--- swagger: "2.0" info: title: csmt-crd-v-opb-customer-best-phones description: This microservice is used to handle the customerĀ“s phone information version: 1.0.0 x-ibm-name: csmt-crd-v-opb-customer-best-phones host: 127.0.0.1 schemes: - https basePath: /api produces: - application/json paths: /v1/open-banking/customers/best-phones/retrieve: post: tags: - opb-retrieve-customer-best-phones operationId: opb-retrieve-customer-best-phones summary: LOB:Customers; Feature:Best Phones; Functionality:Consult description: This API is used to retrieve the 5 best phones for a specific Citi customer. consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: ChannelId in: header required: true type: string description: Channel where request originated - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: sid in: header required: true type: string description: SessionId sent by Consumer - name: retrieveCustomerBestPhonesRequest in: body schema: $ref: '#/definitions/RetrieveCustomerBestPhonesRequest' responses: 200: description: Successful operation. headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/RetrieveCustomerBestPhonesResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' 401: description: (UNAUTHORIZED) - Request was not processed
TypeCodeDetails
errorunAuthorizedUnauthorized access to this resource
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' 403: description: (FORBIDDEN) - Unauthorized to perform the requested operation on resource
TypeCodeDetailsMore Info
invalidaccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' definitions: RetrieveCustomerBestPhonesRequest: type: object properties: cardNumber: description: The customer card number. type: string pattern: \d{1,16} && ^(?!^[0]+$).*$ example: "1234000066168768" maxLength: 16 required: - cardNumber RetrieveCustomerBestPhonesResponse: type: object properties: phones: type: array items: $ref: '#/definitions/Phone' cvv2StatusFlag: description: Will return true when the dynamic CVV2 status exists and is active; otherwise it will return false when the dynamic cvv2 status has not been generated or has expired type: boolean example: true Phone: type: object properties: phoneNumber: description: Phone Number type: string example: "3323479817" maxLength: 10 ErrorResponse: properties: type: type: string description: Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again enum: - error - warn - invalid - fatal code: description: Error code which qualifies the error type: string details: description: Human readable explanation specific to the occurrence of the problem type: string location: description: The name of the field that resulted in the error type: string moreInfo: description: More Info can be used to pass any additional details type: string uuid: description: 128 bit UUID that you generate for every request type: string timestamp: description: Timestamp of the error type: string required: - type - code x-ibm-configuration: enforced: true testable: true phase: realized securityDefinitions: OAuth2 Application Flow: type: oauth2 description: "" flow: application scopes: /api/v1: "" tokenUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext/api/v1/oauth/token Client ID: type: apiKey description: "" in: header name: X-IBM-Client-Id security: - OAuth2 Application Flow: - /api/v1 Client ID: [] x-ibm-endpoints: - endpointUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext type: - production - development ...