-
Account Access
-
Account Access governs access to Bank Accounts by end Users. It is an intersecting entity between tMore...
- Create (DAuth) User with Account Access
- Grant User access to View
- Revoke User access to View
- Revoke/Grant User access to View
-
-
Customer
-
The legal entity that has the relationship to the bank. Customers are linked to Users via `User CusMore...
- Create User Customer Link
- Get Customers Minimal at Any Bank
- Get Customers Minimal at Bank
- Get Customers at Any Bank
- Get Customers at Bank
- Get Customers for Current User
- Get Customers for Current User (IDs only)
- Get My Customers
-
-
Role
- Add Entitlement for a User
- Create (DAuth) User with Roles
- Create Entitlement Request for current User
- Delete Entitlement
- Delete Entitlement Request
- Get Entitlement Requests for a User
- Get Entitlement Requests for the current User
- Get Entitlements and Permissions for a User
- Get Entitlements for One Bank
- Get Entitlements for User
- Get Entitlements for User at Bank
- Get Entitlements for the current User
- Get all Entitlement Requests
-
User
-
The entity that accesses the API with a login / authorisation token and has access to zero or moreMore...
- Answer User Auth Context Update Challenge
- Create My Personal User Attribute
- Create Non Personal User Attribute
- Create User
- Create User Auth Context
- Create User Auth Context Update Request
- Create password reset url
- Delete Non Personal User Attribute
- Delete User Auth Context
- Delete User's Auth Contexts
- Delete a User
- Get Logout Link
- Get My Personal User Attributes
- Get My Spaces
- Get Non Personal User Attributes
- Get User (Current)
- Get User Auth Contexts
- Get User Id (Current)
- Get User Lock Status
- Get User by USERNAME
- Get User by USER_ID
- Get User with Attributes by USER_ID
- Get Users by Email Address
- Get all Users
- Lock the user
- Refresh User
- Unlock the user
- Update My Personal User Attribute
-
-
Account Access
- Create (DAuth) User with Account Access
- Grant User access to View
- Revoke User access to View
- Revoke/Grant User access to View
-
Customer
- Create User Customer Link
- Get Customers Minimal at Any Bank
- Get Customers Minimal at Bank
- Get Customers at Any Bank
- Get Customers at Bank
- Get Customers for Current User
- Get Customers for Current User (IDs only)
- Get My Customers
-
Role
- Add Entitlement for a User
- Create (DAuth) User with Roles
- Create Entitlement Request for current User
- Delete Entitlement
- Delete Entitlement Request
- Get Entitlement Requests for a User
- Get Entitlement Requests for the current User
- Get Entitlements and Permissions for a User
- Get Entitlements for One Bank
- Get Entitlements for User
- Get Entitlements for User at Bank
- Get Entitlements for the current User
- Get all Entitlement Requests
-
User
- Answer User Auth Context Update Challenge
- Create My Personal User Attribute
- Create Non Personal User Attribute
- Create User
- Create User Auth Context
- Create User Auth Context Update Request
- Create password reset url
- Delete Non Personal User Attribute
- Delete User Auth Context
- Delete User's Auth Contexts
- Delete a User
- Get Logout Link
- Get My Personal User Attributes
- Get My Spaces
- Get Non Personal User Attributes
- Get User (Current)
- Get User Auth Contexts
- Get User Id (Current)
- Get User Lock Status
- Get User by USERNAME
- Get User by USER_ID
- Get User with Attributes by USER_ID
- Get Users by Email Address
- Get all Users
- Lock the user
- Refresh User
- Unlock the user
- Update My Personal User Attribute
-
View Custom
v5.1.0 filtered by tag: User (55 APIs)
Create (DAuth) User with Account Access
This endpoint is used as part of the DAuth solution to grant access to account and transaction data to a smart contract on the blockchain.
Put the smart contract address in username
For provider use "dauth"
This endpoint will create the (DAuth) User with username and provider if the User does not already exist.
Authentication is Mandatory and the logged in user needs to be account holder.
For information about DAuth see below:
DAuth
DAuth Introduction, Setup and Usage
DAuth is an experimental authentication mechanism that aims to pin an ethereum or other blockchain Smart Contract to an OBP "User".
In the future, it might be possible to be more specific and pin specific actors (wallets) that are acting within the smart contract, but so far, one smart contract acts on behalf of one User.
Thus, if a smart contract "X" calls the OBP API using the DAuth header, OBP will get or create a user called X and the call will proceed in the context of that User "X".
DAuth is invoked by the REST client (caller) including a specific header (see step 3 below) in any OBP REST call.
When OBP receives the DAuth token, it creates or gets a User with a username based on the smart_contract_address and the provider based on the network_name. The combination of username and provider is unique in OBP.
If you are calling OBP-API via an API3 Airnode, the Airnode will take care of constructing the required header.
When OBP detects a DAuth header / token it first checks if the Consumer is allowed to make such a call. OBP will validate the Consumer ip address and signature etc.
Note: The DAuth flow does not require an explicit POST like Direct Login to create the token.
Permissions may be assigned to an OBP User at any time, via the UserAuthContext, Views, Entitlements to Roles or Consents.
Note: DAuth is NOT enabled on this instance!
Note: The DAuth client is responsible for creating a token which will be trusted by OBP absolutely!
To use DAuth:
1) Configure OBP API to accept DAuth.
Set up properties in your props file
# -- DAuth --------------------------------------
# Define secret used to validate JWT token
# jwt.public_key_rsa=path-to-the-pem-file
# Enable/Disable DAuth communication at all
# In case isn't defined default value is false
# allow_dauth=false
# Define comma separated list of allowed IP addresses
# dauth.host=127.0.0.1
# -------------------------------------- DAuth--
Please keep in mind that property jwt.public_key_rsa is used to validate JWT token to check it is not changed or corrupted during transport.
2) Create / have access to a JWT
The following videos are available:
* DAuth in local environment
HEADER:ALGORITHM & TOKEN TYPE
{
"alg": "RS256",
"typ": "JWT"
}
PAYLOAD:DATA
{
"smart_contract_address": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"network_name": "AIRNODE.TESTNET.ETHEREUM",
"msg_sender": "0xe12340927f1725E7734CE288F8367e1Bb143E90fhku767",
"consumer_key": "0x1234a4ec31e89cea54d1f125db7536e874ab4a96b4d4f6438668b6bb10a6adb",
"timestamp": "2021-11-04T14:13:40Z",
"request_id": "0Xe876987694328763492876348928736497869273649"
}
VERIFY SIGNATURE
RSASHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
) your-RSA-key-pair
Here is an example token:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k
3) Try a REST call using the header
Using your favorite http client:
GET https://obp-apisandbox.joinfincubator.com/obp/v3.0.0/users/current
Body
Leave Empty!
Headers:
DAuth: your-jwt-from-step-above
Here is it all together:
GET https://obp-apisandbox.joinfincubator.com/obp/v3.0.0/users/current HTTP/1.1
Host: localhost:8080
User-Agent: curl/7.47.0
Accept: /
DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k
CURL example
curl -v -H 'DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k' https://obp-apisandbox.joinfincubator.com/obp/v3.0.0/users/current
You should receive a response like:
{
"user_id": "4c4d3175-1e5c-4cfd-9b08-dcdc209d8221",
"email": "",
"provider_id": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"provider": "ETHEREUM",
"username": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"entitlements": {
"list": []
}
}
Under the hood
The file, dauth.scala handles the DAuth,
We:
-> Check if Props allow_dauth is true
-> Check if DAuth header exists
-> Check if getRemoteIpAddress is OK
-> Look for "token"
-> parse the JWT token and getOrCreate the user
-> get the data of the user
More information
Parameter names and values are case sensitive.
Each parameter MUST NOT appear more than once per request.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON request body fields:
is_system: true
provider: ETHEREUM
username: felixsmith
view_id: owner
JSON response body fields:
can_add_counterparty: true
can_add_image_url: true
can_add_more_info: true
can_add_tag: true
can_add_transaction_request_to_any_account:
can_add_transaction_request_to_own_account:
can_create_direct_debit: true
can_delete_corporate_location: true
can_delete_image: true
can_delete_where_tag: true
can_edit_owner_comment: true
can_query_available_funds: true
can_see_bank_account_bank_name: true
can_see_bank_account_credit_limit: true
can_see_bank_account_currency:
can_see_bank_account_label: true
can_see_bank_account_national_identifier:
can_see_bank_account_number: true
can_see_bank_account_owners: true
can_see_bank_account_routing_address:
can_see_bank_account_routing_scheme:
can_see_bank_account_swift_bic:
can_see_bank_routing_address: true
can_see_corporate_location: true
can_see_image_url: true
can_see_images: true
can_see_other_account_bank_name:
can_see_other_account_metadata:
can_see_other_account_national_identifier: true
can_see_other_account_number: true
can_see_other_account_routing_address: true
can_see_other_account_routing_scheme:
can_see_other_account_swift_bic: true
can_see_other_bank_routing_address:
can_see_other_bank_routing_scheme:
can_see_transaction_amount: true
can_see_transaction_description: true
can_see_transaction_finish_date:
can_see_transaction_other_bank_account:
can_see_transaction_start_date:
can_see_transaction_this_bank_account:
can_see_url: true
can_see_where_tag: true
description: This an optional field. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
is_public: true
is_system: true
[{
"id":"1234",
"short_name":"short_name",
"description":"description",
"metadata_view":"owner",
"is_public":true,
"is_system":true,
"alias":"No",
"hide_metadata_if_alias_used":true,
"can_add_comment":true,
"can_add_corporate_location":true,
"can_add_image":true,
"can_add_image_url":true,
"can_add_more_info":true,
"can_add_open_corporates_url":true,
"can_add_physical_location":true,
"can_add_private_alias":true,
"can_add_public_alias":true,
"can_add_tag":true,
"can_add_url":true,
"can_add_where_tag":true,
"can_delete_comment":true,
"can_add_counterparty":true,
"can_delete_corporate_location":true,
"can_delete_image":true,
"can_delete_physical_location":true,
"can_delete_tag":true,
"can_delete_where_tag":true,
"can_edit_owner_comment":true,
"can_see_bank_account_balance":true,
"can_query_available_funds":true,
"can_see_bank_account_bank_name":true,
"can_see_bank_account_currency":true,
"can_see_bank_account_iban":true,
"can_see_bank_account_label":true,
"can_see_bank_account_national_identifier":true,
"can_see_bank_account_number":true,
"can_see_bank_account_owners":true,
"can_see_bank_account_swift_bic":true,
"can_see_bank_account_type":true,
"can_see_comments":true,
"can_see_corporate_location":true,
"can_see_image_url":true,
"can_see_images":true,
"can_see_more_info":true,
"can_see_open_corporates_url":true,
"can_see_other_account_bank_name":true,
"can_see_other_account_iban":true,
"can_see_other_account_kind":true,
"can_see_other_account_metadata":true,
"can_see_other_account_national_identifier":true,
"can_see_other_account_number":true,
"can_see_other_account_swift_bic":true,
"can_see_owner_comment":true,
"can_see_physical_location":true,
"can_see_private_alias":true,
"can_see_public_alias":true,
"can_see_tags":true,
"can_see_transaction_amount":true,
"can_see_transaction_balance":true,
"can_see_transaction_currency":true,
"can_see_transaction_description":true,
"can_see_transaction_finish_date":true,
"can_see_transaction_metadata":true,
"can_see_transaction_other_bank_account":true,
"can_see_transaction_start_date":true,
"can_see_transaction_this_bank_account":true,
"can_see_transaction_type":true,
"can_see_url":true,
"can_see_where_tag":true,
"can_see_bank_routing_scheme":true,
"can_see_bank_routing_address":true,
"can_see_bank_account_routing_scheme":true,
"can_see_bank_account_routing_address":true,
"can_see_other_bank_routing_scheme":true,
"can_see_other_bank_routing_address":true,
"can_see_other_account_routing_scheme":true,
"can_see_other_account_routing_address":true,
"can_add_transaction_request_to_own_account":true,
"can_add_transaction_request_to_any_account":true,
"can_see_bank_account_credit_limit":true,
"can_create_direct_debit":true,
"can_create_standing_order":true
}]
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20047: The current user does not have access to a view which lists the target account in cangrantaccesstoviews_ permissions
- OBP-10001: Incorrect json format.
- OBP-30252: System view not found. Please specify a valid value for VIEW_ID
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-30063: Cannot grant account access.
- OBP-50000: Unknown Error.
Grant User access to View
Grants the User identified by USER_ID access to the view identified by VIEW_ID.
Authentication is Mandatory and the user needs to be account holder.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON request body fields:
is_system: true
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
view:
view_id: owner
JSON response body fields:
can_add_counterparty: true
can_add_image_url: true
can_add_more_info: true
can_add_tag: true
can_add_transaction_request_to_any_account:
can_add_transaction_request_to_own_account:
can_create_direct_debit: true
can_delete_corporate_location: true
can_delete_image: true
can_delete_where_tag: true
can_edit_owner_comment: true
can_query_available_funds: true
can_see_bank_account_bank_name: true
can_see_bank_account_credit_limit: true
can_see_bank_account_currency:
can_see_bank_account_label: true
can_see_bank_account_national_identifier:
can_see_bank_account_number: true
can_see_bank_account_owners: true
can_see_bank_account_routing_address:
can_see_bank_account_routing_scheme:
can_see_bank_account_swift_bic:
can_see_bank_routing_address: true
can_see_corporate_location: true
can_see_image_url: true
can_see_images: true
can_see_other_account_bank_name:
can_see_other_account_metadata:
can_see_other_account_national_identifier: true
can_see_other_account_number: true
can_see_other_account_routing_address: true
can_see_other_account_routing_scheme:
can_see_other_account_swift_bic: true
can_see_other_bank_routing_address:
can_see_other_bank_routing_scheme:
can_see_transaction_amount: true
can_see_transaction_description: true
can_see_transaction_finish_date:
can_see_transaction_other_bank_account:
can_see_transaction_start_date:
can_see_transaction_this_bank_account:
can_see_url: true
can_see_where_tag: true
description: This an optional field. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
is_public: true
is_system: true
{
"id":"1234",
"short_name":"short_name",
"description":"description",
"metadata_view":"owner",
"is_public":true,
"is_system":true,
"alias":"No",
"hide_metadata_if_alias_used":true,
"can_add_comment":true,
"can_add_corporate_location":true,
"can_add_image":true,
"can_add_image_url":true,
"can_add_more_info":true,
"can_add_open_corporates_url":true,
"can_add_physical_location":true,
"can_add_private_alias":true,
"can_add_public_alias":true,
"can_add_tag":true,
"can_add_url":true,
"can_add_where_tag":true,
"can_delete_comment":true,
"can_add_counterparty":true,
"can_delete_corporate_location":true,
"can_delete_image":true,
"can_delete_physical_location":true,
"can_delete_tag":true,
"can_delete_where_tag":true,
"can_edit_owner_comment":true,
"can_see_bank_account_balance":true,
"can_query_available_funds":true,
"can_see_bank_account_bank_name":true,
"can_see_bank_account_currency":true,
"can_see_bank_account_iban":true,
"can_see_bank_account_label":true,
"can_see_bank_account_national_identifier":true,
"can_see_bank_account_number":true,
"can_see_bank_account_owners":true,
"can_see_bank_account_swift_bic":true,
"can_see_bank_account_type":true,
"can_see_comments":true,
"can_see_corporate_location":true,
"can_see_image_url":true,
"can_see_images":true,
"can_see_more_info":true,
"can_see_open_corporates_url":true,
"can_see_other_account_bank_name":true,
"can_see_other_account_iban":true,
"can_see_other_account_kind":true,
"can_see_other_account_metadata":true,
"can_see_other_account_national_identifier":true,
"can_see_other_account_number":true,
"can_see_other_account_swift_bic":true,
"can_see_owner_comment":true,
"can_see_physical_location":true,
"can_see_private_alias":true,
"can_see_public_alias":true,
"can_see_tags":true,
"can_see_transaction_amount":true,
"can_see_transaction_balance":true,
"can_see_transaction_currency":true,
"can_see_transaction_description":true,
"can_see_transaction_finish_date":true,
"can_see_transaction_metadata":true,
"can_see_transaction_other_bank_account":true,
"can_see_transaction_start_date":true,
"can_see_transaction_this_bank_account":true,
"can_see_transaction_type":true,
"can_see_url":true,
"can_see_where_tag":true,
"can_see_bank_routing_scheme":true,
"can_see_bank_routing_address":true,
"can_see_bank_account_routing_scheme":true,
"can_see_bank_account_routing_address":true,
"can_see_other_bank_routing_scheme":true,
"can_see_other_bank_routing_address":true,
"can_see_other_account_routing_scheme":true,
"can_see_other_account_routing_address":true,
"can_add_transaction_request_to_own_account":true,
"can_add_transaction_request_to_any_account":true,
"can_see_bank_account_credit_limit":true,
"can_create_direct_debit":true,
"can_create_standing_order":true
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20047: The current user does not have access to a view which lists the target account in cangrantaccesstoviews_ permissions
- OBP-10001: Incorrect json format.
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-30252: System view not found. Please specify a valid value for VIEW_ID
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-30063: Cannot grant account access.
- OBP-50000: Unknown Error.
Revoke User access to View
Revoke the User identified by USER_ID access to the view identified by VIEW_ID.
Authentication is Mandatory and the user needs to be account holder.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON request body fields:
is_system: true
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
view:
view_id: owner
JSON response body fields:
{
"revoked":true
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20047: The current user does not have access to a view which lists the target account in cangrantaccesstoviews_ permissions
- OBP-10001: Incorrect json format.
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-30252: System view not found. Please specify a valid value for VIEW_ID
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-30064: Cannot revoke account access.
- OBP-30065: Cannot find account access.
- OBP-50000: Unknown Error.
Revoke/Grant User access to View
Revoke/Grant the logged in User access to the views identified by json.
Authentication is Mandatory and the user needs to be an account holder or has owner view access.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON response body fields:
{
"revoked":true
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20047: The current user does not have access to a view which lists the target account in cangrantaccesstoviews_ permissions
- OBP-10001: Incorrect json format.
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-30252: System view not found. Please specify a valid value for VIEW_ID
- OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
- OBP-30064: Cannot revoke account access.
- OBP-30065: Cannot find account access.
- OBP-50000: Unknown Error.
Create User Customer Link
Link a User to a Customer
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
is_active: true
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
{
"user_customer_link_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"date_inserted":"1100-01-01T00:00:00Z",
"is_active":true
}
-
CanCreateUserCustomerLinkAtAnyBank
- Please login to request this Role
-
CanCreateUserCustomerLink
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30111: Invalid Bank Id. The BANK_ID should only contain 0-9/a-z/A-Z/'-'/'.'/'_', the length should be smaller than 255.
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-30046: Customer not found. Please specify a valid value for CUSTOMER_ID.
- OBP-20006: User is missing one or more roles:
- OBP-30007: The User is already linked to a Customer at the bank specified by BANK_ID
- OBP-30025: Could not create user_customer_links
- OBP-50000: Unknown Error.
Get Customers Minimal at Any Bank
Get Customers Minimal at Any Bank.
Authentication is Mandatory
JSON response body fields:
bank_id: gh.29.uk
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}]
}
-
CanGetCustomersMinimalAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Customers Minimal at Bank
Get Customers Minimal at Bank.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
bank_id: gh.29.uk
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}]
}
-
CanGetCustomersMinimal
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
Get Customers at Any Bank
Get Customers at Any Bank.
Authentication is Mandatory
JSON response body fields:
amount: 10.12
bank_id: gh.29.uk
branch_id: DERBY6
currency: EUR
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_number: 5987953
date: 2020-01-27
date_of_birth: 2018-03-09
dependants: 1
dob_of_dependants: [2019-09-08, 2017-07-12]
employment_status: worker
highest_education_attained: Master
kyc_status: true
last_ok_date: 2023-03-13T11:39:33.076Z
legal_name: Eveline Tripman
mobile_phone_number: +49 30 901820
name_suffix: Sr
relationship_status: single
title: Dr.
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"customer_number":"5987953",
"legal_name":"Eveline Tripman",
"mobile_phone_number":"+44 07972 444 876",
"email":"felixsmith@example.com",
"face_image":{
"url":"www.openbankproject",
"date":"1100-01-01T00:00:00Z"
},
"date_of_birth":"19900101",
"relationship_status":"single",
"dependants":1,
"dob_of_dependants":["19900101"],
"credit_rating":{
"rating":"OBP",
"source":"OBP"
},
"credit_limit":{
"currency":"EUR",
"amount":"0"
},
"highest_education_attained":"Master",
"employment_status":"worker",
"kyc_status":true,
"last_ok_date":"2023-03-13T11:39:33Z",
"title":"Dr.",
"branch_id":"DERBY6",
"name_suffix":"Sr"
}]
}
-
CanGetCustomersAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Customers at Bank
Get Customers at Bank.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON response body fields:
amount: 10.12
bank_id: gh.29.uk
branch_id: DERBY6
currency: EUR
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_number: 5987953
date: 2020-01-27
date_of_birth: 2018-03-09
dependants: 1
dob_of_dependants: [2019-09-08, 2017-07-12]
employment_status: worker
highest_education_attained: Master
kyc_status: true
last_ok_date: 2023-03-13T11:39:33.076Z
legal_name: Eveline Tripman
mobile_phone_number: +49 30 901820
name_suffix: Sr
relationship_status: single
title: Dr.
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"customer_number":"5987953",
"legal_name":"Eveline Tripman",
"mobile_phone_number":"+44 07972 444 876",
"email":"felixsmith@example.com",
"face_image":{
"url":"www.openbankproject",
"date":"1100-01-01T00:00:00Z"
},
"date_of_birth":"19900101",
"relationship_status":"single",
"dependants":1,
"dob_of_dependants":["19900101"],
"credit_rating":{
"rating":"OBP",
"source":"OBP"
},
"credit_limit":{
"currency":"EUR",
"amount":"0"
},
"highest_education_attained":"Master",
"employment_status":"worker",
"kyc_status":true,
"last_ok_date":"2023-03-13T11:39:33Z",
"title":"Dr.",
"branch_id":"DERBY6",
"name_suffix":"Sr"
}]
}
-
CanGetCustomers
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Customers for Current User
Gets all Customers that are linked to a User.
Authentication is Mandatory
JSON response body fields:
amount: 10.12
bank_id: gh.29.uk
branch_id: DERBY6
currency: EUR
customer_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_number: 5987953
date: 2020-01-27
date_of_birth: 2018-03-09
dependants: 1
dob_of_dependants: [2019-09-08, 2017-07-12]
employment_status: worker
highest_education_attained: Master
kyc_status: true
last_ok_date: 2023-03-13T11:39:33.076Z
legal_name: Eveline Tripman
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
name_suffix: Sr
relationship_status: single
title: Dr.
type:
url: http://www.example.com/id-docs/123/image.png
value: 5987953
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"customer_number":"5987953",
"legal_name":"Eveline Tripman",
"mobile_phone_number":"+44 07972 444 876",
"email":"felixsmith@example.com",
"face_image":{
"url":"www.openbankproject",
"date":"1100-01-01T00:00:00Z"
},
"date_of_birth":"19900101",
"relationship_status":"single",
"dependants":1,
"dob_of_dependants":["19900101"],
"credit_rating":{
"rating":"OBP",
"source":"OBP"
},
"credit_limit":{
"currency":"EUR",
"amount":"0"
},
"highest_education_attained":"Master",
"employment_status":"worker",
"kyc_status":true,
"last_ok_date":"2023-03-13T11:39:33Z",
"title":"Dr.",
"branch_id":"DERBY6",
"name_suffix":"Sr",
"customer_attributes":[{
"customer_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"SPECIAL_TAX_NUMBER",
"type":"STRING",
"value":"123456789"
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
Get Customers for Current User (IDs only)
Gets all Customers Ids that are linked to a User.
Authentication is Mandatory
JSON response body fields:
amount: 10.12
bank_id: gh.29.uk
branch_id: DERBY6
currency: EUR
customer_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_number: 5987953
date: 2020-01-27
date_of_birth: 2018-03-09
dependants: 1
dob_of_dependants: [2019-09-08, 2017-07-12]
employment_status: worker
highest_education_attained: Master
kyc_status: true
last_ok_date: 2023-03-13T11:39:33.076Z
legal_name: Eveline Tripman
mobile_phone_number: +49 30 901820
name: ACCOUNT_MANAGEMENT_FEE
name_suffix: Sr
relationship_status: single
title: Dr.
type:
url: http://www.example.com/id-docs/123/image.png
value: 5987953
{
"customers":[{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"customer_number":"5987953",
"legal_name":"Eveline Tripman",
"mobile_phone_number":"+44 07972 444 876",
"email":"felixsmith@example.com",
"face_image":{
"url":"www.openbankproject",
"date":"1100-01-01T00:00:00Z"
},
"date_of_birth":"19900101",
"relationship_status":"single",
"dependants":1,
"dob_of_dependants":["19900101"],
"credit_rating":{
"rating":"OBP",
"source":"OBP"
},
"credit_limit":{
"currency":"EUR",
"amount":"0"
},
"highest_education_attained":"Master",
"employment_status":"worker",
"kyc_status":true,
"last_ok_date":"2023-03-13T11:39:33Z",
"title":"Dr.",
"branch_id":"DERBY6",
"name_suffix":"Sr",
"customer_attributes":[{
"customer_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"SPECIAL_TAX_NUMBER",
"type":"STRING",
"value":"123456789"
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
Get My Customers
Gets all Customers that are linked to me.
Authentication via OAuth is required.
Authentication is Mandatory
JSON response body fields:
amount: 10.12
bank_id: gh.29.uk
currency: EUR
customer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
customer_number: 5987953
date: 2020-01-27
date_of_birth: 2018-03-09
dependants: 1
dob_of_dependants: [2019-09-08, 2017-07-12]
employment_status: worker
highest_education_attained: Master
kyc_status: true
last_ok_date: 2023-03-13T11:39:33.076Z
legal_name: Eveline Tripman
mobile_phone_number: +49 30 901820
relationship_status: single
{
"bank_id":"gh.29.uk",
"customer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"customer_number":"5987953",
"legal_name":"Eveline Tripman",
"mobile_phone_number":"+44 07972 444 876",
"email":"felixsmith@example.com",
"face_image":{
"url":"www.openbankproject",
"date":"1100-01-01T00:00:00Z"
},
"date_of_birth":"1100-01-01T00:00:00Z",
"relationship_status":"single",
"dependants":1,
"dob_of_dependants":["1100-01-01T00:00:00Z"],
"credit_rating":{
"rating":"OBP",
"source":"OBP"
},
"credit_limit":{
"currency":"EUR",
"amount":"0"
},
"highest_education_attained":"Master",
"employment_status":"worker",
"kyc_status":true,
"last_ok_date":"2023-03-13T11:39:33Z"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30008: User Customer Link not found by USER_ID
- OBP-50000: Unknown Error.
Add Entitlement for a User
Create Entitlement. Grant Role to User.
Entitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)
For a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
For a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
Authentication is required and the user needs to be a Super Admin. Super Admins are listed in the Props file.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON request body fields:
bank_id: gh.29.uk
JSON response body fields:
bank_id: gh.29.uk
{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}
-
CanCreateEntitlementAtOneBank
- Please login to request this Role
-
CanCreateEntitlementAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-20050: Current User is not a Super Admin!
- OBP-10001: Incorrect json format.
- OBP-10007: Incorrect Role name:
- OBP-30205: This entitlement is a Bank Role. Please set bank_id to a valid bank id.
- OBP-30206: This entitlement is a System Role. Please set bank_id to empty string.
- OBP-30216: Entitlement already exists for the user.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Create (DAuth) User with Roles
This endpoint is used as part of the DAuth solution to grant Entitlements for Roles to a smart contract on the blockchain.
Put the smart contract address in username
For provider use "dauth"
This endpoint will create the User with username and provider if the User does not already exist.
Then it will create Entitlements i.e. grant Roles to the User.
Entitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)
i.e. Entitlements are used to create / consume system or bank level resources where as views / account access are used to consume / create customer level resources.
For a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
For a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
Note: The Roles actually granted will depend on the Roles that the calling user has.
If you try to grant Entitlements to a user that already exist (duplicate entitilements) you will get an error.
For information about DAuth see below:
DAuth
DAuth Introduction, Setup and Usage
DAuth is an experimental authentication mechanism that aims to pin an ethereum or other blockchain Smart Contract to an OBP "User".
In the future, it might be possible to be more specific and pin specific actors (wallets) that are acting within the smart contract, but so far, one smart contract acts on behalf of one User.
Thus, if a smart contract "X" calls the OBP API using the DAuth header, OBP will get or create a user called X and the call will proceed in the context of that User "X".
DAuth is invoked by the REST client (caller) including a specific header (see step 3 below) in any OBP REST call.
When OBP receives the DAuth token, it creates or gets a User with a username based on the smart_contract_address and the provider based on the network_name. The combination of username and provider is unique in OBP.
If you are calling OBP-API via an API3 Airnode, the Airnode will take care of constructing the required header.
When OBP detects a DAuth header / token it first checks if the Consumer is allowed to make such a call. OBP will validate the Consumer ip address and signature etc.
Note: The DAuth flow does not require an explicit POST like Direct Login to create the token.
Permissions may be assigned to an OBP User at any time, via the UserAuthContext, Views, Entitlements to Roles or Consents.
Note: DAuth is NOT enabled on this instance!
Note: The DAuth client is responsible for creating a token which will be trusted by OBP absolutely!
To use DAuth:
1) Configure OBP API to accept DAuth.
Set up properties in your props file
# -- DAuth --------------------------------------
# Define secret used to validate JWT token
# jwt.public_key_rsa=path-to-the-pem-file
# Enable/Disable DAuth communication at all
# In case isn't defined default value is false
# allow_dauth=false
# Define comma separated list of allowed IP addresses
# dauth.host=127.0.0.1
# -------------------------------------- DAuth--
Please keep in mind that property jwt.public_key_rsa is used to validate JWT token to check it is not changed or corrupted during transport.
2) Create / have access to a JWT
The following videos are available:
* DAuth in local environment
HEADER:ALGORITHM & TOKEN TYPE
{
"alg": "RS256",
"typ": "JWT"
}
PAYLOAD:DATA
{
"smart_contract_address": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"network_name": "AIRNODE.TESTNET.ETHEREUM",
"msg_sender": "0xe12340927f1725E7734CE288F8367e1Bb143E90fhku767",
"consumer_key": "0x1234a4ec31e89cea54d1f125db7536e874ab4a96b4d4f6438668b6bb10a6adb",
"timestamp": "2021-11-04T14:13:40Z",
"request_id": "0Xe876987694328763492876348928736497869273649"
}
VERIFY SIGNATURE
RSASHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
) your-RSA-key-pair
Here is an example token:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k
3) Try a REST call using the header
Using your favorite http client:
GET https://obp-apisandbox.joinfincubator.com/obp/v3.0.0/users/current
Body
Leave Empty!
Headers:
DAuth: your-jwt-from-step-above
Here is it all together:
GET https://obp-apisandbox.joinfincubator.com/obp/v3.0.0/users/current HTTP/1.1
Host: localhost:8080
User-Agent: curl/7.47.0
Accept: /
DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k
CURL example
curl -v -H 'DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k' https://obp-apisandbox.joinfincubator.com/obp/v3.0.0/users/current
You should receive a response like:
{
"user_id": "4c4d3175-1e5c-4cfd-9b08-dcdc209d8221",
"email": "",
"provider_id": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"provider": "ETHEREUM",
"username": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
"entitlements": {
"list": []
}
}
Under the hood
The file, dauth.scala handles the DAuth,
We:
-> Check if Props allow_dauth is true
-> Check if DAuth header exists
-> Check if getRemoteIpAddress is OK
-> Look for "token"
-> parse the JWT token and getOrCreate the user
-> get the data of the user
More information
Parameter names and values are case sensitive.
Each parameter MUST NOT appear more than once per request.
Authentication is Mandatory
JSON request body fields:
bank_id: gh.29.uk
provider: ETHEREUM
roles: CanCreateMyUser
username: felixsmith
JSON response body fields:
bank_id: gh.29.uk
list:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
{
"list":[{
"entitlement_id":"",
"role_name":"",
"bank_id":"gh.29.uk",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-10007: Incorrect Role name:
- OBP-30205: This entitlement is a Bank Role. Please set bank_id to a valid bank id.
- OBP-30206: This entitlement is a System Role. Please set bank_id to empty string.
- OBP-30216: Entitlement already exists for the user.
- OBP-20103: Invalid DAuth User Provider.
- OBP-50000: Unknown Error.
Create Entitlement Request for current User
Create Entitlement Request.
Any logged in User can use this endpoint to request an Entitlement
Entitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)
For a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
For a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
Authentication is Mandatory
JSON request body fields:
bank_id: gh.29.uk
JSON response body fields:
bank_id: gh.29.uk
list:
provider: ETHEREUM
user:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
{
"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
},
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk",
"created":"1100-01-01T00:00:00Z"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-10001: Incorrect json format.
- OBP-10007: Incorrect Role name:
- OBP-30205: This entitlement is a Bank Role. Please set bank_id to a valid bank id.
- OBP-30206: This entitlement is a System Role. Please set bank_id to empty string.
- OBP-30214: Entitlement Request already exists for the user.
- OBP-30217: Entitlement Request cannot be added.
- OBP-50000: Unknown Error.
Delete Entitlement
Delete Entitlement specified by ENTITLEMENT_ID for an user specified by USER_ID
Authentication is required and the user needs to be a Super Admin.
Super Admins are listed in the Props file.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
{
"jsonString":"{}"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30212: EntitlementId not found
- OBP-50000: Unknown Error.
Delete Entitlement Request
Delete the Entitlement Request specified by ENTITLEMENT_REQUEST_ID for a user specified by USER_ID
Authentication is Mandatory
URL Parameters:
JSON response body fields:
-
CanDeleteEntitlementRequestsAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Entitlement Requests for a User
{
"entitlement_requests":[{
"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
},
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk",
"created":"1100-01-01T00:00:00Z"
}]
}
-
CanGetEntitlementRequestsAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Entitlement Requests for the current User
{
"entitlement_requests":[{
"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
},
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk",
"created":"1100-01-01T00:00:00Z"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Get Entitlements and Permissions for a User
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
}
}
-
CanGetEntitlementsForAnyUserAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20057: User not found by userId.
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Entitlements for One Bank
{
"list":[{
"entitlement_id":"",
"role_name":"",
"bank_id":"gh.29.uk",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"
}]
}
-
CanGetEntitlementsForOneBank
- Please login to request this Role
-
CanGetEntitlementsForAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Entitlements for User
{
"list":[{
"entitlement_id":"",
"role_name":"",
"bank_id":"gh.29.uk",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"
}]
}
-
CanGetEntitlementsForAnyUserAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Entitlements for User at Bank
{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
-
CanGetEntitlementsForAnyUserAtOneBank
- Please login to request this Role
-
CanGetEntitlementsForAnyUserAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Entitlements for the current User
{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Get all Entitlement Requests
{
"entitlement_requests":[{
"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
},
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk",
"created":"1100-01-01T00:00:00Z"
}]
}
-
CanGetEntitlementRequestsAtAnyBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Answer User Auth Context Update Challenge
Answer User Auth Context Update Challenge.
Authentication is Mandatory
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_update_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"status":"INITIATED",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Create My Personal User Attribute
Create My Personal User Attribute
The type
field must be one of "STRING", "INTEGER", "DOUBLE" or DATE_WITH_DAY"
Authentication is Mandatory
JSON request body fields:
name: ACCOUNT_MANAGEMENT_FEE
type:
value: 5987953
JSON response body fields:
insert_date: 2020-01-27
name: ACCOUNT_MANAGEMENT_FEE
type:
user_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
value: 5987953
{
"user_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"BATTERY_LEVEL",
"type":"STRING",
"value":"90",
"insert_date":"2024-03-13T11:39:33Z"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Create Non Personal User Attribute
Create Non Personal User Attribute
The type field must be one of "STRING", "INTEGER", "DOUBLE" or DATE_WITH_DAY"
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON request body fields:
name: ACCOUNT_MANAGEMENT_FEE
type:
value: 5987953
JSON response body fields:
insert_date: 2020-01-27
is_personal: is_personal
name: ACCOUNT_MANAGEMENT_FEE
type:
user_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
value: 5987953
{
"user_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"BATTERY_LEVEL",
"type":"STRING",
"value":"90",
"is_personal":false,
"insert_date":"2024-03-13T11:39:33Z"
}
-
CanCreateNonPersonalUserAttribute
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Create User
Creates OBP user.
No authorisation (currently) required.
Mimics current webform to Register.
Requires username(email) and password.
Returns 409 error if username not unique.
May require validation of email address.
Authentication is Mandatory
JSON request body fields:
first_name: Tom
last_name: Smith
password: password
username: felixsmith
JSON response body fields:
bank_id: gh.29.uk
list:
provider: ETHEREUM
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-30207: Invalid Password Format. Your password should EITHER be at least 10 characters long and contain mixed numbers and both upper and lower case letters and at least one special character, OR the length should be > 16 and <= 512.
- Error occurred during user creation.
- User with the same username already exists.
- OBP-50000: Unknown Error.
Create User Auth Context
Create User Auth Context. These key value pairs will be propagated over connector to adapter. Normally used for mapping OBP user and
Bank User/Customer.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON request body fields:
key: CustomerNumber
value: 5987953
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
time_stamp: 1100-01-01T01:01:01.000Z
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"time_stamp":"1100-01-01T00:00:00Z",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
-
CanCreateUserAuthContext
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-30053: Could not insert the UserAuthContext
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Create User Auth Context Update Request
Create User Auth Context Update Request.
Authentication is Mandatory
A One Time Password (OTP) (AKA security challenge) is sent Out of Band (OOB) to the User via the transport defined in SCA_METHOD
SCA_METHOD is typically "SMS" or "EMAIL". "EMAIL" is used for testing purposes.
URL Parameters:
BANK_ID: gh.29.uk
JSON request body fields:
key: CustomerNumber
value: 5987953
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_update_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"status":"INITIATED",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-10001: Incorrect json format.
- OBP-30053: Could not insert the UserAuthContext
- OBP-50000: Unknown Error.
Create password reset url
{
"reset_password_url":"https://apisandbox.openbankproject.com/user_mgt/reset_password/QOL1CPNJPCZ4BRMPX3Z01DPOX1HMGU3L"
}
-
CanCreateResetPasswordUrl
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Delete Non Personal User Attribute
Delete the Non Personal User Attribute specified by ENTITLEMENT_REQUEST_ID for a user specified by USER_ID
Authentication is Mandatory
URL Parameters:
USER_ATTRIBUTE_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanDeleteNonPersonalUserAttribute
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Delete User Auth Context
Delete a User AuthContext of the User specified by USER_AUTH_CONTEXT_ID.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanDeleteUserAuthContext
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Delete User's Auth Contexts
Delete the Auth Contexts of a User specified by USER_ID.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanDeleteUserAuthContext
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Delete a User
Delete a User.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanDeleteUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Logout Link
{
"link":"127.0.0.1:8080/user_mgt/logout"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get My Personal User Attributes
Get My Personal User Attributes.
Authentication is Mandatory
JSON response body fields:
insert_date: 2020-01-27
name: ACCOUNT_MANAGEMENT_FEE
type:
user_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
user_attributes: user_attributes
value: 5987953
{
"user_attributes":[{
"user_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"BATTERY_LEVEL",
"type":"STRING",
"value":"90",
"insert_date":"2024-03-13T11:39:33Z"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get My Spaces
{
"bank_ids":["gh.29.uk"]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get Non Personal User Attributes
Get Non Personal User Attribute for a user specified by USER_ID
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
-
CanGetNonPersonalUserAttributes
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50200: Connector cannot return the data we requested.
- OBP-50000: Unknown Error.
Get User (Current)
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
}
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get User Auth Contexts
Get User Auth Contexts for a User.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
key: CustomerNumber
time_stamp: 1100-01-01T01:01:01.000Z
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
value: 5987953
{
"user_auth_context_id":"613c83ea-80f9-4560-8404-b9cd4ec42a7f",
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"key":"CUSTOMER_NUMBER",
"value":"78987432",
"time_stamp":"1100-01-01T00:00:00Z",
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh"
}
-
CanGetUserAuthContext
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get User Id (Current)
Get the USER_ID of the logged in user
Authentication is Mandatory
JSON response body fields:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get User Lock Status
Get User Login Status.
Authentication is Mandatory
URL Parameters:
PROVIDER: ETHEREUM
USERNAME: felixsmith
JSON response body fields:
bad_attempts_since_last_success_or_reset:
last_failure_date: 2020-01-27
username: felixsmith
{
"username":"felixsmith",
"bad_attempts_since_last_success_or_reset":0,
"last_failure_date":"1100-01-01T01:01:01Z"
}
-
CanReadUserLockedStatus
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20027: User not found by provider and username.
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get User by USERNAME
Get user by PROVIDER and USERNAME
Authentication is Mandatory
CanGetAnyUser entitlement is required,
URL Parameters:
PROVIDER: ETHEREUM
USERNAME: felixsmith
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
is_deleted: is_deleted
is_locked: is_locked
list:
provider: ETHEREUM
text:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
view_id: owner
agreements: agreements
last_marketing_agreement_signed_date: last_marketing_agreement_signed_date
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
},
"agreements":[{
"type":"",
"text":""
}],
"is_deleted":false,
"last_marketing_agreement_signed_date":"1100-01-01T00:00:00Z",
"is_locked":false
}
-
CanGetAnyUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-20027: User not found by provider and username.
- OBP-50000: Unknown Error.
Get User by USER_ID
Get user by USER_ID
Authentication is Mandatory
CanGetAnyUser entitlement is required,
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
is_deleted: is_deleted
is_locked: is_locked
list:
provider: ETHEREUM
text:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
view_id: owner
agreements: agreements
last_marketing_agreement_signed_date: last_marketing_agreement_signed_date
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
},
"agreements":[{
"type":"",
"text":""
}],
"is_deleted":false,
"last_marketing_agreement_signed_date":"1100-01-01T00:00:00Z",
"is_locked":false
}
-
CanGetAnyUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-20005: User not found. Please specify a valid value for USER_ID.
- OBP-50000: Unknown Error.
Get User with Attributes by USER_ID
Get User Attributes for the user defined via USER_ID.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON response body fields:
insert_date: 2020-01-27
name: ACCOUNT_MANAGEMENT_FEE
provider: ETHEREUM
type:
user_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
user_attributes: user_attributes
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
value: 5987953
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"user_attributes":[{
"user_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"BATTERY_LEVEL",
"type":"STRING",
"value":"90",
"insert_date":"2024-03-13T11:39:33Z"
}]
}
-
CanGetUsersWithAttributes
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Get Users by Email Address
Get users by email address
Authentication is Mandatory
CanGetAnyUser entitlement is required,
URL Parameters:
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
is_deleted: is_deleted
is_locked: is_locked
list:
provider: ETHEREUM
text:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
users: user list
view_id: owner
agreements: agreements
last_marketing_agreement_signed_date: last_marketing_agreement_signed_date
{
"users":[{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
},
"agreements":[{
"type":"",
"text":""
}],
"is_deleted":false,
"last_marketing_agreement_signed_date":"1100-01-01T00:00:00Z",
"is_locked":false
}]
}
-
CanGetAnyUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-20007: User not found by email.
- OBP-50000: Unknown Error.
Get all Users
Get all users
Authentication is Mandatory
CanGetAnyUser entitlement is required,
Possible custom url parameters for pagination:
- limit=NUMBER ==> default value: 500
- offset=NUMBER ==> default value: 0
eg1:?limit=100&offset=0
- sort_direction=ASC/DESC ==> default value: DESC.
eg2:?limit=100&offset=0&sort_direction=ASC
- locked_status (if null ignore)
JSON response body fields:
account_id: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
bank_id: gh.29.uk
is_deleted: is_deleted
is_locked: is_locked
list:
provider: ETHEREUM
text:
type:
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
users: user list
view_id: owner
agreements: agreements
last_marketing_agreement_signed_date: last_marketing_agreement_signed_date
{
"users":[{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith",
"entitlements":{
"list":[{
"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723",
"role_name":"CanQueryOtherUser",
"bank_id":"gh.29.uk"
}]
},
"views":{
"list":[{
"bank_id":"gh.29.uk",
"account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",
"view_id":"owner"
}]
},
"agreements":[{
"type":"",
"text":""
}],
"is_deleted":false,
"last_marketing_agreement_signed_date":"1100-01-01T00:00:00Z",
"is_locked":false
}]
}
-
CanGetAnyUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Lock the user
Lock a User.
Authentication is Mandatory
URL Parameters:
PROVIDER: ETHEREUM
USERNAME: felixsmith
JSON request body fields:
JSON response body fields:
last_lock_date: 2020-01-27
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"type_of_lock":"lock_via_api",
"last_lock_date":"1100-01-01T01:01:01Z"
}
-
CanLockUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20027: User not found by provider and username.
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Refresh User
The endpoint is used for updating the accounts, views, account holders for the user.
As to the Json body, you can leave it as Empty.
This call will get data from backend, no need to prepare the json body in api side.
Authentication is Mandatory
URL Parameters:
USER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
JSON request body fields:
JSON response body fields:
duration_time: 60
{
"duration_time":"10 ms"
}
-
CanRefreshUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
- OBP-20001: User not logged in. Authentication is required!
Unlock the user
Unlock a User.
(Perhaps the user was locked due to multiple failed login attempts)
Authentication is Mandatory
URL Parameters:
PROVIDER: ETHEREUM
USERNAME: felixsmith
JSON response body fields:
bad_attempts_since_last_success_or_reset:
last_failure_date: 2020-01-27
username: felixsmith
{
"username":"felixsmith",
"bad_attempts_since_last_success_or_reset":0,
"last_failure_date":"1100-01-01T01:01:01Z"
}
-
CanUnlockUser
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20027: User not found by provider and username.
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Update My Personal User Attribute
Update My Personal User Attribute for current user by USER_ATTRIBUTE_ID
The type field must be one of "STRING", "INTEGER", "DOUBLE" or DATE_WITH_DAY"
Authentication is Mandatory
URL Parameters:
USER_ATTRIBUTE_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
insert_date: 2020-01-27
name: ACCOUNT_MANAGEMENT_FEE
type:
user_attribute_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
value: 5987953
{
"user_attribute_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"name":"BATTERY_LEVEL",
"type":"STRING",
"value":"90",
"insert_date":"2024-03-13T11:39:33Z"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Get Account access for User
Returns the list of the views at BANK_ID for account ACCOUNT_ID that a user identified by PROVIDER_ID at their provider PROVIDER has access to.
All url parameters must be %-encoded, which is often especially relevant for USER_ID and PROVIDER.
Authentication is Mandatory
The user needs to have access to the owner view.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
PROVIDER: ETHEREUM
JSON response body fields:
can_add_counterparty: true
can_add_image_url: true
can_add_more_info: true
can_add_tag: true
can_add_transaction_request_to_any_account:
can_add_transaction_request_to_own_account:
can_create_direct_debit: true
can_delete_corporate_location: true
can_delete_image: true
can_delete_where_tag: true
can_edit_owner_comment: true
can_query_available_funds: true
can_see_bank_account_bank_name: true
can_see_bank_account_credit_limit: true
can_see_bank_account_currency:
can_see_bank_account_label: true
can_see_bank_account_national_identifier:
can_see_bank_account_number: true
can_see_bank_account_owners: true
can_see_bank_account_routing_address:
can_see_bank_account_routing_scheme:
can_see_bank_account_swift_bic:
can_see_bank_routing_address: true
can_see_corporate_location: true
can_see_image_url: true
can_see_images: true
can_see_other_account_bank_name:
can_see_other_account_metadata:
can_see_other_account_national_identifier: true
can_see_other_account_number: true
can_see_other_account_routing_address: true
can_see_other_account_routing_scheme:
can_see_other_account_swift_bic: true
can_see_other_bank_routing_address:
can_see_other_bank_routing_scheme:
can_see_transaction_amount: true
can_see_transaction_description: true
can_see_transaction_finish_date:
can_see_transaction_other_bank_account:
can_see_transaction_start_date:
can_see_transaction_this_bank_account:
can_see_url: true
can_see_where_tag: true
description: This an optional field. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
is_public: true
is_system: true
{
"views":[{
"id":"1234",
"short_name":"short_name",
"description":"description",
"metadata_view":"owner",
"is_public":true,
"is_system":true,
"alias":"No",
"hide_metadata_if_alias_used":true,
"can_add_comment":true,
"can_add_corporate_location":true,
"can_add_image":true,
"can_add_image_url":true,
"can_add_more_info":true,
"can_add_open_corporates_url":true,
"can_add_physical_location":true,
"can_add_private_alias":true,
"can_add_public_alias":true,
"can_add_tag":true,
"can_add_url":true,
"can_add_where_tag":true,
"can_delete_comment":true,
"can_add_counterparty":true,
"can_delete_corporate_location":true,
"can_delete_image":true,
"can_delete_physical_location":true,
"can_delete_tag":true,
"can_delete_where_tag":true,
"can_edit_owner_comment":true,
"can_see_bank_account_balance":true,
"can_query_available_funds":true,
"can_see_bank_account_bank_name":true,
"can_see_bank_account_currency":true,
"can_see_bank_account_iban":true,
"can_see_bank_account_label":true,
"can_see_bank_account_national_identifier":true,
"can_see_bank_account_number":true,
"can_see_bank_account_owners":true,
"can_see_bank_account_swift_bic":true,
"can_see_bank_account_type":true,
"can_see_comments":true,
"can_see_corporate_location":true,
"can_see_image_url":true,
"can_see_images":true,
"can_see_more_info":true,
"can_see_open_corporates_url":true,
"can_see_other_account_bank_name":true,
"can_see_other_account_iban":true,
"can_see_other_account_kind":true,
"can_see_other_account_metadata":true,
"can_see_other_account_national_identifier":true,
"can_see_other_account_number":true,
"can_see_other_account_swift_bic":true,
"can_see_owner_comment":true,
"can_see_physical_location":true,
"can_see_private_alias":true,
"can_see_public_alias":true,
"can_see_tags":true,
"can_see_transaction_amount":true,
"can_see_transaction_balance":true,
"can_see_transaction_currency":true,
"can_see_transaction_description":true,
"can_see_transaction_finish_date":true,
"can_see_transaction_metadata":true,
"can_see_transaction_other_bank_account":true,
"can_see_transaction_start_date":true,
"can_see_transaction_this_bank_account":true,
"can_see_transaction_type":true,
"can_see_url":true,
"can_see_where_tag":true,
"can_see_bank_routing_scheme":true,
"can_see_bank_routing_address":true,
"can_see_bank_account_routing_scheme":true,
"can_see_bank_account_routing_address":true,
"can_see_other_bank_routing_scheme":true,
"can_see_other_bank_routing_address":true,
"can_see_other_account_routing_scheme":true,
"can_see_other_account_routing_address":true,
"can_add_transaction_request_to_own_account":true,
"can_add_transaction_request_to_any_account":true,
"can_see_bank_account_credit_limit":true,
"can_create_direct_debit":true,
"can_create_standing_order":true
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-50000: Unknown Error.
Get access
Returns the list of the permissions at BANK_ID for account ACCOUNT_ID, with each time a pair composed of the user and the views that he has access to.
Authentication is Mandatory
and the user needs to have access to the owner view.
URL Parameters:
ACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
BANK_ID: gh.29.uk
JSON response body fields:
can_add_image_url: true
can_add_more_info: true
can_add_tag: true
can_delete_corporate_location: true
can_delete_image: true
can_delete_where_tag: true
can_edit_owner_comment: true
can_see_bank_account_bank_name: true
can_see_bank_account_currency:
can_see_bank_account_label: true
can_see_bank_account_national_identifier:
can_see_bank_account_number: true
can_see_bank_account_owners: true
can_see_bank_account_swift_bic:
can_see_corporate_location: true
can_see_image_url: true
can_see_images: true
can_see_other_account_bank_name:
can_see_other_account_metadata:
can_see_other_account_national_identifier: true
can_see_other_account_number: true
can_see_other_account_swift_bic: true
can_see_transaction_amount: true
can_see_transaction_description: true
can_see_transaction_finish_date:
can_see_transaction_other_bank_account:
can_see_transaction_start_date:
can_see_transaction_this_bank_account:
can_see_url: true
can_see_where_tag: true
description: This an optional field. Maximum length is 2000. It can be any characters here.
id: d8839721-ad8f-45dd-9f78-2080414b93f9
is_public: true
provider: ETHEREUM
user:
{
"permissions":[{
"user":{
"id":"5995d6a2-01b3-423c-a173-5481df49bdaf",
"provider":"http://127.0.0.1:8080",
"display_name":"OBP"
},
"views":[{
"id":"123",
"short_name":"short_name",
"description":"description",
"is_public":true,
"alias":"None",
"hide_metadata_if_alias_used":true,
"can_add_comment":true,
"can_add_corporate_location":true,
"can_add_image":true,
"can_add_image_url":true,
"can_add_more_info":true,
"can_add_open_corporates_url":true,
"can_add_physical_location":true,
"can_add_private_alias":true,
"can_add_public_alias":true,
"can_add_tag":true,
"can_add_url":true,
"can_add_where_tag":true,
"can_delete_comment":true,
"can_delete_corporate_location":true,
"can_delete_image":true,
"can_delete_physical_location":true,
"can_delete_tag":true,
"can_delete_where_tag":true,
"can_edit_owner_comment":true,
"can_see_bank_account_balance":true,
"can_see_bank_account_bank_name":true,
"can_see_bank_account_currency":true,
"can_see_bank_account_iban":true,
"can_see_bank_account_label":true,
"can_see_bank_account_national_identifier":true,
"can_see_bank_account_number":true,
"can_see_bank_account_owners":true,
"can_see_bank_account_swift_bic":true,
"can_see_bank_account_type":true,
"can_see_comments":true,
"can_see_corporate_location":true,
"can_see_image_url":true,
"can_see_images":true,
"can_see_more_info":true,
"can_see_open_corporates_url":true,
"can_see_other_account_bank_name":true,
"can_see_other_account_iban":true,
"can_see_other_account_kind":true,
"can_see_other_account_metadata":true,
"can_see_other_account_national_identifier":true,
"can_see_other_account_number":true,
"can_see_other_account_swift_bic":true,
"can_see_owner_comment":true,
"can_see_physical_location":true,
"can_see_private_alias":true,
"can_see_public_alias":true,
"can_see_tags":true,
"can_see_transaction_amount":true,
"can_see_transaction_balance":true,
"can_see_transaction_currency":true,
"can_see_transaction_description":true,
"can_see_transaction_finish_date":true,
"can_see_transaction_metadata":true,
"can_see_transaction_other_bank_account":true,
"can_see_transaction_start_date":true,
"can_see_transaction_this_bank_account":true,
"can_see_transaction_type":true,
"can_see_url":true,
"can_see_where_tag":true
}]
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
- OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
- OBP-50000: Unknown Error.