--- swagger: "2.0" info: title: Nedbank Personal Loans API V2 description: Swagger specification for Nedbank Personal Loans APIs version: 1.0.2 x-ibm-name: nedbank-personal-loans-api-v2 name: "" basePath: /open-banking/v1 schemes: - https produces: - application/json - cc309236 paths: /personal-loan-offers-v2: get: summary: Get personal loan offers description: Get personal loan offers operationId: GetPersonalLoanOffers tags: - Offers produces: - application/json parameters: - in: query name: loanAmount type: string required: true description: Loan amount that user is interested in applying for. - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 200: description: Loan Offers resource successfully retrieved schema: type: object required: - PersonalLoanOffers - Links - Meta properties: PersonalLoanOffers: $ref: '#/definitions/PersonalLoanOffers' Links: $ref: '#/definitions/Links' Meta: $ref: '#/definitions/Metadata' headers: x-jws-signature: type: string description: Header containing a detached JWS signature of the body of the payload. (For future use) x-fapi-interaction-id: type: string description: An RFC4122 UID used as a correlation id. 400: description: Bad Request 401: description: Unauthorized 403: description: Forbidden 429: description: Too Many Requests 500: description: Internal Server Error /personal-loan-offers-v2/{offerId}: get: summary: Get personal loan offer detail description: Get personal loan offer details operationId: GetPersonalLoanOfferDetails tags: - Offers produces: - application/json parameters: - in: path name: offerId type: string required: true description: The unique id of the offer - in: query name: loanAmount type: string required: true description: requested loan amount - in: query name: loanTerm type: string required: true description: desired loan term (used for recalculation) - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 200: description: Loan Offers resource successfully retrieved schema: type: object required: - PersonalLoanOffers - Links - Meta properties: PersonalLoanOffers: $ref: '#/definitions/PersonalLoanOffers' Links: $ref: '#/definitions/Links' Meta: $ref: '#/definitions/Metadata' headers: x-jws-signature: type: string description: Header containing a detached JWS signature of the body of the payload. (For future use) x-fapi-interaction-id: type: string description: An RFC4122 UID used as a correlation id. 400: description: Bad Request 401: description: Unauthorized 403: description: Forbidden 429: description: Too Many Requests 500: description: Internal Server Error /personal-loan-offers-v2/{offerId}/financials: get: summary: Get customer financial information description: Get customer financial information operationId: GetCustomerFinancials tags: - Offers produces: - application/json parameters: - name: offerId in: path description: Unique identification as assigned by the ASPSP to uniquely identify the customer financial information. required: true type: string - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 200: description: Customer Financials successfully retrieved schema: type: object required: - CustomerFinancials - Links - Meta properties: CustomerFinancials: $ref: '#/definitions/CustomerFinancials' Links: $ref: '#/definitions/Links' Meta: $ref: '#/definitions/Metadata' headers: x-jws-signature: type: string description: Header containing a detached JWS signature of the body of the payload. (For future use) x-fapi-interaction-id: type: string description: An RFC4122 UID used as a correlation id. 400: description: Bad Request 401: description: Unauthorized 403: description: Forbidden 429: description: Too Many Requests 500: description: Internal Server Error /personal-loan-v2: post: summary: Accept personal loan offer to create personal-loan description: Accept personal loan offer to create personal-loan operationId: AcceptPersonalLoanOffer tags: - Personal Loans consumes: - application/json parameters: - in: body name: PersonalLoan schema: $ref: '#/definitions/PersonalLoans' - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 201: description: A loan offer accepted schema: type: object required: - PersonalLoanId - Links - Meta - PLStatus - PLOfferId properties: PersonalLoanId: $ref: '#/definitions/PersonalLoan' PLStatus: type: string example: string PLOfferId: type: string example: string Links: $ref: '#/definitions/Links' Meta: $ref: '#/definitions/Metadata' headers: x-jws-signature: type: string description: Header containing a detached JWS signature of the body of the payload. (For future use) x-fapi-interaction-id: type: string description: An RFC4122 UID used as a correlation id. 400: description: Bad Request 401: description: Unauthorized 403: description: Forbidden 429: description: Too Many Requests 500: description: Internal Server Error /personal-loan-offers-v2/{offerId}/dispute: get: summary: Get dispute description: Get dispute operationId: GetDispute tags: - Dispute produces: - application/json parameters: - in: path name: offerId type: string required: true description: The unique id of the offer - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 200: description: Offer Id Disputes schema: type: object required: - Label - Description - Reasons properties: Label: type: string example: label Description: type: string example: desription Reasons: type: array items: $ref: '#/definitions/ReasonsData' headers: x-jws-signature: type: string description: Header containing a detached JWS signature of the body of the payload. (For future use) x-fapi-interaction-id: type: string description: An RFC4122 UID used as a correlation id. 400: description: Bad Request 401: description: Unauthorized 403: description: Forbidden 429: description: Too Many Requests 500: description: Internal Server Error /personal-loan-offers-v2/{offerId}/updatedispute: post: summary: Update dispute description: Update dispute operationId: PostDispute tags: - Dispute consumes: - application/json parameters: - in: path name: offerId type: string required: true description: The unique id of the offer - in: body name: Data schema: $ref: '#/definitions/ReasonsResult' - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 200: description: A dispute was posted schema: type: object properties: Status: $ref: '#/definitions/Status' headers: x-jws-signature: type: string description: Header containing a detached JWS signature of the body of the payload. (For future use) x-fapi-interaction-id: type: string description: An RFC4122 UID used as a correlation id. 400: description: Bad Request 401: description: Unauthorized 403: description: Forbidden 429: description: Too Many Requests 500: description: Internal Server Error /personal-loan-offers-v2/{offerId}/dropoff: get: summary: Get dropoff description: Get dropoff operationId: GetDropoff tags: - Dropoff produces: - application/json parameters: - in: path name: offerId type: string required: true description: The unique id of the offer - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 200: description: Offer Id Disputes schema: type: object required: - Label - Description - Reasons properties: Label: type: string example: label Description: type: string example: desription Reasons: type: array items: $ref: '#/definitions/ReasonsData' headers: x-jws-signature: type: string description: Header containing a detached JWS signature of the body of the payload. (For future use) x-fapi-interaction-id: type: string description: An RFC4122 UID used as a correlation id. 400: description: Bad Request 401: description: Unauthorized 403: description: Forbidden 429: description: Too Many Requests 500: description: Internal Server Error /personal-loan-offers-v2/{offerId}/updatedropoff: post: summary: Update dropoff description: Update dropoff operationId: PostDropoff tags: - Dropoff consumes: - application/json parameters: - in: path name: offerId type: string required: true description: The unique id of the offer - in: body name: Data schema: $ref: '#/definitions/ReasonsResult' - in: header name: x-fapi-financial-id type: string required: true description: The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. - in: header name: x-fapi-customer-last-logged-time type: string required: false description: The time when the PSU last logged in with the TPP. - in: header name: x-fapi-customer-ip-address type: string required: false description: The PSU's IP address if the PSU is currently logged in with the TPP. - in: header name: x-fapi-interaction-id type: string required: false description: An RFC4122 UID used as a correlation id. - in: header name: authorization type: string required: true description: An Authorisation Token as per https://tools.ietf.org/html/rfc6750 responses: 200: description: A dispute was posted schema: type: object properties: Status: $ref: '#/definitions/Status' headers: x-jws-signature: type: string description: Header containing a detached JWS signature of the body of the payload. (For future use) x-fapi-interaction-id: type: string description: An RFC4122 UID used as a correlation id. 400: description: Bad Request 401: description: Unauthorized 403: description: Forbidden 429: description: Too Many Requests 500: description: Internal Server Error securityDefinitions: X-IBM-Client-Secret: type: apiKey description: "" in: header name: X-IBM-Client-Secret X-IBM-Client-Id: type: apiKey description: "" in: header name: X-IBM-Client-Id PSUOAuth2Security: type: oauth2 flow: accessCode tokenUrl: https://api.nedbank.co.za/apimarket/sandbox/nboauth/oauth20/token authorizationUrl: https://api.nedbank.co.za/apimarket/sandbox/oauth/oauth20/authorize scopes: loans: Ability to read loans information openid: cc309236 description: OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU x-tokenIntrospect: url: https://api-market.nedsecure.nednet.co.za/mga/sps/oauth/oauth20/introspect definitions: Status: type: string enum: - Success - Failed example: Success ReasonsResult: required: - Label - Description - Reasons properties: Label: type: string example: label Description: type: string example: desription Reasons: type: array items: $ref: '#/definitions/ReasonsData' ReasonsData: required: - Id - Label - Selected properties: Id: type: string Label: type: string Description: type: string Selected: type: boolean example: false Exclusive: type: boolean example: false More: type: boolean example: false PersonalLoan: type: string Amount: type: object properties: Amount: type: number example: 4499.950000 Currency: type: string enum: - ZAR example: ZAR required: - Amount - Currency NBAmount: properties: Amount: $ref: '#/definitions/Amount' Label: type: string example: Loan Amount Description: type: string example: Here is your offer as previliged nedbank user. Rate: properties: Rate: type: number example: 8 Label: type: string example: Interest Rate Description: type: string example: Interest Rate Help: type: string example: http://help/help required: - Rate Options: required: - OptionsId - Label properties: OptionsId: type: string example: "1" Label: type: string example: "" Purpose: required: - Options - Selected properties: Options: type: array items: $ref: '#/definitions/Options' Selected: type: boolean example: false DisclosureDetails: required: - DisclosureDetailId - Label - Options - Selected properties: DisclosureDetailId: type: string example: "1" Label: type: string example: "" Description: type: string example: "" Options: type: array items: $ref: '#/definitions/Options' Selected: type: boolean example: false DisclaimerDetails: required: - Disclaimerid - DisclaimerLabel - Accepted properties: Disclaimerid: type: string example: "1" DisclaimerLabel: type: string example: You are permanently employed Accepted: type: boolean example: false TermsAndConditions: required: - Label - Accepted properties: Label: type: string example: Click here to view your terms and conditions Url: type: string example: http://termsandconditions.com/tnc Accepted: type: boolean example: false LoanTerm: required: - Term - MaxAmount - MinAmount - InterestRate - Preferred properties: Term: type: number example: 12 MaxAmount: $ref: '#/definitions/Amount' MinAmount: $ref: '#/definitions/Amount' InterestRate: $ref: '#/definitions/Rate' RepaymentInstalment: $ref: '#/definitions/Amount' Preferred: type: boolean example: false LoanDetails: required: - TotalLoanAmount properties: InitiationFee: $ref: '#/definitions/NBAmount' CostMultiplier: $ref: '#/definitions/Rate' TotalLoanAmount: $ref: '#/definitions/NBAmount' LoanAmount: $ref: '#/definitions/NBAmount' NumberOfInstallments: $ref: '#/definitions/Rate' FixedInterestRate: $ref: '#/definitions/Rate' RepaymentDetails: required: - BaseRepaymentAmount - TotalMonthlyRepayment properties: CreditLife: $ref: '#/definitions/NBAmount' ServiceFee: $ref: '#/definitions/NBAmount' BaseRepaymentAmount: $ref: '#/definitions/NBAmount' TotalMonthlyRepayment: $ref: '#/definitions/NBAmount' TotalAmountRepayable: $ref: '#/definitions/NBAmount' DiscountRepaymentDetails: required: - DiscountTotalMonthlyRepayment - DiscountInterestRate - LoanDetails - RepaymentDetails properties: DiscountTotalMonthlyRepayment: $ref: '#/definitions/NBAmount' DiscountInterestRate: $ref: '#/definitions/Rate' LoanDetails: $ref: '#/definitions/LoanDetails' RepaymentDetails: $ref: '#/definitions/RepaymentDetails' Disclaimers: required: - Disclaimers properties: DataLabels: type: array items: type: string Disclaimers: type: array items: $ref: '#/definitions/DisclaimerDetails' Disclosures: required: - DisclosureDetails - Accepted properties: DisclosureDetails: type: array items: $ref: '#/definitions/DisclosureDetails' Purpose: $ref: '#/definitions/Purpose' Email: type: string example: nedbank@nedbank.com Accepted: type: boolean example: false PersonalLoanOffers: required: - PLOfferId - Terms properties: PLOfferId: type: string example: 123 Terms: type: array items: $ref: '#/definitions/LoanTerm' LoanDetails: $ref: '#/definitions/LoanDetails' RepaymentDetails: $ref: '#/definitions/RepaymentDetails' DiscountRepaymentDetails: $ref: '#/definitions/DiscountRepaymentDetails' Disclaimers: $ref: '#/definitions/Disclaimers' Disclosures: $ref: '#/definitions/Disclosures' TermsAndConditions: $ref: '#/definitions/TermsAndConditions' Financials: $ref: '#/definitions/Financials' CreditInsuranceLink: type: string example: https://www.nedbank.co.za/content/dam/nedbank/site-assets/Personal/Personal_Loans/Insurance/InsuranceBrochure.pdf ExclusionLink: type: string example: https://www.nedbank.co.za/content/dam/nedbank/site-assets/Personal/Personal_Loans/Insurance/Policydocument.pdf InsuranceAccepted: type: boolean example: false IsNedbankStaff: type: boolean example: false Declarations: required: - Label properties: Label: type: string example: Total monthly living expenses Description: type: string example: living expenses Amount: $ref: '#/definitions/Amount' Financials: required: - Declarations - Accepted properties: Declarations: type: array items: $ref: '#/definitions/Declarations' Accepted: type: boolean example: false CustomerFinancials: required: - Financials - Accepted properties: Financials: $ref: '#/definitions/Financials' PersonalLoans: required: - PLOffer properties: PLOfferId: type: string example: 4 PLOffer: $ref: '#/definitions/PersonalLoanOffers' Links: required: - self properties: self: type: string example: http://localhost:3000/api/open-banking/v1/self-resource first: type: string example: http://localhost:3000/api/open-banking/v1/first-resource next: type: string example: http://localhost:3000/api/open-banking/v1/next-resource prev: type: string example: http://localhost:3000/api/open-banking/v1/prev-resource Metadata: properties: total-pages: type: string example: 1 responses: 400ErrorResponse: description: Bad Request 401ErrorResponse: description: Unauthorized 403ErrorResponse: description: Forbidden 429ErrorResponse: description: Too Many Requests 500ErrorResponse: description: Internal Server Error x-ibm-configuration: enforced: true testable: true phase: realized security: - X-IBM-Client-Secret: [] PSUOAuth2Security: - loans - openid X-IBM-Client-Id: [] x-ibm-endpoints: - endpointUrl: https://api.nedbank.co.za/apimarket/sandbox type: - production ...