---
swagger: "2.0"
info:
  description: This microservice will be used to evaluate a customer´s access according
    to the products of a card. Example access to a beyond lounge room.
  version: 1.0.0
  title: crds-cau-v-cards-product-data
  x-ibm-name: crds-cau-v-cards-product-data
host: 127.0.0.1
basePath: /api
schemes:
- https
produces:
- application/json
paths:
  /v1/cards/products-data/retrieve:
    post:
      tags:
      - retrieve-card-product-data
      operationId: retrieve-card-product-data
      summary: 'LOB:Cards; Feature: Card Product; Functionality:Retrieve'
      description: This API requires a customer identification and card number to
        retrieve the confirmation response of the grant or deny customer access according
        to the card products.
      consumes:
      - application/json
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        description: Client ID generated during application registration
        required: true
        type: string
      - name: Authorization
        in: header
        description: The Authorization Token received during login
        required: true
        type: string
      - name: uuid
        in: header
        description: 128 bit UUID that you generate for every request
        required: true
        type: string
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: Accept-Language
        in: header
        description: List of acceptable human languages for response
        required: false
        type: string
        default: es
      - name: ChannelId
        in: header
        description: Channel where request originated
        required: true
        type: string
      - name: Content-Type
        in: header
        description: Content-Types that are sent in the request
        required: true
        type: string
        default: application/json
      - name: countryCode
        in: header
        description: Country code in 2 character ISO 3166 format
        required: true
        type: string
        default: MX
      - name: businessCode
        in: header
        description: Business code identified during application registration
        required: true
        type: string
        default: GCB
      - in: body
        name: retrieveCardProductDataRequest
        required: true
        schema:
          $ref: '#/definitions/RetrieveCardProductDataRequest'
      responses:
        200:
          description: Successful operation.
          schema:
            $ref: '#/definitions/RetrieveCardProductDataResponse'
        400:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr>
            <tr><td>error</td><td>invalidRequest</td><td>Missing or invalid Parameters</td></tr>
            <tr><td>error</td><td>cannotDecryptData</td><td>620-Cannot decrypt, please
            re-check the encrypted value</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>unAuthorized</td><td>Authorization
            credentials are missing or invalid</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr>
            <tr><td>error</td><td>accessNotConfigured</td><td>The request operation
            is not configured to access this resource</td></tr><tr><td>error</td><td>productNotAllowed</td><td>The
            card is not allowed to issue CVV2 and 2FA.</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>resourceNotFound</td><td>The requested
            resource was not found</td><td>Empty resource/resource not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationFailed</td><td>Business
            validation error occured on one or more parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: |-
            <table><tr><td>Type</td><td>Code</td><td>Details</td></tr> <tr>
              <td>error</td><td>backendError</td><td>Failed
            during a call to backend service</td> </tr> <tr>
              <td>error</td><td>timeoutError</td><td>Time to complete a transaction is over</td>
            </tr> <tr>
              <td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td> </tr> </table>
          schema:
            $ref: '#/definitions/ErrorResponse'
definitions:
  RetrieveCardProductDataRequest:
    type: object
    properties:
      customerId:
        description: Customer ID is a key associated with a specific entity or person
          Citi does business or has some relationship with.
        type: string
        example: "123456789012"
        pattern: ^[0-9]*$
        maxLength: 12
      cardNumber:
        description: 'Card Number of the user.Redemption of points on demand can be
          availed using a unique card plastic.  For eg: Creditcard,Debitcard.'
        type: string
        example: "123456789812"
    required:
    - customerId
    - cardNumber
  RetrieveCardProductDataResponse:
    type: object
    properties:
      productCode:
        description: Unique code that identifies the product.
        type: string
        example: "518"
      productName:
        description: Name by which the Product is known across enterprise.
        type: string
        example: CITI BEYOND
      responseDescriptionFlag:
        description: Flag that indicates whether access has been granted or denied
          to the customer and if the system operation was succesful.
        type: boolean
        example: false
      errorDescription:
        description: Error description when some customer data are missed.
        type: string
        example: CARD IS BLOCKED
    required:
    - productCode
    - productName
    - responseDescriptionFlag
  ErrorResponse:
    properties:
      type:
        type: string
        description: Invalid - Request did not confirm to the specification and was
          unprocessed and rejected. Please fix the value and try again
        enum:
        - error
        - warn
        - invalid
        - fatal
      code:
        description: Error code which qualifies the error
        type: string
      details:
        description: Human readable explanation specific to the occurrence of the
          problem
        type: string
      location:
        description: The name of the field that resulted in the error
        type: string
      moreInfo:
        description: More Info can be used to pass any additional details
        type: string
      uuid:
        description: 128 bit UUID that you generate for every request
        type: string
      timestamp:
        description: Timestamp of the error
        type: string
    required:
    - type
    - code
x-ibm-configuration:
  enforced: true
  testable: true
  phase: realized
securityDefinitions:
  OAuth2 Application Flow:
    type: oauth2
    description: ""
    flow: application
    scopes:
      /api/v1: ""
    tokenUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext/api/v1/oauth/token
  Client ID:
    type: apiKey
    description: ""
    in: header
    name: X-IBM-Client-Id
security:
- OAuth2 Application Flow:
  - /api/v1
  Client ID: []
x-ibm-endpoints:
- endpointUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext
  type:
  - production
  - development
...