Consents v0.11.1
Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.
The Consents API tracks a user's consent of financial institution policies and documents such as banking product terms and conditions, electronic consent, and privacy policy.
Target Documents
A consent resource holds the URI of a target document (typically, a PDF document). Each consent also has a type
, such as privacyPolicy
or productTermsAndConditions
or electronicConsent
, which indicates the target document's purpose and hence what kind of consent this is. (See consentTypeNames
.) The consent also holds the document's media type, specific document revision identification string, and the time stamp that the document was last revised (modified). If the document is later revised, any previously given consents for any revision of that document become stale
; this indicates the user should review and consent to the revised document.
Contexts
A consent may be associated with a context in which an application or service is requesting the consent; the context is represented as the URI of some resource. For example, two different banking products (DDA1, DDA2) at a financial institution may share the same terms and conditions document, D0. The document's type
is productTermsAndConditions
. If the user is opening an account of type DDA1, the client creates a consent for D0 using the product URI for DDA1 as the context. When the user opens a new account for product DDA2, the client creates a new consent for D0 using product DDA2's URI as the context. The respective account URIs are stored as the secondary context URIs of the consent resources. Because the contexts of the two consents are different, the two consents are independent of each other.
The context is optional. For example, for the financial institution's privacy policy, there is no specific context.
Life Cycle
When a banking application or service (the requester) wishes a user to agree to or consent to a document, it creates a new consent resource to track the request and the user's response.
The user can consent to a document to indicate that they agree to contents of the the document. This is typically done when the user checks an "I agree" checkbox or other user experience. To record the consent given by the user, the client application issues a POST
to the apiture:give
link on a consent resource. This sets the state
to given
and records the date and time on the consent.
When a user gives consent to a document, all consent resources which match the target document URI and user ID are also marked as given
, although the action can be scoped to just a specific instance.
A client can check for pending or stale consents for a user. This query allows listing all the unique consents, or it may consolidate the response so that it contains only one consent for each combination document type and document uri. Thus, if a user has many different consents for many banking accounts but they all share the same document URI and type, the client need only present the changed document once and the user give consent to the changed document once, not multiple times.
Consents are not directly mutable (the PUT
and PATCH
verbs are not supported), but other operations described below may update a consent resource to indicate a user has given or revoked consent, that a consent is stale, or that a requester has rescinded a request for consent.
If the user wishes to undo or revoke a specific consent, the client application should POST
to the apiture:revoke
link on a consent resource (/revokedConsents?consent={consentId}
) to reset the consent back to the pending
state.
If the requester no longer requires the user's consent, it can rescind the request with POST /rescindedConsents?type={type}&document={documentUri}&context={contextUri}&user=user
. This sets the state
to rescinded
on the first matching consent. For example, if the user is removed as a joint owner of an account of type DDA2, rescinding the productTermsAndConditions
consents matches and removes only the first matching consent for DDA2. (The user may be an owner of other accounts on product DDA2, and their consent must be tracked and possibly requested again if the terms and conditions for DDA2 change.)
Document revisions
If the document is revised (for example, the financial institution has updated their privacy policy), a client can mark a document as revised via POST /revisedDocuments
. All consents associated with the older revisions of the document are marked stale
.
A stale consent indicates that the user should consent to the revised document. The client applications should notify the user that the document has changed (such as via email or or via notification at their next login) and present the revised document to the user for them to accept.
Error Types
Error responses in this API may have one of the type
values described below.
See Errors for more information
on error responses and error types.
consentRefNotFound
Description: No consent was found that matches the ?consent= query parameter.
Remediation: Use the links in a consent resource, or provide a valid consent ID.
consentTypeNameInUse
Description: An update to the consent type names omits one or more types that are in use.
Remediation: Include all in-use type names.
The attributes
object in the error may have the following properties:
Property | Type | Description |
---|---|---|
typeNames | [undefined ] |
The list of type names that are in use but missing from the request. Example: productTermsAndConditions |
invalidConsentState
Description: The state of the consent is not valid for the operation.
Remediation: Update the consent to one of the required states and retry the operation.
invalidConsentType
Description: The specified consent type does not match existing consent type names.
Remediation: Supply a consent type from the consent type names in the /consentTypeNames
resource.
invalidContextUri
Description: The consent context URI was not well formed.
Remediation: Pass a valid URI.
invalidDocumentRevision
Description: The time stamp on the revised document predates the existing time stamp.
Remediation: Revised documents must have newer time stamps.
invalidDocumentUri
Description: The document URI was not well formed.
Remediation: Pass a valid URI.
Download OpenAPI Definition (YAML)
Base URLs:
Authentication
- API Key (
apiKey
)- header parameter: API-Key
- API Key based authentication. Each thing must pass its private, unique API key, allocated in the developer portal, via the
API-Key: {api-key}
request header.
- OAuth2 authentication (
accessToken
)- OAuth2 client access token authentication. The client authenticates against the server at
authorizationUrl
, passing the client's privateclientId
(and optionalclientSecret
) as part of this flow. The client obtains an access token from the server attokenUrl
. It then passes the received access token via theAuthorization: Bearer {access-token}
header in subsequent API calls. The authorization process also returns a refresh token which the client should use to renew the access token before it expires. - Flow:
authorizationCode
- Authorization URL = https://auth.devbank.apiture.com/auth/oauth2/authorize
- Token URL = https://api.devbank.apiture.com/auth/oauth2/token
- OAuth2 client access token authentication. The client authenticates against the server at
Scope | Scope Description |
---|---|
banking/read |
Read access to consents |
banking/write |
Write (update) access to consents |
banking/full |
Full access to consents |
Consents
User Consent of a Policy or Other Document
getConsents
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/consents \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/consents/consents HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consents',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consents',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/consents',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/consents/consents', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consents");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/consents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Return a collection of consents
GET /consents
Return a paginated sortable filterable searchable collection of consents. The links in the response include pagination links.
Parameters
Parameter | Description |
---|---|
type (query) |
string Subset the response to those with this type value. Use | to separate multiple values. For example, ?type=termsAndCondition matches only items whose type is termsAndCondition ?type=privacyPolicy|electronicConsent matches items whose type is privacyPolicy or electronicConsent . This is combined with an implicit and with other filters if they are used. See filtering. |
state (query) |
string Subset the response to those with this state value. Use | to separate multiple values. For example, ?type=given|stale matches only items whose state is given or stale . This is combined with an implicit and with other filters if they are used. See filtering. |
userId (query) |
string Subset the response to those with this userId value. Use | to separate multiple values. This is for administrative use; bank users can only see their own consents. |
contextUri (query) |
string Subset the response to those with this contextUri value. Use | to separate multiple values. |
secondaryContextUri (query) |
string Subset the response to those with this secondaryContextUri value. |
start (query) |
integer(int64) The zero-based index of the first consent item to include in this page. The default 0 denotes the beginning of the collection. |
limit (query) |
integer(int32) The maximum number of consent representations to return in this page. Default: 100 |
sortBy (query) |
string Optional sort criteria. See sort criteria format, such as ?sortBy=field1,-field2 .This collection may be sorted by the following properties: • type • userId • document.revisedAt . |
filter (query) |
string Optional filter criteria. See filtering. This collection may be filtered by the following properties and functions: • Property state using functions eq , ne , contains , search • Property type using functions eq , ne , contains , search • Property userId using functions eq , ne , contains , search • Property contextUri using functions eq , ne , contains , search • Property secondaryContextUri using functions eq , ne , contains , search . |
q (query) |
string Optional search string. See searching. |
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consents/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents?start=10&limit=10"
},
"first": {
"href": "/consents/consents?start=0&limit=10"
},
"next": {
"href": "/consents/consents?start=20&limit=10"
},
"collection": {
"href": "/consents/consents"
}
},
"start": 10,
"limit": 10,
"count": 67,
"name": "consents",
"_embedded": {
"items": {
"0": {
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
}
}
},
"1": {
"_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/d62c0701-0d74-4836-83f9-ebf3709442ea"
}
}
}
}
}
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: consents |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
Status | Description |
---|---|
422 | Unprocessable Entity |
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
createConsent
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/consents \
-H 'Content-Type: application/hal+json' \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/consents HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
var headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consents',
method: 'post',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const inputBody = '{
"_profile": "https://production.api.apiture.com/schemas/consents/createConsent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisionId": "2019:1.02.0",
"revisedAt": "2019-07-23T08:26:45.375Z"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a"
}';
const headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consents',
{
method: 'POST',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/hal+json',
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/consents',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/hal+json',
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/consents', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consents");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/hal+json"},
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/consents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Create a new consent
POST /consents
Create a new consent resource or locate an existing consent.
Body parameter
{
"_profile": "https://production.api.apiture.com/schemas/consents/createConsent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisionId": "2019:1.02.0",
"revisedAt": "2019-07-23T08:26:45.375Z"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a"
}
Parameters
Parameter | Description |
---|---|
body (body) |
createConsent (required) The data necessary to create a new consent. |
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Responses
Status | Description |
---|---|
200 | OK |
OK. An existing consent resource for the document and user was found and the contextUri of this request added to that resource. | |
Schema: consent | |
201 | Created |
Created. | |
Schema: consent |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body or content was not well formed. This error response may have one of the following | |
Schema: errorResponse |
Response Headers
Status | Description |
---|---|
200 | Location string uri |
The URI of the existing consent resource. If the URI begins with / it is relative to the API root context. Else, it is a full URI starting with scheme://host | |
200 | ETag string |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. | |
201 | Location string uri |
The URI of the new consent resource. If the URI begins with / it is relative to the API root context. Else, it is a full URI starting with scheme://host | |
201 | ETag string |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. |
getConsent
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/consents/{consentId} \
-H 'Accept: application/hal+json' \
-H 'If-None-Match: string' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/consents/consents/{consentId} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string
var headers = {
'Accept':'application/hal+json',
'If-None-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consents/{consentId}',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'If-None-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consents/{consentId}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'If-None-Match' => 'string',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/consents/{consentId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'If-None-Match': 'string',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/consents/consents/{consentId}', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consents/{consentId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"If-None-Match": []string{"string"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/consents/{consentId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Fetch a representation of this consent
GET /consents/{consentId}
Return a HAL representation of this consent resource.
Parameters
Parameter | Description |
---|---|
If-None-Match (header) |
string The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET returns 304 (Not Modified) and no response body, else the resource representation is returned. |
consentId (path) |
string (required) The unique identifier of this consent. This is an opaque string. |
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: consent |
Status | Description |
---|---|
304 | Not Modified |
Not Modified. The resource has not been modified since it was last fetched. |
Status | Description |
---|---|
404 | Not Found |
Not Found. There is no such consent resource at the specified {consentId} . The _error field in the response contains details about the request error. | |
Schema: errorResponse |
Response Headers
Status | Description |
---|---|
200 | ETag string |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update this consent resource. |
patchConsent
Code samples
# You can also use wget
curl -X PATCH https://api.devbank.apiture.com/consents/consents/{consentId} \
-H 'Content-Type: application/hal+json' \
-H 'Accept: application/hal+json' \
-H 'If-Match: string' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
PATCH https://api.devbank.apiture.com/consents/consents/{consentId} HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string
var headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consents/{consentId}',
method: 'patch',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const inputBody = '{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}';
const headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consents/{consentId}',
{
method: 'PATCH',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/hal+json',
'Accept' => 'application/hal+json',
'If-Match' => 'string',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.patch 'https://api.devbank.apiture.com/consents/consents/{consentId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/hal+json',
'Accept': 'application/hal+json',
'If-Match': 'string',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.patch('https://api.devbank.apiture.com/consents/consents/{consentId}', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consents/{consentId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PATCH");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/hal+json"},
"Accept": []string{"application/hal+json"},
"If-Match": []string{"string"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("PATCH", "https://api.devbank.apiture.com/consents/consents/{consentId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Update this consent
PATCH /consents/{consentId}
Perform a partial update of this consent. Only the secondaryContextUri
and contextUri
are patchable. Fields which are omitted are not updated. Nested _embedded
and _links
are ignored if included.
Body parameter
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Parameters
Parameter | Description |
---|---|
If-Match (header) |
string The entity tag that was returned in the ETag response. This must match the current entity tag of the resource. |
body (body) |
consent (required) |
consentId (path) |
string (required) The unique identifier of this consent. This is an opaque string. |
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: consent |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
Status | Description |
---|---|
404 | Not Found |
Not Found. There is no such consent resource at the specified {consentId} . The _error field in the response contains details about the request error. | |
Schema: errorResponse |
Status | Description |
---|---|
412 | Precondition Failed |
Precondition Failed. The supplied If-Match header value does not match the most recent ETag response header value. The resource has changed in the interim. | |
Schema: errorResponse |
Status | Description |
---|---|
422 | Unprocessable Entity |
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
Response Headers
Status | Description |
---|---|
200 | ETag string |
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT or PATCH operations which update this consent resource. |
getNeededConsents
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/neededConsents \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/consents/neededConsents HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/neededConsents',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/neededConsents',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/neededConsents',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/consents/neededConsents', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/neededConsents");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/neededConsents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Get needed consents
GET /neededConsents
Return a list of needed consents (both pending
and stale
consents) for a user. If no consents exists for a user ID (including if the user ID is not found), the response is an empty collection.
Parameters
Parameter | Description |
---|---|
userId (query) |
string The user ID of the user; This is the _id of the User resource. If omitted, the returned list is the needed consents for the currently authenticated user. |
consolidate (query) |
boolean If true , two or more duplicate consents in the response body that have the same type and document URI are consolidated such that the result contain only one of the duplicates. Warning: the client should not use ?matching=false when the user gives consent to consents resources in the consolidated response. |
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consents/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents?start=10&limit=10"
},
"first": {
"href": "/consents/consents?start=0&limit=10"
},
"next": {
"href": "/consents/consents?start=20&limit=10"
},
"collection": {
"href": "/consents/consents"
}
},
"start": 10,
"limit": 10,
"count": 67,
"name": "consents",
"_embedded": {
"items": {
"0": {
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
}
}
},
"1": {
"_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/d62c0701-0d74-4836-83f9-ebf3709442ea"
}
}
}
}
}
}
Responses
Consent Actions
Actions on Consent Resources
giveConsent
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/givenConsents?consent=string \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/givenConsents?consent=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/givenConsents',
method: 'post',
data: '?consent=string',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/givenConsents?consent=string',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/givenConsents',
params: {
'consent' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/givenConsents', params={
'consent': 'string'
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/givenConsents?consent=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/givenConsents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Give a consent
POST /givenConsents
Indicate that a user has given consent to a document. This marks the given consent as given
. If scope
is matching
, all the user's matching needed consents (pending
or stale
consents which have the same type
and document.uri
) are marked as given
. This operation may be invoked by using POST
on the apiture:give
link on a consent resource; there is no query parameter.
Parameters
Parameter | Description |
---|---|
consent (query) |
string (required) A string which uniquely identifies a consent which is to added to the given consents resource set. This may be the unique consentId or the URI of the consent. |
scope (query) |
string The scope of the given consent. If instance , only the consent named in the ?consent= query parameter is marked as given . If matching , all needed consent matching the named in the ?consent= query parameter (pending or stale consents which have the same type ) are marked as given . The default if omitted is matching . array[string] values: instance , matching |
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Responses
Status | Description |
---|---|
200 | OK |
OK. The operation succeeded. The consents were updated and their state changed to given . The response may include an array of additional consents _embedded.consents which match the named consent and which were also given. | |
Schema: consent |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The consent parameter was malformed or does not refer to an existing or accessible consent. This error response may have one of the following | |
Schema: errorResponse |
Status | Description |
---|---|
409 | Conflict |
Conflict. The request to give the consent is not allowed. The This error response may have one of the following | |
Schema: errorResponse |
Status | Description |
---|---|
412 | Precondition Failed |
Precondition Failed. The supplied If-Match header value does not match the most recent ETag response header value. The resource has changed in the interim. | |
Schema: errorResponse |
revokeConsent
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/revokedConsents?consent=string \
-H 'Accept: application/hal+json' \
-H 'If-Match: string' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/revokedConsents?consent=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-Match: string
var headers = {
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/revokedConsents',
method: 'post',
data: '?consent=string',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/revokedConsents?consent=string',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'If-Match' => 'string',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/revokedConsents',
params: {
'consent' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'If-Match': 'string',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/revokedConsents', params={
'consent': 'string'
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/revokedConsents?consent=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"If-Match": []string{"string"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/revokedConsents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Revoke a consent
POST /revokedConsents
A user has revoked a previously given consent. This operation updates a consent by adding it to the set of revoked consents. This changes the state
property of the consent to revoked
. This operation is available via the apiture:revoke
link on the consent resource, if and only if the consent is eligible for the revoke operation. The responses is the updated representation of the consent.
The If-Match
request header, if present, must match the current entity tag value of the consent.
Parameters
Parameter | Description |
---|---|
consent (query) |
string (required) A string which uniquely identifies a consent which is to added to the given consents resource set. This may be the unique consentId or the URI of the consent. |
If-Match (header) |
string The entity tag that was returned in the ETag response. This must match the current entity tag of the resource. |
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Responses
Status | Description |
---|---|
200 | OK |
OK. The operation succeeded. The consent was updated and its state changed to revoked . | |
Schema: consent |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The consent parameter was malformed or does not refer to an existing or accessible consent. This error response may have one of the following | |
Schema: errorResponse |
Status | Description |
---|---|
409 | Conflict |
Conflict. The request to revoke the consent is not allowed. The This error response may have one of the following | |
Schema: errorResponse |
Status | Description |
---|---|
412 | Precondition Failed |
Precondition Failed. The supplied If-Match header value does not match the most recent ETag response header value. The resource has changed in the interim. | |
Schema: errorResponse |
Response Headers
Status | Description |
---|---|
200 | ETag string |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. |
rescindConsents
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/rescindedConsents?type=string \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/rescindedConsents?type=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/rescindedConsents',
method: 'post',
data: '?type=string',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/rescindedConsents?type=string',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/rescindedConsents',
params: {
'type' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/rescindedConsents', params={
'type': 'string'
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/rescindedConsents?type=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/rescindedConsents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Rescind matching consents
POST /rescindedConsents
Rescind consent requests which match the specified consent type, optional user and context. This action is typically performed by the financial institution to indicate that it no longer requires the user's consent. For example, a service may rescind a consent if a user is removed as an account owner or as an authorized signer, when an account application expires, or when they remove a banking product. Rescinding consent changes the state
property of the matching consent resources to rescinded
. The client must pass at least the document type
in order to find matching consents. If the optional document
, user
, and/or context
are specified, only consents that match those options and type
are rescinded.
The response is the collection of updated matching consent resources. If no matching consents were found, the consents collection response has an empty items
array.
Parameters
Parameter | Description |
---|---|
type (query) |
string (required) Specify the consent type to rescind. |
context (query) |
string(uri) The URI of the consent context. |
secondaryContext (query) |
string(uri) The URI of the secondary consent context. Use this if the primary context is insufficient for uniquely identifying the intended consents to rescind. |
user (query) |
string(uri) Rescind all matching consents for the user with this user ID. |
document (query) |
string(uri) The URI of the target document. This is not required but if passed, the document.uri must match as well as the other required query parameters. |
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consents/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents?start=10&limit=10"
},
"first": {
"href": "/consents/consents?start=0&limit=10"
},
"next": {
"href": "/consents/consents?start=20&limit=10"
},
"collection": {
"href": "/consents/consents"
}
},
"start": 10,
"limit": 10,
"count": 67,
"name": "consents",
"_embedded": {
"items": {
"0": {
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
}
}
},
"1": {
"_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/d62c0701-0d74-4836-83f9-ebf3709442ea"
}
}
}
}
}
}
Responses
Status | Description |
---|---|
200 | OK |
OK. The operation succeeded. The matching consents are updated and their state changed to rescinded . | |
Schema: consents |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. One or more query parameters is not well-formed. This error response may have one of the following | |
Schema: errorResponse |
Status | Description |
---|---|
412 | Precondition Failed |
Precondition Failed. The supplied If-Match header value does not match the most recent ETag response header value. The resource has changed in the interim. | |
Schema: errorResponse |
Response Headers
Status | Description |
---|---|
200 | ETag string |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. |
Documents
Manage Documents Subject to Consent
reviseDocument
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/revisedDocuments \
-H 'Content-Type: application/hal+json' \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/revisedDocuments HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
var headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/revisedDocuments',
method: 'post',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const inputBody = '{
"_profile": "https://production.api.apiture.com/schemas/consents/revisedDocument/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"revisionId": "2019:1.2.0",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"revisedAt": "2019-10-05T10:30:00.000Z",
"type": "productTermsAndConditions",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}';
const headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/revisedDocuments',
{
method: 'POST',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/hal+json',
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/revisedDocuments',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/hal+json',
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/revisedDocuments', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/revisedDocuments");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/hal+json"},
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/revisedDocuments", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Mark a document as revised, rendering corresponding consents as stale
POST /revisedDocuments
Mark a document as revised. All given
consents related to that document, document type, and the optional context are marked as stale
, indicating that the user should be presented the document and asked to consent to the terms of the revised document. The newly stale
consents are listed in the result of GET /neededConsents
. This operation is restricted to financial institution administrators or service applications. Any given
consents which already match the document and time stamp (and, optionally, document revision) are not marked stale.
Body parameter
{
"_profile": "https://production.api.apiture.com/schemas/consents/revisedDocument/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"revisionId": "2019:1.2.0",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"revisedAt": "2019-10-05T10:30:00.000Z",
"type": "productTermsAndConditions",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Parameters
Parameter | Description |
---|---|
body (body) |
revisedDocument (required) The details of the revised document. |
Try It
Example responses
202 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/revisedDocument/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"revisionId": "2019:1.2.0",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"revisedAt": "2019-10-05T10:30:00.000Z",
"type": "productTermsAndConditions",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Responses
Status | Description |
---|---|
202 | Accepted |
Accepted. The operation was received and accepted. The operation continues to update all matching consents, setting state changed to stale and changing the revision and documentRevisedAt to match the values in the request. | |
Schema: revisedDocument |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body or content was not well formed. This error response may have one of the following | |
Schema: errorResponse |
Status | Description |
---|---|
409 | Conflict |
Conflict. The request contains semantically invalid data. | |
Schema: errorResponse |
moveDocument
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/movedDocuments \
-H 'Content-Type: application/hal+json' \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/movedDocuments HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
var headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/movedDocuments',
method: 'post',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const inputBody = '{
"_profile": "https://production.api.apiture.com/schemas/consents/movedDocument/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"type": "productTermsAndConditions",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}';
const headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/movedDocuments',
{
method: 'POST',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/hal+json',
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/movedDocuments',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/hal+json',
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/movedDocuments', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/movedDocuments");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/hal+json"},
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/movedDocuments", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Change the location of a document
POST /movedDocuments
If the financial institution moves a document that is tracked by consents, such as the Terms and Conditions document for a product, use this operation to update the document URI of any consents.
Body parameter
{
"_profile": "https://production.api.apiture.com/schemas/consents/movedDocument/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"type": "productTermsAndConditions",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Parameters
Parameter | Description |
---|---|
body (body) |
movedDocument (required) The details of the revised document. |
Try It
Example responses
202 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/movedDocument/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"type": "productTermsAndConditions",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Responses
Status | Description |
---|---|
202 | Accepted |
Accepted. The operation was received and accepted. The operation continues to update all matching consents, setting the document.uri to match the newUri value in the request. | |
Schema: movedDocument |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body or content was not well formed. This error response may have one of the following | |
Schema: errorResponse |
Status | Description |
---|---|
409 | Conflict |
Conflict. The request contains semantically invalid data. | |
Schema: errorResponse |
Consent Type Name
Allowed Consent Types
getConsentTypeNames
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/consentTypeNames \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/consents/consentTypeNames HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consentTypeNames',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consentTypeNames',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/consentTypeNames',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/consents/consentTypeNames', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consentTypeNames");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/consentTypeNames", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Retrieve the set of consent type names
GET /consentTypeNames
Return the set of reserved consent type names. The name
property of a consent must be one of these reserved names. This list may be updated by the financial institution via the updateConsentTypeNames
operation. The default list includes the following names:
productTermsAndConditions
privacyPolicy
electronicConsent
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consentTypeNames/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"names": {
"productTermsAndConditions": {
"0": {
"label": "Product Terms and Conditions",
"description": "The terms and conditions of use for bank accounts of a specific banking product. The user must consent to these terms and conditions in order to open a new account."
}
},
"termsAndConditions": {
"0": {
"label": "Terms and Conditions",
"description": "The terms and conditions associated with a specific bank account."
}
},
"privacyPolicy": {
"0": {
"label": "Privacy Policy",
"description": "The financial institution's privacy policy, which covers how the financial institution guards the customer's personal information and how it shares information about customers."
}
},
"electronicConsent": {
"0": {
"label": "Electronic Consent Agreement",
"description": "Consenting to this agreement means the user agrees to receive electronically certain information such as statements or notices from the financial institution, and that the user agrees their use of the banking applications means they agree to allow those banking applications to perform banking operations, including transferring money or making payments, on their behalf."
}
}
}
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: consentTypeNames |
Response Headers
Status | Description |
---|---|
200 | ETag string |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. |
updateConsentTypeNames
Code samples
# You can also use wget
curl -X PUT https://api.devbank.apiture.com/consents/consentTypeNames \
-H 'Content-Type: application/hal+json' \
-H 'Accept: application/hal+json' \
-H 'If-Match: string' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
PUT https://api.devbank.apiture.com/consents/consentTypeNames HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string
var headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consentTypeNames',
method: 'put',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const inputBody = '{
"_profile": "https://production.api.apiture.com/schemas/consents/consentTypeNames/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"names": {
"productTermsAndConditions": {
"0": {
"label": "Product Terms and Conditions",
"description": "The terms and conditions of use for bank accounts of a specific banking product. The user must consent to these terms and conditions in order to open a new account."
}
},
"termsAndConditions": {
"0": {
"label": "Terms and Conditions",
"description": "The terms and conditions associated with a specific bank account."
}
},
"privacyPolicy": {
"0": {
"label": "Privacy Policy",
"description": "The financial institution's privacy policy, which covers how the financial institution guards the customer's personal information and how it shares information about customers."
}
},
"electronicConsent": {
"0": {
"label": "Electronic Consent Agreement",
"description": "Consenting to this agreement means the user agrees to receive electronically certain information such as statements or notices from the financial institution, and that the user agrees their use of the banking applications means they agree to allow those banking applications to perform banking operations, including transferring money or making payments, on their behalf."
}
}
}
}';
const headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consentTypeNames',
{
method: 'PUT',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/hal+json',
'Accept' => 'application/hal+json',
'If-Match' => 'string',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.put 'https://api.devbank.apiture.com/consents/consentTypeNames',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/hal+json',
'Accept': 'application/hal+json',
'If-Match': 'string',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.put('https://api.devbank.apiture.com/consents/consentTypeNames', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consentTypeNames");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/hal+json"},
"Accept": []string{"application/hal+json"},
"If-Match": []string{"string"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("PUT", "https://api.devbank.apiture.com/consents/consentTypeNames", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Replace the set of consent type names
PUT /consentTypeNames
A financial institution can use this operation to register additional types of consent that they may request from their users. The type
property of a consent must be one of these reserved names. This operation completely replaces the set of reserved consent type names, so it should include all items from the getConsentTypeNames
that are in use. This operation is only available to financial institution administrators.
Body parameter
{
"_profile": "https://production.api.apiture.com/schemas/consents/consentTypeNames/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"names": {
"productTermsAndConditions": {
"0": {
"label": "Product Terms and Conditions",
"description": "The terms and conditions of use for bank accounts of a specific banking product. The user must consent to these terms and conditions in order to open a new account."
}
},
"termsAndConditions": {
"0": {
"label": "Terms and Conditions",
"description": "The terms and conditions associated with a specific bank account."
}
},
"privacyPolicy": {
"0": {
"label": "Privacy Policy",
"description": "The financial institution's privacy policy, which covers how the financial institution guards the customer's personal information and how it shares information about customers."
}
},
"electronicConsent": {
"0": {
"label": "Electronic Consent Agreement",
"description": "Consenting to this agreement means the user agrees to receive electronically certain information such as statements or notices from the financial institution, and that the user agrees their use of the banking applications means they agree to allow those banking applications to perform banking operations, including transferring money or making payments, on their behalf."
}
}
}
}
Parameters
Parameter | Description |
---|---|
If-Match (header) |
string The entity tag that was returned in the ETag response. This must match the current entity tag of the resource. |
body (body) |
consentTypeNames (required) The set of consent type names |
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consentTypeNames/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"names": {
"productTermsAndConditions": {
"0": {
"label": "Product Terms and Conditions",
"description": "The terms and conditions of use for bank accounts of a specific banking product. The user must consent to these terms and conditions in order to open a new account."
}
},
"termsAndConditions": {
"0": {
"label": "Terms and Conditions",
"description": "The terms and conditions associated with a specific bank account."
}
},
"privacyPolicy": {
"0": {
"label": "Privacy Policy",
"description": "The financial institution's privacy policy, which covers how the financial institution guards the customer's personal information and how it shares information about customers."
}
},
"electronicConsent": {
"0": {
"label": "Electronic Consent Agreement",
"description": "Consenting to this agreement means the user agrees to receive electronically certain information such as statements or notices from the financial institution, and that the user agrees their use of the banking applications means they agree to allow those banking applications to perform banking operations, including transferring money or making payments, on their behalf."
}
}
}
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: consentTypeNames |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
Status | Description |
---|---|
409 | Conflict |
The request does not include consent type names that are in use in existing consent resource. This error response may have one of the following | |
Schema: errorResponse |
Response Headers
Status | Description |
---|---|
200 | ETag string |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. |
API
The Consents API
getApi
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/ \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY'
GET https://api.devbank.apiture.com/consents/ HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY'
};
fetch('https://api.devbank.apiture.com/consents/',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY'
}
r = requests.get('https://api.devbank.apiture.com/consents/', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Top-level resources and operations in this API
GET /
Return links to the top-level resources and operations in this API.
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"id": "apiName",
"name": "API name",
"apiVersion": "1.0.0"
}
Responses
getApiDoc
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/apiDoc \
-H 'Accept: application/json' \
-H 'API-Key: API_KEY'
GET https://api.devbank.apiture.com/consents/apiDoc HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json
var headers = {
'Accept':'application/json',
'API-Key':'API_KEY'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/apiDoc',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'API-Key':'API_KEY'
};
fetch('https://api.devbank.apiture.com/consents/apiDoc',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'API-Key' => 'API_KEY'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/apiDoc',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'API-Key': 'API_KEY'
}
r = requests.get('https://api.devbank.apiture.com/consents/apiDoc', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/apiDoc");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"API-Key": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/apiDoc", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Return API definition document
GET /apiDoc
Return the OpenAPI document that describes this API.
Try It
Example responses
200 Response
{}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: Inline |
Response Schema
getLabels
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/labels \
-H 'Accept: application/hal+json' \
-H 'Accept-Language: string' \
-H 'API-Key: API_KEY'
GET https://api.devbank.apiture.com/consents/labels HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
Accept-Language: string
var headers = {
'Accept':'application/hal+json',
'Accept-Language':'string',
'API-Key':'API_KEY'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/labels',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'Accept-Language':'string',
'API-Key':'API_KEY'
};
fetch('https://api.devbank.apiture.com/consents/labels',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'Accept-Language' => 'string',
'API-Key' => 'API_KEY'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/labels',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'Accept-Language': 'string',
'API-Key': 'API_KEY'
}
r = requests.get('https://api.devbank.apiture.com/consents/labels', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/labels");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"Accept-Language": []string{"string"},
"API-Key": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/labels", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Localized Labels
GET /labels
Return a JSON object which defines labels for enumeration types defined by the schemas defined in this API. The labels in the response may not all match the requested language; some may be in the default language (en-us
).
Parameters
Parameter | Description |
---|---|
Accept-Language (header) |
string The weighted language tags which indicate the user's preferred natural language for the localized labels in the response, as per RFC 7231. |
Try It
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/common/labelGroups/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"groups": {
"fristGroup": {
"unknown": {
"label": "Unknown",
"code": "0",
"hidden": true
},
"key1": {
"label": "Label for Key 1",
"code": "1",
"variants": {
"es": {
"label": "(Spanish label for Key 1)"
},
"fr": {
"label": "(French label for Key 1)"
}
}
},
"key2": {
"label": "Label for Key 2",
"code": "2",
"variants": {
"es": {
"label": "(Spanish label for Key 2)"
},
"fr": {
"label": "(French label for Key 2)"
}
}
},
"key3": {
"label": "Label for Key 3",
"code": "3",
"variants": {
"es": {
"label": "(Spanish label for Key 3)"
},
"fr": {
"label": "(French label for Key 3)"
}
}
},
"other": {
"label": "Other",
"variants": {
"es": {
"label": "(Spanish label for Other)"
},
"fr": {
"label": "(French label for Other)"
}
},
"code": "254"
}
},
"secondGroup": {
"unknown": {
"label": "Unknown",
"code": "?",
"hidden": true
},
"optionA": {
"label": "Option A",
"code": "A"
},
"optionB": {
"label": "Option B",
"code": "B"
},
"optionC": {
"label": "Option C",
"code": "C"
},
"other": {
"label": "Other",
"code": "_"
}
}
}
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: labelGroups |
Schemas
abstractRequest
{
"_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
"_links": {}
}
Abstract Request (v2.0.0)
An abstract schema used to define other request-only schemas. This is a HAL resource representation, minus the _error
defined in abstractResource
.
This schema was resolved from common/abstractRequest
.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
abstractResource
{
"_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
}
}
Abstract Resource (v2.1.0)
An abstract schema used to define other schemas for request and response bodies. This is a HAL resource representation. This model contains hypermedia _links
, and either optional domain object data with _profile
and optional _embedded
objects, or an _error
object. In responses, if the operation was successful, this object will not include the _error
, but if the operation was a 4xx or 5xx error, this object will not include _embedded
or any data fields, only _error
and optionally _links
.
This schema was resolved from common/abstractResource
.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
attributes
{}
Attributes (v2.1.0)
An optional map of name/value pairs which contains additional dynamic data about the resource.
This schema was resolved from common/attributes
.
Properties
collection
{
"_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
}
}
Collection (v2.1.0)
A collection of resources. This is an abstract model schema which is extended to define specific resource collections.
This schema was resolved from common/collection
.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
count | integer The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter. |
start | integer The start index of this page of items. |
limit | integer The maximum number of items per page. |
name | string The name of the collection. |
consent
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Consent (v1.1.0)
Representation of a consent resource. Users consent or acceptance of a policy or other document.
Links
Response and request bodies using this consent
schema may contain the following links:
Rel | Summary | Method |
---|---|---|
self | Fetch a representation of this consent | GET |
apiture:revoke | Revoke a consent | POST |
apiture:give | Give a consent | POST |
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
document | document Properties of the target document. |
type | string Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource.
|
contextUri | string(uri) The URI of a resource that establishes the context in which the financial institution asks for the user's consent. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. maxLength: 2048
|
secondaryContextUri | string(uri) The URI of a secondary resource associated with this user's consent and the contextUri . For example, for consent of an account's terms and conditions, the secondary context might be the account.
maxLength: 2048
|
userId | string The user ID of the user who is requested to consent to a document. This is the _id of the User resource.
|
_id | string The unique identifier for this consent resource. This is an immutable opaque string. read-only
|
state | consentStates The state of this consent. read-only
|
givenAt | string(date-time) The time stamp when the user last consented to the document, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ ). This property is not set if state is pending .
read-only
|
requestRevokedAt | string(date-time) The time stamp when the user revoked consent, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ ). A revoked consent reflects a consent request that the user has previously given but has reversed. Revoking a consent sets the state back to pending and clears consentedAt .
read-only
|
requestRescindedAt | string(date-time) The time stamp when the consent request was rescinded by the requester, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ ). A rescinded consent reflects a consent request that the system or application has issued in the past but no longer requires. For example, if a user is removed as an authorized signer from an account and a consent is pending for that account's terms and conditions, the Accounts service may rescind that consent request. This property is set only if state is rescinded .
read-only
|
consentFields
{
"document": {
"uri": "http://example.com",
"contentType": "application/pdf",
"revisionId": "2019:1.2.0",
"revisedAt": "2019-08-24T14:15:22Z"
},
"type": "string",
"contextUri": "http://example.com",
"secondaryContextUri": "http://example.com",
"userId": "string"
}
Consent Fields (v1.1.0)
Common fields of the consent resource used to build other model schemas.
Properties
Name | Description |
---|---|
document | document Properties of the target document. |
type | string Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource.
|
contextUri | string(uri) The URI of a resource that establishes the context in which the financial institution asks for the user's consent. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. maxLength: 2048
|
secondaryContextUri | string(uri) The URI of a secondary resource associated with this user's consent and the contextUri . For example, for consent of an account's terms and conditions, the secondary context might be the account.
maxLength: 2048
|
userId | string The user ID of the user who is requested to consent to a document. This is the _id of the User resource.
|
consentStates
"pending"
Consent States (v1.0.0)
The state of a consent resource.
Type: string
Enumerated values: pending
given
stale
rescinded
revoked
consentTypeNames
{
"_profile": "https://production.api.apiture.com/schemas/consents/consentTypeNames/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"names": {
"productTermsAndConditions": {
"0": {
"label": "Product Terms and Conditions",
"description": "The terms and conditions of use for bank accounts of a specific banking product. The user must consent to these terms and conditions in order to open a new account."
}
},
"termsAndConditions": {
"0": {
"label": "Terms and Conditions",
"description": "The terms and conditions associated with a specific bank account."
}
},
"privacyPolicy": {
"0": {
"label": "Privacy Policy",
"description": "The financial institution's privacy policy, which covers how the financial institution guards the customer's personal information and how it shares information about customers."
}
},
"electronicConsent": {
"0": {
"label": "Electronic Consent Agreement",
"description": "Consenting to this agreement means the user agrees to receive electronically certain information such as statements or notices from the financial institution, and that the user agrees their use of the banking applications means they agree to allow those banking applications to perform banking operations, including transferring money or making payments, on their behalf."
}
}
}
}
Consent Type Names (v1.0.1)
A list of allowed consent type names and their labels and descriptions.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
names | localizedLabels An object which maps consent type names to their labels and descriptions. |
consents
{
"_profile": "https://production.api.apiture.com/schemas/consents/consents/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents?start=10&limit=10"
},
"first": {
"href": "/consents/consents?start=0&limit=10"
},
"next": {
"href": "/consents/consents?start=20&limit=10"
},
"collection": {
"href": "/consents/consents"
}
},
"start": 10,
"limit": 10,
"count": 67,
"name": "consents",
"_embedded": {
"items": {
"0": {
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
}
}
},
"1": {
"_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/d62c0701-0d74-4836-83f9-ebf3709442ea"
}
}
}
}
}
}
Consent Collection (v1.1.0)
Collection of consents. The items in the collection are ordered in the _embedded.items
array; the name
is consents
. The top-level _links
object may contain pagination links (self
, next
, prev
, first
, last
, collection
).
Links
Response and request bodies using this consents
schema may contain the following links:
Rel | Summary | Method |
---|---|---|
self | This filtered page of results | GET |
collection | The raw collection without filters/sorting | GET |
next | Fetch the next page of results | GET |
prev | Fetch the previous page of results | GET |
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object Embedded objects. |
» items | [summaryConsent] An array containing a page of consent items. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
count | integer The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter. |
start | integer The start index of this page of items. |
limit | integer The maximum number of items per page. |
name | string The name of the collection. |
createConsent
{
"_profile": "https://production.api.apiture.com/schemas/consents/createConsent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisionId": "2019:1.02.0",
"revisedAt": "2019-07-23T08:26:45.375Z"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a"
}
Create Consent (v1.1.0)
Representation used to create a new consent.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
document | document (required) Properties of the target document. |
type | string (required) Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource.
|
contextUri | string(uri) The URI of a resource that establishes the context in which the financial institution asks for the user's consent. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. maxLength: 2048
|
secondaryContextUri | string(uri) The URI of a secondary resource associated with this user's consent and the contextUri . For example, for consent of an account's terms and conditions, the secondary context might be the account.
maxLength: 2048
|
userId | string (required) The user ID of the user who is requested to consent to a document. This is the _id of the User resource.
|
document
{
"uri": "http://example.com",
"contentType": "application/pdf",
"revisionId": "2019:1.2.0",
"revisedAt": "2019-08-24T14:15:22Z"
}
Document (v1.0.0)
Properties of a target document.
Properties
Name | Description |
---|---|
uri | string(uri) (required) The URI of the target document that the user is consenting to. If the document is revised, this consent is marked as stale . (Note: This need not be a document in the Apiture vault.)
maxLength: 2048
|
contentType | any (required) The media type for the document. For text documents, the content type should include the text encoding; if omitted, the encoding type is assumed to be utf-8. |
revisionId | string The revision identifier of the document revision the user consented to. If the content management system in which the document is stored does not define revision identifiers or tags, this may be omitted and defaults to the revision time stamp. |
revisedAt | string(date-time) (required) The time stamp when the target document was last revised (modified), in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ ).
|
error
{
"_id": "2eae46e1575c0a7b0115a4b3",
"message": "Descriptive error message...",
"statusCode": 422,
"type": "errorType1",
"remediation": "Remediation string...",
"occurredAt": "2018-01-25T05:50:52.375Z",
"errors": [
{
"_id": "ccdbe2c5c938a230667b3827",
"message": "An optional embedded error"
},
{
"_id": "dbe9088dcfe2460f229338a3",
"message": "Another optional embedded error"
}
],
"_links": {
"describedby": {
"href": "https://developer.apiture.com/errors/errorType1"
}
}
}
Error (v2.1.0)
Describes an error in an API request or in a service called via the API.
This schema was resolved from common/error
.
Properties
Name | Description |
---|---|
message | string (required) A localized message string describing the error condition. |
_id | string A unique identifier for this error instance. This may be used as a correlation ID with the root cause error (i.e. this ID may be logged at the source of the error). This is is an opaque string. read-only
|
statusCode | integer The HTTP status code associate with this error. minimum: 100
maximum: 599
|
type | string An error identifier which indicates the category of error and associate it with API support documentation or which the UI tier can use to render an appropriate message or hint. This provides a finer level of granularity than the statusCode . For example, instead of just 400 Bad Request, the type may be much more specific. such as integerValueNotInAllowedRange or numericValueExceedsMaximum or stringValueNotInAllowedSet .
|
occurredAt | string(date-time) An RFC 3339 UTC time stamp indicating when the error occurred. |
attributes | attributes Informative values or constraints which describe the error. For example, for a value out of range error, the attributes may specify the minimum and maximum values. This allows clients to present error messages as they see fit (the API does not assume the client/presentation tier). The set of attributes varies by error type .
|
remediation | string An optional localized string which provides hints for how the user or client can resolve the error. |
errors | [error] An optional array of nested error objects. This property is not always present. |
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
errorResponse
{
"_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"_error": {
"_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
"message": "Description of the error will appear here.",
"statusCode": 422,
"type": "specificErrorType",
"attributes": {
"value": "Optional attribute describing the error"
},
"remediation": "Optional instructions to remediate the error may appear here.",
"occurredAt": "2018-01-25T05:50:52.375Z",
"_links": {
"describedby": {
"href": "https://production.api.apiture.com/errors/specificErrorType"
}
},
"_embedded": {
"errors": {}
}
}
}
Error Response (v2.1.0)
Describes an error response, typically returned on 4xx or 5xx errors from API operations. The _error
object contains the error details.
This schema was resolved from common/errorResponse
.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
labelGroup
{
"unknown": {
"label": "Unknown",
"code": "0",
"hidden": true
},
"under1Million": {
"label": "Under $1M",
"code": "1",
"range": "[0,1000000.00)",
"variants": {
"fr": {
"label": "Moins de $1M"
}
}
},
"from1to10Million": {
"label": "$1M to $10M",
"code": "2",
"range": "[1000000.00,10000000.00)",
"variants": {
"fr": {
"label": "$1M \\u00e0 $10M"
}
}
},
"from10to100Million": {
"label": "$10M to $100M",
"code": "3",
"range": "[10000000.00,100000000.00)",
"variants": {
"fr": [
"label $10M \\u00e0 $100M"
]
}
},
"over100Million": {
"label": "Over $100,000,000.00",
"code": "4",
"range": "[100000000.00,]",
"variants": {
"fr": {
"label": "Plus de $10M"
}
}
},
"other": {
"label": "Other",
"code": 254
}
}
Label Group (v1.0.0)
A map that defines labels for the items in a group. This is a map from each item name → a labelItem
object. For example, consider a JSON response that includes a property named revenueEstimate
; the values for revenueEstimate
must be one of the items in the group named estimatedAnnualRevenue
, with options ranging under1Million
, to over100Million
. The item name is used as the selected value in an Apiture representation, such as { ..., "revenueEstimate" : "from10to100Million" , ...}
, and the item with the name from10to100Million
defines the presentation labels for that item, as well as other metadata about that choice: this is the range [10000000.00,100000000.00)
.
This allows the client to let the user select a value from a list, such as the following derived from the labels in the example:
- Unknown
- Under $1M
- $1M to $10M
- $10M to $100M
- $100M or more
Note that the other
item is hidden from the selection list, as that item is marked as hidden
. For items which define numeric ranges, a client may instead let the customer directly enter their estimated annual revenue as a number, such as 4,500,000.00. The client can then match that number to one of ranges in the items and set the revenueEstimate
to the corresponding item's name: { ..., "revenueEstimate" : "from1to10Million", ... }
.
This schema was resolved from common/labelGroup
.
Properties
Name | Description |
---|---|
additionalProperties | labelItem An item in a labelGroup , with a set of variants which contains different localized labels for the item. Each (simpleLabel ) variant defines the presentation text label and optional description for a language. Items may also have a lookup code to map to external syststems, a numeric range, and a hidden boolean to indicate the item is normally hidden in the UI. This schema was resolved from |
labelGroups
{
"_profile": "https://production.api.apiture.com/schemas/common/labelGroups/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"groups": {
"fristGroup": {
"unknown": {
"label": "Unknown",
"code": "0",
"hidden": true
},
"key1": {
"label": "Label for Key 1",
"code": "1",
"variants": {
"es": {
"label": "(Spanish label for Key 1)"
},
"fr": {
"label": "(French label for Key 1)"
}
}
},
"key2": {
"label": "Label for Key 2",
"code": "2",
"variants": {
"es": {
"label": "(Spanish label for Key 2)"
},
"fr": {
"label": "(French label for Key 2)"
}
}
},
"key3": {
"label": "Label for Key 3",
"code": "3",
"variants": {
"es": {
"label": "(Spanish label for Key 3)"
},
"fr": {
"label": "(French label for Key 3)"
}
}
},
"other": {
"label": "Other",
"variants": {
"es": {
"label": "(Spanish label for Other)"
},
"fr": {
"label": "(French label for Other)"
}
},
"code": "254"
}
},
"secondGroup": {
"unknown": {
"label": "Unknown",
"code": "?",
"hidden": true
},
"optionA": {
"label": "Option A",
"code": "A"
},
"optionB": {
"label": "Option B",
"code": "B"
},
"optionC": {
"label": "Option C",
"code": "C"
},
"other": {
"label": "Other",
"code": "_"
}
}
}
}
Label Groups (v1.1.0)
A set of named groups of labels, each of which contains multiple item labels.
The abbreviated example shows two groups, one named structure
and one named estimatedAnnualRevenue
. The first has items with names such as corporation
, llc
and soleProprietorship
, with text labels for each in the default and in French. The second has items for estimated revenue ranges but no localized labels. For example, the item named from1to10Million
has the label
"$1M to $10M" and the range [1000000.00,10000000.00)
.
This schema was resolved from common/labelGroups
.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
groups | object Groups of localized labels. This maps group names → a group of labels within that group. |
» additionalProperties | labelGroup A map that defines labels for the items in a group. This is a map from each item name → a labelItem object. For example, consider a JSON response that includes a property named revenueEstimate ; the values for revenueEstimate must be one of the items in the group named estimatedAnnualRevenue , with options ranging under1Million , to over100Million . The item name is used as the selected value in an Apiture representation, such as { ..., "revenueEstimate" : "from10to100Million" , ...} , and the item with the name from10to100Million defines the presentation labels for that item, as well as other metadata about that choice: this is the range [10000000.00,100000000.00) . This allows the client to let the user select a value from a list, such as the following derived from the labels in the example:
Note that the This schema was resolved from |
labelItem
{
"over100Million": {
"label": "Over $100,000,000.00",
"code": "4",
"range": "[100000000.00,]",
"variants": {
"fr": {
"label": "Plus de $10M"
}
}
}
}
Label Item (v1.0.0)
An item in a labelGroup
, with a set of variants
which contains different localized labels for the item. Each (simpleLabel
) variant defines the presentation text label and optional description for a language. Items may also have a lookup code
to map to external syststems, a numeric range, and a hidden
boolean to indicate the item is normally hidden in the UI.
This schema was resolved from common/labelItem
.
Properties
Name | Description |
---|---|
label | string (required) A label or title which may be used as labels or other UI controls which present a value. |
description | string A more detailed localized description of a localizable label. |
variants | object The language-specific variants of this label. The keys in this object are RFC 7231 language codes. |
» additionalProperties | simpleLabel A text label and optional description. This schema was resolved from |
code | string If the localized value is associated with an external standard or definition, this is a lookup code or key or URI for that value. minLength: 1
|
hidden | boolean If true , this item is normally hidden from the User Interface.
|
range | string The range of values, if the item describes a bounded numeric value. This is range notation such as [min,max] , (exclusiveMin,max] , [min,exclusiveMax) , or (exclusiveMin,exclusiveMax) . For example, [0,100) is the range greater than or equal to 0 and less than 100. If the min or max value are omitted, that end of the range is unbounded. For example, (,1000.00) means less than 1000.00 and [20000.00,] means 20000.00 or more. The ranges do not overlap or have gaps.
pattern: ^[\[\(](-?(0|[1-9][0-9]*)(\.[0-9]+)?)?,(-?(0|[1-9][0-9]*)(\.[0-9]+)?)?[\]\)]$
|
link
{
"href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
"title": "Application"
}
Link (v1.0.0)
Describes a hypermedia link within a _links
object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name
or hreflang
properties of HAL. Apiture links may include a method
property.
This schema was resolved from common/link
.
Properties
Name | Description |
---|---|
href | string(uri) (required) The URI or URI template for the resource/operation this link refers to. |
type | string The media type for the resource. |
templated | boolean If true, the link's href is a URI template. |
title | string An optional human-readable localized title for the link. |
deprecation | string(uri) If present, the containing link is deprecated and the value is a URI which provides human-readable text information about the deprecation. |
profile | string(uri) The URI of a profile document, a JSON document which describes the target resource/operation. |
links
{
"property1": {
"href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
"title": "Application"
},
"property2": {
"href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
"title": "Application"
}
}
Links (v1.0.0)
An optional map of links, mapping each link relation to a link object. This model defines the _links
object of HAL representations.
This schema was resolved from common/links
.
Properties
Name | Description |
---|---|
additionalProperties | link Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property. This schema was resolved from |
localizedLabel
{
"label": "Limited Liability Corporation",
"description": "string",
"language": "en-us",
"code": "31"
}
Localized Label (v1.0.0)
A localized label and optional description for localizable content defined in this API.
Properties
Name | Description |
---|---|
label | string A localized label or title which may be used to decorate UI controls which present a value. |
description | string A more detailed localized description of this label. |
language | string The natural language tag to which this localized label is associated, as per RFC 7231. If empty, this item serves as the default label in case no label matches the caller's language. |
code | string If the localized value is associated with an external standard, this is a lookup code or key or URI for that value. |
localizedLabels
{
"property1": [
{
"label": "Limited Liability Corporation",
"description": "string",
"language": "en-us",
"code": "31"
}
],
"property2": [
{
"label": "Limited Liability Corporation",
"description": "string",
"language": "en-us",
"code": "31"
}
]
}
Localized Labels (v1.0.0)
An object that maps a name to an array of labels, descriptions and a language (locale) code for the label and description. The first item in the array should be the default label/description; the remaining items must have a language
.
Properties
Name | Description |
---|---|
additionalProperties | [localizedLabel] [A localized label and optional description for localizable content defined in this API.] |
movedDocument
{
"_profile": "https://production.api.apiture.com/schemas/consents/movedDocument/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"type": "productTermsAndConditions",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Moved Document (v1.0.0)
Details about a target document that has been moved or revised.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
uri | string(uri) (required) The original URI of the target document. maxLength: 2048
|
newUri | string(uri) (required) The new URI of the target document. All matching consents' document.uri are updated to this new document URI, but their state is not changed.
maxLength: 2048
|
contextUri | string(uri) The URI of a resource that establishes the context in which the financial institution asks for the user's consent. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. maxLength: 2048
|
type | string (required) Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource.
|
revisedDocument
{
"_profile": "https://production.api.apiture.com/schemas/consents/revisedDocument/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"revisionId": "2019:1.2.0",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"revisedAt": "2019-10-05T10:30:00.000Z",
"type": "productTermsAndConditions",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Revised Document (v1.0.1)
Details about a target document that has been moved or revised.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
uri | string(uri) (required) The URI of the target document that the user is consenting to. If the document is revised, this consent is marked as stale . (Note: This need not be a document in the Apiture vault.)
maxLength: 2048
|
contentType | any (required) The media type for the document. For text documents, the content type should include the text encoding; if omitted, the encoding type is assumed to be utf-8. |
revisionId | string The revision identifier of the document revision the user consented to. If the content management system in which the document is stored does not define revision identifiers or tags, this may be omitted and defaults to the revision time stamp. |
revisedAt | string(date-time) (required) The time stamp when the target document was last revised (modified), in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ ).
|
newUri | string(uri) The URI of the revised target document, if the document has moved. All matching consents have their document URI and revisions updated to this new document maxLength: 2048
|
contextUri | string(uri) The URI of a resource that establishes the context in which the financial institution asks for the user's consent is requested for a specific document. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. maxLength: 2048
|
type | string (required) Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource.
|
root
{
"_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"id": "apiName",
"name": "API name",
"apiVersion": "1.0.0"
}
API Root (v2.1.0)
A HAL response, with hypermedia _links
for the top-level resources and operations in API.
This schema was resolved from common/root
.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
_id | string This API's unique ID. read-only
|
name | string This API's name. |
apiVersion | string This API's version. |
simpleLabel
{
"label": "Board of Directors",
"description": "string"
}
Simple Label (v1.0.0)
A text label and optional description.
This schema was resolved from common/simpleLabel
.
Properties
Name | Description |
---|---|
label | string (required) A label or title which may be used as labels or other UI controls which present a value. |
description | string A more detailed localized description of a localizable label. |
summaryConsent
{
"_profile": "https://production.api.apiture.com/schemas/consents/summaryConsent/v1.1.0/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "pending",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a"
}
Consent Summary (v1.1.0)
Summary representation of a consent resource in consents collections. This representation normally does not contain any _embedded
objects. If needed, call the GET
operation on the item's self
link to get _embedded
objects.
Properties
Name | Description |
---|---|
_links | links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | object An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | string(uri) The URI of a resource profile which describes the representation. read-only
|
_error | error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
|
document | document Properties of the target document. |
type | string Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource.
|
contextUri | string(uri) The URI of a resource that establishes the context in which the financial institution asks for the user's consent. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. maxLength: 2048
|
secondaryContextUri | string(uri) The URI of a secondary resource associated with this user's consent and the contextUri . For example, for consent of an account's terms and conditions, the secondary context might be the account.
maxLength: 2048
|
userId | string The user ID of the user who is requested to consent to a document. This is the _id of the User resource.
|
_id | string The unique identifier for this consent resource. This is an immutable opaque string. read-only
|
state | consentStates The state of this consent. read-only
|
givenAt | string(date-time) The time stamp when the user last consented to the document, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ ). This property is not set if state is pending .
read-only
|
requestRevokedAt | string(date-time) The time stamp when the user revoked consent, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ ). A revoked consent reflects a consent request that the user has previously given but has reversed. Revoking a consent sets the state back to pending and clears consentedAt .
read-only
|
requestRescindedAt | string(date-time) The time stamp when the consent request was rescinded by the requester, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ ). A rescinded consent reflects a consent request that the system or application has issued in the past but no longer requires. For example, if a user is removed as an authorized signer from an account and a consent is pending for that account's terms and conditions, the Accounts service may rescind that consent request. This property is set only if state is rescinded .
read-only
|