--- swagger: "2.0" info: title: Vehicle Asset Finance Customer description: API used for marketplace business to customer integration into MFC Non Dealer Direct application version: 3.6.0 x-ibm-name: VehicleAssetFinanceCustomer contact: email: olivierm@nedbank.co.za name: Olivier Mulmann x-swaggercreationdate: 01-08-2019 x-swaggerversion: "1" name: "" basePath: /vehicleassetfinance/v1 schemes: - https consumes: - application/json produces: - application/json - CC308476 paths: /intent: post: summary: Create an pre-qualification request description: Submit an intent for a pre-qualification request operationId: CreateIntent produces: - application/json consumes: - application/json parameters: - name: body in: body description: Create intent request required: true schema: $ref: '#/definitions/IntentRequestMessage' - in: header name: content-type type: string required: true description: The produced content type. Must be 'application/json'. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 type: string required: true - in: header name: x-jws-signature type: string required: false description: Header containig a detached JWS signature of the body of the payload. responses: 201: description: Created schema: $ref: '#/definitions/IntentResponseMessage' default: description: Any HTTP status code other than a 200 will indicate that an error has occurred schema: type: object security: - TPPOAuth2Security: - tpp_client_credential X-IBM-Client-Secret: [] x-ibm-client-id: [] /prequalifications: post: summary: Request a pre-qualification check. This includes a credit check for the specified client information as well as indicative vehicle finance values description: Pre-qualification request of the authenticated Customer operationId: PostPreQualificationsRequest consumes: - application/json produces: - application/json parameters: - in: header name: content-type type: string required: true description: The produced content type. Must be 'application/json'. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 - name: body in: body description: The request object containing the required PreQualifications information required: true schema: $ref: '#/definitions/PreQualificationRequestMessage' - default: true in: header name: x-nedbank-notify required: false type: boolean responses: 201: description: Created schema: $ref: '#/definitions/APIResponseOfPreQualificationRequestMessage' default: description: Any HTTP status code other than a 200 will indicate that an error has occurred schema: type: object security: - X-IBM-Client-Secret: [] X-IBM-Client-Id: [] TPPOAuth2Security: - tpp_client_credential x-ibm-client-id: [] tags: - Pre-Qualifications /mfcauthorize: get: responses: 200: description: 200 OK parameters: - name: redirect_uri type: string required: false in: query - name: intentid type: string required: false in: query - name: type type: string required: false in: query security: - X-IBM-Client-Id: [] definitions: PreQualificationRequestMessage: properties: cellphone: type: string firstName: type: string identityNumber: type: string lastName: type: string email: type: string netSalary: format: double type: number totalExpenses: format: double type: number desiredAmount: format: double type: number required: - cellphone - firstName - identityNumber - lastName - email - netSalary - totalExpenses type: object IntentRequestMessage: properties: data: $ref: '#/definitions/IntentRequestMessageData' risk: $ref: '#/definitions/IntentRisk' additionalProperties: false required: - data - risk IntentRequestMessageData: title: Data properties: permissions: $ref: '#/definitions/IntentPermissions' expirationDateTime: $ref: '#/definitions/IntentExpirationDateTime' additionalProperties: false required: - permissions IntentResponseMessage: properties: data: $ref: '#/definitions/IntentResponseMessageData' risk: $ref: '#/definitions/IntentRisk' links: $ref: '#/definitions/IntentResponseMessageLinks' meta: $ref: '#/definitions/IntentResponseMessageMeta' additionalProperties: false required: - data - links - meta IntentResponseMessageData: title: Data properties: intentId: description: Unique identification as assigned to identify the PreQualifications request resource. type: string minLength: 1 maxLength: 128 permissions: $ref: '#/definitions/IntentPermissions' status: type: string description: Specifies the status of the PreQualifications request resource. - Authorised - AwaitingAuthorisation - Rejected - Revoked creationDateTime: description: Date and time at which the resource was created. type: string format: date-time expirationDateTime: $ref: '#/definitions/IntentExpirationDateTime' type: object required: - intentId - creationDateTime additionalProperties: false IntentResponseMessageMeta: title: Meta type: object description: Meta Data relevant to the payload properties: total-pages: type: integer format: int32 additionalProperties: false APIResponseOfPreQualificationRequestMessage: properties: data: $ref: '#/definitions/PreQualificationRequestMessage' meta: $ref: '#/definitions/ApiMetaData' links: $ref: '#/definitions/IntentResponseMessageLinks' required: - meta - links type: object IntentResponseMessageLinks: title: Links type: object description: Links relevant to the payload properties: self: type: string format: uri first: type: string format: uri prev: type: string format: uri next: type: string format: uri last: type: string format: uri additionalProperties: false required: - self IntentExpirationDateTime: title: ExpirationDateTime type: string description: Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended. format: date-time IntentPermissions: title: permissions type: array description: Specifies the Open Banking pre-qualification request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP. items: type: string description: Specifies the pre-qualification request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP. - PerfomCreditCheckConsent minProperties: 1 additionalProperties: false IntentRisk: description: The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for PreQualifications Info. additionalProperties: false ApiMetaData: title: Meta Data type: object description: Meta Data relevant to the payload properties: code: type: string debugInfo: $ref: '#/definitions/ArrayOfString' detail: type: string message: type: string name: type: string total-pages: type: integer format: int32 additionalProperties: false ArrayOfString: items: type: string type: array securityDefinitions: X-IBM-Client-Id: type: apiKey description: "" in: query name: client_id X-IBM-Client-Secret: type: apiKey description: "" in: header name: X-IBM-Client-Secret x-ibm-client-id: type: apiKey description: "" in: header name: X-IBM-Client-Id PSUOAuth2Security: type: oauth2 flow: accessCode tokenUrl: https://api.nedbank.co.za/apimarket/sandbox/nboauth/oauth20/token authorizationUrl: https://api.nedbank.co.za/apimarket/sandbox/oauth/oauth20/authorize scopes: mfcvaf: Ability to submit pre-qualification application description: OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU x-tokenIntrospect: url: https://api-market.nedsecure.nednet.co.za/mga/sps/oauth/oauth20/introspect TPPOAuth2Security: type: oauth2 flow: application tokenUrl: https://api.nedbank.co.za/apimarket/sandbox/nboauth/oauth20/token scopes: tpp_client_credential: TPP Client Credential Scope description: TPP client credential authorisation flow with the ASPSP x-tokenIntrospect: url: https://api-market.nedsecure.nednet.co.za/mga/sps/oauth/oauth20/introspect responses: 400ErrorResponse: description: Bad Request 401ErrorResponse: description: Unauthorized 403ErrorResponse: description: Forbidden 429ErrorResponse: description: Too Many Requests 500ErrorResponse: description: Internal Server Error x-ibm-configuration: enforced: true testable: true phase: realized security: - X-IBM-Client-Secret: [] PSUOAuth2Security: - mfcvaf TPPOAuth2Security: - tpp_client_credential x-ibm-client-id: [] - X-IBM-Client-Id: [] x-ibm-endpoints: - endpointUrl: https://api.nedbank.co.za/apimarket/sandbox type: - production ...