- Consents v0.12.0
- Error Types
- Authentication
- Consents
- Consent Actions
- Documents
- Consent Type Name
- API
- Schemas
Consents v0.12.0
Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.
The Consents API tracks a user's consent of financial institution policies and documents such as banking product terms and conditions, electronic consent, and privacy policy.
Target Documents
A consent resource holds the URI of a target document (typically, a PDF document). Each consent also has a type, such as privacyPolicy or productTermsAndConditions or electronicConsent, which indicates the target document's purpose and hence what kind of consent this is. (See consentTypeNames.) The consent also holds the document's media type, specific document revision identification string, and the time stamp that the document was last revised (modified). If the document is later revised, any previously given consents for any revision of that document become stale; this indicates the user should review and consent to the revised document.
Contexts
A consent may be associated with a context in which an application or service is requesting the consent; the context is represented as the URI of some resource. For example, two different banking products (DDA1, DDA2) at a financial institution may share the same terms and conditions document, D0. The document's type is productTermsAndConditions. If the user is opening an account of type DDA1, the client creates a consent for D0 using the product URI for DDA1 as the context. When the user opens a new account for product DDA2, the client creates a new consent for D0 using product DDA2's URI as the context. The respective account URIs are stored as the secondary context URIs of the consent resources. Because the contexts of the two consents are different, the two consents are independent of each other.
The context is optional. For example, for the financial institution's privacy policy, there is no specific context.
Life Cycle
When a banking application or service (the requester) wishes a user to agree to or consent to a document, it creates a new consent resource to track the request and the user's response.
The user can consent to a document to indicate that they agree to contents of the the document. This is typically done when the user checks an "I agree" checkbox or other user experience. To record the consent given by the user, the client application issues a POST to the apiture:give link on a consent resource. This sets the state to given and records the date and time on the consent.
When a user gives consent to a document, all consent resources which match the target document URI and user ID are also marked as given, although the action can be scoped to just a specific instance.
A client can check for pending or stale consents for a user. This query allows listing all the unique consents, or it may consolidate the response so that it contains only one consent for each combination document type and document uri. Thus, if a user has many different consents for many banking accounts but they all share the same document URI and type, the client need only present the changed document once and the user give consent to the changed document once, not multiple times.
Consents are not directly mutable (the PUT and PATCH verbs are not supported), but other operations described below may update a consent resource to indicate a user has given or revoked consent, that a consent is stale, or that a requester has rescinded a request for consent.
If the user wishes to undo or revoke a specific consent, the client application should POST to the apiture:revoke link on a consent resource (/revokedConsents?consent={consentId}) to reset the consent back to the pending state.
If the requester no longer requires the user's consent, it can rescind the request with POST /rescindedConsents?type={type}&document={documentUri}&context={contextUri}&user=user. This sets the state to rescinded on the first matching consent. For example, if the user is removed as a joint owner of an account of type DDA2, rescinding the productTermsAndConditions consents matches and removes only the first matching consent for DDA2. (The user may be an owner of other accounts on product DDA2, and their consent must be tracked and possibly requested again if the terms and conditions for DDA2 change.)
Document revisions
If the document is revised (for example, the financial institution has updated their privacy policy), a client can mark a document as revised via POST /revisedDocuments. All consents associated with the older revisions of the document are marked stale.
A stale consent indicates that the user should consent to the revised document. The client applications should notify the user that the document has changed (such as via email or or via notification at their next login) and present the revised document to the user for them to accept.
Error Types
Error responses in this API may have one of the type values described below.
See Errors for more information
on error responses and error types.
consentRefNotFound
Description: No consent was found that matches the ?consent= query parameter.
Remediation: Use the links in a consent resource, or provide a valid consent ID.
consentTypeNameInUse
Description: An update to the consent type names omits one or more types that are in use.
Remediation: Include all in-use type names.
The attributes object in the error may have the following properties:
| Property | Type | Description |
|---|---|---|
| typeNames | [undefined] |
The list of type names that are in use but missing from the request. Example: productTermsAndConditions |
invalidConsentState
Description: The state of the consent is not valid for the operation.
Remediation: Update the consent to one of the required states and retry the operation.
invalidConsentType
Description: The specified consent type does not match existing consent type names.
Remediation: Supply a consent type from the consent type names in the /consentTypeNames resource.
invalidContextUri
Description: The consent context URI was not well formed.
Remediation: Pass a valid URI.
invalidDocumentRevision
Description: The time stamp on the revised document predates the existing time stamp.
Remediation: Revised documents must have newer time stamps.
invalidDocumentUri
Description: The document URI was not well formed.
Remediation: Pass a valid URI.
Download OpenAPI Definition (YAML)
Base URLs:
Authentication
- API Key (
apiKey)- header parameter: API-Key
- API Key based authentication. Each thing must pass its private, unique API key, allocated in the developer portal, via the
API-Key: {api-key}request header.
- OAuth2 authentication (
accessToken)- OAuth2 client access token authentication. The client authenticates against the server at
authorizationUrl, passing the client's privateclientId(and optionalclientSecret) as part of this flow. The client obtains an access token from the server attokenUrl. It then passes the received access token via theAuthorization: Bearer {access-token}header in subsequent API calls. The authorization process also returns a refresh token which the client should use to renew the access token before it expires. - Flow:
authorizationCode - Authorization URL = https://auth.devbank.apiture.com/auth/oauth2/authorize
- Token URL = https://api.devbank.apiture.com/auth/oauth2/token
- OAuth2 client access token authentication. The client authenticates against the server at
| Scope | Scope Description |
|---|---|
banking/read |
Read access to consents |
banking/write |
Write (update) access to consents |
banking/full |
Full access to consents |
Consents
User Consent of a Policy or Other Document
getConsents
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/consents \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/consents/consents HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consents',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consents',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/consents',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/consents/consents', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consents");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/consents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Return a collection of consents
GET https://api.devbank.apiture.com/consents/consents
Return a paginated sortable filterable searchable collection of consents. The links in the response include pagination links.
Parameters
| Parameter | Description |
|---|---|
typein: query | string Subset the response to those with this type value. Use | to separate multiple values. For example, ?type=termsAndCondition matches only items whose type is termsAndCondition ?type=privacyPolicy|electronicConsent matches items whose type is privacyPolicy or electronicConsent. This is combined with an implicit and with other filters if they are used. See filtering. |
statein: query | string Subset the response to those with this state value. Use | to separate multiple values. For example, ?type=given|stale matches only items whose state is given or stale. This is combined with an implicit and with other filters if they are used. See filtering. |
userIdin: query | string Subset the response to those with this userId value. Use | to separate multiple values. This is for administrative use; bank users can only see their own consents. |
contextUriin: query | string Subset the response to those with this contextUri value. Use | to separate multiple values. |
secondaryContextUriin: query | string Subset the response to those with this secondaryContextUri value. |
startin: query | integer(int64) The zero-based index of the first consent item to include in this page. The default 0 denotes the beginning of the collection. format: int64 default: 0 |
limitin: query | integer(int32) The maximum number of consent representations to return in this page. format: int32 default: 100 |
sortByin: query | string Optional sort criteria. See sort criteria format, such as ?sortBy=field1,-field2.This collection may be sorted by the following properties: • type• userId• document.revisedAt• givenAt. |
filterin: query | string Optional filter criteria. See filtering. This collection may be filtered by the following properties and functions: • Property state using functions eq, ne, contains, search• Property type using functions eq, ne, contains, search• Property userId using functions eq, ne, contains, search• Property contextUri using functions eq, ne, contains, search• Property secondaryContextUri using functions eq, ne, contains, search. |
qin: query | string Optional search string. See searching. |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consents/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents?start=10&limit=10"
},
"first": {
"href": "/consents/consents?start=0&limit=10"
},
"next": {
"href": "/consents/consents?start=20&limit=10"
},
"collection": {
"href": "/consents/consents"
}
},
"start": 10,
"limit": 10,
"count": 67,
"name": "consents",
"_embedded": {
"items": [
{
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
}
}
},
{
"_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/d62c0701-0d74-4836-83f9-ebf3709442ea"
}
}
}
]
}
}
Responses
| Status | Description |
|---|---|
| 200 | OK |
| OK. | |
Schema: consents |
| Status | Description |
|---|---|
| 400 | Bad Request |
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 422 | Unprocessable Entity |
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
createConsent
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/consents \
-H 'Content-Type: application/hal+json' \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/consents HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
const fetch = require('node-fetch');
const inputBody = '{
"_profile": "https://production.api.apiture.com/schemas/consents/createConsent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisionId": "2019:1.02.0",
"revisedAt": "2019-07-23T08:26:45.375Z"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a"
}';
const headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consents',
{
method: 'POST',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consents',
method: 'post',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/hal+json',
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/consents',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/hal+json',
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/consents', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consents");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/hal+json"},
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/consents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Create a new consent
POST https://api.devbank.apiture.com/consents/consents
Create a new consent resource or locate an existing consent.
Body parameter
{
"_profile": "https://production.api.apiture.com/schemas/consents/createConsent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisionId": "2019:1.02.0",
"revisedAt": "2019-07-23T08:26:45.375Z"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a"
}
Parameters
| Parameter | Description |
|---|---|
body | createConsent (required) The data necessary to create a new consent. |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Responses
| Status | Description |
|---|---|
| 200 | OK |
OK. An existing consent resource for the document and user was found and the contextUri of this request added to that resource. | |
Schema: consent | |
| 201 | Created |
| Created. | |
Schema: consent | |
| Header | Locationstring uri |
The URI of the new consent resource. If the URI begins with / it is relative to the API root context. Else, it is a full URI starting with scheme://host | |
| Header | ETagstring |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. |
| Status | Description |
|---|---|
| 400 | Bad Request |
Bad Request. The request body or content was not well formed. This error response may have one of the following | |
Schema: errorResponse |
getConsent
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/consents/{consentId} \
-H 'Accept: application/hal+json' \
-H 'If-None-Match: string' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/consents/consents/{consentId} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'If-None-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consents/{consentId}',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/hal+json',
'If-None-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consents/{consentId}',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'If-None-Match' => 'string',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/consents/{consentId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'If-None-Match': 'string',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/consents/consents/{consentId}', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consents/{consentId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"If-None-Match": []string{"string"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/consents/{consentId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Fetch a representation of this consent
GET https://api.devbank.apiture.com/consents/consents/{consentId}
Return a HAL representation of this consent resource.
Parameters
| Parameter | Description |
|---|---|
If-None-Matchin: header | string The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET returns 304 (Not Modified) and no response body, else the resource representation is returned. |
consentIdin: path | string (required) The unique identifier of this consent. This is an opaque string. |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Responses
| Status | Description |
|---|---|
| 200 | OK |
| OK. | |
Schema: consent | |
| Header | ETagstring |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update this consent resource. |
| Status | Description |
|---|---|
| 304 | Not Modified |
| Not Modified. The resource has not been modified since it was last fetched. |
| Status | Description |
|---|---|
| 404 | Not Found |
Not Found. There is no such consent resource at the specified {consentId}. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
patchConsent
Code samples
# You can also use wget
curl -X PATCH https://api.devbank.apiture.com/consents/consents/{consentId} \
-H 'Content-Type: application/hal+json' \
-H 'Accept: application/hal+json' \
-H 'If-Match: string' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
PATCH https://api.devbank.apiture.com/consents/consents/{consentId} HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string
const fetch = require('node-fetch');
const inputBody = '{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}';
const headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consents/{consentId}',
{
method: 'PATCH',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consents/{consentId}',
method: 'patch',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/hal+json',
'Accept' => 'application/hal+json',
'If-Match' => 'string',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.patch 'https://api.devbank.apiture.com/consents/consents/{consentId}',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/hal+json',
'Accept': 'application/hal+json',
'If-Match': 'string',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.patch('https://api.devbank.apiture.com/consents/consents/{consentId}', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consents/{consentId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PATCH");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/hal+json"},
"Accept": []string{"application/hal+json"},
"If-Match": []string{"string"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("PATCH", "https://api.devbank.apiture.com/consents/consents/{consentId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Update this consent
PATCH https://api.devbank.apiture.com/consents/consents/{consentId}
Perform a partial update of this consent. Only the secondaryContextUri and contextUri are patchable. Fields which are omitted are not updated. Nested _embedded and _links are ignored if included.
Body parameter
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Parameters
| Parameter | Description |
|---|---|
If-Matchin: header | string The entity tag that was returned in the ETag response. This must match the current entity tag of the resource. |
body | consent (required) |
consentIdin: path | string (required) The unique identifier of this consent. This is an opaque string. |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Responses
| Status | Description |
|---|---|
| 200 | OK |
| OK. | |
Schema: consent | |
| Header | ETagstring |
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT or PATCH operations which update this consent resource. |
| Status | Description |
|---|---|
| 400 | Bad Request |
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 404 | Not Found |
Not Found. There is no such consent resource at the specified {consentId}. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 412 | Precondition Failed |
Precondition Failed. The supplied If-Match header value does not match the most recent ETag response header value. The resource has changed in the interim. | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 422 | Unprocessable Entity |
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
getNeededConsents
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/neededConsents \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/consents/neededConsents HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/neededConsents',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/neededConsents',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/neededConsents',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/consents/neededConsents', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/neededConsents");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/neededConsents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Get needed consents
GET https://api.devbank.apiture.com/consents/neededConsents
Return a list of needed consents (both pending and stale consents) for a user. If no consents exists for a user ID (including if the user ID is not found), the response is an empty collection.
Parameters
| Parameter | Description |
|---|---|
userIdin: query | string The user ID of the user; This is the _id of the User resource. If omitted, the returned list is the needed consents for the currently authenticated user. |
consolidatein: query | boolean If true, two or more duplicate consents in the response body that have the same type and document URI are consolidated such that the result contain only one of the duplicates. Warning: the client should not use ?matching=false when the user gives consent to consents resources in the consolidated response.default: false |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consents/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents?start=10&limit=10"
},
"first": {
"href": "/consents/consents?start=0&limit=10"
},
"next": {
"href": "/consents/consents?start=20&limit=10"
},
"collection": {
"href": "/consents/consents"
}
},
"start": 10,
"limit": 10,
"count": 67,
"name": "consents",
"_embedded": {
"items": [
{
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
}
}
},
{
"_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/d62c0701-0d74-4836-83f9-ebf3709442ea"
}
}
}
]
}
}
Responses
Consent Actions
Actions on Consent Resources
giveConsent
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/givenConsents?consent=string \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/givenConsents?consent=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/givenConsents?consent=string',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/givenConsents',
method: 'post',
data: '?consent=string',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/givenConsents',
params: {
'consent' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/givenConsents', params={
'consent': 'string'
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/givenConsents?consent=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/givenConsents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Give a consent
POST https://api.devbank.apiture.com/consents/givenConsents
Indicate that a user has given consent to a document. This marks the given consent as given. If scope is matching, all the user's matching needed consents (pending or stale consents which have the same type and document.uri) are marked as given. This operation may be invoked by using POST on the apiture:give link on a consent resource; there is no query parameter.
Parameters
| Parameter | Description |
|---|---|
consentin: query | string (required) A string which uniquely identifies a consent which is to added to the given consents resource set. This may be the unique consentId or the URI of the consent. |
scopein: query | string The scope of the given consent. If instance, only the consent named in the ?consent= query parameter is marked as given. If matching, all needed consent matching the named in the ?consent= query parameter (pending or stale consents which have the same type) are marked as given. The default if omitted is matching.enum values: instance, matching |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Responses
| Status | Description |
|---|---|
| 200 | OK |
OK. The operation succeeded. The consents were updated and their state changed to given. The response may include an array of additional consents _embedded.consents which match the named consent and which were also given. | |
Schema: consent |
| Status | Description |
|---|---|
| 400 | Bad Request |
Bad Request. The consent parameter was malformed or does not refer to an existing or accessible consent. This error response may have one of the following | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 409 | Conflict |
Conflict. The request to give the consent is not allowed. The This error response may have one of the following | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 412 | Precondition Failed |
Precondition Failed. The supplied If-Match header value does not match the most recent ETag response header value. The resource has changed in the interim. | |
Schema: errorResponse |
revokeConsent
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/revokedConsents?consent=string \
-H 'Accept: application/hal+json' \
-H 'If-Match: string' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/revokedConsents?consent=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-Match: string
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/revokedConsents?consent=string',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/revokedConsents',
method: 'post',
data: '?consent=string',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'If-Match' => 'string',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/revokedConsents',
params: {
'consent' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'If-Match': 'string',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/revokedConsents', params={
'consent': 'string'
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/revokedConsents?consent=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"If-Match": []string{"string"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/revokedConsents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Revoke a consent
POST https://api.devbank.apiture.com/consents/revokedConsents
A user has revoked a previously given consent. This operation updates a consent by adding it to the set of revoked consents. This changes the state property of the consent to revoked. This operation is available via the apiture:revoke link on the consent resource, if and only if the consent is eligible for the revoke operation. The responses is the updated representation of the consent.
The If-Match request header, if present, must match the current entity tag value of the consent.
Parameters
| Parameter | Description |
|---|---|
consentin: query | string (required) A string which uniquely identifies a consent which is to added to the given consents resource set. This may be the unique consentId or the URI of the consent. |
If-Matchin: header | string The entity tag that was returned in the ETag response. This must match the current entity tag of the resource. |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Responses
| Status | Description |
|---|---|
| 200 | OK |
OK. The operation succeeded. The consent was updated and its state changed to revoked. | |
Schema: consent | |
| Header | ETagstring |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. |
| Status | Description |
|---|---|
| 400 | Bad Request |
Bad Request. The consent parameter was malformed or does not refer to an existing or accessible consent. This error response may have one of the following | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 409 | Conflict |
Conflict. The request to revoke the consent is not allowed. The This error response may have one of the following | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 412 | Precondition Failed |
Precondition Failed. The supplied If-Match header value does not match the most recent ETag response header value. The resource has changed in the interim. | |
Schema: errorResponse |
rescindConsents
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/rescindedConsents?type=string \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/rescindedConsents?type=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/rescindedConsents?type=string',
{
method: 'POST',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/rescindedConsents',
method: 'post',
data: '?type=string',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/rescindedConsents',
params: {
'type' => 'string'
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/rescindedConsents', params={
'type': 'string'
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/rescindedConsents?type=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/rescindedConsents", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Rescind matching consents
POST https://api.devbank.apiture.com/consents/rescindedConsents
Rescind consent requests which match the specified consent type, optional user and context. This action is typically performed by the financial institution to indicate that it no longer requires the user's consent. For example, a service may rescind a consent if a user is removed as an account owner or as an authorized signer, when an account application expires, or when they remove a banking product. Rescinding consent changes the state property of the matching consent resources to rescinded. The client must pass at least the document type in order to find matching consents. If the optional document, user, and/or context are specified, only consents that match those options and type are rescinded.
The response is the collection of updated matching consent resources. If no matching consents were found, the consents collection response has an empty items array.
Parameters
| Parameter | Description |
|---|---|
typein: query | string (required) Specify the consent type to rescind. |
contextin: query | string(uri) The URI of the consent context. format: uri |
secondaryContextin: query | string(uri) The URI of the secondary consent context. Use this if the primary context is insufficient for uniquely identifying the intended consents to rescind.format: uri |
userin: query | string(uri) Rescind all matching consents for the user with this user ID. format: uri |
documentin: query | string(uri) The URI of the target document. This is not required but if passed, the document.uri must match as well as the other required query parameters.format: uri |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consents/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents?start=10&limit=10"
},
"first": {
"href": "/consents/consents?start=0&limit=10"
},
"next": {
"href": "/consents/consents?start=20&limit=10"
},
"collection": {
"href": "/consents/consents"
}
},
"start": 10,
"limit": 10,
"count": 67,
"name": "consents",
"_embedded": {
"items": [
{
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
}
}
},
{
"_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/d62c0701-0d74-4836-83f9-ebf3709442ea"
}
}
}
]
}
}
Responses
| Status | Description |
|---|---|
| 200 | OK |
OK. The operation succeeded. The matching consents are updated and their state changed to rescinded. | |
Schema: consents | |
| Header | ETagstring |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. |
| Status | Description |
|---|---|
| 400 | Bad Request |
Bad Request. One or more query parameters is not well-formed. This error response may have one of the following | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 412 | Precondition Failed |
Precondition Failed. The supplied If-Match header value does not match the most recent ETag response header value. The resource has changed in the interim. | |
Schema: errorResponse |
Documents
Manage Documents Subject to Consent
reviseDocument
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/revisedDocuments \
-H 'Content-Type: application/hal+json' \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/revisedDocuments HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
const fetch = require('node-fetch');
const inputBody = '{
"_profile": "https://production.api.apiture.com/schemas/consents/revisedDocument/v1.0.2/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"revisionId": "2019:1.2.0",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"revisedAt": "2019-10-05T10:30:00.000Z",
"type": "productTermsAndConditions",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}';
const headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/revisedDocuments',
{
method: 'POST',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/revisedDocuments',
method: 'post',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/hal+json',
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/revisedDocuments',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/hal+json',
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/revisedDocuments', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/revisedDocuments");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/hal+json"},
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/revisedDocuments", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Mark a document as revised, rendering corresponding consents as stale
POST https://api.devbank.apiture.com/consents/revisedDocuments
Mark a document as revised. All given consents related to that document, document type, and the optional context are marked as stale, indicating that the user should be presented the document and asked to consent to the terms of the revised document. The newly stale consents are listed in the result of GET /neededConsents. This operation is restricted to financial institution administrators or service applications. Any given consents which already match the document and time stamp (and, optionally, document revision) are not marked stale.
Body parameter
{
"_profile": "https://production.api.apiture.com/schemas/consents/revisedDocument/v1.0.2/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"revisionId": "2019:1.2.0",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"revisedAt": "2019-10-05T10:30:00.000Z",
"type": "productTermsAndConditions",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Parameters
| Parameter | Description |
|---|---|
body | revisedDocument (required) The details of the revised document. |
Example responses
202 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/revisedDocument/v1.0.2/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"revisionId": "2019:1.2.0",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"revisedAt": "2019-10-05T10:30:00.000Z",
"type": "productTermsAndConditions",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Responses
| Status | Description |
|---|---|
| 202 | Accepted |
Accepted. The operation was received and accepted. The operation continues to update all matching consents, setting state changed to stale and changing the revision and documentRevisedAt to match the values in the request. | |
Schema: revisedDocument |
| Status | Description |
|---|---|
| 400 | Bad Request |
Bad Request. The request body or content was not well formed. This error response may have one of the following | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 409 | Conflict |
| Conflict. The request contains semantically invalid data. | |
Schema: errorResponse |
moveDocument
Code samples
# You can also use wget
curl -X POST https://api.devbank.apiture.com/consents/movedDocuments \
-H 'Content-Type: application/hal+json' \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
POST https://api.devbank.apiture.com/consents/movedDocuments HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
const fetch = require('node-fetch');
const inputBody = '{
"_profile": "https://production.api.apiture.com/schemas/consents/movedDocument/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"type": "productTermsAndConditions",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}';
const headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/movedDocuments',
{
method: 'POST',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/movedDocuments',
method: 'post',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/hal+json',
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://api.devbank.apiture.com/consents/movedDocuments',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/hal+json',
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://api.devbank.apiture.com/consents/movedDocuments', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/movedDocuments");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/hal+json"},
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/consents/movedDocuments", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Change the location of a document
POST https://api.devbank.apiture.com/consents/movedDocuments
If the financial institution moves a document that is tracked by consents, such as the Terms and Conditions document for a product, use this operation to update the document URI of any consents.
Body parameter
{
"_profile": "https://production.api.apiture.com/schemas/consents/movedDocument/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"type": "productTermsAndConditions",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Parameters
| Parameter | Description |
|---|---|
body | movedDocument (required) The details of the revised document. |
Example responses
202 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/movedDocument/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"type": "productTermsAndConditions",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Responses
| Status | Description |
|---|---|
| 202 | Accepted |
Accepted. The operation was received and accepted. The operation continues to update all matching consents, setting the document.uri to match the newUri value in the request. | |
Schema: movedDocument |
| Status | Description |
|---|---|
| 400 | Bad Request |
Bad Request. The request body or content was not well formed. This error response may have one of the following | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 409 | Conflict |
| Conflict. The request contains semantically invalid data. | |
Schema: errorResponse |
Consent Type Name
Allowed Consent Types
getConsentTypeNames
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/consentTypeNames \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
GET https://api.devbank.apiture.com/consents/consentTypeNames HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consentTypeNames',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consentTypeNames',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/consentTypeNames',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://api.devbank.apiture.com/consents/consentTypeNames', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consentTypeNames");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/consentTypeNames", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Retrieve the set of consent type names
GET https://api.devbank.apiture.com/consents/consentTypeNames
Return the set of reserved consent type names. The name property of a consent must be one of these reserved names. This list may be updated by the financial institution via the updateConsentTypeNames operation. The default list includes the following names:
productTermsAndConditionsprivacyPolicyelectronicConsent
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consentTypeNames/v1.0.2/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"names": {
"productTermsAndConditions": [
{
"label": "Product Terms and Conditions",
"description": "The terms and conditions of use for bank accounts of a specific banking product. The user must consent to these terms and conditions in order to open a new account."
}
],
"termsAndConditions": [
{
"label": "Terms and Conditions",
"description": "The terms and conditions associated with a specific bank account."
}
],
"privacyPolicy": [
{
"label": "Privacy Policy",
"description": "The financial institution's privacy policy, which covers how the financial institution guards the customer's personal information and how it shares information about customers."
}
],
"electronicConsent": [
{
"label": "Electronic Consent Agreement",
"description": "Consenting to this agreement means the user agrees to receive electronically certain information such as statements or notices from the financial institution, and that the user agrees their use of the banking applications means they agree to allow those banking applications to perform banking operations, including transferring money or making payments, on their behalf."
}
]
}
}
Responses
| Status | Description |
|---|---|
| 200 | OK |
| OK. | |
Schema: consentTypeNames | |
| Header | ETagstring |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. |
updateConsentTypeNames
Code samples
# You can also use wget
curl -X PUT https://api.devbank.apiture.com/consents/consentTypeNames \
-H 'Content-Type: application/hal+json' \
-H 'Accept: application/hal+json' \
-H 'If-Match: string' \
-H 'API-Key: API_KEY' \
-H 'Authorization: Bearer {access-token}'
PUT https://api.devbank.apiture.com/consents/consentTypeNames HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string
const fetch = require('node-fetch');
const inputBody = '{
"_profile": "https://production.api.apiture.com/schemas/consents/consentTypeNames/v1.0.2/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"names": {
"productTermsAndConditions": [
{
"label": "Product Terms and Conditions",
"description": "The terms and conditions of use for bank accounts of a specific banking product. The user must consent to these terms and conditions in order to open a new account."
}
],
"termsAndConditions": [
{
"label": "Terms and Conditions",
"description": "The terms and conditions associated with a specific bank account."
}
],
"privacyPolicy": [
{
"label": "Privacy Policy",
"description": "The financial institution's privacy policy, which covers how the financial institution guards the customer's personal information and how it shares information about customers."
}
],
"electronicConsent": [
{
"label": "Electronic Consent Agreement",
"description": "Consenting to this agreement means the user agrees to receive electronically certain information such as statements or notices from the financial institution, and that the user agrees their use of the banking applications means they agree to allow those banking applications to perform banking operations, including transferring money or making payments, on their behalf."
}
]
}
}';
const headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
fetch('https://api.devbank.apiture.com/consents/consentTypeNames',
{
method: 'PUT',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Content-Type':'application/hal+json',
'Accept':'application/hal+json',
'If-Match':'string',
'API-Key':'API_KEY',
'Authorization':'Bearer {access-token}'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/consentTypeNames',
method: 'put',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/hal+json',
'Accept' => 'application/hal+json',
'If-Match' => 'string',
'API-Key' => 'API_KEY',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.put 'https://api.devbank.apiture.com/consents/consentTypeNames',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/hal+json',
'Accept': 'application/hal+json',
'If-Match': 'string',
'API-Key': 'API_KEY',
'Authorization': 'Bearer {access-token}'
}
r = requests.put('https://api.devbank.apiture.com/consents/consentTypeNames', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/consentTypeNames");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/hal+json"},
"Accept": []string{"application/hal+json"},
"If-Match": []string{"string"},
"API-Key": []string{"API_KEY"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("PUT", "https://api.devbank.apiture.com/consents/consentTypeNames", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Replace the set of consent type names
PUT https://api.devbank.apiture.com/consents/consentTypeNames
A financial institution can use this operation to register additional types of consent that they may request from their users. The type property of a consent must be one of these reserved names. This operation completely replaces the set of reserved consent type names, so it should include all items from the getConsentTypeNames that are in use. This operation is only available to financial institution administrators.
Body parameter
{
"_profile": "https://production.api.apiture.com/schemas/consents/consentTypeNames/v1.0.2/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"names": {
"productTermsAndConditions": [
{
"label": "Product Terms and Conditions",
"description": "The terms and conditions of use for bank accounts of a specific banking product. The user must consent to these terms and conditions in order to open a new account."
}
],
"termsAndConditions": [
{
"label": "Terms and Conditions",
"description": "The terms and conditions associated with a specific bank account."
}
],
"privacyPolicy": [
{
"label": "Privacy Policy",
"description": "The financial institution's privacy policy, which covers how the financial institution guards the customer's personal information and how it shares information about customers."
}
],
"electronicConsent": [
{
"label": "Electronic Consent Agreement",
"description": "Consenting to this agreement means the user agrees to receive electronically certain information such as statements or notices from the financial institution, and that the user agrees their use of the banking applications means they agree to allow those banking applications to perform banking operations, including transferring money or making payments, on their behalf."
}
]
}
}
Parameters
| Parameter | Description |
|---|---|
If-Matchin: header | string The entity tag that was returned in the ETag response. This must match the current entity tag of the resource. |
body | consentTypeNames (required) The set of consent type names |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/consents/consentTypeNames/v1.0.2/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"names": {
"productTermsAndConditions": [
{
"label": "Product Terms and Conditions",
"description": "The terms and conditions of use for bank accounts of a specific banking product. The user must consent to these terms and conditions in order to open a new account."
}
],
"termsAndConditions": [
{
"label": "Terms and Conditions",
"description": "The terms and conditions associated with a specific bank account."
}
],
"privacyPolicy": [
{
"label": "Privacy Policy",
"description": "The financial institution's privacy policy, which covers how the financial institution guards the customer's personal information and how it shares information about customers."
}
],
"electronicConsent": [
{
"label": "Electronic Consent Agreement",
"description": "Consenting to this agreement means the user agrees to receive electronically certain information such as statements or notices from the financial institution, and that the user agrees their use of the banking applications means they agree to allow those banking applications to perform banking operations, including transferring money or making payments, on their behalf."
}
]
}
}
Responses
| Status | Description |
|---|---|
| 200 | OK |
| OK. | |
Schema: consentTypeNames | |
| Header | ETagstring |
The ETag response header specifies an entity tag which must be provided in an If-Match request header for operations which update the resource. |
| Status | Description |
|---|---|
| 400 | Bad Request |
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error. | |
Schema: errorResponse |
| Status | Description |
|---|---|
| 409 | Conflict |
The request does not include consent type names that are in use in existing consent resource. This error response may have one of the following | |
Schema: errorResponse |
API
The Consents API
getApi
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/ \
-H 'Accept: application/hal+json' \
-H 'API-Key: API_KEY'
GET https://api.devbank.apiture.com/consents/ HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY'
};
fetch('https://api.devbank.apiture.com/consents/',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/hal+json',
'API-Key':'API_KEY'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'API-Key' => 'API_KEY'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'API-Key': 'API_KEY'
}
r = requests.get('https://api.devbank.apiture.com/consents/', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"API-Key": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Top-level resources and operations in this API
GET https://api.devbank.apiture.com/consents/
Return links to the top-level resources and operations in this API.
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"id": "apiName",
"name": "API name",
"apiVersion": "1.0.0"
}
Responses
getApiDoc
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/apiDoc \
-H 'Accept: application/json' \
-H 'API-Key: API_KEY'
GET https://api.devbank.apiture.com/consents/apiDoc HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json
const fetch = require('node-fetch');
const headers = {
'Accept':'application/json',
'API-Key':'API_KEY'
};
fetch('https://api.devbank.apiture.com/consents/apiDoc',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/json',
'API-Key':'API_KEY'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/apiDoc',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'API-Key' => 'API_KEY'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/apiDoc',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json',
'API-Key': 'API_KEY'
}
r = requests.get('https://api.devbank.apiture.com/consents/apiDoc', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/apiDoc");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"API-Key": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/apiDoc", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Return API definition document
GET https://api.devbank.apiture.com/consents/apiDoc
Return the OpenAPI document that describes this API.
Example responses
200 Response
{}
Responses
| Status | Description |
|---|---|
| 200 | OK |
| OK. | |
Schema: Inline |
Response Schema
getLabels
Code samples
# You can also use wget
curl -X GET https://api.devbank.apiture.com/consents/labels \
-H 'Accept: application/hal+json' \
-H 'Accept-Language: string' \
-H 'API-Key: API_KEY'
GET https://api.devbank.apiture.com/consents/labels HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
Accept-Language: string
const fetch = require('node-fetch');
const headers = {
'Accept':'application/hal+json',
'Accept-Language':'string',
'API-Key':'API_KEY'
};
fetch('https://api.devbank.apiture.com/consents/labels',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
var headers = {
'Accept':'application/hal+json',
'Accept-Language':'string',
'API-Key':'API_KEY'
};
$.ajax({
url: 'https://api.devbank.apiture.com/consents/labels',
method: 'get',
headers: headers,
success: function(data) {
console.log(JSON.stringify(data));
}
})
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/hal+json',
'Accept-Language' => 'string',
'API-Key' => 'API_KEY'
}
result = RestClient.get 'https://api.devbank.apiture.com/consents/labels',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Accept': 'application/hal+json',
'Accept-Language': 'string',
'API-Key': 'API_KEY'
}
r = requests.get('https://api.devbank.apiture.com/consents/labels', params={
}, headers = headers)
print r.json()
URL obj = new URL("https://api.devbank.apiture.com/consents/labels");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/hal+json"},
"Accept-Language": []string{"string"},
"API-Key": []string{"API_KEY"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/consents/labels", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
Localized Labels
GET https://api.devbank.apiture.com/consents/labels
Return a JSON object which defines labels for enumeration types defined by the schemas defined in this API. The labels in the response may not all match the requested language; some may be in the default language (en-us).
Parameters
| Parameter | Description |
|---|---|
Accept-Languagein: header | string The weighted language tags which indicate the user's preferred natural language for the localized labels in the response, as per RFC 7231. |
Example responses
200 Response
{
"_profile": "https://production.api.apiture.com/schemas/common/labelGroups/v1.1.3/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"groups": {
"firstGroup": {
"unknown": {
"label": "Unknown",
"code": "0",
"hidden": true
},
"key1": {
"label": "Label for Key 1",
"code": "1",
"variants": {
"es": {
"label": "(Spanish label for Key 1)"
},
"fr": {
"label": "(French label for Key 1)"
}
}
},
"key2": {
"label": "Label for Key 2",
"code": "2",
"variants": {
"es": {
"label": "(Spanish label for Key 2)"
},
"fr": {
"label": "(French label for Key 2)"
}
}
},
"key3": {
"label": "Label for Key 3",
"code": "3",
"variants": {
"es": {
"label": "(Spanish label for Key 3)"
},
"fr": {
"label": "(French label for Key 3)"
}
}
},
"other": {
"label": "Other",
"variants": {
"es": {
"label": "(Spanish label for Other)"
},
"fr": {
"label": "(French label for Other)"
}
},
"code": "254"
}
},
"secondGroup": {
"unknown": {
"label": "Unknown",
"code": "?",
"hidden": true
},
"optionA": {
"label": "Option A",
"code": "A"
},
"optionB": {
"label": "Option B",
"code": "B"
},
"optionC": {
"label": "Option C",
"code": "C"
},
"other": {
"label": "Other",
"code": "_"
}
}
}
}
Responses
| Status | Description |
|---|---|
| 200 | OK |
| OK. | |
Schema: labelGroups |
Schemas
abstractRequest
{
"_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.1/profile.json",
"_links": {}
}
Abstract Request (v2.0.1)
An abstract schema used to define other request-only schemas. This is a HAL resource representation, minus the _error defined in abstractResource.
This schema was resolved from common/abstractRequest.
Properties
| Name | Description |
|---|---|
Abstract Request (v2.0.1) | An abstract schema used to define other request-only schemas. This is a HAL resource representation, minus the _error defined in abstractResource. This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
abstractResource
{
"_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
}
}
Abstract Resource (v2.1.0)
An abstract schema used to define other schemas for request and response bodies. This is a HAL resource representation. This model contains hypermedia _links, and either optional domain object data with _profile and optional _embedded objects, or an _error object. In responses, if the operation was successful, this object will not include the _error, but if the operation was a 4xx or 5xx error, this object will not include _embedded or any data fields, only _error and optionally _links.
This schema was resolved from common/abstractResource.
Properties
| Name | Description |
|---|---|
Abstract Resource (v2.1.0) | An abstract schema used to define other schemas for request and response bodies. This is a HAL resource representation. This model contains hypermedia _links, and either optional domain object data with _profile and optional _embedded objects, or an _error object. In responses, if the operation was successful, this object will not include the _error, but if the operation was a 4xx or 5xx error, this object will not include _embedded or any data fields, only _error and optionally _links. This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
attributes
{}
Attributes (v2.1.0)
An optional map of name/value pairs which contains additional dynamic data about the resource.
This schema was resolved from common/attributes.
Properties
| Name | Description |
|---|---|
Attributes (v2.1.0) | An optional map of name/value pairs which contains additional dynamic data about the resource. This schema was resolved from |
collection
{
"_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
}
}
Collection (v2.1.1)
A collection of resources. This is an abstract model schema which is extended to define specific resource collections.
This schema was resolved from common/collection.
Properties
| Name | Description |
|---|---|
Collection (v2.1.1) | A collection of resources. This is an abstract model schema which is extended to define specific resource collections. This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
count | The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter. |
start | The start index of this page of items. |
limit | The maximum number of items per page. |
name | The name of the collection. |
consent
{
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:revoke": {
"href": "/consents/revokedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
},
"apiture:rescind": {
"href": "/consents/rescindedConsents?consent=0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z",
"revisionId": "2019:1.02.0"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "given",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"givenAt": "2019-07-23T13:27:34.375Z"
}
Consent (v1.1.1)
Representation of a consent resource. Users consent or acceptance of a policy or other document.
Links
Response and request bodies using this consent schema may contain the following links:
| Rel | Summary | Method |
|---|---|---|
self | Fetch a representation of this consent | GET |
apiture:revoke | Revoke a consent | POST |
apiture:give | Give a consent | POST |
Properties
| Name | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Consent (v1.1.1) | Representation of a consent resource. Users consent or acceptance of a policy or other document. LinksResponse and request bodies using this
| ||||||||||||
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from | ||||||||||||
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. | ||||||||||||
_profile | The URI of a resource profile which describes the representation. read-only format: uri | ||||||||||||
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only | ||||||||||||
document | Properties of the target document. | ||||||||||||
type | Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource. | ||||||||||||
contextUri | The URI of a resource that establishes the context in which the financial institution asks for the user's consent. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. format: uri maxLength: 2048 | ||||||||||||
secondaryContextUri | The URI of a secondary resource associated with this user's consent and the contextUri. For example, for consent of an account's terms and conditions, the secondary context might be the account.format: uri maxLength: 2048 | ||||||||||||
userId | The user ID of the user who is requested to consent to a document. This is the _id of the User resource. | ||||||||||||
_id | The unique identifier for this consent resource. This is an immutable opaque string. read-only | ||||||||||||
state | The state of this consent. read-only enum values: pending, given, stale, rescinded, revoked | ||||||||||||
givenAt | The time stamp when the user last consented to the document, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ). This property is not set if state is pending.read-only format: date-time | ||||||||||||
requestRevokedAt | The time stamp when the user revoked consent, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ). A revoked consent reflects a consent request that the user has previously given but has reversed. Revoking a consent sets the state back to pending and clears consentedAt.read-only format: date-time | ||||||||||||
requestRescindedAt | The time stamp when the consent request was rescinded by the requester, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ). A rescinded consent reflects a consent request that the system or application has issued in the past but no longer requires. For example, if a user is removed as an authorized signer from an account and a consent is pending for that account's terms and conditions, the Accounts service may rescind that consent request. This property is set only if state is rescinded.read-only format: date-time |
consentFields
{
"document": {
"uri": "http://example.com",
"contentType": "application/pdf",
"revisionId": "2019:1.2.0",
"revisedAt": "2019-08-24T14:15:22Z"
},
"type": "string",
"contextUri": "http://example.com",
"secondaryContextUri": "http://example.com",
"userId": "string"
}
Consent Fields (v1.1.0)
Common fields of the consent resource used to build other model schemas.
Properties
| Name | Description |
|---|---|
Consent Fields (v1.1.0) | Common fields of the consent resource used to build other model schemas. |
document | Properties of the target document. |
type | Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource. |
contextUri | The URI of a resource that establishes the context in which the financial institution asks for the user's consent. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. format: uri maxLength: 2048 |
secondaryContextUri | The URI of a secondary resource associated with this user's consent and the contextUri. For example, for consent of an account's terms and conditions, the secondary context might be the account.format: uri maxLength: 2048 |
userId | The user ID of the user who is requested to consent to a document. This is the _id of the User resource. |
consentStates
"pending"
Consent States (v1.0.0)
The state of a consent resource.
type: string
enum values: pending, given, stale, rescinded, revoked
consentTypeNames
{
"_profile": "https://production.api.apiture.com/schemas/consents/consentTypeNames/v1.0.2/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"names": {
"productTermsAndConditions": [
{
"label": "Product Terms and Conditions",
"description": "The terms and conditions of use for bank accounts of a specific banking product. The user must consent to these terms and conditions in order to open a new account."
}
],
"termsAndConditions": [
{
"label": "Terms and Conditions",
"description": "The terms and conditions associated with a specific bank account."
}
],
"privacyPolicy": [
{
"label": "Privacy Policy",
"description": "The financial institution's privacy policy, which covers how the financial institution guards the customer's personal information and how it shares information about customers."
}
],
"electronicConsent": [
{
"label": "Electronic Consent Agreement",
"description": "Consenting to this agreement means the user agrees to receive electronically certain information such as statements or notices from the financial institution, and that the user agrees their use of the banking applications means they agree to allow those banking applications to perform banking operations, including transferring money or making payments, on their behalf."
}
]
}
}
Consent Type Names (v1.0.2)
A list of allowed consent type names and their labels and descriptions.
Properties
| Name | Description |
|---|---|
Consent Type Names (v1.0.2) | A list of allowed consent type names and their labels and descriptions. |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
names | An object which maps consent type names to their labels and descriptions. |
consents
{
"_profile": "https://production.api.apiture.com/schemas/consents/consents/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents?start=10&limit=10"
},
"first": {
"href": "/consents/consents?start=0&limit=10"
},
"next": {
"href": "/consents/consents?start=20&limit=10"
},
"collection": {
"href": "/consents/consents"
}
},
"start": 10,
"limit": 10,
"count": 67,
"name": "consents",
"_embedded": {
"items": [
{
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
}
}
},
{
"_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
"_profile": "https://production.api.apiture.com/schemas/consents/consent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/d62c0701-0d74-4836-83f9-ebf3709442ea"
}
}
}
]
}
}
Consent Collection (v1.1.1)
Collection of consents. The items in the collection are ordered in the _embedded.items array; the name is consents. The top-level _links object may contain pagination links (self, next, prev, first, last, collection).
Links
Response and request bodies using this consents schema may contain the following links:
| Rel | Summary | Method |
|---|---|---|
self | This filtered page of results | GET |
collection | The raw collection without filters/sorting | GET |
next | Fetch the next page of results | GET |
prev | Fetch the previous page of results | GET |
Properties
| Name | Description | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Consent Collection (v1.1.1) | Collection of consents. The items in the collection are ordered in the LinksResponse and request bodies using this
| |||||||||||||||
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from | |||||||||||||||
_embedded | Embedded objects. | |||||||||||||||
» items | array: An array containing a page of consent items. items: object | |||||||||||||||
_profile | The URI of a resource profile which describes the representation. read-only format: uri | |||||||||||||||
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only | |||||||||||||||
count | The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter. | |||||||||||||||
start | The start index of this page of items. | |||||||||||||||
limit | The maximum number of items per page. | |||||||||||||||
name | The name of the collection. |
createConsent
{
"_profile": "https://production.api.apiture.com/schemas/consents/createConsent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisionId": "2019:1.02.0",
"revisedAt": "2019-07-23T08:26:45.375Z"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a"
}
Create Consent (v1.1.1)
Representation used to create a new consent.
Properties
| Name | Description |
|---|---|
Create Consent (v1.1.1) | Representation used to create a new consent. |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
document | Properties of the target document. |
type | Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource. |
contextUri | The URI of a resource that establishes the context in which the financial institution asks for the user's consent. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. format: uri maxLength: 2048 |
secondaryContextUri | The URI of a secondary resource associated with this user's consent and the contextUri. For example, for consent of an account's terms and conditions, the secondary context might be the account.format: uri maxLength: 2048 |
userId | The user ID of the user who is requested to consent to a document. This is the _id of the User resource. |
document
{
"uri": "http://example.com",
"contentType": "application/pdf",
"revisionId": "2019:1.2.0",
"revisedAt": "2019-08-24T14:15:22Z"
}
Document (v1.0.0)
Properties of a target document.
Properties
| Name | Description |
|---|---|
Document (v1.0.0) | Properties of a target document. |
uri | The URI of the target document that the user is consenting to. If the document is revised, this consent is marked as stale. (Note: This need not be a document in the Apiture vault.)format: uri maxLength: 2048 |
contentType | The media type for the document. For text documents, the content type should include the text encoding; if omitted, the encoding type is assumed to be utf-8. |
revisionId | The revision identifier of the document revision the user consented to. If the content management system in which the document is stored does not define revision identifiers or tags, this may be omitted and defaults to the revision time stamp. |
revisedAt | The time stamp when the target document was last revised (modified), in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ).format: date-time |
error
{
"_id": "2eae46e1575c0a7b0115a4b3",
"message": "Descriptive error message...",
"statusCode": 422,
"type": "errorType1",
"remediation": "Remediation string...",
"occurredAt": "2018-01-25T05:50:52.375Z",
"errors": [
{
"_id": "ccdbe2c5c938a230667b3827",
"message": "An optional embedded error"
},
{
"_id": "dbe9088dcfe2460f229338a3",
"message": "Another optional embedded error"
}
],
"_links": {
"describedby": {
"href": "https://developer.apiture.com/errors/errorType1"
}
}
}
Error (v2.1.1)
Describes an error in an API request or in a service called via the API.
This schema was resolved from common/error.
Properties
| Name | Description |
|---|---|
Error (v2.1.1) | Describes an error in an API request or in a service called via the API. This schema was resolved from |
message | A localized message string describing the error condition. |
_id | A unique identifier for this error instance. This may be used as a correlation ID with the root cause error (i.e. this ID may be logged at the source of the error). This is is an opaque string. read-only |
statusCode | The HTTP status code associate with this error. minimum: 100 maximum: 599 |
type | An error identifier which indicates the category of error and associate it with API support documentation or which the UI tier can use to render an appropriate message or hint. This provides a finer level of granularity than the statusCode. For example, instead of just 400 Bad Request, the type may be much more specific. such as integerValueNotInAllowedRange or numericValueExceedsMaximum or stringValueNotInAllowedSet. |
occurredAt | An RFC 3339 UTC time stamp indicating when the error occurred. format: date-time |
attributes | Informative values or constraints which describe the error. For example, for a value out of range error, the attributes may specify the minimum and maximum values. This allows clients to present error messages as they see fit (the API does not assume the client/presentation tier). The set of attributes varies by error type.Additional Properties: true |
remediation | An optional localized string which provides hints for how the user or client can resolve the error. |
errors | array: An optional array of nested error objects. This property is not always present. items: object |
errorResponse
{
"_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"_error": {
"_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
"message": "Description of the error will appear here.",
"statusCode": 422,
"type": "specificErrorType",
"attributes": {
"value": "Optional attribute describing the error"
},
"remediation": "Optional instructions to remediate the error may appear here.",
"occurredAt": "2018-01-25T05:50:52.375Z",
"_links": {
"describedby": {
"href": "https://production.api.apiture.com/errors/specificErrorType"
}
},
"_embedded": {
"errors": []
}
}
}
Error Response (v2.1.1)
Describes an error response, typically returned on 4xx or 5xx errors from API operations. The _error object contains the error details.
This schema was resolved from common/errorResponse.
Properties
| Name | Description |
|---|---|
Error Response (v2.1.1) | Describes an error response, typically returned on 4xx or 5xx errors from API operations. The _error object contains the error details. This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
labelGroup
{
"unknown": {
"label": "Unknown",
"code": "0",
"hidden": true
},
"under1Million": {
"label": "Under $1M",
"code": "1",
"range": "[0,1000000.00)",
"variants": {
"fr": {
"label": "Moins de $1M"
}
}
},
"from1to10Million": {
"label": "$1M to $10M",
"code": "2",
"range": "[1000000.00,10000000.00)",
"variants": {
"fr": {
"label": "$1M \\u00e0 $10M"
}
}
},
"from10to100Million": {
"label": "$10M to $100M",
"code": "3",
"range": "[10000000.00,100000000.00)",
"variants": {
"fr": {
"label": "$10M \\u00e0 $100M"
}
}
},
"over100Million": {
"label": "Over $100,000,000.00",
"code": "4",
"range": "[100000000.00,]",
"variants": {
"fr": {
"label": "Plus de $10M"
}
}
},
"other": {
"label": "Other",
"code": "254"
}
}
Label Group (v1.0.3)
A map that defines labels for the items in a group. This is a map from each item name → a labelItem object. For example, consider a JSON response that includes a property named revenueEstimate; the values for revenueEstimate must be one of the items in the group named estimatedAnnualRevenue, with options ranging under1Million, to over100Million. The item name is used as the selected value in an Apiture representation, such as { ..., "revenueEstimate" : "from10to100Million" , ...}, and the item with the name from10to100Million defines the presentation labels for that item, as well as other metadata about that choice: this is the range [10000000.00,100000000.00).
This allows the client to let the user select a value from a list, such as the following derived from the labels in the example:
- Unknown
- Under $1M
- $1M to $10M
- $10M to $100M
- $100M or more
Note that the other item is hidden from the selection list, as that item is marked as hidden. For items which define numeric ranges, a client may instead let the customer directly enter their estimated annual revenue as a number, such as 4,500,000.00. The client can then match that number to one of ranges in the items and set the revenueEstimate to the corresponding item's name: { ..., "revenueEstimate" : "from1to10Million", ... }.
This schema was resolved from common/labelGroup.
Properties
| Name | Description |
|---|---|
Label Group (v1.0.3) | A map that defines labels for the items in a group. This is a map from each item name → a labelItem object. For example, consider a JSON response that includes a property named revenueEstimate; the values for revenueEstimate must be one of the items in the group named estimatedAnnualRevenue, with options ranging under1Million, to over100Million. The item name is used as the selected value in an Apiture representation, such as { ..., "revenueEstimate" : "from10to100Million" , ...}, and the item with the name from10to100Million defines the presentation labels for that item, as well as other metadata about that choice: this is the range [10000000.00,100000000.00). This allows the client to let the user select a value from a list, such as the following derived from the labels in the example:
Note that the This schema was resolved from |
Label Item (v1.0.2) | An item in a labelGroup, with a set of variants which contains different localized labels for the item. Each simpleLabel variant defines the presentation text label and optional description for a language. Items may also have a lookup code to map to external systems, a numeric range, and a hidden boolean to indicate the item is normally hidden in the UI. This schema was resolved from |
labelGroups
{
"_profile": "https://production.api.apiture.com/schemas/common/labelGroups/v1.1.3/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"groups": {
"firstGroup": {
"unknown": {
"label": "Unknown",
"code": "0",
"hidden": true
},
"key1": {
"label": "Label for Key 1",
"code": "1",
"variants": {
"es": {
"label": "(Spanish label for Key 1)"
},
"fr": {
"label": "(French label for Key 1)"
}
}
},
"key2": {
"label": "Label for Key 2",
"code": "2",
"variants": {
"es": {
"label": "(Spanish label for Key 2)"
},
"fr": {
"label": "(French label for Key 2)"
}
}
},
"key3": {
"label": "Label for Key 3",
"code": "3",
"variants": {
"es": {
"label": "(Spanish label for Key 3)"
},
"fr": {
"label": "(French label for Key 3)"
}
}
},
"other": {
"label": "Other",
"variants": {
"es": {
"label": "(Spanish label for Other)"
},
"fr": {
"label": "(French label for Other)"
}
},
"code": "254"
}
},
"secondGroup": {
"unknown": {
"label": "Unknown",
"code": "?",
"hidden": true
},
"optionA": {
"label": "Option A",
"code": "A"
},
"optionB": {
"label": "Option B",
"code": "B"
},
"optionC": {
"label": "Option C",
"code": "C"
},
"other": {
"label": "Other",
"code": "_"
}
}
}
}
Label Groups (v1.1.3)
A set of named groups of labels, each of which contains multiple item labels.
The abbreviated example shows two groups, one named structure and one named estimatedAnnualRevenue. The first has items with names such as corporation, llc and soleProprietorship, with text labels for each in the default and in French. The second has items for estimated revenue ranges but no localized labels. For example, the item named from1to10Million has the label "$1M to $10M" and the range [1000000.00,10000000.00).
This schema was resolved from common/labelGroups.
Properties
| Name | Description |
|---|---|
Label Groups (v1.1.3) | A set of named groups of labels, each of which contains multiple item labels. The abbreviated example shows two groups, one named This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
groups | Groups of localized labels. This maps group names → a group of labels within that group. |
» Label Group (v1.0.3) | A map that defines labels for the items in a group. This is a map from each item name → a labelItem object. For example, consider a JSON response that includes a property named revenueEstimate; the values for revenueEstimate must be one of the items in the group named estimatedAnnualRevenue, with options ranging under1Million, to over100Million. The item name is used as the selected value in an Apiture representation, such as { ..., "revenueEstimate" : "from10to100Million" , ...}, and the item with the name from10to100Million defines the presentation labels for that item, as well as other metadata about that choice: this is the range [10000000.00,100000000.00). This allows the client to let the user select a value from a list, such as the following derived from the labels in the example:
Note that the This schema was resolved from |
labelItem
{
"label": "Over $100,000,000.00",
"code": "4",
"range": "[100000000.00,]",
"variants": {
"fr": {
"label": "Plus de $10M"
}
}
}
Label Item (v1.0.2)
An item in a labelGroup, with a set of variants which contains different localized labels for the item. Each simpleLabel variant defines the presentation text label and optional description for a language. Items may also have a lookup code to map to external systems, a numeric range, and a hidden boolean to indicate the item is normally hidden in the UI.
This schema was resolved from common/labelItem.
Properties
| Name | Description |
|---|---|
Label Item (v1.0.2) | An item in a labelGroup, with a set of variants which contains different localized labels for the item. Each simpleLabel variant defines the presentation text label and optional description for a language. Items may also have a lookup code to map to external systems, a numeric range, and a hidden boolean to indicate the item is normally hidden in the UI. This schema was resolved from |
label | A label or title which may be used as labels or other UI controls which present a value. |
description | A more detailed localized description of a localizable label. |
variants | The language-specific variants of this label. The keys in this object are RFC 7231 language codes. |
» Simple Label (v1.0.0) | A text label and optional description. This schema was resolved from |
code | If the localized value is associated with an external standard or definition, this is a lookup code or key or URI for that value. minLength: 1 |
hidden | If true, this item is normally hidden from the User Interface. |
range | The range of values, if the item describes a bounded numeric value. This is range notation such as [min,max], (exclusiveMin,max], [min,exclusiveMax), or (exclusiveMin,exclusiveMax). For example, [0,100) is the range greater than or equal to 0 and less than 100. If the min or max value are omitted, that end of the range is unbounded. For example, (,1000.00) means less than 1000.00 and [20000.00,] means 20000.00 or more. The ranges do not overlap or have gaps.pattern: "^[\\[\\(](-?(0|[1-9][0-9]*)(\\.[0-9]+)?)?,(-?(0|[1-9][0-9]*)(\\.[0-9]+)?)?[\\]\\)]$" |
link
{
"href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
"title": "Application"
}
Link (v1.0.1)
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
This schema was resolved from common/link.
Properties
| Name | Description |
|---|---|
Link (v1.0.1) | Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property. This schema was resolved from |
href | The URI or URI template for the resource/operation this link refers to. format: uri |
type | The media type for the resource. |
templated | If true, the link's href is a URI template. |
title | An optional human-readable localized title for the link. |
deprecation | If present, the containing link is deprecated and the value is a URI which provides human-readable text information about the deprecation. format: uri |
profile | The URI of a profile document, a JSON document which describes the target resource/operation. format: uri |
links
{
"property1": {
"href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
"title": "Application"
},
"property2": {
"href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
"title": "Application"
}
}
Links (v1.0.1)
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
This schema was resolved from common/links.
Properties
| Name | Description |
|---|---|
Links (v1.0.1) | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
Link (v1.0.1) | Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property. This schema was resolved from |
localizedLabel
{
"label": "Limited Liability Corporation",
"description": "string",
"language": "en-us",
"code": "31"
}
Localized Label (v1.0.0)
A localized label and optional description for localizable content defined in this API.
Properties
| Name | Description |
|---|---|
Localized Label (v1.0.0) | A localized label and optional description for localizable content defined in this API. |
label | A localized label or title which may be used to decorate UI controls which present a value. |
description | A more detailed localized description of this label. |
language | The natural language tag to which this localized label is associated, as per RFC 7231. If empty, this item serves as the default label in case no label matches the caller's language. |
code | If the localized value is associated with an external standard, this is a lookup code or key or URI for that value. |
localizedLabels
{
"property1": [
{
"label": "Limited Liability Corporation",
"description": "string",
"language": "en-us",
"code": "31"
}
],
"property2": [
{
"label": "Limited Liability Corporation",
"description": "string",
"language": "en-us",
"code": "31"
}
]
}
Localized Labels (v1.0.0)
An object that maps a name to an array of labels, descriptions and a language (locale) code for the label and description. The first item in the array should be the default label/description; the remaining items must have a language.
Properties
| Name | Description |
|---|---|
Localized Labels (v1.0.0) | An object that maps a name to an array of labels, descriptions and a language (locale) code for the label and description. The first item in the array should be the default label/description; the remaining items must have a language. |
additionalProperties | array: [A localized label and optional description for localizable content defined in this API.] items: object |
movedDocument
{
"_profile": "https://production.api.apiture.com/schemas/consents/movedDocument/v1.0.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"type": "productTermsAndConditions",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Moved Document (v1.0.1)
Details about a target document that has been moved or revised.
Properties
| Name | Description |
|---|---|
Moved Document (v1.0.1) | Details about a target document that has been moved or revised. |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
uri | The original URI of the target document. format: uri maxLength: 2048 |
newUri | The new URI of the target document. All matching consents' document.uri are updated to this new document URI, but their state is not changed.format: uri maxLength: 2048 |
contextUri | The URI of a resource that establishes the context in which the financial institution asks for the user's consent. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. format: uri maxLength: 2048 |
type | Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource. |
revisedDocument
{
"_profile": "https://production.api.apiture.com/schemas/consents/revisedDocument/v1.0.2/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"revisionId": "2019:1.2.0",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a",
"revisedAt": "2019-10-05T10:30:00.000Z",
"type": "productTermsAndConditions",
"newUri": "/vault/files/da66d490-2b72-4809-9b97-9b33039371f8/content"
}
Revised Document (v1.0.2)
Details about a target document that has been moved or revised.
Properties
| Name | Description |
|---|---|
Revised Document (v1.0.2) | Details about a target document that has been moved or revised. |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
uri | The URI of the target document that the user is consenting to. If the document is revised, this consent is marked as stale. (Note: This need not be a document in the Apiture vault.)format: uri maxLength: 2048 |
contentType | The media type for the document. For text documents, the content type should include the text encoding; if omitted, the encoding type is assumed to be utf-8. |
revisionId | The revision identifier of the document revision the user consented to. If the content management system in which the document is stored does not define revision identifiers or tags, this may be omitted and defaults to the revision time stamp. |
revisedAt | The time stamp when the target document was last revised (modified), in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ).format: date-time |
newUri | The URI of the revised target document, if the document has moved. All matching consents have their document URI and revisions updated to this new document format: uri maxLength: 2048 |
contextUri | The URI of a resource that establishes the context in which the financial institution asks for the user's consent is requested for a specific document. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. format: uri maxLength: 2048 |
type | Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource. |
root
{
"_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.1/profile.json",
"_links": {
"self": {
"href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
}
},
"id": "apiName",
"name": "API name",
"apiVersion": "1.0.0"
}
API Root (v2.1.1)
A HAL response, with hypermedia _links for the top-level resources and operations in API.
This schema was resolved from common/root.
Properties
| Name | Description |
|---|---|
API Root (v2.1.1) | A HAL response, with hypermedia _links for the top-level resources and operations in API. This schema was resolved from |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
_id | This API's unique ID. read-only |
name | This API's name. |
apiVersion | This API's version. |
simpleLabel
{
"label": "Board of Directors",
"description": "string"
}
Simple Label (v1.0.0)
A text label and optional description.
This schema was resolved from common/simpleLabel.
Properties
| Name | Description |
|---|---|
Simple Label (v1.0.0) | A text label and optional description. This schema was resolved from |
label | A label or title which may be used as labels or other UI controls which present a value. |
description | A more detailed localized description of a localizable label. |
summaryConsent
{
"_profile": "https://production.api.apiture.com/schemas/consents/summaryConsent/v1.1.1/profile.json",
"_links": {
"self": {
"href": "/consents/consents/0399abed-fd3d-4830-a88b-30f38b8a365c"
}
},
"_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
"document": {
"uri": "/vault/files/fd44d565-0086-4caf-8d9f-3b7681809251/content",
"contentType": "application/pdf",
"revisedAt": "2019-07-23T08:26:45.375Z"
},
"type": "productTermsAndConditions",
"userId": "5a5e834c-a7bd-401c",
"state": "pending",
"contextUri": "/products/products/34011fe5-192d-4ffb-be32-e7215e56028a"
}
Consent Summary (v1.1.1)
Summary representation of a consent resource in consents collections. This representation normally does not contain any _embedded objects. If needed, call the GET operation on the item's self link to get _embedded objects.
Properties
| Name | Description |
|---|---|
Consent Summary (v1.1.1) | Summary representation of a consent resource in consents collections. This representation normally does not contain any _embedded objects. If needed, call the GET operation on the item's self link to get _embedded objects. |
_links | An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from |
_embedded | An optional map of nested resources, mapping each nested resource name to a nested resource representation. |
_profile | The URI of a resource profile which describes the representation. read-only format: uri |
_error | An object which describes an error. This value is omitted if the operation succeeded without error. read-only |
document | Properties of the target document. |
type | Describe what kind of consent this is. This value must be one of the type names in the /consentTypeNames resource. |
contextUri | The URI of a resource that establishes the context in which the financial institution asks for the user's consent. For example, for consent of an account's terms and conditions, the context might be the banking product for that account. format: uri maxLength: 2048 |
secondaryContextUri | The URI of a secondary resource associated with this user's consent and the contextUri. For example, for consent of an account's terms and conditions, the secondary context might be the account.format: uri maxLength: 2048 |
userId | The user ID of the user who is requested to consent to a document. This is the _id of the User resource. |
_id | The unique identifier for this consent resource. This is an immutable opaque string. read-only |
state | The state of this consent. read-only enum values: pending, given, stale, rescinded, revoked |
givenAt | The time stamp when the user last consented to the document, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ). This property is not set if state is pending.read-only format: date-time |
requestRevokedAt | The time stamp when the user revoked consent, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ). A revoked consent reflects a consent request that the user has previously given but has reversed. Revoking a consent sets the state back to pending and clears consentedAt.read-only format: date-time |
requestRescindedAt | The time stamp when the consent request was rescinded by the requester, in RFC 3339 UTC date-time format ( YYYY-MM-DDThh:mm:ss.sssZ). A rescinded consent reflects a consent request that the system or application has issued in the past but no longer requires. For example, if a user is removed as an authorized signer from an account and a consent is pending for that account's terms and conditions, the Accounts service may rescind that consent request. This property is set only if state is rescinded.read-only format: date-time |
Generated by
@apiture/api-doc 3.2.4 on Mon Oct 28 2024 14:41:05 GMT+0000 (Coordinated Universal Time).