--- swagger: "2.0" info: description: API for PSD2 Accounts version: "1.1" title: PSD2_Accounts_API termsOfService: "" contact: name: Bank of Cyprus x-ibm-name: PSD2_Accounts_API host: localhost:443 basePath: /psd2 schemes: - https paths: /v1/accounts: get: description: 'Retrieve all accounts for a subscription. Subscription id is in the header ' operationId: getAccounts schemes: - http - https produces: - application/json parameters: - name: Authorization in: header description: 'Encrypted access token ' required: true type: string - name: customerId in: header required: false type: string - name: originSourceId in: header description: ID of the source system invoking required: false type: string - name: originChannelId in: header description: ID of the channel from which the invocation occurred required: false type: string - name: originDeptId in: header description: ID of the department from which the invocation occurred required: false type: string - name: originUserId in: header description: User ID of the requester (as per LDAP) required: false type: string - name: originEmployeeId in: header description: Employee ID of the requester (as per employee HR record) required: false type: string - name: originTerminalId in: header description: Terminal ID of the requester required: false type: string - name: journeyId in: header description: 'Global transaction Id. ' required: true type: string - name: timeStamp in: header description: The time stamp when the request was sent to system required: true type: string - name: correlationId in: header description: Correlation ID passed by the requesting system required: false type: string - name: subscriptionId in: header description: Subscription ID of a subscription for which all accounts need to be retrieved required: true type: string - name: lang in: header description: 2-character iso code for preferred language. If empty the default will be English required: false type: string - name: onlineAccessFlag in: header description: True / False required: false type: boolean - name: customerIP type: string required: false in: header description: The PSU's IP address if the PSU is currently logged in with the TPP - name: customerSessionId type: string required: false in: header description: The PSU’s Session Identifier with the TPP - name: customerDevice type: string required: false in: header description: The PSU’s Web Browser Agent or Device Type (Whatever is available from Platform, OS Version, Model) if this is a Mobile App - name: loginTimeStamp type: string required: false in: header description: The time of PSU’s last login with the TPP related to the Session Id provided above responses: 200: description: OK schema: type: array items: $ref: '#/definitions/Account' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 302: description: Found headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 400: description: Bad Request schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 401: description: Unauthorized schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 403: description: Forbidden schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 404: description: API URL Not Found schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 405: description: Method not Found schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 406: description: Not Acceptable schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 429: description: Too many Requests schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 503: description: Service Unavailable schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system /v1/accounts/{accountId}: get: description: 'Retrieve account details ' operationId: getAccountDetails schemes: - http - https produces: - application/json parameters: - name: accountId in: path description: account id of the user. required: true type: string - name: journeyId in: header description: Global transaction Id required: true type: string - name: originSourceId in: header description: ID of the source system invoking required: false type: string - name: originChannelId in: header description: ID of the channel from which the invocation occurred required: false type: string - name: originDeptId in: header description: ID of the department from which the invocation occurred required: false type: string - name: originUserId in: header description: User ID of the requester (as per LDAP) required: false type: string - name: originEmployeeId in: header description: Employee ID of the requester (as per employee HR record) required: false type: string - name: originTerminalId in: header description: Terminal ID of the requester required: false type: string - name: timeStamp in: header description: The time stamp when the request was sent to system required: true type: string - name: correlationId in: header description: Correlation ID passed by the requesting system required: false type: string - name: subscriptionId in: header description: 'Subscription ID of a subscriber ' required: true type: string - name: Authorization in: header description: 'Encrypted access token ' required: true type: string - name: onlineAccessFlag in: header description: True / False required: false type: boolean - name: lang in: header description: 2-character iso code for preferred language. If empty the default will be English required: false type: string - name: customerIP type: string required: false in: header description: The PSU's IP address if the PSU is currently logged in with the TPP - name: customerSessionId type: string required: false in: header description: The PSU’s Session Identifier with the TPP - name: customerDevice type: string required: false in: header description: The PSU’s Web Browser Agent or Device Type (Whatever is available from Platform, OS Version, Model) if this is a Mobile App - name: loginTimeStamp type: string required: false in: header description: The time of PSU’s last login with the TPP related to the Session Id provided above responses: 200: description: OK schema: type: array items: $ref: '#/definitions/Account' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 302: description: Found headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 400: description: Bad Request schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 401: description: Unauthorized schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 403: description: Forbidden schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 404: description: API URL Not Found schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 405: description: Method not Found schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 406: description: Not Acceptable schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 429: description: Too many Requests schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 503: description: Service Unavailable schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system /v1/accounts/{accountId}/balance: get: description: 'Retrieve available balance for an account ' operationId: getAvailableBalance schemes: - http - https produces: - application/json parameters: - name: accountId in: path description: account id of the user. required: true type: string - name: journeyId in: header description: Global transaction Id required: true type: string - name: originSourceId in: header description: ID of the source system invoking required: false type: string - name: originChannelId in: header description: ID of the channel from which the invocation occurred required: false type: string - name: originDeptId in: header description: ID of the department from which the invocation occurred required: false type: string - name: originUserId in: header description: User ID of the requester (as per LDAP) required: false type: string - name: originEmployeeId in: header description: Employee ID of the requester (as per employee HR record) required: false type: string - name: originTerminalId in: header description: Terminal ID of the requester required: false type: string - name: timeStamp in: header description: The time stamp when the request was sent to system required: true type: string - name: correlationId in: header description: Correlation ID passed by the requesting system required: false type: string - name: subscriptionId in: header description: 'Subscription ID of a subscriber ' required: true type: string - name: Authorization in: header description: 'Encrypted access token ' required: true type: string - name: lang in: header description: 2-character iso code for preferred language. If empty the default will be English required: false type: string - name: customerIP type: string required: false in: header description: The PSU's IP address if the PSU is currently logged in with the TPP - name: customerSessionId type: string required: false in: header description: The PSU’s Session Identifier with the TPP - name: customerDevice type: string required: false in: header description: The PSU’s Web Browser Agent or Device Type (Whatever is available from Platform, OS Version, Model) if this is a Mobile App - name: loginTimeStamp type: string required: false in: header description: The time of PSU’s last login with the TPP related to the Session Id provided above responses: 200: description: OK schema: type: array items: $ref: '#/definitions/Account' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 302: description: Found headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 400: description: Bad Request schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 401: description: Unauthorized schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 403: description: Forbidden schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 404: description: API URL Not Found schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 405: description: Method not Found schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 406: description: Not Acceptable schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 429: description: Too many Requests schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 503: description: Service Unavailable schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system /v1/accounts/{accountId}/statement: get: description: Retrieve statement of transaction for an account operationId: getAccountStatement schemes: - http - https produces: - application/json parameters: - name: accountId in: path description: account id of the user. required: true type: string - name: journeyId in: header description: Global transaction Id required: true type: string - name: originSourceId in: header description: ID of the source system invoking required: false type: string - name: originChannelId in: header description: ID of the channel from which the invocation occurred required: false type: string - name: originDeptId in: header description: ID of the department from which the invocation occurred required: false type: string - name: originUserId in: header description: User ID of the requester (as per LDAP) required: false type: string - name: originEmployeeId in: header description: Employee ID of the requester (as per employee HR record) required: false type: string - name: originTerminalId in: header description: Terminal ID of the requester required: false type: string - name: timeStamp in: header description: The time stamp when the request was sent to system required: true type: string - name: correlationId in: header description: Correlation ID passed by the requesting system required: false type: string - name: subscriptionId in: header description: 'Subscription ID of a subscriber ' required: true type: string - name: Authorization in: header description: 'Encrypted access token ' required: true type: string - name: lang in: header description: 2-character iso code for preferred language. If empty the default will be English required: false type: string - name: startDate in: query required: false type: string - name: endDate in: query required: false type: string - name: maxCount in: query required: false type: number - name: customerIP type: string required: false in: header description: The PSU's IP address if the PSU is currently logged in with the TPP - name: customerSessionId type: string required: false in: header description: The PSU’s Session Identifier with the TPP - name: customerDevice type: string required: false in: header description: The PSU’s Web Browser Agent or Device Type (Whatever is available from Platform, OS Version, Model) if this is a Mobile App - name: loginTimeStamp type: string required: false in: header description: The time of PSU’s last login with the TPP related to the Session Id provided above responses: 200: description: OK schema: $ref: '#/definitions/Statement' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 302: description: Found headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 400: description: Bad Request schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 401: description: Unauthorized schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 403: description: Forbidden schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 404: description: API URL Not Found schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 405: description: Method not Found schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 406: description: Not Acceptable schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 429: description: Too many Requests schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system 500: description: Internal Server Error schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system 503: description: Service Unavailable schema: $ref: '#/definitions/ErrorResponse' headers: journeyId: type: string description: Global Transaction id/Journey ID timeStamp: type: string description: The time stamp when the message was received from the system correlationId: type: string description: Correlation ID passed by the requesting system /v1/accnts/healthCheck: get: responses: 200: description: 200 OK tags: - healthCheck operationId: healthCheck security: - [] consumes: [] produces: [] definitions: AdditionalDetails: type: object properties: errorCode: type: string severity: type: string status: type: string description: type: string PostalAddress: type: object properties: line1: type: string line2: type: string line3: type: string line4: type: string city: type: string postalcode: type: string state: type: string country: type: string Account: type: object properties: bankId: type: string accountId: type: string accountAlias: type: string accountType: type: string accountName: type: string IBAN: type: string currency: type: string infoTimeStamp: type: string interestRate: type: number maturityDate: type: string lastPaymentDate: type: string nextPaymentDate: type: string remainingInstallments: type: number balances: type: array items: $ref: '#/definitions/Balance' Merchant: type: object properties: name: type: string address: $ref: '#/definitions/PostalAddress' Transaction: type: object properties: id: type: string dcInd: type: string transactionAmount: $ref: '#/definitions/Amount' description: type: string postingDate: type: string valueDate: type: string transactionType: type: string merchant: $ref: '#/definitions/Merchant' terminalId: type: string runningBalance: type: number fromToOtherAmount: type: number Statement: type: object properties: account: $ref: '#/definitions/Account' transaction: type: array items: $ref: '#/definitions/Transaction' Amount: type: object properties: amount: type: number currency: type: string Error: type: object properties: code: type: string severity: type: string enum: - error - warning - Info description: type: string additionalDetails: type: array items: $ref: '#/definitions/AdditionalDetails' Balance: type: object properties: amount: type: number balanceType: type: string ErrorResponse: type: object properties: fatalError: type: boolean error: $ref: '#/definitions/Error' x-ibm-configuration: enforced: true testable: true phase: realized securityDefinitions: Application - Oauth: type: oauth2 description: "" flow: application scopes: TPPOAuth2Security: "" x-tokenIntrospect: url: "" tokenUrl: https://$(api.endpoint.address)/$(api.org.name)/$(env.path)/v1/oauth2/token security: - Application - Oauth: - TPPOAuth2Security produces: - application/json consumes: - application/json x-ibm-endpoints: - endpointUrl: https://apis.bankofcyprus.com/df-boc-org-prd/prod description: APIC Gateway Server type: - production ...