true
can_add_more_info: true
can_add_tag: true
can_add_transaction_request_to_any_account:
can_add_transaction_request_to_own_account:
can_create_direct_debit: true
can_delete_corporate_location: true
can_delete_image: true
can_delete_where_tag: true
can_edit_owner_comment: true
can_query_available_funds: true
can_see_bank_account_bank_name: true
can_see_bank_account_credit_limit: true
can_see_bank_account_currency:
can_see_bank_account_label: true
can_see_bank_account_national_identifier:
can_see_bank_account_number: true
can_see_bank_account_owners: true
can_see_bank_account_routing_address:
can_see_bank_account_routing_scheme:
can_see_bank_account_swift_bic:
can_see_bank_routing_address: true
can_see_corporate_location: true
can_see_image_url: true
can_see_images: true
can_see_other_account_bank_name:
can_see_other_account_metadata:
can_see_other_account_national_identifier: true
can_see_other_account_number: true
can_see_other_account_routing_address: true
can_see_other_account_routing_scheme:
can_see_other_account_swift_bic: true
can_see_other_bank_routing_address:
can_see_other_bank_routing_scheme:
can_see_transaction_amount: true
can_see_transaction_description: true
can_see_transaction_finish_date:
can_see_transaction_other_bank_account:
can_see_transaction_start_date:
can_see_transaction_this_bank_account:
can_see_url: true
can_see_where_tag: true
description: This an optional field. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
is_public: true
is_system: true
{
"id":"1234",
"short_name":"short_name",
"description":"description",
"metadata_view":"owner",
"is_public":true,
"is_system":true,
"alias":"No",
"hide_metadata_if_alias_used":true,
"can_add_comment":true,
"can_add_corporate_location":true,
"can_add_image":true,
"can_add_image_url":true,
"can_add_more_info":true,
"can_add_open_corporates_url":true,
"can_add_physical_location":true,
"can_add_private_alias":true,
"can_add_public_alias":true,
"can_add_tag":true,
"can_add_url":true,
"can_add_where_tag":true,
"can_delete_comment":true,
"can_add_counterparty":true,
"can_delete_corporate_location":true,
"can_delete_image":true,
"can_delete_physical_location":true,
"can_delete_tag":true,
"can_delete_where_tag":true,
"can_edit_owner_comment":true,
"can_see_bank_account_balance":true,
"can_query_available_funds":true,
"can_see_bank_account_bank_name":true,
"can_see_bank_account_currency":true,
"can_see_bank_account_iban":true,
"can_see_bank_account_label":true,
"can_see_bank_account_national_identifier":true,
"can_see_bank_account_number":true,
"can_see_bank_account_owners":true,
"can_see_bank_account_swift_bic":true,
"can_see_bank_account_type":true,
"can_see_comments":true,
"can_see_corporate_location":true,
"can_see_image_url":true,
"can_see_images":true,
"can_see_more_info":true,
"can_see_open_corporates_url":true,
"can_see_other_account_bank_name":true,
"can_see_other_account_iban":true,
"can_see_other_account_kind":true,
"can_see_other_account_metadata":true,
"can_see_other_account_national_identifier":true,
"can_see_other_account_number":true,
"can_see_other_account_swift_bic":true,
"can_see_owner_comment":true,
"can_see_physical_location":true,
"can_see_private_alias":true,
"can_see_public_alias":true,
"can_see_tags":true,
"can_see_transaction_amount":true,
"can_see_transaction_balance":true,
"can_see_transaction_currency":true,
"can_see_transaction_description":true,
"can_see_transaction_finish_date":true,
"can_see_transaction_metadata":true,
"can_see_transaction_other_bank_account":true,
"can_see_transaction_start_date":true,
"can_see_transaction_this_bank_account":true,
"can_see_transaction_type":true,
"can_see_url":true,
"can_see_where_tag":true,
"can_see_bank_routing_scheme":true,
"can_see_bank_routing_address":true,
"can_see_bank_account_routing_scheme":true,
"can_see_bank_account_routing_address":true,
"can_see_other_bank_routing_scheme":true,
"can_see_other_bank_routing_address":true,
"can_see_other_account_routing_scheme":true,
"can_see_other_account_routing_address":true,
"can_add_transaction_request_to_own_account":true,
"can_add_transaction_request_to_any_account":true,
"can_see_bank_account_credit_limit":true,
"can_create_direct_debit":true,
"can_create_standing_order":true
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20047: User must have access to the owner view or must be an account holder.
- OBP-10001: Incorrect json format.
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-30252: System view not found. Please specify a valid value for VIEW_ID
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-30063: Cannot grant account access.
- OBP-50000: Unknown Error.
Revoke User access to View
Revoke the User identified by USER_ID access to the view identified by VIEW_ID.
Authentication is Mandatory and the user needs to be account holder.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON request body fields:
is_system: true
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
view:
view_id: owner
JSON response body fields:
{
"revoked":true
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20047: User must have access to the owner view or must be an account holder.
- OBP-10001: Incorrect json format.
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-30252: System view not found. Please specify a valid value for VIEW_ID
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-30064: Cannot revoke account access.
- OBP-30065: Cannot find account access.
- OBP-50000: Unknown Error.
Revoke/Grant User access to View
Revoke/Grant the logged in User access to the views identified by json.
Authentication is Mandatory and the user needs to be an account holder or has owner view access.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON response body fields:
{
"revoked":true
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20047: User must have access to the owner view or must be an account holder.
- OBP-10001: Incorrect json format.
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-30252: System view not found. Please specify a valid value for VIEW_ID
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-30064: Cannot revoke account access.
- OBP-30065: Cannot find account access.
- OBP-50000: Unknown Error.
Add User to a Consent
This endpoint is used to add the User of Consent.
Each Consent has one of the following states: INITIATED, ACCEPTED, REJECTED, REVOKED, RECEIVED, VALID, REVOKEDBYPSU, EXPIRED, TERMINATEDBYTPP, AUTHORISED, AWAITINGAUTHORISATION.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
jwt:
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"AUTHORISED"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20057: User not found by userId.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-35024: The Consent's User is already added.
- OBP-10001: Incorrect json format.
- OBP-35001: Consent not found by CONSENT_ID.
- OBP-50000: Unknown Error.
Answer Consent Challenge
An OBP Consent allows the holder of the Consent to call one or more endpoints.
Consents must be created and authorisied using SCA (Strong Customer Authentication).
That is, Consents can be created by an authorised User via the OBP REST API but they must be confirmed via an out of band (OOB) mechanism such as a code sent to a mobile phone.
Each Consent has one of the following states: INITIATED, ACCEPTED, REJECTED, REVOKED, RECEIVED, VALID, REVOKEDBYPSU, EXPIRED, TERMINATEDBYTPP, AUTHORISED, AWAITINGAUTHORISATION.
Each Consent is bound to a consumer i.e. you need to identify yourself over request header value Consumer-Key.
For example:
GET /obp/v4.0.0/users/current HTTP/1.1
Host: 127.0.0.1:8080
Consent-JWT: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOlt7InJvbGVfbmFtZSI6IkNhbkdldEFueVVzZXIiLCJiYW5rX2lkIjoiIn
1dLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIzNDc1MDEzZi03YmY5LTQyNj
EtOWUxYy0xZTdlNWZjZTJlN2UiLCJhdWQiOiI4MTVhMGVmMS00YjZhLTQyMDUtYjExMi1lNDVmZDZmNGQzYWQiLCJuYmYiOjE1ODA3NDE2NjcsIml
zcyI6Imh0dHA6XC9cLzEyNy4wLjAuMTo4MDgwIiwiZXhwIjoxNTgwNzQ1MjY3LCJpYXQiOjE1ODA3NDE2NjcsImp0aSI6ImJkYzVjZTk5LTE2ZTY
tNDM4Yi1hNjllLTU3MTAzN2RhMTg3OCIsInZpZXdzIjpbXX0.L3fEEEhdCVr3qnmyRKBBUaIQ7dk1VjiFaEBW8hUNjfg
Consumer-Key: ejznk505d132ryomnhbx1qmtohurbsbb0kijajsk
cache-control: no-cache
Maximum time to live of the token is specified over props value consents.max_time_to_live. In case isn't defined default value is 3600 seconds.
Example of POST JSON:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com",
"valid_from": "2020-02-07T08:43:34Z",
"time_to_live": 3600
}
Please note that only optional fields are: consumer_id, valid_from and time_to_live.
In case you omit they the default values are used:
consumer_id = consumer of current user
valid_from = current time
time_to_live = consents.max_time_to_live
This endpoint is used to confirm a Consent previously created.
The User must supply a code that was sent out of band (OOB) for example via an SMS.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
JSON response body fields:
jwt:
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create Consent (EMAIL)
This endpoint starts the process of creating a Consent.
The Consent is created in an INITIATED state.
A One Time Password (OTP) (AKA security challenge) is sent Out of band (OOB) to the User via the transport defined in SCA_METHOD
SCA_METHOD is typically "SMS" or "EMAIL". "EMAIL" is used for testing purposes.
When the Consent is created, OBP (or a backend system) stores the challenge so it can be checked later against the value supplied by the User with the Answer Consent Challenge endpoint.
An OBP Consent allows the holder of the Consent to call one or more endpoints.
Consents must be created and authorisied using SCA (Strong Customer Authentication).
That is, Consents can be created by an authorised User via the OBP REST API but they must be confirmed via an out of band (OOB) mechanism such as a code sent to a mobile phone.
Each Consent has one of the following states: INITIATED, ACCEPTED, REJECTED, REVOKED, RECEIVED, VALID, REVOKEDBYPSU, EXPIRED, TERMINATEDBYTPP, AUTHORISED, AWAITINGAUTHORISATION.
Each Consent is bound to a consumer i.e. you need to identify yourself over request header value Consumer-Key.
For example:
GET /obp/v4.0.0/users/current HTTP/1.1
Host: 127.0.0.1:8080
Consent-JWT: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOlt7InJvbGVfbmFtZSI6IkNhbkdldEFueVVzZXIiLCJiYW5rX2lkIjoiIn
1dLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIzNDc1MDEzZi03YmY5LTQyNj
EtOWUxYy0xZTdlNWZjZTJlN2UiLCJhdWQiOiI4MTVhMGVmMS00YjZhLTQyMDUtYjExMi1lNDVmZDZmNGQzYWQiLCJuYmYiOjE1ODA3NDE2NjcsIml
zcyI6Imh0dHA6XC9cLzEyNy4wLjAuMTo4MDgwIiwiZXhwIjoxNTgwNzQ1MjY3LCJpYXQiOjE1ODA3NDE2NjcsImp0aSI6ImJkYzVjZTk5LTE2ZTY
tNDM4Yi1hNjllLTU3MTAzN2RhMTg3OCIsInZpZXdzIjpbXX0.L3fEEEhdCVr3qnmyRKBBUaIQ7dk1VjiFaEBW8hUNjfg
Consumer-Key: ejznk505d132ryomnhbx1qmtohurbsbb0kijajsk
cache-control: no-cache
Maximum time to live of the token is specified over props value consents.max_time_to_live. In case isn't defined default value is 3600 seconds.
Example of POST JSON:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com",
"valid_from": "2020-02-07T08:43:34Z",
"time_to_live": 3600
}
Please note that only optional fields are: consumer_id, valid_from and time_to_live.
In case you omit they the default values are used:
consumer_id = consumer of current user
valid_from = current time
time_to_live = consents.max_time_to_live
Authentication is Mandatory
Example 1:
{
"everything": true,
"views": [],
"entitlements": [],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com"
}
Please note that consumer_id is optional field
Example 2:
{
"everything": true,
"views": [],
"entitlements": [],
"email": "eveline@example.com"
}
Please note if everything=false you need to explicitly specify views and entitlements
Example 3:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com"
}
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
view_id: owner
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
valid_from: 2020-01-27
JSON response body fields:
jwt:
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-35009: Only SMS and EMAIL are supported as SCA methods.
- OBP-35013: Consents can only contain Roles that you already have access to.
- OBP-35014: Consents can only contain Views that you already have access to.
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-20058: Consumer is disabled.
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create Consent (SMS)
This endpoint starts the process of creating a Consent.
The Consent is created in an INITIATED state.
A One Time Password (OTP) (AKA security challenge) is sent Out of Band (OOB) to the User via the transport defined in SCA_METHOD
SCA_METHOD is typically "SMS" or "EMAIL". "EMAIL" is used for testing purposes.
When the Consent is created, OBP (or a backend system) stores the challenge so it can be checked later against the value supplied by the User with the Answer Consent Challenge endpoint.
An OBP Consent allows the holder of the Consent to call one or more endpoints.
Consents must be created and authorisied using SCA (Strong Customer Authentication).
That is, Consents can be created by an authorised User via the OBP REST API but they must be confirmed via an out of band (OOB) mechanism such as a code sent to a mobile phone.
Each Consent has one of the following states: INITIATED, ACCEPTED, REJECTED, REVOKED, RECEIVED, VALID, REVOKEDBYPSU, EXPIRED, TERMINATEDBYTPP, AUTHORISED, AWAITINGAUTHORISATION.
Each Consent is bound to a consumer i.e. you need to identify yourself over request header value Consumer-Key.
For example:
GET /obp/v4.0.0/users/current HTTP/1.1
Host: 127.0.0.1:8080
Consent-JWT: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOlt7InJvbGVfbmFtZSI6IkNhbkdldEFueVVzZXIiLCJiYW5rX2lkIjoiIn
1dLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIzNDc1MDEzZi03YmY5LTQyNj
EtOWUxYy0xZTdlNWZjZTJlN2UiLCJhdWQiOiI4MTVhMGVmMS00YjZhLTQyMDUtYjExMi1lNDVmZDZmNGQzYWQiLCJuYmYiOjE1ODA3NDE2NjcsIml
zcyI6Imh0dHA6XC9cLzEyNy4wLjAuMTo4MDgwIiwiZXhwIjoxNTgwNzQ1MjY3LCJpYXQiOjE1ODA3NDE2NjcsImp0aSI6ImJkYzVjZTk5LTE2ZTY
tNDM4Yi1hNjllLTU3MTAzN2RhMTg3OCIsInZpZXdzIjpbXX0.L3fEEEhdCVr3qnmyRKBBUaIQ7dk1VjiFaEBW8hUNjfg
Consumer-Key: ejznk505d132ryomnhbx1qmtohurbsbb0kijajsk
cache-control: no-cache
Maximum time to live of the token is specified over props value consents.max_time_to_live. In case isn't defined default value is 3600 seconds.
Example of POST JSON:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com",
"valid_from": "2020-02-07T08:43:34Z",
"time_to_live": 3600
}
Please note that only optional fields are: consumer_id, valid_from and time_to_live.
In case you omit they the default values are used:
consumer_id = consumer of current user
valid_from = current time
time_to_live = consents.max_time_to_live
Authentication is Mandatory
Example 1:
{
"everything": true,
"views": [],
"entitlements": [],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com"
}
Please note that consumer_id is optional field
Example 2:
{
"everything": true,
"views": [],
"entitlements": [],
"email": "eveline@example.com"
}
Please note if everything=false you need to explicitly specify views and entitlements
Example 3:
{
"everything": false,
"views": [
{
"bank_id": "GENODEM1GLS",
"account_id": "8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id": "owner"
}
],
"entitlements": [
{
"bank_id": "GENODEM1GLS",
"role_name": "CanGetCustomer"
}
],
"consumer_id": "7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"email": "eveline@example.com"
}
URL Parameters:
BANK_ID: gh.29.uk
SMS:
JSON request body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
view_id: owner
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
valid_from: 2020-01-27
JSON response body fields:
jwt:
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-35009: Only SMS and EMAIL are supported as SCA methods.
- OBP-35013: Consents can only contain Roles that you already have access to.
- OBP-35014: Consents can only contain Views that you already have access to.
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-20058: Consumer is disabled.
- OBP-00010: Missing props value at this API instance -
- OBP-35010: SMS server is not working or SMS server can not send the message to the phone number:
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create Consent By CONSENT_REQUEST_ID (EMAIL)
This endpoint continues the process of creating a Consent. It starts the SCA flow which changes the status of the consent from INITIATED to ACCEPTED or REJECTED.
Please note that the Consent cannot elevate the privileges logged in user already have.
Authentication is Mandatory
URL Parameters:
CONSENT_REQUEST_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
JSON request body fields:
JSON response body fields:
jwt:
consent_request_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED",
"consent_request_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-35009: Only SMS and EMAIL are supported as SCA methods.
- OBP-35013: Consents can only contain Roles that you already have access to.
- OBP-35014: Consents can only contain Views that you already have access to.
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-20058: Consumer is disabled.
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create Consent By CONSENT_REQUEST_ID (SMS)
This endpoint continues the process of creating a Consent. It starts the SCA flow which changes the status of the consent from INITIATED to ACCEPTED or REJECTED.
Please note that the Consent cannot elevate the privileges logged in user already have.
Authentication is Mandatory
URL Parameters:
CONSENT_REQUEST_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
SMS:
JSON request body fields:
JSON response body fields:
jwt:
consent_request_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED",
"consent_request_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-35029: The CONSENT_REQUEST_ID is invalid.
- OBP-35009: Only SMS and EMAIL are supported as SCA methods.
- OBP-35013: Consents can only contain Roles that you already have access to.
- OBP-35014: Consents can only contain Views that you already have access to.
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-20058: Consumer is disabled.
- OBP-00010: Missing props value at this API instance -
- OBP-35010: SMS server is not working or SMS server can not send the message to the phone number:
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create Consent Request
Client Authentication (mandatory)
It is used when applications request an access token to access their own resources, not on behalf of a user.
The client needs to authenticate themselves for this request.
In case of public client we use client_id and private kew to obtain access token, otherwise we use client_id and client_secret.
The obtained access token is used in the HTTP Bearer auth header of our request.
Example:
Authorization: Bearer eXtneO-THbQtn3zvK_kQtXXfvOZyZFdBCItlPDbR2Bk.dOWqtXCtFX-tqGTVR0YrIjvAolPIVg7GZ-jz83y6nA0
Authentication is Optional
JSON request body fields:
account_access: account_access
bank_id: gh.29.uk
scheme: scheme value
view_id: owner
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
valid_from: 2020-01-27
JSON response body fields:
consent_request_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
payload: payload
{
"consent_request_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"payload":{
"everything":false,
"account_access":[{
"account_routing":{
"scheme":"AccountNumber",
"address":"4930396"
},
"view_id":"owner"
}],
"phone_number":"+44 07972 444 876",
"valid_from":"2022-06-14T12:42:00Z",
"time_to_live":3600
},
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-35020: You exceeded max value of time to live of consents.
- OBP-50000: Unknown Error.
Get Consent By Consent Request Id
This endpoint gets the Consent By consent request id.
Authentication is Mandatory
URL Parameters:
CONSENT_REQUEST_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
JSON response body fields:
jwt:
consent_request_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED",
"consent_request_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get Consent Request
Authentication is Optional
URL Parameters:
CONSENT_REQUEST_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
JSON response body fields:
consent_request_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
payload: payload
{
"consent_request_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"payload":{
"everything":false,
"account_access":[{
"account_routing":{
"scheme":"AccountNumber",
"address":"4930396"
},
"view_id":"owner"
}],
"phone_number":"+44 07972 444 876",
"valid_from":"2022-06-14T12:42:00Z",
"time_to_live":3600
},
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-35028: Consent Request not found by CONSENT_REQUEST_ID.
- OBP-50000: Unknown Error.
Get Consents
This endpoint gets the Consents that the current User created.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
api_standard: api_standard
jwt:
{
"consents":[{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"INITIATED",
"api_standard":"Berlin Group",
"api_version":"v1.3"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
Get Consents Info
This endpoint gets the Consents that the current User created.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
api_standard: api_standard
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
last_action_date: last_action_date
last_usage_date: last_usage_date
{
"consents":[{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"created_by_user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"last_action_date":"2020-01-27",
"last_usage_date":"2021-04-08T09:12:27Z",
"status":"INITIATED",
"api_standard":"Berlin Group",
"api_version":"v1.3"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
Provide client's certificate info of a current call
Provide client's certificate info of a current call specified by PSD2-CERT value at Request Header
Authentication is Mandatory
JSON response body fields:
issuer_domain_name: issuer_domain_name
not_after: not_after
not_before: not_before
subject_domain_name: subject_domain_name
roles: CanCreateMyUser
roles_info: roles_info
{
"subject_domain_name":"OID.2.5.4.41=VPN, EMAILADDRESS=admin@tesobe.com, CN=TESOBE CA, OU=TESOBE Operations, O=TESOBE, L=Berlin, ST=Berlin, C=DE",
"issuer_domain_name":"CN=localhost, O=TESOBE GmbH, ST=Berlin, C=DE",
"not_before":"2022-04-01T10:13:00.000Z",
"not_after":"2032-04-01T10:13:00.000Z",
"roles_info":"PEM Encoded Certificate does not contain PSD2 roles."
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
Revoke Consent
Revoke Consent for current user specified by CONSENT_ID
There are a few reasons you might need to revoke an application’s access to a user’s account:
- The user explicitly wishes to revoke the application’s access
- You as the service provider have determined an application is compromised or malicious, and want to disable it
- etc.
Please note that this endpoint only supports the case:: "The user explicitly wishes to revoke the application’s access"
OBP as a resource server stores access tokens in a database, then it is relatively easy to revoke some token that belongs to a particular user.
The status of the token is changed to "REVOKED" so the next time the revoked client makes a request, their token will fail to validate.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
jwt:
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"REJECTED"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
Revoke Consent at Bank
Revoke Consent specified by CONSENT_ID
There are a few reasons you might need to revoke an application’s access to a user’s account:
- The user explicitly wishes to revoke the application’s access
- You as the service provider have determined an application is compromised or malicious, and want to disable it
- etc.
OBP as a resource server stores access tokens in a database, then it is relatively easy to revoke some token that belongs to a particular user.
The status of the token is changed to "REVOKED" so the next time the revoked client makes a request, their token will fail to validate.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
jwt:
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"REJECTED"
}
-
CanRevokeConsentAtBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Revoke Consent used in the Current Call
Revoke Consent specified by Consent-Id at Request Header
There are a few reasons you might need to revoke an application’s access to a user’s account:
- The user explicitly wishes to revoke the application’s access
- You as the service provider have determined an application is compromised or malicious, and want to disable it
- etc.
OBP as a resource server stores access tokens in a database, then it is relatively easy to revoke some token that belongs to a particular user.
The status of the token is changed to "REVOKED" so the next time the revoked client makes a request, their token will fail to validate.
Authentication is Mandatory
JSON response body fields:
jwt:
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"REJECTED"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-50000: Unknown Error.
Update Consent Status
This endpoint is used to update the Status of Consent.
Each Consent has one of the following states: INITIATED, ACCEPTED, REJECTED, REVOKED, RECEIVED, VALID, REVOKEDBYPSU, EXPIRED, TERMINATEDBYTPP, AUTHORISED, AWAITINGAUTHORISATION.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
jwt:
{
"consent_id":"9d429899-24f5-42c8-8565-943ffa6a7945",
"jwt":"eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4",
"status":"AUTHORISED"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create User Customer Link
Link a User to a Customer
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
is_active: true
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
{
"user_customer_link_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"date_inserted":"1100-01-01T00:00:00Z",
"is_active":true
}
-
CanCreateUserCustomerLinkAtAnyBank
- Please login to request this Role
-
CanCreateUserCustomerLink
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-30046: Customer not found. Please specify a valid value for CUSTOMER_ID.
- OBP-20006: User is missing one or more roles:
- OBP-30007: The User is already linked to a Customer at the bank specified by BANK_ID
- OBP-30025: Could not create user_customer_links
- OBP-50000: Unknown Error.
Get Customers Minimal at Any Bank
Get Customers Minimal at Any Bank.
Authentication is Mandatory
JSON response body fields:
bank_id: gh.29.uk
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}]
}
-
CanGetCustomersMinimalAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Customers Minimal at Bank
Get Customers Minimal at Bank.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
bank_id: gh.29.uk
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}]
}
-
CanGetCustomersMinimal
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
Get Customers at Any Bank
Get Customers at Any Bank.
Authentication is Mandatory
JSON response body fields:
amount: 10.12
bank_id: gh.29.uk
branch_id: DERBY6
currency: EUR
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_number: 5987953
date: 2020-01-27
date_of_birth: 2018-03-09
dependants: 1
dob_of_dependants: [2019-09-08, 2017-07-12]
employment_status: worker
highest_education_attained: Master
kyc_status: true
last_ok_date: 2023-10-05T00:00:31.748Z
legal_name: Eveline Tripman
mobile_phone_number: +49 30 901820
name_suffix: Sr
relationship_status: single
title: Dr.
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"customer_number":"5987953",
"legal_name":"Eveline Tripman",
"mobile_phone_number":"+44 07972 444 876",
"email":"felixsmith@example.com",
"face_image":{
"url":"www.openbankproject",
"date":"1100-01-01T00:00:00Z"
},
"date_of_birth":"19900101",
"relationship_status":"single",
"dependants":1,
"dob_of_dependants":["19900101"],
"credit_rating":{
"rating":"OBP",
"source":"OBP"
},
"credit_limit":{
"currency":"EUR",
"amount":"0"
},
"highest_education_attained":"Master",
"employment_status":"worker",
"kyc_status":true,
"last_ok_date":"2023-10-05T00:00:32Z",
"title":"Dr.",
"branch_id":"DERBY6",
"name_suffix":"Sr"
}]
}
-
CanGetCustomersAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Customers at Bank
Get Customers at Bank.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
amount: 10.12
bank_id: gh.29.uk
branch_id: DERBY6
currency: EUR
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_number: 5987953
date: 2020-01-27
date_of_birth: 2018-03-09
dependants: 1
dob_of_dependants: [2019-09-08, 2017-07-12]
employment_status: worker
highest_education_attained: Master
kyc_status: true
last_ok_date: 2023-10-05T00:00:31.748Z
legal_name: Eveline Tripman
mobile_phone_number: +49 30 901820
name_suffix: Sr
relationship_status: single
title: Dr.
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"customer_number":"5987953",
"legal_name":"Eveline Tripman",
"mobile_phone_number":"+44 07972 444 876",
"email":"felixsmith@example.com",
"face_image":{
"url":"www.openbankproject",
"date":"1100-01-01T00:00:00Z"
},
"date_of_birth":"19900101",
"relationship_status":"single",
"dependants":1,
"dob_of_dependants":["19900101"],
"credit_rating":{
"rating":"OBP",
"source":"OBP"
},
"credit_limit":{
"currency":"EUR",
"amount":"0"
},
"highest_education_attained":"Master",
"employment_status":"worker",
"kyc_status":true,
"last_ok_date":"2023-10-05T00:00:32Z",
"title":"Dr.",
"branch_id":"DERBY6",
"name_suffix":"Sr"
}]
}
-
CanGetCustomers
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Customers for Current User
Gets all Customers that are linked to a User.
Authentication is Mandatory
JSON response body fields:
amount: 10.12
bank_id: gh.29.uk
branch_id: DERBY6
currency: EUR
customer_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_number: 5987953
date: 2020-01-27
date_of_birth: 2018-03-09
dependants: 1
dob_of_dependants: [2019-09-08, 2017-07-12]
employment_status: worker
highest_education_attained: Master
kyc_status: true
last_ok_date: 2023-10-05T00:00:31.748Z
legal_name: Eveline Tripman
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
name_suffix: Sr
relationship_status: single
title: Dr.
type:
url: http://www.example.com/id-docs/123/image.png
value: 5987953
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"customer_number":"5987953",
"legal_name":"Eveline Tripman",
"mobile_phone_number":"+44 07972 444 876",
"email":"felixsmith@example.com",
"face_image":{
"url":"www.openbankproject",
"date":"1100-01-01T00:00:00Z"
},
"date_of_birth":"19900101",
"relationship_status":"single",
"dependants":1,
"dob_of_dependants":["19900101"],
"credit_rating":{
"rating":"OBP",
"source":"OBP"
},
"credit_limit":{
"currency":"EUR",
"amount":"0"
},
"highest_education_attained":"Master",
"employment_status":"worker",
"kyc_status":true,
"last_ok_date":"2023-10-05T00:00:32Z",
"title":"Dr.",
"branch_id":"DERBY6",
"name_suffix":"Sr",
"customer_attributes":[{
"customer_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"SPECIAL_TAX_NUMBER",
"type":"STRING",
"value":"123456789"
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
Get My Customers
Gets all Customers that are linked to me.
Authentication via OAuth is required.
Authentication is Mandatory
JSON response body fields:
amount: 10.12
bank_id: gh.29.uk
currency: EUR
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_number: 5987953
date: 2020-01-27
date_of_birth: 2018-03-09
dependants: 1
dob_of_dependants: [2019-09-08, 2017-07-12]
employment_status: worker
highest_education_attained: Master
kyc_status: true
last_ok_date: 2023-10-05T00:00:31.748Z
legal_name: Eveline Tripman
mobile_phone_number: +49 30 901820
relationship_status: single
{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"customer_number":"5987953",
"legal_name":"Eveline Tripman",
"mobile_phone_number":"+44 07972 444 876",
"email":"felixsmith@example.com",
"face_image":{
"url":"www.openbankproject",
"date":"1100-01-01T00:00:00Z"
},
"date_of_birth":"1100-01-01T00:00:00Z",
"relationship_status":"single",
"dependants":1,
"dob_of_dependants":["1100-01-01T00:00:00Z"],
"credit_rating":{
"rating":"OBP",
"source":"OBP"
},
"credit_limit":{
"currency":"EUR",
"amount":"0"
},
"highest_education_attained":"Master",
"employment_status":"worker",
"kyc_status":true,
"last_ok_date":"2023-10-05T00:00:32Z"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
Add Entitlement for a User
Create Entitlement. Grant Role to User.
Entitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)
For a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
For a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
Authentication is required and the user needs to be a Super Admin. Super Admins are listed in the Props file.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON request body fields:
bank_id: gh.29.uk
JSON response body fields:
bank_id: gh.29.uk
{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}
-
CanCreateEntitlementAtOneBank
- Please login to request this Role
-
CanCreateEntitlementAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-20050: Current User is not a Super Admin!
- OBP-10001: Incorrect json format.
- OBP-10007: Incorrect Role name:
- OBP-30205: This entitlement is a Bank Role. Please set bank_id to a valid bank id.
- OBP-30206: This entitlement is a System Role. Please set bank_id to empty string.
- OBP-30216: Entitlement already exists for the user.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Create (DAuth) User with Roles
This endpoint is used as part of the DAuth solution to grant Entitlements for Roles to a smart contract on the blockchain.
Put the smart contract address in username
For provider use "dauth"
This endpoint will create the User with username and provider if the User does not already exist.
Then it will create Entitlements i.e. grant Roles to the User.
Entitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)
i.e. Entitlements are used to create / consume system or bank level resources where as views / account access are used to consume / create customer level resources.
For a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
For a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
Note: The Roles actually granted will depend on the Roles that the calling user has.
If you try to grant Entitlements to a user that already exist (duplicate entitilements) you will get an error.
For information about DAuth see below:
DAuth
DAuth Introduction, Setup and Usage
DAuth is an experimental authentication mechanism that aims to pin an ethereum or other blockchain Smart Contract to an OBP "User".
In the future, it might be possible to be more specific and pin specific actors (wallets) that are acting within the smart contract, but so far, one smart contract acts on behalf of one User.
Thus, if a smart contract "X" calls the OBP API using the DAuth header, OBP will get or create a user called X and the call will proceed in the context of that User "X".
DAuth is invoked by the REST client (caller) including a specific header (see step 3 below) in any OBP REST call.
When OBP receives the DAuth token, it creates or gets a User with a username based on the smart_contract_address and the provider based on the network_name. The combination of username and provider is unique in OBP.
If you are calling OBP-API via an API3 Airnode, the Airnode will take care of constructing the required header.
When OBP detects a DAuth header / token it first checks if the Consumer is allowed to make such a call. OBP will validate the Consumer ip address and signature etc.
Note: The DAuth flow does not require an explicit POST like Direct Login to create the token.
Permissions may be assigned to an OBP User at any time, via the UserAuthContext, Views, Entitlements to Roles or Consents.
Note: DAuth is enabled.
Note: The DAuth client is responsible for creating a token which will be trusted by OBP absolutely!
To use DAuth:
1) Configure OBP API to accept DAuth.
Set up properties in your props file
# -- DAuth --------------------------------------
# Define secret used to validate JWT token
# jwt.public_key_rsa=path-to-the-pem-file
# Enable/Disable DAuth communication at all
# In case isn't defined default value is false
# allow_dauth=false
# Define comma separated list of allowed IP addresses
# dauth.host=127.0.0.1
# -------------------------------------- DAuth--
Please keep in mind that property jwt.public_key_rsa is used to validate JWT token to check it is not changed or corrupted during transport.
2) Create / have access to a JWT
The following videos are available:
* DAuth in local environment
HEADER:ALGORITHM & TOKEN TYPE
{
"alg": "RS256",
"typ": "JWT"
}
PAYLOAD:DATA
{
"smart_contract_address": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"network_name": "AIRNODE.TESTNET.ETHEREUM",
"msg_sender": "0xe12340927f1725E7734CE288F8367e1Bb143E90fhku767",
"consumer_key": "0x1234a4ec31e89cea54d1f125db7536e874ab4a96b4d4f6438668b6bb10a6adb",
"timestamp": "2021-11-04T14:13:40Z",
"request_id": "0Xe876987694328763492876348928736497869273649"
}
VERIFY SIGNATURE
RSASHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
) your-RSA-key-pair
Here is an example token:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k
3) Try a REST call using the header
Using your favorite http client:
GET https://api3.openbankproject.com/obp/v3.0.0/users/current
Body
Leave Empty!
Headers:
DAuth: your-jwt-from-step-above
Here is it all together:
GET https://api3.openbankproject.com/obp/v3.0.0/users/current HTTP/1.1
Host: localhost:8080
User-Agent: curl/7.47.0
Accept: /
DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k
CURL example
curl -v -H 'DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k' https://api3.openbankproject.com/obp/v3.0.0/users/current
You should receive a response like:
{
"user_id": "4c4d3175-1e5c-4cfd-9b08-dcdc209d8221",
"email": "",
"provider_id": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"provider": "ETHEREUM",
"username": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"entitlements": {
"list": []
}
}
Under the hood
The file, dauth.scala handles the DAuth,
We:
-> Check if Props allow_dauth is true
-> Check if DAuth header exists
-> Check if getRemoteIpAddress is OK
-> Look for "token"
-> parse the JWT token and getOrCreate the user
-> get the data of the user
More information
Parameter names and values are case sensitive.
Each parameter MUST NOT appear more than once per request.
Authentication is Mandatory
JSON request body fields:
bank_id: gh.29.uk
provider: ETHEREUM
roles: CanCreateMyUser
username: felixsmith
JSON response body fields:
bank_id: gh.29.uk
list:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
{
"list":[{
"entitlement_id":"",
"role_name":"",
"bank_id":"gh.29.uk",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-10007: Incorrect Role name:
- OBP-30205: This entitlement is a Bank Role. Please set bank_id to a valid bank id.
- OBP-30206: This entitlement is a System Role. Please set bank_id to empty string.
- OBP-30216: Entitlement already exists for the user.
- OBP-20103: Invalid DAuth User Provider.
- OBP-50000: Unknown Error.
Create Entitlement Request for current User
Create Entitlement Request.
Any logged in User can use this endpoint to request an Entitlement
Entitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)
For a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
For a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
Authentication is Mandatory
JSON request body fields:
bank_id: gh.29.uk
JSON response body fields:
bank_id: gh.29.uk
list:
provider: ETHEREUM
user:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
{
"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
},
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk",
"created":"1100-01-01T00:00:00Z"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-10001: Incorrect json format.
- OBP-10007: Incorrect Role name:
- OBP-30205: This entitlement is a Bank Role. Please set bank_id to a valid bank id.
- OBP-30206: This entitlement is a System Role. Please set bank_id to empty string.
- OBP-30214: Entitlement Request already exists for the user.
- OBP-30217: Entitlement Request cannot be added.
- OBP-50000: Unknown Error.
Delete Entitlement
Delete Entitlement specified by ENTITLEMENT_ID for an user specified by USER_ID
Authentication is required and the user needs to be a Super Admin.
Super Admins are listed in the Props file.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
{
"jsonString":"{}"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30212: EntitlementId not found
- OBP-50000: Unknown Error.
Delete Entitlement Request
Delete the Entitlement Request specified by ENTITLEMENT_REQUEST_ID for a user specified by USER_ID
Authentication is Mandatory
URL Parameters:
JSON response body fields:
-
CanDeleteEntitlementRequestsAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Entitlement Requests for a User
{
"entitlement_requests":[{
"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
},
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk",
"created":"1100-01-01T00:00:00Z"
}]
}
-
CanGetEntitlementRequestsAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Entitlement Requests for the current User
{
"entitlement_requests":[{
"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
},
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk",
"created":"1100-01-01T00:00:00Z"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Get Entitlements for One Bank
{
"list":[{
"entitlement_id":"",
"role_name":"",
"bank_id":"gh.29.uk",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"
}]
}
-
CanGetEntitlementsForOneBank
- Please login to request this Role
-
CanGetEntitlementsForAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Entitlements for User
{
"list":[{
"entitlement_id":"",
"role_name":"",
"bank_id":"gh.29.uk",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"
}]
}
-
CanGetEntitlementsForAnyUserAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Entitlements for User at Bank
{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
-
CanGetEntitlementsForAnyUserAtOneBank
- Please login to request this Role
-
CanGetEntitlementsForAnyUserAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Entitlements for the current User
{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Get Roles
{
"roles":[{
"role":"CanCreateBranch",
"requires_bank_id":true
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get all Entitlement Requests
{
"entitlement_requests":[{
"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
},
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk",
"created":"1100-01-01T00:00:00Z"
}]
}
-
CanGetEntitlementRequestsAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get all Entitlements
{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Answer User Auth Context Update Challenge
Answer User Auth Context Update Challenge.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_update_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"status":"INITIATED",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create My Personal User Attribute
Create My Personal User Attribute
The type
field must be one of "STRING", "INTEGER", "DOUBLE" or DATE_WITH_DAY"
Authentication is Mandatory
JSON request body fields:
name: ACCOUNT_MANAGEMENT_FEE
type:
value: 5987953
JSON response body fields:
insert_date: 2020-01-27
name: ACCOUNT_MANAGEMENT_FEE
type:
user_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
value: 5987953
{
"user_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"BATTERY_LEVEL",
"type":"STRING",
"value":"90",
"insert_date":"2024-10-05T00:00:32Z"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Create Non Personal User Attribute
Create Non Personal User Attribute
The type field must be one of "STRING", "INTEGER", "DOUBLE" or DATE_WITH_DAY"
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON request body fields:
name: ACCOUNT_MANAGEMENT_FEE
type:
value: 5987953
JSON response body fields:
insert_date: 2020-01-27
is_personal: is_personal
name: ACCOUNT_MANAGEMENT_FEE
type:
user_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
value: 5987953
{
"user_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"BATTERY_LEVEL",
"type":"STRING",
"value":"90",
"is_personal":false,
"insert_date":"2024-10-05T00:00:32Z"
}
-
CanCreateNonPersonalUserAttribute
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Create User
Creates OBP user.
No authorisation (currently) required.
Mimics current webform to Register.
Requires username(email) and password.
Returns 409 error if username not unique.
May require validation of email address.
Authentication is Mandatory
JSON request body fields:
first_name: Tom
last_name: Smith
password: password
username: felixsmith
JSON response body fields:
bank_id: gh.29.uk
list:
provider: ETHEREUM
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-30207: Invalid Password Format. Your password should EITHER be at least 10 characters long and contain mixed numbers and both upper and lower case letters and at least one special character, OR the length should be > 16 and <= 512.
- Error occurred during user creation.
- User with the same username already exists.
- OBP-50000: Unknown Error.
Create User Auth Context
Create User Auth Context. These key value pairs will be propagated over connector to adapter. Normally used for mapping OBP user and
Bank User/Customer.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON request body fields:
key: CustomerNumber
value: 5987953
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
time_stamp: 1100-01-01T01:01:01.000Z
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"time_stamp":"1100-01-01T00:00:00Z",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
-
CanCreateUserAuthContext
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-30053: Could not insert the UserAuthContext
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Create User Auth Context Update Request
Create User Auth Context Update Request.
Authentication is Mandatory
A One Time Password (OTP) (AKA security challenge) is sent Out of Band (OOB) to the User via the transport defined in SCA_METHOD
SCA_METHOD is typically "SMS" or "EMAIL". "EMAIL" is used for testing purposes.
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
key: CustomerNumber
value: 5987953
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_update_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"status":"INITIATED",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-30053: Could not insert the UserAuthContext
- OBP-50000: Unknown Error.
Create password reset url
{
"reset_password_url":"https://apisandbox.openbankproject.com/user_mgt/reset_password/QOL1CPNJPCZ4BRMPX3Z01DPOX1HMGU3L"
}
-
CanCreateResetPasswordUrl
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Delete Non Personal User Attribute
Delete the Non Personal User Attribute specified by ENTITLEMENT_REQUEST_ID for a user specified by USER_ID
Authentication is Mandatory
URL Parameters:
USER_ATTRIBUTE_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanDeleteNonPersonalUserAttribute
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Delete User Auth Context
Delete a User AuthContext of the User specified by USER_AUTH_CONTEXT_ID.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanDeleteUserAuthContext
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Delete User's Auth Contexts
Delete the Auth Contexts of a User specified by USER_ID.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanDeleteUserAuthContext
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Delete a User
Delete a User.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanDeleteUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Logout Link
{
"link":"127.0.0.1:8080/user_mgt/logout"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get My Personal User Attributes
Get My Personal User Attributes.
Authentication is Mandatory
JSON response body fields:
insert_date: 2020-01-27
name: ACCOUNT_MANAGEMENT_FEE
type:
user_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
user_attributes: user_attributes
value: 5987953
{
"user_attributes":[{
"user_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"BATTERY_LEVEL",
"type":"STRING",
"value":"90",
"insert_date":"2024-10-05T00:00:32Z"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get My Spaces
{
"bank_ids":["gh.29.uk"]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get Non Personal User Attributes
Get Non Personal User Attribute for a user specified by USER_ID
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanGetNonPersonalUserAttributes
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Get User (Current)
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get User Auth Contexts
Get User Auth Contexts for a User.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
time_stamp: 1100-01-01T01:01:01.000Z
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"time_stamp":"1100-01-01T00:00:00Z",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
-
CanGetUserAuthContext
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get User Id (Current)
Get the USER_ID of the logged in user
Authentication is Mandatory
JSON response body fields:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get User Lock Status
Get User Login Status.
Authentication is Mandatory
URL Parameters:
PROVIDER: ETHEREUM
USERNAME: felixsmith
JSON response body fields:
bad_attempts_since_last_success_or_reset:
last_failure_date: 2020-01-27
username: felixsmith
{
"username":"felixsmith",
"bad_attempts_since_last_success_or_reset":0,
"last_failure_date":"1100-01-01T01:01:01Z"
}
-
CanReadUserLockedStatus
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20027: User not found by provider and username.
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get User by USERNAME
Get user by PROVIDER and USERNAME
Authentication is Mandatory
CanGetAnyUser entitlement is required,
URL Parameters:
PROVIDER: ETHEREUM
USERNAME: felixsmith
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
is_deleted: is_deleted
is_locked: is_locked
list:
provider: ETHEREUM
text:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
view_id: owner
agreements: agreements
last_marketing_agreement_signed_date: last_marketing_agreement_signed_date
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
},
"agreements":[{
"type":"",
"text":""
}],
"is_deleted":false,
"last_marketing_agreement_signed_date":"1100-01-01T00:00:00Z",
"is_locked":false
}
-
CanGetAnyUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-20027: User not found by provider and username.
- OBP-50000: Unknown Error.
Get User by USER_ID
Get user by USER_ID
Authentication is Mandatory
CanGetAnyUser entitlement is required,
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
is_deleted: is_deleted
is_locked: is_locked
list:
provider: ETHEREUM
text:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
view_id: owner
agreements: agreements
last_marketing_agreement_signed_date: last_marketing_agreement_signed_date
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
},
"agreements":[{
"type":"",
"text":""
}],
"is_deleted":false,
"last_marketing_agreement_signed_date":"1100-01-01T00:00:00Z",
"is_locked":false
}
-
CanGetAnyUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-50000: Unknown Error.
Get User with Attributes by USER_ID
Get User Attributes for the user defined via USER_ID.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
insert_date: 2020-01-27
name: ACCOUNT_MANAGEMENT_FEE
provider: ETHEREUM
type:
user_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
user_attributes: user_attributes
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
value: 5987953
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"user_attributes":[{
"user_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"BATTERY_LEVEL",
"type":"STRING",
"value":"90",
"insert_date":"2024-10-05T00:00:32Z"
}]
}
-
CanGetUsersWithAttributes
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Users by Email Address
Get users by email address
Authentication is Mandatory
CanGetAnyUser entitlement is required,
URL Parameters:
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
is_deleted: is_deleted
is_locked: is_locked
list:
provider: ETHEREUM
text:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
users: user list
view_id: owner
agreements: agreements
last_marketing_agreement_signed_date: last_marketing_agreement_signed_date
{
"users":[{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
},
"agreements":[{
"type":"",
"text":""
}],
"is_deleted":false,
"last_marketing_agreement_signed_date":"1100-01-01T00:00:00Z",
"is_locked":false
}]
}
-
CanGetAnyUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-20007: User not found by email.
- OBP-50000: Unknown Error.
Get all Users
Get all users
Authentication is Mandatory
CanGetAnyUser entitlement is required,
Possible custom url parameters for pagination:
- limit=NUMBER ==> default value: 50
- offset=NUMBER ==> default value: 0
eg1:?limit=100&offset=0
- sort_direction=ASC/DESC ==> default value: DESC.
eg2:?limit=100&offset=0&sort_direction=ASC
- locked_status (if null ignore)
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
is_deleted: is_deleted
is_locked: is_locked
list:
provider: ETHEREUM
text:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
users: user list
view_id: owner
agreements: agreements
last_marketing_agreement_signed_date: last_marketing_agreement_signed_date
{
"users":[{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
},
"agreements":[{
"type":"",
"text":""
}],
"is_deleted":false,
"last_marketing_agreement_signed_date":"1100-01-01T00:00:00Z",
"is_locked":false
}]
}
-
CanGetAnyUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Lock the user
Lock a User.
Authentication is Mandatory
URL Parameters:
PROVIDER: ETHEREUM
USERNAME: felixsmith
JSON request body fields:
JSON response body fields:
last_lock_date: 2020-01-27
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"type_of_lock":"lock_via_api",
"last_lock_date":"1100-01-01T01