Table of Contents

1. Overview

The Account Access Consents API is used by an AISP to request an ASPSP to create a new account-access-consent resource, retrieve the status of account-access-consent resource and delete the account-access-consent resource.

This resource description should be read in conjunction with a compatible Account Information Services API Profile.

2. Endpoints

_S.No_.	_Resource	_{HTTP Operation}	_Endpoint	_Mandatory	_Scope	_{Grant Type}	_{Message Signing}	_{Idempotency Key}	_{Request Object}	_{Response Object}
_2.1	_{account-access-consents}	_POST	_{POST /account-access-consents}	_Mandatory	_accounts	_{Client Credentials}	_{Signed Request Signed Response}	_No	_{OBAccountAccessConsentRequest}	_{OBAccountAccessConsentResponse}
_2.2	_{account-access-consents}	_GET	_{GET /account-access-consents/{ConsentId}}	_Mandatory	_accounts	_{Client Credentials}	_{Signed Response}	_No	_NA	_{OBAccountAccessConsentResponse}
_2.3	_{account-access-consents}	_DELETE	_{DELETE /account-access-consents/{ConsentId}}	_Mandatory	_accounts	_{Client Credentials}	_{Signed Response}	_No	_NA	_NA

2.1. POST /account-access-consents

The API allows the AISP to ask an ASPSP to create a new account-access-consent resource.

This API effectively allows the AISP to send a copy of the consent to the ASPSP to authorise access to account and transaction information.
An AISP is not able to pre-select a set of accounts for account-access-consent authorisation. This is because the behaviour of the pre-selected accounts, after authorisation, is not clear from a Legal perspective.
An ASPSP creates the account-access-consent resource and responds with a unique ConsentId to refer to the resource.
Prior to calling the API, the AISP must have an access token issued by the ASPSP using a client credentials grant.

2.1.1 Account Access Consent Status

The PSU must authenticate with the ASPSP and authorise the account-access-consent for the account-access-consent to be successfully setup. The account-access-consent resource that is created successfully must have the following Status code-list enumeration:

_S.No_.	_Status	_{Status Description}
₁	_{AwaitingAuthorisation}	_{The account access consent is awaiting authorisation.}

After authorisation has taken place the account-access-consent resource may have these following statuses:

_S.No_.	_Status	_{Status Description}
₁	_Rejected	_{The account access consent has been rejected.}
₂	_Authorised	_{The account access consent has been successfully authorised.}
₃	_Revoked	_{The account access consent has been revoked via the ASPSP interface.}

2.1.2 Status Flow

...

2.2. GET /account-access-consents/ {ConsentId}

An AISP may optionally retrieve an account-access-consent resource that they have created to check its status.

Prior to calling the API, the AISP must have an access token issued by the ASPSP using a client credentials grant.

The usage of this API endpoint will be subject to an ASPSP's fair usage policies.

2.2.1 Account Access Consent Status

Once the PSU authorises the account-access-consent resource - the Status of the account-access-consent resource will be updated with "Authorised".

The available Status code-list enumerations for the account-access-consent resource are.

_S.No_.	_Status	_{Status Description}
₁	_Rejected	_{The account access consent has been rejected.}
₂	_{AwaitingAuthorisation}	_{The account access consent is awaiting authorisation}
₃	_Authorised	_{The account access consent has been successfully authorised.}
₄	_Revoked	_{The account access consent has been revoked via the ASPSP interface.}

2.3. DELETE /account-access-consents/{ConsentId}

If the PSU revokes consent to data access with the AISP, the AISP must delete the account-access-consent resource with the ASPSP as soon as is practically possible.

This is done by making a call to DELETE the account-access-consent resource.
Prior to calling the API, the AISP must have an access token issued by the ASPSP using a client credentials grant.

TPP should also clear the Account Access Consent resources, from ASPSP's system, which are:

Expired, i.e. ExpirationDateTime is lapsed, or ExpirationDateTime is not lapsed, but PSU doesn't want to refresh/re-authenticate it, and
Consent Resource may never be referenced by the PSU in AISP or ASPSP domain.

3. Data Models

3.1. Account Access Consents - Request

The OBAccountAccessConsentRequest object will be used for the call to:

POST /account-access-consents

3.1.1 UML Diagram

...

3.1.2 Notes

The fields in the OBAccountAccessConsentRequest object are described in the Consent Elements section.

3.1.3 Data Dictionary

...

_Name

...

_Occurrence

...

_XPath

...

_Definition

...

_{Class/ Datatype}

...

_Codes

...

_{OBAccountAccessConsentRequest}

...

_{OBAccountAccessConsentRequest}

...

Table of Contents

maxLevel	1
style	none

1. Version Control

Version	Date	Description of Changes
Bahrain OBF v1.0.0	25th Aug 2020	Initial Release

2. Overview

The Account Access Consents API is used by an AISP to request an ASPSP to create a new account-access-consents resource, retrieve the status of account-access-consents resource and patch the account-access-consents resource.

This resource description should be read in conjunction with a compatible Account Information Services API Profile.

3. Endpoints

S. No.	Resource	HTTP Operation	Endpoint	Mandatory	Scope	Grant Type	Idempotency Key	Parameters	Request Object	Response Object
3.1	account-access-consents	POST	POST /account-access-consents	Mandatory	accounts	Client Credentials	No	OBAccountAccessConsentRequest	OBAccountAccessConsentResponse
3.2	account-access-consents	GET	GET /account-access-consents/{ConsentId}	Mandatory	accounts	Client Credentials	No	NA	OBAccountAccessConsentResponse
3.3	account-access-consents	PATCH	PATCH /account-access-consents/{ConsentId}	Mandatory	accounts	Client Credentials	No	OBPatchAccountAccessConsentRequest	OBAccountAccessConsentResponse

3.1 POST /account-access-consents

The API allows the AISP to ask an ASPSP to create a new account-access-consents resource.

This API effectively allows the AISP to send a copy of the consent to the ASPSP to authorise access to account and transaction information
An AISP is not able to pre-select a set of accounts for account-access-consent authorisation
An ASPSP creates the account-access-consents resource and responds with a unique ConsentId to refer to the resource
Prior to calling the API, the AISP must have an access token issued by the ASPSP using a client credentials grant

3.1.1 Account Access Consent Status

The user/customer must authenticate with the ASPSP and authorise the account-access-consent for the account-access-consent to be successfully setup. The account-access-consents resource that is created successfully must have the following Status code-list enumeration:

S. No.	Status	Status Description
1	AwaitingAuthorisation	The account access consent is awaiting authorisation

After authorisation has taken place the account-access-consents resource may have these following statuses:

S. No.	Status	Status Description
1	Rejected	The account access consent has been rejected
2	Authorised	The account access consent has been successfully authorised
3	Revoked	The account access consent has been revoked via the AISP/ASPSP interface

3.1.2 Status Flow

...

3.2 GET /account-access-consents/ {ConsentId}

An AISP may retrieve an account-access-consents resource that they have created to check its status.

Prior to calling the API, the AISP must have an access token issued by the ASPSP using a client credentials grant.

3.2.1 Account Access Consent Status

Once the user/customer authorises the account-access-consents resource - the Status of the account-access-consents resource will be updated with "Authorised".

The available Status code-list enumerations for the account-access-consents resource are:

S. No.	Status	Status Description
1	Rejected	The account access consent has been rejected
2	AwaitingAuthorisation	The account access consent is awaiting authorisation
3	Authorised	The account access consent has been successfully authorised
4	Revoked	The account access consent has been revoked via the AISP interface

3.3 PATCH /account-access-consents/{ConsentId}

If the user/customer revokes consent to data access with the AISP, the AISP must patch the account-access-consents resource with the ASPSP as soon as is practically possible.

This is done by making a call to PATCH the account-access-consents resource
Prior to calling the API, the AISP must have an access token issued by the ASPSP using a client credentials grant

AISP should also clear the Account Access consents resources, from ASPSP’s system, which are:

Expired, i.e. user/customer doesn't want to refresh/re-authenticate it

4. Data Models

4.1 Account Access Consents - Request

The OBAccountAccessConsentRequest object will be used for the call to:

POST /account-access-consents

4.1.1 UML Diagram

...

4.1.1.1 Notes

The Account access consent request contains the following elements:

Permissions provided by the user/customer
Transaction from Date Time - A specified start date and time for the transaction query period
Transaction to Date Tome - A Specified end date and time for the transaction query period

4.1.2 Data Dictionary

Name	Occurrence	XPath	Enhanced Definition	Class/ Datatype	Codes
OBAccountAccessConsentRequest		OBAccountAccessConsentRequest		OBAccountAccessConsentRequest
Data	1..1	OBAccountAccessConsentRequest/Data		OBAccountAccessConsentRequest/Data
Permissions	1..n	OBAccountAccessConsentRequest/Data/Permissions	Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the User/Customer, and requested for authorisation with the ASPSP	String	Enum: ReadAccountsBasic ReadAccountsDetail ReadBalances ReadBeneficiariesBasic ReadBeneficiariesDetail ReadDirectDebits ReadOffers ReadPAN ReadParty ReadSupplementaryAccountInfo ReadFutureDatedPaymentsBasic ReadFutureDatedPaymentsDetail ReadStandingOrdersBasic ReadStandingOrdersDetail ReadStatementsBasic ReadStatementsDetail ReadTransactionsBasic ReadTransactionsCredits ReadTransactionsDebits ReadTransactionsDetail
TransactionFromDateTime	0..1	OBAccountAccessConsentRequest/Data/TransactionFromDateTime	Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned for upto the last 12 months from the date of customer providing consent	DateTime
TransactionToDateTime	0..1	OBAccountAccessConsentRequest/Data/TransactionToDateTime	Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned till the date of customer providing consent	DateTime

4.2 Access Account Consents - Response

The OBAccountAccessConsentResponse object will be used for the call to:

GET /account-access-consents/{ConsentId}

And response to:

POST /account-access-consents

4.2.1 UML Diagram

...

4.2.2 Notes

The OBAccountAccessConsentResponse contains these objects:

The OBAccountAccessConsentResponse object contains the same information as the OBAccountAccessConsentRequest, but with additional fields:
- ConsentId - to uniquely identify the account-access-consents resource
- Status
- CreationDateTime
- StatusUpdateDateTime

4.2.3 Data Dictionary

Name	Occurrence	XPath	Enhanced Definition	Class/ Datatype	Codes
OBAccountAccessConsentResponse		OBAccountAccessConsentResponse		OBAccountAccessConsentResponse
Data	1..1	OBAccountAccessConsentRequestOBAccountAccessConsentResponse/Data		OBAccountAccessConsentRequestOBAccountAccessConsentResponse/Data
_PermissionsConsentId	1..n1	OBAccountAccessConsentRequestOBAccountAccessConsentResponse/Data/Permissions	_{Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP}	_String	_Enum: _{ReadAccountsBasic} _{ReadAccountsDetail} _ReadBalances _{ReadBeneficiariesBasic} _{ReadBeneficiariesDetail} _{ReadDirectDebits} _ReadOffers _ReadPAN _ReadParty _ReadPartyPS _ReadProducts _{ReadScheduledPaymentsBasic} _{ReadScheduledPaymentsDetail} _{ReadStandingOrdersBasic} _{ReadStandingOrdersDetail} _{ReadStatementsBasic} _{ReadStatementsDetail} _{ReadTransactionsBasic} _{ReadTransactionsCredits} _{ReadTransactionsDebits} _{ReadTransactionsDetail}
_{ExpirationDateTime}	_0..1	_{OBAccountAccessConsentRequest/Data/ExpirationDateTime}	_{Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended}	_DateTime
_{TransactionFromDateTime}	_0..1	_{OBAccountAccessConsentRequest/Data/TransactionFromDateTime}	_{Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction}	_DateTime
_{TransactionToDateTime}	_0..1	_{OBAccountAccessConsentRequest/Data/TransactionToDateTime}	_{Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction}	_DateTime
_Risk	_1..1	_{OBAccountAccessConsentRequest/Risk}	_{The Risk section is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info}	_OBRisk

3.2. Access Account Consents - Response

The OBAccountAccessConsentResponse object will be used for the call to:

GET /account-access-consents/{ConsentId}

And response to:

POST /account-access-consents

3.2.1 UML Diagram

...

3.2.2 Notes

The domestic-payment-consent request contains these objects:

The OBAccountAccessConsentResponse object contains the same information as the OBAccountAccessConsentRequest, but with additional fields:
- ConsentId - to uniquely identify the account-access-consent resource.
- Status.
- CreationDateTime.
- StatusUpdateDateTime.

3.2.3 Data Dictionary

...

_Name

...

_Occurrence

...

_XPath

...

_Definition

...

_{Class/ Datatype}

...

_Codes

...

_{OBAccountAccessConsentResponse}

...

_{OBAccountAccessConsentResponse}

...

_{OBAccountAccessConsentResponse}

...

_Data

...

_1..1

...

_{OBAccountAccessConsentResponse/Data}

...

_{OBAccountAccessConsentResponse/Data}

...

_ConsentId

...

_1..1

...

_{OBAccountAccessConsentResponse/Data/ConsentId}

...

_{Unique identification as assigned to identify the account access consent resource.}

...

_String

...

_{CreationDateTime}

...

_1..1

...

_{OBAccountAccessConsentResponse/Data/CreationDateTime}

...

_{Date and time at which the resource was created.}

...

_DateTime

...

_Status

...

_1..1

...

_{OBAccountAccessConsentResponse/Data/Status}

...

_{Specifies the status of consent resource in code form.}

...

_String

...

_Enum:

_Authorised
_{AwaitingAuthorisation}
_Rejected
_Revoked

...

_{StatusUpdateDateTime}

...

_1..1

...

_{OBAccountAccessConsentResponse/Data/StatusUpdateDateTime}

...

_DateTime

...

_Permissions

...

_1..n

...

_{OBAccountAccessConsentResponse/Data/Permissions}

...

_{Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP}

...

_String

...

_Enum:

_{ReadAccountsBasic}
_{ReadAccountsDetail}
_ReadBalances
_{ReadBeneficiariesBasic}
_{ReadBeneficiariesDetail}
_{ReadDirectDebits}
_ReadOffers
_ReadPAN
_ReadParty
_ReadPartyPS
_ReadProducts
_{ReadScheduledPaymentsBasic}
_{ReadScheduledPaymentsDetail}
_{ReadStandingOrdersBasic}
_{ReadStandingOrdersDetail}
_{ReadStatementsBasic}
_{ReadStatementsDetail}
_{ReadTransactionsBasic}
_{ReadTransactionsCredits}
_{ReadTransactionsDebits}
_{ReadTransactionsDetail}

...

_{ExpirationDateTime}

...

_0..1

...

_{OBAccountAccessConsentResponse/Data/ExpirationDateTime}

...

_{Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended}

...

_DateTime

...

_{TransactionFromDateTime}

...

_0..1

...

_{OBAccountAccessConsentResponse/Data/TransactionFromDateTime}

...

_{Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction}

...

_DateTime

...

_{TransactionToDateTime}

...

_0..1

...

_{OBAccountAccessConsentResponse/Data/TransactionToDateTime}

...

_{Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction}

...

_DateTime

...

_Risk

...

_1..1

...

_{OBAccountAccessConsentResponse/Risk}

...

_{The Risk section is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info}

...

_OBRisk

...

_Links

...

_0..1

...

_{OBAccountAccessConsentResponse/Links}

...

_{Links relevant to the payload}

...

_Links

...

_Meta

...

_0..1

...

_{OBAccountAccessConsentResponse/Meta}

...

_{Meta Data relevant to the payload}

...

_Meta

...

₌

4. Usage Example

4.1. Post Account Access Consents

4.1.1 Request

...

POST /account-access-consents

Authorization: Bearer 2YotnFZFEjr1zCsicMWpAA

x-fapi-auth-date: Sun, 10 Sep 2020 19:43:31 GMT

x-fapi-customer-ip-address: 104.25.212.99

x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d

Content-Type: application/json

Accept: application/json

{

"Data": {

"Permissions": [

"ReadAccountsBasic"

],

"ExpirationDateTime": "2020-03-17T07:05:34.326Z",

"TransactionFromDateTime": "2020-03-17T07:05:34.327Z",

"TransactionToDateTime": "2020-03-17T07:05:34.327Z"

},

"Risk": {}

}

4.1.2 Response

201 Created

ConsentId	Unique identification as assigned to identify the account access consents resource	String
CreationDateTime	1..1	OBAccountAccessConsentResponse/Data/CreationDateTime	Date and time at which the resource was created	DateTime
Status	1..1	OBAccountAccessConsentResponse/Data/Status	Specifies the status of consents resource in code form	String	Enum: Authorised AwaitingAuthorisation Rejected Revoked
StatusUpdateDateTime	1..1	OBAccountAccessConsentResponse/Data/StatusUpdateDateTime	Date and time at which the resource status was updated	DateTime
Permissions	1..n	OBAccountAccessConsentResponse/Data/Permissions	Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the User/Customer, and requested for authorisation with the ASPSP	String	Enum: ReadAccountsBasic ReadAccountsDetail ReadBalances ReadBeneficiariesBasic ReadBeneficiariesDetail ReadDirectDebits ReadOffers ReadPAN ReadParty ReadSupplementaryAccountInfo ReadFutureDatedPaymentsBasic ReadFutureDatedPaymentsDetail ReadStandingOrdersBasic ReadStandingOrdersDetail ReadStatementsBasic ReadStatementsDetail ReadTransactionsBasic ReadTransactionsCredits ReadTransactionsDebits ReadTransactionsDetail
TransactionFromDateTime	0..1	OBAccountAccessConsentResponse/Data/TransactionFromDateTime	Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned for upto the last 12 months from the date of customer providing consent	DateTime
TransactionToDateTime	0..1	OBAccountAccessConsentResponse/Data/TransactionToDateTime	Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned till the date of customer providing consent	DateTime

4.3. Access Account Consents - Patch Consent – Request

The OBPatchAccountAccessConsentRequest object will be used for the call to:

PATCH /account-access-consents/{ConsentId}

4.3.1 UML Diagram

...

4.3.2 Data Dictionary

Name	Occurrence	XPath	Enhanced Definition	Class/ Datatype	Codes	Pattern
OBPatchAccountAccessConsentRequest		OBPatchAccountAccessConsentRequest		OBPatchAccountAccessConsentRequest
Data	1..1	OBPatchAccountAccessConsentRequest/Data		OBPatchAccountAccessConsentRequest/Data
Status	1..1	OBPatchAccountAccessConsentRequest/Data/Status	Specifies the status of consents resource in code form	String	Enum: Revoked

5. Usage Example

5.1 Post Account Access Consents

5.1.1 Request

POST /account-access-consents

Authorisation: Bearer 2YotnFZFEjr1zCsicMWpAA

x-fapi-auth-date: Sun, 10 Sep 2020 19:43:31 GMT+03:00

x-fapi-customer-ip-address: 104.25.212.99

x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d

Content-Type: application/json

Accept: application/json

{

"Data": {

"Permissions": [

"ReadAccountsBasic"

],

"TransactionFromDateTime": "2020-03-17T07:05:34.327+03:00",

"TransactionToDateTime": "2020-05-17T07:05:34.327+03:00"

},

}

5.1.2 Response

201 Created

x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d

Content-Type: application/json

{

"Data": {

"ConsentId": "tbc-0083976",

"CreationDateTime": "2020-09-10T19:43:31.508+03:00",

"Status": "Authorised",

"StatusUpdateDateTime": "2020-09-10T19:44:31.508+03:00",

"Permissions": [

"ReadAccountsBasic"

],

"TransactionFromDateTime": "2020-03-17T07:05:34.508+03:00",

"TransactionToDateTime": "2020-05-17T07:05:34.508+03:00"

},

"Links": {

"Self": "www.tbc.com"

},

"Meta": {

"TotalPages": 1,

"FirstAvailableDateTime": "2020-03-17T07:05:34.508+03:00",

"LastAvailableDateTime": "2020-05-17T07:05:34.508+03:00"

}

5.2 GET /account-access-consents/{ConsentId}

5.2.1 Request

GET /account-access-consents/0083976

Authorisation: Bearer 2YotnFZFEjr1zCsicMWpAA

x-fapi-auth-date: Sun, 10 Sep 2020 19:43:31 GMT+03:00

x-fapi-customer-ip-address: 104.25.212.99

x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d

Accept: application/json

5.2.2 Response

200 OK

x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d

Content-Type: application/json

{

"Data": {

"ConsentId": “0083976"tbc-0083976",

"CreationDateTime": "2020-0309-17T0710T19:0543:34.508Z31.508+03:00",

"Status": "Authorised",

"StatusUpdateDateTime": "2020-0309-17T0710T19:0544:34.508Z31.508+03:00",

"Permissions": [

"ReadAccountsBasic"

],

"ExpirationDateTimeTransactionFromDateTime": "2020-03-17T07:05:34.508Z", "TransactionFromDateTime": "2020-03-17T07:05:34.508Z508+03:00",

"TransactionToDateTime": "2020-0305-17T07:05:34.508Z"

},

"Risk": {508+03:00"

},

"Links": {

"Self": "www.tbc.com"

},

"Meta": {

"TotalPages": 1,

"FirstAvailableDateTime": "2020-03-17T07:05:34.508Z508+03:00",

"LastAvailableDateTime": "2020-0305-17T07:05:34.508Z508+03:00"

}

...

5.3 PATCH /account-access-consents/{ConsentId}

...

5.

...

3.

...

1 Request

GET PATCH /account-access-consents/tbc-0083976 (ConsentId)

AuthorizationAuthorisation: Bearer 2YotnFZFEjr1zCsicMWpAA

x-fapi-auth-date: Sun, 10 Sep 2020 19:43:31 GMTx-fapi-customer-ip-address: 104.25.212.99+03:00

x-fapi-interactioncustomer-id: 93bac548-d2de-4546-b106-880a5018460d

Accept: application/json

4.2.2 Response

200 OK

ip-address: 104.25.212.99

x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d

Content-Type: application/json

{{

"Data": {

"ConsentId": "tbc-0083976",

"CreationDateTime": "2020-03-17T07:05:34.508Z",

"Data": {

"Status": "Authorised",

"StatusUpdateDateTime": "2020-03-17T07:05:34.508Z",

"Permissions": [

"ReadAccountsBasic"

],

"ExpirationDateTime": "2020-03-17T07:05:34.508Z",

"TransactionFromDateTime": "2020-03-17T07:05:34.508ZRevoked"

}

5.3.2 Response

200 Account Access Consents Status Updated Successfully

x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d

Content-Type: application/json

{

"Data": {

"ConsentId": "0083976",

"TransactionToDateTimeCreationDateTime": "2020-0309-17T0710T19:0543:34.508Z"

},

"Risk": {},

"Links": {

"Self": "www.tbc.com"

},

"Meta": {

"TotalPages": 1,

"FirstAvailableDateTime31.508+03:00",

"Status": "Revoked",

"StatusUpdateDateTime": "2020-09-10T19:44:31.508+03:00",

"Permissions": [

"ReadAccountsBasic"

],

"TransactionFromDateTime": "2020-03-17T07:05:34.508Z508+03:00",

"LastAvailableDateTimeTransactionToDateTime": "2020-0305-17T07:05:34.508Z:05:34.508+03:00"

},

"Links": {

"Self": "www.tbc.com"

}

4.3. DELETE /account-access-consents/{ConsentId}

4.3.1 Request

DELETE /account-access-consents/tbc-0083976

Authorization: Bearer 2YotnFZFEjr1zCsicMWpAA

x-fapi-auth-date: Sun, 10 Sep 2020 19:43:31 GMT

x-fapi-customer-ip-address: 104.25.212.99

x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d

4.3.2 Response

204 No Content

x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d,

"Meta": {

"TotalPages": 1,

"FirstAvailableDateTime": "2020-03-17T07:05:34.508+03:00",

"LastAvailableDateTime": "2020-05-17T07:05:34.508+03:00"

}

Version	Old Version 4	New Version Current
Changes made by	CBB Admin	CBB Admin
Saved on	Apr 03, 2020	Sept 18, 2020

Page Comparison

Versions Compared

Key

1. Overview

2. Endpoints

2.1. POST /account-access-consents

2.1.1 Account Access Consent Status

2.1.2 Status Flow

2.2. GET /account-access-consents/ {ConsentId}

2.2.1 Account Access Consent Status

2.3. DELETE /account-access-consents/{ConsentId}

3. Data Models

3.1. Account Access Consents - Request

3.1.1 UML Diagram

3.1.2 Notes

3.1.3 Data Dictionary

1. Version Control

2. Overview

3. Endpoints

3.1 POST /account-access-consents

3.1.1 Account Access Consent Status

3.1.2 Status Flow

3.2 GET /account-access-consents/ {ConsentId}

3.2.1 Account Access Consent Status

3.3 PATCH /account-access-consents/{ConsentId}

4. Data Models

4.1 Account Access Consents - Request

4.1.1 UML Diagram

4.1.1.1 Notes

4.1.2 Data Dictionary

4.2 Access Account Consents - Response

4.2.1 UML Diagram

4.2.2 Notes

4.2.3 Data Dictionary

3.2. Access Account Consents - Response

3.2.1 UML Diagram

3.2.2 Notes

3.2.3 Data Dictionary

4. Usage Example

4.1. Post Account Access Consents

4.1.1 Request

4.1.2 Response

4.3. Access Account Consents - Patch Consent – Request

4.3.1 UML Diagram

4.3.2 Data Dictionary

5. Usage Example

5.1 Post Account Access Consents

5.1.1 Request

5.1.2 Response

5.2 GET /account-access-consents/{ConsentId}

5.2.1 Request

5.2.2 Response

5.3 PATCH /account-access-consents/{ConsentId}

5.

3.

1 Request

4.2.2 Response

5.3.2 Response

4.3. DELETE /account-access-consents/{ConsentId}

4.3.1 Request

4.3.2 Response