...
This resource description should be read in conjunction with a compatible Account Information Services API Profile.
2. Endpoints
S. No. | Resource | HTTP Operation | Endpoint | Mandatory | Scope | Grant Type | Idempotency Key | Request Object | Response Object |
2.1 | account-access-consents | POST | POST /account-access-consents | Mandatory | accounts | Client Credentials | No | OBAccountAccessConsentRequest | OBAccountAccessConsentResponse |
2.2 | account-access-consents | GET | GET /account-access-consents/{ConsentId} | Mandatory | accounts | Client Credentials | No | NA | OBAccountAccessConsentResponse |
2.3 | account-access-consents | PATCH | PATCH /account-access-consents/{ConsentId} | Mandatory | accounts | Client Credentials | No | OBPatchAccountAccessConsentRequest | OBAccountAccessConsentResponse |
2.1 POST /account-access-consents
...
The user/customer must authenticate with the ASPSP and authorise the account-access-consent for the account-access-consent to be successfully setup. The account-access-consent resource that is created successfully must have the following Status code-list enumeration:
S. No. | Status | Status Description |
1 | AwaitingAuthorisation | The account access consent is awaiting authorisation |
After authorisation has taken place the account-access-consent resource may have these following statuses:
S. No. | Status | Status Description |
1 | Rejected | The account access consent has been rejected |
2 | Authorised | The account access consent has been successfully authorised |
3 | Revoked | The account access consent has been revoked via the AISP interface |
2.1.2 Status Flow
...
2.2 GET /account-access-consents/ {ConsentId}
...
The available Status code-list enumerations for the account-access-consent resource are.
S. No. | Status | Status Description |
1 | Rejected | The account access consent has been rejected |
2 | AwaitingAuthorisation | The account access consent is awaiting authorisation |
3 | Authorised | The account access consent has been successfully authorised |
4 | Revoked | The account access consent has been revoked via the AISP interface |
2.3 PATCH /account-access-consents/{ConsentId}
...
The fields in the OBAccountAccessConsentRequest object are described in the Consent Elements section.
3.1.3 Data Dictionary
Name | Occurrence | XPath | Definition | Class/ Datatype | Codes |
OBAccountAccessConsentRequest |
| OBAccountAccessConsentRequest |
| OBAccountAccessConsentRequest |
|
Data | 1..1 | OBAccountAccessConsentRequest/Data |
| OBAccountAccessConsentRequest/Data |
|
Permissions | 1..n | OBAccountAccessConsentRequest/Data/Permissions | Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP | String | Enum:
|
TransactionFromDateTime | 0..1 | OBAccountAccessConsentRequest/Data/TransactionFromDateTime | Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction | DateTime |
|
TransactionToDateTime | 0..1 | OBAccountAccessConsentRequest/Data/TransactionToDateTime | Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction | DateTime |
|
3.2 Access Account Consents - Response
...
The OBAccountAccessConsentResponse object contains the same information as the OBAccountAccessConsentRequest, but with additional fields:
ConsentId - to uniquely identify the account-access-consent resource.
Status.
CreationDateTime.
StatusUpdateDateTime.
3.2.3 Data Dictionary
Name | Occurrence | XPath | Definition | Class/ Datatype | Codes |
OBAccountAccessConsentResponse |
| OBAccountAccessConsentResponse |
| OBAccountAccessConsentResponse |
|
Data | 1..1 | OBAccountAccessConsentResponse/Data |
| OBAccountAccessConsentResponse/Data |
|
ConsentId | 1..1 | OBAccountAccessConsentResponse/Data/ConsentId | Unique identification as assigned to identify the account access consent resource. | String |
|
CreationDateTime | 1..1 | OBAccountAccessConsentResponse/Data/CreationDateTime | Date and time at which the resource was created. | DateTime |
|
Status | 1..1 | OBAccountAccessConsentResponse/Data/Status | Specifies the status of consent resource in code form. | String | Enum:
|
StatusUpdateDateTime | 1..1 | OBAccountAccessConsentResponse/Data/StatusUpdateDateTime |
| DateTime |
|
Permissions | 1..n | OBAccountAccessConsentResponse/Data/Permissions | Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP | String | Enum:
|
TransactionFromDateTime | 0..1 | OBAccountAccessConsentResponse/Data/TransactionFromDateTime | Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction | DateTime |
|
TransactionToDateTime | 0..1 | OBAccountAccessConsentResponse/Data/TransactionToDateTime | Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction | DateTime |
|
4. Usage Example
4.1 Post Account Access Consents
...