--- swagger: "2.0" info: title: Customer Information APIs description: Swagger specification for Customer Information APIs version: 1.0.4 x-ibm-name: customerinfoapis name: "" basePath: /open-banking schemes: - https produces: - application/json paths: /customer-requests: post: summary: Create an customer request description: Create an customer request operationId: CreateCustomerRequest consumes: - application/json produces: - application/json parameters: - name: body in: body description: Create an Customer Request required: true schema: title: Customer Request POST request description: Allows setup of an customer access request type: object properties: Data: title: Data description: Allows setup of an customer access request type: object properties: Permissions: description: Specifies the customer request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP. type: array items: description: Specifies the customer request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP. type: string enum: - ReadCustomersBasic - ReadCustomersDetail minProperties: 1 additionalProperties: false ExpirationDateTime: description: Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended. type: string format: date-time additionalProperties: false required: - Permissions Risk: title: Risk type: object description: The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Customer Info. properties: [] additionalProperties: false additionalProperties: false required: - Data - Risk - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 201: description: Customer Request resource successfully created schema: title: Customer Request POST response type: object properties: Data: title: Data type: object properties: CustomerRequestId: description: Unique identification as assigned to identify the customer request resource. type: string minLength: 1 maxLength: 128 Status: description: Specifies the status of the customer request resource. type: string enum: - Authorised - AwaitingAuthorisation - Rejected - Revoked CreationDateTime: description: Date and time at which the resource was created. type: string format: date-time Permissions: description: Specifies the customer request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP. type: array items: description: Specifies the customer request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP. type: string enum: - ReadCustomersBasic - ReadCustomersDetail minProperties: 1 additionalProperties: false ExpirationDateTime: description: Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended. type: string format: date-time additionalProperties: false required: - CustomerRequestId - CreationDateTime - Permissions Risk: title: Risk type: object description: The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Customer Info. properties: [] additionalProperties: false additionalProperties: false required: - Data - Risk headers: x-fapi-interaction-id: type: string description: An RFC4122 UID used as a correlation id. 400: description: Bad Request 401: description: Unauthorized 403: description: Forbidden 429: description: Too Many Requests 500: description: Internal Server Error security: - TPPOAuth2Security: - tpp_client_credential X-IBM-Client-Secret: [] X-IBM-Client-Id: [] /customer-requests/{CustomerRequestId}: get: summary: Get an customer request description: Get an customer request operationId: GetCustomerRequest produces: - application/json parameters: - name: CustomerRequestId in: path description: Unique identification as assigned by the ASPSP to uniquely identify the customer request resource. required: true type: string - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 200: description: Customer Request resource successfully retrieved schema: title: Customer Request GET response type: object properties: Data: title: Data type: object properties: CustomerRequestId: description: Unique identification as assigned to identify the customer request resource. type: string minLength: 1 maxLength: 128 Status: description: Specifies the status of the customer request resource. type: string enum: - Authorised - AwaitingAuthorisation - Rejected - Revoked CreationDateTime: description: Date and time at which the resource was created. type: string format: date-time Permissions: description: Specifies the customer request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP. type: array items: description: Specifies the customer request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP. type: string enum: - ReadCustomersBasic - ReadCustomersDetail minProperties: 1 additionalProperties: false ExpirationDateTime: description: Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended. type: string format: date-time additionalProperties: false required: - CustomerRequestId - CreationDateTime - Permissions Risk: title: Risk type: object description: The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Customer Info. properties: [] additionalProperties: false additionalProperties: false required: - Data - Risk headers: x-fapi-interaction-id: type: string description: An RFC4122 UID used as a correlation id. 400: description: Bad Request 401: description: Unauthorized 403: description: Forbidden 429: description: Too Many Requests 500: description: Internal Server Error security: - TPPOAuth2Security: - tpp_client_credential X-IBM-Client-Secret: [] X-IBM-Client-Id: [] /customers: get: tags: [] summary: "" description: Gets the customer details parameters: - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 200: description: Successful response schema: $ref: '#/definitions/CustomerDetailItem' 401: description: Unauthorized deprecated: false produces: - application/json security: - PSUOAuth2Security: - customers - openid X-IBM-Client-Secret: [] X-IBM-Client-Id: [] definitions: CustomerDetailItem: title: Customer GET response type: object properties: Data: title: Transaction description: Data Section of the Payload type: array items: type: object properties: FirstName: type: string description: The client first name MiddleName: type: string description: The client middle name LastName: type: string description: The client last name FullName: type: string description: The client full name BirthDate: type: string format: date description: The client BirthDate Email: type: string description: The client email address Identity: type: array items: $ref: '#/definitions/IdentityItem' Contact: type: array items: $ref: '#/definitions/AdditionalPhoneItem' Compliance: type: array items: $ref: '#/definitions/ComplianceItem' Address: $ref: '#/definitions/AddressItem' Links: $ref: '#/definitions/LinkItem' Meta: $ref: '#/definitions/MetaItem' AddressItem: properties: Type: type: string Line: type: array items: type: string description: The address line City: type: string description: The city PostalCode: type: string description: The postal code Province: type: string description: The province Country: type: string description: The country AddressLineItem: properties: AddressLine: type: string description: The address line AdditionalPhoneItem: properties: Type: type: string description: The contact type (Cell,Email,Bus,Fax) Value: type: string description: The contact value ComplianceItem: properties: Type: type: string description: The compliance type (Fica) Value: type: string description: The compliance value IdentityItem: properties: Type: type: string description: The identity type (Id,Tax,Passport) enum: - Id - Tax - Passport Identification: type: string description: The identification number LinkItem: properties: self: type: string format: uri first: type: string format: uri prev: type: string format: uri next: type: string format: uri last: type: string format: uri additionalProperties: false MetaItem: title: Meta Data type: object description: Meta Data relevant to the payload properties: total-pages: type: integer format: int32 additionalProperties: false securityDefinitions: X-IBM-Client-Secret: type: apiKey description: "" in: header name: X-IBM-Client-Secret X-IBM-Client-Id: type: apiKey description: "" in: header name: X-IBM-Client-Id PSUOAuth2Security: type: oauth2 flow: accessCode tokenUrl: https://api.nedbank.co.za/apimarket/sandbox/nboauth/oauth20/token authorizationUrl: https://api.nedbank.co.za/apimarket/sandbox/nboauth/oauth20/authorize scopes: customers: Ability to read customers information openid: "" description: OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU x-tokenIntrospect: url: https://api-market.nedsecure.nednet.co.za/mga/sps/oauth/oauth20/introspect TPPOAuth2Security: type: oauth2 flow: application tokenUrl: https://api.nedbank.co.za/apimarket/sandbox/nboauth/oauth20/token scopes: tpp_client_credential: TPP Client Credential Scope description: TPP client credential authorisation flow with the ASPSP x-scopeValidate: tls-profile: ampareek@in.ibm.com x-tokenIntrospect: url: https://api-market.nedsecure.nednet.co.za/mga/sps/oauth/oauth20/introspect responses: 400ErrorResponse: description: Bad Request 401ErrorResponse: description: Unauthorized 403ErrorResponse: description: Forbidden 429ErrorResponse: description: Too Many Requests 500ErrorResponse: description: Internal Server Error x-ibm-configuration: enforced: true testable: true phase: realized security: - PSUOAuth2Security: - customers - openid TPPOAuth2Security: - tpp_client_credential X-IBM-Client-Secret: [] X-IBM-Client-Id: [] consumes: - application/json x-ibm-endpoints: - endpointUrl: https://api.nedbank.co.za/apimarket/sandbox type: - production ...