--- swagger: "2.0" info: title: xlg-pat-v-opb-transmit-access-recovery description: This purpose of this Microservice is to perform the operations with transmit soft token in SSS to recover customer's access. This is an Orchestrator service. version: 1.1.0 x-ibm-name: xlg-pat-v-opb-transmit-access-recovery host: 127.0.0.1 schemes: - https basePath: /api produces: - application/json paths: /v1/open-banking/x-global/security/customers/electronic-banking/access/unlock: post: tags: - opb-transmit-unlock-customer-access operationId: opb-transmit-unlock-customer-access summary: LOB:Security; Feature:Unlock; Functionality:transmit-soft token description: This API is used to unlock a customer access to electronic banking using the transmit soft token through SSS consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: false type: string description: Client ID generated during application registration - name: Authorization in: header required: false type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: ChannelId in: header required: true type: string description: Channel where request originated - name: sid in: header required: false type: string description: SessionId sent by Consumer - name: unlockCustomerRequest in: body required: true schema: $ref: '#/definitions/UnlockCustomerRequest' responses: 204: description: Successful operation. headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
errorcannotDecryptData620-Cannot decrypt, please re-check the encrypted value
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
headers: Strict-Transport-Security: type: string description: HTTP Strict Transport Security (HSTS) is a web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking. X-XSS-Protection: type: string description: This header enables the Cross-site scripting (XSS) filter in your browser. X-Content-Type-Options: type: string description: Setting this header will prevent MSIE and Chrome from interpreting files as something else than declared by the content type in the HTTP headers. Content-Security-Policy: type: string description: CSP has significant impact on the way browser renders pages (e.g., inline JavaScript disabled by default and must be explicitly allowed in policy). CSP prevents a wide range of attacks, including Cross-site scripting and other cross-site injections schema: $ref: '#/definitions/ErrorResponse' definitions: UnlockCustomerRequest: type: object properties: jwtToken: type: string example: kkhljsdf87sdifskjfsdhkf8fsdf description: JWT to validate customer email. grantType: type: string example: "2" maxLength: 2 pattern: ^[0-9]{1,2}$ description: Id of the token, used for identifying the kind of functional Id also known as applicationId for calling the transmit JWT validator service
tokenIdDetails
1SMS-OTP functional Id
2binding functional Id
3New Online Transaction functional Id
4Avatar Transaction functional Id
5IVR Transaction functional ID
6AcciTrade Transaction functional ID
7Directo Transaction functional ID
customer: $ref: '#/definitions/Customer' required: - jwtToken - customer Customer: type: object properties: encryptedCustomerId: description: Unique identifier of the customer. This value must be encrypted with AES key shared previously using E2E-Encryption API's. type: string example: LHU52hAAkRgjsNf/ZWTDOhgpUMJsovFTTenIRyOu6y1hKqeoBzlzHbstxSdTN2cCDdGevF0IRlzaGiRuNQSftVu5dQVh8IBCx2hV8bAtMXE=.GmVNmN8A08OEl5uqAgI6I9iVmuADxnm103Cpj1+hxFk= legalRepresentativeId: description: Unique identifier for corporate legal Representative. Only for Corporate customers type: string pattern: ^[0-9]{1,2}$ example: "1" maxLength: 2 required: - encryptedCustomerId ErrorResponse: properties: type: type: string description: Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again enum: - error - warn - invalid - fatal code: description: Error code which qualifies the error type: string details: description: Human readable explanation specific to the occurrence of the problem type: string location: description: The name of the field that resulted in the error type: string moreInfo: description: More Info can be used to pass any additional details type: string uuid: description: 128 bit UUID that you generate for every request type: string timestamp: description: Timestamp of the error type: string required: - type - code x-ibm-configuration: enforced: true testable: true phase: realized securityDefinitions: Client ID: type: apiKey description: "" in: header name: X-IBM-Client-Id security: - Client ID: [] x-ibm-endpoints: - endpointUrl: https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext type: - production - development ...