openapi: 3.0.0 info: title: CIB XS2A Services description: | CIB XS2A Services based on Berlin Group spec. v1.3.4 Implemented additional services: - Confirmation of Funds Consent v2.0 - Account Owner Name Service v1.0 version: 1.3.0 externalDocs: description: | Full Documentation of NextGenPSD2 Access to Account Interoperability Framework (General Introduction Paper, Operational Rules, Implementation Guidelines) url: https://www.berlin-group.org/nextgenpsd2-downloads servers: - url: /psd2sandbox/v1 # Remove this line for cib.hu description: PSD2 sandbox backend # Remove this line for cib.hu - url: /psd2live/v1 # Remove this line for cib.hu description: PSD2 live backend # Remove this line for cib.hu - url: https://api-test.cib.hu/v1 description: PSD2 sandbox API - url: https://api.cib.hu/v1 description: PSD2 live API tags: - name: account-information-service description: AISP - name: consent-service description: AISP and COF consent - name: payment-instrument-issuing-service description: PIISP (COF) - name: payment-initiation-service description: PISP components: parameters: # Header parameters tpp-registration-number-header-param: in: header name: tpp-registration-number description: TTP registration number required: true schema: type: string x-request-id-header-param: in: header name: X-Request-ID description: ID of the request, unique to the call, as determined by the initiating party. required: true schema: type: string consent-id-header-param: in: header name: Consent-ID description: The consent identification assigned of the consent. required: true schema: $ref: '#/components/schemas/consentId' psu-ip-address-header-param: in: header name: PSU-IP-Address description: The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP. required: true schema: type: string psu-id-header-param: in: header name: PSU-ID description: Required value if service is retail customer related. schema: type: string example: 'X' # Path parameters # internal note: Path paramétereket nem lehet tipizálni mert a generáló nem megfelelő kódot generál consent-id-path-param: in: path name: consent-id description: The consent identification assigned of the consent. required: true schema: type: string #$ref: '#/components/schemas/consentId' authorisation-id-path-param: in: path name: authorisation-id description: The authorisation identification assigned of the resource. required: true schema: type: string #$ref: '#/components/schemas/authorisationId' account-id-path-param: in: path name: account-id required: true schema: $ref: '#/components/schemas/accountId' payment-service-path-param: in: path name: payment-service description: Payment service. (PaymentServiceEnum) required: true schema: type: string payment-product-path-param: in: path name: payment-product description: Payment product. (PaymentProductEnum) required: true schema: type: string payment-id-path-param: in: path name: payment-id required: true schema: $ref: '#/components/schemas/paymentId' # Query parameters # internal note: Query paramétereket nem lehet tipizálni mert a generáló nem megfelelő kódot generál with-balance-query_param: in: query name: withBalance schema: type: boolean default: false date-from-query-param: in: query name: dateFrom description: Starting date (inclusive the date dateFrom) of the transaction list. (default value is current date - 6 months) schema: type: string date-to-query-param: in: query name: dateTo description: End date (inclusive the data dateTo) of the transaction list. (default value is current date) schema: type: string booking-status-query-param: in: query name: bookingStatus description: | Booking status of transactions Valid values are in defined in BookingStatusForGetAccountTransactionsEnum required: true schema: type: string headers: X-Request-ID: schema: type: string format: uuid required: true Location: schema: type: string format: uri required: true schemas: # Enums TPPMessageCategoryEnum: description: TPP message categories (EBA standard) type: string enum: - ERROR - WARNING TransactionStatusEnum: description: | The transaction status is filled with codes of the ISO 20022 data table: - 'ACCP': 'AcceptedCustomerProfile' - Preceding check of technical validation was successful. Customer profile check was also successful. - 'ACSC': 'AcceptedSettlementCompleted' - Settlement on the debtor’s account has been completed. **Usage:** this can be used by the first agent to report to the debtor that the transaction has been completed. **Warning:** this status is provided for transaction status reasons, not for financial information. It can only be used after bilateral agreement. - 'ACSP': 'AcceptedSettlementInProcess' - All preceding checks such as technical validation and customer profile were successful and therefore the payment initiation has been accepted for execution. - 'ACTC': 'AcceptedTechnicalValidation' - Authentication and syntactical and semantical validation are successful. - 'ACWC': 'AcceptedWithChange' - Instruction is accepted but a change will be made, such as date or remittance not sent. - 'ACWP': 'AcceptedWithoutPosting' - Payment instruction included in the credit transfer is accepted without being posted to the creditor customer’s account. - 'RCVD': 'Received' - Payment initiation has been received by the receiving agent. - 'PDNG': 'Pending' - Payment initiation or individual transaction included in the payment initiation is pending. Further checks and status update will be performed. - 'RJCT': 'Rejected' - Payment initiation or individual transaction included in the payment initiation has been rejected. - 'CANC': 'Cancelled' Payment initiation has been cancelled before execution type: string enum: - ACCP - ACSC - ACSP - ACTC - ACWC - RCVD - PDNG - RJCT - CANC SCAStatusEnum: description: SCA statuses (EBA standard) type: string enum: - received - psuIdentified - psuAuthenticated - scaMethodSelected - started - finalised - failed - exempted ConsentStatusEnum: description: Constent statuses (EBA standard) externalDocs: url: http://confluence.cib.hu/display/PROJS/Consent+Statuses type: string enum: - received - rejected - partiallyAuthorised - valid - revokedByPsu - expired - terminatedByTpp AuthenticationTypeEnum: description: Authentication types (EBA standard) type: string enum: - SMS_OTP - CHIP_OTP - PHOTO_OTP - PUSH_OTP OTPFormatEnum: description: Authentication types (EBA standard) type: string enum: - characters - integer AccountStatusEnum: description: Account statuses (EBA standard) type: string enum: - enabled - deleted - blocked AccountUsageEnum: description: Account usage types (EBA standard) type: string enum: - PRIV - ORGA BalanceTypeEnum: description: Account usage types (ISO standard) type: string enum: - closingAvailable - closingBooked - expected - authorised - openingAvailable - openingBooked - interimAvailable - interimBooked - forwardAvailable - nonInvoiced - previouslyClosedBooked NonISOBalanceTypeEnum: description: Account usage types (non ISO standard) type: string enum: - availableCredit - creditLimit - blocked - overdue - minimumRepayment - overdraft AllAccountAccessTypeEnum: type: string enum: - allAccounts CardTypeEnum: type: string enum: - debit - credit TransactionCategoryEnum: type: string enum: - POS_ATM - TRANSFER - AUTOMATIC_DEBIT - BRANCH_TRANSACTION - SALARY - FEE_INTEREST - INVESTMENT - ATM - INTERNET_BANKING - TREMA - CASH_PAYMENT_TO_NATURAL_PERSON_WITHOUT_CONVERSION - PAYMENT_OUTSIDE_OF_BANK_AND_TO_LEGAL_PERSONS_IN_BANK - TRANSACTIONS_BETWEEN_CLIENTS_ACCOUNTS - TRANSACTIONS_BETWEEN_TWO_CLIENTS - LOAN - OTHER HungarianTransferOptionalFieldTypeEnum: type: string description: | CIB specific IG2 optional field type. - 'PRIV': Private - 'ORG': Organization enum: - PRIV - ORG CardStatusEnum: type: string description: | CIB specific bank card status type. - 'active': active bank card enum: - active FrequencyCodeEnum: description: | Account usage types (EBA standard) The value "EveryTwoMonths" is not supported. type: string enum: - Daily - Weekly - EveryTwoWeeks - Monthly - EveryTwoMonths - Quarterly - SemiAnnual - Annual PaymentProductEnum: type: string description: | Products "hungarian-credit-transfers" and "fx-credit-transfers" are CIB specific. Products "sepa-credit-transfers" and "fx-credit-transfers" are not supported for "periodic-payments" services. enum: - hungarian-credit-transfers - sepa-credit-transfers - fx-credit-transfers PaymentServiceEnum: type: string description: | The value "bulk-payments" is not supported. enum: - payments - bulk-payments - periodic-payments PeriodicPaymentExecutionRuleEnum: description: Usage of this values are not supported. type: string enum: - following - preceeding ChargeBearerEnum: type: string description: | This is following ChargeBearerType1Code from ISO20022. - 'DEBT': All transaction charges are to be borne by the debtor. - 'CRED': All transaction charges are to be borne by the creditor. - 'SHAR': In a credit transfer context, means that transaction charges on the sender side are to be borne by the debtor, transaction charges on the receiver side are to be borne by the creditor. - 'SLEV': Charges are to be applied following the rules agreed in the service level and/or scheme. enum: - DEBT - CRED - SHAR - SLEV SecondaryIdTypeEnum: type: string description: | Type of secondary id. (CIB specific) - 'MBNB': Mobile number - 'EMAL': E-mail - 'TXNB': Tax number (only for corporate customers) - 'TXID': Tax ID (only for retail customers) enum: - MBNB - EMAL - TXNB - TXID RateTypeEnum: type: string enum: - SPOT - SALE - AGRD FXPaymentFulfillmentNotificationLanguageEnum: description: Language of FX payment fulfillment notification type: string enum: - HU - EN - DE currencyCode: description: ISO 4217 Alpha 3 currency code type: string pattern: '[A-Z]{3}' example: 'EUR' iban: type: string description: IBAN of an account pattern: '[A-Z]{2,2}[0-9]{2,2}[a-zA-Z0-9]{1,30}' example: 'HU65107005364841990167117110' bban: type: string description: BBAN of an account pattern: '[0-9]{1,24}' example: '107005364841990167117110' maskedPan: type: string description: Masked Primary Account Number maxLength: 35 example: "1234xxxxxxxx1234" countryCode: description: ISO 3166 ALPHA2 country code type: string pattern: "[A-Z]{2}" maxLength: 2 example: "HU" RemittanceInformationStructured: description: | Structured remittance information Such data is not supported. type: object required: - reference properties: reference: type: string maxLength: 35 referenceType: type: string maxLength: 35 referenceIssuer: type: string maxLength: 35 RemittanceInformationUnstructured: description: Unstructured remittance information type: string maxLength: 140 example: "salary" accountId: description: This identification is denoting the addressed account, where the transaction has been performed. type: string example: "rec25ef523-f9de-4d8f-9738-c6127370b172" consentId: description: ID of the corresponding consent object as returned by an Account Information Consent Request. type: string example: "co139c33d4-394a-4a23-bdc1-1cf2bbefd4f1" resourceId: description: This identification is given by the attribute resourceId of the corresponding entry of a transaction list. type: string transactionId: description: This identification is given by the attribute transactionId of the corresponding entry of a transaction list. type: string paymentId: description: Resource identification of a payment initiation resource. type: string example: "py409cad8f-1d22-4cab-ba82-85cc78238b1b" authorisationId: description: Resource identification of the related SCA type: string example: "auedaa06c6-bd38-42d2-8005-6ce45ceef67a" BaseResponse: type: object properties: tppMessages: type: array items: $ref: '#/components/schemas/TPPMessage' psuMessage: type: string description: Text to be displayed to the PSU TPPMessage: type: object properties: category: $ref: '#/components/schemas/TPPMessageCategoryEnum' # Message category code: type: string description: Message code path: type: string text: type: string description: Message text required: - category - code ErrorInformation: type: object properties: title: type: string description: | Short human readable description of error type. Could be in local language. detail: type: string description: Detailed human readable text specific to this instance of the error. code: type: string description: Message code to explain the nature of the underlying error. required: - code Address: type: object properties: streetName: type: string description: Street buildingNumber: type: string description: Building number townName: type: string description: City postcode: type: string description: Postal code country : $ref: '#/components/schemas/countryCode' required: - country HrefLink: type: object properties: href: type: string format: uri description: Href required: - href Links: type: object properties: scaRedirect: $ref: '#/components/schemas/HrefLink' # A link to an ASPSP site where SCA is performed within the Redirect SCA approach. scaOAuth: $ref: '#/components/schemas/HrefLink' # The link refers to a JSON document specifying the OAuth details of the ASPSP’s authorisation server. # JSON document follows the definition given in https://tools.ietf.org/html/draft-ietfoauth-discovery. startAuthorisation: $ref: '#/components/schemas/HrefLink' # A link to an endpoint, where the authorisation of a transaction or the authorisation of a transaction cancellation # NextGenPSD2 XS2A Framework – Implementation Guidelines Complex Data Types and Code Lists # Published by the Berlin Group under Creative Commons Attribution-NoDerivatives 4.0 International Public License Page 198 # (ref. License Notice for full license conditions) shall be started. No specific data is needed for this process start. startAuthorisationWithPsuIdentification: $ref: '#/components/schemas/HrefLink' # The link to an endpoint where the authorisation of a transaction or of a transaction cancellation shall be started, # where PSU identification shall be uploaded with the corresponding call. updatePsuIdentification: $ref: '#/components/schemas/HrefLink' # The link to the payment initiation or account information resource, which needs to be updated by the PSU identification if not delivered yet. startAuthorisationWithProprietaryData: $ref: '#/components/schemas/HrefLink' # A link to the endpoint, where the authorisation of a transaction or of a transaction cancellation shall be started, # and where proprietary data needs to be updated with this call. The TPP can find the scope of missing proprietary data in the ASPSP documentation. # The usage of this hyperlink is not further specified in the specification but is used analogously to e.g. the startAuthorisation withPsuIdentification hyperlink. updateProprietaryData: $ref: '#/components/schemas/HrefLink' # The link to the payment initiation or account information resource, which needs to be updated by the proprietary data. startAuthorisationWithPsuAuthentication: $ref: '#/components/schemas/HrefLink' # The link to an endpoint where the authorisation of a transaction or of a transaction cancellation shall be started, # where PSU authentication data shall be uploaded with the corresponding call. updatePsuAuthentication: $ref: '#/components/schemas/HrefLink' # The link to the payment initiation or account information resource, which needs to be updated by a PSU password and eventually the # PSU identification if not delivered yet. startAuthorisationWithEncryptedPsuAuthentication: $ref: '#/components/schemas/HrefLink' # A link to an endpoint, where an TransactionAuthorisation authorisation of a transaction or a cancellation can be started, # and where the response data for the challenge is uploaded in the same call for the transaction authorisation or # transaction cancellation at the same time in the Embedded SCA Approach. updateEncryptedPsuAuthentication: $ref: '#/components/schemas/HrefLink' # The link to an endpoint where the authorisation of a transaction or of a transaction cancellation shall be started, # where encrypted PSU authentication data shall be uploaded with the corresponding call. startAuthorisationWithTransactionAuthorisation: $ref: '#/components/schemas/HrefLink' # A link to an endpoint, where an authorisation of a transaction or a cancellation can be started, and where the response data for the challenge is uploaded # in the same call for the transaction authorisation or transaction cancellation at the same time in the Embedded SCA Approach. selectAuthenticationMethod: $ref: '#/components/schemas/HrefLink' # This is a link to a resource, where the TPP can select the applicable second factor authentication methods for the PSU, # if there were several available authentication methods. authoriseTransaction: $ref: '#/components/schemas/HrefLink' # The link to the payment initiation or consent resource, where the Transaction Authorisation Request is sent to. # This is the link to the resource which will authorise the payment or the consent by checking the SCA authentication data within the Embedded SCA approach. self: $ref: '#/components/schemas/HrefLink' # The link to the payment initiation resource created by the request itself. # This link can be used later to retrieve the transaction status of the payment initiation. status: $ref: '#/components/schemas/HrefLink' # A link to retrieve the status of the transaction resource. scaStatus: $ref: '#/components/schemas/HrefLink' # A link to retrieve the status of the authorisation or cancellation-authorisation sub-resource. account: $ref: '#/components/schemas/HrefLink' # A link to the resource providing the details of one account balances: $ref: '#/components/schemas/HrefLink' # A link to the resource providing the balance of a dedicated account. transactions: $ref: '#/components/schemas/HrefLink' # A link to the resource providing the transaction history of a dedicated account. transactionDetails: $ref: '#/components/schemas/HrefLink' # A link to the resource providing details of a dedicated transaction. first: $ref: '#/components/schemas/HrefLink' # Navigation link for paginated account reports. next: $ref: '#/components/schemas/HrefLink' # Navigation link for paginated account reports. previous: $ref: '#/components/schemas/HrefLink' # Navigation link for paginated account reports. last: $ref: '#/components/schemas/HrefLink' # Navigation link for paginated account reports. download: $ref: '#/components/schemas/HrefLink' # Download link for huge AIS data packages. Challenge: type: object properties: image: type: string description: | NG data (max. 512 kilobyte) to be displayed to the PSU, Base64 encoding, cp. [RFC4648]. This attribute is used only, when PHOTO_OTP or CHIP_OTP is the selected SCA method. data: type: string description: Challenge data imageLink: type: string description: A link where the ASPSP will provides the challenge image for the TPP. otpMaxLength: type: integer description: The maximal length for the OTP to be typed in by the PSU. otpFormat: $ref: '#/components/schemas/OTPFormatEnum' # The format type of the OTP to be typed in. The admitted values are characters or integer. additionalInformation: type: string description: Additional explanation for the PSU to explain e.g. fallback mechanism for the chosen SCA method. The TPP is obliged to show this to the PSU. MerchantCategoryCode: type: object properties: value: type: string description: Category code conform to ISO 18245 AmountWithCurrency: type: object properties: currency: $ref: '#/components/schemas/currencyCode' amount: type: number required: - currency - amount BankTransactionCode: type: object description: | This code type is concatenating the three ISO20022 Codes Domain Code, Family Code and SubFamiliy Code by hyphens, resulting in DomainCode-FamilyCode-SubFamilyCode. PMNT-RCDT-ESCT defining a transaction assigned to the PayMeNT Domain (PMNT), belonging to the family of ReceivedCreDitTransfer (RCDT) that facilitated the EuropeanSEPACreditTransfer (ESCT) properties: value: type: number AccountReference: description: | Reference to an account by either - IBAN - BBAN - maskedPAN type: object properties: currency: $ref: '#/components/schemas/currencyCode' # The currency of the account is needed, where the currency is an account characteristic identifying certain sub-accounts under one external identifier like an IBAN. # These sub-accounts are separated accounts from a legal point of view and have separated balances, transactions etc. # CIB Bank doesn't offer such multi currency accounts therefore the use of this field is not supported. AccountReferenceIban: description: IBAN of an account allOf: - $ref: '#/components/schemas/AccountReference' - type: object properties: iban: $ref: "#/components/schemas/iban" required: - iban AccountReferenceBban: description: Basic Bank Account Number (BBAN) Identifier allOf: - $ref: '#/components/schemas/AccountReference' - type: object properties: bban: $ref: "#/components/schemas/bban" required: - bban AccountReferenceMaskedPan: description: Masked Primary Account Number allOf: - $ref: '#/components/schemas/AccountReference' - type: object properties: iban: $ref: "#/components/schemas/maskedPan" required: - maskedPan PurposeCode: type: object properties: entryReference: type: string description: Is the identification of the transaction as used e.g. for reference for deltafunction on application level. ReportExchangeRate: type: object properties: sourceCurrency: $ref: '#/components/schemas/currencyCode' exchangeRate: type: string unitCurrency: type: string targetCurrency: $ref: '#/components/schemas/currencyCode' quotationDate: type: string format: date contractIdentification: type: string required: - sourceCurrency - exchangeRate - unitCurrency - targetCurrency - quotationDate Balance: type: object properties: balanceAmount: $ref: '#/components/schemas/AmountWithCurrency' balanceType: $ref: '#/components/schemas/BalanceTypeEnum' nonISOBalanceType: $ref: '#/components/schemas/NonISOBalanceTypeEnum' creditLimitIncluded: type: boolean description: | A flag indicating if the credit limit of the corresponding account is included in the calculation of the balance, where applicable. lastChangeDateTime: type: string format: date-time description: | This data element might be used to indicate e.g. with the expected or booked balance that no action is known on the account, which is not yet booked. Such data is not provided. referenceDate: type: string format: date description: | Reference date of the balance Such data is not provided. lastCommittedTransaction: type: string description: | entryReference of the last commited transaction to support the TPP in identifying whether all PSU transactions are already known. Such data is not provided. required: - balanceAmount TransactionOptionData: type: object properties: payerIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' payerId: type: string maxLength: 35 realPayerName: type: string maxLength: 35 realPayerIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' realPayerId: type: string maxLength: 70 beneficiaryIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' beneficiaryId: type: string maxLength: 35 realBeneficiaryName: type: string maxLength: 35 realBeneficiaryIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' realBeneficiaryId: type: string maxLength: 70 reason: type: string maxLength: 4 description: ISO code of payment reason. externalDocs: description: For valid values check the following link url: https://net.cib.hu/internetbank/ig2_jogcimek Transaction: type: object properties: transactionId: type: string description: | Transaction id (not the same id generated by PSD2 interfaces) entryReference: type: string description: | Is the identification of the transaction as used e.g. for reference for deltafunction on application level. Such data is not provided. endToEndId: type: string description: | Unique end to end identity. Such data is not provided. mandateId: type: string description: | Identification of Mandates, e.g. a SEPA Mandate ID Such data is not provided. checkId: type: string description: | Identification of a Cheque Such data is not provided. creditorId: type: string description: | Identification of Creditors, e.g. a SEPA Creditor ID Such data is not provided. bookingDate: type: string format: date description: The date when an entry is posted to an account on the ASPSPs books. valueDate: type: string format: date description: Value date of transfer. transactionAmount: $ref: '#/components/schemas/AmountWithCurrency' # Transaction amount (always a positive numeric value for credit and debit also) currencyExchange: type: array items: $ref: '#/components/schemas/ReportExchangeRate' creditorName: type: string description: Name of the creditor if a debited transaction creditorAccount: $ref: '#/components/schemas/AccountReference' #oneOf: #- $ref: "#/components/schemas/AccountReferenceIban" #- $ref: "#/components/schemas/AccountReferenceBban" ultimateCreditor: type: string description: Such data is not provided. debtorName: type: string description: Such data is not provided. debtorAccount: $ref: '#/components/schemas/AccountReference' #oneOf: #- $ref: "#/components/schemas/AccountReferenceIban" #- $ref: "#/components/schemas/AccountReferenceBban" ultimateDebtor: type: string description: Such data is not provided. remittanceInformationUnstructured: $ref: '#/components/schemas/RemittanceInformationUnstructured' remittanceInformationStructured: $ref: '#/components/schemas/RemittanceInformationStructured' # Such data is not provided. additionalInformation: type: string description: Such data is not provided. purposeCode: $ref: '#/components/schemas/PurposeCode' # Such data is not provided. bankTransactionCode: $ref: '#/components/schemas/BankTransactionCode' # Such data is not provided. proprietaryBankTransactionCode: type: string description: Such data is not provided. transactionCategory: $ref: '#/components/schemas/TransactionCategoryEnum' # CIB custom field to provide transaction category info. optionalData: $ref: '#/components/schemas/TransactionOptionData' # CIB custom field to provide optional transaction data (IG2 optional fields) secondaryIdType: $ref: '#/components/schemas/SecondaryIdTypeEnum' # CIB custom field to provide secondary id type of creditor account secondaryId: type: string maxLength: 128 description: | CIB custom field to provide secondary id of creditor account _links: $ref: '#/components/schemas/Links' # Such data is not provided. required: - transactionAmount CashAccountType: type: object description: Cash account type - ISO 20022 ExternalCashAccountType1Code properties: value: type: string CardDetails: type: object description: | CIB custom data type to provide card related informations. properties: maskedPan: $ref: '#/components/schemas/maskedPan' # masked card number type: $ref: '#/components/schemas/CardTypeEnum' # card type status: $ref: '#/components/schemas/CardStatusEnum' # card status (always active) cardHolderName: type: string description: card holder name currency: $ref: '#/components/schemas/currencyCode' # currency code interestRate: type: number description: interest rate dailyPurchaseLimit: $ref: '#/components/schemas/AmountWithCurrency' # daily purchase limit dailyCashWithdrawalLimit: $ref: '#/components/schemas/AmountWithCurrency' # daily cash withdrawal limit nextDueDate: type: string format: date description: next due date daysToNextDue: type: number description: days to next due date lastDueDate: type: string format: date description: last due date AccountDetails: type: object description: Account details properties: resourceId: $ref: '#/components/schemas/resourceId' iban: $ref: '#/components/schemas/iban' bban: $ref: '#/components/schemas/bban' msisdn: type: string description: | An alias to access a payment account via a registered mobile phone number. This alias might be needed e.g. in the payment initiation service, cp. Section 5.3.1. The support of this alias must be explicitly documented by the ASPSP for the corresponding API Calls. Such data is not provided. currency: $ref: '#/components/schemas/currencyCode' name: type: string description: Name of the account given by the bank or the PSU in Online-Banking product: type: string description: Product Name of the Bank for this account, proprietary definition cashAccountType: $ref: '#/components/schemas/CashAccountType' # ExternalCashAccountType1Code from ISO 20022 status: $ref: '#/components/schemas/AccountStatusEnum' # Account status. # If this field is not used, than the account is available in the sense of this specification. bic: type: string description: The BIC associated to the account. linkedAccounts: type: string description: | Case of a set of pending card transactions, the APSP will provide the relevant cash account the card is set up on. Such data is not provided. usage: $ref: '#/components/schemas/AccountUsageEnum' # Specifies the usage of the account. # Such data is not provided. details: type: string description: | Specifications that might be provided by the ASPSP - characteristics of the account - characteristics of the relevant card Such data is not provided. ownerName: type: string description: account owner name creditRate: type: number description: CIB custom field to provide credit rate balances: type: array items: $ref: '#/components/schemas/Balance' cards: type: array items: $ref: '#/components/schemas/CardDetails' # CIB custom field to provide card related informations. # Only active bank cards are listed. _links: $ref: '#/components/schemas/Links' # Links to balances or transactions required: - currency AccountReport: type: object description: Account report properties: booked: type: array items: $ref: '#/components/schemas/Transaction' pending: type: array items: $ref: '#/components/schemas/Transaction' _links: $ref: '#/components/schemas/Links' # The following links might be used within this context: # - account (mandatory) # - next (optional) # - previous (optional) # - last (optional) required: - _links AccountAccess: type: object description: | Account access definition Bank offered accounts (BOA) functionality is not supported. properties: accounts: type: array items: $ref: "#/components/schemas/AccountReference" #oneOf: #- $ref: "#/components/schemas/AccountReferenceIban" #- $ref: "#/components/schemas/AccountReferenceBban" # Is asking for detailed account information. balances: type: array items: $ref: "#/components/schemas/AccountReference" #oneOf: #- $ref: "#/components/schemas/AccountReferenceIban" #- $ref: "#/components/schemas/AccountReferenceBban" # Is asking for balances of the addressed accounts. transactions: type: array items: $ref: "#/components/schemas/AccountReference" #oneOf: #- $ref: "#/components/schemas/AccountReferenceIban" #- $ref: "#/components/schemas/AccountReferenceBban" # Is asking for transactions of the addressed accounts. availableAccounts: $ref: '#/components/schemas/AllAccountAccessTypeEnum' # This parameter is not supported. availableAccountsWithBalance: $ref: '#/components/schemas/AllAccountAccessTypeEnum' # This parameter is not supported. allPsd2: $ref: '#/components/schemas/AllAccountAccessTypeEnum' # This parameter is not supported. BookingStatusForGetAccountTransactionsEnum: type: string description: | The value "both" is not supported. enum: - booked - pending - both AdditionalInformationAccess: type: object description: Additional info access definition properties: ownerName: type: array items: $ref: "#/components/schemas/AccountReference" description: | The usage of this data element requires at least one of the entries "accounts", "transactions" or "balances" also to be contained in the object. Account owner info is only provided for accounts that are referenced in this list. GetAccountsResponse: description: Get accounts response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: accounts: type: array items: $ref: '#/components/schemas/AccountDetails' required: - accounts GetAccountResponse: description: Get account response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: account: $ref: '#/components/schemas/AccountDetails' required: - account GetAccountBalanceResponse: description: Get account balance response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: account: $ref: '#/components/schemas/AccountReference' #oneOf: #- $ref: "#/components/schemas/AccountReferenceIban" #- $ref: "#/components/schemas/AccountReferenceBban" balances: type: array items: $ref: '#/components/schemas/Balance' required: - balances GetAccountTransactionsResponse: description: Get account transactions response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: account: $ref: '#/components/schemas/AccountDetails' transactions: $ref: '#/components/schemas/AccountReport' sumDebitPreviousMonth: $ref: '#/components/schemas/AmountWithCurrency' # CIB custom field to provide sum debit amount of previous month # Value is only provided for booked transactions in case of withBalance = true calls. sumCreditPreviousMonth: $ref: '#/components/schemas/AmountWithCurrency' # CIB custom field to provide sum credit amount of previous month # Value is only provided for booked transactions in case of withBalance = true calls. sumDebitCurrentMonth: $ref: '#/components/schemas/AmountWithCurrency' # CIB custom field to provide sum debit amount of current month # Value is only provided for booked transactions in case of withBalance = true calls. sumCreditCurrentMonth: $ref: '#/components/schemas/AmountWithCurrency' # CIB custom field to provide sum credit amount of current month # Value is only provided for booked transactions in case of withBalance = true calls. balances: type: array items: $ref: '#/components/schemas/Balance' _links: $ref: '#/components/schemas/Links' BasePostConsentResponse: description: Post consents base response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: consentStatus: $ref: '#/components/schemas/ConsentStatusEnum' consentId: $ref: '#/components/schemas/consentId' challengeData: $ref: '#/components/schemas/Challenge' _links: $ref: '#/components/schemas/Links' required: - consentStatus - consentId - _links PostConsentRequest: type: object description: | Post consents request Without the "additionalInformation" attribute account owner name in response is not provided. properties: access: $ref: '#/components/schemas/AccountAccess' recurringIndicator: type: boolean validUntil: type: string format: date description: | Required only in case of recurring consent. In case of one off consent the consent expires automatically after 20 minutes of consent finalisation. frequencyPerDay: type: integer minimum: 1 maximum: 4 description: | In case of one off consent this value has to be 1. combinedServiceIndicator: type: boolean description: | Combination of AIS and PIS services is not supported. Only "false" value is accepted. additionalInformation: $ref: '#/components/schemas/AdditionalInformationAccess' required: - access - recurringIndicator - frequencyPerDay - combinedServiceIndicator PostConsentResponse: description: Post consents response allOf: - $ref: '#/components/schemas/BasePostConsentResponse' GetConsentStatusResponse: description: Get consents status response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: consentStatus: $ref: '#/components/schemas/ConsentStatusEnum' required: - consentStatus GetConsentResponse: description: Get consents response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: access: $ref: '#/components/schemas/AccountAccess' recurringIndicator: type: boolean validUntil: type: string format: date frequencyPerDay: type: integer lastActionDate: type: string format: date consentStatus: $ref: '#/components/schemas/ConsentStatusEnum' _links: $ref: '#/components/schemas/Links' required: - access - recurringIndicator - validUntil - frequencyPerDay - lastActionDate - consentStatus GetConsentAuthorisationsResponse: description: Get consent authoristions response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: authorisationIds: type: array items: $ref: '#/components/schemas/authorisationId' GetConsentAuthorisationResponse: description: Get consent authoristion response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: scaStatus: $ref: '#/components/schemas/SCAStatusEnum' PostConfirmationOfFundsConsentRequest: type: object description: Post confirmation of funds consents request properties: account: $ref: '#/components/schemas/AccountReference' cardNumber: type: string description: This parameter is not supported. cardExpiryDate: type: string format: date description: This parameter is not supported. cardInformation: type: string description: This parameter is not supported. registrationInformation: type: string description: This parameter is not supported. required: - account PostConfirmationOfFundsConsentResponse: description: Post confirmation of funds consents response allOf: - $ref: '#/components/schemas/BasePostConsentResponse' GetConfirmationOfFundsConsentResponse: description: Get confirmation of funds consents response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: account: $ref: '#/components/schemas/AccountReference' cardNumber: type: string description: This field is not used. cardExpiryDate: type: string format: date description: This field is not used. cardInformation: type: string description: This field is not used. registrationInformation: type: string description: This field is not used. consentStatus: $ref: '#/components/schemas/ConsentStatusEnum' required: - account PostFundsConfirmationRequest: type: object description: Post funds confirmation request properties: cardNumber: type: string maxLength: 35 description: This parameter is not supported. account: $ref: '#/components/schemas/AccountReference' #oneOf: #- $ref: "#/components/schemas/AccountReferenceIban" #- $ref: "#/components/schemas/AccountReferenceBban" payee: type: string maxLength: 70 description: This parameter is not supported. instructedAmount: $ref: '#/components/schemas/AmountWithCurrency' required: - account - instructedAmount PostFundsConfirmationResponse: description: Post funds confirmation response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: fundsAvailable: type: boolean required: - fundsAvailable bicfi: description: BICFI type: string pattern: "[A-Z]{6,6}[A-Z2-9][A-NP-Z0-9]([A-Z0-9]{3,3}){0,1}" maxLength: 11 example: "AAAADEBBXXX" FXPaymentFulfillmentNotificationMode: type: object description: Post funds confirmation request properties: swiftCopyRequested: type: boolean description: SWIFT copy is always in english fulfillmentNotificationRequested: type: boolean language: $ref: '#/components/schemas/FXPaymentFulfillmentNotificationLanguageEnum' email: type: string maxLength: 35 description: e-mail address of FX fulfillment notification or SWIFT copy fax: type: string maxLength: 16 description: | Fax number for FX fulfillment notification or SWIFT copy. First 2 number is the international call prefix (for Hungary use 36) without the + sign. example: 3611234567 postalNotificationRequested: type: boolean required: - swiftCopyRequested - fulfillmentNotificationRequested PaymentExchangeRate: type: object properties: unitCurrency: type: string exchangeRate: type: number contractIdentification: type: string rateType: $ref: '#/components/schemas/RateTypeEnum' SinglePayment: type: object description: | Each payment transaction is based on this generic payment data structure. Supported payments are: - HungarianCreditTransferIG2 (instant or value dated HUF credit transfer) - PeriodicHungarianCreditTransfer (periodic HUF credit transfer order) - SepaCreditTransfer (EUR credit transfer to an EGT country) - FXCreditTransfer (non SEPA foreign exchange transfer - transfer from or to FX account or cross border transfer) properties: endToEndIdentification: type: string description: This parameter is not supported. debtorAccount: $ref: '#/components/schemas/AccountReference' #oneOf: #- $ref: "#/components/schemas/AccountReferenceIban" #- $ref: "#/components/schemas/AccountReferenceBban" # Must be a valid CIB account number. debtorId: type: string description: This parameter is not supported. instructedAmount: $ref: '#/components/schemas/AmountWithCurrency' # Amount must be greather than zero. # For HUF payment amount must be a value without fraction. currencyOfTransfer: $ref: '#/components/schemas/currencyCode' # If provided in case of HUF transfers it has to be 'HUF' value. creditorAccount: $ref: '#/components/schemas/AccountReference' #oneOf: #- $ref: "#/components/schemas/AccountReferenceIban" #- $ref: "#/components/schemas/AccountReferenceBban" creditorAgent: $ref: "#/components/schemas/bicfi" # This parameter is not supported for HUF transfers. creditorAgentName: type: string description: This parameter is not supported for HUF transfers. creditorName: type: string maxLength: 70 description: This parameter is mandatory For FX and SEPA payments, for IG2 HUF payments, and for IG3 HUF payments without secondary id. creditorId: type: string description: This parameter is not supported. creditorAddress: $ref: '#/components/schemas/Address' # This parameter is not supported. creditorNameAndAddress: type: string description: This parameter is not supported. ultimateCreditor: type: string description: This parameter is not supported. purposeCode: $ref: '#/components/schemas/PurposeCode' # This parameter is not supported. chargeBearer: $ref: '#/components/schemas/ChargeBearerEnum' # This parameter is only supported for "fx-credit-transfers" product remittanceInformationUnstructured: $ref: '#/components/schemas/RemittanceInformationUnstructured' remittanceInformationUnstructuredArray: type: array items: $ref: '#/components/schemas/RemittanceInformationUnstructured' # This parameter is not supported. remittanceInformationStructured: $ref: '#/components/schemas/RemittanceInformationStructured' # This parameter is not supported. requestedExecutionDate: type: string format: date description: | Can't be a past date. It has to be a valid banking day. If not provided an instant payment will be executed not a value dated transfer. requestedExecutionTime: type: string format: date-time description: This parameter is not supported. exchangeRateInformation: $ref: '#/components/schemas/PaymentExchangeRate' # This parameter is not supported. required: - debtorAccount - instructedAmount - creditorName BaseHungarianCreditTransfer: type: object allOf: - $ref: '#/components/schemas/SinglePayment' HungarianCreditTransferIG2: type: object description: | CIB specific hungarian credit transfer datatype for "hungarian-credit-transfers" product and "payments" service. allOf: - $ref: '#/components/schemas/BaseHungarianCreditTransfer' - type: object properties: payerIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' payerId: type: string maxLength: 35 realPayerName: type: string maxLength: 35 realPayerIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' realPayerId: type: string maxLength: 70 beneficiaryIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' beneficiaryId: type: string maxLength: 35 realBeneficiaryName: type: string maxLength: 35 realBeneficiaryIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' realBeneficiaryId: type: string maxLength: 70 reason: type: string maxLength: 4 description: ISO code of payment reason. externalDocs: url: https://net.cib.hu/internetbank/ig2_jogcimek required: - debtorAccount - instructedAmount - creditorAccount - creditorName HungarianCreditTransferIG3: type: object description: | CIB specific hungarian credit transfer datatype for "hungarian-credit-transfers" product and "payments" service. allOf: - $ref: '#/components/schemas/HungarianCreditTransferIG2' - type: object properties: secondaryIdType: $ref: '#/components/schemas/SecondaryIdTypeEnum' # If secondaryId is provided this field is mandatory. secondaryId: type: string maxLength: 128 description: | If secondaryIdType is provided this field is mandatory. PeriodicHungarianCreditTransfer: type: object description: | CIB specific periodic hungarian credit transfer datatype for "hungarian-credit-transfers" product and "periodic-payments" service. allOf: - $ref: '#/components/schemas/BaseHungarianCreditTransfer' - type: object properties: startDate: type: string format: date description: | Can't be a past date. executionRule: $ref: '#/components/schemas/PeriodicPaymentExecutionRuleEnum' # This parameter is not supported. endDate: type: string format: date description: | Can't be a past date. If provided it has to be a date after startDate. frequency: $ref: '#/components/schemas/FrequencyCodeEnum' dayOfExecution: type: string description: This parameter is not supported. required: - debtorAccount - instructedAmount - creditorAccount - creditorName - startDate - frequency PostHungarianCreditTransferRequest: description: Hungarian credit transfer request allOf: - $ref: '#/components/schemas/HungarianCreditTransferIG3' PostPaymentsResponse: description: Post payments response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: transactionStatus: $ref: '#/components/schemas/TransactionStatusEnum' paymentId: $ref: '#/components/schemas/paymentId' transactionFees: $ref: '#/components/schemas/AmountWithCurrency' transactionFeeIndicator: type: boolean _links: $ref: '#/components/schemas/Links' required: - transactionStatus - paymentId - _links BaseForexTransfer: type: object allOf: - $ref: '#/components/schemas/SinglePayment' - type: object properties: creditorAccountCountryCode: $ref: '#/components/schemas/countryCode' # Creditor account country code is required for all transfers to non CIB account. creditorFullAddress: type: string maxLength: 70 description: | Creditor full address is required for all transfers to non CIB account. debtorContactNameAndPhone: type: string maxLength: 35 description: | Contact name and phone number of debtor. fulfillmentNotificationMode: $ref: '#/components/schemas/FXPaymentFulfillmentNotificationMode' required: - debtorAccount - instructedAmount - debtorContactNameAndPhone - creditorName - fulfillmentNotificationMode SepaCreditTransfer: type: object description: | Sepa credit transfer datatype for "sepa-credit-transfers" product and "payments" service. If currency of transfer is provided it has to be EUR. Creditor account must be in IBAN format. allOf: - $ref: '#/components/schemas/BaseForexTransfer' - type: object required: - debtorAccount - instructedAmount - creditorAccount - debtorContactNameAndPhone - creditorName - creditorFullAddress - creditorAccountCountryCode PostSepaCreditTransferRequest: description: Sepa credit transfer request allOf: - $ref: '#/components/schemas/SepaCreditTransfer' FXCreditTransfer: type: object description: | Foreign exchange credit transfer datatype for "fx-credit-transfers" product and "payments" service. allOf: - $ref: '#/components/schemas/BaseForexTransfer' - type: object properties: creditorAgentFullAddress: type: string maxLength: 70 description: | Creditor agent full address is required for all transfers to non CIB account. creditorAgentCountryCode: $ref: '#/components/schemas/countryCode' # Creditor agent country code is required for all transfers to non CIB account. required: - debtorAccount - instructedAmount - currencyOfTransfer - creditorAccount - debtorContactNameAndPhone - creditorName - creditorAccountCountryCode PostFXCreditTransferRequest: description: Foreign exchange (FX) credit transfer request allOf: - $ref: '#/components/schemas/FXCreditTransfer' PostPeriodicHungarianCreditTransferRequest: description: Periodic hungarian credit transfer request allOf: - $ref: '#/components/schemas/PeriodicHungarianCreditTransfer' GetPaymentStatusResponse: description: Payment status response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: transactionStatus: $ref: '#/components/schemas/TransactionStatusEnum' fundsAvailable: type: boolean required: - transactionStatus HungarianCreditTransferResponse: description: Payment response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: debtorAccount: $ref: '#/components/schemas/AccountReference' instructedAmount: $ref: '#/components/schemas/AmountWithCurrency' currencyOfTransfer: $ref: '#/components/schemas/currencyCode' creditorAccount: $ref: '#/components/schemas/AccountReference' creditorName: type: string remittanceInformationUnstructured: $ref: '#/components/schemas/RemittanceInformationUnstructured' requestedExecutionDate: type: string format: date payerIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' payerId: type: string realPayerName: type: string realPayerIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' realPayerId: type: string beneficiaryIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' beneficiaryId: type: string realBeneficiaryName: type: string realBeneficiaryIdType: $ref: '#/components/schemas/HungarianTransferOptionalFieldTypeEnum' realBeneficiaryId: type: string reason: type: string secondaryIdType: $ref: '#/components/schemas/SecondaryIdTypeEnum' secondaryId: type: string PeriodicHungarianCreditTransferResponse: description: Periodic payment response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: debtorAccount: $ref: '#/components/schemas/AccountReference' instructedAmount: $ref: '#/components/schemas/AmountWithCurrency' currencyOfTransfer: $ref: '#/components/schemas/currencyCode' creditorAccount: $ref: '#/components/schemas/AccountReference' creditorName: type: string remittanceInformationUnstructured: $ref: '#/components/schemas/RemittanceInformationUnstructured' requestedExecutionDate: type: string format: date startDate: type: string format: date endDate: type: string format: date frequency: $ref: '#/components/schemas/FrequencyCodeEnum' SepaCreditTransferResponse: description: SEPA payment response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: debtorAccount: $ref: '#/components/schemas/AccountReference' debtorContactNameAndPhone: type: string instructedAmount: $ref: '#/components/schemas/AmountWithCurrency' currencyOfTransfer: $ref: '#/components/schemas/currencyCode' chargeBearer: $ref: '#/components/schemas/ChargeBearerEnum' requestedExecutionDate: type: string format: date creditorAccount: $ref: '#/components/schemas/AccountReference' creditorName: type: string creditorAccountCountryCode: $ref: '#/components/schemas/countryCode' creditorFullAddress: type: string remittanceInformationUnstructured: $ref: '#/components/schemas/RemittanceInformationUnstructured' exchangeRateInformation: $ref: '#/components/schemas/PaymentExchangeRate' fulfillmentNotificationMode: $ref: '#/components/schemas/FXPaymentFulfillmentNotificationMode' estimatedAmountToBeTransferred: $ref: '#/components/schemas/AmountWithCurrency' estimatedDebitedAmountWithFees: $ref: '#/components/schemas/AmountWithCurrency' FXCreditTransferResponse: description: Foreign exchange (FX) payment response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: debtorAccount: $ref: '#/components/schemas/AccountReference' debtorContactNameAndPhone: type: string instructedAmount: $ref: '#/components/schemas/AmountWithCurrency' currencyOfTransfer: $ref: '#/components/schemas/currencyCode' chargeBearer: $ref: '#/components/schemas/ChargeBearerEnum' requestedExecutionDate: type: string format: date creditorAccount: $ref: '#/components/schemas/AccountReference' creditorName: type: string creditorAgent: $ref: "#/components/schemas/bicfi" creditorAgentName: type: string creditorAccountCountryCode: $ref: '#/components/schemas/countryCode' creditorFullAddress: type: string creditorAgentFullAddress: type: string creditorAgentCountryCode: $ref: '#/components/schemas/countryCode' remittanceInformationUnstructured: $ref: '#/components/schemas/RemittanceInformationUnstructured' exchangeRateInformation: $ref: '#/components/schemas/PaymentExchangeRate' fulfillmentNotificationMode: $ref: '#/components/schemas/FXPaymentFulfillmentNotificationMode' estimatedAmountToBeTransferred: $ref: '#/components/schemas/AmountWithCurrency' estimatedDebitedAmountWithFees: $ref: '#/components/schemas/AmountWithCurrency' GetPaymentAuthorisationsResponse: description: Get payment authoristion response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: authorisationIds: type: array items: $ref: '#/components/schemas/authorisationId' GetPaymentAuthorisationResponse: description: Get payment authoristion response allOf: - $ref: '#/components/schemas/BaseResponse' - type: object properties: scaStatus: $ref: '#/components/schemas/SCAStatusEnum' required: scaStatus paths: # Consents /consents: post: tags: - consent-service operationId: postConsent description: | Creates an account information consent at the ASPSP regarding access to specified account(s). At least one IBAN (iban field) or Giro (bban field) account must be specified. In case of more the one account all accounts have to use the same account format (IBAN or Giro). One off consent can only refernce one account. A consent can only reference accounts related to single customer (even if the user has access to accounts of other customers referenced in the consent), otherwise login page will deny access and reject the consent during the authoristaion process. If consent is not accepted within 20 minutes, the consent automatically expires. One off consent is only valid for 20 minutes after acceptance. Bank offered accounts (BOA) functionality is not supported. An authorisation resource is automatically created. Since retail PSD2 endpoint doesn't support multisign no further authorisation subresource can be created. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/PostConsentRequest' responses: '201': description: Consent created headers: Location: $ref: '#/components/headers/Location' X-Request-ID: $ref: '#/components/headers/X-Request-ID' ASPSP-SCA-Approach: schema: type: string enum: - REDIRECT '400': description: Parameter invalid or not supported content: application/json: schema: $ref: '#/components/schemas/PostConsentResponse' /consents/{consent-id}/status: get: tags: - consent-service operationId: getConsentStatus description: | Returns the status of an account information consent resource. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/consent-id-path-param' responses: '200': description: OK headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' '403': description: Consent in path unknown or not found content: application/json: schema: $ref: '#/components/schemas/GetConsentStatusResponse' /consents/{consent-id}: get: tags: - consent-service operationId: getConsent description: | Returns the content of an account information consent resource. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/consent-id-path-param' responses: '200': description: OK headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' '403': description: Consent in path unknown or not found content: application/json: schema: $ref: '#/components/schemas/GetConsentResponse' delete: tags: - consent-service operationId: deleteConsent description: | Deletes a given consent. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/consent-id-path-param' responses: '204': description: Consent deleted headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' /consents/{consent-id}/authorisations: get: tags: - consent-service operationId: getConsentAuthorisations description: | Read the consent authorisations. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/consent-id-path-param' responses: '200': description: OK, request received headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' content: application/json: schema: $ref: '#/components/schemas/GetConsentAuthorisationsResponse' /consents/{consent-id}/authorisations/{authorisation-id}: get: tags: - consent-service operationId: getConsentAuthorisation description: | Reads the SCA status of the authorisation. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/consent-id-path-param' - $ref: '#/components/parameters/authorisation-id-path-param' responses: '200': description: OK, request received headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' content: application/json: schema: $ref: '#/components/schemas/GetConsentAuthorisationResponse' /consents/confirmation-of-funds: post: tags: - confirmation-of-funds-consent-service operationId: postConfirmationOfFundsConsent description: | Creates a confirmation of funds consent at the ASPSP to an account specified in this request. If consent is not accepted within 20 minutes, the consent automatically expires. An authorisation resource is automatically created. Since retail PSD2 endpoint doesn't support multisign no further authorisation subresource can be created. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/PostConfirmationOfFundsConsentRequest' responses: '201': description: Confirmation of funds consent created headers: Location: $ref: '#/components/headers/Location' X-Request-ID: $ref: '#/components/headers/X-Request-ID' ASPSP-SCA-Approach: schema: type: string enum: - REDIRECT '400': description: Parameter invalid or not supported content: application/json: schema: $ref: '#/components/schemas/PostConfirmationOfFundsConsentResponse' /consents/confirmation-of-funds/{consent-id}/status: get: tags: - confirmation-of-funds-consent-service operationId: getConfirmationOfFundsConsentStatus description: | Returns the status of a confirmation of funds consent resource. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/consent-id-path-param' responses: '200': description: OK headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' '403': description: Consent in path unknown or not found content: application/json: schema: $ref: '#/components/schemas/GetConsentStatusResponse' /consents/confirmation-of-funds/{consent-id}: get: tags: - confirmation-of-funds-consent-service operationId: getConfirmationOfFundsConsent description: | Returns the content of a confirmation of funds consent resource. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/consent-id-path-param' responses: '200': description: OK headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' '403': description: Consent in path unknown or not found content: application/json: schema: $ref: '#/components/schemas/GetConfirmationOfFundsConsentResponse' delete: tags: - confirmation-of-funds-consent-service operationId: deleteConfirmationOfFundsConsent description: | Deletes a given consent. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/consent-id-path-param' responses: '204': description: Confirmation of funds consent deleted headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' /consents/confirmation-of-funds/{consent-id}/authorisations: get: tags: - confirmation-of-funds-consent-service operationId: getConfirmationOfFundsConsentAuthorisations description: | Reads the confirmation of funds authorisations. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/consent-id-path-param' responses: '200': description: OK, request received headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' content: application/json: schema: $ref: '#/components/schemas/GetConsentAuthorisationsResponse' /consents/confirmation-of-funds/{consent-id}/authorisations/{authorisation-id}: get: tags: - confirmation-of-funds-consent-service operationId: getConfirmationOfFundsConsentAuthorisation description: | Reads the SCA status of the authorisation. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/consent-id-path-param' - $ref: '#/components/parameters/authorisation-id-path-param' responses: '200': description: OK, request received headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' content: application/json: schema: $ref: '#/components/schemas/GetConsentAuthorisationResponse' # AISP /accounts: get: tags: - account-information-service operationId: getAccounts description: | Reads a list of bank accounts, with balances where required. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' - $ref: '#/components/parameters/consent-id-header-param' # query - $ref: '#/components/parameters/with-balance-query_param' responses: '200': description: OK headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' '403': description: Consent not found or access denied content: application/json: schema: $ref: '#/components/schemas/GetAccountsResponse' /accounts/{account-id}: get: tags: - account-information-service operationId: getAccount description: | Reads details about an account, with balances where required. For one off consents the withBalance = true is not supported. Each account in the consent with "account" access type can call this interface daily 4 times. Calls after this limit is reached are rejected with ACCESS_EXCEEDED error message. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/consent-id-header-param' - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/account-id-path-param' # query - $ref: '#/components/parameters/with-balance-query_param' responses: '200': description: OK headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' '403': description: Consent not found or access denied '404': description: Account in path unknown or not found content: application/json: schema: $ref: '#/components/schemas/GetAccountResponse' /accounts/{account-id}/balances: get: tags: - account-information-service operationId: getAccountBalance description: | Reads account data from a given account addressed by account-id. Each account in the consent with "balances" access type can call this interface daily 4 times. Calls after this limit is reached are rejected with ACCESS_EXCEEDED error message. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/consent-id-header-param' - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/account-id-path-param' responses: '200': description: OK headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' '403': description: Consent not found or access denied '404': description: Account in path unknown or not found content: application/json: schema: $ref: '#/components/schemas/GetAccountBalanceResponse' /accounts/{account-id}/transactions: get: tags: - account-information-service operationId: getAccountTransactions description: | Reads account transaction data from a given account addressed by account-id. For one off consents the withBalance = true is not supported. Each account in the consent with "transactions" access type can call this interface daily 4 times. Calls after this limit is reached are rejected with ACCESS_EXCEEDED error message. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/consent-id-header-param' - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/account-id-path-param' # query - $ref: '#/components/parameters/date-from-query-param' - $ref: '#/components/parameters/date-to-query-param' - $ref: '#/components/parameters/booking-status-query-param' - $ref: '#/components/parameters/with-balance-query_param' responses: '200': description: OK headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' '400': description: Parameter invalid or not supported '403': description: Consent not found or access denied '404': description: Account in path unknown or not found content: application/json: schema: $ref: '#/components/schemas/GetAccountTransactionsResponse' # PIISP (COF) /funds-confirmations: post: tags: - payment-instrument-issuing-service operationId: postFundsConfirmation description: | Checks whether a specific amount is available at point of time of the request on an account linked addressed by IBAN and TPP respectively. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' - $ref: '#/components/parameters/consent-id-header-param' requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/PostFundsConfirmationRequest" responses: '201': description: OK, request received headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' content: application/json: schema: $ref: "#/components/schemas/PostFundsConfirmationResponse" # PISP /payments/hungarian-credit-transfers: post: tags: - payment-initiation-service operationId: postHungarianCreditTransferPayments description: | Creates an instant or value dated hungarian credit transfer payment initiation request at the ASPSP. The payment has to be finilased in 20 minutes otherwise it will be automatically rejected. An authorisation resource is automatically created. Since retail PSD2 endpoint doesn't support multisign no further authorisation subresource can be created. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/PostHungarianCreditTransferRequest' responses: '201': description: Payment created headers: Location: $ref: '#/components/headers/Location' X-Request-ID: $ref: '#/components/headers/X-Request-ID' '404': description: Payment product not found or not supported content: application/json: schema: $ref: '#/components/schemas/PostPaymentsResponse' /payments/sepa-credit-transfers: post: tags: - payment-initiation-service operationId: postSepaCreditTransferPayments description: | Creates a sepa credit transfer payment initiation request at the ASPSP. The payment has to be finilased in 20 minutes otherwise it will be automatically rejected. An authorisation resource is automatically created. Since retail PSD2 endpoint doesn't support multisign no further authorisation subresource can be created. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/PostSepaCreditTransferRequest' responses: '201': description: Payment created headers: Location: $ref: '#/components/headers/Location' X-Request-ID: $ref: '#/components/headers/X-Request-ID' '404': description: Payment product not found or not supported content: application/json: schema: $ref: '#/components/schemas/PostPaymentsResponse' /payments/fx-credit-transfers: post: tags: - payment-initiation-service operationId: postFXCreditTransferPayments description: | Creates a foreign exchange credit transfer payment initiation request at the ASPSP. The payment has to be finilased in 20 minutes otherwise it will be automatically rejected. An authorisation resource is automatically created. Since retail PSD2 endpoint doesn't support multisign no further authorisation subresource can be created. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/PostFXCreditTransferRequest' responses: '201': description: Payment created headers: Location: $ref: '#/components/headers/Location' X-Request-ID: $ref: '#/components/headers/X-Request-ID' '404': description: Payment product not found or not supported content: application/json: schema: $ref: '#/components/schemas/PostPaymentsResponse' /periodic-payments/hungarian-credit-transfers: post: tags: - payment-initiation-service operationId: postPeriodicHungarianCreditTransferPayments description: | Creates a recurring hungarian credit transfer payment initiation request at the ASPSP. The payment has to be finilased in 20 minutes otherwise it will be automatically rejected. An authorisation resource is automatically created. Since retail PSD2 endpoint doesn't support multisign no further authorisation subresource can be created. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/PostPeriodicHungarianCreditTransferRequest' responses: '201': description: Payment created headers: Location: $ref: '#/components/headers/Location' X-Request-ID: $ref: '#/components/headers/X-Request-ID' '404': description: Payment product not found or not supported content: application/json: schema: $ref: '#/components/schemas/PostPaymentsResponse' /{payment-service}/{payment-product}/{payment-id}: get: tags: - payment-initiation-service operationId: getPayment description: | Read the details of an initiated payment. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/payment-service-path-param' - $ref: '#/components/parameters/payment-product-path-param' - $ref: '#/components/parameters/payment-id-path-param' responses: '200': description: OK, request received headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' content: application/json: schema: oneOf: - $ref: '#/components/schemas/HungarianCreditTransferResponse' - $ref: '#/components/schemas/SepaCreditTransferResponse' - $ref: '#/components/schemas/FXCreditTransferResponse' - $ref: '#/components/schemas/PeriodicHungarianCreditTransferResponse' /{payment-service}/{payment-product}/{payment-id}/status: get: tags: - payment-initiation-service operationId: getPaymentStatus description: | Read the transaction status of the payment. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/payment-service-path-param' - $ref: '#/components/parameters/payment-product-path-param' - $ref: '#/components/parameters/payment-id-path-param' responses: '200': description: OK, request received headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' content: application/json: schema: $ref: '#/components/schemas/GetPaymentStatusResponse' /{payment-service}/{payment-product}/{payment-id}/authorisations: get: tags: - payment-initiation-service operationId: getPaymentAuthorisations description: | Reads the payment authorisations. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/payment-service-path-param' - $ref: '#/components/parameters/payment-product-path-param' - $ref: '#/components/parameters/payment-id-path-param' responses: '200': description: OK, request received headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' content: application/json: schema: $ref: '#/components/schemas/GetPaymentAuthorisationsResponse' /{payment-service}/{payment-product}/{payment-id}/authorisations/{authorisation-id}: get: tags: - payment-initiation-service operationId: getPaymentAuthorisation description: | Read the SCA status of the authorisation. parameters: # header - $ref: '#/components/parameters/psu-id-header-param' - $ref: '#/components/parameters/x-request-id-header-param' - $ref: '#/components/parameters/tpp-registration-number-header-param' # Remove this line for cib.hu - $ref: '#/components/parameters/psu-ip-address-header-param' # path - $ref: '#/components/parameters/payment-service-path-param' - $ref: '#/components/parameters/payment-product-path-param' - $ref: '#/components/parameters/payment-id-path-param' - $ref: '#/components/parameters/authorisation-id-path-param' responses: '200': description: OK, request received headers: X-Request-ID: $ref: '#/components/headers/X-Request-ID' content: application/json: schema: $ref: '#/components/schemas/GetPaymentAuthorisationResponse'