---
swagger: "2.0"
info:
  description: This Microservice is intended to manage the card information related
    to the card for which the dynamic CVV2 and 2FA is generated to support online
    shopping and non-present card transactions
  version: 1.0.0
  title: CRDS-CAU-V-CardAhr
  x-ibm-name: crds-cau-v-cardahr
host: 127.0.0.1
basePath: /api
schemes:
- https
produces:
- application/json
paths:
  /v1/cards/cvv2-generation/validate/detail:
    post:
      tags:
      - validate-dynamic-cvv2-generation-detail
      operationId: validate-dynamic-cvv2-generation-detail
      summary: To validate if is possible to generate a dynamic CVV for the card related
        with the account
      description: This API is used to validate if the card complies with the business
        rules to generate a dynamic CVV.
      consumes:
      - application/json
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        description: The client ID  you received during application registration in
          the developer portal
        required: true
        type: string
      - name: Authorization
        in: header
        description: Bearer token aquired from APIM token endpoint
        required: true
        type: string
      - name: uuid
        in: header
        description: Random 128 bit UUID generated uniquely for every request from
          the Customer, which will represent transaction unique identifier and it
          is recommended to send.
        required: true
        type: string
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: Accept-Language
        in: header
        description: Language to be send to the backend systems must be 'es' for spanish
          and 'en' for english
        required: false
        type: string
        default: es
      - name: ChannelId
        in: header
        description: channel ID used by the user, it is required for the first call
          in a new session.
        required: true
        type: string
      - name: Content-Type
        in: header
        description: Content-Types that are sent in the request
        required: true
        type: string
        default: application/json
      - name: countryCode
        in: header
        description: 2 character ISO country code
        required: true
        type: string
        default: MX
      - name: businessCode
        in: header
        description: 3 character business code
        required: true
        type: string
        default: GCB
      - name: sid
        in: header
        description: Sessionid value from E2EE Key Exchange response.
        required: true
        type: string
      - in: body
        name: validateCardRequest
        required: true
        schema:
          $ref: '#/definitions/ValidateCardRequest'
      responses:
        200:
          description: Successful operation.
        400:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr>
            <tr><td>error</td><td>invalidRequest</td><td>Missing or invalid Parameters</td></tr>
            <tr><td>error</td><td>cannotDecryptData</td><td>620-Cannot decrypt, please
            re-check the encrypted value</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>unAuthorized</td><td>Authorization
            credentials are missing or invalid</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr>
            <tr><td>error</td><td>accessNotConfigured</td><td>The request operation
            is not configured to access this resource</td></tr><tr><td>error</td><td>productNotAllowed</td><td>The
            card is not allowed to issue CVV2 and 2FA.</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>resourceNotFound</td><td>The requested
            resource was not found</td><td>Empty resource/resource not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationFailed</td><td>Business
            validation error occured on one or more parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: |-
            <table><tr><td>Type</td><td>Code</td><td>Details</td></tr> <tr>
              <td>error</td><td>backendError</td><td>Failed
            during a call to backend service</td> </tr> <tr>
              <td>error</td><td>timeoutError</td><td>Time to complete a transaction is over</td>
            </tr> <tr>
              <td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td> </tr> </table>
          schema:
            $ref: '#/definitions/ErrorResponse'
definitions:
  ValidateCardRequest:
    type: object
    properties:
      accountId:
        description: Unique ID used by front end to indentify the account
        type: string
        example: "123456"
    required:
    - accountId
  ErrorResponse:
    required:
    - code
    - details
    - location
    - moreInfo
    - timestamp
    - type
    properties:
      type:
        type: string
        description: Invalid - Request did not confirm to the specification and was
          unprocessed and rejected. Please fix the value and try again
        enum:
        - error
        - warn
        - invalid
        - fatal
      code:
        type: string
        description: Error code which qualifies the error
      details:
        type: string
        description: Human readable explanation specific to the occurrence of the
          problem
      location:
        type: string
        description: The name of the field that resulted in the error
      moreInfo:
        type: string
        description: URI to human readable documentation of the error
      timestamp:
        type: string
        description: Timestamp of the error
x-ibm-configuration:
  enforced: true
  testable: true
  phase: realized
securityDefinitions:
  OAuth2 Application Flow:
    type: oauth2
    description: ""
    flow: application
    scopes:
      /api/v1: ""
    tokenUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext/api/v1/oauth/token
  Client ID:
    type: apiKey
    description: ""
    in: header
    name: X-IBM-Client-Id
security:
- OAuth2 Application Flow:
  - /api/v1
  Client ID: []
x-ibm-endpoints:
- endpointUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext
  type:
  - production
  - development
...
Type	Code	Details
error	invalidRequest	Missing or invalid Parameters
error	cannotDecryptData	620-Cannot decrypt, please re-check the encrypted value