--- swagger: "2.0" info: title: csmt-cbi-o-payment-risk-analysis description: This microservice will orchestrate the requests from Mobile and Avatar in order to decript and complete data necessary to call TMX throught Transmit to get a risk score for transantions monetary. version: 1.0.0 x-ibm-name: csmt-cbi-o-payment-risk-analysis host: 127.0.0.1 basePath: /api schemes: - https produces: - application/json paths: /v1/customers/bill-payments/risk-scores/retrieve: post: tags: - retrieve-bill-risk-score operationId: retrieve-bill-risk-score summary: 'LOB: Mobile; Feature: Threat Metrix score; Functionality: Retrieve Risk Score for bill payments' description: This API helps to complete data for Bill Payments in order to retrieve the risk score from TMX consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: ChannelId in: header required: true type: string description: Channel where request originated - name: sid in: header required: true type: string description: SessionId sent by Consumer - name: retrieveBillRiskScoreRequest in: body required: true schema: $ref: '#/definitions/RetrieveBillRiskScoreRequest' responses: 200: description: Successful operation. schema: $ref: '#/definitions/RetrieveBillRiskScoreResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' /v1/customers/tax-payments/risk-scores/retrieve: post: tags: - retrieve-tax-risk-score operationId: retrieve-tax-risk-score summary: 'LOB: Mobile; Feature: Threat Metrix score; Functionality: Retrieve Risk Score for tax payments' description: This API helps to complete data for Tax Payments in order to retrieve the risk score from TMX consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: ChannelId in: header required: true type: string description: Channel where request originated - name: sid in: header required: true type: string description: SessionId sent by Consumer - name: retrieveTaxRiskScoreRequest in: body required: true schema: $ref: '#/definitions/RetrieveTaxRiskScoreRequest' responses: 200: description: Successful operation. schema: $ref: '#/definitions/RetrieveTaxRiskScoreResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' /v1/customers/credit-payments/risk-scores/retrieve: post: tags: - retrieve-credit-risk-score operationId: retrieve-credit-risk-score summary: 'LOB: Mobile; Feature: Threat Metrix score; Functionality: Retrieve Risk Score for credit payments' description: This API helps to complete data for Credit Payments in order to retrieve the risk score from TMX consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: ChannelId in: header required: true type: string description: Channel where request originated - name: sid in: header required: true type: string description: SessionId sent by Consumer - name: retrieveCreditRiskScoreRequest in: body required: true schema: $ref: '#/definitions/RetrieveCreditRiskScoreRequest' responses: 200: description: Successful operation. schema: $ref: '#/definitions/RetrieveCreditRiskScoreResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' /v1/customers/order-payments/risk-scores/retrieve: post: tags: - retrieve-order-risk-score operationId: retrieve-order-risk-score summary: 'LOB: Mobile; Feature: Threat Metrix score; Functionality: Retrieve Risk Score for order payments' description: This API helps to complete data for Order Payments in order to retrieve the risk score from TMX consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: ChannelId in: header required: true type: string description: Channel where request originated - name: sid in: header required: true type: string description: SessionId sent by Consumer - name: retrieveOrderRiskScoreRequest in: body required: true schema: $ref: '#/definitions/RetrieveOrderRiskScoreRequest' responses: 200: description: Successful operation. schema: $ref: '#/definitions/RetrieveOrderRiskScoreResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' definitions: RetrieveBillRiskScoreRequest: type: object properties: dataCenterLocation: description: It is an identifier of the place where the User was created. type: string example: "10" tmxSessionId: description: This is a session identifier generated when device profiling was initiated type: string maxLength: 128 example: "12345678" tmxEventType: description: Type of the event performed type: string example: PAYMENT legacySessionId: description: The inputted Web Session ID that represents a session for a user in a customers type: string example: 2da237808d724441a94797dad7c30d00 payeeType: description: 'Beneficiary Type: It can be a specific number for each type' type: string example: "1521" localTransactionDate: description: Local time when the transaction takes place at the acceptor location.This is also printed on the credit card receipt. type: string format: date-time example: "2017-07-21T17:32:28Z" customer: $ref: '#/definitions/Customer' required: - tmxSessionId - tmxEventType - dataCenterLocation - localTransactionDate - customer RetrieveBillRiskScoreResponse: type: object properties: transactionId: description: Identifier retrieved from transmit generated in TMX type: string example: "4013060000" highRiskCode: description: Risk score from TMX transaction risk assessment type: string example: "10" operationName: description: 'Name of the operation made ' type: string example: Login decisionCode: description: Refers to how the operation should proceed 1-allow, 2-review, 3-deny type: string example: "1" required: - transactionId - highRiskCode - operationName - decisionCode RetrieveTaxRiskScoreRequest: type: object properties: dataCenterLocation: description: It is an identifier of the place where the User was created. type: string example: "10" tmxSessionId: description: This is a session identifier generated when device profiling was initiated type: string maxLength: 128 example: "12345678" tmxEventType: description: Type of the event performed type: string example: PAYMENT legacySessionId: description: The inputted Web Session ID that represents a session for a user in a customers type: string example: 2da237808d724441a94797dad7c30d00 payeeType: description: 'Beneficiary Type: It can be a specific number for each type' type: string example: "1521" localTransactionDate: description: Local time when the transaction takes place at the acceptor location.This is also printed on the credit card receipt. type: string format: date-time example: "2017-07-21T17:32:28Z" customer: $ref: '#/definitions/Customer' required: - tmxSessionId - tmxEventType - dataCenterLocation - localTransactionDate - customer RetrieveTaxRiskScoreResponse: type: object properties: transactionId: description: Identifier retrieved from transmit generated in TMX type: string example: "4013060000" highRiskCode: description: Risk score from TMX transaction risk assessment type: string example: "10" operationName: description: 'Name of the operation made ' type: string example: Login decisionCode: description: Refers to how the operation should proceed 1-allow, 2-review, 3-deny type: string example: "1" required: - transactionId - highRiskCode - operationName - decisionCode RetrieveCreditRiskScoreRequest: type: object properties: dataCenterLocation: description: It is an identifier of the place where the User was created. type: string example: "10" tmxSessionId: description: This is a session identifier generated when device profiling was initiated type: string maxLength: 128 example: "12345678" tmxEventType: description: Type of the event performed type: string example: PAYMENT legacySessionId: description: The inputted Web Session ID that represents a session for a user in a customers type: string example: 2da237808d724441a94797dad7c30d00 payeeType: description: 'Beneficiary Type: It can be a specific number for each type' type: string example: "1521" localTransactionDate: description: Local time when the transaction takes place at the acceptor location.This is also printed on the credit card receipt. type: string format: date-time example: "2017-07-21T17:32:28Z" customer: $ref: '#/definitions/Customer' required: - tmxSessionId - tmxEventType - dataCenterLocation - localTransactionDate - customer RetrieveCreditRiskScoreResponse: type: object properties: transactionId: description: Identifier retrieved from transmit generated in TMX type: string example: "4013060000" highRiskCode: description: Risk score from TMX transaction risk assessment type: string example: "10" operationName: description: 'Name of the operation made ' type: string example: Login decisionCode: description: Refers to how the operation should proceed 1-allow, 2-review, 3-deny type: string example: "1" required: - transactionId - highRiskCode - operationName - decisionCode RetrieveOrderRiskScoreRequest: type: object properties: dataCenterLocation: description: It is an identifier of the place where the User was created. type: string example: "10" tmxSessionId: description: This is a session identifier generated when device profiling was initiated type: string maxLength: 128 example: "12345678" tmxEventType: description: Type of the event performed type: string example: PAYMENT legacySessionId: description: The inputted Web Session ID that represents a session for a user in a customers type: string example: 2da237808d724441a94797dad7c30d00 payeeType: description: 'Beneficiary Type: It can be a specific number for each type' type: string example: "1521" localTransactionDate: description: Local time when the transaction takes place at the acceptor location.This is also printed on the credit card receipt. type: string format: date-time example: "2017-07-21T17:32:28Z" customer: $ref: '#/definitions/Customer' required: - tmxSessionId - tmxEventType - dataCenterLocation - localTransactionDate - customer RetrieveOrderRiskScoreResponse: type: object properties: transactionId: description: Identifier retrieved from transmit generated in TMX type: string example: "4013060000" highRiskCode: description: Risk score from TMX transaction risk assessment type: string example: "10" operationName: description: 'Name of the operation made ' type: string example: Login decisionCode: description: Refers to how the operation should proceed 1-allow, 2-review, 3-deny type: string example: "1" required: - transactionId - highRiskCode - operationName - decisionCode Customer: type: object properties: customerType: description: Type of customer type: string example: Individual customerId: description: This is a unique customer identifier type: string example: "123456" device: $ref: '#/definitions/Device' transaction: $ref: '#/definitions/Transaction' required: - customerType - customerId - transaction SourceAccount: type: object properties: accountNumber: description: This is the source account type: string example: "12345678901" product: $ref: '#/definitions/Product' Transaction: type: object properties: localCurrencyTransactionAmount: description: Transaction amount set for the payment in MXN type: number format: double example: 20000.550000 recurringTransactionFlag: description: Flag to indicate if the transaction is frequently used type: boolean example: false futureDateSelectedFlag: description: Flag to indicate if the transaction will be applied in the future type: boolean example: true transactionReferenceId: description: Transaction alphanumeric Reference, it is introduced by the customer. type: string example: JOB PAYMENT02022021 foreignCurrencyTransactionAmount: description: Transaction amount set for the payment in USD type: number format: double example: 2000.500000 foreignExchangeRate: description: Exchange rate for the foreign currency transaction amount type: number format: double example: 19.380000 transactionId: description: Identifier of the transaction performed type: string example: "4013060000" branchId: description: Branch identifier of the destination account type: string example: "1234" maxLength: 4 merchantName: description: Common name of the merchant type: string example: TELMEX merchantId: description: A unique number assigned to a merchant to identify it type: string example: "332455" sourceAccount: $ref: '#/definitions/SourceAccount' destinationAccount: $ref: '#/definitions/DestinationAccount' required: - transactionId - localCurrencyTransactionAmount - sourceAccount - destinationAccount DestinationAccount: type: object properties: cardNumber: description: Beneficiary card number type: string example: "1234567812345678" accountNumber: description: Beneficiary account Number type: string example: "12345678901" payeeNickName: description: Beneficiary alias type: string example: Pago de Telefono businessSectorName: description: Economic sector of beneficiary account type: string example: Particulares payeeFullName: description: Full name of the payee type: string example: JUAN PEREZ taxId: description: Payee RFC type: string example: JOSN871010HL6 curp: description: Payee CURP type: string example: JOSN871010MMCXPX09 Product: type: object properties: productCode: description: Product Code type: string example: "113" productInstrument: description: Instrument type: string example: "4" Device: type: object properties: deviceApplicationType: description: The type of application used on the device for authentication. Sample application types are Mobile Thin IOS, Mobile Thick Android etc. type: string maxLength: 255 example: MOBILE_THICK_IOS ipAddress: description: Ip address of the device type: string maxLength: 15 example: 100.200.102.500 geoLatitude: description: Device location latitude type: string maxLength: 20 example: "23.634501" geoLongitude: description: Device location longitude type: string maxLength: 20 example: "-102.552788" ErrorResponse: properties: type: type: string description: Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again enum: - error - warn - invalid - fatal code: description: Error code which qualifies the error type: string details: description: Human readable explanation specific to the occurrence of the problem type: string location: description: The name of the field that resulted in the error type: string moreInfo: description: URI to human readable documentation of the error type: string uuid: description: 128 bit UUID that you generate for every request type: string timestamp: description: timestamp of the error type: string required: - type - code x-ibm-configuration: enforced: true testable: true phase: realized securityDefinitions: OAuth2 Application Flow: type: oauth2 description: "" flow: application scopes: /api/v1: "" tokenUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext/api/v1/oauth/token Client ID: type: apiKey description: "" in: header name: X-IBM-Client-Id security: - OAuth2 Application Flow: - /api/v1 Client ID: [] x-ibm-endpoints: - endpointUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext type: - production - development ...