@lap v0.3 # Machine-readable API spec. Each @endpoint block is one API call. @api Account and Transaction API Specification @base /open-banking/v4.0/aisp @version 4.0.0 @auth OAuth2 | OAuth2 @common_fields {Authorization: str # An Authorisation Token as per https://tools.ietf.org/html/rfc6750, x-fapi-auth-date: str # The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC, x-fapi-customer-ip-address: str # The PSU's IP address if the PSU is currently logged in with the TPP., x-fapi-interaction-id: str # An RFC4122 UID used as a correlation id., x-customer-user-agent: str # Indicates the user-agent that the PSU is using.} @endpoints 29 @hint download_for_search @toc account-access-consents(3), accounts(16), balances(1), beneficiaries(1), direct-debits(1), offers(1), party(1), products(1), scheduled-payments(1), standing-orders(1), statements(1), transactions(1) @group account-access-consents @endpoint POST /account-access-consents @desc Create Account Access Consents @required {Data: map{Permissions!: [str], ExpirationDateTime: str(date-time), TransactionFromDateTime: str(date-time), TransactionToDateTime: str(date-time)}, Risk: map # The Risk section is sent by the initiating party to the ASPSP.
It is used to specify additional details for risk scoring for Account Info.} @returns(201) {Data: map{ConsentId: str, CreationDateTime: str(date-time), Status: str, StatusReason: [map], StatusUpdateDateTime: str(date-time), Permissions: [str], ExpirationDateTime: str(date-time), TransactionFromDateTime: str(date-time), TransactionToDateTime: str(date-time)}, Risk: map, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Account Access Consents Created @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 405: Method Not Allowed, 406: Not Acceptable, 415: Unsupported Media Type, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /account-access-consents/{ConsentId} @desc Get Account Access Consents @required {ConsentId: str # ConsentId} @returns(200) {Data: map{ConsentId: str, CreationDateTime: str(date-time), Status: str, StatusReason: [map], StatusUpdateDateTime: str(date-time), Permissions: [str], ExpirationDateTime: str(date-time), TransactionFromDateTime: str(date-time), TransactionToDateTime: str(date-time)}, Risk: map, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Account Access Consents Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint DELETE /account-access-consents/{ConsentId} @desc Delete Account Access Consents @required {ConsentId: str # ConsentId} @returns(204) Account Access Consents Deleted @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group accounts @endpoint GET /accounts @desc Get Accounts @returns(200) {Data: map{Account: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Accounts Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId} @desc Get Accounts @required {AccountId: str # AccountId} @returns(200) {Data: map{Account: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Accounts Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/balances @desc Get Balances @required {AccountId: str # AccountId} @returns(200) {Data: map{Balance: [map], TotalValue: map{Amount: str, Currency: str}}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Balances Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/beneficiaries @desc Get Beneficiaries @required {AccountId: str # AccountId} @returns(200) {Data: map{Beneficiary: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Beneficiaries Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/direct-debits @desc Get Direct Debits @required {AccountId: str # AccountId} @returns(200) {Data: map{DirectDebit: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Direct Debits Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/offers @desc Get Offers @required {AccountId: str # AccountId} @returns(200) {Data: map{Offer: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Offers Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/parties @desc Get Parties @required {AccountId: str # AccountId} @returns(200) {Data: map{Party: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Parties Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/party @desc Get Parties @required {AccountId: str # AccountId} @returns(200) {Data: map{Party: map{PartyId: str, PartyNumber: str, PartyType: str, Name: str, FullLegalName: str, LegalStructure: str, LEI: str, BeneficialOwnership: bool, AccountRole: str, EmailAddress: str, Phone: str, Mobile: str, Relationships: map{Account: map}, Address: [map]}}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Parties Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/product @desc Get Products @required {AccountId: str # AccountId} @returns(200) {Data: map{Product: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Products Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/scheduled-payments @desc Get Scheduled Payments @required {AccountId: str # AccountId} @returns(200) {Data: map{ScheduledPayment: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Scheduled Payments Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/standing-orders @desc Get Standing Orders @required {AccountId: str # AccountId} @returns(200) {Data: map{StandingOrder: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Standing Orders Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/statements @desc Get Statements @required {AccountId: str # AccountId} @optional {fromStatementDateTime: str(date-time) # The UTC ISO 8601 Date Time to filter statements FROM NB Time component is optional - set to 00:00:00 for just Date. If the Date Time contains a timezone, the ASPSP must ignore the timezone component., toStatementDateTime: str(date-time) # The UTC ISO 8601 Date Time to filter statements TO NB Time component is optional - set to 00:00:00 for just Date. If the Date Time contains a timezone, the ASPSP must ignore the timezone component.} @returns(200) {Data: map{Statement: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Statements Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/statements/{StatementId} @desc Get Statements @required {StatementId: str # StatementId, AccountId: str # AccountId} @returns(200) {Data: map{Statement: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Statements Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/statements/{StatementId}/file @desc Get Statements @required {StatementId: str # StatementId, AccountId: str # AccountId} @returns(200) Statements Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/statements/{StatementId}/transactions @desc Get Transactions @required {StatementId: str # StatementId, AccountId: str # AccountId} @returns(200) {Data: map{Transaction: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Transactions Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endpoint GET /accounts/{AccountId}/transactions @desc Get Transactions @required {AccountId: str # AccountId} @optional {fromBookingDateTime: str(date-time) # The UTC ISO 8601 Date Time to filter transactions FROM NB Time component is optional - set to 00:00:00 for just Date. If the Date Time contains a timezone, the ASPSP must ignore the timezone component., toBookingDateTime: str(date-time) # The UTC ISO 8601 Date Time to filter transactions TO NB Time component is optional - set to 00:00:00 for just Date. If the Date Time contains a timezone, the ASPSP must ignore the timezone component.} @returns(200) {Data: map{Transaction: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Transactions Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group balances @endpoint GET /balances @desc Get Balances @returns(200) {Data: map{Balance: [map], TotalValue: map{Amount: str, Currency: str}}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Balances Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group beneficiaries @endpoint GET /beneficiaries @desc Get Beneficiaries @returns(200) {Data: map{Beneficiary: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Beneficiaries Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group direct-debits @endpoint GET /direct-debits @desc Get Direct Debits @returns(200) {Data: map{DirectDebit: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Direct Debits Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group offers @endpoint GET /offers @desc Get Offers @returns(200) {Data: map{Offer: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Offers Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group party @endpoint GET /party @desc Get Parties @returns(200) {Data: map{Party: map{PartyId: str, PartyNumber: str, PartyType: str, Name: str, FullLegalName: str, LegalStructure: str, LEI: str, BeneficialOwnership: bool, AccountRole: str, EmailAddress: str, Phone: str, Mobile: str, Relationships: map{Account: map}, Address: [map]}}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Parties Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group products @endpoint GET /products @desc Get Products @returns(200) {Data: map{Product: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Products Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group scheduled-payments @endpoint GET /scheduled-payments @desc Get Scheduled Payments @returns(200) {Data: map{ScheduledPayment: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Scheduled Payments Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group standing-orders @endpoint GET /standing-orders @desc Get Standing Orders @returns(200) {Data: map{StandingOrder: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Standing Orders Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group statements @endpoint GET /statements @desc Get Statements @optional {fromStatementDateTime: str(date-time) # The UTC ISO 8601 Date Time to filter statements FROM NB Time component is optional - set to 00:00:00 for just Date. If the Date Time contains a timezone, the ASPSP must ignore the timezone component., toStatementDateTime: str(date-time) # The UTC ISO 8601 Date Time to filter statements TO NB Time component is optional - set to 00:00:00 for just Date. If the Date Time contains a timezone, the ASPSP must ignore the timezone component.} @returns(200) {Data: map{Statement: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Statements Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @group transactions @endpoint GET /transactions @desc Get Transactions @optional {fromBookingDateTime: str(date-time) # The UTC ISO 8601 Date Time to filter transactions FROM NB Time component is optional - set to 00:00:00 for just Date. If the Date Time contains a timezone, the ASPSP must ignore the timezone component., toBookingDateTime: str(date-time) # The UTC ISO 8601 Date Time to filter transactions TO NB Time component is optional - set to 00:00:00 for just Date. If the Date Time contains a timezone, the ASPSP must ignore the timezone component.} @returns(200) {Data: map{Transaction: [map]}, Links: map{Self: str(uri), First: str(uri), Prev: str(uri), Next: str(uri), Last: str(uri)}, Meta: map{TotalPages: int(int32), FirstAvailableDateTime: str(date-time), LastAvailableDateTime: str(date-time)}} # Transactions Read @errors {400: Bad request, 401: Unauthorized, 403: Forbidden, 404: Not found, 405: Method Not Allowed, 406: Not Acceptable, 429: Too Many Requests, 500: Internal Server Error} @endgroup @end