Shell HTTP Node.JS JavaScript Ruby Python Java Go

Customer Registrations v0.5.1

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

Register new users or existing non-digital customers in digital banking.

Error Types

Error responses in this API may have one of the type values described below. See Errors for more information on error responses and error types.

captchaAlreadySubmitted

Description: The CAPTCHA has already been submitted.
Remediation: Restart the request and collect a new CAPTCHA value for each request.

captchaThresholdNotMet

Description: The CAPTCHA was valid but the score did not meet the required threshold.
Remediation: Retry the CAPTCHA with a fallback method.

challengedAlreadyRedeemed

Description: The challenge resource has already been redeemed.
Remediation: Use the most recently issued challenge.

challengedExpired

Description: The challenge resource has expired.
Remediation: Use the most recently issued challenge and complete the authenticators before the challenge expires.

challengedNotVerified

Description: The challenge has not been verified, has expired, or has been redeemed too many times.
Remediation: Pass a valid and verified challenge resource in the Apiture-Challenge request header.

dataNotEncrypted

Description: The data in request was not encrypted or it was encrypted with obsolete keys.
Remediation: Encrypt the data using valid encryption keys.

duplicateUsername

Description: A user with the given username already exists.
Remediation: Resubmit the operation with a unique username.

expiredCaptcha

Description: The CAPTCHA has expired.
Remediation: Collect a new CAPTCHA value an retry the request with the new CAPTCHA response.

groupNotFound

Description: No Groups were found for the specified groupName.
Remediation: Check to make sure that the supplied groupName corresponds to an apiture group resource.

invalidCaptcha

Description: The CAPTCHA is invalid.
Remediation: Start the CAPTCHA correctly in the client and send the correct ID after the CAPTCHA completes.

invalidPassword

Description: The password is not valid.
Remediation: Check that the new password conforms to password policy.

invalidUsername

Description: The username is not valid.
Remediation: Check that the new username conforms to username policy.

missingApitureChallengeHeader

Description: The Apiture-Challenge request header is missing.
Remediation: Pass a reference to a valid challenge resource in the Apiture-Challenge header.

missingRequiredSearchField

Description: The financial institution requires a search field that was omitted from the request.
Remediation: Pass a non-empty value for all required search fields.

The attributes object in the error may have the following properties:

Property Type Description
requiredFields [string] A list of fields required by the financial institution.

valueNotFound

Description: No Group values were found for the specified groupName and valueName.
Remediation: Check to make sure that the supplied groupName and valueName corresponds to an apiture group and value resource.

Download OpenAPI Definition (YAML)

Base URLs:

Terms of service

Email: Apiture Web: Apiture

Authentication

Scope Scope Description
admin/write Admin write (update) access configuration
data/read Read access to non-banking, non-profile data related resources.

Customer Registrations

Customer Registrations

searchForCustomer

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/registrations/customerSearch \
  -H 'Content-Type: application/json' \
  -H 'Accept: */*' \
  -H 'API-Key: API_KEY'

POST https://api.devbank.apiture.com/registrations/customerSearch HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/json
Accept: */*

const fetch = require('node-fetch');
const inputBody = '{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "taxId": "sensitive-48729783"
  },
  "birthdate": "1974-10-27",
  "idCard": {
    "_encryption": {
      "cardNumber": "sensitive-48729783"
    },
    "expiration": "2024-12-01",
    "number": "<encrypted-value-of-id-card-number>",
    "region": "NC"
  },
  "lastName": "Peterson",
  "taxId": "<encrypted-value-of-tax-id-number>"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'*/*',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/customerSearch',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/json',
  'Accept':'*/*',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/customerSearch',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/json',
  'Accept' => '*/*',
  'API-Key' => 'API_KEY'
}

result = RestClient.post 'https://api.devbank.apiture.com/registrations/customerSearch',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/json',
  'Accept': '*/*',
  'API-Key': 'API_KEY'
}

r = requests.post('https://api.devbank.apiture.com/registrations/customerSearch', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/customerSearch");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/json"},
        "Accept": []string{"*/*"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/registrations/customerSearch", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Search for a banking customer

POST /customerSearch

A client application can use this operation to determine if the visitor is in one of the several categories at the financial institution. The client application should prompt the user for their last name, date of birth, and tax identification number (such as a social security number) or other data as configured by the financial institution, complete a CAPTCHA, and submit the data here. The response indicates the potential user's status with the financial institution:

  1. registered in the Apiture system for online banking,
  2. exists in Apiture but the user has not yet enrolled with a username/password,
  3. exists only in a banking core, or
  4. is unknown.

Corresponding client actions based on this response:

  1. the client can direct them to the login screen to logon (or retrieve their username if they forgot it, or reset their password if they forgot it).
  2. the client will use the returned Challenge/Authenticator API (from the Authorization API) to start multi-factor authentication. If the user completes the authenticator successfully, they may register for online banking by creating a new registration.
  3. same as 2.
  4. the client can start a new user registration.

For cases 2 and 3, the response includes a Challenge resource. The client should use one of the returned challenge's authenticators to verify the user identity. If the user completes the authenticator successfully, the user enters their preferred new username and password in the client application. The client should then use the createUserCredentials operation to validate and submit the user's new username and password to create the user's login account.

Body parameter

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "taxId": "sensitive-48729783"
  },
  "birthdate": "1974-10-27",
  "idCard": {
    "_encryption": {
      "cardNumber": "sensitive-48729783"
    },
    "expiration": "2024-12-01",
    "number": "<encrypted-value-of-id-card-number>",
    "region": "NC"
  },
  "lastName": "Peterson",
  "taxId": "<encrypted-value-of-tax-id-number>"
}

Parameters

ParameterDescription
body customerSearchRequest (required)

Try It

Example responses

200 Response

400 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Responses

StatusDescription
200 OK
OK. The response does not indicate if an existing user matching the data exists or not.
Schema: customerSearch
StatusDescription
400 Bad Request

Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
422 Unprocessable Entity

Unprocessable Entity. The request syntax was valid, but the data cannot be processed.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
429 Too Many Requests
Too Many Requests. If the threshold for number of requests from an IP address is exceeded, the IP is blocked from further requests until a period of time has passed.
Schema: errorResponse

getCustomerSearchFields

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/customerSearchFields \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/registrations/customerSearchFields HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/customerSearchFields',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/customerSearchFields',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/customerSearchFields',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/registrations/customerSearchFields', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/customerSearchFields");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/customerSearchFields", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Get customer search fields

GET /customerSearchFields

Return a map of customer fields necessary for customer search.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "taxId": {
    "field": "required"
  },
  "birthdate": {
    "field": "required"
  },
  "firstName": {
    "field": "none"
  },
  "idCard": {
    "field": "none"
  },
  "lastName": {
    "field": "required"
  },
  "passport": {
    "field": "none"
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: customerSearchFields

createUserCredentials

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/registrations/userCredentials \
  -H 'Content-Type: application/json' \
  -H 'Accept: */*' \
  -H 'Apiture-Challenge: string' \
  -H 'API-Key: API_KEY'

POST https://api.devbank.apiture.com/registrations/userCredentials HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/json
Accept: */*
Apiture-Challenge: string

const fetch = require('node-fetch');
const inputBody = '{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "password": "secret-48729783"
  },
  "password": "d498b282ccd1e70d8676184b3eda51eea4e99baacb92e6d69df2fd05a98d511f",
  "username": "a-conservative-saver"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'*/*',
  'Apiture-Challenge':'string',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/userCredentials',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/json',
  'Accept':'*/*',
  'Apiture-Challenge':'string',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/userCredentials',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/json',
  'Accept' => '*/*',
  'Apiture-Challenge' => 'string',
  'API-Key' => 'API_KEY'
}

result = RestClient.post 'https://api.devbank.apiture.com/registrations/userCredentials',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/json',
  'Accept': '*/*',
  'Apiture-Challenge': 'string',
  'API-Key': 'API_KEY'
}

r = requests.post('https://api.devbank.apiture.com/registrations/userCredentials', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/userCredentials");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/json"},
        "Accept": []string{"*/*"},
        "Apiture-Challenge": []string{"string"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/registrations/userCredentials", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Assign authentication credentials for a new digital banking platform user

POST /userCredentials

After confirming the user's identity via the searchForCustomer and completing the multi-factor identity verification challenge, the user can submit their preferred new user credentials (username and password) with this operation.

If there are no errors in the request, the Authentication service returns a success reponse to the user. The operation may fail if the username or password do not satisfy the financial institution's policies, or if the preferred username is already in use.

This operation also supports pre-flight validation, via the ?preFlightValidate=true option, to request that the server validate the credentials. The _error object in the 200 OK response lists any such errors, such as username already in use, the password does not conform to the password policies, or the Challenge ID is invalid or expired or has already been redeemed. If the request is valid, there is no _error object in the pre-flight validation response. Validating the request does not count towards the challenge's maximum redemption count.

This operation requires passing a valid Challenge ID in the Apiture-Challenge request header.

Body parameter

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "password": "secret-48729783"
  },
  "password": "d498b282ccd1e70d8676184b3eda51eea4e99baacb92e6d69df2fd05a98d511f",
  "username": "a-conservative-saver"
}

Parameters

ParameterDescription
Apiture-Challenge string (required)
The unique identifier of a Challenge resource which demonstrates the user has recently verified their identity. See the discussion of Multi-factor authentication challenges above. The value must be the _id string of a valid, redeemable Challenge resource which matches the challenge context.
preFlightValidate boolean
If true, the operation performs pre-flight validation of the request body and it does not attempt to create a login account and credentials for the user.
body preferredUserCredentials

Try It

Example responses

200 Response

400 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Responses

StatusDescription
200 OK
OK. The request was accepted and processed. If pre-flight validation was requested, the OK response indicates validation completed, but may have found errors in the request. If ?preFlightValidate=true, the _error lists validation errors, if any.
Schema: preferredUserCredentialsResponse
StatusDescription
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error.
Schema: errorResponse
StatusDescription
409 Conflict

Conflict. The username is already in use, or no Apiture-Challenge request header was passed when expected, or the challenge has not been verified, has expired, or has been redeemed too many times, the account has already been confirmed, or the username is already in use.

This error response may have one of the following type values:

Schema: challengeErrorResponse
StatusDescription
422 Unprocessable Entity

Unprocessable Entity. The request body and/or query parameters were well formed but otherwise invalid. The _error field in the response contains details about the request error.

This error response may have one of the following type values:

Schema: errorResponse

Encryption

Data Encryption

getEncryptionKeys

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/encryptionKeys?keys=string \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/registrations/encryptionKeys?keys=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/encryptionKeys?keys=string',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/encryptionKeys',
  method: 'get',
  data: '?keys=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/encryptionKeys',
  params: {
  'keys' => 'array[string]'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/registrations/encryptionKeys', params={
  'keys': [
  "string"
]
}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/encryptionKeys?keys=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/encryptionKeys", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Get client-side encryption keys

GET /encryptionKeys

Get encryption keys that the client should use to encrypt sensitive data such as personally identifiable information (PII) and passwords. This adds security on top of transport layer security (TLS/HTTPS) so that sensitive data is not represented as plain text in request bodies. Clients should encrypt properties that have a x-apiture-encrypt: {keyName} annotation in the schema. The client adds metadata in an _encryption object next to the encrypted properties in the request body.

Parameters

ParameterDescription
keys array[string] (required)
A list of encryption key names necessary to encrypt one or more properties in a request body. For example, if the request body schema contains two fields that are tagged x-apiture-encrypt: secret, use ?keys=secret. If the schema contain two fields, one encrypted with password and one with the key named pii, use ?keys=secret,pii.
minLength: 1
comma-delimited

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/encryptionKeys/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "keys": {
    "pii": {
      "name": "sensitive",
      "publicKey": "-----BEGIN RSA PUBLIC KEY-----\\nMIIBCgKCAQEAwh8kIf3rM4FtehDl+WM1egDdxccXFLNPBUvgpbAISnEh373M4vdN...\\n-----END RSA PUBLIC KEY-----",
      "alias": "sensitive-47839398",
      "createdAt": "2020-03-09T05:01:16.375Z",
      "expiresAt": "2020-03-09T05:01:53.375Z"
    },
    "secret": {
      "name": "secret",
      "publicKey": "-----BEGIN RSA PUBLIC KEY-----\\nMIIBCgKCAQEAl2/fCtf69EnMqw6O/6Wh9wFvKW80jjNfXEWbHh0cnWKW1i0Heg0B...\\n-----END RSA PUBLIC KEY-----",
      "alias": "secret-48729783",
      "createdAt": "2020-03-09T05:01:16.375Z",
      "expiresAt": "2020-03-09T05:01:53.375Z"
    }
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: encryptionKeys

API

The Customer Registrations API

getApi

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/ \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/registrations/ HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/registrations/', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Top-level resources and operations in this API

GET /

Return links to the top-level resources and operations in this API.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "id": "apiName",
  "name": "API name",
  "apiVersion": "1.0.0"
}

Responses

StatusDescription
200 OK
OK.
Schema: root

getApiDoc

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/apiDoc \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/registrations/apiDoc HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/apiDoc',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/apiDoc',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/apiDoc',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/registrations/apiDoc', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/apiDoc");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/apiDoc", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return API definition document

GET /apiDoc

Return the OpenAPI document that describes this API.

Try It

Example responses

200 Response

{}

Responses

StatusDescription
200 OK
OK.
Schema: Inline

Response Schema

Configuration

Service Configuration

getConfigurationGroups

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/configurations/groups \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/registrations/configurations/groups HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/configurations/groups',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/registrations/configurations/groups', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/configurations/groups", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return a collection of configuration groups

GET /configurations/groups

Return a paginated sortable filterable searchable collection of configuration groups. The links in the response include pagination links.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroups/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/configurations/groups?start=10&limit=10"
    },
    "first": {
      "href": "/configurations/configurations/groups?start=0&limit=10"
    },
    "next": {
      "href": "/configurations/configurations/groups?start=20&limit=10"
    },
    "collection": {
      "href": "/configurations/configurations/groups"
    }
  },
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "configurationGroups",
  "_embedded": {
    "items": [
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/basic"
          }
        },
        "name": "basic",
        "label": "Basic Settings",
        "description": "The basic settings for the Transfers API"
      },
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/calendar"
          }
        },
        "name": "calendar",
        "label": "Calendar",
        "description": "A calendar that specifies which dates are valid for performing transfers (e.g., weekdays excluding federal holidays)"
      }
    ]
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: configurationGroups
StatusDescription
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response contains details about the request error.
Schema: errorResponse
StatusDescription
422 Unprocessable Entity
Unprocessable Entity. The request body and/or query parameters were well formed but otherwise invalid. The _error field in the response contains details about the request error.
Schema: errorResponse

getConfigurationGroup

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName} \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a representation of this configuration group

GET /configurations/groups/{groupName}

Return a HAL representation of this configuration group resource.

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
If-None-Match string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET returns 304 (Not Modified) and no response body, else the resource representation is returned.

Try It

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/groups/basic"
    }
  },
  "name": "basic",
  "label": "Basic Settings",
  "description": "The basic settings for the Transfers API",
  "schema": {
    "type": "object",
    "properties": {
      "dailyLimit": {
        "type": "number",
        "description": "The daily limit for the number of transfers"
      },
      "cutoffTime": {
        "type": "string",
        "format": "time",
        "description": "The cutoff time for scheduling transfers for the current day"
      }
    }
  },
  "values": {
    "dailyLimit": 5,
    "cutoffTime": 63000
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: configurationGroup
StatusDescription
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
StatusDescription
404 Not Found
Not Found. There is no such configuration group resource at the specified {groupName} The _error field in the response contains details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-None-Match request header for GET operations for this configuration group resource.

getConfigurationGroupSchema

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch the schema for this configuration group

GET /configurations/groups/{groupName}/schema

Return a HAL representation of this configuration group schema resource.

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
If-None-Match string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET returns 304 (Not Modified) and no response body, else the resource representation is returned.

Try It

Example responses

200 Response

{
  "type": "object",
  "properties": {
    "dailyLimit": {
      "type": "number",
      "description": "The daily limit for the number of transfers"
    },
    "cutoffTime": {
      "type": "string",
      "format": "time",
      "description": "The cutoff time for scheduling transfers for the current day"
    }
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: configurationSchema
StatusDescription
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
StatusDescription
404 Not Found
Not Found. There is no such configuration group resource at the specified {groupName} The _error field in the response contains details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT

getConfigurationGroupValues

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch the values for the specified configuration group

GET /configurations/groups/{groupName}/values

Return a representation of this configuration group values resource.

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
If-None-Match string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET returns 304 (Not Modified) and no response body, else the resource representation is returned.

Try It

Example responses

200 Response

{
  "dailyLimit": 5,
  "cutoffTime": 63000
}

Responses

StatusDescription
200 OK
OK.
Schema: configurationValues
StatusDescription
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
StatusDescription
404 Not Found
Not Found. There is no such configuration group resource at the specified {groupName} The _error field in the response contains details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT

updateConfigurationGroupValues

Code samples

# You can also use wget
curl -X PUT https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

PUT https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');
const inputBody = '{
  "dailyLimit": 5,
  "cutoffTime": 63000
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
{
  method: 'PUT',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
  method: 'put',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.put 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.put('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("PUT", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Update the values for the specified configuration group

PUT /configurations/groups/{groupName}/values

Perform a complete replacement of this set of values.

Body parameter

{
  "dailyLimit": 5,
  "cutoffTime": 63000
}

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
If-Match string
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.
body configurationValues (required)

Try It

Example responses

200 Response

{
  "type": "object",
  "properties": {
    "dailyLimit": {
      "type": "number",
      "description": "The daily limit for the number of transfers"
    },
    "cutoffTime": {
      "type": "string",
      "format": "time",
      "description": "The cutoff time for scheduling transfers for the current day"
    }
  }
}

Responses

StatusDescription
200 OK
OK.
Schema: configurationSchema
StatusDescription
400 Bad Request
Bad Request. The request body is invalid. It is either not valid JSON or it does not conform to the corresponding configuration group schema. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
403 Forbidden
Access denied. Only administrators may update configuration.
Schema: errorResponse
StatusDescription
404 Not Found
Not Found. There is no such configuration group resource at the specified {groupName} The _error field in the response contains details about the request error.
Schema: errorResponse
StatusDescription
412 Precondition Failed

Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.

This error response may have one of the following type values:

Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT

getConfigurationGroupValue

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName} \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a single value associated with the specified configuration group

GET /configurations/groups/{groupName}/values/{valueName}

Fetch a single value associated with this configuration group. This provides convenient access to individual values of the configuration group. The response is always a JSON value which can be parsed with a strict JSON parser. The response may be

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
valueName string (required)
The unique name of a value in a configuration group. This is the name of the value in the schema. A {valueName} must be a simple identifier following the pattern letter [letter | digit | '-' | '_']*.

Try It

Example responses

200 Response

"string"

Responses

StatusDescription
200 OK
OK. The value of the named configuration value as a JSON string, number, boolean, array, or object.
Schema: string
StatusDescription
404 Not Found

Not Found. There is either no such configuration group resource at the specified {groupName} or no such value at the specified {valueName}. The _error field in the response contains details about the request error.

This error response may have one of the following type values:

Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT or PATCH operations which update this configuration group resource.

updateConfigurationGroupValue

Code samples

# You can also use wget
curl -X PUT https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName} \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

PUT https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName} HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');
const inputBody = 'string';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
{
  method: 'PUT',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
  method: 'put',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.put 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.put('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("PUT", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Update a single value associated with the specified configuration group

PUT /configurations/groups/{groupName}/values/{valueName}

Update a single value associated with this configuration group. This provides convenient access to individual values of the configuration group as defined in the configuration group's schema. The request body must conform to the configuration group's schema for the named {valueName}. This operation is idempotent. The request body must be a JSON value which can be parsed with a strict JSON parser. The response may be

Body parameter

"string"

Parameters

ParameterDescription
groupName string (required)
The unique name of this configuration group.
valueName string (required)
The unique name of a value in a configuration group. This is the name of the value in the schema. A {valueName} must be a simple identifier following the pattern letter [letter | digit | '-' | '_']*.
If-Match string
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.
body string (required)
The request body must a valid JSON value and should be parsable with a JSON parser. The result may be a string, number, boolean, array, or object.

Try It

Example responses

200 Response

"string"

Responses

StatusDescription
200 OK
OK.
Schema: string
StatusDescription
400 Bad Request
Bad Request. The request body is invalid. It is either not valid JSON or it does not conform to the corresponding configuration group schema. The _error field in the response will contain details about the request error.
Schema: errorResponse
StatusDescription
403 Forbidden
Access denied. Only administrators may update configuration.
Schema: errorResponse
StatusDescription
404 Not Found

Not Found. There is either no such configuration group resource at the specified {groupName} or no such value at the specified {valueName}. The _error field in the response contains details about the request error.

This error response may have one of the following type values:

Schema: errorResponse
StatusDescription
412 Precondition Failed

Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.

This error response may have one of the following type values:

Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which may be provided in an If-Match request header for PUT or PATCH operations which update this configuration group resource.

Schemas

abstractRequest

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {}
}

Abstract Request (v2.0.0)

An abstract schema used to define other request-only schemas. This is a HAL resource representation, minus the _error defined in abstractResource.

This schema was resolved from common/abstractRequest.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only

abstractResource

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Abstract Resource (v2.1.0)

An abstract schema used to define other schemas for request and response bodies. This is a HAL resource representation. This model contains hypermedia _links, and either optional domain object data with _profile and optional _embedded objects, or an _error object. In responses, if the operation was successful, this object will not include the _error, but if the operation was a 4xx or 5xx error, this object will not include _embedded or any data fields, only _error and optionally _links.

This schema was resolved from common/abstractResource.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only

attributes

{}

Attributes (v2.1.0)

An optional map of name/value pairs which contains additional dynamic data about the resource.

This schema was resolved from common/attributes.

Properties

authenticationCaptcha

{
  "id": "e44c8ae6-8504-4bb8-bcb3-65066722c2ea",
  "vendor": "google",
  "type": "reCaptcha3"
}

Authentication Captcha (v1.0.0)

The completed client-side CAPTCHA (Completely Automatic Public Turing Test to Tell Computers and Humans Apart) which established the request as a valid interactive request. The service will verify this data to ensure only valid clients call this operation.

This schema was resolved from auth/authenticationCaptcha.

Properties

NameDescription
type string (required)
The type of CAPTCHA which established the request as a valid interactive request. Typical values may be reCaptcha3 or reCaptcha2.
minLength: 4
maxLength: 20
pattern: ^[a-z][a-zA-Z0-9]{3,20}$
id string (required)
The ID of a completed client-side CAPTCHA which established the request as a valid interactive request.
vendor string (required)

The name of the CAPTCHA provider. Supported vendors are currently:

  • google for Google reCaptcha v3.

minLength: 4
maxLength: 20
pattern: ^[a-z][a-zA-Z0-9]{3,20}$

authenticator

{
  "_profile": "https://production.api.apiture.com/schemas/auth/authenticator/v1.2.0/profile.json",
  "_links": {
    "self": {
      "href": "/auth/challenges/2e61e506-1568-4f1a-a93e-4d0a48a06d0e/authenticators/7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
    },
    "apiture:challenge": {
      "href": "/auth/challenges/challenges/b59438cd-5efb-4915-916b-0600bb2a4e1e"
    },
    "apiture:retry": {
      "href": "/auth/challenges/retriedAuthenticators?authenticator=7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
    },
    "apiture:verify": {
      "href": "/auth/challenges/verifiedAuthenticators"
    }
  },
  "_id": "7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3",
  "userId": "b2720469-3497-4b82-8b85-30f2155aa66d",
  "state": "started",
  "maskedTarget": "****1234",
  "type": {
    "name": "sms",
    "label": "SMS Code",
    "description": "Enter a code sent via SMS to the user's preferred mobile device.",
    "category": "device",
    "schema": {
      "title": "SMS attributes",
      "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
      "type": "object",
      "required": [
        "code",
        "length"
      ],
      "properties": {
        "code": {
          "type": "string",
          "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
          "minLength": 3,
          "maxLength": 10
        },
        "length": {
          "description": "The number of digits/characters that are sent to the user via SMS.",
          "type": "integer",
          "minimum": 3,
          "maximum": 10,
          "example": 6
        }
      }
    }
  },
  "maximumRetries": 3,
  "retryCount": 1,
  "createdAt": "2019-08-23T12:42:50.375Z",
  "expiresAt": "2019-08-23T13:12:50.375Z"
}

Authenticator (v1.2.0)

Representation of authenticators which verify a user's identity.

Response and request bodies using this authenticator schema may contain the following links:

RelSummaryMethod
apiture:retryRetry an authenticatorPOST
apiture:startStart an authenticatorPOST
apiture:verifyVerify a user's identityPOST
apiture:challengeFetch a representation of this challengeGET

This schema was resolved from auth/authenticator.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
type object: authenticatorType
The type of this authenticator. This must be one of the items in the /authenticatorTypes resource.
maximumRetries integer
The maximum number of times the user may retry this authenticator. If 0, the user must authenticate correctly on the first try. When an authenticator is retried, the client should POST to the apiture:retry link on the authenticators; absence of the link means the user cannot retry the authenticator. The default is 3.
minimum: 0
maximum: 10
_id string
The unique identifier for this authenticator resource. This is an immutable opaque string assigned upon creation.
read-only
userId string
The user ID of the user who is requested to verify their identity.
state string: authenticatorState
The state of this authenticator. This is derived and read-only.
read-only
enum values: pending, started, verified, failed, expired
maskedTarget string
A masked value which helps identify the specific authenticator target, such as a masked mobile phone or a masked email address.
retryCount integer
The actual number of times a user has retried this authenticator.
read-only
minimum: 0
maximum: 10
attributes object
Data collected from the user that is used to verify this authenticator. This data conforms to the schema defined in the type. For example, for sms, the attributes must contains a code.
createdAt string(date-time)
The time stamp when authenticator was created, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
verifiedAt string(date-time)
The time stamp when authenticator was verified in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
failedAt string(date-time)
The time stamp when the user failed to verify their identity verification (authentication) for this challenge, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
expiresAt string(date-time)
The time stamp when the this challenge expires, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only

authenticatorCategory

"knowledge"

authenticatorCategory (v1.0.0)

Categories which help classify and organize different authenticator types:

authenticatorCategory strings may have one of the following enumerated values:

ValueDescription
knowledgeKnowledge: Authenticate with information the user knows, such as a password or answers to personal questions.
biometricBiometric: Authenticate with physical characteristics of the user, such as fingerprints, voiceprint, or faceprint.
deviceDevice: Authenticate with a device that the user has, such as a mobile phone or an electronic key.

These enumeration values are further described by the label group named authenticatorCategory in the response from the getLabels operation.

This schema was resolved from auth/authenticatorCategory.

Type: string
enum values: knowledge, biometric, device

authenticatorState

"pending"

Authenticator State (v1.0.0)

The state of a challenge authenticator resource.

authenticatorState strings may have one of the following enumerated values:

ValueDescription
pendingPending: The authenticator is created but not yet started.
startedStarted: The user has started the authenticator.
verifiedVerified: The user corresponding verified the authenticator.
failedFailed: The user failed the authenticators criteria.
expiredExpired: The authenticator expired before the user completed the criteria.

These enumeration values are further described by the label group named authenticatorState in the response from the getLabels operation.

This schema was resolved from auth/authenticatorState.

Type: string
enum values: pending, started, verified, failed, expired

authenticatorType

{
  "name": "sms",
  "label": "SMS code",
  "description": "Enter a code sent via SMS to the user's preferred mobile device.",
  "category": "device",
  "schema": {
    "title": "SMS attributes",
    "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
    "type": "object",
    "required": [
      "code",
      "length"
    ],
    "properties": {
      "code": {
        "type": "string",
        "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
        "minLength": 3,
        "maxLength": 10
      },
      "length": {
        "description": "The number of digits/characters that are sent to the user via SMS.",
        "type": "integer",
        "minimum": 3,
        "maximum": 10,
        "example": 6
      }
    }
  }
}

Authenticator Type (v1.0.0)

An authenticator type description.

This schema was resolved from auth/authenticatorType.

Properties

NameDescription
name string
The name of this authenticator; also the key in the authenticatorTypes object.
label string
A localized label or title which may be used labels or other UI controls which present a value.
description string
A more detailed localized description of an authenticator type.
language string
The actual natural language tag to which this authentication type description is associated, as per RFC 7231. If omitted, this serves as the default.
category string: authenticatorCategory
The authentication category.
enum values: knowledge, biometric, device
schema object
The JSON schema which describe the attributes object for all authenticators of this type. For example, for sms, the schema defines a required code string.

challenge

{
  "_profile": "https://production.api.apiture.com/schemas/auth/challenge/v1.2.0/profile.json",
  "_links": {
    "self": {
      "href": "/auth/challenges/5d63053d-435c-4455-a0b5-6f88ab729d1a"
    },
    "apiture:redeem": {
      "href": "/auth/redeemedChallenges?challenge=5d63053d-435c-4455-a0b5-6f88ab729d1a"
    }
  },
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "reason": "Transfer amount much higher than normal",
  "contextUri": "https://fi.apiture.com/transfers/scheduledTransfers/50b9df19-d6bf-4ac0-b5f4-3e6448b7dacd",
  "minimumAuthenticatorCount": 1,
  "authenticators": [
    {
      "_id": "7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3",
      "_profile": "https://production.api.apiture.com/schemas/auth/authenticator/v1.2.0/profile.json",
      "userId": "b2720469-3497-4b82-8b85-30f2155aa66d",
      "state": "started",
      "type": {
        "name": "sms",
        "label": "SMS Code",
        "description": "Enter a code sent via SMS to the user's preferred mobile device.",
        "category": "device",
        "schema": {
          "title": "SMS attributes",
          "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
          "type": "object",
          "required": [
            "code",
            "length"
          ],
          "properties": {
            "code": {
              "type": "string",
              "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
              "minLength": 3,
              "maxLength": 10
            },
            "length": {
              "description": "The number of digits/characters that are sent to the user via SMS.",
              "type": "integer",
              "minimum": 3,
              "maximum": 10,
              "example": 6
            }
          }
        }
      },
      "maximumRetries": 3,
      "retryCount": 1,
      "createdAt": "2019-08-23T12:42:50.375Z",
      "expiresAt": "2019-08-23T13:12:50.375Z",
      "_links": {
        "self": {
          "href": "/auth/challenges/0399abed-fd3d-4830-a88b-30f38b8a365c/authenticators/7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
        },
        "apiture:challenge": {
          "href": "/auth/challenges/0399abed-fd3d-4830-a88b-30f38b8a365c"
        },
        "apiture:retry": {
          "href": "/auth/challenges/retriedAuthenticators?authenticator=7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
        },
        "apiture:verify": {
          "href": "/auth/challenges/verifiedAuthenticators"
        }
      }
    }
  ],
  "maximumRedemptionCount": 1,
  "redemptionCount": 0,
  "state": "pending",
  "createdAt": "2019-08-23T11:37:55.375Z",
  "expiresAt": "2019-08-23T12:37:55.375Z"
}

Challenge (v1.2.0)

A resource which represents an identity verification challenge to a user. The user must verify one or more of the authentication methods defined in this challenge in order to proceed with a banking operation (such as scheduling a larger than normal transfer, adding a joint owner or authorized signer to an account, or changing their mailing address or mobile phone number).

Response and request bodies using this challenge schema may contain the following links:

RelSummaryMethod
apiture:redeemRedeem or use a challengePOST

This schema was resolved from auth/challenge.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
reason string
The reason the application or service has issued a challenge requesting the user verify their identity. This is for labeling or informational purposes.
contextUri string(uri)
The URI of a resource that establishes the context in which the user is asked to authenticate their identity. For example, for this may be for a pending transfer, a user's mailing address, or an account if adding a joint owner.
maxLength: 2048
userId string
The user ID of the user who is requested to verify their identity. The default is the userID of the authenticated person creating the challenge.
minimumAuthenticatorCount integer
The minimum number of different authenticators the user must verify in order to satisfy the identity challenge. The default is 1.
minimum: 0
maximum: 4
maximumRedemptionCount integer
The maximum number of times the challenge may be used or redeemed. The default is 1.
minimum: 1
_id string
The unique identifier for this challenge resource. This is an immutable opaque string assigned upon creation.
read-only
redemptionCount integer
How many times the challenge has been redeemed.
read-only
state string: challengeState
The state of this authenticator.
read-only
enum values: pending, started, verified, failed, redeemed, expired
createdAt string(date-time)
The time stamp when challenge was created, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
authenticators array: [authenticator]
An array of authenticators with which the user can verify their identity. This is derived; the array and the authenticators are constructed in the createChallenge operation.
read-only
redeemable boolean
true if and only if the challenge may be redeemed. This is derived from the states of the challenge's authenticators; if the number of verified authenticators meets or exceeds the minimumAuthenticatorCount, the challenge becomes verified and may be redeemed via a POST to href in the challenge's apiture:redeem link.
read-only
verifiedAt string(date-time)
The time stamp when challenge was verified in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
failedAt string(date-time)
The time stamp when the user failed to verify their identity verification (authentication) for this challenge, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
expiresAt string(date-time)
The time stamp when the this challenge expires, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only
redemptionHistory array: [string]
The time stamps when a service or operation redeemed this challenge, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). Item 0 is the time stamp the challenge was first redeemed, item 1 is the time stamp of the next redemption, and so on.
read-only
items:
» read-only
code string
An optional authentication code which is only returned in the challenge resource if both a) the platform assigned the code when constructing the challenge), and b) the user has successfully verified the challenge. The client must re-fetch the verified challenge in order to access this property.
read-only
minLength: 16
maxLength: 128

challengeError

{
  "_id": "2eae46e1575c0a7b0115a4b3",
  "message": "Descriptive error message...",
  "statusCode": 422,
  "type": "errorType1",
  "remediation": "Remediation string...",
  "occurredAt": "2018-01-25T05:50:52.375Z",
  "errors": [
    {
      "_id": "ccdbe2c5c938a230667b3827",
      "message": "An optional embedded error"
    },
    {
      "_id": "dbe9088dcfe2460f229338a3",
      "message": "Another optional embedded error"
    }
  ],
  "_links": {
    "describedby": {
      "href": "https://developer.apiture.com/errors/errorType1"
    }
  }
}

Challenge Error (v1.2.0)

The operation error description with an embedded identity challenge.

This schema was resolved from auth/challengeError.

Properties

NameDescription
message string (required)
A localized message string describing the error condition.
_id string
A unique identifier for this error instance. This may be used as a correlation ID with the root cause error (i.e. this ID may be logged at the source of the error). This is is an opaque string.
read-only
statusCode integer
The HTTP status code associate with this error.
minimum: 100
maximum: 599
type string
An error identifier which indicates the category of error and associate it with API support documentation or which the UI tier can use to render an appropriate message or hint. This provides a finer level of granularity than the statusCode. For example, instead of just 400 Bad Request, the type may be much more specific. such as integerValueNotInAllowedRange or numericValueExceedsMaximum or stringValueNotInAllowedSet.
occurredAt string(date-time)
An RFC 3339 UTC time stamp indicating when the error occurred.
attributes object: attributes
Informative values or constraints which describe the error. For example, for a value out of range error, the attributes may specify the minimum and maximum values. This allows clients to present error messages as they see fit (the API does not assume the client/presentation tier). The set of attributes varies by error type.
remediation string
An optional localized string which provides hints for how the user or client can resolve the error.
errors array: [error]
An optional array of nested error objects. This property is not always present.
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
Embedded objects
» challenge object: challenge
The details of the identity verification challenge.

challengeErrorResponse

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Challenge Error Response (v1.2.0)

When an operation requires an additional identity verification challenge, it returns a 401 Unauthorized response status code and an error response with a challenge resource embedded in the _error._embedded.challenge. This informs the caller that they should verify the challenge via one or more of its authenticators, then retry the operation with the Apiture-Challenge header that references the challenge's _id.

This schema was resolved from auth/challengeErrorResponse.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: challengeError
The description of the error.

challengeState

"pending"

Challenge States (v1.0.0)

The state of an identity challenge resource. This is derived based on the state of the challenge's authenticators.

challengeState strings may have one of the following enumerated values:

ValueDescription
pendingPending: The challenge is created but not yet started.
startedStarted: The user has started the challenge and associated authenticator(s).
verifiedVerified: The user correctly verified the corresponding authenticator(s), marking the challenge as verified.
failedFailed: The challenge has failed, often because the user failed one or more of the authenticators.
redeemedRedeemed: The user has redeemed (used) the challenge.
expiredExpired: The challenge has expired without being verified.

These enumeration values are further described by the label group named challengeState in the response from the getLabels operation.

This schema was resolved from auth/challengeState.

Type: string
enum values: pending, started, verified, failed, redeemed, expired

collection

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Collection (v2.1.1)

A collection of resources. This is an abstract model schema which is extended to define specific resource collections.

This schema was resolved from common/collection.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
count integer
The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter.
start integer
The start index of this page of items.
limit integer
The maximum number of items per page.
name string
The name of the collection.

configurationGroup

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/groups/basic"
    }
  },
  "name": "basic",
  "label": "Basic Settings",
  "description": "The basic settings for the Transfers API",
  "schema": {
    "type": "object",
    "properties": {
      "dailyLimit": {
        "type": "number",
        "description": "The daily limit for the number of transfers"
      },
      "cutoffTime": {
        "type": "string",
        "format": "time",
        "description": "The cutoff time for scheduling transfers for the current day"
      }
    }
  },
  "values": {
    "dailyLimit": 5,
    "cutoffTime": 63000
  }
}

Configuration Group (v2.1.1)

Represents a configuration group.

This schema was resolved from configurations/configurationGroup.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
name string
The name of this configuration group, must be unique within the set of all resources of this type.
minLength: 1
maxLength: 48
pattern: [a-zA-Z][-\w_]*
label string
The text label for this resource, suitable for presentation to the client.
minLength: 1
maxLength: 128
description string
The full description for this resource, suitable for presentation to the client.
minLength: 1
maxLength: 4096
schema object: configurationSchema
The schema which defines the name and types of the variables that are part of this configuration definition. Property names must be simple identifiers which follow the pattern letter [letter | digit | - | _]*.

This is implicitly a schema for type: object and contains the properties.

The values in a configuration conform to the schema. The names and types are described with a subset of JSON Schema Core and JSON Schema Validation similar to that used to define schemas in OpenAPI Specification 2.0.

This schema was resolved from configurations/configurationSchema.

values object: configurationValues
The data values associated with this configuration group: the group's variable names and values. These values must conform to this item's schema.

Note: the schema may also contain default values which, if present, are used if a value is not set in the definition's values.

For example, multiple configurations may use the same schema that defines values a, b, and c, but each configuration may have their own unique values for a, b, and c which is separate from the schema.

This schema was resolved from configurations/configurationValues.

configurationGroupSummary

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroupSummary/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/groups/basic"
    }
  },
  "name": "basic",
  "label": "Basic Settings",
  "description": "The basic settings for the Transfers API"
}

Configuration Group Summary (v2.1.1)

A summary of the data contained within a configuration group resource.

This schema was resolved from configurations/configurationGroupSummary.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
name string
The name of this configuration group, must be unique within the set of all resources of this type.
minLength: 1
maxLength: 48
pattern: [a-zA-Z][-\w_]*
label string
The text label for this resource, suitable for presentation to the client.
minLength: 1
maxLength: 128
description string
The full description for this resource, suitable for presentation to the client.
minLength: 1
maxLength: 4096

configurationGroups

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroups/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/configurations/groups?start=10&limit=10"
    },
    "first": {
      "href": "/configurations/configurations/groups?start=0&limit=10"
    },
    "next": {
      "href": "/configurations/configurations/groups?start=20&limit=10"
    },
    "collection": {
      "href": "/configurations/configurations/groups"
    }
  },
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "configurationGroups",
  "_embedded": {
    "items": [
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/basic"
          }
        },
        "name": "basic",
        "label": "Basic Settings",
        "description": "The basic settings for the Transfers API"
      },
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/calendar"
          }
        },
        "name": "calendar",
        "label": "Calendar",
        "description": "A calendar that specifies which dates are valid for performing transfers (e.g., weekdays excluding federal holidays)"
      }
    ]
  }
}

Configuration Group Collection (v2.1.1)

Collection of configuration groups. The items in the collection are ordered in the _embedded object with name items. The top-level _links object may contain pagination links (self, next, prev, first, last, collection).

This schema was resolved from configurations/configurationGroups.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object: configurationGroupsEmbedded
Embedded objects.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
count integer
The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter.
start integer
The start index of this page of items.
limit integer
The maximum number of items per page.
name string
The name of the collection.

configurationGroupsEmbedded

{
  "items": [
    {
      "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroupSummary/v2.1.1/profile.json",
      "_links": {
        "self": {
          "href": "/configurations/groups/basic"
        }
      },
      "name": "basic",
      "label": "Basic Settings",
      "description": "The basic settings for the Transfers API"
    }
  ]
}

Configuration Groups Embedded Objects (v1.1.1)

Objects embedded in the configurationGroupscollection.

This schema was resolved from configurations/configurationGroupsEmbedded.

Properties

NameDescription
items array: [configurationGroupSummary]
An array containing a page of configuration group items.

configurationSchema

{
  "type": "object",
  "properties": {
    "dailyLimit": {
      "type": "number",
      "description": "The daily limit for the number of transfers"
    },
    "cutoffTime": {
      "type": "string",
      "format": "time",
      "description": "The cutoff time for scheduling transfers for the current day"
    }
  }
}

Configuration Schema (v2.1.0)

The schema which defines the name and types of the variables that are part of this configuration definition. Property names must be simple identifiers which follow the pattern letter [letter | digit | - | _]*.

This is implicitly a schema for type: object and contains the properties.

The values in a configuration conform to the schema. The names and types are described with a subset of JSON Schema Core and JSON Schema Validation similar to that used to define schemas in OpenAPI Specification 2.0.

This schema was resolved from configurations/configurationSchema.

Properties

NameDescription
additionalProperties object: configurationSchemaValue
The data associated with this configuration schema.

This schema was resolved from configurations/configurationSchemaValue.

configurationSchemaValue

{}

Configuration Schema Value (v2.0.0)

The data associated with this configuration schema.

This schema was resolved from configurations/configurationSchemaValue.

Properties

configurationValue

{}

Configuration Value (v2.0.0)

The data associated with this configuration.

This schema was resolved from configurations/configurationValue.

Properties

configurationValues

{
  "dailyLimit": 5,
  "cutoffTime": 63000
}

Configuration Values (v2.0.0)

The data values associated with this configuration group: the group's variable names and values. These values must conform to this item's schema.

Note: the schema may also contain default values which, if present, are used if a value is not set in the definition's values.

For example, multiple configurations may use the same schema that defines values a, b, and c, but each configuration may have their own unique values for a, b, and c which is separate from the schema.

This schema was resolved from configurations/configurationValues.

Properties

NameDescription
additionalProperties object: configurationValue
The data associated with this configuration.

This schema was resolved from configurations/configurationValue.

customerMatchType

"none"

Customer Match Type (v1.1.0)

The type of the customer search result.

customerMatchType strings may have one of the following enumerated values:

ValueDescription
noneNone: No customer was found in the digital banking system or in the banking core
notEnrolledNot Enrolled: The search criteria matched a customer that is not yet enrolled in digital banking
enrolledEnrolled: The search criteria matched an existing customer who is enrolled in digital banking
partialPartial: A record matched the required customer search parameter(s) but some search parameters did not match
multipleMultiple: Multiple records matched the search criteria

Type: string
enum values: none, notEnrolled, enrolled, partial, multiple

customerSearch

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "type": "notEnrolled",
  "challenge": {
    "_id": "0399abed-a365c",
    "_profile": "https://production.api.apiture.com/schemas/auth/challenge/v1.2.0/profile.json",
    "_links": {
      "apiture:redeem:": {
        "href": "https://api.devbank.apiture.com/auth/redeemedChallenges?challenge=5d63053d-435c-4455-a0b5-6f88ab729d1a"
      },
      "self": {
        "href": "https://api.devbank.apiture.com/auth/challenges/5d63053d-435c-4455-a0b5-6f88ab729d1a"
      }
    },
    "authenticators": [
      {
        "_id": "7fadd35b-dcee3",
        "_profile": "https://production.api.apiture.com/schemas/auth/authenticator/v1.2.0/profile.json",
        "type": {
          "name": "sms",
          "description": "Enter a code sent via SMS to the user's preferred mobile device.",
          "category": "device",
          "label": "SMS Code",
          "schema": {
            "title": "SMS attributes",
            "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
            "required": [
              "code",
              "length"
            ],
            "type": "object",
            "properties": {
              "code": {
                "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
                "type": "string",
                "maxLength": 10,
                "minLength": 3
              },
              "length": {
                "description": "The number of digits/characters that are sent to the user via SMS.",
                "type": "integer",
                "minimum": 3,
                "maximum": 10,
                "example": 6
              }
            }
          }
        },
        "_links": {
          "apiture:challenge": {
            "href": "https://api.devbank.apiture.com/auth/challenges/0399abed-a365c"
          },
          "apiture:retry": {
            "href": "https://api.devbank.apiture.com/auth/challenges/retriedAuthenticators?authenticator=7fadd35b-dcee3"
          },
          "apiture:verify": {
            "href": "https://api.devbank.apiture.com/auth/challenges/verifiedAuthenticators?authenticator=7fadd35b-dcee3"
          },
          "self": {
            "href": "https://api.devbank.apiture.com/auth/challenges/0399abed-a365c/authenticators/7fadd35b-dcee3"
          }
        },
        "createdAt": "2019-08-23T12:42:50.375Z",
        "expiresAt": "2019-08-23T13:12:50.375Z",
        "maximumRetries": 3,
        "retryCount": 1,
        "state": "pending"
      }
    ],
    "contextUri": "https://api.devbank.apiture.com/registrations/50b9df19-d6bf-4ac0-b5f4-3e6448b7dacd",
    "createdAt": "2019-08-23T11:37:55.375Z",
    "expiresAt": "2019-08-23T12:37:55.375Z",
    "maximumRedemptionCount": 1,
    "minimumAuthenticatorCount": 1,
    "reason": "Verify customer identity",
    "redemptionCount": 0,
    "state": "pending"
  },
  "requireEmail": false,
  "requireMobilePhone": true
}

Customer Search (v1.1.0)

The result of searching for customers.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
type string: customerMatchType (required)
The type of the search result.
enum values: none, notEnrolled, enrolled, partial, multiple
challenge object: challenge
The Challenge resource that the client must use to continue registration/enrollment if the next registration step requires MFA (i.e. a user was found in the system). The client must start the Authenticator(s) listed in the challenge and when the challenges are completed, pass the challenge _id as the Apiture-Challenge request header for the next operation.
requireEmail boolean (required)
If true, the user must also enter a new email address in the next step of registration because the banking core does not have an email address on record.
requireMobilePhone boolean (required)
If true, the user must also enter a new mobile phone number in the next step of registration because the banking core does not have a mobile phone number record.

customerSearchField

{
  "field": "required"
}

Customer Search Field (v1.1.0)

One of several fields the financial institution has configured as a searchable property for customer search.

Properties

NameDescription
field string: customerSearchFieldOption (required)
Whether the financial institution should present this user field to the user and send the corresponding value to the customerSearchRequest operation.
enum values: none, required

customerSearchFieldOption

"none"

Customer Search Field Option (v1.1.0)

Determines if the user interface should present the corresponding field to the user and send the user's response to the searchForCustomer operation.

customerSearchFieldOption strings may have one of the following enumerated values:

ValueDescription
noneNone: The client should not include this field in the customer search form or in the search request.
requiredRequired: This field is required in customer search. The client must include this field in the customer search form, and the user is required to fill in the field as per the constraints of the property in the `customerSearchRequest` model schema.

Type: string
enum values: none, required

customerSearchFields

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "taxId": {
    "field": "required"
  },
  "birthdate": {
    "field": "required"
  },
  "firstName": {
    "field": "none"
  },
  "idCard": {
    "field": "none"
  },
  "lastName": {
    "field": "required"
  },
  "passport": {
    "field": "none"
  }
}

Customer Search Fields (v1.1.1)

The set of form fields that the client should prompt from the user and pass to the searchForCustomer operation (via the customerSearchRequest model schema. Fields marked as required must be presented to the user, and the user's response passed in the request body. Fields marked as none must not be presented in the form or passed. The financial institution can configure these in the configuration value customerSearchFields in the registrations configuration group. Note that this response omits taxId because that field is always required.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
taxId object: customerSearchField
Indicates if the financial institution requires the user to fill out the birthdate field in the customer search form. Always present with the value field: required.
birthdate object: customerSearchField
Indicates if the financial institution requires the user to fill out the birthdate field in the customer search form.
firstName object: customerSearchField
Indicates if the financial institution requires the user to fill out the first name field in the customer search form.
idCard object: customerSearchField
Indicates if the financial institution requires the user to fill out the identification card field in the customer search form.
lastName object: customerSearchField
Indicates if the financial institution requires the user to fill out the last name field in the customer search form.
passport object: customerSearchField
Indicates if the financial institution requires the user to fill out the passport field in the customer search form.

customerSearchIdCard

{
  "_encryption": {
    "number": "sensitive-48729783"
  },
  "expiration": "2024-12-01",
  "number": "<encrypted-value-of-id-card-number>",
  "region": "NC"
}

Customer Search ID Card (v1.0.1)

The ID Card data passed for customer search.

Properties

NameDescription
_encryption object: encryptionMetadata (required)
Metadata about the encrypted properties in this object.
expiration string(date) (required)
The date when the form of identification expires, in RFC 3339 YYYY-MM-DD format.
number string (required)
The full ID card number as a string.

The value of number in requests must be encrypted with the sensitive encryption key.

region string (required)
The state, region, or country that issued the state ID card.
minLength: 2
maxLength: 32

customerSearchPassport

{
  "_encryption": {
    "number": "sensitive-48729783"
  },
  "countryCode": "US",
  "expiration": "2024-12-01",
  "number": "<encrypted-value-of-passport-number>"
}

Customer Search Passport (v1.0.1)

The passport data passed for customer search.

Properties

NameDescription
_encryption object: encryptionMetadata (required)
Metadata about the encrypted properties in this object
countryCode string (required)
The ISO 3166-1 alpha-2 country code for the passport's country of issue.
minLength: 2
maxLength: 2
expiration string(date) (required)
The date when the form of identification expires, in RFC 3339 YYYY-MM-DD format.
number string (required)
The full passport number as a string.

The value of number in requests must be encrypted with the sensitive encryption key.

customerSearchRequest

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "taxId": "sensitive-48729783"
  },
  "birthdate": "1974-10-27",
  "idCard": {
    "_encryption": {
      "cardNumber": "sensitive-48729783"
    },
    "expiration": "2024-12-01",
    "number": "<encrypted-value-of-id-card-number>",
    "region": "NC"
  },
  "lastName": "Peterson",
  "taxId": "<encrypted-value-of-tax-id-number>"
}

Customer Search Request (v2.0.0)

Request body used to search for a customer/user. This request contains a set of personally identifiable data about a possible customer of the financial institution. The response from the getCustomerSearchFields provides the subset of fields in this schema that the financial institution requires or allows to match existing customers. The taxId is always required.

Note that the taxId, passport.number and idCard.number, if requested, must be encrypted in the client with the sensitive encryption key before invoking this operation. Use the getEncryptionKeys operation to get the sensitive key.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_encryption object: encryptionMetadata (required)
Metadata about the encrypted password property.
birthdate string(date)
The user's birth date in RFC 3339 YYYY-MM-DD date format.
firstName string
The user's first name.
minLength: 2
maxLength: 80
idCard object: customerSearchIdCard
An unexpired state, region, or nationally issued identification card, including a driver's license.
lastName string
The user's last name.
minLength: 2
maxLength: 80
passport object: customerSearchPassport
Details of an unexpired national passport.
postalCode string
The mailing address postal code, such as a US Zip or Zip+4 code, or a Canadian postal code.
minLength: 5
maxLength: 10
taxId string (required)
The user's full tax ID.

The value of taxId in requests must be encrypted with the sensitive encryption key.
minLength: 4

captcha object: authenticationCaptcha (required)
The completed client-side CAPTCHA (Completely Automatic Public Turing Test to Tell Computers and Humans Apart) which established the request as a valid interactive request. The service will verify this data to ensure only valid clients call this operation.

This schema was resolved from auth/authenticationCaptcha.

encryptionKey

{
  "name": "secret",
  "publicKey": "-----BEGIN RSA PUBLIC KEY-----\\nMIIBCgKCAQEAl2/fCtf69EnMqw6O/6Wh9wFvKW80jjNfXEWbHh0cnWKW1i0Heg0B...\\n-----END RSA PUBLIC KEY-----",
  "alias": "secret-48729783",
  "createdAt": "2020-03-09T05:01:16.375Z",
  "expiresAt": "2020-03-09T05:01:53.375Z"
}

Encryption Key (v1.0.1)

A rotating public encryption key. See Encryption for additional details.

This schema was resolved from common/encryptionKey.

Properties

NameDescription
name string: encryptionKeyName
The name of an encryption key; this identifies the type of data the key encrypts, such as pii for personally identifying information, secret for passwords or other secret data. The type name is taken from the x-apiture-encrypt annotation on the property in the JSON schema or chosen by the client when requesting encryption keys.
minLength: 3
maxLength: 10
pattern: ^[a-z][a-zA-Z0-9]{2,9}$
publicKey string
The ASCII encoded public encryption key that the client uses to encrypt data. This is half of the asymmetric public/private key pair. This is a mult-line string with key bopokends and embedded line breaks.
alias string
An alias for the actual rotating key. Keys rotate every few minutes. The alias identifies a specific instance of an active public/private key pair. This alias must be set in the _encryption metadata (see encryptionMetadata). The value of the alias is the concatenation of the name, a dash -, and some additional characters which identify the specific key rotation.
minLength: 6
maxLength: 19
pattern: ^[a-z][a-zA-Z0-9]{2,11}-.{2,8}$
createdAt string(date-time)
The date-time when the encryption key was created, in RFC 3339 date-time format.
expiresAt string(date-time)
The date-time when the encryption key will expire. If this expiration time has passed or is less than 60 seconds away, the client should fetch updated encryption keys. RFC 3339 date-time format.

encryptionKeyName

"secret"

Encryption Key Name (v1.0.1)

An encryption key name identifies the type of data that the client wishes to encrypt, such as pii for personally identifying information, secret for passwords or other secret data. The type name is taken from the x-apiture-encrypt annotation on the property in the JSON schema or chosen by the client when requesting encryption keys.

This schema was resolved from common/encryptionKeyName.

Type: string
minLength: 3
maxLength: 10
pattern: ^[a-z][a-zA-Z0-9]{2,9}$

encryptionKeys

{
  "_profile": "https://production.api.apiture.com/schemas/common/encryptionKeys/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "keys": {
    "pii": {
      "name": "sensitive",
      "publicKey": "-----BEGIN RSA PUBLIC KEY-----\\nMIIBCgKCAQEAwh8kIf3rM4FtehDl+WM1egDdxccXFLNPBUvgpbAISnEh373M4vdN...\\n-----END RSA PUBLIC KEY-----",
      "alias": "sensitive-47839398",
      "createdAt": "2020-03-09T05:01:16.375Z",
      "expiresAt": "2020-03-09T05:01:53.375Z"
    },
    "secret": {
      "name": "secret",
      "publicKey": "-----BEGIN RSA PUBLIC KEY-----\\nMIIBCgKCAQEAl2/fCtf69EnMqw6O/6Wh9wFvKW80jjNfXEWbHh0cnWKW1i0Heg0B...\\n-----END RSA PUBLIC KEY-----",
      "alias": "secret-48729783",
      "createdAt": "2020-03-09T05:01:16.375Z",
      "expiresAt": "2020-03-09T05:01:53.375Z"
    }
  }
}

Encryption Keys (v1.1.1)

A set of rotating public encryption keys that the client may use to encrypt sensitive or secret data before sending it to the service. The client only has access to the public key and only the service can decrypt the data. Such keys typically expire after several minutes.

This schema was resolved from common/encryptionKeys.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
keys object
A map of encryption keys. The map's keys are the key name; the values are encryption key objects.
» additionalProperties object: encryptionKey
A rotating public encryption key. See Encryption for additional details.

This schema was resolved from common/encryptionKey.

encryptionMetadata

{
  "property1": "string",
  "property2": "string"
}

Encryption Metadata (v1.0.2)

Metadata about encrypted data within a JSON object in a request body. This _encryption object is a peer of the encrypted data. Each nested object that contains encrypted properties has it's own _encryption object.

This object is a map of string property names → string encryption key alias. The keys are names of the encrypted and Base64 encoded property. Each value is the alias of the rotating public encryption key that the client used to encrypt the named property. See Encryption for additional details.

This schema was resolved from common/encryptionMetadata.

Properties

NameDescription
additionalProperties string

error

{
  "_id": "2eae46e1575c0a7b0115a4b3",
  "message": "Descriptive error message...",
  "statusCode": 422,
  "type": "errorType1",
  "remediation": "Remediation string...",
  "occurredAt": "2018-01-25T05:50:52.375Z",
  "errors": [
    {
      "_id": "ccdbe2c5c938a230667b3827",
      "message": "An optional embedded error"
    },
    {
      "_id": "dbe9088dcfe2460f229338a3",
      "message": "Another optional embedded error"
    }
  ],
  "_links": {
    "describedby": {
      "href": "https://developer.apiture.com/errors/errorType1"
    }
  }
}

Error (v2.1.0)

Describes an error in an API request or in a service called via the API.

This schema was resolved from common/error.

Properties

NameDescription
message string (required)
A localized message string describing the error condition.
_id string
A unique identifier for this error instance. This may be used as a correlation ID with the root cause error (i.e. this ID may be logged at the source of the error). This is is an opaque string.
read-only
statusCode integer
The HTTP status code associate with this error.
minimum: 100
maximum: 599
type string
An error identifier which indicates the category of error and associate it with API support documentation or which the UI tier can use to render an appropriate message or hint. This provides a finer level of granularity than the statusCode. For example, instead of just 400 Bad Request, the type may be much more specific. such as integerValueNotInAllowedRange or numericValueExceedsMaximum or stringValueNotInAllowedSet.
occurredAt string(date-time)
An RFC 3339 UTC time stamp indicating when the error occurred.
attributes object: attributes
Informative values or constraints which describe the error. For example, for a value out of range error, the attributes may specify the minimum and maximum values. This allows clients to present error messages as they see fit (the API does not assume the client/presentation tier). The set of attributes varies by error type.
remediation string
An optional localized string which provides hints for how the user or client can resolve the error.
errors array: [error]
An optional array of nested error objects. This property is not always present.
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

errorResponse

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Error Response (v2.1.0)

Describes an error response, typically returned on 4xx or 5xx errors from API operations. The _error object contains the error details.

This schema was resolved from common/errorResponse.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only

{
  "href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
  "title": "Application"
}

Link (v1.0.0)

Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.

This schema was resolved from common/link.

NameDescription
href string(uri) (required)
The URI or URI template for the resource/operation this link refers to.
type string
The media type for the resource.
templated boolean
If true, the link's href is a URI template.
title string
An optional human-readable localized title for the link.
deprecation string(uri)
If present, the containing link is deprecated and the value is a URI which provides human-readable text information about the deprecation.
profile string(uri)
The URI of a profile document, a JSON document which describes the target resource/operation.

{
  "property1": {
    "href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
    "title": "Application"
  },
  "property2": {
    "href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
    "title": "Application"
  }
}

Links (v1.0.0)

An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

NameDescription
additionalProperties object: link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.

This schema was resolved from common/link.

preferredUserCredentials

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "password": "secret-48729783"
  },
  "password": "d498b282ccd1e70d8676184b3eda51eea4e99baacb92e6d69df2fd05a98d511f",
  "username": "a-conservative-saver"
}

Preferred User Credentials (v1.0.1)

The user's preferred login credentials.

Note that the password property must be encrypted with the secret key. Use the getEncryptionKeys operation to get the secret key.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_encryption object: encryptionMetadata (required)
Metadata about the encrypted password property.
emailAddress string(email)
The user's email address.
mobilePhoneNumber string
The user's phone number, as a string. The service strips all spaces, hyphens, periods and parentheses from input. The default country code prefix is +1.
minLength: 8
maxLength: 20
password string(encrypted-password) (required)
The user's encrypted new password. The client should prompt the user for their new password, then encrypt it with the secret encryption key.
username string(username) (required)
The user's preferred username.
minLength: 2
maxLength: 64

preferredUserCredentialsResponse

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Preferred User Credentials Response (v1.0.1)

Response success when a new user submits their preferred username and password.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
username string(username)
The user's accepted username.
minLength: 2
maxLength: 64

root

{
  "_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "id": "apiName",
  "name": "API name",
  "apiVersion": "1.0.0"
}

API Root (v2.1.1)

A HAL response, with hypermedia _links for the top-level resources and operations in API.

This schema was resolved from common/root.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
_id string
This API's unique ID.
read-only
name string
This API's name.
apiVersion string
This API's version.

summaryChallenge

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Summary Challenge (v1.1.0)

Summary representation of a challenge, used in the challenge collection.

This schema was resolved from auth/summaryChallenge.

Properties

NameDescription
_links object: links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
read-only
_error object: error
An object which describes an error. This value is omitted if the operation succeeded without error.
read-only
reason string
The reason the application or service has issued a challenge requesting the user verify their identity. This is for labeling or informational purposes.
contextUri string(uri)
The URI of a resource that establishes the context in which the user is asked to authenticate their identity. For example, for this may be for a pending transfer, a user's mailing address, or an account if adding a joint owner.
maxLength: 2048
userId string
The user ID of the user who is requested to verify their identity. The default is the userID of the authenticated person creating the challenge.
minimumAuthenticatorCount integer
The minimum number of different authenticators the user must verify in order to satisfy the identity challenge. The default is 1.
minimum: 0
maximum: 4
maximumRedemptionCount integer
The maximum number of times the challenge may be used or redeemed. The default is 1.
minimum: 1
_id string
The unique identifier for this challenge resource. This is an immutable opaque string assigned upon creation.
read-only
redemptionCount integer
How many times the challenge has been redeemed.
read-only
state string: challengeState
The state of this authenticator.
read-only
enum values: pending, started, verified, failed, redeemed, expired
createdAt string(date-time)
The time stamp when challenge was created, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ).
read-only