This documentation is for WSO2 Open Banking version 1.5.0. View documentation for the latest release.
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Consent Management APIs provide the capability to manage consents in a web application, on behalf of an end-user. A banking service consumer/ Account Servicing Payment Service Provider (ASPSP) may need to develop their own web application or use their own mechanism to deploy the consent management capabilities. At this point, a service provider needs a way to directly present consent resources to the end-user. In order to cater to this requirement, those consent capabilities (for example, consent creation/consent deletion) are presented as API resources in the Consent Management APIs.

In the Confirmation of Funds API flow, the consent is managed between the PSU and the ASPSP. The PSU provides consent to their ASPSP to respond to confirmation of funds requests from a Card Based Payment Instrument Issuer (CBPII). To achieve this, there are several API resources available. 

The Funds Confirmation Consent API is secured with basic authentication. For more information, see configuring basic authentication for Consent Management APIs.

You can find the REST API documentation for Confirmation of Funds Information Sharing Consent Management v3.0.0 here.


Create funds confirmation consent

The CBPII connects to the ASPSP that services the PSU's account and creates a funds-confirmation-consent resource. In order to use this operation, the CBPII must have an access token issued using a client credentials grant type.

POST /funds-confirmation-consents

curl -X POST \
  https://localhost:9446/consent/uk300/funds-confirmation-consents \
  -H 'Accept: application/json' -k\
  -H 'Authorization: Basic YWRtaW5Ad3NvMi5jb206d3NvMjEyMw==' \
  -H 'Cache-Control: no-cache' \
  -H 'Connection: Keep-Alive' \
  -H 'Content-Type: application/json' \
  -H 'Host: localhost:9446' \
  -H 'Transfer-Encoding: chunked' \
  -H 'User-Agent: Synapse-PT-HttpComponents-NIO' \
  -H 'charset: utf-8' \
  -H 'x-fapi-financial-id: open-bank' \
  -H 'x-fapi-interaction-id: 491624e2-5ba6-45be-99e9-a9e468fa9d2f' \
  -H 'x-wso2-client-id: TGWt8fqozunC1MVw8mAJSdO1eqIa' \
  -d '{
   "Data":{
      "ExpirationDateTime":"2019-12-02T00:00:00+00:00",
      "DebtorAccount":{
         "SchemeName":"Account1",
         "Identification":"Account1"
      }
   }
}'
{
   "Data": {
      "ConsentId": "2fb42800-9645-4ade-99d7-cce909309f68",
      "CreationDateTime": "2019-11-05T13:36Z",
      "Status": "AwaitingAuthorisation",
      "StatusUpdateDateTime": "2019-11-05T13:36Z",
      "ExpirationDateTime": "2019-12-02T00:00Z",
      "DebtorAccount": {
         "SchemeName": "Account1",
         "Identification": "Account1"
      }
   },
   "Links": {
      "Self": "https://localhost:8243/open-banking/{version}/cbpii/funds-confirmation-consents/2fb42800-9645-4ade-99d7-cce909309f68"
   },
   "Meta": {
      "TotalPages": 1
   }
}

Retrieve funds confirmation consents

Once the funds confirmation request is created, the following resource allows you to identify a list of available funds confirmation consents that match the given search. In order to use this resource, the CBPII must have an access token issued using a client credentials grant type.

GET /funds-confirmation-consents

curl -X GET \
  'https://localhost:9446/consent/uk300/funds-confirmation-consents?clientId=TGWt8fqozunC1MVw8mAJSdO1eqIa&fromTimestamp=2019-09-22T06:29:47Z&limit=25&offset=0&status=AwaitingAuthorisation&toTimestamp=2019-11-22T06:28:04Z&excludeExpiredConsents=false' \
  -H 'Accept: application/json' -k \
  -H 'Authorization: Basic YWRtaW5Ad3NvMi5jb206d3NvMjEyMw==' \
  -H 'Cache-Control: no-cache' \
  -H 'Connection: Keep-Alive' \
  -H 'Content-Type: application/json' \
  -H 'Host: localhost:9446' \
  -H 'Transfer-Encoding: chunked' \
  -H 'User-Agent: Synapse-PT-HttpComponents-NIO' \
  -H 'charset: utf-8' \
  -H 'x-fapi-financial-id: open-bank'
{
   "count": 3,
   "list": [
      {
         "consentId": "2fb42800-9645-4ade-99d7-cce909309f68",
         "fundsConfirmationResponseData": {
            "ConsentId": "2fb42800-9645-4ade-99d7-cce909309f68",
            "CreationDateTime": "2019-11-05T13:36Z",
            "Status": "AwaitingAuthorisation",
            "StatusUpdateDateTime": "2019-11-05T13:36Z",
            "ExpirationDateTime": "2019-12-02T00:00Z",
            "DebtorAccount": {
               "SchemeName": "Account1",
               "Identification": "Account1"
            }
         },
         "initiationTimestamp": "2019-11-05T13:36:46Z",
         "status": "AwaitingAuthorisation",
         "clientId": "TGWt8fqozunC1MVw8mAJSdO1eqIa",
         "userId": null,
         "debtorAccount": null,
         "consentGivenTimestamp": null,
         "collectionMethod": null
      },
      {
         "consentId": "b451e909-3ece-4b3c-a174-8e6caf568dd5",
         "fundsConfirmationResponseData": {
            "ConsentId": "b451e909-3ece-4b3c-a174-8e6caf568dd5",
            "CreationDateTime": "2019-11-05T13:36Z",
            "Status": "AwaitingAuthorisation",
            "StatusUpdateDateTime": "2019-11-05T13:36Z",
            "ExpirationDateTime": "2019-12-02T00:00Z",
            "DebtorAccount": {
               "SchemeName": "Account1",
               "Identification": "Account1"
            }
         },
         "initiationTimestamp": "2019-11-05T13:36:22Z",
         "status": "AwaitingAuthorisation",
         "clientId": "TGWt8fqozunC1MVw8mAJSdO1eqIa",
         "userId": null,
         "debtorAccount": null,
         "consentGivenTimestamp": null,
         "collectionMethod": null
      },
      {
         "consentId": "cfcb0cac-ab3a-4489-b32e-de03221d03cc",
         "fundsConfirmationResponseData": {
            "ConsentId": "cfcb0cac-ab3a-4489-b32e-de03221d03cc",
            "CreationDateTime": "2019-11-04T11:24Z",
            "Status": "AwaitingAuthorisation",
            "StatusUpdateDateTime": "2019-11-04T11:24Z",
            "ExpirationDateTime": "2019-12-02T00:00Z",
            "DebtorAccount": {
               "SchemeName": "Account1",
               "Identification": "Account1"
            }
         },
         "initiationTimestamp": "2019-11-04T11:24:14Z",
         "status": "AwaitingAuthorisation",
         "clientId": "TGWt8fqozunC1MVw8mAJSdO1eqIa",
         "userId": null,
         "debtorAccount": null,
         "consentGivenTimestamp": null,
         "collectionMethod": null
      }
   ]
}

Retrieve funds confirmation consent

Once the funds confirmation resource is created, the card issuer may need to retrieve the funds confirmation consent that has been created. To achieve this, use the resource described below. In order to use this resource, the CBPII must have an access token issued using a client credentials grant type.

GET /funds-confirmation-consents/{ConsentId}

curl -X GET \
  https://localhost:9446/consent/uk300/funds-confirmation-consents/2fb42800-9645-4ade-99d7-cce909309f68 \
  -H 'Accept: application/json' -k \
  -H 'Authorization: Basic YWRtaW5Ad3NvMi5jb206d3NvMjEyMw==' \
  -H 'Cache-Control: no-cache' \
  -H 'Connection: Keep-Alive' \
  -H 'Content-Type: application/json' \
  -H 'Host: localhost:9446' \
  -H 'Transfer-Encoding: chunked' \
  -H 'User-Agent: Synapse-PT-HttpComponents-NIO' \
  -H 'charset: utf-8' \
  -H 'x-fapi-financial-id: open-bank' \
  -H 'x-wso2-client-id: TGWt8fqozunC1MVw8mAJSdO1eqIa'
{
   "Data": {
      "ConsentId": "2fb42800-9645-4ade-99d7-cce909309f68",
      "CreationDateTime": "2019-11-05T13:36Z",
      "Status": "AwaitingAuthorisation",
      "StatusUpdateDateTime": "2019-11-05T13:36Z",
      "ExpirationDateTime": "2019-12-02T00:00Z",
      "DebtorAccount": {
         "SchemeName": "Account1",
         "Identification": "Account1"
      }
   },
   "Links": {
      "Self": "https://localhost:8243/open-banking/{version}/cbpii/funds-confirmation-consents/2fb42800-9645-4ade-99d7-cce909309f68"
   },
   "Meta": {
      "TotalPages": 1
   }
}

Revoke funds confirmation consent

Once a funds confirmation consent has been created, the PSU may need to revoke the consent granted for confirming funds with the CBPII. To achieve this, use the resource described below. In order to use this resource, the CBPII must have an access token issued using a client credentials grant type.

DELETE /funds-confirmation-consents/{ConsentId}

curl -X DELETE \
  https://localhost:9446/consent/uk300/funds-confirmation-consents/65f83db9-1a97-4a42-9410-e6d89d914956 \
  -H 'Accept: application/json' -k \
  -H 'Authorization: Basic YWRtaW5Ad3NvMi5jb206d3NvMjEyMw==' \
  -H 'Cache-Control: no-cache' \
  -H 'Connection: Keep-Alive' \
  -H 'Host: localhost:9446' \
  -H 'Transfer-Encoding: chunked' \
  -H 'User-Agent: Synapse-PT-HttpComponents-NIO' \
  -H 'charset: utf-8' \
  -H 'x-fapi-financial-id: open-bank' \
  -H 'x-fapi-interaction-id: 491624e2-5ba6-45be-99e9-a9e468fa9d2f' \
  -H 'x-wso2-client-id: TGWt8fqozunC1MVw8mAJSdO1eqIa'
204 No Content
  • No labels