---
swagger: "2.0"
info:
  title: CSMT-PDM-D-PScrn
  description: This microservice will manage the functionalities related to citi screening
    process management, (request screening for a person/company and retrieve the alert
    disposition for the screening process). For compliance payloads are encrypted,
    please refer to CSMT-PDM-D-PScrn_DEFINITIONS.json document for the structure of
    request and response objects used in this service
  version: 1.0.0
  x-ibm-name: csmt-pdm-d-pscrn
host: 127.0.0.1
schemes:
- https
basePath: /api
produces:
- application/json
paths:
  /v1/customers/parties/screening:
    post:
      tags:
      - party-screening
      operationId: party-screening
      summary: To initialize the request for citi screening process for the new customer
        or an existing customer.
      description: This api is used to initialize the request for citi screening process
        for the new customer or an existing customer.
      consumes:
      - application/json
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        required: true
        type: string
        description: Client ID generated during application registration
      - name: Authorization
        in: header
        required: true
        type: string
        description: The Authorization Token received during login
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: uuid
        in: header
        required: true
        type: string
        description: 128 bit UUID that you generate for every request
      - name: Accept-Language
        in: header
        required: false
        type: string
        description: List of acceptable human languages for response
      - name: Content-Type
        in: header
        required: true
        type: string
        description: Content-Types that are sent in the request
      - name: countryCode
        in: header
        required: true
        type: string
        description: Country code in 2 character ISO 3166 format
      - name: businessCode
        in: header
        required: true
        type: string
        description: Business code identified durin application registration
      - name: ChannelId
        in: header
        required: true
        type: string
        description: Channel where request originated
      - name: sid
        in: header
        required: true
        type: string
        description: SessionId sent by Consumer.
      - name: partyScreeningRequest
        in: body
        schema:
          $ref: '#/definitions/PartyScreeningRequest'
      responses:
        200:
          description: Successful operation.
          schema:
            $ref: '#/definitions/PartyScreeningResponse'
        400:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>invalidRequest</td><td>Missing
            or invalid Parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>unAuthorized</td><td>Authorization
            credentials are missing or invalid</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>accessNotConfigured</td><td>The request
            operation is not configured to access this resource</td><td>Channel/Country/Business
            provided in the request is not supported currently</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>resourceNotFound</td><td>The requested
            resource was not found</td><td>Empty resource/resource not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationFailed</td><td>Business
            validation error occured on one or more parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
  /v1/customers/parties/screening/alert:
    get:
      tags:
      - party-screening-matches
      operationId: party-screening-matches
      summary: To retrieve the list of citi screening blacklisted customers matching
        with the new customer
      description: This api is used to retrieve the list of citi screening blacklisted
        customers matching with the new customer
      consumes:
      - application/json
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        required: true
        type: string
        description: Client ID generated during application registration
      - name: Authorization
        in: header
        required: true
        type: string
        description: The Authorization Token received during login
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: uuid
        in: header
        required: true
        type: string
        description: 128 bit UUID that you generate for every request
      - name: Accept-Language
        in: header
        required: false
        type: string
        description: List of acceptable human languages for response
      - name: Content-Type
        in: header
        required: true
        type: string
        description: Content-Types that are sent in the request
      - name: countryCode
        in: header
        required: true
        type: string
        description: Country code in 2 character ISO 3166 format
      - name: businessCode
        in: header
        required: true
        type: string
        description: Business code identified durin application registration
      - name: ChannelId
        in: header
        required: true
        type: string
        description: Channel where request originated
      - name: sid
        in: header
        required: true
        type: string
        description: SessionId sent by Consumer.
      - name: encodedScreeningFolioId
        in: query
        description: query folio obtained from screning request encoded with URL encode.
          Example 'eP%2B8f%2Bd%2FmRtg%2BBC9%2FPyVZBc%3D.2ILYhCMV%2B4M%3D'
        required: true
        type: string
      responses:
        200:
          description: Successful operation.
          schema:
            $ref: '#/definitions/PartyScreeningMatchesResponse'
        400:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>invalidRequest</td><td>Missing
            or invalid Parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>unAuthorized</td><td>Authorization
            credentials are missing or invalid</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>accessNotConfigured</td><td>The request
            operation is not configured to access this resource</td><td>Channel/Country/Business
            provided in the request is not supported currently</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>resourceNotFound</td><td>The requested
            resource was not found</td><td>Empty resource/resource not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationFailed</td><td>Business
            validation error occured on one or more parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
  /v1/customers/parties/screening/alerts/disposition:
    get:
      tags:
      - party-alerts-disposition
      operationId: party-alerts-disposition
      summary: this api will retrieve the citi screening list information
      description: this api will retrieve the citi screening list information
      consumes:
      - application/json
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        required: true
        type: string
        description: Client ID generated during application registration
      - name: Authorization
        in: header
        required: true
        type: string
        description: The Authorization Token received during login
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: uuid
        in: header
        required: true
        type: string
        description: 128 bit UUID that you generate for every request
      - name: Accept-Language
        in: header
        required: false
        type: string
        description: List of acceptable human languages for response
      - name: Content-Type
        in: header
        required: true
        type: string
        description: Content-Types that are sent in the request
      - name: countryCode
        in: header
        required: true
        type: string
        description: Country code in 2 character ISO 3166 format
      - name: businessCode
        in: header
        required: true
        type: string
        description: Business code identified durin application registration
      - name: ChannelId
        in: header
        required: true
        type: string
        description: Channel where request originated
      - name: sid
        in: header
        required: true
        type: string
        description: Session is generated and returned on the first API call of the
          key exchange (GET e2e call) as response header, which needs to be resent
          on succesive calls of same session.
      - name: encodedScreeningFolioId
        in: query
        description: query folio obtained from screning request encoded with URL encode.
          Example 'eP%2B8f%2Bd%2FmRtg%2BBC9%2FPyVZBc%3D.2ILYhCMV%2B4M%3D'
        required: true
        type: string
      responses:
        200:
          description: Successful operation.
          schema:
            $ref: '#/definitions/PartyAlertsDispositionResponse'
        400:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>invalidRequest</td><td>Missing
            or invalid Parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>unAuthorized</td><td>Authorization
            credentials are missing or invalid</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>accessNotConfigured</td><td>The request
            operation is not configured to access this resource</td><td>Channel/Country/Business
            provided in the request is not supported currently</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>resourceNotFound</td><td>The requested
            resource was not found</td><td>Empty resource/resource not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
definitions:
  PartyScreeningRequest:
    type: object
    properties:
      encryptedPartyScreeningRequestData:
        description: encrypted field containing the PartyScreeningRequest
        type: string
        format: byte
        example: '%$YU(&$&%/%&8678&/g5667m67uv5gfhfgjhhg'
  PartyScreeningResponse:
    type: object
    properties:
      encryptedPartyScreeningResponseData:
        description: encrypted field containing the PartyScreeningResponse
        type: string
        format: byte
        example: '%$YU(&$&%/%&8678&/g5667m67uv5gfhfgjhhg'
  PartyScreeningMatchesResponse:
    type: object
    properties:
      encryptedPartyScreeningMatchesData:
        description: encrypted field containing the PartyScreeningMatchesResponse
        type: string
        format: byte
        example: '%$YU(&$&%/%&8678&/g5667m67uv5gfhfgjhhg'
  PartyAlertsDispositionResponse:
    type: object
    properties:
      encryptedPartyAlertsDispositionData:
        description: encrypted field containing the PartyAlertsDispositionResponse
        type: string
        format: byte
        example: '%$YU(&$&%/%&8678&/g5667m67uv5gfhfgjhhg'
  ErrorResponse:
    properties:
      type:
        type: string
        description: Invalid - Request did not confirm to the specification and was
          unprocessed and rejected. Please fix the value and try again
        enum:
        - error
        - warn
        - invalid
        - fatal
      code:
        description: Error code which qualifies the error
        type: string
      details:
        description: Human readable explanation specific to the occurrence of the
          problem
        type: string
      location:
        description: The name of the field that resulted in the error
        type: string
      moreInfo:
        description: URI to human readable documentation or detailed description of
          the error
        type: string
      uuid:
        description: 128 bit UUID that you generate for every request
        type: string
      timestamp:
        description: Timestamp of the error
        type: string
    required:
    - type
    - code
x-ibm-configuration:
  enforced: true
  testable: true
  phase: realized
securityDefinitions:
  OAuth2 Application Flow:
    type: oauth2
    description: ""
    flow: application
    scopes:
      /api/v1: ""
    tokenUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext/api/v1/oauth/token
  Client ID:
    type: apiKey
    description: ""
    in: header
    name: X-IBM-Client-Id
security:
- OAuth2 Application Flow:
  - /api/v1
  Client ID: []
x-ibm-endpoints:
- endpointUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext
  type:
  - production
  - development
...