Customer Registrations v0.5.1

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

Register new users or existing non-digital customers in digital banking.

Error Types

Error responses in this API may have one of the type values described below. See Errors for more information on error responses and error types.

captchaAlreadySubmitted

Description: The CAPTCHA has already been submitted.
Remediation: Restart the request and collect a new CAPTCHA value for each request.

captchaThresholdNotMet

Description: The CAPTCHA was valid but the score did not meet the required threshold.
Remediation: Retry the CAPTCHA with a fallback method.

challengedAlreadyRedeemed

Description: The challenge resource has already been redeemed.
Remediation: Use the most recently issued challenge.

challengedExpired

Description: The challenge resource has expired.
Remediation: Use the most recently issued challenge and complete the authenticators before the challenge expires.

challengedNotVerified

Description: The challenge has not been verified, has expired, or has been redeemed too many times.
Remediation: Pass a valid and verified challenge resource in the Apiture-Challenge request header.

dataNotEncrypted

Description: The data in request was not encrypted or it was encrypted with obsolete keys.
Remediation: Encrypt the data using valid encryption keys.

duplicateUsername

Description: A user with the given username already exists.
Remediation: Resubmit the operation with a unique username.

expiredCaptcha

Description: The CAPTCHA has expired.
Remediation: Collect a new CAPTCHA value an retry the request with the new CAPTCHA response.

groupNotFound

Description: No Groups were found for the specified groupName.
Remediation: Check to make sure that the supplied groupName corresponds to an apiture group resource.

invalidCaptcha

Description: The CAPTCHA is invalid.
Remediation: Start the CAPTCHA correctly in the client and send the correct ID after the CAPTCHA completes.

invalidPassword

Description: The password is not valid.
Remediation: Check that the new password conforms to password policy.

invalidUsername

Description: The username is not valid.
Remediation: Check that the new username conforms to username policy.

missingApitureChallengeHeader

Description: The Apiture-Challenge request header is missing.
Remediation: Pass a reference to a valid challenge resource in the Apiture-Challenge header.

missingRequiredSearchField

Description: The financial institution requires a search field that was omitted from the request.
Remediation: Pass a non-empty value for all required search fields.

The attributes object in the error may have the following properties:

Property	Type	Description
requiredFields	[string]	A list of fields required by the financial institution.

valueNotFound

Description: No Group values were found for the specified groupName and valueName.
Remediation: Check to make sure that the supplied groupName and valueName corresponds to an apiture group and value resource.

Download OpenAPI Definition (YAML)

Base URLs:

• https://api.devbank.apiture.com/registrations

Terms of service

Email: Apiture Web: Apiture

Authentication

• OAuth2 authentication (accessToken)
  • OAuth2 client access token authentication. The client authenticates against the server at authorizationUrl, passing the client's private clientId (and optional clientSecret) as part of this flow. The client obtains an access token from the server at tokenUrl. It then passes the received access token via the Authorization: Bearer {access-token} header in subsequent API calls. The authorization process also returns a refresh token which the client should use to renew the access token before it expires.
  • Flow: authorizationCode
  • Authorization URL = https://auth.devbank.apiture.com/auth/oauth2/authorize
  • Token URL = https://api.devbank.apiture.com/auth/oauth2/token

Scope	Scope Description
admin/write	Admin write (update) access configuration
data/read	Read access to non-banking, non-profile data related resources.

• API Key (apiKey)
  • header parameter: API-Key
  • API Key based authentication. Each client application must pass its private, unique API key, allocated in the developer portal, via the API-Key: {api-key} request header.

Customer Registrations

Customer Registrations

searchForCustomer

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/registrations/customerSearch \
  -H 'Content-Type: application/json' \
  -H 'Accept: */*' \
  -H 'API-Key: API_KEY'

POST https://api.devbank.apiture.com/registrations/customerSearch HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/json
Accept: */*

const fetch = require('node-fetch');
const inputBody = '{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "taxId": "sensitive-48729783"
  },
  "birthdate": "1974-10-27",
  "idCard": {
    "_encryption": {
      "cardNumber": "sensitive-48729783"
    },
    "expiration": "2024-12-01",
    "number": "<encrypted-value-of-id-card-number>",
    "region": "NC"
  },
  "lastName": "Peterson",
  "taxId": "<encrypted-value-of-tax-id-number>"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'*/*',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/customerSearch',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/json',
  'Accept':'*/*',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/customerSearch',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/json',
  'Accept' => '*/*',
  'API-Key' => 'API_KEY'
}

result = RestClient.post 'https://api.devbank.apiture.com/registrations/customerSearch',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/json',
  'Accept': '*/*',
  'API-Key': 'API_KEY'
}

r = requests.post('https://api.devbank.apiture.com/registrations/customerSearch', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/customerSearch");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/json"},
        "Accept": []string{"*/*"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/registrations/customerSearch", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Search for a banking customer

POST https://api.devbank.apiture.com/registrations/customerSearch

A client application can use this operation to determine if the visitor is in one of the several categories at the financial institution. The client application should prompt the user for their last name, date of birth, and tax identification number (such as a social security number) or other data as configured by the financial institution, complete a CAPTCHA, and submit the data here. The response indicates the potential user's status with the financial institution:

1. registered in the Apiture system for online banking,
2. exists in Apiture but the user has not yet enrolled with a username/password,
3. exists only in a banking core, or
4. is unknown.

Corresponding client actions based on this response:

1. the client can direct them to the login screen to logon (or retrieve their username if they forgot it, or reset their password if they forgot it).
2. the client will use the returned Challenge/Authenticator API (from the Authorization API) to start multi-factor authentication. If the user completes the authenticator successfully, they may register for online banking by creating a new registration.
3. same as 2.
4. the client can start a new user registration.

For cases 2 and 3, the response includes a Challenge resource. The client should use one of the returned challenge's authenticators to verify the user identity. If the user completes the authenticator successfully, the user enters their preferred new username and password in the client application. The client should then use the createUserCredentials operation to validate and submit the user's new username and password to create the user's login account.

Body parameter

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "taxId": "sensitive-48729783"
  },
  "birthdate": "1974-10-27",
  "idCard": {
    "_encryption": {
      "cardNumber": "sensitive-48729783"
    },
    "expiration": "2024-12-01",
    "number": "<encrypted-value-of-id-card-number>",
    "region": "NC"
  },
  "lastName": "Peterson",
  "taxId": "<encrypted-value-of-tax-id-number>"
}

Parameters

Parameter	Description
body	customerSearchRequest (required)

Example responses

200 Response

400 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Responses

getCustomerSearchFields

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/customerSearchFields \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/registrations/customerSearchFields HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/customerSearchFields',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/customerSearchFields',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/customerSearchFields',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/registrations/customerSearchFields', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/customerSearchFields");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/customerSearchFields", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Get customer search fields

GET https://api.devbank.apiture.com/registrations/customerSearchFields

Return a map of customer fields necessary for customer search.

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "taxId": {
    "field": "required"
  },
  "birthdate": {
    "field": "required"
  },
  "firstName": {
    "field": "none"
  },
  "idCard": {
    "field": "none"
  },
  "lastName": {
    "field": "required"
  },
  "passport": {
    "field": "none"
  }
}

Responses

createUserCredentials

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/registrations/userCredentials \
  -H 'Content-Type: application/json' \
  -H 'Accept: */*' \
  -H 'Apiture-Challenge: string' \
  -H 'API-Key: API_KEY'

POST https://api.devbank.apiture.com/registrations/userCredentials HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/json
Accept: */*
Apiture-Challenge: string

const fetch = require('node-fetch');
const inputBody = '{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "password": "secret-48729783"
  },
  "password": "d498b282ccd1e70d8676184b3eda51eea4e99baacb92e6d69df2fd05a98d511f",
  "username": "a-conservative-saver"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'*/*',
  'Apiture-Challenge':'string',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/userCredentials',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/json',
  'Accept':'*/*',
  'Apiture-Challenge':'string',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/userCredentials',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/json',
  'Accept' => '*/*',
  'Apiture-Challenge' => 'string',
  'API-Key' => 'API_KEY'
}

result = RestClient.post 'https://api.devbank.apiture.com/registrations/userCredentials',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/json',
  'Accept': '*/*',
  'Apiture-Challenge': 'string',
  'API-Key': 'API_KEY'
}

r = requests.post('https://api.devbank.apiture.com/registrations/userCredentials', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/userCredentials");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/json"},
        "Accept": []string{"*/*"},
        "Apiture-Challenge": []string{"string"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/registrations/userCredentials", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Assign authentication credentials for a new digital banking platform user

POST https://api.devbank.apiture.com/registrations/userCredentials

After confirming the user's identity via the searchForCustomer and completing the multi-factor identity verification challenge, the user can submit their preferred new user credentials (username and password) with this operation.

If there are no errors in the request, the Authentication service returns a success reponse to the user. The operation may fail if the username or password do not satisfy the financial institution's policies, or if the preferred username is already in use.

This operation also supports pre-flight validation, via the ?preFlightValidate=true option, to request that the server validate the credentials. The _error object in the 200 OK response lists any such errors, such as username already in use, the password does not conform to the password policies, or the Challenge ID is invalid or expired or has already been redeemed. If the request is valid, there is no _error object in the pre-flight validation response. Validating the request does not count towards the challenge's maximum redemption count.

This operation requires passing a valid Challenge ID in the Apiture-Challenge request header.

Body parameter

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "password": "secret-48729783"
  },
  "password": "d498b282ccd1e70d8676184b3eda51eea4e99baacb92e6d69df2fd05a98d511f",
  "username": "a-conservative-saver"
}

Parameters

Parameter	Description
Apiture-Challenge in: header	string (required) The unique identifier of a Challenge resource which demonstrates the user has recently verified their identity. See the discussion of Multi-factor authentication challenges above. The value must be the _id string of a valid, redeemable Challenge resource which matches the challenge context.
preFlightValidate in: query	boolean If true, the operation performs pre-flight validation of the request body and it does not attempt to create a login account and credentials for the user.
body	preferredUserCredentials

Example responses

200 Response

400 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Responses

Encryption

Data Encryption

getEncryptionKeys

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/encryptionKeys?keys=string \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/registrations/encryptionKeys?keys=string HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/encryptionKeys?keys=string',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/encryptionKeys',
  method: 'get',
  data: '?keys=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/encryptionKeys',
  params: {
  'keys' => 'array[string]'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/registrations/encryptionKeys', params={
  'keys': [
  "string"
]
}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/encryptionKeys?keys=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/encryptionKeys", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Get client-side encryption keys

GET https://api.devbank.apiture.com/registrations/encryptionKeys

Get encryption keys that the client should use to encrypt sensitive data such as personally identifiable information (PII) and passwords. This adds security on top of transport layer security (TLS/HTTPS) so that sensitive data is not represented as plain text in request bodies. Clients should encrypt properties that have a x-apiture-encrypt: {keyName} annotation in the schema. The client adds metadata in an _encryption object next to the encrypted properties in the request body.

Parameters

Parameter	Description
keys in: query	array[string] (required) A list of encryption key names necessary to encrypt one or more properties in a request body. For example, if the request body schema contains two fields that are tagged x-apiture-encrypt: secret, use ?keys=secret. If the schema contain two fields, one encrypted with password and one with the key named pii, use ?keys=secret,pii. minLength: 1 comma-delimited items: string

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/encryptionKeys/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "keys": {
    "pii": {
      "name": "sensitive",
      "publicKey": "-----BEGIN RSA PUBLIC KEY-----\\nMIIBCgKCAQEAwh8kIf3rM4FtehDl+WM1egDdxccXFLNPBUvgpbAISnEh373M4vdN...\\n-----END RSA PUBLIC KEY-----",
      "alias": "sensitive-47839398",
      "createdAt": "2020-03-09T05:01:16.375Z",
      "expiresAt": "2020-03-09T05:01:53.375Z"
    },
    "secret": {
      "name": "secret",
      "publicKey": "-----BEGIN RSA PUBLIC KEY-----\\nMIIBCgKCAQEAl2/fCtf69EnMqw6O/6Wh9wFvKW80jjNfXEWbHh0cnWKW1i0Heg0B...\\n-----END RSA PUBLIC KEY-----",
      "alias": "secret-48729783",
      "createdAt": "2020-03-09T05:01:16.375Z",
      "expiresAt": "2020-03-09T05:01:53.375Z"
    }
  }
}

Responses

API

The Customer Registrations API

getApi

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/ \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/registrations/ HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/registrations/', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Top-level resources and operations in this API

GET https://api.devbank.apiture.com/registrations/

Return links to the top-level resources and operations in this API.

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "id": "apiName",
  "name": "API name",
  "apiVersion": "1.0.0"
}

Responses

getApiDoc

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/apiDoc \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY'

GET https://api.devbank.apiture.com/registrations/apiDoc HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

fetch('https://api.devbank.apiture.com/registrations/apiDoc',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/apiDoc',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/apiDoc',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY'
}

r = requests.get('https://api.devbank.apiture.com/registrations/apiDoc', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/apiDoc");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/apiDoc", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return API definition document

GET https://api.devbank.apiture.com/registrations/apiDoc

Return the OpenAPI document that describes this API.

Example responses

200 Response

{}

Responses

Response Schema

Configuration

Service Configuration

getConfigurationGroups

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/configurations/groups \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/registrations/configurations/groups HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/configurations/groups',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/registrations/configurations/groups', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/configurations/groups", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return a collection of configuration groups

GET https://api.devbank.apiture.com/registrations/configurations/groups

Return a paginated sortable filterable searchable collection of configuration groups. The links in the response include pagination links.

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroups/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/configurations/groups?start=10&limit=10"
    },
    "first": {
      "href": "/configurations/configurations/groups?start=0&limit=10"
    },
    "next": {
      "href": "/configurations/configurations/groups?start=20&limit=10"
    },
    "collection": {
      "href": "/configurations/configurations/groups"
    }
  },
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "configurationGroups",
  "_embedded": {
    "items": [
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/basic"
          }
        },
        "name": "basic",
        "label": "Basic Settings",
        "description": "The basic settings for the Transfers API"
      },
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/calendar"
          }
        },
        "name": "calendar",
        "label": "Calendar",
        "description": "A calendar that specifies which dates are valid for performing transfers (e.g., weekdays excluding federal holidays)"
      }
    ]
  }
}

Responses

getConfigurationGroup

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName} \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a representation of this configuration group

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}

Return a HAL representation of this configuration group resource.

Parameters

Parameter	Description
groupName in: path	string (required) The unique name of this configuration group.
If-None-Match in: header	string The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET returns 304 (Not Modified) and no response body, else the resource representation is returned.

Example responses

200 Response

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/groups/basic"
    }
  },
  "name": "basic",
  "label": "Basic Settings",
  "description": "The basic settings for the Transfers API",
  "schema": {
    "type": "object",
    "properties": {
      "dailyLimit": {
        "type": "number",
        "description": "The daily limit for the number of transfers"
      },
      "cutoffTime": {
        "type": "string",
        "format": "time",
        "description": "The cutoff time for scheduling transfers for the current day"
      }
    }
  },
  "values": {
    "dailyLimit": 5,
    "cutoffTime": 63000
  }
}

Responses

getConfigurationGroupSchema

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch the schema for this configuration group

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/schema

Return a HAL representation of this configuration group schema resource.

Parameters

Parameter	Description
groupName in: path	string (required) The unique name of this configuration group.
If-None-Match in: header	string The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET returns 304 (Not Modified) and no response body, else the resource representation is returned.

Example responses

200 Response

{
  "type": "object",
  "properties": {
    "dailyLimit": {
      "type": "number",
      "description": "The daily limit for the number of transfers"
    },
    "cutoffTime": {
      "type": "string",
      "format": "time",
      "description": "The cutoff time for scheduling transfers for the current day"
    }
  }
}

Responses

getConfigurationGroupValues

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json
If-None-Match: string

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch the values for the specified configuration group

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values

Return a representation of this configuration group values resource.

Parameters

Parameter	Description
groupName in: path	string (required) The unique name of this configuration group.
If-None-Match in: header	string The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET returns 304 (Not Modified) and no response body, else the resource representation is returned.

Example responses

200 Response

{
  "dailyLimit": 5,
  "cutoffTime": 63000
}

Responses

updateConfigurationGroupValues

Code samples

# You can also use wget
curl -X PUT https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

PUT https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');
const inputBody = '{
  "dailyLimit": 5,
  "cutoffTime": 63000
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
{
  method: 'PUT',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
  method: 'put',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.put 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.put('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("PUT", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Update the values for the specified configuration group

PUT https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values

Perform a complete replacement of this set of values.

Body parameter

{
  "dailyLimit": 5,
  "cutoffTime": 63000
}

Parameters

Parameter	Description
groupName in: path	string (required) The unique name of this configuration group.
If-Match in: header	string The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.
body	configurationValues (required)

Example responses

200 Response

{
  "type": "object",
  "properties": {
    "dailyLimit": {
      "type": "number",
      "description": "The daily limit for the number of transfers"
    },
    "cutoffTime": {
      "type": "string",
      "format": "time",
      "description": "The cutoff time for scheduling transfers for the current day"
    }
  }
}

Responses

getConfigurationGroupValue

Code samples

# You can also use wget
curl -X GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName} \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName} HTTP/1.1
Host: api.devbank.apiture.com
Accept: application/hal+json

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a single value associated with the specified configuration group

GET https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}

Fetch a single value associated with this configuration group. This provides convenient access to individual values of the configuration group. The response is always a JSON value which can be parsed with a strict JSON parser. The response may be

• a primitive number, boolean, or quoted JSON string.
• a JSON array.
• a JSON object.
• null. Examples:
• "a string configuration value"
• 120
• true
• null
• { "borderWidth": 8, "foregroundColor": "blue" } To update a specific value, use PUT /users/configurations/groups/{groupName}/values/{valueName} (operation updateConfigurationGroupValue).

Parameters

Parameter	Description
groupName in: path	string (required) The unique name of this configuration group.
valueName in: path	string (required) The unique name of a value in a configuration group. This is the name of the value in the schema. A {valueName} must be a simple identifier following the pattern letter [letter | digit | '-' | '_']*.

Example responses

200 Response

"string"

Responses

updateConfigurationGroupValue

Code samples

# You can also use wget
curl -X PUT https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName} \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

PUT https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName} HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string

const fetch = require('node-fetch');
const inputBody = 'string';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
{
  method: 'PUT',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
  method: 'put',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.put 'https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.put('https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("PUT", "https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Update a single value associated with the specified configuration group

PUT https://api.devbank.apiture.com/registrations/configurations/groups/{groupName}/values/{valueName}

Update a single value associated with this configuration group. This provides convenient access to individual values of the configuration group as defined in the configuration group's schema. The request body must conform to the configuration group's schema for the named {valueName}. This operation is idempotent. The request body must be a JSON value which can be parsed with a strict JSON parser. The response may be

• a primitive number, boolean, or quoted JSON string.
• a JSON array.
• a JSON object.
• null. Examples:
• "a string configuration value"
• 120
• true
• null
• { "borderWidth": 8, "foregroundColor": "blue" } To fetch specific value, use GET /users/configurations/groups/{groupName}/values/{valueName} (operation getConfigurationGroupValue).

Body parameter

"string"

Parameters

Parameter	Description
groupName in: path	string (required) The unique name of this configuration group.
valueName in: path	string (required) The unique name of a value in a configuration group. This is the name of the value in the schema. A {valueName} must be a simple identifier following the pattern letter [letter | digit | '-' | '_']*.
If-Match in: header	string The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.
body	string (required) The request body must a valid JSON value and should be parsable with a JSON parser. The result may be a string, number, boolean, array, or object.

Example responses

200 Response

"string"

Responses

Schemas

abstractRequest

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {}
}

Abstract Request (v2.0.0)

An abstract schema used to define other request-only schemas. This is a HAL resource representation, minus the _error defined in abstractResource.

This schema was resolved from common/abstractRequest.

Properties

Name	Description
Abstract Request (v2.0.0)	object An abstract schema used to define other request-only schemas. This is a HAL resource representation, minus the _error defined in abstractResource. This schema was resolved from common/abstractRequest.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri

abstractResource

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Abstract Resource (v2.1.0)

An abstract schema used to define other schemas for request and response bodies. This is a HAL resource representation. This model contains hypermedia _links, and either optional domain object data with _profile and optional _embedded objects, or an _error object. In responses, if the operation was successful, this object will not include the _error, but if the operation was a 4xx or 5xx error, this object will not include _embedded or any data fields, only _error and optionally _links.

This schema was resolved from common/abstractResource.

Properties

Name	Description
Abstract Resource (v2.1.0)	object An abstract schema used to define other schemas for request and response bodies. This is a HAL resource representation. This model contains hypermedia _links, and either optional domain object data with _profile and optional _embedded objects, or an _error object. In responses, if the operation was successful, this object will not include the _error, but if the operation was a 4xx or 5xx error, this object will not include _embedded or any data fields, only _error and optionally _links. This schema was resolved from common/abstractResource.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only

attributes

{}

Attributes (v2.1.0)

An optional map of name/value pairs which contains additional dynamic data about the resource.

This schema was resolved from common/attributes.

Properties

Name	Description
Attributes (v2.1.0)	object An optional map of name/value pairs which contains additional dynamic data about the resource. This schema was resolved from common/attributes. Additional Properties: true

authenticationCaptcha

{
  "id": "e44c8ae6-8504-4bb8-bcb3-65066722c2ea",
  "vendor": "google",
  "type": "reCaptcha3"
}

Authentication Captcha (v1.0.0)

The completed client-side CAPTCHA (Completely Automatic Public Turing Test to Tell Computers and Humans Apart) which established the request as a valid interactive request. The service will verify this data to ensure only valid clients call this operation.

This schema was resolved from auth/authenticationCaptcha.

Properties

Name	Description
Authentication Captcha (v1.0.0)	object The completed client-side CAPTCHA (Completely Automatic Public Turing Test to Tell Computers and Humans Apart) which established the request as a valid interactive request. The service will verify this data to ensure only valid clients call this operation. This schema was resolved from auth/authenticationCaptcha.
type	string (required) The type of CAPTCHA which established the request as a valid interactive request. Typical values may be reCaptcha3 or reCaptcha2. minLength: 4 maxLength: 20 pattern: "^[a-z][a-zA-Z0-9]{3,20}$"
id	string (required) The ID of a completed client-side CAPTCHA which established the request as a valid interactive request.
vendor	string (required) The name of the CAPTCHA provider. Supported vendors are currently: google for Google reCaptcha v3. minLength: 4 maxLength: 20 pattern: "^[a-z][a-zA-Z0-9]{3,20}$"

authenticator

{
  "_profile": "https://production.api.apiture.com/schemas/auth/authenticator/v1.2.0/profile.json",
  "_links": {
    "self": {
      "href": "/auth/challenges/2e61e506-1568-4f1a-a93e-4d0a48a06d0e/authenticators/7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
    },
    "apiture:challenge": {
      "href": "/auth/challenges/challenges/b59438cd-5efb-4915-916b-0600bb2a4e1e"
    },
    "apiture:retry": {
      "href": "/auth/challenges/retriedAuthenticators?authenticator=7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
    },
    "apiture:verify": {
      "href": "/auth/challenges/verifiedAuthenticators"
    }
  },
  "_id": "7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3",
  "userId": "b2720469-3497-4b82-8b85-30f2155aa66d",
  "state": "started",
  "maskedTarget": "****1234",
  "type": {
    "name": "sms",
    "label": "SMS Code",
    "description": "Enter a code sent via SMS to the user's preferred mobile device.",
    "category": "device",
    "schema": {
      "title": "SMS attributes",
      "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
      "type": "object",
      "required": [
        "code",
        "length"
      ],
      "properties": {
        "code": {
          "type": "string",
          "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
          "minLength": 3,
          "maxLength": 10
        },
        "length": {
          "description": "The number of digits/characters that are sent to the user via SMS.",
          "type": "integer",
          "minimum": 3,
          "maximum": 10,
          "example": 6
        }
      }
    }
  },
  "maximumRetries": 3,
  "retryCount": 1,
  "createdAt": "2019-08-23T12:42:50.375Z",
  "expiresAt": "2019-08-23T13:12:50.375Z"
}

Authenticator (v1.2.0)

Representation of authenticators which verify a user's identity.

Links

Response and request bodies using this authenticator schema may contain the following links:

Rel	Summary	Method
apiture:retry	Retry an authenticator	POST
apiture:start	Start an authenticator	POST
apiture:verify	Verify a user's identity	POST
apiture:challenge	Fetch a representation of this challenge	GET

This schema was resolved from auth/authenticator.

Properties

Name	Description
Authenticator (v1.2.0)	object Representation of authenticators which verify a user's identity. Links Response and request bodies using this authenticator schema may contain the following links: Rel Summary Method apiture:retry Retry an authenticator POST apiture:start Start an authenticator POST apiture:verify Verify a user's identity POST apiture:challenge Fetch a representation of this challenge GET This schema was resolved from auth/authenticator.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
type	authenticatorType The type of this authenticator. This must be one of the items in the /authenticatorTypes resource.
maximumRetries	integer The maximum number of times the user may retry this authenticator. If 0, the user must authenticate correctly on the first try. When an authenticator is retried, the client should POST to the apiture:retry link on the authenticators; absence of the link means the user cannot retry the authenticator. The default is 3. minimum: 0 maximum: 10
_id	string The unique identifier for this authenticator resource. This is an immutable opaque string assigned upon creation. read-only
userId	string The user ID of the user who is requested to verify their identity.
state	authenticatorState The state of this authenticator. This is derived and read-only. read-only enum values: pending, started, verified, failed, expired
maskedTarget	string A masked value which helps identify the specific authenticator target, such as a masked mobile phone or a masked email address.
retryCount	integer The actual number of times a user has retried this authenticator. read-only minimum: 0 maximum: 10
attributes	object Data collected from the user that is used to verify this authenticator. This data conforms to the schema defined in the type. For example, for sms, the attributes must contains a code.
createdAt	string(date-time) The time stamp when authenticator was created, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). read-only format: date-time
verifiedAt	string(date-time) The time stamp when authenticator was verified in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). read-only format: date-time
failedAt	string(date-time) The time stamp when the user failed to verify their identity verification (authentication) for this challenge, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). read-only format: date-time
expiresAt	string(date-time) The time stamp when the this challenge expires, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). read-only format: date-time

authenticatorCategory

"knowledge"

authenticatorCategory (v1.0.0)

Categories which help classify and organize different authenticator types:

• knowledge - Something you know, such as a password or answers to personal questions.
• biometric - Something you are, such as facial recognition or fingerprints.
• device - Something you have, such as a mobile phone (for confirmation via a code sent via text message) or an electronic key.

authenticatorCategory strings may have one of the following enumerated values:

Value	Description
knowledge	Knowledge: Authenticate with information the user knows, such as a password or answers to personal questions.
biometric	Biometric: Authenticate with physical characteristics of the user, such as fingerprints, voiceprint, or faceprint.
device	Device: Authenticate with a device that the user has, such as a mobile phone or an electronic key.

These enumeration values are further described by the label group named authenticatorCategory in the response from the getLabels operation.

This schema was resolved from auth/authenticatorCategory.

type: string

enum values: knowledge, biometric, device

authenticatorState

"pending"

Authenticator State (v1.0.0)

The state of a challenge authenticator resource.

• The startAuthenticator operation (link apiture:start) changes the state from pending to started.
• The retryAuthenticator operation (link apiture:retry) changes the state to started and is only allowed if the authenticator has more retries available.
• The verifyAuthenticator operation (link apiture:verify) validates the attributes and changes the state to verified if valid or to failed if invalid.

authenticatorState strings may have one of the following enumerated values:

Value	Description
pending	Pending: The authenticator is created but not yet started.
started	Started: The user has started the authenticator.
verified	Verified: The user corresponding verified the authenticator.
failed	Failed: The user failed the authenticators criteria.
expired	Expired: The authenticator expired before the user completed the criteria.

These enumeration values are further described by the label group named authenticatorState in the response from the getLabels operation.

This schema was resolved from auth/authenticatorState.

type: string

enum values: pending, started, verified, failed, expired

authenticatorType

{
  "name": "sms",
  "label": "SMS code",
  "description": "Enter a code sent via SMS to the user's preferred mobile device.",
  "category": "device",
  "schema": {
    "title": "SMS attributes",
    "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
    "type": "object",
    "required": [
      "code",
      "length"
    ],
    "properties": {
      "code": {
        "type": "string",
        "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
        "minLength": 3,
        "maxLength": 10
      },
      "length": {
        "description": "The number of digits/characters that are sent to the user via SMS.",
        "type": "integer",
        "minimum": 3,
        "maximum": 10,
        "example": 6
      }
    }
  }
}

Authenticator Type (v1.0.0)

An authenticator type description.

This schema was resolved from auth/authenticatorType.

Properties

Name	Description
Authenticator Type (v1.0.0)	object An authenticator type description. This schema was resolved from auth/authenticatorType.
name	string The name of this authenticator; also the key in the authenticatorTypes object.
label	string A localized label or title which may be used labels or other UI controls which present a value.
description	string A more detailed localized description of an authenticator type.
language	string The actual natural language tag to which this authentication type description is associated, as per RFC 7231. If omitted, this serves as the default.
category	authenticatorCategory The authentication category. enum values: knowledge, biometric, device
schema	object The JSON schema which describe the attributes object for all authenticators of this type. For example, for sms, the schema defines a required code string.

challenge

{
  "_profile": "https://production.api.apiture.com/schemas/auth/challenge/v1.2.0/profile.json",
  "_links": {
    "self": {
      "href": "/auth/challenges/5d63053d-435c-4455-a0b5-6f88ab729d1a"
    },
    "apiture:redeem": {
      "href": "/auth/redeemedChallenges?challenge=5d63053d-435c-4455-a0b5-6f88ab729d1a"
    }
  },
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "reason": "Transfer amount much higher than normal",
  "contextUri": "https://fi.apiture.com/transfers/scheduledTransfers/50b9df19-d6bf-4ac0-b5f4-3e6448b7dacd",
  "minimumAuthenticatorCount": 1,
  "authenticators": [
    {
      "_id": "7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3",
      "_profile": "https://production.api.apiture.com/schemas/auth/authenticator/v1.2.0/profile.json",
      "userId": "b2720469-3497-4b82-8b85-30f2155aa66d",
      "state": "started",
      "type": {
        "name": "sms",
        "label": "SMS Code",
        "description": "Enter a code sent via SMS to the user's preferred mobile device.",
        "category": "device",
        "schema": {
          "title": "SMS attributes",
          "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
          "type": "object",
          "required": [
            "code",
            "length"
          ],
          "properties": {
            "code": {
              "type": "string",
              "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
              "minLength": 3,
              "maxLength": 10
            },
            "length": {
              "description": "The number of digits/characters that are sent to the user via SMS.",
              "type": "integer",
              "minimum": 3,
              "maximum": 10,
              "example": 6
            }
          }
        }
      },
      "maximumRetries": 3,
      "retryCount": 1,
      "createdAt": "2019-08-23T12:42:50.375Z",
      "expiresAt": "2019-08-23T13:12:50.375Z",
      "_links": {
        "self": {
          "href": "/auth/challenges/0399abed-fd3d-4830-a88b-30f38b8a365c/authenticators/7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
        },
        "apiture:challenge": {
          "href": "/auth/challenges/0399abed-fd3d-4830-a88b-30f38b8a365c"
        },
        "apiture:retry": {
          "href": "/auth/challenges/retriedAuthenticators?authenticator=7fadd35b-6f6b-4901-b1ba-d3b91c9dcee3"
        },
        "apiture:verify": {
          "href": "/auth/challenges/verifiedAuthenticators"
        }
      }
    }
  ],
  "maximumRedemptionCount": 1,
  "redemptionCount": 0,
  "state": "pending",
  "createdAt": "2019-08-23T11:37:55.375Z",
  "expiresAt": "2019-08-23T12:37:55.375Z"
}

Challenge (v1.2.0)

A resource which represents an identity verification challenge to a user. The user must verify one or more of the authentication methods defined in this challenge in order to proceed with a banking operation (such as scheduling a larger than normal transfer, adding a joint owner or authorized signer to an account, or changing their mailing address or mobile phone number).

Links

Response and request bodies using this challenge schema may contain the following links:

Rel	Summary	Method
apiture:redeem	Redeem or use a challenge	POST

This schema was resolved from auth/challenge.

Properties

Name	Description
Challenge (v1.2.0)	object A resource which represents an identity verification challenge to a user. The user must verify one or more of the authentication methods defined in this challenge in order to proceed with a banking operation (such as scheduling a larger than normal transfer, adding a joint owner or authorized signer to an account, or changing their mailing address or mobile phone number). Links Response and request bodies using this challenge schema may contain the following links: Rel Summary Method apiture:redeem Redeem or use a challenge POST This schema was resolved from auth/challenge.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
reason	string The reason the application or service has issued a challenge requesting the user verify their identity. This is for labeling or informational purposes.
contextUri	string(uri) The URI of a resource that establishes the context in which the user is asked to authenticate their identity. For example, for this may be for a pending transfer, a user's mailing address, or an account if adding a joint owner. format: uri maxLength: 2048
userId	string The user ID of the user who is requested to verify their identity. The default is the userID of the authenticated person creating the challenge.
minimumAuthenticatorCount	integer The minimum number of different authenticators the user must verify in order to satisfy the identity challenge. The default is 1. minimum: 0 maximum: 4
maximumRedemptionCount	integer The maximum number of times the challenge may be used or redeemed. The default is 1. minimum: 1
_id	string The unique identifier for this challenge resource. This is an immutable opaque string assigned upon creation. read-only
redemptionCount	integer How many times the challenge has been redeemed. read-only
state	challengeState The state of this authenticator. read-only enum values: pending, started, verified, failed, redeemed, expired
createdAt	string(date-time) The time stamp when challenge was created, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). read-only format: date-time
authenticators	array: [authenticator] An array of authenticators with which the user can verify their identity. This is derived; the array and the authenticators are constructed in the createChallenge operation. read-only items: object
redeemable	boolean true if and only if the challenge may be redeemed. This is derived from the states of the challenge's authenticators; if the number of verified authenticators meets or exceeds the minimumAuthenticatorCount, the challenge becomes verified and may be redeemed via a POST to href in the challenge's apiture:redeem link. read-only
verifiedAt	string(date-time) The time stamp when challenge was verified in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). read-only format: date-time
failedAt	string(date-time) The time stamp when the user failed to verify their identity verification (authentication) for this challenge, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). read-only format: date-time
expiresAt	string(date-time) The time stamp when the this challenge expires, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). read-only format: date-time
redemptionHistory	array: [string] The time stamps when a service or operation redeemed this challenge, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). Item 0 is the time stamp the challenge was first redeemed, item 1 is the time stamp of the next redemption, and so on. read-only items: string(date-time) » read-only » format: date-time
code	string An optional authentication code which is only returned in the challenge resource if both a) the platform assigned the code when constructing the challenge), and b) the user has successfully verified the challenge. The client must re-fetch the verified challenge in order to access this property. read-only minLength: 16 maxLength: 128

challengeError

{
  "_id": "2eae46e1575c0a7b0115a4b3",
  "message": "Descriptive error message...",
  "statusCode": 422,
  "type": "errorType1",
  "remediation": "Remediation string...",
  "occurredAt": "2018-01-25T05:50:52.375Z",
  "errors": [
    {
      "_id": "ccdbe2c5c938a230667b3827",
      "message": "An optional embedded error"
    },
    {
      "_id": "dbe9088dcfe2460f229338a3",
      "message": "Another optional embedded error"
    }
  ],
  "_links": {
    "describedby": {
      "href": "https://developer.apiture.com/errors/errorType1"
    }
  }
}

Challenge Error (v1.2.0)

The operation error description with an embedded identity challenge.

This schema was resolved from auth/challengeError.

Properties

Name	Description
Challenge Error (v1.2.0)	object The operation error description with an embedded identity challenge. This schema was resolved from auth/challengeError.
message	string (required) A localized message string describing the error condition.
_id	string A unique identifier for this error instance. This may be used as a correlation ID with the root cause error (i.e. this ID may be logged at the source of the error). This is is an opaque string. read-only
statusCode	integer The HTTP status code associate with this error. minimum: 100 maximum: 599
type	string An error identifier which indicates the category of error and associate it with API support documentation or which the UI tier can use to render an appropriate message or hint. This provides a finer level of granularity than the statusCode. For example, instead of just 400 Bad Request, the type may be much more specific. such as integerValueNotInAllowedRange or numericValueExceedsMaximum or stringValueNotInAllowedSet.
occurredAt	string(date-time) An RFC 3339 UTC time stamp indicating when the error occurred. format: date-time
attributes	attributes Informative values or constraints which describe the error. For example, for a value out of range error, the attributes may specify the minimum and maximum values. This allows clients to present error messages as they see fit (the API does not assume the client/presentation tier). The set of attributes varies by error type. Additional Properties: true
remediation	string An optional localized string which provides hints for how the user or client can resolve the error.
errors	array: [error] An optional array of nested error objects. This property is not always present. items: object
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object Embedded objects
» challenge	challenge The details of the identity verification challenge.

challengeErrorResponse

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Challenge Error Response (v1.2.0)

When an operation requires an additional identity verification challenge, it returns a 401 Unauthorized response status code and an error response with a challenge resource embedded in the _error._embedded.challenge. This informs the caller that they should verify the challenge via one or more of its authenticators, then retry the operation with the Apiture-Challenge header that references the challenge's _id.

This schema was resolved from auth/challengeErrorResponse.

Properties

Name	Description
Challenge Error Response (v1.2.0)	object When an operation requires an additional identity verification challenge, it returns a 401 Unauthorized response status code and an error response with a challenge resource embedded in the _error._embedded.challenge. This informs the caller that they should verify the challenge via one or more of its authenticators, then retry the operation with the Apiture-Challenge header that references the challenge's _id. This schema was resolved from auth/challengeErrorResponse.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	challengeError The description of the error.

challengeState

"pending"

Challenge States (v1.0.0)

The state of an identity challenge resource. This is derived based on the state of the challenge's authenticators.

challengeState strings may have one of the following enumerated values:

Value	Description
pending	Pending: The challenge is created but not yet started.
started	Started: The user has started the challenge and associated authenticator(s).
verified	Verified: The user correctly verified the corresponding authenticator(s), marking the challenge as verified.
failed	Failed: The challenge has failed, often because the user failed one or more of the authenticators.
redeemed	Redeemed: The user has redeemed (used) the challenge.
expired	Expired: The challenge has expired without being verified.

These enumeration values are further described by the label group named challengeState in the response from the getLabels operation.

This schema was resolved from auth/challengeState.

type: string

enum values: pending, started, verified, failed, redeemed, expired

collection

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Collection (v2.1.1)

A collection of resources. This is an abstract model schema which is extended to define specific resource collections.

This schema was resolved from common/collection.

Properties

Name	Description
Collection (v2.1.1)	object A collection of resources. This is an abstract model schema which is extended to define specific resource collections. This schema was resolved from common/collection.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
count	integer The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter.
start	integer The start index of this page of items.
limit	integer The maximum number of items per page.
name	string The name of the collection.

configurationGroup

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/groups/basic"
    }
  },
  "name": "basic",
  "label": "Basic Settings",
  "description": "The basic settings for the Transfers API",
  "schema": {
    "type": "object",
    "properties": {
      "dailyLimit": {
        "type": "number",
        "description": "The daily limit for the number of transfers"
      },
      "cutoffTime": {
        "type": "string",
        "format": "time",
        "description": "The cutoff time for scheduling transfers for the current day"
      }
    }
  },
  "values": {
    "dailyLimit": 5,
    "cutoffTime": 63000
  }
}

Configuration Group (v2.1.1)

Represents a configuration group.

This schema was resolved from configurations/configurationGroup.

Properties

Name	Description
Configuration Group (v2.1.1)	object Represents a configuration group. This schema was resolved from configurations/configurationGroup.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
name	string The name of this configuration group, must be unique within the set of all resources of this type. minLength: 1 maxLength: 48 pattern: "[a-zA-Z][-\\w_]*"
label	string The text label for this resource, suitable for presentation to the client. minLength: 1 maxLength: 128
description	string The full description for this resource, suitable for presentation to the client. minLength: 1 maxLength: 4096
schema	configurationSchema The schema which defines the name and types of the variables that are part of this configuration definition. Property names must be simple identifiers which follow the pattern letter [letter | digit | - | _]*. This is implicitly a schema for type: object and contains the properties. The values in a configuration conform to the schema. The names and types are described with a subset of JSON Schema Core and JSON Schema Validation similar to that used to define schemas in OpenAPI Specification 2.0. This schema was resolved from configurations/configurationSchema.
values	configurationValues The data values associated with this configuration group: the group's variable names and values. These values must conform to this item's schema. Note: the schema may also contain default values which, if present, are used if a value is not set in the definition's values. For example, multiple configurations may use the same schema that defines values a, b, and c, but each configuration may have their own unique values for a, b, and c which is separate from the schema. This schema was resolved from configurations/configurationValues.

configurationGroupSummary

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroupSummary/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/groups/basic"
    }
  },
  "name": "basic",
  "label": "Basic Settings",
  "description": "The basic settings for the Transfers API"
}

Configuration Group Summary (v2.1.1)

A summary of the data contained within a configuration group resource.

This schema was resolved from configurations/configurationGroupSummary.

Properties

Name	Description
Configuration Group Summary (v2.1.1)	object A summary of the data contained within a configuration group resource. This schema was resolved from configurations/configurationGroupSummary.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
name	string The name of this configuration group, must be unique within the set of all resources of this type. minLength: 1 maxLength: 48 pattern: "[a-zA-Z][-\\w_]*"
label	string The text label for this resource, suitable for presentation to the client. minLength: 1 maxLength: 128
description	string The full description for this resource, suitable for presentation to the client. minLength: 1 maxLength: 4096

configurationGroups

{
  "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroups/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "/configurations/configurations/groups?start=10&limit=10"
    },
    "first": {
      "href": "/configurations/configurations/groups?start=0&limit=10"
    },
    "next": {
      "href": "/configurations/configurations/groups?start=20&limit=10"
    },
    "collection": {
      "href": "/configurations/configurations/groups"
    }
  },
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "configurationGroups",
  "_embedded": {
    "items": [
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/basic"
          }
        },
        "name": "basic",
        "label": "Basic Settings",
        "description": "The basic settings for the Transfers API"
      },
      {
        "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroup/v2.1.1/profile.json",
        "_links": {
          "self": {
            "href": "/configurations/groups/calendar"
          }
        },
        "name": "calendar",
        "label": "Calendar",
        "description": "A calendar that specifies which dates are valid for performing transfers (e.g., weekdays excluding federal holidays)"
      }
    ]
  }
}

Configuration Group Collection (v2.1.1)

Collection of configuration groups. The items in the collection are ordered in the _embedded object with name items. The top-level _links object may contain pagination links (self, next, prev, first, last, collection).

This schema was resolved from configurations/configurationGroups.

Properties

Name	Description
Configuration Group Collection (v2.1.1)	object Collection of configuration groups. The items in the collection are ordered in the _embedded object with name items. The top-level _links object may contain pagination links (self, next, prev, first, last, collection). This schema was resolved from configurations/configurationGroups.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	configurationGroupsEmbedded Embedded objects.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
count	integer The number of items in the collection. This value is optional and may be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter.
start	integer The start index of this page of items.
limit	integer The maximum number of items per page.
name	string The name of the collection.

configurationGroupsEmbedded

{
  "items": [
    {
      "_profile": "https://production.api.apiture.com/schemas/configurations/configurationGroupSummary/v2.1.1/profile.json",
      "_links": {
        "self": {
          "href": "/configurations/groups/basic"
        }
      },
      "name": "basic",
      "label": "Basic Settings",
      "description": "The basic settings for the Transfers API"
    }
  ]
}

Configuration Groups Embedded Objects (v1.1.1)

Objects embedded in the configurationGroupscollection.

This schema was resolved from configurations/configurationGroupsEmbedded.

Properties

Name	Description
Configuration Groups Embedded Objects (v1.1.1)	object Objects embedded in the configurationGroupscollection. This schema was resolved from configurations/configurationGroupsEmbedded.
items	array: [configurationGroupSummary] An array containing a page of configuration group items. items: object

configurationSchema

{
  "type": "object",
  "properties": {
    "dailyLimit": {
      "type": "number",
      "description": "The daily limit for the number of transfers"
    },
    "cutoffTime": {
      "type": "string",
      "format": "time",
      "description": "The cutoff time for scheduling transfers for the current day"
    }
  }
}

Configuration Schema (v2.1.0)

The schema which defines the name and types of the variables that are part of this configuration definition. Property names must be simple identifiers which follow the pattern letter [letter | digit | - | _]*.

This is implicitly a schema for type: object and contains the properties.

The values in a configuration conform to the schema. The names and types are described with a subset of JSON Schema Core and JSON Schema Validation similar to that used to define schemas in OpenAPI Specification 2.0.

This schema was resolved from configurations/configurationSchema.

Properties

Name	Description
Configuration Schema (v2.1.0)	object The schema which defines the name and types of the variables that are part of this configuration definition. Property names must be simple identifiers which follow the pattern letter [letter | digit | - | _]*. This is implicitly a schema for type: object and contains the properties. The values in a configuration conform to the schema. The names and types are described with a subset of JSON Schema Core and JSON Schema Validation similar to that used to define schemas in OpenAPI Specification 2.0. This schema was resolved from configurations/configurationSchema.
Configuration Schema Value (v2.0.0)	configurationSchemaValue The data associated with this configuration schema. This schema was resolved from configurations/configurationSchemaValue.

configurationSchemaValue

{}

Configuration Schema Value (v2.0.0)

The data associated with this configuration schema.

This schema was resolved from configurations/configurationSchemaValue.

Properties

Name	Description
Configuration Schema Value (v2.0.0)	object The data associated with this configuration schema. This schema was resolved from configurations/configurationSchemaValue.

configurationValue

{}

Configuration Value (v2.0.0)

The data associated with this configuration.

This schema was resolved from configurations/configurationValue.

Properties

Name	Description
Configuration Value (v2.0.0)	object The data associated with this configuration. This schema was resolved from configurations/configurationValue.

configurationValues

{
  "dailyLimit": 5,
  "cutoffTime": 63000
}

Configuration Values (v2.0.0)

The data values associated with this configuration group: the group's variable names and values. These values must conform to this item's schema.

Note: the schema may also contain default values which, if present, are used if a value is not set in the definition's values.

For example, multiple configurations may use the same schema that defines values a, b, and c, but each configuration may have their own unique values for a, b, and c which is separate from the schema.

This schema was resolved from configurations/configurationValues.

Properties

Name	Description
Configuration Values (v2.0.0)	object The data values associated with this configuration group: the group's variable names and values. These values must conform to this item's schema. Note: the schema may also contain default values which, if present, are used if a value is not set in the definition's values. For example, multiple configurations may use the same schema that defines values a, b, and c, but each configuration may have their own unique values for a, b, and c which is separate from the schema. This schema was resolved from configurations/configurationValues.
Configuration Value (v2.0.0)	configurationValue The data associated with this configuration. This schema was resolved from configurations/configurationValue.

customerMatchType

"none"

Customer Match Type (v1.1.0)

The type of the customer search result.

customerMatchType strings may have one of the following enumerated values:

Value	Description
none	None: No customer was found in the digital banking system or in the banking core
notEnrolled	Not Enrolled: The search criteria matched a customer that is not yet enrolled in digital banking
enrolled	Enrolled: The search criteria matched an existing customer who is enrolled in digital banking
partial	Partial: A record matched the required customer search parameter(s) but some search parameters did not match
multiple	Multiple: Multiple records matched the search criteria

type: string

enum values: none, notEnrolled, enrolled, partial, multiple

customerSearch

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "type": "notEnrolled",
  "challenge": {
    "_id": "0399abed-a365c",
    "_profile": "https://production.api.apiture.com/schemas/auth/challenge/v1.2.0/profile.json",
    "_links": {
      "apiture:redeem:": {
        "href": "https://api.devbank.apiture.com/auth/redeemedChallenges?challenge=5d63053d-435c-4455-a0b5-6f88ab729d1a"
      },
      "self": {
        "href": "https://api.devbank.apiture.com/auth/challenges/5d63053d-435c-4455-a0b5-6f88ab729d1a"
      }
    },
    "authenticators": [
      {
        "_id": "7fadd35b-dcee3",
        "_profile": "https://production.api.apiture.com/schemas/auth/authenticator/v1.2.0/profile.json",
        "type": {
          "name": "sms",
          "description": "Enter a code sent via SMS to the user's preferred mobile device.",
          "category": "device",
          "label": "SMS Code",
          "schema": {
            "title": "SMS attributes",
            "description": "Schema for an authenticator's `attributes` when the authenticator type is `sms`.",
            "required": [
              "code",
              "length"
            ],
            "type": "object",
            "properties": {
              "code": {
                "description": "A code that was sent to the user's mobile device via SMS. The user should enter the code in the app, then set `attributes.code` to that. The length of the code (the number of characters or digits) must equal the `length'.",
                "type": "string",
                "maxLength": 10,
                "minLength": 3
              },
              "length": {
                "description": "The number of digits/characters that are sent to the user via SMS.",
                "type": "integer",
                "minimum": 3,
                "maximum": 10,
                "example": 6
              }
            }
          }
        },
        "_links": {
          "apiture:challenge": {
            "href": "https://api.devbank.apiture.com/auth/challenges/0399abed-a365c"
          },
          "apiture:retry": {
            "href": "https://api.devbank.apiture.com/auth/challenges/retriedAuthenticators?authenticator=7fadd35b-dcee3"
          },
          "apiture:verify": {
            "href": "https://api.devbank.apiture.com/auth/challenges/verifiedAuthenticators?authenticator=7fadd35b-dcee3"
          },
          "self": {
            "href": "https://api.devbank.apiture.com/auth/challenges/0399abed-a365c/authenticators/7fadd35b-dcee3"
          }
        },
        "createdAt": "2019-08-23T12:42:50.375Z",
        "expiresAt": "2019-08-23T13:12:50.375Z",
        "maximumRetries": 3,
        "retryCount": 1,
        "state": "pending"
      }
    ],
    "contextUri": "https://api.devbank.apiture.com/registrations/50b9df19-d6bf-4ac0-b5f4-3e6448b7dacd",
    "createdAt": "2019-08-23T11:37:55.375Z",
    "expiresAt": "2019-08-23T12:37:55.375Z",
    "maximumRedemptionCount": 1,
    "minimumAuthenticatorCount": 1,
    "reason": "Verify customer identity",
    "redemptionCount": 0,
    "state": "pending"
  },
  "requireEmail": false,
  "requireMobilePhone": true
}

Customer Search (v1.1.0)

The result of searching for customers.

Properties

Name	Description
Customer Search (v1.1.0)	object The result of searching for customers.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
type	customerMatchType (required) The type of the search result. enum values: none, notEnrolled, enrolled, partial, multiple
challenge	challenge The Challenge resource that the client must use to continue registration/enrollment if the next registration step requires MFA (i.e. a user was found in the system). The client must start the Authenticator(s) listed in the challenge and when the challenges are completed, pass the challenge _id as the Apiture-Challenge request header for the next operation.
requireEmail	boolean (required) If true, the user must also enter a new email address in the next step of registration because the banking core does not have an email address on record.
requireMobilePhone	boolean (required) If true, the user must also enter a new mobile phone number in the next step of registration because the banking core does not have a mobile phone number record.

customerSearchField

{
  "field": "required"
}

Customer Search Field (v1.1.0)

One of several fields the financial institution has configured as a searchable property for customer search.

Properties

Name	Description
Customer Search Field (v1.1.0)	object One of several fields the financial institution has configured as a searchable property for customer search.
field	customerSearchFieldOption (required) Whether the financial institution should present this user field to the user and send the corresponding value to the customerSearchRequest operation. enum values: none, required

customerSearchFieldOption

"none"

Customer Search Field Option (v1.1.0)

Determines if the user interface should present the corresponding field to the user and send the user's response to the searchForCustomer operation.

customerSearchFieldOption strings may have one of the following enumerated values:

Value	Description
none	None: The client should not include this field in the customer search form or in the search request.
required	Required: This field is required in customer search. The client must include this field in the customer search form, and the user is required to fill in the field as per the constraints of the property in the `customerSearchRequest` model schema.

type: string

enum values: none, required

customerSearchFields

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "taxId": {
    "field": "required"
  },
  "birthdate": {
    "field": "required"
  },
  "firstName": {
    "field": "none"
  },
  "idCard": {
    "field": "none"
  },
  "lastName": {
    "field": "required"
  },
  "passport": {
    "field": "none"
  }
}

Customer Search Fields (v1.1.1)

The set of form fields that the client should prompt from the user and pass to the searchForCustomer operation (via the customerSearchRequest model schema. Fields marked as required must be presented to the user, and the user's response passed in the request body. Fields marked as none must not be presented in the form or passed. The financial institution can configure these in the configuration value customerSearchFields in the registrations configuration group. Note that this response omits taxId because that field is always required.

Properties

Name	Description
Customer Search Fields (v1.1.1)	object The set of form fields that the client should prompt from the user and pass to the searchForCustomer operation (via the customerSearchRequest model schema. Fields marked as required must be presented to the user, and the user's response passed in the request body. Fields marked as none must not be presented in the form or passed. The financial institution can configure these in the configuration value customerSearchFields in the registrations configuration group. Note that this response omits taxId because that field is always required.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
taxId	customerSearchField Indicates if the financial institution requires the user to fill out the birthdate field in the customer search form. Always present with the value field: required.
birthdate	customerSearchField Indicates if the financial institution requires the user to fill out the birthdate field in the customer search form.
firstName	customerSearchField Indicates if the financial institution requires the user to fill out the first name field in the customer search form.
idCard	customerSearchField Indicates if the financial institution requires the user to fill out the identification card field in the customer search form.
lastName	customerSearchField Indicates if the financial institution requires the user to fill out the last name field in the customer search form.
passport	customerSearchField Indicates if the financial institution requires the user to fill out the passport field in the customer search form.

customerSearchIdCard

{
  "_encryption": {
    "number": "sensitive-48729783"
  },
  "expiration": "2024-12-01",
  "number": "<encrypted-value-of-id-card-number>",
  "region": "NC"
}

Customer Search ID Card (v1.0.1)

The ID Card data passed for customer search.

Properties

Name	Description
Customer Search ID Card (v1.0.1)	object The ID Card data passed for customer search.
_encryption	encryptionMetadata (required) Metadata about the encrypted properties in this object.
expiration	string(date) (required) The date when the form of identification expires, in RFC 3339 YYYY-MM-DD format. format: date
number	string (required) The full ID card number as a string. The value of number in requests must be encrypted with the sensitive encryption key.
region	string (required) The state, region, or country that issued the state ID card. minLength: 2 maxLength: 32

customerSearchPassport

{
  "_encryption": {
    "number": "sensitive-48729783"
  },
  "countryCode": "US",
  "expiration": "2024-12-01",
  "number": "<encrypted-value-of-passport-number>"
}

Customer Search Passport (v1.0.1)

The passport data passed for customer search.

Properties

Name	Description
Customer Search Passport (v1.0.1)	object The passport data passed for customer search.
_encryption	encryptionMetadata (required) Metadata about the encrypted properties in this object
countryCode	string (required) The ISO 3166-1 alpha-2 country code for the passport's country of issue. minLength: 2 maxLength: 2
expiration	string(date) (required) The date when the form of identification expires, in RFC 3339 YYYY-MM-DD format. format: date
number	string (required) The full passport number as a string. The value of number in requests must be encrypted with the sensitive encryption key.

customerSearchRequest

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "taxId": "sensitive-48729783"
  },
  "birthdate": "1974-10-27",
  "idCard": {
    "_encryption": {
      "cardNumber": "sensitive-48729783"
    },
    "expiration": "2024-12-01",
    "number": "<encrypted-value-of-id-card-number>",
    "region": "NC"
  },
  "lastName": "Peterson",
  "taxId": "<encrypted-value-of-tax-id-number>"
}

Customer Search Request (v2.0.0)

Request body used to search for a customer/user. This request contains a set of personally identifiable data about a possible customer of the financial institution. The response from the getCustomerSearchFields provides the subset of fields in this schema that the financial institution requires or allows to match existing customers. The taxId is always required.

Note that the taxId, passport.number and idCard.number, if requested, must be encrypted in the client with the sensitive encryption key before invoking this operation. Use the getEncryptionKeys operation to get the sensitive key.

Properties

Name	Description
Customer Search Request (v2.0.0)	object Request body used to search for a customer/user. This request contains a set of personally identifiable data about a possible customer of the financial institution. The response from the getCustomerSearchFields provides the subset of fields in this schema that the financial institution requires or allows to match existing customers. The taxId is always required. Note that the taxId, passport.number and idCard.number, if requested, must be encrypted in the client with the sensitive encryption key before invoking this operation. Use the getEncryptionKeys operation to get the sensitive key.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_encryption	encryptionMetadata (required) Metadata about the encrypted password property.
birthdate	string(date) The user's birth date in RFC 3339 YYYY-MM-DD date format. format: date
firstName	string The user's first name. minLength: 2 maxLength: 80
idCard	customerSearchIdCard An unexpired state, region, or nationally issued identification card, including a driver's license.
lastName	string The user's last name. minLength: 2 maxLength: 80
passport	customerSearchPassport Details of an unexpired national passport.
postalCode	string The mailing address postal code, such as a US Zip or Zip+4 code, or a Canadian postal code. minLength: 5 maxLength: 10
taxId	string (required) The user's full tax ID. The value of taxId in requests must be encrypted with the sensitive encryption key. minLength: 4
captcha	authenticationCaptcha (required) The completed client-side CAPTCHA (Completely Automatic Public Turing Test to Tell Computers and Humans Apart) which established the request as a valid interactive request. The service will verify this data to ensure only valid clients call this operation. This schema was resolved from auth/authenticationCaptcha.

encryptionKey

{
  "name": "secret",
  "publicKey": "-----BEGIN RSA PUBLIC KEY-----\\nMIIBCgKCAQEAl2/fCtf69EnMqw6O/6Wh9wFvKW80jjNfXEWbHh0cnWKW1i0Heg0B...\\n-----END RSA PUBLIC KEY-----",
  "alias": "secret-48729783",
  "createdAt": "2020-03-09T05:01:16.375Z",
  "expiresAt": "2020-03-09T05:01:53.375Z"
}

Encryption Key (v1.0.1)

A rotating public encryption key. See Encryption for additional details.

This schema was resolved from common/encryptionKey.

Properties

Name	Description
Encryption Key (v1.0.1)	object A rotating public encryption key. See Encryption for additional details. This schema was resolved from common/encryptionKey.
name	encryptionKeyName The name of an encryption key; this identifies the type of data the key encrypts, such as pii for personally identifying information, secret for passwords or other secret data. The type name is taken from the x-apiture-encrypt annotation on the property in the JSON schema or chosen by the client when requesting encryption keys. minLength: 3 maxLength: 10 pattern: "^[a-z][a-zA-Z0-9]{2,9}$"
publicKey	string The ASCII encoded public encryption key that the client uses to encrypt data. This is half of the asymmetric public/private key pair. This is a mult-line string with key bopokends and embedded line breaks.
alias	string An alias for the actual rotating key. Keys rotate every few minutes. The alias identifies a specific instance of an active public/private key pair. This alias must be set in the _encryption metadata (see encryptionMetadata). The value of the alias is the concatenation of the name, a dash -, and some additional characters which identify the specific key rotation. minLength: 6 maxLength: 19 pattern: "^[a-z][a-zA-Z0-9]{2,11}-.{2,8}$"
createdAt	string(date-time) The date-time when the encryption key was created, in RFC 3339 date-time format. format: date-time
expiresAt	string(date-time) The date-time when the encryption key will expire. If this expiration time has passed or is less than 60 seconds away, the client should fetch updated encryption keys. RFC 3339 date-time format. format: date-time

encryptionKeyName

"secret"

Encryption Key Name (v1.0.1)

An encryption key name identifies the type of data that the client wishes to encrypt, such as pii for personally identifying information, secret for passwords or other secret data. The type name is taken from the x-apiture-encrypt annotation on the property in the JSON schema or chosen by the client when requesting encryption keys.

This schema was resolved from common/encryptionKeyName.

type: string

minLength: 3
maxLength: 10
pattern: "^[a-z][a-zA-Z0-9]{2,9}$"

encryptionKeys

{
  "_profile": "https://production.api.apiture.com/schemas/common/encryptionKeys/v1.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "keys": {
    "pii": {
      "name": "sensitive",
      "publicKey": "-----BEGIN RSA PUBLIC KEY-----\\nMIIBCgKCAQEAwh8kIf3rM4FtehDl+WM1egDdxccXFLNPBUvgpbAISnEh373M4vdN...\\n-----END RSA PUBLIC KEY-----",
      "alias": "sensitive-47839398",
      "createdAt": "2020-03-09T05:01:16.375Z",
      "expiresAt": "2020-03-09T05:01:53.375Z"
    },
    "secret": {
      "name": "secret",
      "publicKey": "-----BEGIN RSA PUBLIC KEY-----\\nMIIBCgKCAQEAl2/fCtf69EnMqw6O/6Wh9wFvKW80jjNfXEWbHh0cnWKW1i0Heg0B...\\n-----END RSA PUBLIC KEY-----",
      "alias": "secret-48729783",
      "createdAt": "2020-03-09T05:01:16.375Z",
      "expiresAt": "2020-03-09T05:01:53.375Z"
    }
  }
}

Encryption Keys (v1.1.1)

A set of rotating public encryption keys that the client may use to encrypt sensitive or secret data before sending it to the service. The client only has access to the public key and only the service can decrypt the data. Such keys typically expire after several minutes.

This schema was resolved from common/encryptionKeys.

Properties

Name	Description
Encryption Keys (v1.1.1)	object A set of rotating public encryption keys that the client may use to encrypt sensitive or secret data before sending it to the service. The client only has access to the public key and only the service can decrypt the data. Such keys typically expire after several minutes. This schema was resolved from common/encryptionKeys.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
keys	object A map of encryption keys. The map's keys are the key name; the values are encryption key objects.
» Encryption Key (v1.0.1)	encryptionKey A rotating public encryption key. See Encryption for additional details. This schema was resolved from common/encryptionKey.

encryptionMetadata

{
  "property1": "string",
  "property2": "string"
}

Encryption Metadata (v1.0.2)

Metadata about encrypted data within a JSON object in a request body. This _encryption object is a peer of the encrypted data. Each nested object that contains encrypted properties has it's own _encryption object.

This object is a map of string property names → string encryption key alias. The keys are names of the encrypted and Base64 encoded property. Each value is the alias of the rotating public encryption key that the client used to encrypt the named property. See Encryption for additional details.

This schema was resolved from common/encryptionMetadata.

Properties

Name	Description
Encryption Metadata (v1.0.2)	object Metadata about encrypted data within a JSON object in a request body. This _encryption object is a peer of the encrypted data. Each nested object that contains encrypted properties has it's own _encryption object. This object is a map of string property names → string encryption key alias. The keys are names of the encrypted and Base64 encoded property. Each value is the alias of the rotating public encryption key that the client used to encrypt the named property. See Encryption for additional details. This schema was resolved from common/encryptionMetadata.
additionalProperties	string

error

{
  "_id": "2eae46e1575c0a7b0115a4b3",
  "message": "Descriptive error message...",
  "statusCode": 422,
  "type": "errorType1",
  "remediation": "Remediation string...",
  "occurredAt": "2018-01-25T05:50:52.375Z",
  "errors": [
    {
      "_id": "ccdbe2c5c938a230667b3827",
      "message": "An optional embedded error"
    },
    {
      "_id": "dbe9088dcfe2460f229338a3",
      "message": "Another optional embedded error"
    }
  ],
  "_links": {
    "describedby": {
      "href": "https://developer.apiture.com/errors/errorType1"
    }
  }
}

Error (v2.1.0)

Describes an error in an API request or in a service called via the API.

This schema was resolved from common/error.

Properties

Name	Description
Error (v2.1.0)	object Describes an error in an API request or in a service called via the API. This schema was resolved from common/error.
message	string (required) A localized message string describing the error condition.
_id	string A unique identifier for this error instance. This may be used as a correlation ID with the root cause error (i.e. this ID may be logged at the source of the error). This is is an opaque string. read-only
statusCode	integer The HTTP status code associate with this error. minimum: 100 maximum: 599
type	string An error identifier which indicates the category of error and associate it with API support documentation or which the UI tier can use to render an appropriate message or hint. This provides a finer level of granularity than the statusCode. For example, instead of just 400 Bad Request, the type may be much more specific. such as integerValueNotInAllowedRange or numericValueExceedsMaximum or stringValueNotInAllowedSet.
occurredAt	string(date-time) An RFC 3339 UTC time stamp indicating when the error occurred. format: date-time
attributes	attributes Informative values or constraints which describe the error. For example, for a value out of range error, the attributes may specify the minimum and maximum values. This allows clients to present error messages as they see fit (the API does not assume the client/presentation tier). The set of attributes varies by error type. Additional Properties: true
remediation	string An optional localized string which provides hints for how the user or client can resolve the error.
errors	array: [error] An optional array of nested error objects. This property is not always present. items: object

errorResponse

{
  "_profile": "https://production.api.apiture.com/schemas/common/errorResponse/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "Description of the error will appear here.",
    "statusCode": 422,
    "type": "specificErrorType",
    "attributes": {
      "value": "Optional attribute describing the error"
    },
    "remediation": "Optional instructions to remediate the error may appear here.",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://production.api.apiture.com/errors/specificErrorType"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Error Response (v2.1.0)

Describes an error response, typically returned on 4xx or 5xx errors from API operations. The _error object contains the error details.

This schema was resolved from common/errorResponse.

Properties

Name	Description
Error Response (v2.1.0)	object Describes an error response, typically returned on 4xx or 5xx errors from API operations. The _error object contains the error details. This schema was resolved from common/errorResponse.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only

link

{
  "href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
  "title": "Application"
}

Link (v1.0.0)

Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.

This schema was resolved from common/link.

Properties

Name	Description
Link (v1.0.0)	object Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property. This schema was resolved from common/link.
href	string(uri) (required) The URI or URI template for the resource/operation this link refers to. format: uri
type	string The media type for the resource.
templated	boolean If true, the link's href is a URI template.
title	string An optional human-readable localized title for the link.
deprecation	string(uri) If present, the containing link is deprecated and the value is a URI which provides human-readable text information about the deprecation. format: uri
profile	string(uri) The URI of a profile document, a JSON document which describes the target resource/operation. format: uri

links

{
  "property1": {
    "href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
    "title": "Application"
  },
  "property2": {
    "href": "https://api.devbank.apiture.com/applications/application/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
    "title": "Application"
  }
}

Links (v1.0.0)

An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

This schema was resolved from common/links.

Properties

Name	Description
Links (v1.0.0)	object An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
Link (v1.0.0)	link Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property. This schema was resolved from common/link.

preferredUserCredentials

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractRequest/v2.0.0/profile.json",
  "_links": {},
  "_encryption": {
    "password": "secret-48729783"
  },
  "password": "d498b282ccd1e70d8676184b3eda51eea4e99baacb92e6d69df2fd05a98d511f",
  "username": "a-conservative-saver"
}

Preferred User Credentials (v1.0.1)

The user's preferred login credentials.

Note that the password property must be encrypted with the secret key. Use the getEncryptionKeys operation to get the secret key.

Properties

Name	Description
Preferred User Credentials (v1.0.1)	object The user's preferred login credentials. Note that the password property must be encrypted with the secret key. Use the getEncryptionKeys operation to get the secret key.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_encryption	encryptionMetadata (required) Metadata about the encrypted password property.
emailAddress	string(email) The user's email address. format: email
mobilePhoneNumber	string The user's phone number, as a string. The service strips all spaces, hyphens, periods and parentheses from input. The default country code prefix is +1. minLength: 8 maxLength: 20
password	string(encrypted-password) (required) The user's encrypted new password. The client should prompt the user for their new password, then encrypt it with the secret encryption key. format: encrypted-password
username	string(username) (required) The user's preferred username. format: username minLength: 2 maxLength: 64

preferredUserCredentialsResponse

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Preferred User Credentials Response (v1.0.1)

Response success when a new user submits their preferred username and password.

Properties

Name	Description
Preferred User Credentials Response (v1.0.1)	object Response success when a new user submits their preferred username and password.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
username	string(username) The user's accepted username. format: username minLength: 2 maxLength: 64

root

{
  "_profile": "https://production.api.apiture.com/schemas/common/root/v2.1.1/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  },
  "id": "apiName",
  "name": "API name",
  "apiVersion": "1.0.0"
}

API Root (v2.1.1)

A HAL response, with hypermedia _links for the top-level resources and operations in API.

This schema was resolved from common/root.

Properties

Name	Description
API Root (v2.1.1)	object A HAL response, with hypermedia _links for the top-level resources and operations in API. This schema was resolved from common/root.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
_id	string This API's unique ID. read-only
name	string This API's name.
apiVersion	string This API's version.

summaryChallenge

{
  "_profile": "https://production.api.apiture.com/schemas/common/abstractResource/v2.1.0/profile.json",
  "_links": {
    "self": {
      "href": "https://api.devbank.apiture.com/apiName/resourceName/resourceId"
    }
  }
}

Summary Challenge (v1.1.0)

Summary representation of a challenge, used in the challenge collection.

This schema was resolved from auth/summaryChallenge.

Properties

Name	Description
Summary Challenge (v1.1.0)	object Summary representation of a challenge, used in the challenge collection. This schema was resolved from auth/summaryChallenge.
_links	links An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations. This schema was resolved from common/links.
_embedded	object An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile	string(uri) The URI of a resource profile which describes the representation. read-only format: uri
_error	error An object which describes an error. This value is omitted if the operation succeeded without error. read-only
reason	string The reason the application or service has issued a challenge requesting the user verify their identity. This is for labeling or informational purposes.
contextUri	string(uri) The URI of a resource that establishes the context in which the user is asked to authenticate their identity. For example, for this may be for a pending transfer, a user's mailing address, or an account if adding a joint owner. format: uri maxLength: 2048
userId	string The user ID of the user who is requested to verify their identity. The default is the userID of the authenticated person creating the challenge.
minimumAuthenticatorCount	integer The minimum number of different authenticators the user must verify in order to satisfy the identity challenge. The default is 1. minimum: 0 maximum: 4
maximumRedemptionCount	integer The maximum number of times the challenge may be used or redeemed. The default is 1. minimum: 1
_id	string The unique identifier for this challenge resource. This is an immutable opaque string assigned upon creation. read-only
redemptionCount	integer How many times the challenge has been redeemed. read-only
state	challengeState The state of this authenticator. read-only enum values: pending, started, verified, failed, redeemed, expired
createdAt	string(date-time) The time stamp when challenge was created, in RFC 3339 UTC date-time format (YYYY-MM-DDThh:mm:ss.sssZ). read-only format: date-time

---