- Access v0.5.0
- Authentication
- Permissions
- Roles
- API
- Schemas
Access v0.5.0
Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.
The Access API describes the roles and permissions for access to Apiture APIs. This API defines two primary resources:
- A permission allows a user access to an API operation or set of operations, such as accessing an account, reading account transactions, scheduling transfers and payments, adding beneficiaries, or approving an application. All API operations that require OAuth2 authentication require specific permissions.
- A role represents an aggregation of permissions or other roles. Users may be assigned one or more roles, via the Users API and Operators API.
Each role has a name
(a programmatic identifier), a short readable label
, a longer description
, a category
, assignability (to users), and a list of child nodes and direct permissions. Fetching a role may also embed a full list of its effective permissions, which is the union of the set of the direct permissions in the role and the effective permissions of the direct child roles.
There are three categories of users, and thus three categories of roles that may be assigned to users.
- Administrative users who manage the deployment (
system
). - Financial Institution operators, such as
the deposits manager, the wire room staff, customer support, and so on.
These financial institution users employ administrative
and back office applications to manage the financial institution's digital banking. (
operator
) - Banking customers who hold accounts and use client applications to perform digital banking.
(This is for future use). (
customer
)
Roles and permissions are organized in a directed acyclic graph. Roles are the nodes in the graph and permissions are the leaves. Roles may have child roles and child permissions, but permissions may not have children. The graph has a maximum nesting depth (node ancestry) of six roles. This version of the API is read-only. Future releases will define operations for creating and updating roles and permissions.
Download OpenAPI Definition (YAML)
Base URLs:
Authentication
- API Key (
apiKey
)- header parameter: API-Key
- API Key based authentication. See details at Secure Access.
- OAuth2 authentication (
accessToken
)- OAuth2 client access token authentication. See details at Secure Access.
- Flow:
authorizationCode
- Authorization URL = https://auth.apiture.com/oauth2/authorize
- Token URL = https://auth.apiture.com/auth/oauth2/token
Scope | Scope Description |
---|---|
access/read |
Read access to roles and permissions. |
Permissions
Permissions for API Access
getMyAccess
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/access/myAccess \
-H 'Accept: application/json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/access/myAccess HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/access/myAccess',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/access/myAccess',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/access/myAccess',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/access/myAccess', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/access/myAccess");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/access/myAccess", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Return the current authenticated user's roles and permissions
GET https://api.devbank.apiture.com/access/myAccess
Return the current authenticated user's roles and permissions.
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/access/userAccess/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"roles": [
{
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_id": "0d3a9972-a843-458a-b6a9-dec3feb458ff",
"name": "transfers",
"categoryName": "customer",
"label": "Create and Manage Transfers",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/0d3a9972-a843-458a-b6a9-dec3feb458ff"
}
}
},
{
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_id": "93959e3d-f61d-452f-8054-73a92cdfe263",
"name": "payBills",
"categoryName": "customer",
"label": "Create and Manage Bill Payments",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/93959e3d-f61d-452f-8054-73a92cdfe263"
}
}
}
],
"effectiveRoles": [
{
"_id": "0d3a9972-a843-458a-b6a9-dec3feb458ff",
"name": "transfers",
"uri": "https://api.devbank.apiture.com/access/roles/0d3a9972-a843-458a-b6a9-dec3feb458ff"
},
{
"_id": "93959e3d-f61d-452f-8054-73a92cdfe263",
"name": "payBills",
"uri": "https://api.devbank.apiture.com/access/roles/93959e3d-f61d-452f-8054-73a92cdfe263"
}
],
"effectivePermissions": [
"getScheduledTransfer",
"getScheduledTransfers",
"createScheduledTransfer",
"cancelScheduledTransfer",
"updateScheduledTransfer",
"deleteScheduledTransfer",
"getPaymentInstruction",
"getPaymentInstructions",
"createPaymentInstruction",
"submitPaymentInstruction",
"cancelPaymentInstruction",
"deletePaymentInstruction"
]
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: userAccess |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
Status | Description |
---|---|
422 | Unprocessable Entity |
Unprocessable Entity. The request body and/or query parameters were well formed but otherwise invalid. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
getPermissions
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/access/permissions \
-H 'Accept: application/json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/access/permissions HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/access/permissions',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/access/permissions',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/access/permissions',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/access/permissions', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/access/permissions");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/access/permissions", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Return a collection of API permissions
GET https://api.devbank.apiture.com/access/permissions
Return a paginated, collection of all API permissions. The links in the response include pagination links.
Parameters
Parameter | Description |
---|---|
start in: query | integer(int64) The zero-based index of the first permission item to include in this page. The default 0 denotes the beginning of the collection. format: int64 default: 0 |
limit in: query | integer(int32) The maximum number of permission representations to return in this page. format: int32 default: 100 |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/access/permissions/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions?start=10&limit=10"
},
"first": {
"href": "https://api.devbank.apiture.com/access/permissions?start=0&limit=10"
},
"next": {
"href": "https://api.devbank.apiture.com/access/permissions?start=20&limit=10"
},
"collection": {
"href": "https://api.devbank.apiture.com/access/permissions"
}
},
"name": "permissions",
"start": 10,
"limit": 10,
"count": 67,
"_embedded": {
"items": [
{
"name": "createScheduledTransfer",
"_profile": "https://production.api.apiture.com/schemas/access/summaryPermission/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/createScheduledTransfer"
}
}
},
{
"name": "updatedScheduledTransfer",
"_profile": "https://production.api.apiture.com/schemas/access/summaryPermission/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/updatedScheduledTransfer"
}
}
}
]
}
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: permissions |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
Status | Description |
---|---|
422 | Unprocessable Entity |
Unprocessable Entity. The request body and/or query parameters were well formed but otherwise invalid. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
getPermission
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/access/permissions/{permissionName} \
-H 'Accept: application/json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/access/permissions/{permissionName} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/access/permissions/{permissionName}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/access/permissions/{permissionName}',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/access/permissions/{permissionName}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/access/permissions/{permissionName}', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/access/permissions/{permissionName}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/access/permissions/{permissionName}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Fetch a representation of this permission
GET https://api.devbank.apiture.com/access/permissions/{permissionName}
Return a HAL representation of this permission resource.
Parameters
Parameter | Description |
---|---|
permissionName in: path | string (required) The unique name of a permission. This corresponds to the permission's name property. |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/access/permission/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/createScheduledTransfer"
},
"apiture:roles": {
"href": "https://api.devbank.apiture.com/access/roles?permission=createScheduledTransfer"
}
},
"name": "createScheduledTransfer",
"description": "Adds either a new one-time or a recurring transfer, to transfer funds between internal accounts or between an internal and a verified external account.",
"label": "Create a new scheduled transfer request",
"_embedded": {}
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: permission | |
Header | ETag string |
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT or PATCH operations which update this permission resource. |
Status | Description |
---|---|
304 | Not Modified |
Not Modified. The resource has not been modified since it was last fetched. |
Status | Description |
---|---|
404 | Not Found |
Not Found. There is no such permission resource at the specified {permissionName} . The _error field in the response contains details about the request error. | |
Schema: errorResponse |
Roles
User Roles for API Access
getRoles
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/access/roles \
-H 'Accept: application/json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/access/roles HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/access/roles',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/access/roles',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/access/roles',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/access/roles', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/access/roles");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/access/roles", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Return a collection of roles
GET https://api.devbank.apiture.com/access/roles
Return a filterable collection of roles.
Parameters
Parameter | Description |
---|---|
filter in: query | string Optional filter criteria. See filtering. This collection may be filtered by the following properties and functions: • Property categoryName using functions eq , ne , in • Property assignable using functions eq , ne • Property user using functions eq , ne , in • Property updatedAt using functions eq , ne , in , lt , le , gt , ge • Property createdAt using functions eq , ne , in , lt , le , gt , ge . |
permission in: query | string Return a list of roles which contain the named permission. This does not include effective permissions which the role inherits from child roles. |
category in: query | string Return a list of roles for the named category. enum values: system , operator , customer |
assignable in: query | boolean Include only roles whose assignable property matches. |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/access/roles/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles?start=00&limit=100"
},
"collection": {
"href": "https://api.devbank.apiture.com/access/roles"
}
},
"name": "roles",
"start": 0,
"limit": 100,
"count": 7,
"_embedded": {
"items": [
{
"name": "role1",
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/99ade01a-e676-456c-a546-e2fd003c834b"
}
}
},
{
"name": "role2",
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/70cd5898-3e74-4fcf-917c-b14030a4a061"
}
}
}
]
}
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: roles |
Status | Description |
---|---|
400 | Bad Request |
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
Status | Description |
---|---|
422 | Unprocessable Entity |
Unprocessable Entity. The request body and/or query parameters were well formed but otherwise invalid. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
getRole
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/access/roles/{role} \
-H 'Accept: application/json' \
-H 'If-None-Match: string' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/access/roles/{role} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json
If-None-Match: string
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'If-None-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/access/roles/{role}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'If-None-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/access/roles/{role}',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'If-None-Match' => 'string',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/access/roles/{role}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'If-None-Match': 'string',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/access/roles/{role}', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/access/roles/{role}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"If-None-Match": []string{"string"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/access/roles/{role}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Fetch a representation of this role
GET https://api.devbank.apiture.com/access/roles/{role}
Return a HAL representation of this role resource. Note that if looking up a role by name, the response will be a (301) redirect to the role resource by _id
.
Parameters
Parameter | Description |
---|---|
If-None-Match in: header | string The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET returns 304 (Not Modified) and no response body, else the resource representation is returned. |
embed in: query | array[string] A pipe-delimited list of properties to include in the returned role's _embedded objects. List items must be (roles , permissions , effectivePermissions property names of the roleEmbedded model schema.pipe-delimited items: string » enum values: roles , permissions , effectivePermissions |
role in: path | string (required) The unique name or _id (identifier) of a role. |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/access/role/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/7655fcde-c3a4-404e-a662-9beede86bfa9"
},
"apiture:permissions": {
"href": "https://api.devbank.apiture.com/access/permissions?role=7655fcde-c3a4-404e-a662-9beede86bfa9"
}
},
"name": "moveMoney",
"label": "Move Money",
"description": "Create, modify, and cancel transfers, payments, checks, and other funds movement.",
"categoryName": "customer",
"assignable": true,
"_id": "7655fcde-c3a4-404e-a662-9beede86bfa9",
"createdAt": "2021-01-25T12:46:06.375Z",
"roles": [
{
"_id": "0d3a9972-a843-458a-b6a9-dec3feb458ff",
"name": "transfers",
"uri": "https://api.devbank.apiture.com/access/roles/0d3a9972-a843-458a-b6a9-dec3feb458ff"
},
{
"_id": "93959e3d-f61d-452f-8054-73a92cdfe263",
"name": "payBills",
"uri": "https://api.devbank.apiture.com/access/roles/93959e3d-f61d-452f-8054-73a92cdfe263"
}
],
"permissions": [
{
"name": "getScheduledTransfer",
"uri": "https://api.devbank.apiture.com/access/permissions/getScheduledTransfer"
},
{
"name": "getScheduledTransfers",
"uri": "https://api.devbank.apiture.com/access/permissions/getScheduledTransfers"
}
],
"_embedded": {
"roles": [
{
"_profile": "https://production.api.apiture.com/schemas/access/role/v1.1.0/profile.json",
"_id": "0d3a9972-a843-458a-b6a9-dec3feb458ff",
"name": "transfers",
"categoryName": "customer",
"label": "Create and Manage Transfers",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/0d3a9972-a843-458a-b6a9-dec3feb458ff"
}
}
},
{
"_id": "93959e3d-f61d-452f-8054-73a92cdfe263",
"name": "payBills",
"categoryName": "customer",
"label": "Create and Manage Bill Payments",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/93959e3d-f61d-452f-8054-73a92cdfe263"
}
}
}
],
"permissions": [
{
"_profile": "https://production.api.apiture.com/schemas/access/permission/v1.0.0/profile.json",
"name": "getScheduledTransfer",
"label": "View a scheduled transfer",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/getScheduledTransfer"
}
}
},
{
"_profile": "https://production.api.apiture.com/schemas/access/permission/v1.0.0/profile.json",
"name": "getScheduledTransfers",
"label": "View all scheduled transfers",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/getScheduledTransfers"
}
}
}
],
"effectivePermissions": [
"getScheduledTransfer",
"getScheduledTransfers",
"createScheduledTransfer",
"cancelScheduledTransfer",
"updateScheduledTransfer",
"deleteScheduledTransfer",
"getPaymentInstruction",
"getPaymentInstructions",
"createPaymentInstruction",
"submitPaymentInstruction",
"cancelPaymentInstruction",
"deletePaymentInstruction"
]
}
}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: role | |
Header | ETag string |
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT or PATCH operations which update this role resource. |
Status | Description |
---|---|
301 | Moved Permanently |
Moved. The resource was found by role name, but the service redirects the client to the role resource by ID via the Location response header. | |
Header | Location string uri |
The canonical URI of the role resource. |
Status | Description |
---|---|
304 | Not Modified |
Not Modified. The resource has not been modified since it was last fetched. |
Status | Description |
---|---|
404 | Not Found |
Not Found. There is no such role resource at the specified {role} . The _error field in the response contains details about the request error. | |
Schema: errorResponse |
API
The Access API
getApi
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/access/ \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY'
GET https://api.devbank.apiture.com/access/ HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY'
};
fetch('https://api.devbank.apiture.com/access/',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY'
};
$.ajax({
url: 'https://api.devbank.apiture.com/access/',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY'
}
result = RestClient.get 'https://api.devbank.apiture.com/access/',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY'
}
r = requests.get('https://api.devbank.apiture.com/access/', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/access/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/access/", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Top-level resources and operations in this API
GET https://api.devbank.apiture.com/access/
Return links to the top-level resources and operations in this API.
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"id": "apiName",
"name": "API name",
"apiVersion": "1.0.0"
}
Responses
getApiDoc
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/access/apiDoc \
-H 'Accept: application/json' \
-H 'API-Key: API_KEY'
GET https://api.devbank.apiture.com/access/apiDoc HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'API-Key':'API_KEY'
};
fetch('https://api.devbank.apiture.com/access/apiDoc',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'API-Key':'API_KEY'
};
$.ajax({
url: 'https://api.devbank.apiture.com/access/apiDoc',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'API-Key' => 'API_KEY'
}
result = RestClient.get 'https://api.devbank.apiture.com/access/apiDoc',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'API-Key': 'API_KEY'
}
r = requests.get('https://api.devbank.apiture.com/access/apiDoc', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/access/apiDoc");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"API-Key": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/access/apiDoc", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Return API definition document
GET https://api.devbank.apiture.com/access/apiDoc
Return the OpenAPI document that describes this API.
Example responses
200 Response
{}
Responses
Status | Description |
---|---|
200 | OK |
OK. | |
Schema: Inline |
Response Schema
Schemas
abstractRequest
{
"_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
"_links": {}
}
Abstract Request (v2.0.0)
An abstract schema used to define other request-only schemas. This is a HAL resource representation, minus the _error
defined in abstractResource
.
This schema was resolved from common/abstractRequest
.
Properties
Name | Description |
---|---|
Abstract Request (v2.0.0) | An abstract schema used to define other request-only schemas. This is a HAL resource representation, minus the _error defined in abstractResource . This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
abstractResource
{
"_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
}
}
Abstract Resource (v2.1.0)
An abstract schema used to define other schemas for request and response bodies. This is a HAL resource representation. This model contains hypermedia _links
, and either optional domain object data with _profile
and optional _embedded
objects, or an _error
object. In responses, if the operation was successful, this object will not include the _error
, but if the operation was a 4xx or 5xx error, this object will not include _embedded
or any data fields, only _error
and optionally _links
.
This schema was resolved from common/abstractResource
.
Properties
Name | Description |
---|---|
Abstract Resource (v2.1.0) | An abstract schema used to define other schemas for request and response bodies. This is a HAL resource representation. This model contains hypermedia _links , and either optional domain object data with _profile and optional _embedded objects, or an _error object. In responses, if the operation was successful, this object will not include the _error , but if the operation was a 4xx or 5xx error, this object will not include _embedded or any data fields, only _error and optionally _links . This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
attributes
{}
Attributes (v2.1.0)
An optional map of name/value pairs which contains additional dynamic data about the resource.
This schema was resolved from common/attributes
.
Properties
Name | Description |
---|---|
Attributes (v2.1.0) | An optional map of name/value pairs which contains additional dynamic data about the resource. This schema was resolved from |
collection
{
"_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
}
}
Collection (v2.1.0)
A collection of resources. This is an abstract model schema which is extended to define specific resource collections.
This schema was resolved from common/collection
.
Properties
Name | Description |
---|---|
Collection (v2.1.0) | A collection of resources. This is an abstract model schema which is extended to define specific resource collections. This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
count | The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter. |
start | The start index of this page of items. |
limit | The maximum number of items per page. |
name | The name of the collection. |
error
{
"_id": "2eae46e1575c0a7b0115a4b3",
"message": "Descriptive error message...",
"statusCode": 422,
"type": "errorType1",
"remediation": "Remediation string...",
"occurredAt": "2018-01-25T05:50:52.375Z",
"errors": [
{
"_id": "ccdbe2c5c938a230667b3827",
"message": "An optional embedded error"
},
{
"_id": "dbe9088dcfe2460f229338a3",
"message": "Another optional embedded error"
}
],
"_links": {
"describedby": {
"href": "https://developer.apiture.com/errors/errorType1"
}
}
}
Error (v2.1.0)
Describes an error in an API request or in a service called via the API.
This schema was resolved from common/error
.
Properties
Name | Description |
---|---|
Error (v2.1.0) | Describes an error in an API request or in a service called via the API. This schema was resolved from |
message | (required) A localized message string describing the error condition. |
_id | A unique identifier for this error instance. This may be used as a correlation ID with the root cause error (i.e. this ID may be logged at the source of the error). This is is an opaque string. read-only |
statusCode | The HTTP status code associate with this error. minimum: 100 maximum: 599 |
type | An error identifier which indicates the category of error and associate it with API support documentation or which the UI tier can use to render an appropriate message or hint. This provides a finer level of granularity than the statusCode . For example, instead of just 400 Bad Request, the type may be much more specific. such as integerValueNotInAllowedRange or numericValueExceedsMaximum or stringValueNotInAllowedSet . |
occurredAt | An RFC 3339 UTC time stamp indicating when the error occurred. format: date-time |
attributes | Informative values or constraints which describe the error. For example, for a value out of range error, the attributes may specify the minimum and maximum values. This allows clients to present error messages as they see fit (the API does not assume the client/presentation tier). The set of attributes varies by error type .Additional Properties: true |
remediation | An optional localized string which provides hints for how the user or client can resolve the error. |
errors | array: An optional array of nested error objects. This property is not always present. items: object |
errorResponse
{
"_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"_error": {
"_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
"message": "Description of the error will appear here.",
"statusCode": 422,
"type": "specificErrorType",
"attributes": {
"value": "Optional attribute describing the error"
},
"remediation": "Optional instructions to remediate the error may appear here.",
"occurredAt": "2018-01-25T05:50:52.375Z",
"_links": {
"describedby": {
"href": "https://production.api.apiture.com/errors/specificErrorType"
}
},
"_embedded": {
"errors": []
}
}
}
Error Response (v2.1.0)
Describes an error response, typically returned on 4xx or 5xx errors from API operations. The _error
object contains the error details.
This schema was resolved from common/errorResponse
.
Properties
Name | Description |
---|---|
Error Response (v2.1.0) | Describes an error response, typically returned on 4xx or 5xx errors from API operations. The _error object contains the error details. This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
link
{
"href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
"title": "Application"
}
Link (v1.0.0)
Describes a hypermedia link within a _links
object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name
or hreflang
properties of HAL. Apiture links may include a method
property.
This schema was resolved from common/link
.
Properties
Name | Description |
---|---|
Link (v1.0.0) | Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property. This schema was resolved from |
href | (required) The URI or URI template for the resource/operation this link refers to. format: uri |
type | The media type for the resource. |
templated | If true, the link's href is a URI template. |
title | An optional human-readable localized title for the link. |
deprecation | If present, the containing link is deprecated and the value is a URI which provides human-readable text information about the deprecation. format: uri |
profile | The URI of a profile document, a JSON document which describes the target resource/operation. format: uri |
links
{
"property1": {
"href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
"title": "Application"
},
"property2": {
"href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
"title": "Application"
}
}
Links (v1.0.0)
An optional map of links, mapping each link relation to a link object. This model defines the _links
object of HAL representations.
This schema was resolved from common/links
.
Properties
Name | Description |
---|---|
Links (v1.0.0) | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
Link (v1.0.0) | Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property. This schema was resolved from |
permission
{
"_profile": "https://production.api.apiture.com/schemas/access/permission/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/createScheduledTransfer"
},
"apiture:roles": {
"href": "https://api.devbank.apiture.com/access/roles?permission=createScheduledTransfer"
}
},
"name": "createScheduledTransfer",
"description": "Adds either a new one-time or a recurring transfer, to transfer funds between internal accounts or between an internal and a verified external account.",
"label": "Create a new scheduled transfer request",
"_embedded": {}
}
Permission (v1.0.0)
Representation of permission resources. A permission represents an allowed API operation. Permissions are aggregated into roles.
Links
Response and request bodies using this permission
schema may contain the following links:
Rel | Summary | Method |
---|---|---|
self | Fetch a representation of this permission | GET |
apiture:roles | List roles which have this permission (directly) | GET |
Properties
Name | Description | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
Permission (v1.0.0) | Representation of permission resources. A permission represents an allowed API operation. Permissions are aggregated into roles. LinksResponse and request bodies using this
| |||||||||
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from | |||||||||
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. | |||||||||
_profile | The URI of a resource profile which describes the representation. read-only format: uri | |||||||||
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only | |||||||||
name | The name of this permission. This immutable programmatic identifier also acts as the permission's unique {permissionName} .minLength: 6 maxLength: 64 pattern: "^[a-z][a-zA-Z0-9]{0,63}$" | |||||||||
label | A short text label for this permission, for use in human presentation. This field may be localized. minLength: 1 maxLength: 128 | |||||||||
description | A more detailed description of this permission. format: markdown maxLength: 512 |
permissionReference
{
"name": "approveApproval",
"uri": "https://api.devbank.apiture.com/access/permissions/approveApproval"
}
Permission Reference (v1.0.0)
A reference to a permission resource.
Properties
Name | Description |
---|---|
Permission Reference (v1.0.0) | A reference to a permission resource. |
name | (required) The name of this permission. minLength: 6 maxLength: 64 pattern: "^[a-z][a-zA-Z0-9]{0,63}$" |
uri | The URI of the permission's resource. format: uri |
permissions
{
"_profile": "https://production.api.apiture.com/schemas/access/permissions/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions?start=10&limit=10"
},
"first": {
"href": "https://api.devbank.apiture.com/access/permissions?start=0&limit=10"
},
"next": {
"href": "https://api.devbank.apiture.com/access/permissions?start=20&limit=10"
},
"collection": {
"href": "https://api.devbank.apiture.com/access/permissions"
}
},
"name": "permissions",
"start": 10,
"limit": 10,
"count": 67,
"_embedded": {
"items": [
{
"name": "createScheduledTransfer",
"_profile": "https://production.api.apiture.com/schemas/access/summaryPermission/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/createScheduledTransfer"
}
}
},
{
"name": "updatedScheduledTransfer",
"_profile": "https://production.api.apiture.com/schemas/access/summaryPermission/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/updatedScheduledTransfer"
}
}
}
]
}
}
Permission Collection (v1.0.0)
Collection of permissions. The items in the collection are ordered in the _embedded.items
array; the collection name
is permissions
. The top-level _links
object may contain pagination links (self
, next
, prev
, first
, last
, collection
).
Properties
Name | Description |
---|---|
Permission Collection (v1.0.0) | Collection of permissions. The items in the collection are ordered in the _embedded.items array; the collection name is permissions . The top-level _links object may contain pagination links (self , next , prev , first , last , collection ). |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | Embedded objects. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
count | The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter. |
start | The start index of this page of items. |
limit | The maximum number of items per page. |
name | The name of the collection. |
permissionsEmbedded
{
"items": [
{
"_profile": "https://production.api.apiture.com/schemas/access/summaryPermission/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/createScheduledTransfer"
}
},
"name": "createScheduledTransfer",
"description": "Create a new scheduled transfer in the `scheduledTransfers` collection.",
"label": "Create a new scheduled transfer request"
}
]
}
Permissions Embedded Objects (v1.0.0)
Objects embedded in the permissions
schema.
Properties
Name | Description |
---|---|
Permissions Embedded Objects (v1.0.0) | Objects embedded in the permissions schema. |
items | array: An array containing summary representations of permission items. items: object |
role
{
"_profile": "https://production.api.apiture.com/schemas/access/role/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/7655fcde-c3a4-404e-a662-9beede86bfa9"
},
"apiture:permissions": {
"href": "https://api.devbank.apiture.com/access/permissions?role=7655fcde-c3a4-404e-a662-9beede86bfa9"
}
},
"name": "moveMoney",
"label": "Move Money",
"description": "Create, modify, and cancel transfers, payments, checks, and other funds movement.",
"categoryName": "customer",
"assignable": true,
"_id": "7655fcde-c3a4-404e-a662-9beede86bfa9",
"createdAt": "2021-01-25T12:46:06.375Z",
"roles": [
{
"_id": "0d3a9972-a843-458a-b6a9-dec3feb458ff",
"name": "transfers",
"uri": "https://api.devbank.apiture.com/access/roles/0d3a9972-a843-458a-b6a9-dec3feb458ff"
},
{
"_id": "93959e3d-f61d-452f-8054-73a92cdfe263",
"name": "payBills",
"uri": "https://api.devbank.apiture.com/access/roles/93959e3d-f61d-452f-8054-73a92cdfe263"
}
],
"permissions": [
{
"name": "getScheduledTransfer",
"uri": "https://api.devbank.apiture.com/access/permissions/getScheduledTransfer"
},
{
"name": "getScheduledTransfers",
"uri": "https://api.devbank.apiture.com/access/permissions/getScheduledTransfers"
}
],
"_embedded": {
"roles": [
{
"_profile": "https://production.api.apiture.com/schemas/access/role/v1.1.0/profile.json",
"_id": "0d3a9972-a843-458a-b6a9-dec3feb458ff",
"name": "transfers",
"categoryName": "customer",
"label": "Create and Manage Transfers",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/0d3a9972-a843-458a-b6a9-dec3feb458ff"
}
}
},
{
"_id": "93959e3d-f61d-452f-8054-73a92cdfe263",
"name": "payBills",
"categoryName": "customer",
"label": "Create and Manage Bill Payments",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/93959e3d-f61d-452f-8054-73a92cdfe263"
}
}
}
],
"permissions": [
{
"_profile": "https://production.api.apiture.com/schemas/access/permission/v1.0.0/profile.json",
"name": "getScheduledTransfer",
"label": "View a scheduled transfer",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/getScheduledTransfer"
}
}
},
{
"_profile": "https://production.api.apiture.com/schemas/access/permission/v1.0.0/profile.json",
"name": "getScheduledTransfers",
"label": "View all scheduled transfers",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/getScheduledTransfers"
}
}
}
],
"effectivePermissions": [
"getScheduledTransfer",
"getScheduledTransfers",
"createScheduledTransfer",
"cancelScheduledTransfer",
"updateScheduledTransfer",
"deleteScheduledTransfer",
"getPaymentInstruction",
"getPaymentInstructions",
"createPaymentInstruction",
"submitPaymentInstruction",
"cancelPaymentInstruction",
"deletePaymentInstruction"
]
}
}
Role (v1.1.0)
Representation of role resources. A role is an aggregation of permissions or other roles. Users may be assigned one or more roles (although role assignment is outside the scope of this API.) Note that, while role's may be accessed by name
or _id
, the self
link always uses the canonical form, _id
.
Links
Response and request bodies using this role
schema may contain the following links:
Rel | Summary | Method |
---|---|---|
self | Fetch a representation of this role | GET |
Properties
Name | Description | ||||||
---|---|---|---|---|---|---|---|
Role (v1.1.0) | Representation of role resources. A role is an aggregation of permissions or other roles. Users may be assigned one or more roles (although role assignment is outside the scope of this API.) Note that, while role's may be accessed by LinksResponse and request bodies using this
| ||||||
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from | ||||||
_embedded | Optional related objects (child roles, direct permissions, effective permissions) embedded in a role representation. | ||||||
_profile | The URI of a resource profile which describes the representation. read-only format: uri | ||||||
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only | ||||||
name | The name of this role. This immutable programmatic identifier also acts as the role's unique {role} .minLength: 6 maxLength: 64 pattern: "^[a-z][a-zA-Z0-9]{0,63}$" | ||||||
label | The text label for this role, for use in human presentation. This field may be localized. minLength: 1 maxLength: 128 | ||||||
categoryName | The category of users that may be assigned this role. Child roles are constrained:
enum values: system , operator , customer | ||||||
assignable | If true , this role can be assigned to users. If false, the role is used for composing other roles only.default: false | ||||||
_id | The unique identifier for this role. This is an immutable opaque string. This is the {role} in canonical resource URIs.read-only maxLength: 64 | ||||||
description | The role's description. format: markdown maxLength: 512 | ||||||
roles | array: Child roles that this role inherits permissions from. This may be an empty array. maxLength: 256 items: object | ||||||
permission | array: Direct permissions granted by this role. This may be an empty array. maxLength: 2048 items: object | ||||||
createdAt | The date-time when the role was created, in YYYY-MM-DDThh:mm:ss.sssZ RFC 3339 date-time format, UTC. This is derived and immutable.read-only format: date-time | ||||||
updatedAt | The date-time when the role was last updated, in YYYY-MM-DDThh:mm:ss.sssZ RFC 3339 date-time format, UTC. This is derived and immutable.read-only format: date-time |
roleCategory
"system"
Role Category (v1.0.0)
The category of users that may be assigned this role.
roleCategory
strings may have one of the following enumerated values:
Value | Description |
---|---|
system | System Administrative User: System administrative users who manage the deployment. |
operator | Financial Institution Operator: Administrator employees of the financial institution such as the deposits manager or the wire room staff, customer support, and so on These financial institution users use administrative and back office applications to manage the digital banking. |
customer | Banking Customer User: Banking customers who hold accounts and use applications to perform digital banking. (Reserved for future use.) |
type:
string
enum values: system
, operator
, customer
roleEmbedded
{
"roles": [
{
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_id": "0d3a9972-a843-458a-b6a9-dec3feb458ff",
"name": "transfers",
"categoryName": "customer",
"label": "Create and Manage Transfers",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/0d3a9972-a843-458a-b6a9-dec3feb458ff"
}
}
},
{
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_id": "93959e3d-f61d-452f-8054-73a92cdfe263",
"name": "payBills",
"categoryName": "customer",
"label": "Create and Manage Bill Payments",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/93959e3d-f61d-452f-8054-73a92cdfe263"
}
}
}
],
"permissions": [
{
"_profile": "https://production.api.apiture.com/schemas/access/permission/v1.0.0/profile.json",
"name": "getScheduledTransfer",
"label": "View a scheduled transfer",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/getScheduledTransfer"
}
}
},
{
"_profile": "https://production.api.apiture.com/schemas/access/permission/v1.0.0/profile.json",
"name": "getScheduledTransfers",
"label": "View all scheduled transfers",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/getScheduledTransfers"
}
}
}
],
"effectivePermissions": [
"getScheduledTransfer",
"getScheduledTransfers",
"createScheduledTransfer",
"cancelScheduledTransfer",
"updateScheduledTransfer",
"deleteScheduledTransfer",
"getPaymentInstruction",
"getPaymentInstructions",
"createPaymentInstruction",
"submitPaymentInstruction",
"cancelPaymentInstruction",
"deletePaymentInstruction"
]
}
Role Embedded Objects (v1.1.0)
Objects embedded in a role
object.
Properties
Name | Description |
---|---|
Role Embedded Objects (v1.1.0) | Objects embedded in a role object. |
roles | array: An array of direct child roles. This is included in a role representation if the embed query parameter on the getRole operation includes the name, roles .items: object |
permissions | array: An array containing permission objects for all the direct permissions in this role. This is included in a role representation if the embed query parameter on the getRole operation includes the name, permissions .items: object |
effectivePermissions | array: [ An array containing all the effective permission names for this role. This is the union of the direct permissions for the role and all the effective permissions of all the role's direct child roles. This is included in a role representation if the embed query parameter on the getRole operation includes the name, effectivePermissions .items: string |
roleReference
{
"_id": "78c16684-0628-4363-a557-987839245d2c",
"name": "approveApproval",
"uri": "https://api.devbank.apiture.com/access/roles/78c16684-0628-4363-a557-987839245d2c"
}
Role Reference (v1.0.0)
A reference to a role resource.
Properties
Name | Description |
---|---|
Role Reference (v1.0.0) | A reference to a role resource. |
_id | (required) The unique identifier for the role. read-only maxLength: 64 |
name | (required) The name of this role. minLength: 6 maxLength: 64 pattern: "^[a-z][a-zA-Z0-9]{0,63}$" |
label | The text label for this role. minLength: 1 maxLength: 128 |
uri | The URI of the role's resource. format: uri |
roles
{
"_profile": "https://production.api.apiture.com/schemas/access/roles/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles?start=00&limit=100"
},
"collection": {
"href": "https://api.devbank.apiture.com/access/roles"
}
},
"name": "roles",
"start": 0,
"limit": 100,
"count": 7,
"_embedded": {
"items": [
{
"name": "role1",
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/99ade01a-e676-456c-a546-e2fd003c834b"
}
}
},
{
"name": "role2",
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/70cd5898-3e74-4fcf-917c-b14030a4a061"
}
}
}
]
}
}
Role Collection (v1.1.0)
Collection of roles. The items in the collection are listed in the _embedded.items
array; the collection name
is roles
.
Properties
Name | Description |
---|---|
Role Collection (v1.1.0) | Collection of roles. The items in the collection are listed in the _embedded.items array; the collection name is roles . |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | roles collection items |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
count | The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter. |
start | The start index of this page of items. |
limit | The maximum number of items per page. |
name | The name of the collection. |
rolesEmbedded
{
"items": [
{
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/7655fcde-c3a4-404e-a662-9beede86bfa9"
}
},
"name": "moveMoney",
"label": "Move Money",
"description": "Create, modify, and cancel transfers, payments, checks, and other funds movement.",
"categoryName": "customer",
"assignable": true,
"_id": "7655fcde-c3a4-404e-a662-9beede86bfa9"
}
]
}
Roles Embedded Objects (v1.1.0)
Objects embedded in the roles
collection.
Properties
Name | Description |
---|---|
Roles Embedded Objects (v1.1.0) | Objects embedded in the roles collection. |
items | array: An array containing role items. items: object |
root
{
"_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"id": "apiName",
"name": "API name",
"apiVersion": "1.0.0"
}
API Root (v2.1.0)
A HAL response, with hypermedia _links
for the top-level resources and operations in API.
This schema was resolved from common/root
.
Properties
Name | Description |
---|---|
API Root (v2.1.0) | A HAL response, with hypermedia _links for the top-level resources and operations in API. This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
_id | This API's unique ID. read-only |
name | This API's name. |
apiVersion | This API's version. |
summaryPermission
{
"_profile": "https://production.api.apiture.com/schemas/access/summaryPermission/v1.0.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/permissions/createScheduledTransfer"
}
},
"name": "createScheduledTransfer",
"description": "Create a new scheduled transfer in the `scheduledTransfers` collection.",
"label": "Create a new scheduled transfer request"
}
Permission Summary (v1.0.0)
Summary representation of a permission resource in the permissions collection. A permission represents an allowed API operation. This representation normally does not contain any _embedded
objects. If needed, call the GET
operation on the item's self
link to get the full permission object.
Links
Response and request bodies using this summaryPermission
schema may contain the following links:
Rel | Summary | Method |
---|---|---|
self | Fetch a representation of this permission | GET |
Properties
Name | Description | ||||||
---|---|---|---|---|---|---|---|
Permission Summary (v1.0.0) | Summary representation of a permission resource in the permissions collection. A permission represents an allowed API operation. This representation normally does not contain any LinksResponse and request bodies using this
| ||||||
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from | ||||||
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. | ||||||
_profile | The URI of a resource profile which describes the representation. read-only format: uri | ||||||
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only | ||||||
name | The name of this permission. This immutable programmatic identifier also acts as the permission's unique {permissionName} .minLength: 6 maxLength: 64 pattern: "^[a-z][a-zA-Z0-9]{0,63}$" | ||||||
label | A short text label for this permission, for use in human presentation. This field may be localized. minLength: 1 maxLength: 128 |
summaryRole
{
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/7655fcde-c3a4-404e-a662-9beede86bfa9"
}
},
"name": "moveMoney",
"label": "Move Money",
"description": "Create, modify, and cancel transfers, payments, checks, and other funds movement.",
"categoryName": "customer",
"assignable": true,
"_id": "7655fcde-c3a4-404e-a662-9beede86bfa9"
}
Role Summary (v1.1.0)
Summary representation of a role resource in the roles collection. This representation normally does not contain any _embedded
objects. If needed, call the GET
operation on the item's self
link to get full role object.
Links
Response and request bodies using this summaryRole
schema may contain the following links:
Rel | Summary | Method |
---|---|---|
self | Fetch a representation of this role | GET |
Properties
Name | Description | ||||||
---|---|---|---|---|---|---|---|
Role Summary (v1.1.0) | Summary representation of a role resource in the roles collection. This representation normally does not contain any LinksResponse and request bodies using this
| ||||||
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from | ||||||
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. | ||||||
_profile | The URI of a resource profile which describes the representation. read-only format: uri | ||||||
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only | ||||||
name | The name of this role. This immutable programmatic identifier also acts as the role's unique {role} .minLength: 6 maxLength: 64 pattern: "^[a-z][a-zA-Z0-9]{0,63}$" | ||||||
label | The text label for this role, for use in human presentation. This field may be localized. minLength: 1 maxLength: 128 | ||||||
categoryName | The category of users that may be assigned this role. Child roles are constrained:
enum values: system , operator , customer | ||||||
assignable | If true , this role can be assigned to users. If false, the role is used for composing other roles only.default: false | ||||||
_id | The unique identifier for this role. This is an immutable opaque string. This is the {role} in canonical resource URIs.read-only maxLength: 64 |
userAccess
{
"_profile": "https://production.api.apiture.com/schemas/access/userAccess/v1.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"roles": [
{
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_id": "0d3a9972-a843-458a-b6a9-dec3feb458ff",
"name": "transfers",
"categoryName": "customer",
"label": "Create and Manage Transfers",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/0d3a9972-a843-458a-b6a9-dec3feb458ff"
}
}
},
{
"_profile": "https://production.api.apiture.com/schemas/access/summaryRole/v1.1.0/profile.json",
"_id": "93959e3d-f61d-452f-8054-73a92cdfe263",
"name": "payBills",
"categoryName": "customer",
"label": "Create and Manage Bill Payments",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/access/roles/93959e3d-f61d-452f-8054-73a92cdfe263"
}
}
}
],
"effectiveRoles": [
{
"_id": "0d3a9972-a843-458a-b6a9-dec3feb458ff",
"name": "transfers",
"uri": "https://api.devbank.apiture.com/access/roles/0d3a9972-a843-458a-b6a9-dec3feb458ff"
},
{
"_id": "93959e3d-f61d-452f-8054-73a92cdfe263",
"name": "payBills",
"uri": "https://api.devbank.apiture.com/access/roles/93959e3d-f61d-452f-8054-73a92cdfe263"
}
],
"effectivePermissions": [
"getScheduledTransfer",
"getScheduledTransfers",
"createScheduledTransfer",
"cancelScheduledTransfer",
"updateScheduledTransfer",
"deleteScheduledTransfer",
"getPaymentInstruction",
"getPaymentInstructions",
"createPaymentInstruction",
"submitPaymentInstruction",
"cancelPaymentInstruction",
"deletePaymentInstruction"
]
}
User Access (v1.1.0)
The lists of the currently authenticated user's access: their assigned roles, any effective roles inherited from those assigned role's, and the full set of effective permissions associated with those roles.
Properties
Name | Description |
---|---|
User Access (v1.1.0) | The lists of the currently authenticated user's access: their assigned roles, any effective roles inherited from those assigned role's, and the full set of effective permissions associated with those roles. |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
roles | array: (required) All the roles assigned directly to a user. items: object |
effectiveRoles | array: (required) The union of the user's assigned roles and the roles which have the assigned roles as an ancestor. items: object |
effectivePermissions | array: [ (required) An array containing all the effective permission names associated with all the roles that are assigned to the user. items: string |
@apiture/api-doc
3.2.4 on Mon Oct 28 2024 14:41:00 GMT+0000 (Coordinated Universal Time).