...
Version Control
| Include Page | ||||
|---|---|---|---|---|
|
...
Overview: Provides an overview of the scope of the API and the key decisions that contributed to the specification.
Basics: The section identifies the resources, operations that are permitted on those resources, and various special cases.
Endpoints: Provides the list of endpoints for the API specification. The individual endpoints are documented in separate sections along with the data model that they employ.
Security & Access Control: Specifies the means for Third Parties and Customers to authenticate themselves and provide consent.
Data Model: Describes the data model for the API payloads.
Usage Examples: Examples for normal flows, and alternate flows.
Swagger OpenAPI Specifications: Provides links to the swagger OpenAPI specifications for the APIs.
...
Having resources that are finer grained (e.g., beneficiaries, direct-debits, standing-orders) means that we can, in the future, manage these resources (with unique identifiers)
While balances is not a typical resource - we believe having an /accounts/{AccountId}/balances endpoint is simpler to understand than a URI to expand the /accounts resource
Page Link | Resource | Endpoint | Mandatory? |
|---|---|---|---|
Account Access Consents | account-access-consents | POST /account-access-consents | Mandatory |
GET /account-access-consents/{ConsentId} | Mandatory | ||
DELETE /account-access-consents/{ConsentId} | Mandatory | ||
Accounts | accounts | GET /accounts | Mandatory |
GET /accounts/{AccountId} | Mandatory | ||
Balances | balances | GET /accounts/{AccountId}/balances | Mandatory |
GET /balances | Optional | ||
Transactions | transactions | GET /accounts/{AccountId}/transactions | Mandatory |
GET /transactions | Optional | ||
Beneficiaries | beneficiaries | GET/accounts/{AccountId}/beneficiaries | Optional |
GET /beneficiaries | Optional | ||
Direct Debits | direct-debits | GET /accounts/{AccountId}/direct-debits | Optional |
GET /direct-debits | Optional | ||
Standing Orders | standing orders | GET/accounts/{AccountId}/standing-orders | Optional |
GET/standing-orders | Optional | ||
Offers | offers | GET /accounts/{AccountId}/offers | Optional |
GET /offers | Optional | ||
Party | party | GET /accounts/{AccountId}/party | Mandatory |
GET /party | Mandatory | ||
Scheduled Payments | scheduled-payments | GET /accounts/{AccountId}/scheduled-payments | Optional |
GET /scheduled-payments | Optional | ||
Statements | statements | GET /accounts/{AccountId}/statements | Mandatory |
GET /accounts/{AccountId}/statements/{StatementId} | Mandatory | ||
GET /accounts/{AccountId}/statements/{StatementId}/file | Mandatory | ||
GET /accounts/{AccountId}/statements/{StatementId}/transactions | Mandatory | ||
GET /statements | Optional |
Account Information Resources
...
The Permissions array does not contain either ReadAccountsBasic or ReadAccountsDetail
The Permissions array is empty
The Permissions array includes a Permission code that is not supported by the API Provider (API Providers are expected to publish which API endpoints are supported)
The Permissions array contains ReadTransactionsBasic but does not contain at least one of ReadTransactionsCredits and ReadTransactionsDebits
The Permissions array contains ReadTransactionsDetail but does not contain at least one of ReadTransactionsCredits and ReadTransactionsDebits
The Permissions array contains ReadTransactionsCredits but does not contain at least one of ReadTransactionsBasic and ReadTransactionsDetail
The Permissions array contains ReadTransactionsDebits but does not contain at least one of ReadTransactionsBasic and ReadTransactionsDetail
Permissions | Endpoints | Business Logic | Data Cluster Description |
|---|---|---|---|
ReadAccountsBasic |
| Ability to read basic account information | |
ReadBalances |
| Ability to read all balance information | |
ReadAccountsDetail |
| Access to additional elements in the payload (the additional data elements are listed in the table below) | Ability to read account identification details |
ReadBeneficiariesBasic |
| Ability to read basic beneficiary details | |
ReadBeneficiariesDetail |
| Access to additional elements in the payload | Ability to read account identification details for the beneficiary |
ReadDirectDebits |
| Ability to read all direct debit information | |
ReadStandingOrdersBasic |
| Ability to read basic standing order information | |
ReadStandingOrdersDetail |
| Access to additional elements in the payload | Ability to read account identification details for beneficiary of the standing order |
ReadTransactionsBasic |
| Permissions must also include at least one of:
| Ability to read basic transaction information |
ReadTransactionsDetail |
| Access to additional elements in the payload Permissions must also include at least one of
| Ability to read transaction data elements which may hold silent party details |
ReadTransactionsCredits |
| Access to credit transactions. Permissions must also include one of:
| Ability to read only credit transactions |
ReadTransactionsDebits |
| Access to debit transactions. Permissions must also include one of:
| Ability to read only debit transactions |
ReadStatementsBasic |
| Ability to read basic statement details | |
ReadStatementsDetail |
| Access to additional elements in the payload Access to download the statement file. | Ability to read statement data elements which may leak other information about the account |
ReadOffers |
| Ability to read all offer information | |
ReadParty |
| Ability to read party information on the account owner. | |
ReadPartyAuthUser |
| Ability to read party information on the user logged in. | |
ReadScheduledPaymentsBasic |
| Ability to read basic statement details | |
ReadScheduledPaymentsDetail |
| Access to additional elements in the payload | Ability to read account identification details for beneficiary of the scheduled payment |
Detail Permissions
The ReadStatementsDetail is required to access the statement file download via: /accounts/{AccountId}/statements/{StatementId}/file
...
All other fields (other than these fields listed) are available with the "Basic" Permission access.
Permission - Detail Codes | Data Element Name | Occurrence | XPath |
|---|---|---|---|
ReadAccountsDetail | Account | 0..1 | OBReadAccount2/Data/Account/Account |
ReadAccountsDetail | Servicer | 0..1 | OBReadAccount2/Data/Account/Servicer |
ReadBeneficiariesDetail | CreditorAgent | 0..1 | OBReadBeneficiary2/Data/Beneficiary/CreditorAgent |
ReadBeneficiariesDetail | CreditorAccount | 0..1 | OBReadBeneficiary2/Data/Beneficiary/CreditorAccount |
ReadStandingOrdersDetail | CreditorAgent | 0..1 | OBReadStandingOrder2/Data/StandingOrder/CreditorAgent |
ReadStandingOrdersDetail | CreditorAccount | 0..1 | OBReadStandingOrder2/Data/StandingOrder/CreditorAccount |
ReadTransactionsDetail | TransactionInformation | 0..1 | OBReadTransaction2/Data/Transaction/TransactionInformation |
ReadTransactionsDetail | Balance | 0..1 | OBReadTransaction2/Data/Transaction/Balance |
ReadTransactionsDetail | MerchantDetails | 0..1 | OBReadTransaction2/Data/Transaction/MerchantDetails |
ReadTransactionsDetail | CreditorAccount | 0..1 | OBReadTransaction2/Data/Transaction/CreditorAccount |
ReadTransactionsDetail | DebtorAccount | 0..1 | OBReadTransaction2/Data/Transaction/DebtorAccount |
ReadStatementsDetail | StatementAmount | 0..* | OBReadStatement1/Data/Statement/StatementAmount |
ReadScheduledPaymentsDetail | CreditorAgent | 0..1 | OBReadScheduledPayment1/Data/ScheduledPayment/CreditorAgent |
ReadScheduledPaymentsDetail | CreditorAccount | 0..1 | OBReadScheduledPayment1/Data/ScheduledPayment/CreditorAccount |
Example behaviour of the Permissions for the ReadAccountsBasic and ReadAccountDetail codes is as follows:
...
| Code Block | ||
|---|---|---|
| ||
"Meta": {
"TotalPages": 1,
"FirstAvailableDateTime": "2017-05-03T00:00:00+00:00",
"LastAvailableDateTime": "2017-12-03T00:00:00+00:00"
} |
...
OpenAPI Specifications
The Swagger OpenAPI Specification for the Account Information APIs can be downloaded from https://github.com/PaymentsDirection/API-Account-Information